Jump to content


Photo
- - - - -

broken.opencommand

broken.opencommand

  • This topic is locked This topic is locked
15 replies to this topic

#1 omdevn

omdevn

    New Member

  • Members
  • Pip
  • 6 posts

Posted 19 March 2012 - 03:43 AM

Please help me with this topic. I am attaching the required files.
Thanks.
Om Dev

Attached Files



#2 Maniac

Maniac

    Forum Deity

  • Experts
  • PipPipPipPipPipPip
  • 21,392 posts
  • Gender:Male
  • Location:Bulgaria, EU

Posted 19 March 2012 - 08:39 AM

Hello omdevn and :welcome:! My name is Maniac and I will be glad to help you solve your malware problem.

Please note:
  • If you are a paying customer, you have the privilege to contact the help desk at support@malwarebytes.org or here (http://helpdesk.malwarebytes.org/home). If you choose this option to get help, please let me know.
  • I recommend you to keep the instructions I will be giving you so that they are available to you at any time. You can save them in a text file or print them.
  • Make sure you read all of the instructions and fixes thoroughly before continuing with them.
  • Follow my instructions strictlya and don’t hesitate to stop and ask me if you have any questions.
  • Post your log files, don't attach them. Every log file should be copy/pasted in your next reply.

Step 1

Please download one of the following and run it:
http://download.blee...bit/FixExec.com
http://download.blee...bit/FixExec.pif
http://download.blee...bit/FixExec.scr

When FixExec has finished running it will create a log on your Windows desktop called FixExec.txt. This log will contain a list of the items that were repaired on your computer. Post it in your next reply.


Step 2

Download the latest version of TDSSKiller from here and save it to your Desktop.


  • Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.

    Posted Image
  • Check the boxes beside Verify Driver Digital Signature and Detect TDLFS file system, then click OK.

    Posted Image
  • Click the Start Scan button.

    Posted Image
  • If a suspicious object is detected, the default action will be Skip, click on Continue.

    Posted Image
  • If malicious objects are found, they will show in the Scan results and offer three (3) options.
  • Ensure Cure is selected, then click Continue => Reboot now to finish the cleaning process.

    Posted Image
  • Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.

A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste its contents on your next reply.


Step 3

  • Launch Malwarebytes' Anti-Malware
  • Go to Update tab and select Check for Updates. If an update is found, it will download and install the latest version.
  • Go to Scanner tab and select Perform Quick Scan, then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the entire report in your next reply.

Extra Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer,please do so immediately.


In your next reply, post the following log files:

  • TDSSKiller log
  • Malwarebytes' Anti-Malware log
  • a new fresh DDS log file

My help is free, however, if you wish to make a small donation to show appreciation and to help me continue the fight against Malware, then click here paypal.gif

#3 omdevn

omdevn

    New Member

  • Members
  • Pip
  • 6 posts

Posted 20 March 2012 - 01:47 AM

Thanks for taking the time and interest in my problem. Though I am a paying customer, I prefer to be guided by you in solving my problem.

Here are the posts which you have asked for:

