harshjn04

Members
  • Content Count

    19
  • Joined

  • Last visited

Community Reputation

0 Neutral

About harshjn04

  • Rank
    Member
  • Birthday 06/04/1992

Contact Methods

Profile Information

  • Location
    Indore
  1. ok i checked but my battery condition is perfect only it gives the error may b i ll replace my battery as its in warrenty nw
  2. Hello I have a dell laptop with windows 7 Home Basic installed Today when i started my laptop i started getting this error on the battery icon in my taskbar The error says "The battery needs replacement Please replace the battery else the computer will shut down" But on the other hand my battery is charging properly and is working fine So please anybody tell me that what the error actually is and can it harm my battery
  3. okk so we are good to go then thankx once again for your help...!!!
  4. Hey can you guide me with which P2P file sharing program should i now install in my laptop which would be best and safe also tell me about virtual cd image software which will be best...???? Harsh I just updates my laptop as guided by secunia and so nw it says 100% system score Thankx for this
  5. So i reset the system restore but it was on only for C:\ drive (i mean the main System drive of my laptop) For the other two drives i mean D and E it was not not turned on. So should the system restore be on for all my 3 drives or its good with just the main C Drive i already uninstalled the combofix thinking of the warning you always gave me when you want me to run on my lappy..........Can i ask you why combo fix is so dangerous and not for everyday use . i mean i didnt find anything dificult running the tool...?? I made changes in my internet explorer although i dont really use it coz i love firefox....??? do you want a log to Secunia Personal Software Inspector (PSI)...i attached it as an image file and ya i keep my laptop updated always and thankx for all the great help you did to me
  6. Hello, I mostly use windows media player for playing my mp4 and avi videos because i like its theme and all but as i use it and open videos library in the same It happens that my mediaplayer crash most of the time Can anyone help me out with this or may be provide a solution.........????? I have attached an image file that describe the error...!!! :-)
  7. okk so there comes your log The online ESET scan log i attached as a image file. The DDS log is as below : . DDS (Ver_2011-06-03.01) - NTFSAMD64 Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_26 Run by Harsh at 0:38:21 on 2011-06-13 Microsoft Windows 7 Home Basic 6.1.7601.1.1252.91.1033.18.3959.1937 [GMT 5.5:30] . AV: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {86355677-4064-3EA7-ABB3-1B136EB04637} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {3D54B793-665E-3129-9103-206115370C8A} FW: McAfee Firewall *Enabled* {BE0ED752-0A0B-3FFF-80EC-B2269063014C} . ============== Running Processes =============== . C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\system32\atiesrxx.exe C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted c:\Program Files (x86)\Sensible Vision\Fast Access\FAService.exe C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_58afa5ca50c7b5e7\STacSV64.exe C:\Windows\system32\svchost.exe -k LocalService C:\Program Files\Dell\DellDock\DockLogin.exe C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\system32\atieclxx.exe C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE C:\Windows\system32\WLANExt.exe C:\Windows\system32\conhost.exe C:\Program Files\Dell\DW WLAN Card\bcmwltry.exe C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_58afa5ca50c7b5e7\AESTSr64.exe C:\Windows\system32\svchost.exe -k apphost C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files (x86)\Bonjour\mDNSResponder.exe C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe C:\Windows\system32\crypserv.exe C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe C:\Windows\system32\rundll32.exe C:\Windows\SysWOW64\rundll32.exe C:\xampp\mysql\bin\mysqld.exe C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe C:\Windows\system32\taskhost.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files (x86)\Synaptics\Scrybe\Service\ScrybeUpdater.exe C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe C:\Windows\system32\svchost.exe -k iissvcs C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe C:\Program Files\IDT\WDM\sttray64.exe C:\Program Files\Dell\DW WLAN Card\WLTRAY.EXE C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files (x86)\Internet Download Manager\IDMan.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files (x86)\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Program Files\mcafee.com\agent\mcagent.exe C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayMon.exe C:\Program Files (x86)\Common Files\Nokia\MPlatform\NokiaMServer.exe C:\Program Files (x86)\iTunes\iTunesHelper.exe C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\system32\svchost.exe -k bthsvcs C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayAlert.exe C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe C:\Program Files (x86)\WordWeb\wweb32.exe C:\Windows\system32\SearchIndexer.exe C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files (x86)\Synaptics\Scrybe\scrybe.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe C:\Program Files (x86)\Common Files\Nokia\NoA\nokiaaserver.exe C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe C:\Program Files (x86)\Nero\Update\NASvc.exe C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe C:\Windows\System32\svchost.exe -k secsvcs C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Program Files (x86)\PC Connectivity Solution\Transports\NclUSBSrv64.exe C:\Program Files (x86)\PC Connectivity Solution\Transports\NclRSSrv.exe C:\Program Files (x86)\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe C:\Windows\system32\taskeng.exe C:\Users\Harsh\AppData\Local\Google\Update\GoogleUpdate.exe c:\PROGRA~1\mcafee.com\agent\mcupdate.exe C:\Windows\system32\taskhost.exe C:\Windows\system32\taskhost.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\system32\conhost.exe C:\Windows\SysWOW64\cscript.exe . ============== Pseudo HJT Report =============== . uInternet Settings,ProxyServer = 172.18.1.9:3128 uInternet Settings,ProxyOverride = *.local;10.82.100.100;<local> BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO: McAfee Phishing Filter: {27b4851a-3207-45a2-b947-be8afe6163ab} - c:\progra~1\mcafee\msk\mskapbho.dll BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - C:\PROGRA~2\MICROS~3\Office14\GROOVEEX.DLL BHO: scriptproxy: {7db2d5a0-7241-4e79-b68d-6309f01c5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20110129195304.dll BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO: Windows Live Messenger Companion Helper: {9fdde16b-836f-4806-ab1f-1455cbeff289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll BHO: Skype Plug-In: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll BHO: McAfee SiteAdvisor BHO: {b164e929-a1b6-4a06-b104-2cd0e90a88ff} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - C:\PROGRA~2\MICROS~3\Office14\URLREDIR.DLL BHO: QUICKfind BHO Object: {c08df07a-3e49-4e25-9ab0-d3882835f153} - C:\PROGRA~2\IDM\QUICKF~1\PlugIns\IEHelp.dll BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" BHO: SSOIEAddonBHO Class: {da5bce70-d057-4d63-943d-5f3927ec59f1} - c:\Program Files (x86)\Sensible Vision\Fast Access\FAIESSO.dll BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll BHO: Microsoft Web Test Recorder 10.0 Helper: {dda57003-0068-4ed2-9d32-4d1ec707d94d} - C:\Program Files (x86)\Microsoft Visual Studio 10.0\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll TB: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" uRun: [IDMan] C:\Program Files (x86)\Internet Download Manager\IDMan.exe /onboot uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun uRun: [NokiaOviSuite2] C:\Program Files (x86)\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe -tray mRun: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey mRun: [FATrayAlert] c:\Program Files (x86)\Sensible Vision\Fast Access\FATrayMon.exe mRun: [StartCCC] "c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun mRun: [RoxWatchTray] "C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe" mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime mRun: [NokiaMServer] C:\Program Files (x86)\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" mRun: [Desktop Disc Tool] "C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe" mRun: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2 mRun: [Dell DataSafe Online] C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe mRun: [AdobeCS4ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun: [IAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe mRun: [NBAgent] "C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe" /WinStart mRun: [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe" -osboot mRun: [WordWeb] "C:\Program Files (x86)\WordWeb\wweb32.exe" -startup mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" StartupFolder: C:\Users\Harsh\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\DELLDO~1.LNK - C:\Program Files (x86)\Dell\DellDock\DellDock.exe StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\BLUETO~1.LNK - C:\Program Files (x86)\WIDCOMM\Bluetooth Software\BTTray.exe StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\Scrybe.lnk - C:\Windows\Installer\{13061CAA-0284-4F9A-B460-3D4699575B35}\NewShortcut11_8ACB210B42E44145A8C31F8E3DD765A3.exe mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0) mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3) mPolicies-system: EnableLUA = 0 (0x0) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) mPolicies-system: PromptOnSecureDesktop = 0 (0x0) mPolicies-system: EnableLinkedConnections = 1 (0x1) IE: Download all links with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm IE: Download FLV video content with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetVL.htm IE: Download with IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab DPF: {C1F8FC10-E5DB-4112-9DBF-6C3FF728D4E3} - hxxp://support.dell.com/systemprofiler/DellSystemLite.CAB DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab TCP: DhcpNameServer = 192.168.1.1 TCP: Interfaces\{18D1B905-1D1C-41AF-A6A5-BEE01DCD9CB5} : DhcpNameServer = 192.168.1.1 TCP: Interfaces\{E473D6BD-BD92-4869-BF0B-E022E5F0A0AF}\57461697 : DhcpNameServer = 202.56.224.153 59.144.127.17 Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\McAfee\SITEAD~1\McIEPlg.dll Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\McAfee\SITEAD~1\McIEPlg.dll Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll Notify: FastAccess - c:\Program Files (x86)\Sensible Vision\Fast Access\FALogNot.dll SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - C:\PROGRA~2\MICROS~3\Office14\GROOVEEX.DLL BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO-X64: AcroIEHelperStub - No File BHO-X64: McAfee Phishing Filter: {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\progra~1\mcafee\msk\mskapbho.dll BHO-X64: McAfee Phishing Filter - No File BHO-X64: RealPlayer Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll BHO-X64: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~3\Office14\GROOVEEX.DLL BHO-X64: scriptproxy: {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20110129195304.dll BHO-X64: scriptproxy - No File BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO-X64: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll BHO-X64: Skype Plug-In: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll BHO-X64: SkypeIEPluginBHO - No File BHO-X64: McAfee SiteAdvisor BHO: {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll BHO-X64: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~3\Office14\URLREDIR.DLL BHO-X64: URLRedirectionBHO - No File BHO-X64: QUICKfind BHO Object: {C08DF07A-3E49-4E25-9AB0-D3882835F153} - C:\PROGRA~2\IDM\QUICKF~1\PlugIns\IEHelp.dll BHO-X64: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" BHO-X64: SSOIEAddonBHO Class: {DA5BCE70-D057-4D63-943D-5F3927EC59F1} - c:\Program Files (x86)\Sensible Vision\Fast Access\FAIESSO.dll BHO-X64: SSOIEAddonBHO - No File BHO-X64: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll BHO-X64: Microsoft Web Test Recorder 10.0 Helper: {DDA57003-0068-4ed2-9D32-4D1EC707D94D} - C:\Program Files (x86)\Microsoft Visual Studio 10.0\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll TB-X64: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll TB-X64: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" mRun-x64: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey mRun-x64: [FATrayAlert] c:\Program Files (x86)\Sensible Vision\Fast Access\FATrayMon.exe mRun-x64: [StartCCC] "c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun mRun-x64: [RoxWatchTray] "C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe" mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime mRun-x64: [NokiaMServer] C:\Program Files (x86)\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup mRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" mRun-x64: [Desktop Disc Tool] "C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe" mRun-x64: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2 mRun-x64: [Dell DataSafe Online] C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe mRun-x64: [AdobeCS4ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin mRun-x64: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun-x64: [IAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe mRun-x64: [NBAgent] "C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe" /WinStart mRun-x64: [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe" -osboot mRun-x64: [WordWeb] "C:\Program Files (x86)\WordWeb\wweb32.exe" -startup mRun-x64: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" IE-X64: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm SEH-X64: Groove GFS Stub Execution Hook: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~3\Office14\GROOVEEX.DLL . ================= FIREFOX =================== . FF - ProfilePath - C:\Users\Harsh\AppData\Roaming\Mozilla\Firefox\Profiles\jhvnopzk.default\ FF - prefs.js: browser.search.selectedEngine - Google FF - prefs.js: browser.startup.homepage - hxxp://www.google.co.in/ FF - prefs.js: keyword.URL - hxxp://in.search.yahoo.com/search?fr=mcafee&p= FF - prefs.js: network.proxy.ftp - 172.18.1.9 FF - prefs.js: network.proxy.ftp_port - 3128 FF - prefs.js: network.proxy.gopher - 10.82.90.94 FF - prefs.js: network.proxy.gopher_port - 3128 FF - prefs.js: network.proxy.http - 172.18.1.9 FF - prefs.js: network.proxy.http_port - 3128 FF - prefs.js: network.proxy.socks - 172.18.1.9 FF - prefs.js: network.proxy.socks_port - 3128 FF - prefs.js: network.proxy.ssl - 172.18.1.9 FF - prefs.js: network.proxy.ssl_port - 3128 FF - prefs.js: network.proxy.type - 0 FF - plugin: C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL FF - plugin: C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL FF - plugin: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.0.60310.0\npctrlui.dll FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll FF - plugin: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll FF - plugin: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll FF - plugin: C:\Users\Harsh\AppData\Local\Google\Google Earth\plugin\npgeplugin.dll FF - plugin: C:\Users\Harsh\AppData\Local\Google\Update\1.3.21.57\npGoogleUpdate3.dll FF - plugin: C:\Windows\system32\TVUAx\npTVUAx.dll FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll . ============= SERVICES / DRIVERS =============== . R0 mfehidk;McAfee Inc. mfehidk;C:\Windows\system32\drivers\mfehidk.sys --> C:\Windows\system32\drivers\mfehidk.sys [?] R0 PxHlpa64;PxHlpa64;C:\Windows\system32\Drivers\PxHlpa64.sys --> C:\Windows\system32\Drivers\PxHlpa64.sys [?] R1 mfenlfk;McAfee NDIS Light Filter;C:\Windows\system32\DRIVERS\mfenlfk.sys --> C:\Windows\system32\DRIVERS\mfenlfk.sys [?] R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?] R2 AESTFilters;Andrea ST Filters Service;C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_58afa5ca50c7b5e7\AESTSr64.exe [2010-12-15 89600] R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\system32\atiesrxx.exe --> C:\Windows\system32\atiesrxx.exe [?] R2 DockLoginService;Dock Login Service;C:\Program Files\Dell\DellDock\DockLogin.exe [2010-1-11 155648] R2 FAService;FAService;C:\Program Files (x86)\Sensible Vision\Fast Access\FAService.exe [2010-8-17 2423936] R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-5-28 13336] R2 IDMWFP;IDMWFP;C:\Windows\system32\DRIVERS\idmwfp.sys --> C:\Windows\system32\DRIVERS\idmwfp.sys [?] R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe [2011-1-29 355440] R2 McMPFSvc;McAfee Personal Firewall Service;C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe [2011-1-29 355440] R2 McNaiAnn;McAfee VirusScan Announcer;C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe [2011-1-29 355440] R2 McProxy;McAfee Proxy Service;C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe [2011-1-29 355440] R2 McShield;McShield;C:\Program Files\Common Files\mcafee\systemcore\mcshield.exe [2010-12-15 200056] R2 mfefire;McAfee Firewall Core Service;C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe [2010-12-15 245352] R2 mfevtp;McAfee Validation Trust Protection Service;C:\Program Files\Common Files\mcafee\systemcore\mfevtps.exe [2010-12-15 158832] R2 NAUpdate;Nero Update;C:\Program Files (x86)\Nero\Update\NASvc.exe [2010-3-25 490280] R2 NOBU;Dell DataSafe Online;C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe [2010-8-25 2823000] R2 ScrybeUpdater;Scrybe Updater;C:\Program Files (x86)\Synaptics\Scrybe\Service\ScrybeUpdater.exe [2011-1-14 1294848] R2 SftService;SoftThinks Agent Service;C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe [2010-12-15 689472] R2 TeamViewer6;TeamViewer 6;C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe [2011-4-1 2271608] R2 TurboB;Turbo Boost UI Monitor driver;C:\Windows\system32\DRIVERS\TurboB.sys --> C:\Windows\system32\DRIVERS\TurboB.sys [?] R2 UNS;Intel® Management & Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2010-12-15 2320920] R3 amdkmdag;amdkmdag;C:\Windows\system32\DRIVERS\atikmdag.sys --> C:\Windows\system32\DRIVERS\atikmdag.sys [?] R3 amdkmdap;amdkmdap;C:\Windows\system32\DRIVERS\atikmpag.sys --> C:\Windows\system32\DRIVERS\atikmpag.sys [?] R3 btusbflt;Bluetooth USB Filter;C:\Windows\system32\drivers\btusbflt.sys --> C:\Windows\system32\drivers\btusbflt.sys [?] R3 btwl2cap;Bluetooth L2CAP Service;C:\Windows\system32\DRIVERS\btwl2cap.sys --> C:\Windows\system32\DRIVERS\btwl2cap.sys [?] R3 cfwids;McAfee Inc. cfwids;C:\Windows\system32\drivers\cfwids.sys --> C:\Windows\system32\drivers\cfwids.sys [?] R3 CtClsFlt;Creative Camera Class Upper Filter Driver;C:\Windows\system32\DRIVERS\CtClsFlt.sys --> C:\Windows\system32\DRIVERS\CtClsFlt.sys [?] R3 HECIx64;Intel® Management Engine Interface;C:\Windows\system32\DRIVERS\HECIx64.sys --> C:\Windows\system32\DRIVERS\HECIx64.sys [?] R3 Impcd;Impcd;C:\Windows\system32\DRIVERS\Impcd.sys --> C:\Windows\system32\DRIVERS\Impcd.sys [?] R3 mfeavfk;McAfee Inc. mfeavfk;C:\Windows\system32\drivers\mfeavfk.sys --> C:\Windows\system32\drivers\mfeavfk.sys [?] R3 mfefirek;McAfee Inc. mfefirek;C:\Windows\system32\drivers\mfefirek.sys --> C:\Windows\system32\drivers\mfefirek.sys [?] R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?] R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\system32\DRIVERS\vwifimp.sys --> C:\Windows\system32\DRIVERS\vwifimp.sys [?] S2 Apache2.2;Apache2.2;C:\xampp\apache\bin\httpd.exe [2011-2-16 29416] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576] S2 KMService;KMService;C:\Windows\System32\srvany.exe [2011-1-29 8192] S2 RoxWatch12;Roxio Hard Drive Watcher 12;C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe [2010-9-4 219632] S3 BBSvc;Bing Bar Update Service;C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-2-28 183560] S3 FACAP;facap, FastAccess Video Capture;C:\Windows\system32\DRIVERS\facap.sys --> C:\Windows\system32\DRIVERS\facap.sys [?] S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2011-1-22 1038088] S3 fssfltr;fssfltr;C:\Windows\system32\DRIVERS\fssfltr.sys --> C:\Windows\system32\DRIVERS\fssfltr.sys [?] S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-9-23 1493352] S3 mferkdet;McAfee Inc. mferkdet;C:\Windows\system32\drivers\mferkdet.sys --> C:\Windows\system32\drivers\mferkdet.sys [?] S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2010-3-25 51456888] S3 ose64;Office 64 Source Engine;C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-1-9 174440] S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184] S3 PCDSRVC{1E208CE0-FB7451FF-06020101}_0;PCDSRVC{1E208CE0-FB7451FF-06020101}_0 - PCDR Kernel Mode Service Helper Driver;C:\Program Files\Dell Support Center\pcdsrvc_x64.pkms [2011-5-12 25072] S3 RoxMediaDB12OEM;RoxMediaDB12OEM;C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe [2010-9-4 1116656] S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\Windows\system32\Drivers\RtsUStor.sys --> C:\Windows\system32\Drivers\RtsUStor.sys [?] S3 teamviewervpn;TeamViewer VPN Adapter;C:\Windows\system32\DRIVERS\teamviewervpn.sys --> C:\Windows\system32\DRIVERS\teamviewervpn.sys [?] S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?] S3 TurboBoost;TurboBoost;C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2009-11-2 126352] S3 VSPerfDrv100;Performance Tools Driver 10.0;C:\Program Files (x86)\Microsoft Visual Studio 10.0\Team Tools\Performance Tools\x64\VSPerfDrv100.sys [2010-3-17 68440] S4 McOobeSv;McAfee OOBE Service;C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe [2011-1-29 355440] S4 MSSQLServerADHelper100;SQL Active Directory Helper Service;C:\Program Files\Microsoft SQL Server\100\Shared\sqladhlp.exe [2009-7-22 61976] S4 RsFx0103;RsFx0103 Driver;C:\Windows\system32\DRIVERS\RsFx0103.sys --> C:\Windows\system32\DRIVERS\RsFx0103.sys [?] S4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS);C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [2010-9-17 430424] . =============== Created Last 30 ================ . 2011-06-12 06:58:03 -------- d-----w- C:\Users\Harsh\AppData\Local\{39B3B50D-8E5D-4372-801F-B02608239990} 2011-06-11 14:44:08 -------- d-----w- C:\Users\Harsh\AppData\Local\PackageAware 2011-06-11 04:06:33 8718160 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{5BBC60A5-89E3-4C63-8C18-F8F668BC0812}\mpengine.dll 2011-06-08 15:49:23 -------- d-----w- C:\ProgramData\Microsoft Visual Studio 2011-06-08 15:47:06 -------- d-----w- C:\VBProjects 2011-06-07 11:27:49 -------- d-----w- C:\Users\Harsh\Real Player Videos 2011-06-07 11:19:23 -------- d-----w- C:\Users\Harsh\Other Videos 2011-06-06 14:11:56 -------- d-----w- C:\Users\Harsh\AppData\Roaming\Xilisoft 2011-06-06 14:11:22 -------- d-----w- C:\ProgramData\Xilisoft 2011-06-03 09:24:09 -------- d-----w- C:\Users\Harsh\AppData\Local\assembly 2011-06-02 10:39:55 72536 ----a-w- C:\Windows\SysWow64\perf-MSSQL$SQLEXPRESS-sqlctr10.2.4000.0.dll 2011-06-02 10:39:55 108376 ----a-w- C:\Windows\System32\perf-MSSQL$SQLEXPRESS-sqlctr10.2.4000.0.dll 2011-06-02 10:39:55 105816 ----a-w- C:\Windows\System32\SQSRVRES.DLL 2011-06-02 09:16:57 -------- d-----w- C:\Windows\InstallDir 2011-06-02 08:41:51 -------- d-----w- C:\Users\Harsh\AppData\Local\Broadcom 2011-06-02 08:40:49 98344 ----a-w- C:\Windows\System32\drivers\btwaudio.sys 2011-06-02 08:40:49 35104 ----a-w- C:\Windows\System32\drivers\btwl2cap.sys 2011-06-02 08:40:49 21160 ----a-w- C:\Windows\System32\drivers\btwrchid.sys 2011-06-02 08:40:49 132648 ----a-w- C:\Windows\System32\drivers\btwavdt.sys 2011-06-02 07:24:41 232480 ----a-w- C:\Windows\System32\drivers\RtsUStor.sys 2011-06-02 07:24:40 7367200 ----a-w- C:\Windows\SysWow64\RtsUStoricon.dll 2011-06-02 07:24:40 422432 ----a-w- C:\Windows\System32\RtsUStor.dll 2011-06-02 06:23:05 -------- d-----w- C:\Users\Harsh\AppData\Local\{DD199D1D-206F-44C9-8531-7398015C2DDA} 2011-06-02 06:22:50 -------- d-----w- C:\Users\Harsh\AppData\Local\{BFF80D5C-AD42-4D37-8A0F-CC5F9DC0A868} 2011-06-01 14:51:34 -------- d-----w- C:\Program Files (x86)\Common Files\xing shared 2011-06-01 14:51:08 499712 ----a-w- C:\Windows\SysWow64\msvcp71.dll 2011-06-01 13:42:59 -------- d-----w- C:\Users\Harsh\AppData\Local\NokiaAccount 2011-06-01 12:33:44 -------- d-----w- C:\Users\Harsh\AppData\Local\Nero 2011-06-01 12:31:50 -------- d-----w- C:\Users\Harsh\AppData\Local\Nero_AG 2011-06-01 12:07:34 -------- d-----w- C:\ProgramData\Nero 2011-06-01 12:06:48 -------- d-----w- C:\Program Files (x86)\Nero 2011-06-01 11:07:39 -------- d-----w- C:\Users\Harsh\AppData\Local\WinZip 2011-06-01 09:57:56 -------- d-----w- C:\ProgramData\SpeedBit 2011-05-30 04:40:16 -------- d-----w- C:\Users\Harsh\AppData\Local\Apple 2011-05-30 04:26:38 -------- d-----w- C:\Users\Harsh\AppData\Roaming\Microsoft Corporation 2011-05-30 04:14:46 78872 ----a-w- C:\Windows\System32\perf-SQLAgent$SQLEXPRESS-sqlagtctr10.1.2531.0.dll 2011-05-30 04:14:46 50200 ----a-w- C:\Windows\SysWow64\perf-SQLAgent$SQLEXPRESS-sqlagtctr10.1.2531.0.dll 2011-05-30 04:14:01 -------- d-----w- C:\Windows\System32\RsFx 2011-05-30 04:08:44 -------- d-----w- C:\Program Files\Microsoft SQL Server 2011-05-30 04:08:25 -------- d-----w- C:\Program Files (x86)\Microsoft SQL Server 2011-05-30 04:07:51 -------- d-----w- C:\Program Files (x86)\Microsoft Synchronization Services 2011-05-30 04:06:25 -------- d-----w- C:\ProgramData\PreEmptive Solutions 2011-05-30 04:01:49 -------- d-----w- C:\Program Files (x86)\Microsoft ASP.NET 2011-05-30 04:01:45 -------- d-----w- C:\Program Files\IIS 2011-05-30 04:01:45 -------- d-----w- C:\Program Files (x86)\IIS 2011-05-30 04:01:13 2478272 ----a-w- C:\ProgramData\Microsoft\VisualStudio\10.0\1033\ResourceCache.dll 2011-05-30 03:49:02 -------- d-----w- C:\Windows\SysWow64\1033 2011-05-30 03:48:13 -------- d-----w- C:\Program Files (x86)\Microsoft Visual Studio 10.0 2011-05-30 03:48:13 -------- d-----w- C:\Program Files (x86)\Microsoft F# 2011-05-30 03:48:13 -------- d-----w- C:\Program Files (x86)\HTML Help Workshop 2011-05-30 03:48:13 -------- d-----w- C:\Program Files (x86)\Common Files\Merge Modules 2011-05-30 03:43:17 -------- d-----w- C:\Windows\System32\1033 2011-05-30 03:43:16 -------- d-----w- C:\Program Files\Microsoft Visual Studio 10.0 2011-05-30 03:43:16 -------- d-----w- C:\Program Files\Microsoft Help Viewer 2011-05-29 05:55:45 -------- d-----w- C:\Program Files (x86)\Common Files\Real 2011-05-28 11:01:58 -------- d-----w- C:\ProgramData\Citrix 2011-05-28 11:00:51 -------- d-----w- C:\Users\Harsh\AppData\Local\Citrix 2011-05-28 11:00:21 -------- d-----w- C:\Users\Harsh\AppData\Local\Deployment 2011-05-28 09:36:39 -------- d-----w- C:\Program Files\Microsoft Synchronization Services 2011-05-28 09:36:01 -------- d-----w- C:\Program Files\Microsoft SQL Server Compact Edition 2011-05-28 09:33:43 -------- d-----w- C:\Program Files (x86)\Microsoft Visual Studio 8 2011-05-28 09:32:16 -------- d-----w- C:\Program Files\Microsoft Analysis Services 2011-05-28 09:32:16 -------- d-----w- C:\Program Files (x86)\Microsoft Analysis Services 2011-05-28 09:32:02 -------- d-----w- C:\Windows\SHELLNEW 2011-05-28 09:23:06 -------- d-----w- C:\Program Files (x86)\Realtek 2011-05-28 08:41:20 -------- d-----w- C:\ProgramData\CrypKey 2011-05-28 08:41:05 28664 ----a-w- C:\Windows\System32\Ckldrv.sys 2011-05-28 08:41:05 122880 ----a-w- C:\Windows\System32\Crypserv.exe 2011-05-28 08:41:04 27648 ----a-r- C:\Windows\Setup_ck.exe 2011-05-28 08:41:04 18432 ----a-w- C:\Windows\Setup_ck.dll 2011-05-28 08:41:04 165888 ----a-w- C:\Windows\Ckconfig.exe 2011-05-28 08:41:04 11776 ----a-w- C:\Windows\Ckrfresh.exe 2011-05-28 08:21:19 -------- d-----w- C:\Users\Harsh\AppData\Roaming\Intel Corporation 2011-05-28 08:11:29 -------- d-----w- C:\Program Files\Dell Support Center 2011-05-28 06:37:29 -------- d-----w- C:\Users\Harsh\AppData\Local\Apps 2011-05-28 06:17:57 7367200 ----a-w- C:\Windows\System32\RTSUSTORicon.dll 2011-05-28 06:02:51 27520 ----a-w- C:\Windows\System32\drivers\Diskdump.sys 2011-05-28 05:55:51 -------- d-----w- C:\Windows\SysWow64\vmm32 2011-05-27 08:08:25 -------- d-----w- C:\Program Files\WIDCOMM 2011-05-27 08:05:14 45056 ----a-r- C:\Users\Harsh\AppData\Roaming\Microsoft\Installer\{42929F0F-CE14-47AF-9FC7-FF297A603021}\NewShortcut1_42929F0FCE1447AF9FC7FF297A603021_1.exe 2011-05-24 05:22:20 -------- d-----w- C:\Users\Harsh\AppData\Local\Apple Computer 2011-05-23 05:19:59 -------- d-----w- C:\Users\Harsh\AppData\Local\ATI 2011-05-21 22:11:57 286720 ----a-w- C:\Windows\iun506.exe 2011-05-21 22:11:50 -------- d-----w- C:\Program Files (x86)\Chess3D 2011-05-21 15:10:35 142336 ----a-w- C:\Windows\System32\poqexec.exe 2011-05-21 15:10:35 123904 ----a-w- C:\Windows\SysWow64\poqexec.exe 2011-05-21 14:42:56 5562240 ----a-w- C:\Windows\System32\ntoskrnl.exe 2011-05-21 14:42:55 3967872 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe 2011-05-21 14:42:55 3912576 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe . ==================== Find3M ==================== . 2011-06-12 13:26:03 472808 ----a-w- C:\Windows\SysWow64\deployJava1.dll 2011-05-21 15:10:00 404640 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl 2011-04-13 22:40:10 4284416 ----a-w- C:\Windows\SysWow64\GPhotos.scr 2011-03-31 05:04:40 43680 ----a-w- C:\Windows\System32\drivers\lirsgt.sys 2011-03-31 05:04:40 314016 ----a-w- C:\Windows\System32\drivers\atksgt.sys 2011-03-23 10:23:09 175616 ----a-w- C:\Windows\System32\msclmd.dll 2011-03-23 10:23:09 152576 ----a-w- C:\Windows\SysWow64\msclmd.dll 2011-03-21 07:52:06 74272 ----a-w- C:\Windows\System32\RtNicProp64.dll 2011-03-21 07:52:06 452200 ----a-w- C:\Windows\System32\drivers\Rt64win7.sys 2011-03-21 07:52:06 107552 ----a-w- C:\Windows\System32\RTNUninst64.dll . ============= FINISH: 0:39:51.67 =============== so wats next...???
  8. Hey i posted my new combo fix log in the previous post and updated my java too nw that eset online scanner is taking a hell lot of a time it must have scanned more than 50 lack files but no threats were detected do you think i should make a full scan still..........if you say so i will do and if you dont i will just post my DDS log...!!!
