Jump to content

jagdeepbajaj

Members
 View Profile  See their activity

  • Posts

    3

  • Joined

  • Last visited

Reputation

0 Neutral
  1. jagdeepbajaj
    hello i have uninstalled micro trend antivirus and after rebooting my laptop i ran combofix. combofix window hanged for some 3 times, first 2 times i waited for more than 30 minutes(& third time for 10 to 15 min) but with no response. so i had to reboot.it stopped responding at following three stages 1.- while trying to create restore point 2.-while scanning for viruses 3.- while scanning for viruses when "completed stage 3" appeared and 4rth time it ran sucessfully and below is the log that was created after it ran sucessfully COMBOFIX LOG ComboFix 12-10-18.03 - Jagdeep 10/18/2012 21:57:55.2.4 - x64 Microsoft Windows 7 Professional 6.1.7600.0.1252.1.1033.18.3872.2436 [GMT 5.5:30] Running from: c:\users\Jagdeep\Desktop\ComboFix.exe AV: Microsoft Security Essentials *Disabled/Updated* {B140BF4E-23BB-4198-90AB-A51A4C60A69C} SP: Microsoft Security Essentials *Disabled/Updated* {0A215EAA-0581-4E16-AA1B-9E6837E7EC21} SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\users\Jagdeep\AppData\Roaming\.# . . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . . -------\Service_nvsvc . . ((((((((((((((((((((((((( Files Created from 2012-09-18 to 2012-10-18 ))))))))))))))))))))))))))))))) . . 2012-10-18 16:37 . 2012-10-18 16:37 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp 2012-10-18 16:37 . 2012-10-18 16:37 -------- d-----w- c:\users\Riya\AppData\Local\temp 2012-10-18 16:37 . 2012-10-18 16:37 -------- d-----w- c:\users\Saiyam\AppData\Local\temp 2012-10-18 16:37 . 2012-10-18 16:37 -------- d-----w- c:\users\Default\AppData\Local\temp 2012-10-17 15:44 . 2012-09-18 19:28 9308616 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{ACBC599B-B58A-4919-8F85-9B17BCAE57C7}\mpengine.dll 2012-10-16 14:30 . 2012-09-18 19:28 9308616 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll 2012-10-15 13:55 . 2012-10-15 14:07 -------- d-----w- c:\users\Riya\AppData\Local\Google 2012-10-13 18:05 . 2012-08-20 09:23 23376 ----a-w- c:\windows\system32\drivers\asdrs.sys 2012-10-13 18:05 . 2012-08-20 09:23 18768 ----a-w- c:\windows\system32\drivers\asdrm.sys 2012-10-13 18:05 . 2012-08-20 09:23 17232 ----a-w- c:\windows\system32\drivers\asdws.sys 2012-10-13 16:51 . 2012-10-13 16:51 -------- d-----w- c:\program files\CCleaner 2012-10-13 09:07 . 2012-10-13 09:07 -------- d-----w- c:\users\Riya\AppData\Roaming\Malwarebytes 2012-10-13 04:33 . 2012-10-13 04:33 -------- d-----w- c:\users\Saiyam\AppData\Local\Mozilla 2012-10-12 16:06 . 2012-10-12 16:06 -------- d-----w- c:\windows\SysWow64\%LOCALAPPDATA% 2012-10-11 11:32 . 2012-10-11 11:32 -------- d-----w- c:\users\Riya\AppData\Local\Macromedia 2012-10-11 09:37 . 2012-10-11 09:37 -------- d-----w- c:\users\Jagdeep\AppData\Roaming\Malwarebytes 2012-10-11 09:37 . 2012-10-11 09:37 -------- d-----w- c:\programdata\Malwarebytes 2012-10-11 09:36 . 2012-10-11 09:37 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware 2012-10-11 09:36 . 2012-09-07 11:34 25928 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-10-11 07:47 . 2012-10-11 07:47 -------- d-----w- c:\program files (x86)\ESET 2012-10-11 07:37 . 2012-10-13 18:06 -------- d-----w- c:\users\Jagdeep\AppData\Roaming\Anvisoft 2012-10-11 07:36 . 2012-10-11 07:36 -------- d-----w- c:\programdata\Anvisoft 2012-10-11 07:36 . 2012-10-11 07:36 -------- d-----w- c:\program files (x86)\Anvisoft 2012-10-11 06:54 . 2012-10-11 06:54 -------- d-----w- c:\program files (x86)\YourFileDownloader 2012-10-11 06:54 . 2012-10-11 06:54 -------- d-----w- c:\users\Jagdeep\AppData\Roaming\YourFileDownloader 2012-10-10 17:42 . 2012-10-10 17:42 -------- d-----w- c:\users\Jagdeep\AppData\Roaming\SpeedyPC Software 2012-10-10 17:42 . 2012-10-10 17:42 -------- d-----w- c:\users\Jagdeep\AppData\Roaming\DriverCure 2012-10-10 17:42 . 2012-10-10 17:42 -------- d-----w- c:\program files (x86)\Common Files\SpeedyPC Software 2012-10-10 17:42 . 2012-10-10 17:42 -------- d-----w- c:\programdata\SpeedyPC Software 2012-10-10 17:42 . 2012-10-10 17:42 -------- d-----w- c:\program files (x86)\SpeedyPC Software 2012-10-10 17:19 . 2012-10-10 17:19 -------- d-----w- c:\users\Jagdeep\AppData\Local\Macromedia 2012-10-10 10:09 . 2012-10-10 10:09 -------- d-----w- c:\users\Riya\AppData\Local\Mozilla 2012-10-09 17:15 . 2012-10-09 17:15 -------- d-----w- c:\users\Jagdeep\AppData\Local\Mozilla 2012-10-09 17:14 . 2012-10-09 17:14 -------- d-----w- c:\program files (x86)\Mozilla Maintenance Service 2012-10-07 15:10 . 2012-10-07 15:10 -------- d-----w- c:\windows\system32\appmgmt 2012-10-07 10:07 . 2012-10-07 10:07 -------- d-----w- c:\program files (x86)\Microsoft Security Client 2012-10-07 10:07 . 2012-10-07 10:07 -------- d-----w- c:\program files\Microsoft Security Client 2012-10-06 02:12 . 2012-10-06 02:12 -------- d-----w- c:\users\Saiyam\AppData\Local\Unity 2012-10-06 02:12 . 2012-10-06 02:12 -------- d-----w- c:\users\Saiyam\AppData\Local\Apps 2012-10-06 02:12 . 2012-10-06 02:12 -------- d-----w- c:\users\Saiyam\AppData\Local\Deployment 2012-10-06 01:56 . 2012-10-06 01:56 -------- d-----w- c:\program files (x86)\7-Zip 2012-10-06 01:54 . 2012-10-06 02:19 -------- d-----w- c:\users\Saiyam\AppData\Roaming\Orbit 2012-10-06 01:54 . 2012-10-06 01:54 -------- d-----w- c:\users\Saiyam\AppData\Roaming\ProgSense 2012-10-04 03:58 . 2012-10-04 03:58 -------- d-----w- c:\users\temp 2012-10-03 11:41 . 2012-10-03 11:41 -------- d-----w- c:\users\Riya\AppData\Roaming\Netgear Live Parental Controls 2012-10-03 03:05 . 2012-10-03 03:05 -------- d-----w- c:\users\Jagdeep\AppData\Local\MetaGeek,_LLC 2012-10-03 02:56 . 