1. TDSSKiller log

22:01:47.0051 5656 TDSS rootkit removing tool 2.7.20.0 Mar 9 2012 17:10:43
22:01:48.0194 5656 ============================================================
22:01:48.0194 5656 Current date / time: 2012/03/19 22:01:48.0194
22:01:48.0195 5656 SystemInfo:
22:01:48.0195 5656
22:01:48.0195 5656 OS Version: 6.1.7601 ServicePack: 1.0
22:01:48.0195 5656 Product type: Workstation
22:01:48.0195 5656 ComputerName: OMDEVA-PC
22:01:48.0195 5656 UserName: Om Deva
22:01:48.0196 5656 Windows directory: C:\Windows
22:01:48.0196 5656 System windows directory: C:\Windows
22:01:48.0196 5656 Processor architecture: Intel x86
22:01:48.0196 5656 Number of processors: 2
22:01:48.0196 5656 Page size: 0x1000
22:01:48.0196 5656 Boot type: Normal boot
22:01:48.0196 5656 ============================================================
22:01:50.0682 5656 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
22:01:53.0947 5656 Drive \Device\Harddisk2\DR4 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
22:01:53.0950 5656 \Device\Harddisk0\DR0:
22:01:54.0189 5656 MBR used
22:01:54.0190 5656 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
22:01:54.0190 5656 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x253FB800
22:01:54.0190 5656 \Device\Harddisk2\DR4:
22:01:54.0191 5656 MBR used
22:01:54.0191 5656 \Device\Harddisk2\DR4\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x3A384C02
22:01:54.0223 5656 Initialize success
22:01:54.0223 5656 ============================================================
22:02:51.0617 9212 ============================================================
22:02:51.0617 9212 Scan started
22:02:51.0617 9212 Mode: Manual; SigCheck; TDLFS;
22:02:51.0617 9212 ============================================================
22:02:52.0521 9212 1394ohci (1b133875b8aa8ac48969bd3458afe9f5) C:\Windows\system32\drivers\1394ohci.sys
22:02:52.0686 9212 1394ohci - ok
22:02:52.0744 9212 ACPI (cea80c80bed809aa0da6febc04733349) C:\Windows\system32\drivers\ACPI.sys
22:02:52.0794 9212 ACPI - ok
22:02:52.0829 9212 AcpiPmi (1efbc664abff416d1d07db115dcb264f) C:\Windows\system32\drivers\acpipmi.sys
22:02:52.0889 9212 AcpiPmi - ok
22:02:52.0939 9212 adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\Windows\system32\DRIVERS\adp94xx.sys
22:02:53.0033 9212 adp94xx - ok
22:02:53.0138 9212 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\Windows\system32\DRIVERS\adpahci.sys
22:02:53.0197 9212 adpahci - ok
22:02:53.0240 9212 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\Windows\system32\DRIVERS\adpu320.sys
22:02:53.0302 9212 adpu320 - ok
22:02:53.0381 9212 AFD (9ebbba55060f786f0fcaa3893bfa2806) C:\Windows\system32\drivers\afd.sys
22:02:53.0492 9212 AFD - ok
22:02:53.0526 9212 agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\Windows\system32\drivers\agp440.sys
22:02:53.0578 9212 agp440 - ok
22:02:53.0616 9212 aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\Windows\system32\DRIVERS\djsvs.sys
22:02:53.0664 9212 aic78xx - ok
22:02:53.0704 9212 aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\Windows\system32\drivers\aliide.sys
22:02:53.0766 9212 aliide - ok
22:02:53.0803 9212 amdagp (3c6600a0696e90a463771c7422e23ab5) C:\Windows\system32\drivers\amdagp.sys
22:02:53.0881 9212 amdagp - ok
22:02:53.0919 9212 amdide (cd5914170297126b6266860198d1d4f0) C:\Windows\system32\drivers\amdide.sys
22:02:53.0965 9212 amdide - ok
22:02:53.0997 9212 AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\Windows\system32\DRIVERS\amdk8.sys
22:02:54.0096 9212 AmdK8 - ok
22:02:54.0128 9212 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\Windows\system32\DRIVERS\amdppm.sys
22:02:54.0185 9212 AmdPPM - ok
22:02:54.0217 9212 amdsata (d320bf87125326f996d4904fe24300fc) C:\Windows\system32\drivers\amdsata.sys
22:02:54.0287 9212 amdsata - ok
22:02:54.0347 9212 amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\Windows\system32\DRIVERS\amdsbs.sys
22:02:54.0438 9212 amdsbs - ok
22:02:54.0456 9212 amdxata (46387fb17b086d16dea267d5be23a2f2) C:\Windows\system32\drivers\amdxata.sys
22:02:54.0500 9212 amdxata - ok
22:02:54.0539 9212 AMP (a7634ad081a97dd792ab261d80eafd84) C:\Windows\system32\Drivers\amp.sys
22:02:54.0798 9212 AMP - ok
22:02:54.0866 9212 AMPSE (839c3a79cb536a2412b4f39e50015e59) C:\Windows\system32\Drivers\ampse.sys
22:02:55.0007 9212 AMPSE - ok
22:02:55.0074 9212 AppID (aea177f783e20150ace5383ee368da19) C:\Windows\system32\drivers\appid.sys
