Jump to content

piyushsangawat

Members
  • Posts

    5
  • Joined

  • Last visited

Reputation

0 Neutral
  1. Thanks. Looks like I have fight my battle on my own :-), Thanks I will learn more.
  2. Attached DDS DDS (Ver_2012-11-20.01) - NTFS_AMD64 Internet Explorer: 9.0.8112.16490Run by pj185009 at 3:44:46 on 2013-07-14Microsoft Windows 7 Professional 6.1.7601.1.1252.91.1033.18.1959.621 [GMT 5.5:30].AV: McAfee VirusScan Enterprise *Disabled/Updated* {ADA629C7-7F48-5689-624A-3B76997E0892}SP: McAfee VirusScan Enterprise Antispyware Module *Disabled/Updated* {16C7C823-5972-5907-58FA-0004E2F9422F}SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}FW: McAfee Host Intrusion Prevention Firewall *Disabled* {959DA8E2-3527-57D1-4915-924367AD4FE9}.============== Running Processes ===============.C:\windows\system32\lsm.exeC:\windows\system32\svchost.exe -k DcomLaunchC:\windows\system32\svchost.exe -k RPCSSC:\windows\System32\svchost.exe -k LocalServiceNetworkRestrictedC:\windows\System32\svchost.exe -k LocalSystemNetworkRestrictedC:\windows\system32\svchost.exe -k netsvcsC:\Program Files\IDT\WDM\STacSV64.exeC:\windows\system32\svchost.exe -k LocalServiceC:\windows\system32\svchost.exe -k NetworkServiceC:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXEC:\windows\system32\WLANExt.exeC:\Program Files\Dell\DW WLAN Card\bcmwltry.exeC:\windows\System32\spoolsv.exeC:\windows\system32\svchost.exe -k LocalServiceNoNetworkC:\windows\system32\taskeng.exeC:\windows\System32\svchost.exe -k NetworkServiceC:\windows\system32\svchost.exe -k AcfXAudioServiceC:\windows\system32\crypserv.exeC:\Program Files (x86)\Juniper Networks\Common Files\dsNcService.exeC:\Program Files\McAfee\Host Intrusion Prevention\FireSvc.exeC:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonationC:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exeC:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exeC:\Program Files\McAfee\DLP\Agent\fcags.exeC:\Program Files (x86)\McAfee\Common Framework\FrameworkService.exeC:\Program Files (x86)\McAfee\VirusScan Enterprise\VsTskMgr.exeC:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exeC:\windows\system32\mfevtps.exeC:\Program Files (x86)\McAfee\VirusScan Enterprise\mfeann.exeC:\windows\system32\svchost.exe -k regsvcC:\windows\system32\svchost.exe -k imgsvcC:\Program Files (x86)\McAfee\Common Framework\naPrdMgr.exeC:\Program Files\McAfee\DLP\Agent\fcagswd.exeC:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXEC:\windows\SysWOW64\CCM\CcmExec.exeC:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exeC:\Program Files\Dell\Dell System Manager\DCPSysMgrSvc.exeC:\Program Files\Common Files\McAfee\SystemCore\mcshield.exeC:\Program Files\Common Files\McAfee\SystemCore\mfefire.exeC:\windows\system32\msiexec.exeC:\windows\system32\wbem\wmiprvse.exeC:\windows\system32\svchost.exe -k NetworkServiceNetworkRestrictedC:\windows\sysWOW64\wbem\wmiprvse.exeC:\windows\sysWOW64\wbem\wmiprvse.exeC:\windows\system32\wbem\WmiApSrv.exeC:\windows\system32\wbem\wmiprvse.exeC:\windows\sysWOW64\wbem\wmiprvse.exeC:\windows\system32\taskhost.exeC:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exeC:\windows\Explorer.EXEC:\Windows\System32\igfxtray.exeC:\Windows\System32\hkcmd.exeC:\Windows\System32\igfxpers.exeC:\Program Files\IDT\WDM\sttray64.exeC:\Program Files\DellTPad\Apoint.exeC:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exeC:\Program Files\Dell\DW WLAN Card\WLTRAY.EXEC:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXEC:\Program