2012-10-03 02:56 -------- d-----w- c:\program files (x86)\MetaGeek 2012-10-03 02:12 . 2012-10-03 02:12 -------- d-----w- c:\users\Jagdeep\AppData\Roaming\Netgear Live Parental Controls 2012-10-03 02:12 . 2012-10-03 02:12 -------- d-----w- c:\program files (x86)\NETGEAR Live Parental Controls Management Utility 2012-10-03 01:47 . 2010-08-13 04:41 35840 ----a-r- c:\windows\system32\drivers\BVRPMPR5a64.SYS 2012-10-03 01:47 . 2012-10-03 17:06 -------- d-----w- C:\Netgear 2012-10-02 02:54 . 2012-10-02 02:54 -------- d-----w- c:\users\Saiyam\AppData\Roaming\Skype 2012-09-30 13:35 . 2012-10-08 10:01 -------- d-----w- c:\users\Riya\AppData\Roaming\Skype 2012-09-22 15:02 . 2012-09-22 15:02 -------- d-----w- c:\users\Riya\AppData\Roaming\Kingsoft 2012-09-22 07:32 . 2012-09-22 07:32 -------- d-----w- c:\users\Jagdeep\AppData\Roaming\Foxit Software 2012-09-22 02:40 . 2012-09-22 02:40 -------- d-----w- C:\KRECYCLE 2012-09-20 10:09 . 2012-09-20 10:10 -------- d-----w- c:\users\Jagdeep\AppData\Roaming\Kingsoft 2012-09-20 10:09 . 2012-09-22 09:04 -------- d-----w- c:\programdata\Kingsoft 2012-09-20 10:09 . 2012-09-20 10:13 -------- d-----w- c:\program files (x86)\Kingsoft . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-10-18 16:41 . 2012-08-11 04:58 45056 ----a-w- c:\windows\SysWow64\acovcnt.exe 2012-10-13 04:41 . 2012-09-02 07:04 737072 ----a-w- c:\programdata\Microsoft\eHome\Packages\SportsV2\SportsTemplateCore-2\Microsoft.MediaCenter.Sports.UI.dll 2012-10-13 04:41 . 2012-09-02 07:03 2876528 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\markup.dll 2012-10-13 04:40 . 2012-08-31 14:28 42776 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM-2\StartResources.dll 2012-10-10 17:04 . 2012-08-15 02:11 696760 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe 2012-10-10 17:04 . 2012-08-15 02:11 73656 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl 2012-10-07 06:11 . 2012-08-28 16:14 737072 ----a-w- c:\programdata\Microsoft\eHome\Packages\SportsV2\SportsTemplateCore\Microsoft.MediaCenter.Sports.UI.dll 2012-10-07 06:10 . 2012-08-31 14:30 2876528 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\markup.dll 2012-10-07 06:09 . 2012-08-27 14:25 42776 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM\StartResources.dll 2012-10-07 06:09 . 2012-08-27 14:24 539984 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll 2012-09-22 04:31 . 2012-09-12 11:14 539984 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll 2012-09-14 16:05 . 2012-09-14 16:05 95208 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll 2012-09-14 16:05 . 2012-08-12 15:23 821736 ----a-w- c:\windows\SysWow64\npDeployJava1.dll 2012-09-14 16:05 . 2012-08-12 15:23 746984 ----a-w- c:\windows\SysWow64\deployJava1.dll 2012-08-30 16:33 . 2012-08-30 16:33 228768 ----a-w- c:\windows\system32\drivers\MpFilter.sys 2012-08-30 16:33 . 2012-08-30 16:33 128456 ----a-w- c:\windows\system32\drivers\NisDrvWFP.sys 2012-08-20 14:28 . 2012-08-20 14:28 74752 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe 2012-08-20 14:28 . 2012-08-20 14:28 161792 ----a-w- c:\windows\SysWow64\msls31.dll 2012-08-20 14:28 . 2012-08-20 14:28 1129472 ----a-w- c:\windows\SysWow64\wininet.dll 2012-08-20 14:28 . 2012-08-20 14:28 86528 ----a-w- c:\windows\SysWow64\iesysprep.dll 2012-08-20 14:28 . 2012-08-20 14:28 76800 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe 2012-08-20 14:28 . 2012-08-20 14:28 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll 2012-08-20 14:28 . 2012-08-20 14:28 1800704 ----a-w- c:\windows\SysWow64\jscript9.dll 2012-08-20 14:28 . 2012-08-20 14:28 110592 ----a-w- c:\windows\SysWow64\IEAdvpack.dll 2012-08-20 14:28 . 2012-08-20 14:28 74752 ----a-w- c:\windows\SysWow64\iesetup.dll 2012-08-20 14:28 . 2012-08-20 14:28 63488 ----a-w- c:\windows\SysWow64\tdc.ocx 2012-08-20 14:28 . 2012-08-20 14:28 367104 ----a-w- c:\windows\SysWow64\html.iec 2012-08-20 14:28 . 2012-08-20 14:28 420864 ----a-w- c:\windows\SysWow64\vbscript.dll 2012-08-20 14:28 . 2012-08-20 14:28 23552 ----a-w- c:\windows\SysWow64\licmgr10.dll 2012-08-20 14:28 . 2012-08-20 14:28 152064 ----a-w- c:\windows\SysWow64\wextract.exe 2012-08-20 14:28 . 2012-08-20 14:28 150528 ----a-w- c:\windows\SysWow64\iexpress.exe 2012-08-20 14:28 . 2012-08-20 14:28 1427968 ----a-w- c:\windows\SysWow64\inetcpl.cpl 2012-08-20 14:28 . 2012-08-20 14:28 35840 ----a-w- c:\windows\SysWow64\imgutil.dll 2012-08-20 14:28 . 2012-08-20 14:28 2382848 ----a-w- c:\windows\SysWow64\mshtml.tlb 2012-08-20 14:28 . 2012-08-20 14:28 142848 ----a-w- c:\windows\SysWow64\ieUnatt.exe 2012-08-20 14:28 . 2012-08-20 14:28 11776 ----a-w- c:\windows\SysWow64\mshta.exe 2012-08-20 14:28 . 2012-08-20 14:28 101888 ----a-w- c:\windows\SysWow64\admparse.dll 2012-08-20 14:28 . 2012-08-20 14:28 89088 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe 2012-08-20 14:28 . 2012-08-20 14:28 222208 ----a-w- c:\windows\system32\msls31.dll 2012-08-20 14:28 . 2012-08-20 14:28 1346048 ----a-w- c:\windows\system32\urlmon.dll 2012-08-20 14:28 . 2012-08-20 14:28 85504 ----a-w- c:\windows\system32\jsproxy.dll 2012-08-20 14:28 . 2012-08-20 14:28 65024 ----a-w- c:\windows\system32\pngfilt.dll 2012-08-20 14:28 . 2012-08-20 14:28 267776 ----a-w- c:\windows\system32\ieaksie.dll 2012-08-20 14:28 . 2012-08-20 14:28 2382848 ----a-w- c:\windows\system32\mshtml.tlb 2012-08-20 14:28 . 2012-08-20 14:28 2144768 ----a-w- c:\windows\system32\iertutil.dll 2012-08-20 14:28 . 2012-08-20 14:28 197120 ----a-w- c:\windows\system32\msrating.dll 2012-08-20 14:28 . 2012-08-20 14:28 17809920 ----a-w- c:\windows\system32\mshtml.dll 2012-08-20 14:28 . 2012-08-20 14:28 173056 ----a-w- c:\windows\system32\ieUnatt.exe 2012-08-20 14:28 . 