22:02:55.0245 9212 AppID - ok
22:02:55.0368 9212 arc (2932004f49677bd84dbc72edb754ffb3) C:\Windows\system32\DRIVERS\arc.sys
22:02:55.0451 9212 arc - ok
22:02:55.0498 9212 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\Windows\system32\DRIVERS\arcsas.sys
22:02:55.0555 9212 arcsas - ok
22:02:55.0602 9212 AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\Windows\system32\DRIVERS\asyncmac.sys
22:02:55.0765 9212 AsyncMac - ok
22:02:55.0856 9212 atapi (338c86357871c167a96ab976519bf59e) C:\Windows\system32\drivers\atapi.sys
22:02:55.0909 9212 atapi - ok
22:02:55.0985 9212 b06bdrv (1a231abec60fd316ec54c66715543cec) C:\Windows\system32\DRIVERS\bxvbdx.sys
22:02:56.0194 9212 b06bdrv - ok
22:02:56.0314 9212 b57nd60x (37c0fdc2b0c7b285910695194bf39826) C:\Windows\system32\DRIVERS\b57nd60x.sys
22:02:56.0439 9212 b57nd60x - ok
22:02:56.0577 9212 BCM43XX (f9ce9b5e049efc66b8e6c73c18ee8438) C:\Windows\system32\DRIVERS\bcmwl6.sys
22:02:56.0726 9212 BCM43XX - ok
22:02:56.0767 9212 Beep (505506526a9d467307b3c393dedaf858) C:\Windows\system32\drivers\Beep.sys
22:02:56.0859 9212 Beep - ok
22:02:56.0913 9212 blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\Windows\system32\DRIVERS\blbdrive.sys
22:02:56.0984 9212 blbdrive - ok
22:02:57.0024 9212 bowser (8f2da3028d5fcbd1a060a3de64cd6506) C:\Windows\system32\DRIVERS\bowser.sys
22:02:57.0108 9212 bowser - ok
22:02:57.0146 9212 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\DRIVERS\BrFiltLo.sys
22:02:57.0194 9212 BrFiltLo - ok
22:02:57.0216 9212 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\DRIVERS\BrFiltUp.sys
22:02:57.0307 9212 BrFiltUp - ok
22:02:57.0362 9212 Brserid (845b8ce732e67f3b4133164868c666ea) C:\Windows\System32\Drivers\Brserid.sys
22:02:57.0513 9212 Brserid - ok
22:02:57.0573 9212 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\System32\Drivers\BrSerWdm.sys
22:02:57.0719 9212 BrSerWdm - ok
22:02:57.0760 9212 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\System32\Drivers\BrUsbMdm.sys
22:02:57.0809 9212 BrUsbMdm - ok
22:02:57.0833 9212 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\System32\Drivers\BrUsbSer.sys
22:02:57.0884 9212 BrUsbSer - ok
22:02:57.0919 9212 BthEnum (2865a5c8e98c70c605f417908cebb3a4) C:\Windows\system32\drivers\BthEnum.sys
22:02:58.0014 9212 BthEnum - ok
22:02:58.0061 9212 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\Windows\system32\DRIVERS\bthmodem.sys
22:02:58.0172 9212 BTHMODEM - ok
22:02:58.0250 9212 BthPan (ad1872e5829e8a2c3b5b4b641c3eab0e) C:\Windows\system32\DRIVERS\bthpan.sys
22:02:58.0317 9212 BthPan - ok
22:02:58.0357 9212 BTHPORT (c2fbf6d271d9a94d839c416bf186ead9) C:\Windows\System32\Drivers\BTHport.sys
22:02:58.0420 9212 BTHPORT - ok
22:02:58.0482 9212 BTHUSB (c81e9413a25a439f436b1d4b6a0cf9e9) C:\Windows\System32\Drivers\BTHUSB.sys
22:02:58.0557 9212 BTHUSB - ok
22:02:58.0596 9212 btwaudio - ok
22:02:58.0633 9212 btwavdt - ok
22:02:58.0663 9212 btwrchid - ok
22:02:58.0723 9212 cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\Windows\system32\DRIVERS\cdfs.sys
22:02:58.0866 9212 cdfs - ok
22:02:58.0907 9212 cdrom (be167ed0fdb9c1fa1133953c18d5a6c9) C:\Windows\system32\DRIVERS\cdrom.sys
22:02:58.0961 9212 cdrom - ok
22:02:58.0995 9212 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\Windows\system32\DRIVERS\circlass.sys
22:02:59.0050 9212 circlass - ok
22:02:59.0101 9212 CLFS (635181e0e9bbf16871bf5380d71db02d) C:\Windows\system32\CLFS.sys
22:02:59.0158 9212 CLFS - ok
22:02:59.0199 9212 CmBatt (dea805815e587dad1dd2c502220b5616) C:\Windows\system32\DRIVERS\CmBatt.sys
22:02:59.0334 9212 CmBatt - ok
22:02:59.0370 9212 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\Windows\system32\drivers\cmdide.sys
22:02:59.0433 9212 cmdide - ok
22:02:59.0484 9212 CNG (6427525d76f61d0c519b008d3680e8e7) C:\Windows\system32\Drivers\cng.sys
22:02:59.0543 9212 CNG - ok
22:02:59.0576 9212 Compbatt (a6023d3823c37043986713f118a89bee) C:\Windows\system32\DRIVERS\compbatt.sys
22:02:59.0611 9212 Compbatt - ok
22:02:59.0646 9212 CompositeBus (cbe8c58a8579cfe5fccf809e6f114e89) C:\Windows\system32\drivers\CompositeBus.sys
22:02:59.0729 9212 CompositeBus - ok
22:02:59.0777 9212 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\Windows\system32\DRIVERS\crcdisk.sys
22:02:59.0814 9212 crcdisk - ok
22:02:59.0865 9212 CSC (3c2177a897b4ca2788c6fb0c3fd81d4b) C:\Windows\system32\drivers\csc.sys
22:02:59.0977 9212 CSC - ok