Files (x86)\Microsoft Lync\communicator.exeC:\Program Files (x86)\McAfee\Common Framework\UdaterUI.exeC:\Program Files (x86)\McAfee\Common Framework\UdaterUI.exeC:\Program Files (x86)\McAfee\VirusScan Enterprise\shstat.exeC:\Program Files\DellTPad\ApMsgFwd.exeC:\Program Files\DellTPad\Apntex.exeC:\Program Files\DellTPad\HidFind.exeC:\Program Files\Dell\Dell System Manager\DCPSysMgr.exeC:\Windows\system32\igfxext.exeC:\windows\sysWOW64\wbem\wmiprvse.exeC:\windows\system32\SearchIndexer.exeC:\windows\system32\SearchProtocolHost.exeC:\windows\system32\SearchFilterHost.exeC:\Program Files\McAfee\DLP\Agent\fcag.exeC:\NCRAPPS\UTILS\MAKECONN.EXEC:\Program Files\McAfee\DLP\Agent\FCAGTE.EXEC:\Program Files\McAfee\DLP\Agent\FCAGTE.EXEC:\Program Files\McAfee\DLP\Agent\FCAGTE.EXEC:\windows\sysWOW64\wbem\wmiprvse.exeC:\Program Files (x86)\Microsoft Lync\UcMapi.exeC:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exeC:\windows\system32\sppsvc.exeC:\windows\System32\cscript.exe.============== Pseudo HJT Report ===============.uStart Page = about:blankmStart Page = about:blankuProxyOverride = <local>BHO: Octh Class: {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Program Files (x86)\Orbitdownloader\orbitcth.dllBHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dllBHO: Lync Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Lync\OCHelper.dllBHO: scriptproxy: {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20130608145644.dllBHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dllBHO: WebEx Productivity Tools: {90E2BA2E-DD1B-4cde-9134-7A8B86D33CA7} - C:\Program Files (x86)\WebEx\Productivity Tools\ptonecli.dllBHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dllBHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLLBHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dllTB: WebEx Productivity Tools: {90E2BA2E-DD1B-4cde-9134-7A8B86D33CA7} - C:\Program Files (x86)\WebEx\Productivity Tools\ptonecli.dllTB: Grab Pro: {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:\Program Files (x86)\Orbitdownloader\GrabPro.dllTB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dlluRun: [OfficeSyncProcess] "C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE"mRun: [Communicator] "C:\Program Files (x86)\Microsoft Lync\communicator.exe" /fromrunkeymRun: [McAfee Tray] C:\Program Files (x86)\McAfee\Common Framework\udaterui.exemRun: [McAfeeUpdaterUI] "C:\Program Files (x86)\McAfee\Common Framework\udaterui.exe" /StartedFromRunKeymRun: [shStatEXE] "C:\Program Files (x86)\McAfee\VirusScan Enterprise\SHSTAT.EXE" /STANDALONEStartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\DELLSY~1.LNK - C:\Program Files\Dell\Dell System Manager\DCPSysMgr.exeuPolicies-Explorer: NoDriveTypeAutoRun = dword:255uPolicies-Explorer: Btn_Home = dword:1uPolicies-Explorer: SpecifyDefaultButtons = dword:1uPolicies-Explorer: Btn_Tools = dword:1uPolicies-Explorer: NoDrives = dword:0mPolicies-Explorer: NoMSAppLogo5ChannelNotify = dword:1mPolicies-Explorer: HideSCAHealth = dword:1mPolicies-Explorer: NoDrives = dword:0mPolicies-Explorer: NoPublishingWizard = dword:1mPolicies-Explorer: NoWebServices = dword:1mPolicies-Explorer: NoDriveTypeAutoRun = dword:255mPolicies-System: ConsentPromptBehaviorAdmin = dword:5mPolicies-System: EnableUIADesktopToggle = dword:0mPolicies-System: dontdisplaylastusername = dword:1mPolicies-System: FilterAdministratorToken = dword:1mPolicies-Windows\System: AllowX-ForestPolicy-and-RUP = dword:1IE: &Download by Orbit - C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll/201IE: &Grab video by Orbit - C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll/204IE: Do&wnload selected by Orbit - C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll/203IE: Down&load all by Orbit - C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll/202IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBC} - C:\Program Files (x86)\Java\jre6\bin\jp2iexp.dllIE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dllIE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Lync\OCHelper.dllIE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dllIE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htmTrusted Zone: adobe.comTrusted Zone: centra.comTrusted Zone: fidelity.comTrusted Zone: macromedia.comTrusted Zone: microsoft.comTrusted Zone: radiantsystems.comTrusted Zone: skillport.comTrusted Zone: skillwsa.comTCP: NameServer = 131.222.10.30 192.127.152.103TCP: Interfaces\{A2D2BB2D-1C8A-4217-872D-8844B344ECE1} : DHCPNameServer = 131.222.10.30 192.127.152.103TCP: Interfaces\{A2D2BB2D-1C8A-4217-872D-8844B344ECE1}\059697573786 : DHCPNameServer = 10.0.0.1Handler: qrev - {9DE24BAC-FC3C-42c4-9FC4-76B3FAFDBD90} - C:\Quest Software\Toad for Oracle\RNetPin.dllSSODL: WebCheck - <orphaned>mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.72\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chromex64-mStart Page = about:blankx64-BHO: scriptproxy: {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20130608145644.dllx64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dllx64-BHO: WebEx Productivity Tools: {90E2BA2E-DD1B-4cde-9134-7A8B86D33CA7} - C:\Program Files (x86)\WebEx\Productivity Tools\ptonecli64.dllx64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dllx64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLLx64-TB: WebEx Productivity Tools: {90E2BA2E-DD1B-4cde-9134-7A8B86D33CA7} - C:\Program Files (x86)\WebEx\Productivity Tools\ptonecli64.dllx64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dllx64-Run: [igfxTray] C:\windows\System32\igfxtray.exex64-Run: [HotKeysCmds] C:\windows\System32\hkcmd.exex64-Run: [Persistence] C:\windows\System32\igfxpers.exex64-Run: [sysTrayApp] C:\Program Files\IDT\WDM\sttray64.exex64-Run: [Apoint] C:\Program Files\DellTPad\Apoint.exex64-Run: [FreeFallProtection] C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exex64-Run: [broadcom Wireless Manager UI] C:\Program Files\Dell\DW WLAN Card\WLTRAY.exex64-Run: [McAfee Host Intrusion Prevention Tray] "C:\Program Files\McAfee\Host Intrusion Prevention\FireTray.exe"x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dllx64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dllx64-IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htmx64-Trusted Zone: adobe.comx64-Trusted Zone: centra.comx64-Trusted Zone: fidelity.comx64-Trusted Zone: macromedia.comx64-Trusted Zone: microsoft.comx64-Trusted Zone: radiant.comx64-Trusted Zone: radiantsystems.comx64-Trusted Zone: skillport.comx64-Trusted Zone: skillwsa.comx64-Handler: qrev - {9DE24BAC-FC3C-42c4-9FC4-76B3FAFDBD90} - <orphaned>x64-Notify: igfxcui - igfxdev.dllx64-SSODL: WebCheck - <orphaned>.