  9. so here is your new log from ComboFix : ComboFix 11-06-11.01 - Harsh 12-06-2011 18:31:39.2.4 - x64 Microsoft Windows 7 Home Basic 6.1.7601.1.1252.91.1033.18.3959.2169 [GMT 5.5:30] Running from: c:\users\Harsh\Desktop\ComboFix.exe Command switches used :: c:\users\Harsh\Desktop\CFScript.txt AV: McAfee Anti-Virus and Anti-Spyware *Disabled/Outdated* {86355677-4064-3EA7-ABB3-1B136EB04637} FW: McAfee Firewall *Enabled* {BE0ED752-0A0B-3FFF-80EC-B2269063014C} SP: McAfee Anti-Virus and Anti-Spyware *Disabled/Outdated* {3D54B793-665E-3129-9103-206115370C8A} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\users\Harsh\AppData\Roaming\FFSJ c:\users\Harsh\AppData\Roaming\FFSJ\FFSJ.cfg . . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . . -------\Service_uTorrentService . . ((((((((((((((((((((((((( Files Created from 2011-05-12 to 2011-06-12 ))))))))))))))))))))))))))))))) . . 2011-06-12 13:09 . 2011-06-12 13:09 -------- d-----w- c:\users\Default\AppData\Local\temp 2011-06-12 06:58 . 2011-06-12 06:58 -------- d-----w- c:\users\Harsh\AppData\Local\{39B3B50D-8E5D-4372-801F-B02608239990} 2011-06-11 14:44 . 2011-06-11 14:44 -------- d-----w- c:\users\Harsh\AppData\Local\PackageAware 2011-06-11 04:06 . 2011-05-09 22:00 8718160 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{5BBC60A5-89E3-4C63-8C18-F8F668BC0812}\mpengine.dll 2011-06-08 15:49 . 2011-06-08 15:49 -------- d-----w- c:\programdata\Microsoft Visual Studio 2011-06-08 15:47 . 2011-06-08 16:22 -------- d-----w- C:\VBProjects 2011-06-07 11:27 . 2011-06-07 11:27 -------- d-----w- c:\users\Harsh\Real Player Videos 2011-06-07 11:19 . 2011-06-09 16:48 -------- d-----w- c:\users\Harsh\Other Videos 2011-06-06 14:11 . 2011-06-06 14:11 -------- d-----w- c:\users\Harsh\AppData\Roaming\Xilisoft 2011-06-06 14:11 . 2011-06-06 14:11 -------- d-----w- c:\programdata\Xilisoft 2011-06-03 09:24 . 2011-06-03 09:24 -------- d-----w- c:\users\Harsh\AppData\Local\assembly 2011-06-02 10:39 . 2010-09-17 07:05 105816 ----a-w- c:\windows\system32\SQSRVRES.DLL 2011-06-02 10:39 . 2010-09-17 07:03 108376 ----a-w- c:\windows\system32\perf-MSSQL$SQLEXPRESS-sqlctr10.2.4000.0.dll 2011-06-02 10:39 . 2010-09-17 04:46 72536 ----a-w- c:\windows\SysWow64\perf-MSSQL$SQLEXPRESS-sqlctr10.2.4000.0.dll 2011-06-02 10:38 . 2011-06-02 10:38 -------- d-----w- c:\program files\Microsoft.NET 2011-06-02 09:16 . 2011-06-11 14:01 -------- d-----w- c:\windows\InstallDir 2011-06-02 08:41 . 2011-06-02 08:41 -------- d-----w- c:\users\Harsh\AppData\Local\Broadcom 2011-06-02 08:40 . 2009-07-15 09:26 98344 ----a-w- c:\windows\system32\drivers\btwaudio.sys 2011-06-02 08:40 . 2009-07-15 09:26 35104 ----a-w- c:\windows\system32\drivers\btwl2cap.sys 2011-06-02 08:40 . 2009-07-15 09:26 132648 ----a-w- c:\windows\system32\drivers\btwavdt.sys 2011-06-02 08:40 . 2009-07-15 09:26 21160 ----a-w- c:\windows\system32\drivers\btwrchid.sys 2011-06-02 07:24 . 2009-11-11 09:41 232480 ----a-w- c:\windows\system32\drivers\RtsUStor.sys 2011-06-02 07:24 . 2009-11-11 09:41 7367200 ----a-w- c:\windows\SysWow64\RtsUStoricon.dll 2011-06-02 07:24 . 2009-11-11 09:41 422432 ----a-w- c:\windows\system32\RtsUStor.dll 2011-06-02 06:23 . 2011-06-02 06:23 -------- d-----w- c:\users\Harsh\AppData\Local\{DD199D1D-206F-44C9-8531-7398015C2DDA} 2011-06-02 06:22 . 2011-06-02 06:22 -------- d-----w- c:\users\Harsh\AppData\Local\{BFF80D5C-AD42-4D37-8A0F-CC5F9DC0A868} 2011-06-01 14:51 . 2011-06-01 14:51 -------- d-----w- c:\program files (x86)\Common Files\xing shared 2011-06-01 14:51 . 2011-06-01 14:51 499712 ----a-w- c:\windows\SysWow64\msvcp71.dll 2011-06-01 13:42 . 2011-06-01 13:42 -------- d-----w- c:\users\Harsh\AppData\Local\NokiaAccount 2011-06-01 12:33 . 2011-06-01 12:34 -------- d-----w- c:\users\Harsh\AppData\Local\Nero 2011-06-01 12:25 . 2011-06-01 12:25 -------- d-----w- c:\users\Harsh\AppData\Roaming\Nero 2011-06-01 12:07 . 2011-06-01 12:14 -------- d-----w- c:\programdata\Nero 2011-06-01 12:06 . 2011-06-01 12:07 -------- d-----w- c:\program files (x86)\Common Files\Nero 2011-06-01 12:06 . 2011-06-01 12:14 -------- d-----w- c:\program files (x86)\Nero 2011-06-01 11:07 . 2011-06-01 11:14 -------- d-----w- c:\users\Harsh\AppData\Local\WinZip 2011-06-01 09:57 . 2011-06-11 15:28 -------- d-----w- c:\programdata\SpeedBit 2011-05-30 04:40 . 2011-05-30 04:40 -------- d-----w- c:\users\Harsh\AppData\Local\Apple 2011-05-30 04:26 . 2011-05-30 04:26 -------- d-----w- c:\users\Harsh\AppData\Roaming\Microsoft Corporation 2011-05-30 04:14 . 2009-07-22 08:17 78872 ----a-w- c:\windows\system32\perf-SQLAgent$SQLEXPRESS-sqlagtctr10.1.2531.0.dll 2011-05-30 04:14 . 2009-07-22 08:17 50200 ----a-w- c:\windows\SysWow64\perf-SQLAgent$SQLEXPRESS-sqlagtctr10.1.2531.0.dll 2011-05-30 04:14 . 2011-05-30 04:14 -------- d-----w- c:\windows\system32\RsFx 2011-05-30 04:13 . 2011-05-30 04:13 -------- d-----w- c:\program files\Microsoft Visual Studio 9.0 2011-05-30 04:08 . 2011-06-02 10:37 -------- d-----w- c:\program files\Microsoft SQL Server 2011-05-30 04:08 . 2011-06-02 10:37 -------- d-----w- c:\program files (x86)\Microsoft SQL Server 2011-05-30 04:07 . 2011-05-30 04:07 -------- d-----w- c:\program files (x86)\Microsoft Synchronization Services 2011-05-30 04:06 . 2011-05-30 04:06 -------- d-----w- c:\programdata\PreEmptive Solutions 2011-05-30 04:01 . 2011-05-30 04:01 -------- d-----w- c:\program files (x86)\Microsoft ASP.NET 2011-05-30 04:01 . 2011-05-30 04:01 -------- d-----w- c:\program files\IIS 2011-05-30 04:01 . 2011-05-30 04:01 -------- d-----w- c:\program files (x86)\IIS 2011-05-30 04:01 . 2011-06-02 06:43 2478272 ----a-w- c:\programdata\Microsoft\VisualStudio\10.0\1033\ResourceCache.dll 2011-05-30 03:49 . 2011-05-30 04:13 -------- d-----w- c:\windows\SysWow64\1033 2011-05-30 03:48 . 2011-06-02 06:37 -------- d-----w- c:\program files (x86)\Common Files\Merge Modules 2011-05-30 03:48 . 2011-05-30 04:06 -------- d-----w- c:\program files (x86)\Microsoft Visual Studio 10.0 2011-05-30 03:48 . 2011-05-30 03:55 -------- d-----w- c:\program files (x86)\Microsoft F# 2011-05-30 03:48 . 2011-05-30 03:50 -------- d-----w- c:\program files (x86)\HTML Help Workshop 2011-05-30 03:43 . 2011-05-30 03:43 -------- d-----w- c:\program files (x86)\Microsoft Visual Studio 9.0 2011-05-30 03:43 . 2011-05-30 04:13 -------- d-----w- c:\windows\system32\1033 2011-05-30 03:43 . 2011-05-30 03:43 -------- d-----w- c:\windows\symbols 2011-05-30 03:43 . 2011-05-30 04:08 -------- d-----w- c:\program files\Microsoft Visual Studio 10.0 2011-05-30 03:43 . 2011-05-30 04:08 -------- d-----w- c:\program files (x86)\Microsoft SDKs 2011-05-30 03:43 . 2011-05-30 03:43 -------- d-----w- c:\program files\Microsoft Help Viewer 2011-05-29 05:55 . 2011-06-01 14:51 -------- d-----w- c:\program files (x86)\Common Files\Real 2011-05-29 05:55 . 2011-06-01 14:51 -------- d-----w- c:\program files (x86)\Real 2011-05-28 11:01 . 2011-05-28 11:01 -------- d-----w- c:\programdata\Citrix 2011-05-28 11:00 . 2011-05-28 11:00 -------- d-----w- c:\users\Harsh\AppData\Local\Citrix 2011-05-28 11:00 . 2011-06-03 09:24 -------- d-----w- c:\users\Harsh\AppData\Local\Deployment 2011-05-28 09:36 . 2011-05-28 09:36 -------- d-----w- c:\program files\Microsoft Synchronization Services 2011-05-28 09:36 . 2011-05-28 09:36 -------- d-----w- c:\program files\Microsoft Sync Framework 2011-05-28 09:36 . 2011-05-28 09:36 -------- d-----w- c:\program files\Microsoft SQL Server Compact Edition 2011-05-28 09:33 . 2011-05-28 09:33 -------- d-----w- c:\program files (x86)\Microsoft Visual Studio 8 2011-05-28 09:32 . 2011-05-28 09:32 -------- d-----w- c:\program files\Microsoft Analysis Services 2011-05-28 09:32 . 2011-05-28 09:32 -------- d-----w- c:\program files (x86)\Microsoft Analysis Services 2011-05-28 09:32 . 2011-05-28 09:37 -------- d-----w- c:\windows\SHELLNEW 2011-05-28 09:31 . 2011-05-28 09:31 -------- d-----r- C:\MSOCache 2011-05-28 08:41 . 2011-05-28 08:41 -------- d-----w- c:\programdata\CrypKey 2011-05-28 08:41 . 2008-05-07 23:29 122880 ----a-w- c:\windows\system32\Crypserv.exe 2011-05-28 08:41 . 2008-03-17 17:12 28664 ----a-w- c:\windows\system32\Ckldrv.sys 2011-05-28 08:41 . 1999-06-18 20:49 165888 ----a-w- c:\windows\Ckconfig.exe 2011-05-28 08:41 . 1996-05-03 16:21 27648 ----a-r- c:\windows\Setup_ck.exe 2011-05-28 08:41 . 1996-05-03 14:36 18432 ----a-w- c:\windows\Setup_ck.dll 2011-05-28 08:41 . 1995-07-04 17:33 11776 ----a-w- c:\windows\Ckrfresh.exe 2011-05-28 08:21 . 2011-05-28 08:21 -------- d-----w- c:\users\Harsh\AppData\Roaming\Intel Corporation 2011-05-28 08:11 . 2011-06-10 05:30 -------- d-----w- c:\program files\Dell Support Center 2011-05-28 06:45 . 2011-05-28 06:45 -------- d-----w- c:\users\Harsh\AppData\Roaming\InstallShield 2011-05-28 06:37 . 2011-05-28 06:37 -------- d-----w- c:\users\Harsh\AppData\Local\Apps 2011-05-28 06:17 . 2009-11-11 09:41 7367200 ----a-w- c:\windows\system32\RTSUSTORicon.dll 2011-05-28 06:02 . 2011-04-22 22:15 27520 ----a-w- c:\windows\system32\drivers\Diskdump.sys 2011-05-28 05:55 . 2011-05-28 05:55 -------- d-----w- c:\windows\SysWow64\vmm32 2011-05-27 08:08 . 2011-05-27 08:08 -------- d-----w- c:\program files\WIDCOMM 2011-05-27 08:05 . 2011-05-28 05:55 45056 ----a-r- c:\users\Harsh\AppData\Roaming\Microsoft\Installer\{42929F0F-CE14-47AF-9FC7-FF297A603021}\NewShortcut1_42929F0FCE1447AF9FC7FF297A603021_1.exe 2011-05-24 05:22 . 2011-05-24 13:29 -------- d-----w- c:\users\Harsh\AppData\Local\Apple Computer 2011-05-23 05:19 . 2011-05-23 05:19 -------- d-----w- c:\users\Harsh\AppData\Local\ATI 2011-05-21 22:11 . 2011-05-21 22:11 286720 ----a-w- c:\windows\iun506.exe 2011-05-21 22:11 . 2011-05-21 22:14 -------- d-----w- c:\program files (x86)\Chess3D 2011-05-21 15:10 . 2011-04-09 06:58 142336 ----a-w- c:\windows\system32\poqexec.exe 2011-05-21 15:10 . 2011-04-09 05:56 123904 ----a-w- c:\windows\SysWow64\poqexec.exe 2011-05-21 14:42 . 2011-04-09 07:02 5562240 ----a-w- c:\windows\system32\ntoskrnl.exe 2011-05-21 14:42 . 2011-04-09 06:02 3967872 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe 2011-05-21 14:42 . 2011-04-09 06:02 3912576 ----a-w- c:\windows\SysWow64\ntoskrnl.exe . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2011-05-21 15:10 . 2011-04-08 02:15 404640 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl 2011-05-05 16:10 . 2011-05-05 16:10 86528 ----a-w- c:\windows\SysWow64\iesysprep.dll 2011-05-05 16:10 . 2011-05-05 16:10 76800 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe 2011-05-05 16:10 . 2011-05-05 16:10 74752 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe 2011-05-05 16:10 . 2011-05-05 16:10 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll 2011-05-05 16:10 . 2011-05-05 16:10 1797632 ----a-w- c:\windows\SysWow64\jscript9.dll 2011-05-05 16:10 . 2011-05-05 16:10 161792 ----a-w- c:\windows\SysWow64\msls31.dll 2011-05-05 16:10 . 2011-05-05 16:10 1126912 ----a-w- c:\windows\SysWow64\wininet.dll 2011-05-05 16:10 . 2011-05-05 16:10 110592 ----a-w- c:\windows\SysWow64\IEAdvpack.dll 2011-05-05 16:10 . 2011-05-05 16:10 74752 ----a-w- c:\windows\SysWow64\iesetup.dll 2011-05-05 16:10 . 2011-05-05 16:10 63488 ----a-w- c:\windows\SysWow64\tdc.ocx 2011-05-05 16:10 . 2011-05-05 16:10 420864 ----a-w- c:\windows\SysWow64\vbscript.dll 2011-05-05 16:10 . 2011-05-05 16:10 367104 ----a-w- c:\windows\SysWow64\html.iec 2011-05-05 16:10 . 2011-05-05 16:10 23552 ----a-w- c:\windows\SysWow64\licmgr10.dll 2011-05-05 16:10 . 2011-05-05 16:10 152064 ----a-w- c:\windows\SysWow64\wextract.exe 2011-05-05 16:10 . 2011-05-05 16:10 150528 ----a-w- c:\windows\SysWow64\iexpress.exe 2011-05-05 16:10 . 2011-05-05 16:10 1427456 ----a-w- c:\windows\SysWow64\inetcpl.cpl 2011-05-05 16:10 . 2011-05-05 16:10 35840 ----a-w- c:\windows\SysWow64\imgutil.dll 2011-05-05 16:10 . 2011-05-05 16:10 2382848 ----a-w- c:\windows\SysWow64\mshtml.tlb 2011-05-05 16:10 . 2011-05-05 16:10 142848 ----a-w- c:\windows\SysWow64\ieUnatt.exe 2011-05-05 16:10 . 2011-05-05 16:10 11776 ----a-w- c:\windows\SysWow64\mshta.exe 2011-05-05 16:10 . 2011-05-05 16:10 101888 ----a-w- c:\windows\SysWow64\admparse.dll 2011-05-05 16:10 . 2011-05-05 16:10 89088 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe 2011-05-05 16:10 . 2011-05-05 16:10 222208 ----a-w- c:\windows\system32\msls31.dll 2011-05-05 16:10 . 2011-05-05 16:10 1389056 ----a-w- c:\windows\system32\wininet.dll 2011-05-05 16:10 . 2011-05-05 16:10 91648 ----a-w- c:\windows\system32\SetIEInstalledDate.exe 2011-05-05 16:10 . 2011-05-05 16:10 85504 ----a-w- c:\windows\system32\iesetup.dll 2011-05-05 16:10 . 2011-05-05 16:10 76800 ----a-w- c:\windows\system32\tdc.ocx 2011-05-05 16:10 . 2011-05-05 16:10 603648 ----a-w- c:\windows\system32\vbscript.dll 2011-05-05 16:10 . 2011-05-05 16:10 49664 ----a-w- c:\windows\system32\imgutil.dll 2011-05-05 16:10 . 2011-05-05 16:10 48640 ----a-w- c:\windows\system32\mshtmler.dll 2011-05-05 16:10 . 2011-05-05 16:10 448512 ----a-w- c:\windows\system32\html.iec 2011-05-05 16:10 . 2011-05-05 16:10 30720 ----a-w- c:\windows\system32\licmgr10.dll 2011-05-05 16:10 . 2011-05-05 16:10 2382848 ----a-w- c:\windows\system32\mshtml.tlb 2011-05-05 16:10 . 2011-05-05 16:10 2303488 ----a-w- c:\windows\system32\jscript9.dll 2011-05-05 16:10 . 2011-05-05 16:10 173056 ----a-w- c:\windows\system32\ieUnatt.exe 2011-05-05 16:10 . 2011-05-05 16:10 165888 ----a-w- c:\windows\system32\iexpress.exe 2011-05-05 16:10 . 2011-05-05 16:10 160256 ----a-w- c:\windows\system32\wextract.exe 2011-05-05 16:10 . 2011-05-05 16:10 1492992 ----a-w- c:\windows\system32\inetcpl.cpl 2011-05-05 16:10 . 2011-05-05 16:10 135168 ----a-w- c:\windows\system32\IEAdvpack.dll 2011-05-05 16:10 . 2011-05-05 16:10 12288 ----a-w- c:\windows\system32\mshta.exe 2011-05-05 16:10 . 2011-05-05 16:10 114176 ----a-w- c:\windows\system32\admparse.dll 2011-05-05 16:10 . 2011-05-05 16:10 111616 ----a-w- c:\windows\system32\iesysprep.dll 2011-04-13 22:40 . 2011-04-13 22:40 4284416 ----a-w- c:\windows\SysWow64\GPhotos.scr 2011-03-31 05:04 . 2011-03-31 05:04 43680 ----a-w- c:\windows\system32\drivers\lirsgt.sys 2011-03-31 05:04 . 2011-03-31 05:04 314016 ----a-w- c:\windows\system32\drivers\atksgt.sys 2011-03-23 11:36 . 2010-06-24 06:03 18328 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll 2011-03-23 10:23 . 2009-07-14 02:36 175616 ----a-w- c:\windows\system32\msclmd.dll 2011-03-23 10:23 . 2009-07-14 02:36 152576 ----a-w- c:\windows\SysWow64\msclmd.dll 2011-03-21 07:52 . 