22:03:00.0039 9212 DfsC (f024449c97ec1e464aaffda18593db88) C:\Windows\system32\Drivers\dfsc.sys
22:03:00.0220 9212 DfsC - ok
22:03:00.0302 9212 discache (1a050b0274bfb3890703d490f330c0da) C:\Windows\system32\drivers\discache.sys
22:03:00.0428 9212 discache - ok
22:03:00.0584 9212 Disk (565003f326f99802e68ca78f2a68e9ff) C:\Windows\system32\DRIVERS\disk.sys
22:03:00.0682 9212 Disk - ok
22:03:00.0767 9212 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\Windows\system32\drivers\drmkaud.sys
22:03:00.0825 9212 drmkaud - ok
22:03:00.0881 9212 DXGKrnl (23f5d28378a160352ba8f817bd8c71cb) C:\Windows\System32\drivers\dxgkrnl.sys
22:03:00.0973 9212 DXGKrnl - ok
22:03:00.0988 9212 eairwnet - ok
22:03:01.0113 9212 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\Windows\system32\DRIVERS\evbdx.sys
22:03:01.0302 9212 ebdrv - ok
22:03:01.0442 9212 ElRawDisk (9c64c2a950195f9bc3a09a499648b01c) C:\Windows\system32\drivers\ElRawDsk.sys
22:03:01.0535 9212 ElRawDisk - ok
22:03:01.0609 9212 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\Windows\system32\DRIVERS\elxstor.sys
22:03:01.0691 9212 elxstor - ok
22:03:01.0723 9212 ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\Windows\system32\drivers\errdev.sys
22:03:01.0810 9212 ErrDev - ok
22:03:01.0869 9212 exfat (2dc9108d74081149cc8b651d3a26207f) C:\Windows\system32\drivers\exfat.sys
22:03:01.0963 9212 exfat - ok
22:03:01.0991 9212 fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\Windows\system32\drivers\fastfat.sys
22:03:02.0132 9212 fastfat - ok
22:03:02.0239 9212 fdc (e817a017f82df2a1f8cfdbda29388b29) C:\Windows\system32\DRIVERS\fdc.sys
22:03:02.0333 9212 fdc - ok
22:03:02.0375 9212 FeMouWDM (f755065f61393a71cb89b2eb24c8cf00) C:\Windows\system32\DRIVERS\FeMouWDM.sys
22:03:02.0493 9212 FeMouWDM ( UnsignedFile.Multi.Generic ) - warning
22:03:02.0493 9212 FeMouWDM - detected UnsignedFile.Multi.Generic (1)
22:03:02.0515 9212 FileDisk - ok
22:03:02.0582 9212 FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\Windows\system32\drivers\fileinfo.sys
22:03:02.0697 9212 FileInfo - ok
22:03:02.0760 9212 Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\Windows\system32\drivers\filetrace.sys
22:03:02.0827 9212 Filetrace - ok
22:03:02.0851 9212 flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\Windows\system32\DRIVERS\flpydisk.sys
22:03:02.0929 9212 flpydisk - ok
22:03:03.0027 9212 FltMgr (7520ec808e0c35e0ee6f841294316653) C:\Windows\system32\drivers\fltmgr.sys
22:03:03.0078 9212 FltMgr - ok
22:03:03.0114 9212 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\Windows\system32\drivers\FsDepends.sys
22:03:03.0189 9212 FsDepends - ok
22:03:03.0247 9212 FsUsbExDisk (cbe5f69a5e5b918225f420ba748f3742) C:\Windows\system32\FsUsbExDisk.SYS
22:03:03.0292 9212 FsUsbExDisk ( UnsignedFile.Multi.Generic ) - warning
22:03:03.0292 9212 FsUsbExDisk - detected UnsignedFile.Multi.Generic (1)
22:03:03.0331 9212 Fs_Rec (a574b4360e438977038aae4bf60d79a2) C:\Windows\system32\drivers\Fs_Rec.sys
22:03:03.0402 9212 Fs_Rec - ok
22:03:03.0447 9212 fvevol (8a73e79089b282100b9393b644cb853b) C:\Windows\system32\DRIVERS\fvevol.sys
22:03:03.0526 9212 fvevol - ok
22:03:03.0557 9212 gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\Windows\system32\DRIVERS\gagp30kx.sys
22:03:03.0612 9212 gagp30kx - ok
22:03:03.0652 9212 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
22:03:03.0693 9212 GEARAspiWDM - ok
22:03:03.0746 9212 hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\Windows\system32\drivers\hcw85cir.sys
22:03:03.0937 9212 hcw85cir - ok
22:03:04.0026 9212 HdAudAddService (a5ef29d5315111c80a5c1abad14c8972) C:\Windows\system32\drivers\HdAudio.sys
22:03:04.0134 9212 HdAudAddService - ok
22:03:04.0219 9212 HDAudBus (9036377b8a6c15dc2eec53e489d159b5) C:\Windows\system32\drivers\HDAudBus.sys
22:03:04.0291 9212 HDAudBus - ok
22:03:04.0331 9212 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\Windows\system32\DRIVERS\HidBatt.sys
22:03:04.0468 9212 HidBatt - ok
22:03:04.0514 9212 HidBth (89448f40e6df260c206a193a4683ba78) C:\Windows\system32\DRIVERS\hidbth.sys
22:03:04.0578 9212 HidBth - ok
22:03:04.0617 9212 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\Windows\system32\DRIVERS\hidir.sys
22:03:04.0691 9212 HidIr - ok
22:03:04.0748 9212 HidUsb (10c19f8290891af023eaec0832e1eb4d) C:\Windows\system32\DRIVERS\hidusb.sys
22:03:04.0832 9212 HidUsb - ok
22:03:04.0912 9212 HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\Windows\system32\drivers\HpSAMD.sys