============= SERVICES / DRIVERS ===============.R0 mfehidk;McAfee Inc. mfehidk;C:\windows\System32\drivers\mfehidk.sys [2013-6-8 673624]R0 mfewfpk;McAfee Inc. mfewfpk;C:\windows\System32\drivers\mfewfpk.sys [2013-6-8 305536]R0 stdcfltn;Disk Class Filter Driver for Accelerometer;C:\windows\System32\drivers\stdcfltn.sys [2011-12-22 22128]R1 hdlpflt;hdlpflt;C:\windows\System32\drivers\hdlpflt.sys [2013-6-18 128840]R1 hdlpnetf;hdlpnetf;C:\windows\System32\drivers\hdlpnetf.sys [2012-4-1 43848]R1 mfenlfk;McAfee NDIS Light Filter;C:\windows\System32\drivers\mfenlfk.sys [2013-6-18 76224]R2 CipcCdp;Cisco IP Communicator driver for CDP;C:\windows\System32\drivers\CipcCdp.sys [2013-5-27 27392]R3 Acceler;Accelerometer Service;C:\windows\System32\drivers\accelern.sys [2011-12-22 27760]R3 hdlpctrl;hdlpctrl;C:\windows\System32\drivers\hdlpctrl.sys [2012-4-1 37704]R3 hdlpdbk;hdlpdbk;C:\windows\System32\drivers\hdlpdbk.sys [2012-4-1 27976]R3 hdlpevnt;hdlpevnt;C:\windows\System32\drivers\hdlpevnt.sys [2012-4-1 24904]R3 IntcDAud;Intel® Display Audio;C:\windows\System32\drivers\IntcDAud.sys [2011-12-22 317440]R3 MBAMProtector;MBAMProtector;C:\windows\System32\drivers\mbam.sys [2013-7-12 25928]R3 mfeavfk;McAfee Inc. mfeavfk;C:\windows\System32\drivers\mfeavfk.sys [2013-6-8 282736]R3 mfefirek;McAfee Inc. mfefirek;C:\windows\System32\drivers\mfefirek.sys [2013-6-18 496592]R3 SrvHsfHDA;SrvHsfHDA;C:\windows\System32\drivers\VSTAZL6.SYS [2009-7-14 292864]R3 SrvHsfV92;SrvHsfV92;C:\windows\System32\drivers\VSTDPV6.SYS [2009-7-14 1485312]R3 SrvHsfWinac;SrvHsfWinac;C:\windows\System32\drivers\VSTCNXT6.SYS [2009-7-14 740864]S0 PxHlpa64;PxHlpa64;C:\windows\System32\drivers\PxHlpa64.sys [2011-12-22 55856]S3 acfva;acfva;C:\windows\System32\drivers\ACFVA64.sys [2011-12-22 123008]S3 androidusb;Google Device Driver;C:\windows\System32\drivers\wsadb.sys [2013-6-22 40232]S3 BTWAMPFL;BTWAMPFL;C:\windows\System32\drivers\btwampfl.sys [2011-12-22 349736]S3 btwl2cap;Bluetooth L2CAP Service;C:\windows\System32\drivers\btwl2cap.sys [2011-12-22 39464]S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);C:\windows\System32\drivers\ssudbus.sys [2013-5-27 99384]S3 dgcfltr;DGC Filter Driver;C:\windows\System32\drivers\ACFDCP64.sys [2011-12-22 34944]S3 dmvsc;dmvsc;C:\windows\System32\drivers\dmvsc.sys [2010-11-21 71168]S3 FireNfcp;McAfee Inc. FireNfcp;C:\windows\System32\drivers\FireNfcp.sys [2013-6-18 52992]S3 HipShieldK;McAfee Inc. HipShieldK;C:\windows\System32\drivers\HipShieldK.sys [2013-6-18 197576]S3 mferkdet;McAfee Inc. mferkdet;C:\windows\System32\drivers\mferkdet.sys [2013-6-8 101200]S3 mfesmfk;McAfee Inc. mfesmfk;C:\windows\System32\drivers\mfesmfk.sys [2013-6-18 77880]S3 O2MDFRDR;O2MDFRDR;C:\windows\System32\drivers\o2mdfw7x64.sys [2011-1-4 72808]S3 O2MDRRDR;O2MDRRDR;C:\windows\System32\drivers\O2MDRw7x64.sys [2011-1-4 74984]S3 O2SDJRDR;O2SDJRDR;C:\windows\System32\drivers\o2sdjw7x64.sys [2011-3-24 83560]S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);C:\windows\System32\drivers\ssudmdm.sys [2013-5-27 203320].=============== Created Last 30 ================.2013-07-12 17:15:09 -------- d-----w- C:\avast! sandbox2013-07-12 05:42:29 25928 ----a-w- C:\windows\System32\drivers\mbam.sys2013-07-12 05:42:28 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware2013-07-12 05:19:20 -------- d-----w- C:\ProgramData\Malwarebytes' Anti-Malware (portable)2013-07-12 04:59:29 -------- d-----w- C:\$RECYCLE.BIN2013-07-12 04:45:34 98816 ----a-w- C:\windows\sed.exe2013-07-12 04:45:34 256000 ----a-w- C:\windows\PEV.exe2013-07-12 04:45:34 208896 ----a-w- C:\windows\MBR.exe2013-07-12 04:45:25 -------- d-----w- C:\ComboFix2013-07-11 02:48:43 -------- d-----w- C:\Users\pj185009\AppData\Roaming\Malwarebytes2013-07-11 02:48:25 -------- d-----w- C:\ProgramData\Malwarebytes2013-07-10 17:26:41 -------- d-s---w- C:\windows\SysWow64\Microsoft2013-07-10 13:13:26 -------- d-----w- C:\Program