2011-03-21 07:52 74272 ----a-w- c:\windows\system32\RtNicProp64.dll 2011-03-21 07:52 . 2011-03-21 07:52 452200 ----a-w- c:\windows\system32\drivers\Rt64win7.sys 2011-03-21 07:52 . 2010-12-15 07:23 107552 ----a-w- c:\windows\system32\RTNUninst64.dll . . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IDMan"="c:\program files (x86)\Internet Download Manager\IDMan.exe" [2011-02-01 3265944] "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584] "NokiaOviSuite2"="c:\program files (x86)\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe" [2010-12-20 697856] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "NokiaMServer"="c:\program files (x86)\Common Files\Nokia\MPlatform\NokiaMServer" [X] "mcui_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2010-11-22 1484856] "FATrayAlert"="c:\program files (x86)\Sensible Vision\Fast Access\FATrayMon.exe" [2010-08-17 93312] "StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-06-01 98304] "RoxWatchTray"="c:\program files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe" [2010-09-03 240112] "QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2010-11-29 421888] "iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2011-01-25 421160] "Desktop Disc Tool"="c:\program files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe" [2010-09-02 518640] "Dell Webcam Central"="c:\program files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" [2010-08-19 487562] "Dell DataSafe Online"="c:\program files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe" [2010-08-25 1117528] "AdobeCS4ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" [2008-08-14 611712] "Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-01-31 35760] "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-20 932288] "IAStorIcon"="c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" [2010-06-08 284696] "NBAgent"="c:\program files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe" [2010-03-26 1234216] "TkBellExe"="c:\program files (x86)\Real\RealPlayer\update\realsched.exe" [2011-06-01 273544] "WordWeb"="c:\program files (x86)\WordWeb\wweb32.exe" [2009-11-08 65216] . c:\users\Harsh\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ Dell Dock.lnk - c:\program files\Dell\DellDock\DellDock.exe [2010-10-12 1324384] . c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2009-7-1 1079584] Scrybe.lnk - c:\windows\Installer\{13061CAA-0284-4F9A-B460-3D4699575B35}\NewShortcut11_8ACB210B42E44145A8C31F8E3DD765A3.exe [2011-2-11 45056] . c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ Dell Dock First Run.lnk - c:\program files\Dell\DellDock\DellDock.exe [2010-10-12 1324384] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 0 (0x0) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableLUA"= 0 (0x0) "EnableUIADesktopToggle"= 0 (0x0) "PromptOnSecureDesktop"= 0 (0x0) "EnableLinkedConnections"= 1 (0x1) . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\FastAccess] 2010-08-17 07:32 146560 ----a-w- c:\program files (x86)\Sensible Vision\Fast Access\FALogNot.dll . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc] @="" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS] @="" . R0 mfewfpk;McAfee Inc. mfewfpk;c:\windows\system32\drivers\mfewfpk.sys [x] R2 Apache2.2;Apache2.2;c:\xampp\apache\bin\httpd.exe [2009-12-19 29416] R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] R2 RoxWatch12;Roxio Hard Drive Watcher 12;c:\program files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe [2010-09-03 219632] R3 ALSysIO;ALSysIO;c:\users\Harsh\AppData\Local\Temp\ALSysIO64.sys [x] R3 BBSvc;Bing Bar Update Service;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-02-28 183560] R3 FACAP;facap, FastAccess Video Capture;c:\windows\system32\DRIVERS\facap.sys [x] R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2011-01-22 1038088] R3 hwusbdev;Huawei DataCard USB PNP Device;c:\windows\system32\DRIVERS\ewusbdev.sys [x] R3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [x] R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\Microsoft Office\Office14\GROOVE.EXE [2010-03-25 51456888] R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440] R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184] R3 PCDSRVC{1E208CE0-FB7451FF-06020101}_0;PCDSRVC{1E208CE0-FB7451FF-06020101}_0 - PCDR Kernel Mode Service Helper Driver;c:\program files\dell support center\pcdsrvc_x64.pkms [2011-05-12 25072] R3 RoxMediaDB12OEM;RoxMediaDB12OEM;c:\program files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe [2010-09-03 1116656] R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [x] R3 teamviewervpn;TeamViewer VPN Adapter;c:\windows\system32\DRIVERS\teamviewervpn.sys [x] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x] R3 TurboBoost;TurboBoost;c:\program files\Intel\TurboBoost\TurboBoost.exe [2009-11-02 126352] R3 VSPerfDrv100;Performance Tools Driver 10.0;c:\program files (x86)\Microsoft Visual Studio 10.0\Team Tools\Performance Tools\x64\VSPerfDrv100.sys [2010-03-17 68440] R4 McOobeSv;McAfee OOBE Service;c:\program files\Common Files\mcafee\McSvcHost\McSvHost.exe [2010-03-10 355440] R4 MSSQLServerADHelper100;SQL Active Directory Helper Service;c:\program files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [2009-07-22 61976] R4 RsFx0103;RsFx0103 Driver;c:\windows\system32\DRIVERS\RsFx0103.sys [x] R4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS);c:\program files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [2010-09-17 430424] R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184] S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [x] S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x] S1 mfenlfk;McAfee NDIS Light Filter;c:\windows\system32\DRIVERS\mfenlfk.sys [x] S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x] S2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_58afa5ca50c7b5e7\AESTSr64.exe [2009-03-03 89600] S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x] S2 DockLoginService;Dock Login Service;c:\program files\Dell\DellDock\DockLogin.exe [2010-01-11 155648] S2 FAService;FAService;c:\program files (x86)\Sensible Vision\Fast Access\FAService.exe [2010-08-17 2423936] S2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-06-08 13336] S2 IDMWFP;IDMWFP;c:\windows\system32\DRIVERS\idmwfp.sys [x] S2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe [2010-03-10 355440] S2 McMPFSvc;McAfee Personal Firewall Service;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe [2010-03-10 355440] S2 McNaiAnn;McAfee VirusScan Announcer;c:\program files\Common Files\mcafee\McSvcHost\McSvHost.exe [2010-03-10 355440] S2 mfefire;McAfee Firewall Core Service;c:\program files\Common Files\McAfee\SystemCore\\mfefire.exe [2010-10-13 245352] S2 mfevtp;McAfee Validation Trust Protection Service;c:\program files\Common Files\McAfee\SystemCore\mfevtps.exe [2011-03-13 158832] S2 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe [2010-03-25 490280] S2 NOBU;Dell DataSafe Online;c:\program files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe SERVICE [x] S2 ScrybeUpdater;Scrybe Updater;c:\program files (x86)\Synaptics\Scrybe\Service\ScrybeUpdater.exe [2011-01-14 1294848] S2 SftService;SoftThinks Agent Service;c:\program files (x86)\Dell DataSafe Local Backup\sftservice.EXE [2010-08-20 689472] S2 TeamViewer6;TeamViewer 6;c:\program files (x86)\TeamViewer\Version6\TeamViewer_Service.exe [2011-04-01 2271608] S2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys [x] S2 UNS;Intel® Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2010-03-03 2320920] S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [x] S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [x] S3 btusbflt;Bluetooth USB Filter;c:\windows\system32\drivers\btusbflt.sys [x] S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [x] S3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys [x] S3 CtClsFlt;Creative Camera Class Upper Filter Driver;c:\windows\system32\DRIVERS\CtClsFlt.sys [x] S3 HECIx64;Intel® Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [x] S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys [x] S3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys [x] S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x] S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x] . . --- Other Services/Drivers In Memory --- . *Deregistered* - mfeavfk01 . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost] iissvcs REG_MULTI_SZ w3svc was apphost REG_MULTI_SZ apphostsvc . Contents of the 'Scheduled Tasks' folder . 2011-06-12 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-665919953-3711101877-3725385491-1000Core.job - c:\users\Harsh\AppData\Local\Google\Update\GoogleUpdate.exe [2011-01-21 14:37] . 2011-06-12 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-665919953-3711101877-3725385491-1000UA.job - c:\users\Harsh\AppData\Local\Google\Update\GoogleUpdate.exe [2011-01-21 14:37] . 2011-06-01 c:\windows\Tasks\PCDoctorBackgroundMonitorTask.job - c:\program files\Dell Support Center\uaclauncher.exe [2011-05-16 22:16] . 2011-06-12 c:\windows\Tasks\SystemToolsDailyTest.job - c:\program files\Dell Support Center\uaclauncher.exe [2011-05-16 22:16] . . --------- x86-64 ----------- . . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\IDM Shell Extension] @="{CDC95B92-E27C-4745-A8C5-64A52A78855D}" [HKEY_CLASSES_ROOT\CLSID\{CDC95B92-E27C-4745-A8C5-64A52A78855D}] 2011-01-25 10:40 84720 ----a-w- c:\program files (x86)\Internet Download Manager\IDMShellExt64.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "combofix"="c:\combofix\CF16393.cfxxe" [X] "SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2010-01-21 487424] "Broadcom Wireless Manager UI"="c:\program files\Dell\DW WLAN Card\WLTRAY.exe" [2009-12-17 5470208] "BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 112512] . ------- Supplementary Scan ------- . uLocal Page = c:\windows\system32\blank.htm mLocal Page = c:\windows\system32\blank.htm uInternet Settings,ProxyServer = 172.18.1.9:3128 uInternet Settings,ProxyOverride = *.local;10.82.100.100;<local> IE: Download all links with IDM - c:\program files (x86)\Internet Download Manager\IEGetAll.htm IE: Download FLV video content with IDM - c:\program files (x86)\Internet Download Manager\IEGetVL.htm IE: Download with IDM - c:\program files (x86)\Internet Download Manager\IEExt.htm TCP: DhcpNameServer = 192.168.1.1 FF - ProfilePath - c:\users\Harsh\AppData\Roaming\Mozilla\Firefox\Profiles\jhvnopzk.default\ FF - prefs.js: browser.search.selectedEngine - Google FF - prefs.js: browser.startup.homepage - hxxp://www.google.co.in/ FF - prefs.js: keyword.URL - hxxp://in.search.yahoo.com/search?fr=mcafee&p= FF - prefs.js: network.proxy.ftp - 172.18.1.9 FF - prefs.js: network.proxy.ftp_port - 3128 FF - prefs.js: network.proxy.gopher - 10.82.90.94 FF - prefs.js: network.proxy.gopher_port - 3128 FF - prefs.js: network.proxy.http - 172.18.1.9 FF - prefs.js: network.proxy.http_port - 3128 FF - prefs.js: network.proxy.socks - 172.18.1.9 FF - prefs.js: network.proxy.socks_port - 3128 FF - prefs.js: network.proxy.ssl - 172.18.1.9 FF - prefs.js: network.proxy.ssl_port - 3128 FF - prefs.js: network.proxy.type - 0 . - - - - ORPHANS REMOVED - - - - . Toolbar-Locked - (no file) Wow6432Node-HKLM-Run-FAStartup - (no file) HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe . . . [HKEY_LOCAL_MACHINE\system\ControlSet001\services\PCDSRVC{1E208CE0-FB7451FF-06020101}_0] "ImagePath"="\??\c:\program files\dell support center\pcdsrvc_x64.pkms" . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_USERS\S-1-5-21-665919953-3711101877-3725385491-1000\Software\SecuROM\License information*] "datasecu"=hex:a2,22,46,6e,74,6f,80,5d,80,2d,16,3d,63,c5,74,b4,39,c4,ff,62,46, 5c,ed,38,2f,28,e4,12,70,4d,13,7e,da,6b,1f,89,32,c3,a2,1d,89,ca,19,d3,7c,36,\ "rkeysecu"=hex:2f,0f,d5,3e,02,2b,06,63,b1,0b,dd,b6,71,e2,54,98 . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10p_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10p_ActiveX.exe" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10p.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.10" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10p.ocx, 1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10p.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10p.ocx, 1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}] @Denied: (A 2) (Everyone) @="IFlashBroker4" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\software\McAfee] "SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79, 00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\ . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}001\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}004\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . ------------------------ Other Running Processes ------------------------ . c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe c:\program files (x86)\Bonjour\mDNSResponder.exe c:\windows\system32\crypserv.exe c:\program files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe c:\windows\SysWOW64\rundll32.exe c:\xampp\mysql\bin\mysqld.exe c:\program files (x86)\Microsoft\BingBar\SeaPort.EXE c:\program files (x86)\Common Files\Nokia\MPlatform\NokiaMServer.exe c:\program files (x86)\Sensible Vision\Fast Access\FATrayAlert.exe c:\program files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe c:\program files (x86)\Internet Download Manager\IEMonitor.exe c:\program files (x86)\Synaptics\Scrybe\scrybe.exe c:\program files (x86)\PC Connectivity Solution\ServiceLayer.exe c:\program files (x86)\PC Connectivity Solution\Transports\NclRSSrv.exe c:\program files (x86)\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe c:\program files (x86)\Common Files\Nokia\NoA\nokiaaserver.exe . ************************************************************************** . Completion time: 2011-06-12 18:49:42 - machine was rebooted ComboFix-quarantined-files.txt 2011-06-12 13:19 ComboFix2.txt 2011-06-11 14:11 . Pre-Run: 56,549,343,232 bytes free Post-Run: 56,490,557,440 bytes free . - - End Of File - - 84ADE8B43F36A26677A9ADD8E8C97708
  10. Hey blade you were a great help to me and after running combo fix last time the error is coming no more now So should i still do what you wanted me to do in your previous post or just leave it Reply...!!!