22:03:04.0965 9212 HpSAMD - ok
22:03:05.0015 9212 HSFHWAZL (7290fb97535c317a237d4c73149c7e2c) C:\Windows\system32\DRIVERS\HSF_HWAZL.sys
22:03:05.0149 9212 HSFHWAZL ( UnsignedFile.Multi.Generic ) - warning
22:03:05.0149 9212 HSFHWAZL - detected UnsignedFile.Multi.Generic (1)
22:03:05.0211 9212 HSF_DPV (f362c0b442337da8ab0608dfaa4ca076) C:\Windows\system32\DRIVERS\HSF_DP.sys
22:03:05.0270 9212 HSF_DPV ( UnsignedFile.Multi.Generic ) - warning
22:03:05.0270 9212 HSF_DPV - detected UnsignedFile.Multi.Generic (1)
22:03:05.0328 9212 HSXHWAZL (4df5c76302dc2f8f3465966c8426a292) C:\Windows\system32\DRIVERS\HSXHWAZL.sys
22:03:05.0485 9212 HSXHWAZL - ok
22:03:05.0529 9212 HTTP (871917b07a141bff43d76d8844d48106) C:\Windows\system32\drivers\HTTP.sys
22:03:05.0667 9212 HTTP - ok
22:03:05.0726 9212 hwdatacard (92ca47da32009ccc00a5aded04abbd78) C:\Windows\system32\DRIVERS\ewusbmdm.sys
22:03:05.0931 9212 hwdatacard - ok
22:03:06.0040 9212 hwpolicy (0c4e035c7f105f1299258c90886c64c5) C:\Windows\system32\drivers\hwpolicy.sys
22:03:06.0071 9212 hwpolicy - ok
22:03:06.0115 9212 hwusbfake (1d4d6d24256f61e6b08a3cf8184a78b8) C:\Windows\system32\DRIVERS\ewusbfake.sys
22:03:06.0193 9212 hwusbfake - ok
22:03:06.0271 9212 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\Windows\system32\DRIVERS\i8042prt.sys
22:03:06.0372 9212 i8042prt - ok
22:03:06.0434 9212 iaStor (f989555f1662581032cce1578a8ff28e) C:\Windows\system32\DRIVERS\iaStor.sys
22:03:06.0495 9212 iaStor - ok
22:03:06.0554 9212 iaStorV (5cd5f9a5444e6cdcb0ac89bd62d8b76e) C:\Windows\system32\drivers\iaStorV.sys
22:03:06.0611 9212 iaStorV - ok
22:03:06.0786 9212 igfx (9467514ea189475a6e7fdc5d7bde9d3f) C:\Windows\system32\DRIVERS\igdkmd32.sys
22:03:07.0072 9212 igfx - ok
22:03:07.0187 9212 iirsp (4173ff5708f3236cf25195fecd742915) C:\Windows\system32\DRIVERS\iirsp.sys
22:03:07.0241 9212 iirsp - ok
22:03:07.0311 9212 intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\Windows\system32\drivers\intelide.sys
22:03:07.0356 9212 intelide - ok
22:03:07.0389 9212 intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\Windows\system32\DRIVERS\intelppm.sys
22:03:07.0473 9212 intelppm - ok
22:03:07.0537 9212 IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) C:\Windows\system32\DRIVERS\ipfltdrv.sys
22:03:07.0659 9212 IpFilterDriver - ok
22:03:07.0778 9212 IPMIDRV (4bd7134618c1d2a27466a099062547bf) C:\Windows\system32\drivers\IPMIDrv.sys
22:03:07.0872 9212 IPMIDRV - ok
22:03:07.0918 9212 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\Windows\system32\drivers\ipnat.sys
22:03:08.0009 9212 IPNAT - ok
22:03:08.0146 9212 IRENUM (42996cff20a3084a56017b7902307e9f) C:\Windows\system32\drivers\irenum.sys
22:03:08.0220 9212 IRENUM - ok
22:03:08.0327 9212 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\Windows\system32\drivers\isapnp.sys
22:03:08.0408 9212 isapnp - ok
22:03:08.0452 9212 iScsiPrt (cb7a9abb12b8415bce5d74994c7ba3ae) C:\Windows\system32\drivers\msiscsi.sys
22:03:08.0528 9212 iScsiPrt - ok
22:03:08.0569 9212 kbdclass (adef52ca1aeae82b50df86b56413107e) C:\Windows\system32\DRIVERS\kbdclass.sys
22:03:08.0631 9212 kbdclass - ok
22:03:08.0667 9212 kbdhid (9e3ced91863e6ee98c24794d05e27a71) C:\Windows\system32\DRIVERS\kbdhid.sys
22:03:08.0722 9212 kbdhid - ok
22:03:08.0770 9212 KSecDD (f4647bb23db9038a7536cf6b68f4207f) C:\Windows\system32\Drivers\ksecdd.sys
22:03:08.0826 9212 KSecDD - ok
22:03:08.0865 9212 KSecPkg (e73cae53bbb72ba26918492c6b4c229d) C:\Windows\system32\Drivers\ksecpkg.sys
22:03:08.0964 9212 KSecPkg - ok
22:03:09.0041 9212 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\Windows\system32\DRIVERS\lltdio.sys
22:03:09.0153 9212 lltdio - ok
22:03:09.0224 9212 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\Windows\system32\DRIVERS\lsi_fc.sys
22:03:09.0302 9212 LSI_FC - ok
22:03:09.0322 9212 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\Windows\system32\DRIVERS\lsi_sas.sys
22:03:09.0381 9212 LSI_SAS - ok
22:03:09.0408 9212 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\Windows\system32\DRIVERS\lsi_sas2.sys
22:03:09.0474 9212 LSI_SAS2 - ok
22:03:09.0508 9212 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\Windows\system32\DRIVERS\lsi_scsi.sys
22:03:09.0575 9212 LSI_SCSI - ok
22:03:09.0598 9212 luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\Windows\system32\drivers\luafv.sys
22:03:09.0706 9212 luafv - ok