Files\AVAST Software2013-07-10 13:12:15 -------- d-----w- C:\ProgramData\AVAST Software2013-07-10 07:24:10 -------- d--h--w- C:\Users\pj185009\PWWEH2013-07-10 07:08:22 -------- d-----w- C:\Users\pj185009\AppData\Roaming\NVIDIA2013-07-10 05:53:55 751104 ----a-w- C:\windows\System32\win32spl.dll2013-07-10 05:53:54 492544 ----a-w- C:\windows\SysWow64\win32spl.dll2013-07-06 19:24:56 -------- d-----w- C:\ProgramData\Connectify2013-07-06 19:24:55 -------- d-----w- C:\Program Files (x86)\Connectify2013-07-06 19:23:16 -------- d-----w- C:\ProgramData\Package Cache2013-07-06 19:04:34 -------- d-----w- C:\Program Files (x86)\DC-Unlocker2013-07-06 14:36:59 -------- d-----w- C:\mwagui2013-07-06 13:17:41 -------- d-----w- C:\windows\pss2013-07-06 08:55:05 -------- d-----w- C:\ProgramData\Seagate2013-07-06 08:55:05 -------- d-----w- C:\Program Files (x86)\Seagate2013-07-06 08:46:06 -------- d-sh--w- C:\windows\ftpcache2013-07-06 08:10:00 -------- d-----w- C:\Users\pj185009\AppData\Local\Western_Digital2013-07-06 08:04:31 -------- d-----w- C:\ProgramData\Western Digital2013-07-06 08:04:31 -------- d-----w- C:\Program Files\Western Digital2013-07-06 08:03:07 -------- d-----w- C:\Program Files (x86)\Common Files\Western Digital2013-07-06 08:03:06 -------- d-----w- C:\Program Files (x86)\Western Digital2013-07-06 04:27:34 -------- d-----w- C:\Program Files\SAMSUNG2013-07-06 03:44:59 -------- d-----w- C:\Users\pj185009\AppData\Roaming\ProgSense2013-07-06 03:44:55 -------- d-----w- C:\Users\pj185009\AppData\Roaming\GrabPro2013-07-06 03:44:55 -------- d-----w- C:\downloads2013-07-06 03:44:33 -------- d-----w- C:\Program Files (x86)\Orbitdownloader2013-07-04 15:43:54 -------- d-----w- C:\Users\pj185009\AppData\Roaming\miner2013-07-04 15:22:30 -------- d-----w- C:\Quarantine2013-07-04 04:49:33 -------- d--h--w- C:\Users\pj185009\SXGFL2013-06-25 15:34:18 -------- d-----w- C:\Program Files (x86)\Citrix2013-06-25 15:29:57 -------- d-----w- C:\Users\pj185009\AppData\Local\Citrix2013-06-24 05:34:49 -------- d--h--w- C:\windows\AxInstSV2013-06-22 14:00:04 40232 ----a-w- C:\windows\System32\drivers\wsadb.sys2013-06-22 14:00:04 1489704 ----a-w- C:\windows\System32\WdfCoInstaller01007.dll2013-06-22 04:47:18 -------- d-----w- C:\Users\pj185009\mcafee dlp quarantined files2013-06-18 05:45:48 77880 ----a-w- C:\windows\System32\drivers\mfesmfk.sys2013-06-18 05:44:47 128840 ----a-w- C:\windows\System32\drivers\hdlpflt.sys2013-06-18 02:39:25 197576 ----a-w- C:\windows\System32\drivers\HipShieldK.sys2013-06-18 02:39:24 52992 ----a-w- C:\windows\System32\drivers\FireNfcp.sys2013-06-18 02:39:17 496592 ----a-w- C:\windows\System32\drivers\mfefirek.sys2013-06-18 02:39:08 76224 ----a-w- C:\windows\System32\drivers\mfenlfk.sys2013-06-18 02:38:49 -------- d-----w- C:\Program Files\McAfee2013-06-17 09:48:51 1656680 ----a-w- C:\windows\System32\drivers\ntfs.sys2013-06-17 09:48:46 3153920 ----a-w- C:\windows\System32\win32k.sys2013-06-17 09:44:11 983400 ----a-w- C:\windows\System32\drivers\dxgkrnl.sys2013-06-17 09:44:11 265064 ----a-w- C:\windows\System32\drivers\dxgmms1.sys2013-06-17 09:44:11 144384 ----a-w- C:\windows\System32\cdd.dll2013-06-16 10:42:20 -------- d-----w- C:\Users\pj185009\AppData\Local\CutePDF Writer2013-06-16 10:40:30 -------- d-----w- C:\Program Files (x86)\GPLGS2013-06-16 10:34:32 87152 ----a-w- C:\windows\System32\cpwmon64.dll2013-06-16 10:34:29 -------- d-----w- C:\Program Files (x86)\Acro Software2013-06-15 06:59:57 -------- d-----w- C:\Program Files (x86)\VideoLAN.