  11. New DSS.txt as you requested : . DDS (Ver_2011-06-03.01) - NTFSAMD64 Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_24 Run by Harsh at 19:49:46 on 2011-06-11 Microsoft Windows 7 Home Basic 6.1.7601.1.1252.91.1033.18.3959.2668 [GMT 5.5:30] . AV: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {86355677-4064-3EA7-ABB3-1B136EB04637} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {3D54B793-665E-3129-9103-206115370C8A} FW: McAfee Firewall *Enabled* {BE0ED752-0A0B-3FFF-80EC-B2269063014C} . ============== Running Processes =============== . C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\system32\atiesrxx.exe C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted c:\Program Files (x86)\Sensible Vision\Fast Access\FAService.exe C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_58afa5ca50c7b5e7\STacSV64.exe C:\Windows\system32\svchost.exe -k LocalService C:\Program Files\Dell\DellDock\DockLogin.exe C:\Windows\system32\svchost.exe -k NetworkService C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE C:\Windows\system32\WLANExt.exe C:\Windows\system32\conhost.exe C:\Program Files\Dell\DW WLAN Card\bcmwltry.exe C:\Windows\system32\atieclxx.exe C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_58afa5ca50c7b5e7\AESTSr64.exe C:\Windows\system32\svchost.exe -k apphost C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files (x86)\Bonjour\mDNSResponder.exe C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe C:\Windows\system32\crypserv.exe C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe C:\Windows\system32\rundll32.exe C:\Windows\SysWOW64\rundll32.exe c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe C:\Windows\system32\taskhost.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\xampp\mysql\bin\mysqld.exe C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe C:\Program Files (x86)\Synaptics\Scrybe\Service\ScrybeUpdater.exe C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe C:\Windows\system32\svchost.exe -k iissvcs C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe C:\Program Files\IDT\WDM\sttray64.exe C:\Program Files\Dell\QuickSet\quickset.exe C:\Program Files\Dell\DW WLAN Card\WLTRAY.EXE C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Program Files (x86)\Internet Download Manager\IDMan.exe C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe C:\Program Files\Synaptics\SynTP\SynTPHelper.exe C:\Program Files\mcafee.com\agent\mcagent.exe C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayMon.exe C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayAlert.exe C:\Program Files (x86)\Common Files\Nokia\MPlatform\NokiaMServer.exe C:\Program Files (x86)\iTunes\iTunesHelper.exe C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe C:\Program Files (x86)\Synaptics\Scrybe\scrybe.exe C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe C:\Windows\system32\SearchIndexer.exe C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Program Files\iPod\bin\iPodService.exe C:\Program Files (x86)\Yahoo!\Messenger\ymsgr_tray.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe C:\Program Files (x86)\Nero\Update\NASvc.exe C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe C:\Windows\System32\svchost.exe -k secsvcs C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE C:\Windows\system32\taskeng.exe C:\Windows\system32\SearchProtocolHost.exe C:\Windows\system32\SearchFilterHost.exe C:\Windows\system32\DllHost.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\system32\conhost.exe C:\Windows\SysWOW64\cscript.exe C:\Windows\system32\wbem\wmiprvse.exe . ============== Pseudo HJT Report =============== . uInternet Settings,ProxyServer = 172.18.1.9:3128 uInternet Settings,ProxyOverride = *.local;10.82.100.100;<local> uURLSearchHooks: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO: McAfee Phishing Filter: {27b4851a-3207-45a2-b947-be8afe6163ab} - c:\progra~1\mcafee\msk\mskapbho.dll BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - C:\PROGRA~2\MICROS~3\Office14\GROOVEEX.DLL BHO: scriptproxy: {7db2d5a0-7241-4e79-b68d-6309f01c5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20110129195304.dll BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO: Windows Live Messenger Companion Helper: {9fdde16b-836f-4806-ab1f-1455cbeff289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll BHO: SBCONVERT Class: {a1056498-d09a-41e4-864b-505edd640d9e} - C:\Program Files (x86)\SpeedBit Video Downloader\Toolbar\SpeedBitVideoDownloader.dll BHO: Skype Plug-In: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll BHO: McAfee SiteAdvisor BHO: {b164e929-a1b6-4a06-b104-2cd0e90a88ff} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - C:\PROGRA~2\MICROS~3\Office14\URLREDIR.DLL BHO: QUICKfind BHO Object: {c08df07a-3e49-4e25-9ab0-d3882835f153} - C:\PROGRA~2\IDM\QUICKF~1\PlugIns\IEHelp.dll BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" BHO: SSOIEAddonBHO Class: {da5bce70-d057-4d63-943d-5f3927ec59f1} - c:\Program Files (x86)\Sensible Vision\Fast Access\FAIESSO.dll BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll BHO: Microsoft Web Test Recorder 10.0 Helper: {dda57003-0068-4ed2-9d32-4d1ec707d94d} - C:\Program Files (x86)\Microsoft Visual Studio 10.0\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll BHO: GrabberObj Class: {ff7c3cf0-4b15-11d1-abed-709549c10000} - C:\PROGRA~2\SPEEDB~1\Toolbar\grabber.dll TB: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" TB: SpeedBit Video Downloader: {0329e7d6-6f54-462d-93f6-f5c3118badf2} - C:\Program Files (x86)\SpeedBit Video Downloader\Toolbar\SpeedBitVideoDownloader.dll TB: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File TB: {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - No File uRun: [IDMan] C:\Program Files (x86)\Internet Download Manager\IDMan.exe /onboot uRun: [Messenger (Yahoo!)] "C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe" -quiet mRun: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey mRun: [FATrayAlert] c:\Program Files (x86)\Sensible Vision\Fast Access\FATrayMon.exe mRun: [StartCCC] "c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun mRun: [RoxWatchTray] "C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe" mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime mRun: [NokiaMServer] C:\Program Files (x86)\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" mRun: [Desktop Disc Tool] "C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe" mRun: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2 mRun: [Dell DataSafe Online] C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe mRun: [AdobeCS4ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" mRun: [IAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe mRun: [NBAgent] "C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe" /WinStart mRun: [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe" -osboot StartupFolder: C:\Users\Harsh\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\DELLDO~1.LNK - C:\Program Files (x86)\Dell\DellDock\DellDock.exe StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\BLUETO~1.LNK - C:\Program Files (x86)\WIDCOMM\Bluetooth Software\BTTray.exe StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\Scrybe.lnk - C:\Windows\Installer\{13061CAA-0284-4F9A-B460-3D4699575B35}\NewShortcut11_8ACB210B42E44145A8C31F8E3DD765A3.exe mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0) mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3) mPolicies-system: EnableLUA = 0 (0x0) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) mPolicies-system: PromptOnSecureDesktop = 0 (0x0) mPolicies-system: EnableLinkedConnections = 1 (0x1) IE: &Clean Traces - C:\Program Files (x86)\DAP\Privacy Package\dapcleanerie.htm IE: &Download with &DAP - C:\Program Files (x86)\DAP\dapextie.htm IE: Add to Google Photos Screensa&ver - C:\Windows\system32\GPhotos.scr/200 IE: Download &all with DAP - C:\Program Files (x86)\DAP\dapextie2.htm IE: Download all links with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm IE: Download FLV video content with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetVL.htm IE: Download with IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm IE: E&xport to Microsoft Excel - C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000 IE: Se&nd to OneNote - C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105 IE: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm IE: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab DPF: {C1F8FC10-E5DB-4112-9DBF-6C3FF728D4E3} - hxxp://support.dell.com/systemprofiler/DellSystemLite.CAB DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab TCP: DhcpNameServer = 192.168.1.1 TCP: Interfaces\{18D1B905-1D1C-41AF-A6A5-BEE01DCD9CB5} : DhcpNameServer = 192.168.1.1 TCP: Interfaces\{E473D6BD-BD92-4869-BF0B-E022E5F0A0AF}\57461697 : DhcpNameServer = 202.56.224.153 59.144.127.17 Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\McAfee\SITEAD~1\McIEPlg.dll Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\McAfee\SITEAD~1\McIEPlg.dll Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll Name-Space Handler: ftp\ZDA - {5BFA1DAF-5EDC-11D2-959E-00C00C02DA5E} - C:\PROGRA~2\DAP\dapie.dll Name-Space Handler: http\ZDA - {5BFA1DAF-5EDC-11D2-959E-00C00C02DA5E} - C:\PROGRA~2\DAP\dapie.dll Notify: FastAccess - c:\Program Files (x86)\Sensible Vision\Fast Access\FALogNot.dll SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - C:\PROGRA~2\MICROS~3\Office14\GROOVEEX.DLL BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO-X64: AcroIEHelperStub - No File BHO-X64: McAfee Phishing Filter: {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\progra~1\mcafee\msk\mskapbho.dll BHO-X64: McAfee Phishing Filter - No File BHO-X64: RealPlayer Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll BHO-X64: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~3\Office14\GROOVEEX.DLL BHO-X64: scriptproxy: {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20110129195304.dll BHO-X64: scriptproxy - No File BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO-X64: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll BHO-X64: SBCONVERT Class: {A1056498-D09A-41E4-864B-505EDD640D9E} - C:\Program Files (x86)\SpeedBit Video Downloader\Toolbar\SpeedBitVideoDownloader.dll BHO-X64: SBCONVERT - No File BHO-X64: Skype Plug-In: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll BHO-X64: SkypeIEPluginBHO - No File BHO-X64: McAfee SiteAdvisor BHO: {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll BHO-X64: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~3\Office14\URLREDIR.DLL BHO-X64: URLRedirectionBHO - No File BHO-X64: QUICKfind BHO Object: {C08DF07A-3E49-4E25-9AB0-D3882835F153} - C:\PROGRA~2\IDM\QUICKF~1\PlugIns\IEHelp.dll BHO-X64: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" BHO-X64: SSOIEAddonBHO Class: {DA5BCE70-D057-4D63-943D-5F3927EC59F1} - c:\Program Files (x86)\Sensible Vision\Fast Access\FAIESSO.dll BHO-X64: SSOIEAddonBHO - No File BHO-X64: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll BHO-X64: Microsoft Web Test Recorder 10.0 Helper: {DDA57003-0068-4ed2-9D32-4D1EC707D94D} - C:\Program Files (x86)\Microsoft Visual Studio 10.0\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll BHO-X64: GrabberObj Class: {FF7C3CF0-4B15-11D1-ABED-709549C10000} - C:\PROGRA~2\SPEEDB~1\Toolbar\grabber.dll BHO-X64: GrabberObj Class - No File TB-X64: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll TB-X64: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" TB-X64: SpeedBit Video Downloader: {0329E7D6-6F54-462D-93F6-F5C3118BADF2} - C:\Program Files (x86)\SpeedBit Video Downloader\Toolbar\SpeedBitVideoDownloader.dll TB-X64: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File TB-X64: {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - No File mRun-x64: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey mRun-x64: [FATrayAlert] c:\Program Files (x86)\Sensible Vision\Fast Access\FATrayMon.exe mRun-x64: [StartCCC] "c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun mRun-x64: [RoxWatchTray] "C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe" mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime mRun-x64: [NokiaMServer] C:\Program Files (x86)\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup mRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" mRun-x64: [Desktop Disc Tool] "C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe" mRun-x64: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2 mRun-x64: [Dell DataSafe Online] C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe mRun-x64: [AdobeCS4ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin mRun-x64: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun-x64: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" mRun-x64: [IAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe mRun-x64: [NBAgent] "C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe" /WinStart mRun-x64: [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe" -osboot IE-X64: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm SEH-X64: Groove GFS Stub Execution Hook: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~3\Office14\GROOVEEX.DLL . ================= FIREFOX =================== . FF - ProfilePath - C:\Users\Harsh\AppData\Roaming\Mozilla\Firefox\Profiles\jhvnopzk.default\ FF - prefs.js: browser.search.selectedEngine - Google FF - prefs.js: browser.startup.homepage - hxxp://www.google.co.in/ FF - prefs.js: keyword.URL - hxxp://in.search.yahoo.com/search?fr=mcafee&p= FF - prefs.js: network.proxy.ftp - 172.18.1.9 FF - prefs.js: network.proxy.ftp_port - 3128 FF - prefs.js: network.proxy.gopher - 10.82.90.94 FF - prefs.js: network.proxy.gopher_port - 3128 FF - prefs.js: network.proxy.http - 172.18.1.9 FF - prefs.js: network.proxy.http_port - 3128 FF - prefs.js: network.proxy.socks - 172.18.1.9 FF - prefs.js: network.proxy.socks_port - 3128 FF - prefs.js: network.proxy.ssl - 172.18.1.9 FF - prefs.js: network.proxy.ssl_port - 3128 FF - prefs.js: network.proxy.type - 0 FF - plugin: C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL FF - plugin: C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL FF - plugin: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.0.60310.0\npctrlui.dll FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll FF - plugin: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll FF - plugin: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll FF - plugin: C:\Users\Harsh\AppData\Local\Google\Google Earth\plugin\npgeplugin.dll FF - plugin: C:\Users\Harsh\AppData\Local\Google\Update\1.3.21.57\npGoogleUpdate3.dll FF - plugin: C:\Windows\system32\TVUAx\npTVUAx.dll FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll . ============= SERVICES / DRIVERS =============== . R0 mfehidk;McAfee Inc. mfehidk;C:\Windows\system32\drivers\mfehidk.sys --> C:\Windows\system32\drivers\mfehidk.sys [?] R0 PxHlpa64;PxHlpa64;C:\Windows\system32\Drivers\PxHlpa64.sys --> C:\Windows\system32\Drivers\PxHlpa64.sys [?] R1 mfenlfk;McAfee NDIS Light Filter;C:\Windows\system32\DRIVERS\mfenlfk.sys --> C:\Windows\system32\DRIVERS\mfenlfk.sys [?] R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?] R2 AESTFilters;Andrea ST Filters Service;C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_58afa5ca50c7b5e7\AESTSr64.exe [2010-12-15 89600] R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\system32\atiesrxx.exe --> C:\Windows\system32\atiesrxx.exe [?] R2 DockLoginService;Dock Login Service;C:\Program Files\Dell\DellDock\DockLogin.exe [2010-1-11 155648] R2 FAService;FAService;C:\Program Files (x86)\Sensible Vision\Fast Access\FAService.exe [2010-8-17 2423936] R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-5-28 13336] R2 IDMWFP;IDMWFP;C:\Windows\system32\DRIVERS\idmwfp.sys --> C:\Windows\system32\DRIVERS\idmwfp.sys [?] R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe [2011-1-29 355440] R2 McMPFSvc;McAfee Personal Firewall Service;C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe [2011-1-29 355440] R2 McNaiAnn;McAfee VirusScan Announcer;C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe [2011-1-29 355440] R2 McProxy;McAfee Proxy Service;C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe [2011-1-29 355440] R2 McShield;McShield;C:\Program Files\Common Files\mcafee\systemcore\mcshield.exe [2010-12-15 200056] R2 mfefire;McAfee Firewall Core Service;C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe [2010-12-15 245352] R2 mfevtp;McAfee Validation Trust Protection Service;C:\Program Files\Common Files\mcafee\systemcore\mfevtps.exe [2010-12-15 158832] R2 NAUpdate;Nero Update;C:\Program Files (x86)\Nero\Update\NASvc.exe [2010-3-25 490280] R2 NOBU;Dell DataSafe Online;C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe [2010-8-25 2823000] R2 ScrybeUpdater;Scrybe Updater;C:\Program Files (x86)\Synaptics\Scrybe\Service\ScrybeUpdater.exe [2011-1-14 1294848] R2 TeamViewer6;TeamViewer 6;C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe [2011-4-1 2271608] R2 TurboB;Turbo Boost UI Monitor driver;C:\Windows\system32\DRIVERS\TurboB.sys --> C:\Windows\system32\DRIVERS\TurboB.sys [?] R2 UNS;Intel® Management & Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2010-12-15 2320920] R3 amdkmdag;amdkmdag;C:\Windows\system32\DRIVERS\atikmdag.sys --> C:\Windows\system32\DRIVERS\atikmdag.sys [?] R3 amdkmdap;amdkmdap;C:\Windows\system32\DRIVERS\atikmpag.sys --> C:\Windows\system32\DRIVERS\atikmpag.sys [?] R3 cfwids;McAfee Inc. cfwids;C:\Windows\system32\drivers\cfwids.sys --> C:\Windows\system32\drivers\cfwids.sys [?] R3 CtClsFlt;Creative Camera Class Upper Filter Driver;C:\Windows\system32\DRIVERS\CtClsFlt.sys --> C:\Windows\system32\DRIVERS\CtClsFlt.sys [?] R3 HECIx64;Intel® Management Engine Interface;C:\Windows\system32\DRIVERS\HECIx64.sys --> C:\Windows\system32\DRIVERS\HECIx64.sys [?] R3 Impcd;Impcd;C:\Windows\system32\DRIVERS\Impcd.sys --> C:\Windows\system32\DRIVERS\Impcd.sys [?] R3 mfeavfk;McAfee Inc. mfeavfk;C:\Windows\system32\drivers\mfeavfk.sys --> C:\Windows\system32\drivers\mfeavfk.sys [?] R3 mfefirek;McAfee Inc. mfefirek;C:\Windows\system32\drivers\mfefirek.sys --> C:\Windows\system32\drivers\mfefirek.sys [?] R3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184] R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?] R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\system32\DRIVERS\vwifimp.sys --> C:\Windows\system32\DRIVERS\vwifimp.sys [?] S2 Apache2.2;Apache2.2;C:\xampp\apache\bin\httpd.exe [2011-2-16 29416] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576] S2 KMService;KMService;C:\Windows\System32\srvany.exe [2011-1-29 8192] S2 RoxWatch12;Roxio Hard Drive Watcher 12;C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe [2010-9-4 219632] S2 SftService;SoftThinks Agent Service;C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe [2010-12-15 689472] S2 uTorrentService;uTorrent;C:\Windows\SysWOW64\uTorrent\uTorrent.exe --> C:\Windows\SysWOW64\uTorrent\uTorrent.exe [?] S3 BBSvc;Bing Bar Update Service;C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-2-28 183560] S3 btusbflt;Bluetooth USB Filter;C:\Windows\system32\drivers\btusbflt.sys --> C:\Windows\system32\drivers\btusbflt.sys [?] S3 btwl2cap;Bluetooth L2CAP Service;C:\Windows\system32\DRIVERS\btwl2cap.sys --> C:\Windows\system32\DRIVERS\btwl2cap.sys [?] S3 FACAP;facap, FastAccess Video Capture;C:\Windows\system32\DRIVERS\facap.sys --> C:\Windows\system32\DRIVERS\facap.sys [?] S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2011-1-22 1038088] S3 fssfltr;fssfltr;C:\Windows\system32\DRIVERS\fssfltr.sys --> C:\Windows\system32\DRIVERS\fssfltr.sys [?] S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-9-23 1493352] S3 mferkdet;McAfee Inc. mferkdet;C:\Windows\system32\drivers\mferkdet.sys --> C:\Windows\system32\drivers\mferkdet.sys [?] S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2010-3-25 51456888] S3 ose64;Office 64 Source Engine;C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-1-9 174440] S3 PCDSRVC{1E208CE0-FB7451FF-06020101}_0;PCDSRVC{1E208CE0-FB7451FF-06020101}_0 - PCDR Kernel Mode Service Helper Driver;C:\Program Files\Dell Support Center\pcdsrvc_x64.pkms [2011-5-12 25072] S3 RoxMediaDB12OEM;RoxMediaDB12OEM;C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe [2010-9-4 1116656] S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\Windows\system32\Drivers\RtsUStor.sys --> C:\Windows\system32\Drivers\RtsUStor.sys [?] S3 teamviewervpn;TeamViewer VPN Adapter;C:\Windows\system32\DRIVERS\teamviewervpn.sys --> C:\Windows\system32\DRIVERS\teamviewervpn.sys [?] S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?] S3 TurboBoost;TurboBoost;C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2009-11-2 126352] S3 VSPerfDrv100;Performance Tools Driver 10.0;C:\Program Files (x86)\Microsoft Visual Studio 10.0\Team Tools\Performance Tools\x64\VSPerfDrv100.sys [2010-3-17 68440] S4 McOobeSv;McAfee OOBE Service;C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe [2011-1-29 355440] S4 MSSQLServerADHelper100;SQL Active Directory Helper Service;C:\Program Files\Microsoft SQL Server\100\Shared\sqladhlp.exe [2009-7-22 61976] S4 RsFx0103;RsFx0103 Driver;C:\Windows\system32\DRIVERS\RsFx0103.sys --> C:\Windows\system32\DRIVERS\RsFx0103.sys [?] S4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS);C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [2010-9-17 430424] S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184] . =============== Created Last 30 ================ . 2011-06-11 14:05:33 -------- d-sh--w- C:\$RECYCLE.BIN 2011-06-11 13:53:20 98816 ----a-w- C:\Windows\sed.exe 2011-06-11 13:53:20 518144 ----a-w- C:\Windows\SWREG.exe 2011-06-11 13:53:20 256512 ----a-w- C:\Windows\PEV.exe 2011-06-11 13:53:20 208896 ----a-w- C:\Windows\MBR.exe 2011-06-11 04:06:33 8718160 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{5BBC60A5-89E3-4C63-8C18-F8F668BC0812}\mpengine.dll 2011-06-08 15:49:23 -------- d-----w- C:\ProgramData\Microsoft Visual Studio 2011-06-08 15:47:06 -------- d-----w- C:\VBProjects 2011-06-07 11:27:49 -------- d-----w- C:\Users\Harsh\Real Player Videos 2011-06-07 11:19:23 -------- d-----w- C:\Users\Harsh\Other Videos 2011-06-06 14:11:56 -------- d-----w- C:\Users\Harsh\AppData\Roaming\Xilisoft 2011-06-06 14:11:22 -------- d-----w- C:\ProgramData\Xilisoft 2011-06-03 09:24:09 -------- d-----w- C:\Users\Harsh\AppData\Local\assembly 2011-06-02 10:39:55 72536 ----a-w- C:\Windows\SysWow64\perf-MSSQL$SQLEXPRESS-sqlctr10.2.4000.0.dll 2011-06-02 10:39:55 108376 ----a-w- C:\Windows\System32\perf-MSSQL$SQLEXPRESS-sqlctr10.2.4000.0.dll 2011-06-02 10:39:55 105816 ----a-w- C:\Windows\System32\SQSRVRES.DLL 2011-06-02 09:16:57 -------- d-----w- C:\Windows\InstallDir 2011-06-02 08:41:51 -------- d-----w- C:\Users\Harsh\AppData\Local\Broadcom 2011-06-02 08:40:49 98344 ----a-w- C:\Windows\System32\drivers\btwaudio.sys 2011-06-02 08:40:49 35104 ----a-w- C:\Windows\System32\drivers\btwl2cap.sys 2011-06-02 08:40:49 21160 ----a-w- C:\Windows\System32\drivers\btwrchid.sys 2011-06-02 08:40:49 132648 ----a-w- C:\Windows\System32\drivers\btwavdt.sys 2011-06-02 07:24:41 232480 ----a-w- C:\Windows\System32\drivers\RtsUStor.sys 2011-06-02 07:24:40 7367200 ----a-w- C:\Windows\SysWow64\RtsUStoricon.dll 2011-06-02 07:24:40 422432 ----a-w- C:\Windows\System32\RtsUStor.dll 2011-06-02 06:23:05 -------- d-----w- C:\Users\Harsh\AppData\Local\{DD199D1D-206F-44C9-8531-7398015C2DDA} 2011-06-02 06:22:50 -------- d-----w- C:\Users\Harsh\AppData\Local\{BFF80D5C-AD42-4D37-8A0F-CC5F9DC0A868} 2011-06-01 14:51:34 -------- d-----w- C:\Program Files (x86)\Common Files\xing shared 2011-06-01 14:51:08 499712 ----a-w- C:\Windows\SysWow64\msvcp71.dll 2011-06-01 13:42:59 -------- d-----w- C:\Users\Harsh\AppData\Local\NokiaAccount 2011-06-01 12:33:44 -------- d-----w- C:\Users\Harsh\AppData\Local\Nero 2011-06-01 12:31:50 -------- d-----w- C:\Users\Harsh\AppData\Local\Nero_AG 2011-06-01 12:07:34 -------- d-----w- C:\ProgramData\Nero 2011-06-01 12:06:48 -------- d-----w- C:\Program Files (x86)\Nero 2011-06-01 11:07:39 -------- d-----w- C:\Users\Harsh\AppData\Local\WinZip 2011-06-01 09:57:56 -------- d-----w- C:\ProgramData\SpeedBit 2011-06-01 09:57:52 -------- d-----w- C:\Program Files (x86)\DAP 2011-06-01 09:57:48 -------- d-----w- C:\Program Files (x86)\SpeedBit Video Downloader 2011-06-01 07:44:13 -------- d-----w- C:\Users\Harsh\New Folder 2011-05-30 04:40:16 -------- d-----w- C:\Users\Harsh\AppData\Local\Apple 2011-05-30 04:26:38 -------- d-----w- C:\Users\Harsh\AppData\Roaming\Microsoft Corporation 2011-05-30 04:14:46 78872 ----a-w- C:\Windows\System32\perf-SQLAgent$SQLEXPRESS-sqlagtctr10.1.2531.0.dll 2011-05-30 04:14:46 50200 ----a-w- C:\Windows\SysWow64\perf-SQLAgent$SQLEXPRESS-sqlagtctr10.1.2531.0.dll 2011-05-30 04:14:01 -------- d-----w- C:\Windows\System32\RsFx 2011-05-30 04:08:44 -------- d-----w- C:\Program Files\Microsoft SQL Server 2011-05-30 04:08:25 -------- d-----w- C:\Program Files (x86)\Microsoft SQL Server 2011-05-30 04:07:51 -------- d-----w- C:\Program Files (x86)\Microsoft Synchronization Services 2011-05-30 04:06:25 -------- d-----w- C:\ProgramData\PreEmptive Solutions 2011-05-30 04:01:49 -------- d-----w- C:\Program Files (x86)\Microsoft ASP.NET 2011-05-30 04:01:45 -------- d-----w- C:\Program Files\IIS 2011-05-30 04:01:45 -------- d-----w- C:\Program Files (x86)\IIS 2011-05-30 04:01:13 2478272 ----a-w- C:\ProgramData\Microsoft\VisualStudio\10.0\1033\ResourceCache.dll 2011-05-30 03:49:02 -------- d-----w- C:\Windows\SysWow64\1033 2011-05-30 03:48:13 -------- d-----w- C:\Program Files (x86)\Microsoft Visual Studio 10.0 2011-05-30 03:48:13 -------- d-----w- C:\Program Files (x86)\Microsoft F# 2011-05-30 03:48:13 -------- d-----w- C:\Program Files (x86)\HTML Help Workshop 2011-05-30 03:48:13 -------- d-----w- C:\Program Files (x86)\Common Files\Merge Modules 2011-05-30 03:43:17 -------- d-----w- C:\Windows\System32\1033 2011-05-30 03:43:16 -------- d-----w- C:\Program Files\Microsoft Visual Studio 10.0 2011-05-30 03:43:16 -------- d-----w- C:\Program Files\Microsoft Help Viewer 2011-05-29 05:55:45 -------- d-----w- C:\Program Files (x86)\Common Files\Real 2011-05-28 11:01:58 -------- d-----w- C:\ProgramData\Citrix 2011-05-28 11:00:51 -------- d-----w- C:\Users\Harsh\AppData\Local\Citrix 2011-05-28 11:00:21 -------- d-----w- C:\Users\Harsh\AppData\Local\Deployment 2011-05-28 09:36:39 -------- d-----w- C:\Program Files\Microsoft Synchronization Services 2011-05-28 09:36:01 -------- d-----w- C:\Program Files\Microsoft SQL Server Compact Edition 2011-05-28 09:33:43 -------- d-----w- C:\Program Files (x86)\Microsoft Visual Studio 8 2011-05-28 09:32:16 -------- d-----w- C:\Program Files\Microsoft Analysis Services 2011-05-28 09:32:16 -------- d-----w- C:\Program Files (x86)\Microsoft Analysis Services 2011-05-28 09:32:02 -------- d-----w- C:\Windows\SHELLNEW 2011-05-28 09:23:06 -------- d-----w- C:\Program Files (x86)\Realtek 2011-05-28 08:41:20 -------- d-----w- C:\ProgramData\CrypKey 2011-05-28 08:41:05 28664 ----a-w- C:\Windows\System32\Ckldrv.sys 2011-05-28 08:41:05 122880 ----a-w- C:\Windows\System32\Crypserv.exe 2011-05-28 08:41:04 27648 ----a-r- C:\Windows\Setup_ck.exe 2011-05-28 08:41:04 18432 ----a-w- C:\Windows\Setup_ck.dll 2011-05-28 08:41:04 165888 ----a-w- C:\Windows\Ckconfig.exe 2011-05-28 08:41:04 11776 ----a-w- C:\Windows\Ckrfresh.exe 2011-05-28 08:21:19 -------- d-----w- C:\Users\Harsh\AppData\Roaming\Intel Corporation 2011-05-28 08:11:29 -------- d-----w- C:\Program Files\Dell Support Center 2011-05-28 06:37:29 -------- d-----w- C:\Users\Harsh\AppData\Local\Apps 2011-05-28 06:17:57 7367200 ----a-w- C:\Windows\System32\RTSUSTORicon.dll 2011-05-28 06:02:51 27520 ----a-w- C:\Windows\System32\drivers\Diskdump.sys 2011-05-28 05:55:51 -------- d-----w- C:\Windows\SysWow64\vmm32 2011-05-27 08:08:25 -------- d-----w- C:\Program Files\WIDCOMM 2011-05-27 08:05:14 45056 ----a-r- C:\Users\Harsh\AppData\Roaming\Microsoft\Installer\{42929F0F-CE14-47AF-9FC7-FF297A603021}\NewShortcut1_42929F0FCE1447AF9FC7FF297A603021_1.exe 2011-05-24 05:22:20 -------- d-----w- C:\Users\Harsh\AppData\Local\Apple Computer 2011-05-23 05:19:59 -------- d-----w- C:\Users\Harsh\AppData\Local\ATI 2011-05-21 22:11:57 286720 ----a-w- C:\Windows\iun506.exe 2011-05-21 22:11:50 -------- d-----w- C:\Program Files (x86)\Chess3D 2011-05-21 15:10:35 142336 ----a-w- C:\Windows\System32\poqexec.exe 2011-05-21 15:10:35 123904 ----a-w- C:\Windows\SysWow64\poqexec.exe 2011-05-21 14:42:56 5562240 ----a-w- C:\Windows\System32\ntoskrnl.exe 2011-05-21 14:42:55 3967872 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe 2011-05-21 14:42:55 3912576 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe . ==================== Find3M ==================== . 2011-05-21 15:10:00 404640 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl 2011-04-13 22:40:10 4284416 ----a-w- C:\Windows\SysWow64\GPhotos.scr 2011-03-31 05:04:40 43680 ----a-w- C:\Windows\System32\drivers\lirsgt.sys 2011-03-31 05:04:40 314016 ----a-w- C:\Windows\System32\drivers\atksgt.sys 2011-03-23 10:23:09 175616 ----a-w- C:\Windows\System32\msclmd.dll 2011-03-23 10:23:09 152576 ----a-w- C:\Windows\SysWow64\msclmd.dll 2011-03-21 07:52:06 74272 ----a-w- C:\Windows\System32\RtNicProp64.dll 2011-03-21 07:52:06 452200 ----a-w- C:\Windows\System32\drivers\Rt64win7.sys 2011-03-21 07:52:06 107552 ----a-w- C:\Windows\System32\RTNUninst64.dll . ============= FINISH: 19:50:04.89 =============== I would be really happy to know if i am free of that "Exception EAccess Violation in module firefox.exe error".............and if its still present tell me what do i do next????