22:03:09.0745 9212 MBAMProtector (b7ca8cc3f978201856b6ab82f40953c3) C:\Windows\system32\drivers\mbam.sys
22:03:09.0782 9212 MBAMProtector - ok
22:03:09.0835 9212 mcdbus (8fd868e32459ece2a1bb0169f513d31e) C:\Windows\system32\DRIVERS\mcdbus.sys
22:03:09.0935 9212 mcdbus ( UnsignedFile.Multi.Generic ) - warning
22:03:09.0935 9212 mcdbus - detected UnsignedFile.Multi.Generic (1)
22:03:10.0009 9212 mdmxsdk (0cea2d0d3fa284b85ed5b68365114f76) C:\Windows\system32\DRIVERS\mdmxsdk.sys
22:03:10.0116 9212 mdmxsdk - ok
22:03:10.0171 9212 megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\Windows\system32\DRIVERS\megasas.sys
22:03:10.0229 9212 megasas - ok
22:03:10.0270 9212 MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\Windows\system32\DRIVERS\MegaSR.sys
22:03:10.0343 9212 MegaSR - ok
22:03:10.0399 9212 Modem (f001861e5700ee84e2d4e52c712f4964) C:\Windows\system32\drivers\modem.sys
22:03:10.0512 9212 Modem - ok
22:03:10.0560 9212 monitor (79d10964de86b292320e9dfe02282a23) C:\Windows\system32\DRIVERS\monitor.sys
22:03:10.0646 9212 monitor - ok
22:03:10.0760 9212 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\Windows\system32\DRIVERS\mouclass.sys
22:03:10.0811 9212 mouclass - ok
22:03:10.0853 9212 moufiltr (baa4ed3c323bee7ebc144c7d232220a8) C:\Windows\system32\DRIVERS\moufiltr.sys
22:03:10.0872 9212 moufiltr ( UnsignedFile.Multi.Generic ) - warning
22:03:10.0872 9212 moufiltr - detected UnsignedFile.Multi.Generic (1)
22:03:10.0911 9212 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\Windows\system32\DRIVERS\mouhid.sys
22:03:10.0968 9212 mouhid - ok
22:03:11.0008 9212 mountmgr (fc8771f45ecccfd89684e38842539b9b) C:\Windows\system32\drivers\mountmgr.sys
22:03:11.0112 9212 mountmgr - ok
22:03:11.0261 9212 MpFilter (fee0baded54222e9f1dae9541212aab1) C:\Windows\system32\DRIVERS\MpFilter.sys
22:03:11.0381 9212 MpFilter - ok
22:03:11.0480 9212 mpio (2d699fb6e89ce0d8da14ecc03b3edfe0) C:\Windows\system32\drivers\mpio.sys
22:03:11.0586 9212 mpio - ok
22:03:11.0747 9212 MpKsl5b4ac7bc (a69630d039c38018689190234f866d77) C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{1A000D8F-418D-4BF8-B386-9B6C2D30DDB8}\MpKsl5b4ac7bc.sys
22:03:11.0806 9212 MpKsl5b4ac7bc - ok
22:03:11.0908 9212 MpNWMon (2c3489660d4a8d514c123c3f0d67df46) C:\Windows\system32\DRIVERS\MpNWMon.sys
22:03:12.0000 9212 MpNWMon - ok
22:03:12.0059 9212 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\Windows\system32\drivers\mpsdrv.sys
22:03:12.0179 9212 mpsdrv - ok
22:03:12.0270 9212 MRxDAV (ceb46ab7c01c9f825f8cc6babc18166a) C:\Windows\system32\drivers\mrxdav.sys
22:03:12.0432 9212 MRxDAV - ok
22:03:12.0568 9212 mrxsmb (5d16c921e3671636c0eba3bbaac5fd25) C:\Windows\system32\DRIVERS\mrxsmb.sys
22:03:12.0670 9212 mrxsmb - ok
22:03:12.0725 9212 mrxsmb10 (6d17a4791aca19328c685d256349fefc) C:\Windows\system32\DRIVERS\mrxsmb10.sys
22:03:12.0790 9212 mrxsmb10 - ok
22:03:12.0848 9212 mrxsmb20 (b81f204d146000be76651a50670a5e9e) C:\Windows\system32\DRIVERS\mrxsmb20.sys
22:03:12.0970 9212 mrxsmb20 - ok
22:03:13.0067 9212 msahci (012c5f4e9349e711e11e0f19a8589f0a) C:\Windows\system32\drivers\msahci.sys
22:03:13.0126 9212 msahci - ok
22:03:13.0166 9212 msdsm (55055f8ad8be27a64c831322a780a228) C:\Windows\system32\drivers\msdsm.sys
22:03:13.0209 9212 msdsm - ok
22:03:13.0283 9212 Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\Windows\system32\drivers\Msfs.sys
22:03:13.0363 9212 Msfs - ok
22:03:13.0392 9212 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\Windows\System32\drivers\mshidkmdf.sys
22:03:13.0468 9212 mshidkmdf - ok
22:03:13.0508 9212 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\Windows\system32\drivers\msisadrv.sys
22:03:13.0552 9212 msisadrv - ok
22:03:13.0596 9212 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\Windows\system32\drivers\MSKSSRV.sys
22:03:13.0693 9212 MSKSSRV - ok
22:03:13.0735 9212 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\Windows\system32\drivers\MSPCLOCK.sys
22:03:13.0804 9212 MSPCLOCK - ok
22:03:13.0823 9212 MSPQM (f456e973590d663b1073e9c463b40932) C:\Windows\system32\drivers\MSPQM.sys
22:03:13.0899 9212 MSPQM - ok
22:03:13.0930 9212 MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\Windows\system32\drivers\MsRPC.sys
22:03:14.0032 9212 MsRPC - ok
22:03:14.0075 9212 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\Windows\system32\drivers\mssmbios.sys
22:03:14.0136 9212 mssmbios - ok
22:03:14.0178 9212 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\Windows\system32\drivers\MSTEE.sys