2012-08-20 14:28 149504 ----a-w- c:\windows\system32\occache.dll 2012-08-20 14:28 . 2012-08-20 14:28 1392128 ----a-w- c:\windows\system32\wininet.dll 2012-08-20 14:28 . 2012-08-20 14:28 12288 ----a-w- c:\windows\system32\mshta.exe 2012-08-20 14:28 . 2012-08-20 14:28 114176 ----a-w- c:\windows\system32\admparse.dll 2012-08-20 14:28 . 2012-08-20 14:28 816640 ----a-w- c:\windows\system32\jscript.dll 2012-08-20 14:28 . 2012-08-20 14:28 55296 ----a-w- c:\windows\system32\msfeedsbs.dll 2012-08-20 14:28 . 2012-08-20 14:28 49664 ----a-w- c:\windows\system32\imgutil.dll 2012-08-20 14:28 . 2012-08-20 14:28 2312704 ----a-w- c:\windows\system32\jscript9.dll 2012-08-20 14:28 . 2012-08-20 14:28 163840 ----a-w- c:\windows\system32\ieakui.dll 2012-08-20 14:28 . 2012-08-20 14:28 160256 ----a-w- c:\windows\system32\ieakeng.dll 2012-08-20 14:28 . 2012-08-20 14:28 145920 ----a-w- c:\windows\system32\iepeers.dll 2012-08-20 14:28 . 2012-08-20 14:28 135168 ----a-w- c:\windows\system32\IEAdvpack.dll 2012-08-20 14:28 . 2012-08-20 14:28 10752 ----a-w- c:\windows\system32\msfeedssync.exe 2012-08-20 14:28 . 2012-08-20 14:28 91648 ----a-w- c:\windows\system32\SetIEInstalledDate.exe 2012-08-20 14:28 . 2012-08-20 14:28 76800 ----a-w- c:\windows\system32\tdc.ocx 2012-08-20 14:28 . 2012-08-20 14:28 534528 ----a-w- c:\windows\system32\ieapfltr.dll 2012-08-20 14:28 . 2012-08-20 14:28 48640 ----a-w- c:\windows\system32\mshtmler.dll 2012-08-20 14:28 . 2012-08-20 14:28 452608 ----a-w- c:\windows\system32\dxtmsft.dll 2012-08-20 14:28 . 2012-08-20 14:28 448512 ----a-w- c:\windows\system32\html.iec 2012-08-20 14:28 . 2012-08-20 14:28 3695416 ----a-w- c:\windows\system32\ieapfltr.dat 2012-08-20 14:28 . 2012-08-20 14:28 282112 ----a-w- c:\windows\system32\dxtrans.dll 2012-08-20 14:28 . 2012-08-20 14:28 248320 ----a-w- c:\windows\system32\ieui.dll 2012-08-20 14:28 . 2012-08-20 14:28 111616 ----a-w- c:\windows\system32\iesysprep.dll 2012-08-20 14:28 . 2012-08-20 14:28 10925568 ----a-w- c:\windows\system32\ieframe.dll 2012-08-20 14:28 . 2012-08-20 14:28 96768 ----a-w- c:\windows\system32\mshtmled.dll 2012-08-20 14:28 . 2012-08-20 14:28 89088 ----a-w- c:\windows\system32\ie4uinit.exe 2012-08-20 14:28 . 2012-08-20 14:28 85504 ----a-w- c:\windows\system32\iesetup.dll 2012-08-20 14:28 . 2012-08-20 14:28 82432 ----a-w- c:\windows\system32\icardie.dll 2012-08-20 14:28 . 2012-08-20 14:28 403248 ----a-w- c:\windows\system32\iedkcs32.dll 2012-08-20 14:28 . 2012-08-20 14:28 39936 ----a-w- c:\windows\system32\iernonce.dll 2012-08-20 14:28 . 2012-08-20 14:28 30720 ----a-w- c:\windows\system32\licmgr10.dll 2012-08-20 14:28 . 2012-08-20 14:28 249344 ----a-w- c:\windows\system32\webcheck.dll 2012-08-20 14:28 . 2012-08-20 14:28 237056 ----a-w- c:\windows\system32\url.dll 2012-08-20 14:28 . 2012-08-20 14:28 160256 ----a-w- c:\windows\system32\wextract.exe 2012-08-20 14:28 . 2012-08-20 14:28 1494528 ----a-w- c:\windows\system32\inetcpl.cpl 2012-08-20 14:28 . 2012-08-20 14:28 103936 ----a-w- c:\windows\system32\inseng.dll 2012-08-20 14:28 . 2012-08-20 14:28 697344 ----a-w- c:\windows\system32\msfeeds.dll 2012-08-20 14:28 . 2012-08-20 14:28 603648 ----a-w- c:\windows\system32\vbscript.dll 2012-08-20 14:28 . 2012-08-20 14:28 165888 ----a-w- c:\windows\system32\iexpress.exe 2012-08-20 14:17 . 2012-08-20 14:17 1888256 ----a-w- c:\windows\system32\WMVDECOD.DLL 2012-08-20 14:17 . 2012-08-20 14:17 1619456 ----a-w- c:\windows\SysWow64\WMVDECOD.DLL 2012-08-20 14:17 . 2012-08-20 14:17 982912 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys 2012-08-20 14:17 . 2012-08-20 14:17 662528 ----a-w- c:\windows\system32\XpsPrint.dll 2012-08-20 14:17 . 2012-08-20 14:17 470016 ----a-w- c:\windows\system32\XpsGdiConverter.dll 2012-08-20 14:17 . 2012-08-20 14:17 320512 ----a-w- c:\windows\system32\d3d10_1core.dll 2012-08-20 14:17 . 2012-08-20 14:17 265088 ----a-w- c:\windows\system32\drivers\dxgmms1.sys 2012-08-20 14:17 . 2012-08-20 14:17 197120 ----a-w- c:\windows\system32\d3d10_1.dll 2012-08-20 14:17 . 2012-08-20 14:17 1837568 ----a-w- c:\windows\system32\d3d10warp.dll 2012-08-20 14:17 . 2012-08-20 14:17 1495040 ----a-w- c:\windows\SysWow64\ExplorerFrame.dll 2012-08-20 14:17 . 2012-08-20 14:17 144384 ----a-w- c:\windows\system32\cdd.dll 2012-08-20 14:17 . 2012-08-20 14:17 1133568 ----a-w- c:\windows\system32\FntCache.dll 2012-08-20 14:17 . 2012-08-20 14:17 902656 ----a-w- c:\windows\system32\d2d1.dll . . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{b6ac5e3c-5ceb-4e72-b451-f0e1ba983c14}] 2011-05-09 09:49 176936 ----a-w- c:\program files (x86)\BitTorrentControl_v12\prxtbBitT.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar] "{b6ac5e3c-5ceb-4e72-b451-f0e1ba983c14}"= "c:\program files (x86)\BitTorrentControl_v12\prxtbBitT.dll" [2011-05-09 176936] . [HKEY_CLASSES_ROOT\clsid\{b6ac5e3c-5ceb-4e72-b451-f0e1ba983c14}] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "ATKOSD2"="c:\program files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe" [2011-07-21 5716608] "ATKMEDIA"="c:\program files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe" [2010-10-07 170624] "HControlUser"="c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe" [2009-06-19 105016] "Wireless Console 3"="c:\program files (x86)\ASUS\Wireless Console 3\wcourier.exe" [2011-09-13 2317312] "NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648] "Anti-phishing Domain Advisor"="c:\programdata\Anti-phishing Domain Advisor\visicom_antiphishing.exe" [2012-05-03 217256] "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848] "Anvi Smart Defender"="c:\program files (x86)\Anvisoft\Anvi Smart Defender\ASDTray.exe" [2012-08-23 1229104] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) "HideFastUserSwitching"= 0 (0x0) . [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system] "HideFastUserSwitching"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows] "LoadAppInit_DLLs"=1 (0x1) "AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32] "aux1"=wdmaud.drv . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc] @="Service" . R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-09-02 116648] R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-07-13 160944] R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-10-10 250808] R3 AthBTPort;Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys [2011-08-02 36000] R3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys [2011-08-02 330912] R3 btath_avdt;Atheros Bluetooth AVDT Service;c:\windows\system32\drivers\btath_avdt.sys [2011-08-02 110240] R3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\system32\DRIVERS\btath_hcrp.sys [2011-08-02 167584] R3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\btath_lwflt.sys [2011-08-02 68256] R3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\DRIVERS\btath_rcp.sys [2011-08-02 280992] R3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys [2011-08-02 511136] R3 BVRPMPR5a64;BVRPMPR5a64 NDIS Protocol Driver;c:\windows\system32\drivers\BVRPMPR5a64.SYS [2010-08-13 35840] R3 gupdatem;Google Update Service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-09-02 116648] R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-10-06 115168] R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2012-08-30 128456] R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\NisSrv.exe [2012-09-12 368896] S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys [2011-10-17 28992] S1 asdrm;asdrm;c:\windows\system32\DRIVERS\asdrm.sys [2012-08-20 18768] S1 asdws;asdws;c:\windows\system32\DRIVERS\asdws.sys [2012-08-20 17232] S1 ATKWMIACPIIO;ATKWMIACPI Driver;c:\program files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2011-09-07 17536] S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904] S2 AFBAgent;AFBAgent;c:\windows\system32\FBAgent.exe [2011-03-03 379520] S2 asdrs;AntiMalware Host-based Intrusion Prevention System;c:\windows\system32\DRIVERS\asdrs.sys [2012-08-20 23376] S2 asdsrv;Anvi Smart Defender Realtime Guard Service;c:\program files (x86)\Anvisoft\Anvi Smart Defender\ASDSrv.exe [2012-08-23 686896] S2 ASMMAP64;ASMMAP64;c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-02 15416] S2 ASUS InstantOn;ASUS InstantOn Service;c:\program files (x86)\Common Files\InstantOn\InsOnSrv.exe [2011-09-29 92800] S2 Atheros Bt&Wlan Coex Agent;Atheros Bt&Wlan Coex Agent;c:\program files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [2011-08-02 146592] S2 AtherosSvc;AtherosSvc;c:\program files (x86)\Bluetooth Suite\adminservice.exe [2011-08-02 103584] S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-09-07 399432] S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-09-07 676936] S2 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe [2012-07-13 769432] S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-10-17 2253120] S2 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2012-08-13 3064000] S2 UNS;Intel® Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2010-12-20 2656280] S3 asmthub3;ASMedia USB3 Hub Service;c:\windows\system32\DRIVERS\asmthub3.sys [2011-10-03 129512] S3 asmtxhci;ASMEDIA XHCI Service;c:\windows\system32\DRIVERS\asmtxhci.sys [2011-10-03 394728] S3 BTATH_BUS;Atheros Bluetooth Bus;c:\windows\system32\DRIVERS\btath_bus.sys [2011-08-02 30368] S3 IntcDAud;Intel® Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [2010-10-14 317440] S3 L1C;NDIS Miniport Driver for Atheros AR81xx PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys [2011-09-19 108656] S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-09-07 25928] S3 MEIx64;Intel® Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [2010-10-19 56344] . . Contents of the 'Scheduled Tasks' folder . 2012-10-18 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-20 17:04] . 2012-10-18 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-09-02 09:12] . 2012-10-18 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-09-02 09:12] . 2012-10-18 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2382360282-1360722930-1941866962-1000Core.job - c:\users\Jagdeep\AppData\Local\Google\Update\GoogleUpdate.exe [2012-08-23 16:51] . 2012-10-18 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2382360282-1360722930-1941866962-1000UA.job - c:\users\Jagdeep\AppData\Local\Google\Update\GoogleUpdate.exe [2012-08-23 16:51] . 2012-10-11 c:\windows\Tasks\SpeedyPC Pro.job - c:\program files (x86)\SpeedyPC Software\SpeedyPC\SpeedyPC.exe [2012-10-04 20:42] . 2012-10-18 c:\windows\Tasks\SpeedyPC Registration3.job - c:\windows\system32\rundll32.exe [2009-07-13 01:14] . 2012-10-18 c:\windows\Tasks\SpeedyPC Update Version3 Startup Task.job - c:\program files (x86)\Common Files\SpeedyPC Software\UUS3\SpeedyPC_Update3.exe [2012-10-04 20:42] . 2012-10-11 c:\windows\Tasks\SpeedyPC Update Version3.job - c:\program files (x86)\Common Files\SpeedyPC Software\UUS3\SpeedyPC_Update3.exe [2012-10-04 20:42] . 2012-10-18 c:\windows\Tasks\WpsUpdateTask_Jagdeep.job - c:\program files (x86)\Kingsoft\Kingsoft Office\office6\wpsupdate.exe [2011-11-03 16:00] . 2012-10-18 c:\windows\Tasks\WpsUpdateTask_Riya.job - c:\program files (x86)\Kingsoft\Kingsoft Office\office6\wpsupdate.exe [2011-11-03 16:00] . . --------- X64 Entries ----------- . . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "AmIcoSinglun64"="c:\program files (x86)\AmIcoSingLun\AmIcoSinglun64.exe" [2011-03-21 361984] "RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2011-10-14 2278504] "AtherosBtStack"="c:\program files (x86)\Bluetooth Suite\BtvStack.exe" [2011-08-02 961184] "AthBtTray"="c:\program files (x86)\Bluetooth Suite\AthBtTray.exe" [2011-08-02 798880] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-07-28 167704] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-07-28 392472] "Persistence"="c:\windows\system32\igfxpers.exe" [2011-07-28 416024] "MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2012-09-12 1289704] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"=c:\windows\System32\nvinitx.dll . ------- Supplementary Scan ------- . uLocal Page = c:\windows\system32\blank.htm mLocal Page = c:\windows\SysWOW64\blank.htm TCP: DhcpNameServer = 192.168.1.1 FF - ProfilePath - c:\users\Jagdeep\AppData\Roaming\Mozilla\Firefox\Profiles\85l4lp0m.default\ . - - - - ORPHANS REMOVED - - - - . BHO-{F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - c:\program files (x86)\Hotspot Shield\HssIE\HssIE_64.dll WebBrowser-{B6AC5E3C-5CEB-4E72-B451-F0E1BA983C14} - (no file) HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe HKLM-Run-SynAsusAcpi - c:\program files (x86)\Synaptics\SynTP\SynAsusAcpi.exe . . . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_287_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32] @="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_287_ActiveX.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="IFlashBroker5" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.11" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="IFlashBroker5" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . ------------------------ Other Running Processes ------------------------ . c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe c:\program files (x86)\Common Files\Microsoft Shared\VS7Debug\mdm.exe c:\program files (x86)\Common Files\InstantOn\InsOnWMI.exe c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe c:\program files (x86)\ASUS\FaceLogon\sensorsrv.exe c:\program files (x86)\ASUS\Splendid\ACMON.exe c:\program files (x86)\YourFileDownloader\YourFileUpdater.exe c:\program files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe c:\windows\SysWOW64\ACEngSvr.exe c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe c:\windows\AsScrPro.exe c:\program files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe . ************************************************************************** . Completion time: 2012-10-18 22:17:42 - machine was rebooted ComboFix-quarantined-files.txt 2012-10-18 16:47 . Pre-Run: 43,121,627,136 bytes free Post-Run: 42,759,680,000 bytes free . - - End Of File - - 185F79424B27E1547F37DCE54C2A4010
  2. jagdeepbajaj
    mbam log: Malwarebytes Anti-Malware (Trial) 1.65.0.1400 www.malwarebytes.org Database version: v2012.10.17.08 Windows 7 x64 NTFS Internet Explorer 9.0.8112.16421 Jagdeep :: JAGDEEP-PC [administrator] Protection: Enabled 10/17/2012 9:18:11 PM mbam-log-2012-10-17 (21-18-11).txt Scan type: Quick scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 286646 Time elapsed: 11 minute(s), 38 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) (end) dds log: . DDS (Ver_2011-08-26.01) - NTFSAMD64 Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 10.7.2 Run by Jagdeep at 21:31:45 on 2012-10-17 Microsoft Windows 7 Professional 6.1.7600.0.1252.1.1033.18.3872.1527 [GMT 5.5:30] . AV: Trend Micro Titanium Internet Security *Disabled/Outdated* {68F968AC-2AA0-091D-848C-803E83E35902} AV: Microsoft Security Essentials *Enabled/Updated* {B140BF4E-23BB-4198-90AB-A51A4C60A69C} SP: Microsoft Security Essentials *Enabled/Updated* {0A215EAA-0581-4E16-AA1B-9E6837E7EC21} SP: Trend Micro Titanium Internet Security *Disabled/Outdated* {D3988948-0C9A-0693-BE3C-BB4CF86413BF} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . ============== Running Processes =============== . C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\nvvsvc.exe C:\Windows\system32\svchost.exe -k RPCSS C:\Program Files\Microsoft Security Client\MsMpEng.exe C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k NetworkService C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe C:\Windows\system32\nvvsvc.exe C:\Windows\system32\WLANExt.exe C:\Windows\system32\FBAgent.exe C:\Windows\system32\conhost.exe C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe C:\Program Files\Trend Micro\UniClient\UiFrmWrk\uiWatchDog.exe C:\Windows\system32\conhost.exe C:\Program Files\Trend Micro\AMSP\coreFrameworkHost.exe C:\Windows\system32\conhost.exe C:\Program Files (x86)\Anvisoft\Anvi Smart Defender\ASDSrv.exe C:\Program Files (x86)\Common Files\InstantOn\InsOnSrv.exe C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe C:\Program Files (x86)\Bluetooth Suite\adminservice.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe C:\Program Files (x86)\Common Files\Microsoft Shared\VS7Debug\mdm.exe C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\system32\svchost.exe -k bthsvcs C:\Windows\system32\taskhost.exe C:\Program Files (x86)\Common Files\InstantOn\InsOnWMI.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\wbem\wmiprvse.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe C:\Windows\System32\igfxtray.exe C:\Windows\System32\hkcmd.exe C:\Windows\System32\igfxpers.exe C:\Program Files\Microsoft Security Client\msseces.exe C:\Program Files\Trend Micro\UniClient\UiFrmWrk\uiSeAgnt.exe C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe C:\Program Files\Synaptics\SynTP\SynTPHelper.exe C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe C:\ProgramData\Anti-phishing Domain Advisor\visicom_antiphishing.exe C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Windows\system32\SearchIndexer.exe C:\Program Files\NVIDIA Corporation\Display\nvtray.exe C:\Program Files (x86)\Anvisoft\Anvi Smart Defender\ASDTray.exe C:\Windows\system32\taskeng.exe C:\Program Files\P4G\BatteryLife.exe C:\Program Files (x86)\ASUS\FaceLogon\sensorsrv.exe C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe C:\Program Files (x86)\ASUS\Splendid\ACMON.