  12. So i ran the combofix as you told and i got the following log : ComboFix 11-06-10.0A - Harsh 11-06-2011 19:24:26.1.4 - x64 Microsoft Windows 7 Home Basic 6.1.7601.1.1252.91.1033.18.3959.2687 [GMT 5.5:30] Running from: c:\users\Harsh\Desktop\ComboFix.exe AV: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {86355677-4064-3EA7-ABB3-1B136EB04637} FW: McAfee Firewall *Enabled* {BE0ED752-0A0B-3FFF-80EC-B2269063014C} SP: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {3D54B793-665E-3129-9103-206115370C8A} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\program files (x86)\SpeedBit Video Downloader\Toolbar\tbhelper.dll c:\programdata\PCDr\5830\Downloads\3972fea3-214c-4935-a7d1-96bf66115683.dll c:\programdata\PCDr\5830\Downloads\7dbfef1a-6148-4748-a1b3-71627763a45a.dll c:\programdata\PCDr\5830\Downloads\b2ed8d53-41ce-48e6-b4ac-8b8e5e1a4fdf.dll c:\programdata\PCDr\5830\Downloads\bf647bd7-dfb5-4746-a6b4-b7c2fdbbf3b1.dll c:\users\Harsh\AppData\Roaming\FFSJ c:\users\Harsh\AppData\Roaming\FFSJ\FFSJ.cfg c:\users\Harsh\AppData\Roaming\Microsoft\Windows\--((Mutex))--.cfg c:\users\Harsh\AppData\Roaming\Microsoft\Windows\--((Mutex))--.dat c:\users\Harsh\AppData\Roaming\Microsoft\Windows\--((Mutex))--.xtr c:\windows\clofghls.dll c:\windows\InstallDir\Server.exe . . ((((((((((((((((((((((((( Files Created from 2011-05-11 to 2011-06-11 ))))))))))))))))))))))))))))))) . . 2011-06-11 14:02 . 2011-06-11 14:02 -------- d-----w- c:\users\Default\AppData\Local\temp 2011-06-11 04:06 . 2011-05-09 22:00 8718160 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{5BBC60A5-89E3-4C63-8C18-F8F668BC0812}\mpengine.dll 2011-06-08 15:49 . 2011-06-08 15:49 -------- d-----w- c:\programdata\Microsoft Visual Studio 2011-06-08 15:47 . 2011-06-08 16:22 -------- d-----w- C:\VBProjects 2011-06-07 11:27 . 2011-06-07 11:27 -------- d-----w- c:\users\Harsh\Real Player Videos 2011-06-07 11:19 . 2011-06-09 16:48 -------- d-----w- c:\users\Harsh\Other Videos 2011-06-06 14:11 . 2011-06-06 14:11 -------- d-----w- c:\users\Harsh\AppData\Roaming\Xilisoft 2011-06-06 14:11 . 2011-06-06 14:11 -------- d-----w- c:\programdata\Xilisoft 2011-06-03 09:24 . 2011-06-03 09:24 -------- d-----w- c:\users\Harsh\AppData\Local\assembly 2011-06-02 10:39 . 2010-09-17 07:05 105816 ----a-w- c:\windows\system32\SQSRVRES.DLL 2011-06-02 10:39 . 2010-09-17 07:03 108376 ----a-w- c:\windows\system32\perf-MSSQL$SQLEXPRESS-sqlctr10.2.4000.0.dll 2011-06-02 10:39 . 2010-09-17 04:46 72536 ----a-w- c:\windows\SysWow64\perf-MSSQL$SQLEXPRESS-sqlctr10.2.4000.0.dll 2011-06-02 10:38 . 2011-06-02 10:38 -------- d-----w- c:\program files\Microsoft.NET 2011-06-02 09:16 . 2011-06-11 14:01 -------- d-----w- c:\windows\InstallDir 2011-06-02 08:41 . 2011-06-02 08:41 -------- d-----w- c:\users\Harsh\AppData\Local\Broadcom 2011-06-02 08:40 . 2009-07-15 09:26 98344 ----a-w- c:\windows\system32\drivers\btwaudio.sys 2011-06-02 08:40 . 2009-07-15 09:26 35104 ----a-w- c:\windows\system32\drivers\btwl2cap.sys 2011-06-02 08:40 . 2009-07-15 09:26 132648 ----a-w- c:\windows\system32\drivers\btwavdt.sys 2011-06-02 08:40 . 2009-07-15 09:26 21160 ----a-w- c:\windows\system32\drivers\btwrchid.sys 2011-06-02 07:24 . 2009-11-11 09:41 232480 ----a-w- c:\windows\system32\drivers\RtsUStor.sys 2011-06-02 07:24 . 2009-11-11 09:41 7367200 ----a-w- c:\windows\SysWow64\RtsUStoricon.dll 2011-06-02 07:24 . 2009-11-11 09:41 422432 ----a-w- c:\windows\system32\RtsUStor.dll 2011-06-02 06:23 . 2011-06-02 06:23 -------- d-----w- c:\users\Harsh\AppData\Local\{DD199D1D-206F-44C9-8531-7398015C2DDA} 2011-06-02 06:22 . 2011-06-02 06:22 -------- d-----w- c:\users\Harsh\AppData\Local\{BFF80D5C-AD42-4D37-8A0F-CC5F9DC0A868} 2011-06-01 14:51 . 2011-06-01 14:51 -------- d-----w- c:\program files (x86)\Common Files\xing shared 2011-06-01 14:51 . 2011-06-01 14:51 499712 ----a-w- c:\windows\SysWow64\msvcp71.dll 2011-06-01 13:42 . 2011-06-01 13:42 -------- d-----w- c:\users\Harsh\AppData\Local\NokiaAccount 2011-06-01 12:33 . 2011-06-01 12:34 -------- d-----w- c:\users\Harsh\AppData\Local\Nero 2011-06-01 12:25 . 2011-06-01 12:25 -------- d-----w- c:\users\Harsh\AppData\Roaming\Nero 2011-06-01 12:07 . 2011-06-01 12:14 -------- d-----w- c:\programdata\Nero 2011-06-01 12:06 . 2011-06-01 12:07 -------- d-----w- c:\program files (x86)\Common Files\Nero 2011-06-01 12:06 . 2011-06-01 12:14 -------- d-----w- c:\program files (x86)\Nero 2011-06-01 11:07 . 2011-06-01 11:14 -------- d-----w- c:\users\Harsh\AppData\Local\WinZip 2011-06-01 09:57 . 2011-06-01 09:57 -------- d-----w- c:\programdata\SpeedBit 2011-06-01 09:57 . 2011-06-01 09:58 -------- d-----w- c:\program files (x86)\DAP 2011-06-01 09:57 . 2011-06-01 09:57 -------- d-----w- c:\program files (x86)\SpeedBit Video Downloader 2011-06-01 07:44 . 2011-06-03 10:57 -------- d-----w- c:\users\Harsh\New Folder 2011-05-30 04:40 . 2011-05-30 04:40 -------- d-----w- c:\users\Harsh\AppData\Local\Apple 2011-05-30 04:26 . 2011-05-30 04:26 -------- d-----w- c:\users\Harsh\AppData\Roaming\Microsoft Corporation 2011-05-30 04:14 . 2009-07-22 08:17 78872 ----a-w- c:\windows\system32\perf-SQLAgent$SQLEXPRESS-sqlagtctr10.1.2531.0.dll 2011-05-30 04:14 . 2009-07-22 08:17 50200 ----a-w- c:\windows\SysWow64\perf-SQLAgent$SQLEXPRESS-sqlagtctr10.1.2531.0.dll 2011-05-30 04:14 . 2011-05-30 04:14 -------- d-----w- c:\windows\system32\RsFx 2011-05-30 04:13 . 2011-05-30 04:13 -------- d-----w- c:\program files\Microsoft Visual Studio 9.0 2011-05-30 04:08 . 2011-06-02 10:37 -------- d-----w- c:\program files\Microsoft SQL Server 2011-05-30 04:08 . 2011-06-02 10:37 -------- d-----w- c:\program files (x86)\Microsoft SQL Server 2011-05-30 04:07 . 2011-05-30 04:07 -------- d-----w- c:\program files (x86)\Microsoft Synchronization Services 2011-05-30 04:06 . 2011-05-30 04:06 -------- d-----w- c:\programdata\PreEmptive Solutions 2011-05-30 04:01 . 2011-05-30 04:01 -------- d-----w- c:\program files (x86)\Microsoft ASP.NET 2011-05-30 04:01 . 2011-05-30 04:01 -------- d-----w- c:\program files\IIS 2011-05-30 04:01 . 2011-05-30 04:01 -------- d-----w- c:\program files (x86)\IIS 2011-05-30 04:01 . 2011-06-02 06:43 2478272 ----a-w- c:\programdata\Microsoft\VisualStudio\10.0\1033\ResourceCache.dll 2011-05-30 03:49 . 2011-05-30 04:13 -------- d-----w- c:\windows\SysWow64\1033 2011-05-30 03:48 . 2011-06-02 06:37 -------- d-----w- c:\program files (x86)\Common Files\Merge Modules 2011-05-30 03:48 . 2011-05-30 04:06 -------- d-----w- c:\program files (x86)\Microsoft Visual Studio 10.0 2011-05-30 03:48 . 2011-05-30 03:55 -------- d-----w- c:\program files (x86)\Microsoft F# 2011-05-30 03:48 . 2011-05-30 03:50 -------- d-----w- c:\program files (x86)\HTML Help Workshop 2011-05-30 03:43 . 2011-05-30 03:43 -------- d-----w- c:\program files (x86)\Microsoft Visual Studio 9.0 2011-05-30 03:43 . 2011-05-30 04:13 -------- d-----w- c:\windows\system32\1033 2011-05-30 03:43 . 2011-05-30 03:43 -------- d-----w- c:\windows\symbols 2011-05-30 03:43 . 2011-05-30 04:08 -------- d-----w- c:\program files\Microsoft Visual Studio 10.0 2011-05-30 03:43 . 2011-05-30 04:08 -------- d-----w- c:\program files (x86)\Microsoft SDKs 2011-05-30 03:43 . 2011-05-30 03:43 -------- d-----w- c:\program files\Microsoft Help Viewer 2011-05-29 05:55 . 2011-06-01 14:51 -------- d-----w- c:\program files (x86)\Common Files\Real 2011-05-29 05:55 . 2011-06-01 14:51 -------- d-----w- c:\program files (x86)\Real 2011-05-28 11:01 . 2011-05-28 11:01 -------- d-----w- c:\programdata\Citrix 2011-05-28 11:00 . 2011-05-28 11:00 -------- d-----w- c:\users\Harsh\AppData\Local\Citrix 2011-05-28 11:00 . 2011-06-03 09:24 -------- d-----w- c:\users\Harsh\AppData\Local\Deployment 2011-05-28 09:36 . 2011-05-28 09:36 -------- d-----w- c:\program files\Microsoft Synchronization Services 2011-05-28 09:36 . 2011-05-28 09:36 -------- d-----w- c:\program files\Microsoft Sync Framework 2011-05-28 09:36 . 2011-05-28 09:36 -------- d-----w- c:\program files\Microsoft SQL Server Compact Edition 2011-05-28 09:33 . 2011-05-28 09:33 -------- d-----w- c:\program files (x86)\Microsoft Visual Studio 8 2011-05-28 09:32 . 2011-05-28 09:32 -------- d-----w- c:\program files\Microsoft Analysis Services 2011-05-28 09:32 . 2011-05-28 09:32 -------- d-----w- c:\program files (x86)\Microsoft Analysis Services 2011-05-28 09:32 . 2011-05-28 09:37 -------- d-----w- c:\windows\SHELLNEW 2011-05-28 09:31 . 2011-05-28 09:31 -------- d-----r- C:\MSOCache 2011-05-28 08:41 . 2011-05-28 08:41 -------- d-----w- c:\programdata\CrypKey 2011-05-28 08:41 . 2008-05-07 23:29 122880 ----a-w- c:\windows\system32\Crypserv.exe 2011-05-28 08:41 . 2008-03-17 17:12 28664 ----a-w- c:\windows\system32\Ckldrv.sys 2011-05-28 08:41 . 1999-06-18 20:49 165888 ----a-w- c:\windows\Ckconfig.exe 2011-05-28 08:41 . 1996-05-03 16:21 27648 ----a-r- c:\windows\Setup_ck.exe 2011-05-28 08:41 . 1996-05-03 14:36 18432 ----a-w- c:\windows\Setup_ck.dll 2011-05-28 08:41 . 1995-07-04 17:33 11776 ----a-w- c:\windows\Ckrfresh.exe 2011-05-28 08:21 . 2011-05-28 08:21 -------- d-----w- c:\users\Harsh\AppData\Roaming\Intel Corporation 2011-05-28 08:11 . 2011-06-10 05:30 -------- d-----w- c:\program files\Dell Support Center 2011-05-28 06:45 . 2011-05-28 06:45 -------- d-----w- c:\users\Harsh\AppData\Roaming\InstallShield 2011-05-28 06:37 . 2011-05-28 06:37 -------- d-----w- c:\users\Harsh\AppData\Local\Apps 2011-05-28 06:17 . 2009-11-11 09:41 7367200 ----a-w- c:\windows\system32\RTSUSTORicon.dll 2011-05-28 06:02 . 2011-04-22 22:15 27520 ----a-w- c:\windows\system32\drivers\Diskdump.sys 2011-05-28 05:55 . 2011-05-28 05:55 -------- d-----w- c:\windows\SysWow64\vmm32 2011-05-27 08:08 . 2011-05-27 08:08 -------- d-----w- c:\program files\WIDCOMM 2011-05-27 08:05 . 2011-05-28 05:55 45056 ----a-r- c:\users\Harsh\AppData\Roaming\Microsoft\Installer\{42929F0F-CE14-47AF-9FC7-FF297A603021}\NewShortcut1_42929F0FCE1447AF9FC7FF297A603021_1.exe 2011-05-24 05:22 . 2011-05-24 13:29 -------- d-----w- c:\users\Harsh\AppData\Local\Apple Computer 2011-05-23 05:19 . 2011-05-23 05:19 -------- d-----w- c:\users\Harsh\AppData\Local\ATI 2011-05-21 22:11 . 2011-05-21 22:11 286720 ----a-w- c:\windows\iun506.exe 2011-05-21 22:11 . 2011-05-21 22:14 -------- d-----w- c:\program files (x86)\Chess3D 2011-05-21 15:10 . 2011-04-09 06:58 142336 ----a-w- c:\windows\system32\poqexec.exe 2011-05-21 15:10 . 2011-04-09 05:56 123904 ----a-w- c:\windows\SysWow64\poqexec.exe 2011-05-21 14:42 . 2011-04-09 07:02 5562240 ----a-w- c:\windows\system32\ntoskrnl.exe 2011-05-21 14:42 . 2011-04-09 06:02 3967872 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe 2011-05-21 14:42 . 2011-04-09 06:02 3912576 ----a-w- c:\windows\SysWow64\ntoskrnl.exe . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2011-05-21 15:10 . 2011-04-08 02:15 404640 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl 2011-05-05 16:10 . 2011-05-05 16:10 86528 ----a-w- c:\windows\SysWow64\iesysprep.dll 2011-05-05 16:10 . 2011-05-05 16:10 76800 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe 2011-05-05 16:10 . 2011-05-05 16:10 74752 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe 2011-05-05 16:10 . 2011-05-05 16:10 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll 2011-05-05 16:10 . 2011-05-05 16:10 1797632 ----a-w- c:\windows\SysWow64\jscript9.dll 2011-05-05 16:10 . 2011-05-05 16:10 161792 ----a-w- c:\windows\SysWow64\msls31.dll 2011-05-05 16:10 . 2011-05-05 16:10 1126912 ----a-w- c:\windows\SysWow64\wininet.dll 2011-05-05 16:10 . 2011-05-05 16:10 110592 ----a-w- c:\windows\SysWow64\IEAdvpack.dll 2011-05-05 16:10 . 2011-05-05 16:10 74752 ----a-w- c:\windows\SysWow64\iesetup.dll 2011-05-05 16:10 . 2011-05-05 16:10 63488 ----a-w- c:\windows\SysWow64\tdc.ocx 2011-05-05 16:10 . 2011-05-05 16:10 420864 ----a-w- c:\windows\SysWow64\vbscript.dll 2011-05-05 16:10 . 2011-05-05 16:10 367104 ----a-w- c:\windows\SysWow64\html.iec 2011-05-05 16:10 . 2011-05-05 16:10 23552 ----a-w- c:\windows\SysWow64\licmgr10.dll 2011-05-05 16:10 . 2011-05-05 16:10 152064 ----a-w- c:\windows\SysWow64\wextract.exe 2011-05-05 16:10 . 2011-05-05 16:10 150528 ----a-w- c:\windows\SysWow64\iexpress.exe 2011-05-05 16:10 . 2011-05-05 16:10 1427456 ----a-w- c:\windows\SysWow64\inetcpl.cpl 2011-05-05 16:10 . 2011-05-05 16:10 35840 ----a-w- c:\windows\SysWow64\imgutil.dll 2011-05-05 16:10 . 2011-05-05 16:10 2382848 ----a-w- c:\windows\SysWow64\mshtml.tlb 2011-05-05 16:10 . 2011-05-05 16:10 142848 ----a-w- c:\windows\SysWow64\ieUnatt.exe 2011-05-05 16:10 . 2011-05-05 16:10 11776 ----a-w- c:\windows\SysWow64\mshta.exe 2011-05-05 16:10 . 2011-05-05 16:10 101888 ----a-w- c:\windows\SysWow64\admparse.dll 2011-05-05 16:10 . 2011-05-05 16:10 89088 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe 2011-05-05 16:10 . 2011-05-05 16:10 222208 ----a-w- c:\windows\system32\msls31.dll 2011-05-05 16:10 . 2011-05-05 16:10 1389056 ----a-w- c:\windows\system32\wininet.dll 2011-05-05 16:10 . 2011-05-05 16:10 91648 ----a-w- c:\windows\system32\SetIEInstalledDate.exe 2011-05-05 16:10 . 2011-05-05 16:10 85504 ----a-w- c:\windows\system32\iesetup.dll 2011-05-05 16:10 . 2011-05-05 16:10 76800 ----a-w- c:\windows\system32\tdc.ocx 2011-05-05 16:10 . 2011-05-05 16:10 603648 ----a-w- c:\windows\system32\vbscript.dll 2011-05-05 16:10 . 2011-05-05 16:10 49664 ----a-w- c:\windows\system32\imgutil.dll 2011-05-05 16:10 . 2011-05-05 16:10 48640 ----a-w- c:\windows\system32\mshtmler.dll 2011-05-05 16:10 . 2011-05-05 16:10 448512 ----a-w- c:\windows\system32\html.iec 2011-05-05 16:10 . 2011-05-05 16:10 30720 ----a-w- c:\windows\system32\licmgr10.dll 2011-05-05 16:10 . 2011-05-05 16:10 2382848 ----a-w- c:\windows\system32\mshtml.tlb 2011-05-05 16:10 . 2011-05-05 16:10 2303488 ----a-w- c:\windows\system32\jscript9.dll 2011-05-05 16:10 . 2011-05-05 16:10 173056 ----a-w- c:\windows\system32\ieUnatt.exe 2011-05-05 16:10 . 2011-05-05 16:10 165888 ----a-w- c:\windows\system32\iexpress.exe 2011-05-05 16:10 . 2011-05-05 16:10 160256 ----a-w- c:\windows\system32\wextract.exe 2011-05-05 16:10 . 2011-05-05 16:10 1492992 ----a-w- c:\windows\system32\inetcpl.cpl 2011-05-05 16:10 . 2011-05-05 16:10 135168 ----a-w- c:\windows\system32\IEAdvpack.dll 2011-05-05 16:10 . 2011-05-05 16:10 12288 ----a-w- c:\windows\system32\mshta.exe 2011-05-05 16:10 . 2011-05-05 16:10 114176 ----a-w- c:\windows\system32\admparse.dll 2011-05-05 16:10 . 2011-05-05 16:10 111616 ----a-w- c:\windows\system32\iesysprep.dll 2011-04-13 22:40 . 2011-04-13 22:40 4284416 ----a-w- c:\windows\SysWow64\GPhotos.scr 2011-03-31 05:04 . 2011-03-31 05:04 43680 ----a-w- c:\windows\system32\drivers\lirsgt.sys 2011-03-31 05:04 . 2011-03-31 05:04 314016 ----a-w- c:\windows\system32\drivers\atksgt.sys 2011-03-23 11:36 . 2010-06-24 06:03 18328 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll 2011-03-23 10:23 . 2009-07-14 02:36 175616 ----a-w- c:\windows\system32\msclmd.dll 2011-03-23 10:23 . 2009-07-14 02:36 152576 ----a-w- c:\windows\SysWow64\msclmd.dll 2011-03-21 07:52 . 2011-03-21 07:52 74272 ----a-w- c:\windows\system32\RtNicProp64.dll 2011-03-21 07:52 . 2011-03-21 07:52 452200 ----a-w- c:\windows\system32\drivers\Rt64win7.sys 2011-03-21 07:52 . 2010-12-15 07:23 107552 ----a-w- c:\windows\system32\RTNUninst64.dll . . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IDMan"="c:\program files (x86)\Internet Download Manager\IDMan.exe" [2011-02-01 3265944] "Messenger (Yahoo!)"="c:\program files (x86)\Yahoo!