22:03:14.0245 9212 MSTEE - ok
22:03:14.0280 9212 MTConfig (33599130f44e1f34631cea241de8ac84) C:\Windows\system32\DRIVERS\MTConfig.sys
22:03:14.0345 9212 MTConfig - ok
22:03:14.0390 9212 Mup (159fad02f64e6381758c990f753bcc80) C:\Windows\system32\Drivers\mup.sys
22:03:14.0457 9212 Mup - ok
22:03:14.0555 9212 MxEFUF (7f8529d104ad6120d081a41dad26ec22) C:\Windows\system32\DRIVERS\MxEFUF32.sys
22:03:14.0641 9212 MxEFUF - ok
22:03:14.0694 9212 NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\Windows\system32\DRIVERS\nwifi.sys
22:03:14.0745 9212 NativeWifiP - ok
22:03:14.0807 9212 NDIS (e7c54812a2aaf43316eb6930c1ffa108) C:\Windows\system32\drivers\ndis.sys
22:03:14.0874 9212 NDIS - ok
22:03:14.0960 9212 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\Windows\system32\DRIVERS\ndiscap.sys
22:03:15.0059 9212 NdisCap - ok
22:03:15.0123 9212 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:\Windows\system32\DRIVERS\ndistapi.sys
22:03:15.0207 9212 NdisTapi - ok
22:03:15.0273 9212 Ndisuio (d8a65dafb3eb41cbb622745676fcd072) C:\Windows\system32\DRIVERS\ndisuio.sys
22:03:15.0386 9212 Ndisuio - ok
22:03:15.0484 9212 NdisWan (38fbe267e7e6983311179230facb1017) C:\Windows\system32\DRIVERS\ndiswan.sys
22:03:15.0598 9212 NdisWan - ok
22:03:15.0633 9212 NDProxy (a4bdc541e69674fbff1a8ff00be913f2) C:\Windows\system32\drivers\NDProxy.sys
22:03:15.0709 9212 NDProxy - ok
22:03:15.0755 9212 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:\Windows\system32\DRIVERS\netbios.sys
22:03:15.0835 9212 NetBIOS - ok
22:03:15.0876 9212 NetBT (280122ddcf04b378edd1ad54d71c1e54) C:\Windows\system32\DRIVERS\netbt.sys
22:03:15.0986 9212 NetBT - ok
22:03:16.0178 9212 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:\Windows\system32\DRIVERS\nfrd960.sys
22:03:16.0225 9212 nfrd960 - ok
22:03:16.0278 9212 NisDrv (7b01c6172cfd0b10116175e09200d4b4) C:\Windows\system32\DRIVERS\NisDrvWFP.sys
22:03:16.0333 9212 NisDrv - ok
22:03:16.0384 9212 Npfs (1db262a9f8c087e8153d89bef3d2235f) C:\Windows\system32\drivers\Npfs.sys
22:03:16.0724 9212 Npfs - ok
22:03:16.0767 9212 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:\Windows\system32\drivers\nsiproxy.sys
22:03:16.0841 9212 nsiproxy - ok
22:03:16.0913 9212 Ntfs (81189c3d7763838e55c397759d49007a) C:\Windows\system32\drivers\Ntfs.sys
22:03:17.0183 9212 Ntfs - ok
22:03:17.0211 9212 Null (f9756a98d69098dca8945d62858a812c) C:\Windows\system32\drivers\Null.sys
22:03:17.0285 9212 Null - ok
22:03:17.0331 9212 nvraid (b3e25ee28883877076e0e1ff877d02e0) C:\Windows\system32\drivers\nvraid.sys
22:03:17.0416 9212 nvraid - ok
22:03:17.0452 9212 nvstor (4380e59a170d88c4f1022eff6719a8a4) C:\Windows\system32\drivers\nvstor.sys
22:03:17.0539 9212 nvstor - ok
22:03:17.0584 9212 nv_agp (5a0983915f02bae73267cc2a041f717d) C:\Windows\system32\drivers\nv_agp.sys
22:03:17.0629 9212 nv_agp - ok
22:03:17.0674 9212 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) C:\Windows\system32\drivers\ohci1394.sys
22:03:17.0738 9212 ohci1394 - ok
22:03:17.0828 9212 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) C:\Windows\system32\DRIVERS\parport.sys
22:03:17.0896 9212 Parport - ok
22:03:17.0933 9212 partmgr (bf8f6af06da75b336f07e23aef97d93b) C:\Windows\system32\drivers\partmgr.sys
22:03:18.0001 9212 partmgr - ok
22:03:18.0035 9212 Parvdm (eb0a59f29c19b86479d36b35983daadc) C:\Windows\system32\DRIVERS\parvdm.sys
22:03:18.0121 9212 Parvdm - ok
22:03:18.0190 9212 pci (673e55c3498eb970088e812ea820aa8f) C:\Windows\system32\drivers\pci.sys
22:03:18.0237 9212 pci - ok
22:03:18.0275 9212 pciide (afe86f419014db4e5593f69ffe26ce0a) C:\Windows\system32\DRIVERS\pciide.sys
22:03:18.0311 9212 pciide - ok
22:03:18.0353 9212 pcmcia (f396431b31693e71e8a80687ef523506) C:\Windows\system32\DRIVERS\pcmcia.sys
22:03:18.0400 9212 pcmcia - ok
22:03:18.0437 9212 pcw (250f6b43d2b613172035c6747aeeb19f) C:\Windows\system32\drivers\pcw.sys
22:03:18.0513 9212 pcw - ok
22:03:18.0569 9212 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) C:\Windows\system32\drivers\peauth.sys
22:03:18.0690 9212 PEAUTH - ok
22:03:18.0805 9212 pelmouse (b754843441eccf1df3a2064a020fc63e) C:\Windows\system32\DRIVERS\pelmouse.sys
22:03:18.0932 9212 pelmouse - ok
22:03:18.0979 9212 pelps2m (7252c75a4820a25740b8eb170d02511a) C:\Windows\system32\DRIVERS\pelps2m.sys
22:03:19.0036 9212 pelps2m - ok
22:03:19.0269 9212 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) C:\Windows\system32\DRIVERS\raspptp.sys