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Windows\SysWOW64\ACEngSvr.exe C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe C:\Users\Jagdeep\AppData\Local\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe C:\Users\Jagdeep\AppData\Local\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Nero\Update\NASvc.exe C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_4_402_287.exe C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_4_402_287.exe C:\Users\Jagdeep\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Jagdeep\AppData\Local\Google\Chrome\Application\chrome.exe C:\Windows\system32\SearchProtocolHost.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe C:\Windows\AsScrPro.exe C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe C:\Windows\SysWOW64\NOTEPAD.EXE C:\Windows\system32\SearchFilterHost.exe C:\Windows\system32\taskeng.exe C:\Windows\system32\igfxsrvc.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\system32\conhost.exe C:\Windows\SysWOW64\cscript.exe C:\Windows\system32\wbem\wmiprvse.exe . ============== Pseudo HJT Report =============== . mURLSearchHooks: BitTorrentControl_v12 Toolbar: {b6ac5e3c-5ceb-4e72-b451-f0e1ba983c14} - C:\Program Files (x86)\BitTorrentControl_v12\prxtbBitT.dll mWinlogon: Userinit=userinit.exe BHO: Octh Class: {000123b4-9b42-4900-b3f7-f4b073efc214} - C:\Program Files (x86)\Orbitdownloader\orbitcth.dll BHO: TmIEPlugInBHO Class: {1ca1377b-dc1d-4a52-9585-6e06050fac53} - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1505\6.6.1088\TmIEPlg32.dll BHO: Java Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll BHO: CIESpeechBHO Class: {8d10f6c4-0e01-4bd4-8601-11ac1fdf8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll BHO: Skype Browser Helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll BHO: BitTorrentControl_v12 Toolbar: {b6ac5e3c-5ceb-4e72-b451-f0e1ba983c14} - C:\Program Files (x86)\BitTorrentControl_v12\prxtbBitT.dll BHO: TmBpIeBHO Class: {bbacbafd-fa5e-4079-8b33-00eb9f13d4ac} - C:\Program Files\Trend Micro\AMSP\Module\20002\6.6.1010\6.6.1010\TmBpIe32.dll BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll TB: BitTorrentControl_v12 Toolbar: {b6ac5e3c-5ceb-4e72-b451-f0e1ba983c14} - C:\Program Files (x86)\BitTorrentControl_v12\prxtbBitT.dll mRun: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe mRun: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe mRun: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe mRun: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe mRun: [NeroFilterCheck] C:\Windows\system32\NeroCheck.exe mRun: [Anti-phishing Domain Advisor] "C:\ProgramData\Anti-phishing Domain Advisor\visicom_antiphishing.exe" mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" mRun: [Anvi Smart Defender] C:\Program Files (x86)\Anvisoft\Anvi Smart Defender\ASDTray.exe uPolicies-system: HideFastUserSwitching = 0 (0x0) mPolicies-explorer: NoActiveDesktop = 1 (0x1) mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1) mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5) mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) mPolicies-system: HideFastUserSwitching = 0 (0x0) IE: {7815BE26-237D-41A8-A98F-F7BD75F71086} - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab TCP: DhcpNameServer = 192.168.1.1 TCP: Interfaces\{C9CEB78C-4866-4F39-9855-EC75FA0693CD} : DhcpNameServer = 124.124.5.135 124.124.5.136 124.124.5.140 124.124.5.141 TCP: Interfaces\{F140426F-3D26-4464-8C49-AC38D49A833D} : DhcpNameServer = 192.168.1.1 TCP: Interfaces\{F140426F-3D26-4464-8C49-AC38D49A833D}\D697E6564776561627 : DhcpNameServer = 192.168.1.1 TCP: Interfaces\{F140426F-3D26-4464-8C49-AC38D49A833D}\E4544574541425 : DhcpNameServer = 10.0.0.1 Handler: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Program Files (x86)\Common Files\microsoft shared\Web Folders\PKMCDO.DLL Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL Handler: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\6.6.1010\6.6.1010\TmBpIe32.dll Handler: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll BHO-X64: Octh Class: {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Program Files (x86)\Orbitdownloader\orbitcth.dll BHO-X64: btorbit.com - No File BHO-X64: TmIEPlugInBHO Class: {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1505\6.6.1088\TmIEPlg32.dll BHO-X64: Trend Micro NSC BHO - No File BHO-X64: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll BHO-X64: CIESpeechBHO Class: {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll BHO-X64: IESpeakDoc - No File BHO-X64: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll BHO-X64: SkypeIEPluginBHO - No File BHO-X64: BitTorrentControl_v12 Toolbar: {b6ac5e3c-5ceb-4e72-b451-f0e1ba983c14} - C:\Program Files (x86)\BitTorrentControl_v12\prxtbBitT.dll BHO-X64: BitTorrentControl_v12 - No File BHO-X64: TmBpIeBHO Class: {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\Module\20002\6.6.1010\6.6.1010\TmBpIe32.dll BHO-X64: TmBpIeBHO - No File BHO-X64: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll TB-X64: BitTorrentControl_v12 Toolbar: {b6ac5e3c-5ceb-4e72-b451-f0e1ba983c14} - C:\Program Files (x86)\BitTorrentControl_v12\prxtbBitT.dll mRun-x64: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe mRun-x64: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe mRun-x64: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe mRun-x64: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe mRun-x64: [NeroFilterCheck] C:\Windows\system32\NeroCheck.exe mRun-x64: [Anti-phishing Domain Advisor] "C:\ProgramData\Anti-phishing Domain Advisor\visicom_antiphishing.exe" mRun-x64: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" mRun-x64: [Anvi Smart Defender] C:\Program Files (x86)\Anvisoft\Anvi Smart Defender\ASDTray.exe AppInit_DLLs-X64: C:\Windows\SysWOW64\nvinit.dll . ================= FIREFOX =================== . FF - ProfilePath - C:\Users\Jagdeep\AppData\Roaming\Mozilla\Firefox\Profiles\85l4lp0m.default\ FF - plugin: C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\npBrowserPlugin.dll FF - plugin: C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll FF - plugin: C:\Users\Jagdeep\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_287.dll FF - plugin: C:\Windows\SysWOW64\npDeployJava1.dll FF - plugin: C:\Windows\SysWOW64\npmproxy.dll . ============= SERVICES / DRIVERS =============== . R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\system32\DRIVERS\MpFilter.sys --> C:\Windows\system32\DRIVERS\MpFilter.sys [?] R0 nvpciflt;nvpciflt;C:\Windows\system32\DRIVERS\nvpciflt.sys --> C:\Windows\system32\DRIVERS\nvpciflt.sys [?] R1 asdrm;asdrm;C:\Windows\system32\DRIVERS\asdrm.sys --> C:\Windows\system32\DRIVERS\asdrm.sys [?] R1 asdws;asdws;C:\Windows\system32\DRIVERS\asdws.sys --> C:\Windows\system32\DRIVERS\asdws.sys [?] R1 ATKWMIACPIIO;ATKWMIACPI Driver;C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2011-9-7 17536] R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?] R2 AFBAgent;AFBAgent;"C:\Windows\system32\FBAgent.exe" --> C:\Windows\system32\FBAgent.exe [?] R2 Amsp;Trend Micro Solution Platform;C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe [2012-8-11 256336] R2 asdrs;AntiMalware Host-based Intrusion Prevention System;\??\C:\Windows\system32\DRIVERS\asdrs.sys --> C:\Windows\system32\DRIVERS\asdrs.sys [?] R2 asdsrv;Anvi Smart Defender Realtime Guard Service;C:\Program Files (x86)\Anvisoft\Anvi Smart Defender\ASDSrv.exe [2012-8-23 686896] R2 ASMMAP64;ASMMAP64;C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-7-2 15416] R2 ASUS InstantOn;ASUS InstantOn Service;C:\Program Files (x86)\Common Files\InstantOn\InsOnSrv.exe [2011-9-29 92800] R2 Atheros Bt&Wlan Coex Agent;Atheros Bt&Wlan Coex Agent;C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [2011-8-2 146592] R2 AtherosSvc;AtherosSvc;C:\Program Files (x86)\Bluetooth Suite\AdminService.exe [2011-8-2 103584] R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-10-11 399432] R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-10-11 676936] R2 NAUpdate;Nero Update;C:\Program Files (x86)\Nero\Update\NASvc.exe [2012-7-13 769432] R2 nvUpdatusService;NVIDIA Update Service Daemon;C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2012-8-11 2253120] R2 Skype C2C Service;Skype C2C Service;C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2012-8-13 3064000] R2 tmevtmgr;tmevtmgr;C:\Windows\system32\DRIVERS\tmevtmgr.sys --> C:\Windows\system32\DRIVERS\tmevtmgr.sys [?] R2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2012-8-11 2656280] R3 asmthub3;ASMedia USB3 Hub Service;C:\Windows\system32\DRIVERS\asmthub3.sys --> C:\Windows\system32\DRIVERS\asmthub3.sys [?] R3 asmtxhci;ASMEDIA XHCI Service;C:\Windows\system32\DRIVERS\asmtxhci.sys --> C:\Windows\system32\DRIVERS\asmtxhci.sys [?] R3 BTATH_BUS;Atheros Bluetooth Bus;C:\Windows\system32\DRIVERS\btath_bus.sys --> C:\Windows\system32\DRIVERS\btath_bus.sys [?] R3 IntcDAud;Intel® Display Audio;C:\Windows\system32\DRIVERS\IntcDAud.sys --> C:\Windows\system32\DRIVERS\IntcDAud.sys [?] R3 L1C;NDIS Miniport Driver for Atheros AR81xx PCI-E Ethernet Controller;C:\Windows\system32\DRIVERS\L1C62x64.sys --> C:\Windows\system32\DRIVERS\L1C62x64.sys [?] R3 MBAMProtector;MBAMProtector;\??\C:\Windows\system32\drivers\mbam.sys --> C:\Windows\system32\drivers\mbam.sys [?] R3 MEIx64;Intel® Management Engine Interface;C:\Windows\system32\DRIVERS\HECIx64.sys --> C:\Windows\system32\DRIVERS\HECIx64.sys [?] S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-9-2 116648] S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-7-13 160944] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-8-20 250808] S3 AthBTPort;Atheros Virtual Bluetooth Class;C:\Windows\system32\DRIVERS\btath_flt.sys --> C:\Windows\system32\DRIVERS\btath_flt.sys [?] S3 BTATH_A2DP;Bluetooth A2DP Audio Driver;C:\Windows\system32\drivers\btath_a2dp.sys --> C:\Windows\system32\drivers\btath_a2dp.sys [?] S3 btath_avdt;Atheros Bluetooth AVDT Service;C:\Windows\system32\drivers\btath_avdt.sys --> C:\Windows\system32\drivers\btath_avdt.sys [?] S3 BTATH_HCRP;Bluetooth HCRP Server driver;C:\Windows\system32\DRIVERS\btath_hcrp.sys --> C:\Windows\system32\DRIVERS\btath_hcrp.sys [?] S3 BTATH_LWFLT;Bluetooth LWFLT Device;C:\Windows\system32\DRIVERS\btath_lwflt.sys --> C:\Windows\system32\DRIVERS\btath_lwflt.sys [?] S3 BTATH_RCP;Bluetooth AVRCP Device;C:\Windows\system32\DRIVERS\btath_rcp.sys --> C:\Windows\system32\DRIVERS\btath_rcp.sys [?] S3 BtFilter;BtFilter;C:\Windows\system32\DRIVERS\btfilter.sys --> C:\Windows\system32\DRIVERS\btfilter.sys [?] S3 BVRPMPR5a64;BVRPMPR5a64 NDIS Protocol Driver;\??\C:\Windows\system32\drivers\BVRPMPR5a64.SYS --> C:\Windows\system32\drivers\BVRPMPR5a64.SYS [?] S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-9-2 116648] S3 MozillaMaintenance;Mozilla Maintenance Service;C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-10-9 115168] S3 NisDrv;Microsoft Network Inspection System;C:\Windows\system32\DRIVERS\NisDrvWFP.sys --> C:\Windows\system32\DRIVERS\NisDrvWFP.sys [?] S3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2012-9-12 368896] S3 StorSvc;Storage Service;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-14 20992] . =============== Created Last 30 ================ . 