\Messenger\YahooMessenger.exe" [2010-11-04 6174008] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "NokiaMServer"="c:\program files (x86)\Common Files\Nokia\MPlatform\NokiaMServer" [X] "mcui_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2010-11-22 1484856] "FATrayAlert"="c:\program files (x86)\Sensible Vision\Fast Access\FATrayMon.exe" [2010-08-17 93312] "StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-06-01 98304] "RoxWatchTray"="c:\program files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe" [2010-09-03 240112] "QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2010-11-29 421888] "iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2011-01-25 421160] "Desktop Disc Tool"="c:\program files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe" [2010-09-02 518640] "Dell Webcam Central"="c:\program files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" [2010-08-19 487562] "Dell DataSafe Online"="c:\program files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe" [2010-08-25 1117528] "AdobeCS4ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" [2008-08-14 611712] "Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-01-31 35760] "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-20 932288] "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2010-10-29 249064] "IAStorIcon"="c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" [2010-06-08 284696] "NBAgent"="c:\program files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe" [2010-03-26 1234216] "TkBellExe"="c:\program files (x86)\Real\RealPlayer\update\realsched.exe" [2011-06-01 273544] . c:\users\Harsh\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ Dell Dock.lnk - c:\program files\Dell\DellDock\DellDock.exe [2010-10-12 1324384] . c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2009-7-1 1079584] Scrybe.lnk - c:\windows\Installer\{13061CAA-0284-4F9A-B460-3D4699575B35}\NewShortcut11_8ACB210B42E44145A8C31F8E3DD765A3.exe [2011-2-11 45056] . c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ Dell Dock First Run.lnk - c:\program files\Dell\DellDock\DellDock.exe [2010-10-12 1324384] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 0 (0x0) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableLUA"= 0 (0x0) "EnableUIADesktopToggle"= 0 (0x0) "PromptOnSecureDesktop"= 0 (0x0) "EnableLinkedConnections"= 1 (0x1) . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\FastAccess] 2010-08-17 07:32 146560 ----a-w- c:\program files (x86)\Sensible Vision\Fast Access\FALogNot.dll . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc] @="" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS] @="" . R0 mfewfpk;McAfee Inc. mfewfpk;c:\windows\system32\drivers\mfewfpk.sys [x] R2 Apache2.2;Apache2.2;c:\xampp\apache\bin\httpd.exe [2009-12-19 29416] R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] R2 RoxWatch12;Roxio Hard Drive Watcher 12;c:\program files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe [2010-09-03 219632] R2 SftService;SoftThinks Agent Service;c:\program files (x86)\Dell DataSafe Local Backup\sftservice.EXE [2010-08-20 689472] R2 uTorrentService;uTorrent;c:\windows\SysWOW64\uTorrent\uTorrent.exe [x] R3 ALSysIO;ALSysIO;c:\users\Harsh\AppData\Local\Temp\ALSysIO64.sys [x] R3 BBSvc;Bing Bar Update Service;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-02-28 183560] R3 btusbflt;Bluetooth USB Filter;c:\windows\system32\drivers\btusbflt.sys [x] R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [x] R3 FACAP;facap, FastAccess Video Capture;c:\windows\system32\DRIVERS\facap.sys [x] R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2011-01-22 1038088] R3 hwusbdev;Huawei DataCard USB PNP Device;c:\windows\system32\DRIVERS\ewusbdev.sys [x] R3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [x] R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\Microsoft Office\Office14\GROOVE.EXE [2010-03-25 51456888] R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440] R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184] R3 PCDSRVC{1E208CE0-FB7451FF-06020101}_0;PCDSRVC{1E208CE0-FB7451FF-06020101}_0 - PCDR Kernel Mode Service Helper Driver;c:\program files\dell support center\pcdsrvc_x64.pkms [2011-05-12 25072] R3 RoxMediaDB12OEM;RoxMediaDB12OEM;c:\program files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe [2010-09-03 1116656] R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [x] R3 teamviewervpn;TeamViewer VPN Adapter;c:\windows\system32\DRIVERS\teamviewervpn.sys [x] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x] R3 TurboBoost;TurboBoost;c:\program files\Intel\TurboBoost\TurboBoost.exe [2009-11-02 126352] R3 VSPerfDrv100;Performance Tools Driver 10.0;c:\program files (x86)\Microsoft Visual Studio 10.0\Team Tools\Performance Tools\x64\VSPerfDrv100.sys [2010-03-17 68440] R4 McOobeSv;McAfee OOBE Service;c:\program files\Common Files\mcafee\McSvcHost\McSvHost.exe [2010-03-10 355440] R4 MSSQLServerADHelper100;SQL Active Directory Helper Service;c:\program files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [2009-07-22 61976] R4 RsFx0103;RsFx0103 Driver;c:\windows\system32\DRIVERS\RsFx0103.sys [x] R4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS);c:\program files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [2010-09-17 430424] R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184] S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [x] S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x] S1 mfenlfk;McAfee NDIS Light Filter;c:\windows\system32\DRIVERS\mfenlfk.sys [x] S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x] S2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_58afa5ca50c7b5e7\AESTSr64.exe [2009-03-03 89600] S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x] S2 DockLoginService;Dock Login Service;c:\program files\Dell\DellDock\DockLogin.exe [2010-01-11 155648] S2 FAService;FAService;c:\program files (x86)\Sensible Vision\Fast Access\FAService.exe [2010-08-17 2423936] S2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-06-08 13336] S2 IDMWFP;IDMWFP;c:\windows\system32\DRIVERS\idmwfp.sys [x] S2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe [2010-03-10 355440] S2 McMPFSvc;McAfee Personal Firewall Service;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe [2010-03-10 355440] S2 McNaiAnn;McAfee VirusScan Announcer;c:\program files\Common Files\mcafee\McSvcHost\McSvHost.exe [2010-03-10 355440] S2 mfefire;McAfee Firewall Core Service;c:\program files\Common Files\McAfee\SystemCore\\mfefire.exe [2010-10-13 245352] S2 mfevtp;McAfee Validation Trust Protection Service;c:\program files\Common Files\McAfee\SystemCore\mfevtps.exe [2011-03-13 158832] S2 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe [2010-03-25 490280] S2 NOBU;Dell DataSafe Online;c:\program files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe SERVICE [x] S2 ScrybeUpdater;Scrybe Updater;c:\program files (x86)\Synaptics\Scrybe\Service\ScrybeUpdater.exe [2011-01-14 1294848] S2 TeamViewer6;TeamViewer 6;c:\program files (x86)\TeamViewer\Version6\TeamViewer_Service.exe [2011-04-01 2271608] S2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys [x] S2 UNS;Intel® Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2010-03-03 2320920] S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [x] S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [x] S3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys [x] S3 CtClsFlt;Creative Camera Class Upper Filter Driver;c:\windows\system32\DRIVERS\CtClsFlt.sys [x] S3 HECIx64;Intel® Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [x] S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys [x] S3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys [x] S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x] S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x] . . --- Other Services/Drivers In Memory --- . *Deregistered* - mfeavfk01 . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost] iissvcs REG_MULTI_SZ w3svc was apphost REG_MULTI_SZ apphostsvc . Contents of the 'Scheduled Tasks' folder . 2011-06-10 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-665919953-3711101877-3725385491-1000Core.job - c:\users\Harsh\AppData\Local\Google\Update\GoogleUpdate.exe [2011-01-21 14:37] . 2011-06-11 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-665919953-3711101877-3725385491-1000UA.job - c:\users\Harsh\AppData\Local\Google\Update\GoogleUpdate.exe [2011-01-21 14:37] . 2011-06-01 c:\windows\Tasks\PCDoctorBackgroundMonitorTask.job - c:\program files\Dell Support Center\uaclauncher.exe [2011-05-16 22:16] . 2011-06-11 c:\windows\Tasks\SystemToolsDailyTest.job - c:\program files\Dell Support Center\uaclauncher.exe [2011-05-16 22:16] . . --------- x86-64 ----------- . . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\IDM Shell Extension] @="{CDC95B92-E27C-4745-A8C5-64A52A78855D}" [HKEY_CLASSES_ROOT\CLSID\{CDC95B92-E27C-4745-A8C5-64A52A78855D}] 2011-01-25 10:40 84720 ----a-w- c:\program files (x86)\Internet Download Manager\IDMShellExt64.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "combofix"="c:\combofix\CF6844.cfxxe" [X] "SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2010-01-21 487424] "QuickSet"="c:\program files\Dell\QuickSet\QuickSet.exe" [2010-01-06 3179288] "Broadcom Wireless Manager UI"="c:\program files\Dell\DW WLAN Card\WLTRAY.exe" [2009-12-17 5470208] "BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 112512] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "LoadAppInit_DLLs"=0x0 . ------- Supplementary Scan ------- . uLocal Page = c:\windows\system32\blank.htm mLocal Page = c:\windows\SysWOW64\blank.htm uInternet Settings,ProxyServer = 172.18.1.9:3128 uInternet Settings,ProxyOverride = *.local;10.82.100.100;<local> IE: &Clean Traces - c:\program files (x86)\DAP\Privacy Package\dapcleanerie.htm IE: &Download with &DAP - c:\program files (x86)\DAP\dapextie.htm IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200 IE: Download &all with DAP - c:\program files (x86)\DAP\dapextie2.htm IE: Download all links with IDM - c:\program files (x86)\Internet Download Manager\IEGetAll.htm IE: Download FLV video content with IDM - c:\program files (x86)\Internet Download Manager\IEGetVL.htm IE: Download with IDM - c:\program files (x86)\Internet Download Manager\IEExt.htm IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000 IE: Se&nd to OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105 IE: Send image to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm IE: Send page to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm TCP: DhcpNameServer = 192.168.1.1 Name-Space Handler: ftp\ZDA - {5BFA1DAF-5EDC-11D2-959E-00C00C02DA5E} - c:\progra~2\DAP\dapie.dll Name-Space Handler: http\ZDA - {5BFA1DAF-5EDC-11D2-959E-00C00C02DA5E} - c:\progra~2\DAP\dapie.dll FF - ProfilePath - c:\users\Harsh\AppData\Roaming\Mozilla\Firefox\Profiles\jhvnopzk.default\ FF - prefs.js: browser.search.selectedEngine - Google FF - prefs.js: browser.startup.homepage - hxxp://www.google.co.in/ FF - prefs.js: keyword.URL - hxxp://in.search.yahoo.com/search?fr=mcafee&p= FF - prefs.js: network.proxy.ftp - 172.18.1.9 FF - prefs.js: network.proxy.ftp_port - 3128 FF - prefs.js: network.proxy.gopher - 10.82.90.94 FF - prefs.js: network.proxy.gopher_port - 3128 FF - prefs.js: network.proxy.http - 172.18.1.9 FF - prefs.js: network.proxy.http_port - 3128 FF - prefs.js: network.proxy.socks - 172.18.1.9 FF - prefs.js: network.proxy.socks_port - 3128 FF - prefs.js: network.proxy.ssl - 172.18.1.9 FF - prefs.js: network.proxy.ssl_port - 3128 FF - prefs.js: network.proxy.type - 0 . - - - - ORPHANS REMOVED - - - - . URLSearchHooks-{ba14329e-9550-4989-b3f2-9732e92d17cc} - (no file) Toolbar-Locked - (no file) Wow6432Node-HKCU-Run-AdobeBridge - (no file) Wow6432Node-HKLM-Run-FAStartup - (no file) Toolbar-Locked - (no file) WebBrowser-{BA14329E-9550-4989-B3F2-9732E92D17CC} - (no file) HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe . . . [HKEY_LOCAL_MACHINE\system\ControlSet001\services\PCDSRVC{1E208CE0-FB7451FF-06020101}_0] "ImagePath"="\??\c:\program files\dell support center\pcdsrvc_x64.pkms" . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_USERS\S-1-5-21-665919953-3711101877-3725385491-1000\Software\SecuROM\License information*] "datasecu"=hex:a2,22,46,6e,74,6f,80,5d,80,2d,16,3d,63,c5,74,b4,39,c4,ff,62,46, 5c,ed,38,2f,28,e4,12,70,4d,13,7e,da,6b,1f,89,32,c3,a2,1d,89,ca,19,d3,7c,36,\ "rkeysecu"=hex:2f,0f,d5,3e,02,2b,06,63,b1,0b,dd,b6,71,e2,54,98 . [HKEY_USERS\S-1-5-21-665919953-3711101877-3725385491-1000_Classes\Wow6432Node\CLSID\{7B8E9164-324D-4A2E-A46D-0165FB2000EC}] @Denied: (Full) (Everyone) "scansk"=hex(0):0b,85,73,c6,78,f1,56,88,6e,83,73,53,c2,66,7c,c0,27,06,4d,8d,89, 8d,29,08,b2,60,c0,80,42,04,d0,24,6e,3e,83,ea,88,48,89,cc,00,00,00,00,00,00,\ . [HKEY_USERS\S-1-5-21-665919953-3711101877-3725385491-1000_Classes\Wow6432Node\CLSID\{f1bef2f0-e60b-4777-9846-b4836bcd027f}] @Denied: (Full) (Everyone) @Allowed: (Read) (RestrictedCode) "Model"=dword:0000009e "Therad"=dword:0000001b "MData"=hex(0):73,d5,cf,b8,a4,07,89,80,31,e4,35,6b,2a,ca,fe,43,b6,1f,81,1f,5a, 1b,4d,36,46,8f,3c,f2,5c,68,ee,21,46,8f,3c,f2,5c,68,ee,21,46,8f,3c,f2,5c,68,\ . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10p_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10p_ActiveX.exe" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10p.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.10" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10p.ocx, 1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10p.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10p.ocx, 1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}] @Denied: (A 2) (Everyone) @="IFlashBroker4" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\software\McAfee] "SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79, 00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\ . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}001\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}004\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . ------------------------ Other Running Processes ------------------------ . c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe c:\program files (x86)\Bonjour\mDNSResponder.exe c:\windows\system32\crypserv.exe c:\program files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe c:\windows\SysWOW64\rundll32.exe c:\xampp\mysql\bin\mysqld.exe c:\program files (x86)\Microsoft\BingBar\SeaPort.EXE c:\program files (x86)\Sensible Vision\Fast Access\FATrayAlert.exe c:\program files (x86)\Common Files\Nokia\MPlatform\NokiaMServer.exe c:\program files (x86)\Synaptics\Scrybe\scrybe.exe c:\program files (x86)\Internet Download Manager\IEMonitor.exe c:\program files (x86)\Yahoo!\Messenger\ymsgr_tray.exe . ************************************************************************** . Completion time: 2011-06-11 19:41:41 - machine was rebooted ComboFix-quarantined-files.txt 2011-06-11 14:11 . Pre-Run: 57,231,503,360 bytes free Post-Run: 56,900,681,728 bytes free . - - End Of File - - 29D8053C19C4E7A95E28AF20947FC353 I will post the new dds log in next reply...!!! you are really helping thankx
  13. i have submitted the MBR.dat file as you requested
  14. Hey i opened aswMBR.exe once again and now it scanned successfully and two files were created The aswMBR.txt contains : aswMBR version 0.9.5.256 Copyright© 2011 AVAST Software Run date: 2011-06-11 09:58:34 ----------------------------- 09:58:34.862 OS Version: Windows x64 6.1.7601 Service Pack 1 09:58:34.862 Number of processors: 4 586 0x2505 09:58:34.863 ComputerName: HARSH-LAPPY UserName: Harsh 09:58:35.723 Initialize success 09:58:37.597 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 09:58:37.599 Disk 0 Vendor: ST950032 D005 Size: 476940MB BusType: 3 09:58:37.602 Disk 0 MBR read error 0 09:58:37.604 Disk 0 MBR scan 09:58:37.606 Disk 0 unknown MBR code 09:58:37.608 MBR BIOS signature not found 0 09:58:37.610 Service scanning 09:58:38.794 Disk 0 trace - called modules: 09:58:38.812 ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys sptd.sys hal.dll 09:58:38.817 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8004c66060] 09:58:38.821 3 CLASSPNP.SYS[fffff88001dbc43f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa800495e050] 09:58:38.825 Scan finished successfully 09:58:56.002 Disk 0 MBR has been saved successfully to "C:\Users\Harsh\Desktop\MBR.dat" 09:58:56.002 The log file has been saved successfully to "C:\Users\Harsh\Desktop\aswMBR.txt" and also there is a MBR.dat file : how do i show that and i cannot be atttached too......!!!
  15. hey blade when i clicked on the scan aswMBR.exe an unexpected error occured and my laptop just shut down due to this why does this happened nw is my laptop infected with a virus or something...???