==================== Find3M ====================.2013-06-08 11:10:20 71024 ----a-w- C:\windows\SysWow64\FlashPlayerCPLApp.cpl2013-06-08 11:10:20 691568 ----a-w- C:\windows\SysWow64\FlashPlayerApp.exe2013-06-08 09:26:17 99352 ----a-w- C:\windows\System32\MfeOtlkAddin.dll2013-06-08 09:26:17 10288 ----a-w- C:\windows\System32\drivers\mfeclnk.sys2013-06-08 09:26:17 101200 ----a-w- C:\windows\System32\drivers\mferkdet.sys2013-06-08 09:26:15 75656 ----a-w- C:\windows\SysWow64\MfeOtlkAddin.dll2013-06-08 09:26:15 23112 ----a-w- C:\windows\SysWow64\MFEOtlk.dll2013-06-05 06:30:58 234544 ----a-w- C:\windows\RegBootClean64.exe2013-06-05 06:30:54 181808 ----a-w- C:\windows\RegBootClean.exe2013-05-27 13:50:35 472808 ----a-w- C:\windows\SysWow64\deployJava1.dll2013-05-27 13:39:00 86528 ----a-w- C:\windows\SysWow64\iesysprep.dll2013-05-27 13:39:00 76800 ----a-w- C:\windows\SysWow64\SetIEInstalledDate.exe2013-05-27 13:39:00 74752 ----a-w- C:\windows\SysWow64\RegisterIEPKEYs.exe2013-05-27 13:39:00 74752 ----a-w- C:\windows\SysWow64\iesetup.dll2013-05-27 13:39:00 63488 ----a-w- C:\windows\SysWow64\tdc.ocx2013-05-27 13:39:00 48640 ----a-w- C:\windows\SysWow64\mshtmler.dll2013-05-27 13:39:00 367104 ----a-w- C:\windows\SysWow64\html.iec2013-05-27 13:39:00 23552 ----a-w- C:\windows\SysWow64\licmgr10.dll2013-05-27 13:39:00 161792 ----a-w- C:\windows\SysWow64\msls31.dll2013-05-27 13:39:00 152064 ----a-w- C:\windows\SysWow64\wextract.exe2013-05-27 13:39:00 150528 ----a-w- C:\windows\SysWow64\iexpress.exe2013-05-27 13:39:00 110592 ----a-w- C:\windows\SysWow64\IEAdvpack.dll2013-05-17 03:09:56 2312704 ----a-w- C:\windows\System32\jscript9.dll2013-05-17 03:02:29 1392128 ----a-w- C:\windows\System32\wininet.dll2013-05-17 03:01:13 1494528 ----a-w- C:\windows\System32\inetcpl.cpl2013-05-17 02:56:09 173056 ----a-w- C:\windows\System32\ieUnatt.exe2013-05-17 02:56:00 599040 ----a-w- C:\windows\System32\vbscript.dll2013-05-17 02:51:27 2382848 ----a-w- C:\windows\System32\mshtml.tlb2013-05-16 22:39:39 1800704 ----a-w- C:\windows\SysWow64\jscript9.dll2013-05-16 22:28:26 1129472 ----a-w- C:\windows\SysWow64\wininet.dll2013-05-16 22:27:30 1427968 ----a-w- C:\windows\SysWow64\inetcpl.cpl2013-05-16 22:21:37 142848 ----a-w- C:\windows\SysWow64\ieUnatt.exe2013-05-16 22:20:30 420864 ----a-w- C:\windows\SysWow64\vbscript.dll2013-05-16 22:16:57 2382848 ----a-w- C:\windows\SysWow64\mshtml.tlb.============= FINISH: 3:46:18.38 =============== Let me know if you need attach as well.
  3. I have admin rights on my PC but cant uninstall Mcafee enterprise edition so I went ahead and uninstalled Avast. Thats the option I have, I will run dds and upload required details. Thanks,Piyush
  4. Is it OK if I keep Avast and disable it and re-enable whenever I need it, Its my corporate PC so I cannot uninstall the McAfee. Please suggest so that I can redo dds and post it.
  5. Hi, Last three days I have been struggling hard and trying to save myself have my system formatted and re-install all my work and softwares. I did purchase Malware bytes, Avast antivirus and already have corporate Mcafee on my PC but all in vain. One fine day the pC c drive space reduced from 70 to 55 GB :-( I am nuts..have run Malwarbytes, AVG and it removed few viruses like bit coiner and AutoRun, its much better now but still slow. I did see miner folder and a service nircmd.exe. I deleted that from services. Need your help to fix my PC. attaching DDS logs. Thanks, Piyush DDS.txt Attach.txt
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.