2012-10-17 15:44:39 9308616 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{ACBC599B-B58A-4919-8F85-9B17BCAE57C7}\mpengine.dll 2012-10-16 14:30:10 9308616 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll 2012-10-13 18:05:55 23376 ----a-w- C:\Windows\System32\drivers\asdrs.sys 2012-10-13 18:05:55 18768 ----a-w- C:\Windows\System32\drivers\asdrm.sys 2012-10-13 18:05:55 17232 ----a-w- C:\Windows\System32\drivers\asdws.sys 2012-10-13 16:51:12 -------- d-----w- C:\Program Files\CCleaner 2012-10-12 16:06:11 -------- d-----w- C:\Windows\SysWow64\%LOCALAPPDATA% 2012-10-11 09:37:32 -------- d-----w- C:\Users\Jagdeep\AppData\Roaming\Malwarebytes 2012-10-11 09:37:03 -------- d-----w- C:\ProgramData\Malwarebytes 2012-10-11 09:36:57 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys 2012-10-11 09:36:57 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware 2012-10-11 07:47:18 -------- d-----w- C:\Program Files (x86)\ESET 2012-10-11 07:37:03 -------- d-----w- C:\Users\Jagdeep\AppData\Roaming\Anvisoft 2012-10-11 07:36:53 -------- d-----w- C:\ProgramData\Anvisoft 2012-10-11 07:36:45 -------- d-----w- C:\Program Files (x86)\Anvisoft 2012-10-11 06:54:47 -------- d-----w- C:\Users\Jagdeep\AppData\Roaming\YourFileDownloader 2012-10-11 06:54:47 -------- d-----w- C:\Program Files (x86)\YourFileDownloader 2012-10-10 17:42:40 -------- d-----w- C:\Users\Jagdeep\AppData\Roaming\SpeedyPC Software 2012-10-10 17:42:40 -------- d-----w- C:\Users\Jagdeep\AppData\Roaming\DriverCure 2012-10-10 17:42:21 -------- d-----w- C:\Program Files (x86)\Common Files\SpeedyPC Software 2012-10-10 17:42:15 -------- d-----w- C:\ProgramData\SpeedyPC Software 2012-10-10 17:42:15 -------- d-----w- C:\Program Files (x86)\SpeedyPC Software 2012-10-10 17:19:40 -------- d-----w- C:\Users\Jagdeep\AppData\Local\Macromedia 2012-10-09 17:15:09 -------- d-----w- C:\Users\Jagdeep\AppData\Local\Mozilla 2012-10-09 17:13:28 192592 ----a-w- C:\Program Files (x86)\Mozilla Firefox\maintenanceservice_installer.exe 2012-10-09 17:12:45 416224 ----a-w- C:\Program Files (x86)\Mozilla Firefox\libGLESv2.dll 2012-10-09 17:12:45 115168 ----a-w- C:\Program Files (x86)\Mozilla Firefox\maintenanceservice.exe 2012-10-09 17:12:44 80864 ----a-w- C:\Program Files (x86)\Mozilla Firefox\libEGL.dll 2012-10-09 17:12:44 2560480 ----a-w- C:\Program Files (x86)\Mozilla Firefox\gkmedias.dll 2012-10-09 17:12:43 917984 ----a-w- C:\Program Files (x86)\Mozilla Firefox\firefox.exe 2012-10-09 17:12:43 73696 ----a-w- C:\Program Files (x86)\Mozilla Firefox\breakpadinjector.dll 2012-10-09 17:12:43 258528 ----a-w- C:\Program Files (x86)\Mozilla Firefox\freebl3.dll 2012-10-09 17:12:43 2106216 ----a-w- C:\Program Files (x86)\Mozilla Firefox\D3DCompiler_43.dll 2012-10-09 17:12:43 1998168 ----a-w- C:\Program Files (x86)\Mozilla Firefox\d3dx9_43.dll 2012-10-09 17:12:43 18912 ----a-w- C:\Program Files (x86)\Mozilla Firefox\AccessibleMarshal.dll 2012-10-09 17:12:43 116192 ----a-w- C:\Program Files (x86)\Mozilla Firefox\crashreporter.exe 2012-10-07 15:10:17 -------- d-----w- C:\Windows\System32\appmgmt 2012-10-07 10:07:32 -------- d-----w- C:\Program Files (x86)\Microsoft Security Client 2012-10-07 10:07:26 -------- d-----w- C:\Program Files\Microsoft Security Client 2012-10-03 03:05:16 -------- d-----w- C:\Users\Jagdeep\AppData\Local\MetaGeek,_LLC 2012-10-03 02:56:05 -------- d-----w- C:\Program Files (x86)\MetaGeek 2012-10-03 02:12:24 -------- d-----w- C:\Users\Jagdeep\AppData\Roaming\Netgear Live Parental Controls 2012-10-03 02:12:19 -------- d-----w- C:\Program Files (x86)\NETGEAR Live Parental Controls Management Utility 2012-10-03 01:47:57 35840 ----a-r- C:\Windows\System32\drivers\BVRPMPR5a64.SYS 2012-10-03 01:47:04 -------- d-----w- C:\Netgear 2012-09-22 07:32:01 -------- d-----w- C:\Users\Jagdeep\AppData\Roaming\Foxit Software 2012-09-22 02:40:34 -------- d-sh--w- C:\KRECYCLE 2012-09-20 10:09:42 -------- d-----w- C:\Users\Jagdeep\AppData\Roaming\Kingsoft 2012-09-20 10:09:41 -------- d-----w- C:\ProgramData\Kingsoft 2012-09-20 10:09:25 -------- d-----w- C:\Program Files (x86)\Kingsoft . ==================== Find3M ==================== . 2012-10-16 16:00:49 45056 ----a-w- C:\Windows\SysWow64\acovcnt.exe 2012-10-10 17:04:34 696760 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe 2012-10-10 17:04:33 73656 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl 2012-09-14 16:05:06 95208 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll 2012-09-14 16:05:03 821736 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll 2012-09-14 16:05:03 746984 ----a-w- C:\Windows\SysWow64\deployJava1.dll 2012-08-30 16:33:48 228768 ----a-w- C:\Windows\System32\drivers\MpFilter.sys 2012-08-30 16:33:48 128456 ----a-w- C:\Windows\System32\drivers\NisDrvWFP.sys 2012-08-20 14:17:07 1888256 ----a-w- C:\Windows\System32\WMVDECOD.DLL 2012-08-11 04:48:35 80512 ----a-w- C:\Windows\AsusScr_K3 Series_ENG Uninstaller.exe 2012-08-11 04:48:14 3058304 ----a-w- C:\Windows\AsScrPro.exe . ============= FINISH: 21:33:40.42 ===============
  3. jagdeepbajaj
    i have windows 7 installed on my laptop. when i connect to internet it works fine for sometime,but afterwards whatever is typed in the address bar the browser (netscape) is redirected to partner37.mydomainadvisor.com. and then when i again try a blank page with message "no site configured at this address" is displayed.please help me what should i do
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.