22:03:19.0398 9212 PptpMiniport - ok
22:03:19.0446 9212 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) C:\Windows\system32\DRIVERS\processr.sys
22:03:19.0541 9212 Processor - ok
22:03:19.0619 9212 Psched (6270ccae2a86de6d146529fe55b3246a) C:\Windows\system32\DRIVERS\pacer.sys
22:03:19.0766 9212 Psched - ok
22:03:19.0845 9212 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) C:\Windows\system32\DRIVERS\ql2300.sys
22:03:20.0002 9212 ql2300 - ok
22:03:20.0129 9212 ql40xx (b4dd51dd25182244b86737dc51af2270) C:\Windows\system32\DRIVERS\ql40xx.sys
22:03:20.0226 9212 ql40xx - ok
22:03:20.0304 9212 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) C:\Windows\system32\drivers\qwavedrv.sys
22:03:20.0382 9212 QWAVEdrv - ok
22:03:20.0483 9212 RasAcd (30a81b53c766d0133bb86d234e5556ab) C:\Windows\system32\DRIVERS\rasacd.sys
22:03:20.0583 9212 RasAcd - ok
22:03:20.0642 9212 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) C:\Windows\system32\DRIVERS\AgileVpn.sys
22:03:20.0783 9212 RasAgileVpn - ok
22:03:20.0897 9212 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) C:\Windows\system32\DRIVERS\rasl2tp.sys
22:03:21.0005 9212 Rasl2tp - ok
22:03:21.0047 9212 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) C:\Windows\system32\DRIVERS\raspppoe.sys
22:03:21.0121 9212 RasPppoe - ok
22:03:21.0159 9212 RasSstp (44101f495a83ea6401d886e7fd70096b) C:\Windows\system32\DRIVERS\rassstp.sys
22:03:21.0277 9212 RasSstp - ok
22:03:21.0327 9212 rdbss (d528bc58a489409ba40334ebf96a311b) C:\Windows\system32\DRIVERS\rdbss.sys
22:03:21.0428 9212 rdbss - ok
22:03:21.0489 9212 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) C:\Windows\system32\DRIVERS\rdpbus.sys
22:03:21.0567 9212 rdpbus - ok
22:03:21.0612 9212 RDPCDD (23dae03f29d253ae74c44f99e515f9a1) C:\Windows\system32\DRIVERS\RDPCDD.sys
22:03:21.0696 9212 RDPCDD - ok
22:03:21.0782 9212 RDPDR (b973fcfc50dc1434e1970a146f7e3885) C:\Windows\system32\drivers\rdpdr.sys
22:03:21.0971 9212 RDPDR - ok
22:03:22.0110 9212 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) C:\Windows\system32\drivers\rdpencdd.sys
22:03:22.0179 9212 RDPENCDD - ok
22:03:22.0258 9212 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\Windows\system32\drivers\rdprefmp.sys
22:03:22.0343 9212 RDPREFMP - ok
22:03:22.0467 9212 RdpVideoMiniport (68a0387f58e226deee23d9715955572a) C:\Windows\system32\drivers\rdpvideominiport.sys
22:03:22.0634 9212 RdpVideoMiniport - ok
22:03:22.0800 9212 RDPWD (244c83332f44589ae98fc347f11b2693) C:\Windows\system32\drivers\RDPWD.sys
22:03:22.0993 9212 RDPWD - ok
22:03:23.0142 9212 rdyboost (518395321dc96fe2c9f0e96ac743b656) C:\Windows\system32\drivers\rdyboost.sys
22:03:23.0282 9212 rdyboost - ok
22:03:23.0349 9212 Reader_1000 (060587f7921896424ef0263d63002d84) C:\Windows\system32\DRIVERS\usbic1k.sys
22:03:23.0413 9212 Reader_1000 - ok
22:03:23.0495 9212 RFCOMM (cb928d9e6daf51879dd6ba8d02f01321) C:\Windows\system32\DRIVERS\rfcomm.sys
22:03:23.0554 9212 RFCOMM - ok
22:03:23.0593 9212 rimmptsk (d65ac8797f0286ed269500747d6290a4) C:\Windows\system32\DRIVERS\rimmptsk.sys
22:03:23.0707 9212 rimmptsk - ok
22:03:23.0795 9212 rimsptsk (49ec82b44eb93374ed9988da7e0e0151) C:\Windows\system32\DRIVERS\rimsptsk.sys
22:03:23.0879 9212 rimsptsk - ok
22:03:23.0944 9212 risdptsk (ac6a2051e0f40cc59a3389c82616c16b) C:\Windows\system32\DRIVERS\risdptsk.sys
22:03:24.0046 9212 risdptsk - ok
22:03:24.0127 9212 rismxdp (3f400c3ccd0818858602ddb37b5de719) C:\Windows\system32\DRIVERS\rixdptsk.sys
22:03:24.0199 9212 rismxdp - ok
22:03:24.0357 9212 rspndr (032b0d36ad92b582d869879f5af5b928) C:\Windows\system32\DRIVERS\rspndr.sys
22:03:24.0470 9212 rspndr - ok
22:03:24.0534 9212 s3cap (7fa7f2e249a5dcbb7970630e15e1f482) C:\Windows\system32\drivers\vms3cap.sys
22:03:24.0679 9212 s3cap - ok
22:03:24.0771 9212 sbp2port (05d860da1040f111503ac416ccef2bca) C:\Windows\system32\drivers\sbp2port.sys
22:03:24.0836 9212 sbp2port - ok
22:03:24.0895 9212 scfilter (0693b5ec673e34dc147e195779a4dcf6) C:\Windows\system32\DRIVERS\scfilter.sys
22:03:24.0969 9212 scfilter - ok
22:03:25.0038 9212 sdbus (0328be1c7f1cba23848179f8762e391c) C:\Windows\system32\drivers\sdbus.sys
22:03:25.0102 9212 sdbus - ok
22:03:25.0162 9212 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
22:03:25.0239 9212 secdrv - ok
22:03:25.0317 9212 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) C:\Windows\system32\DRIVERS\serenum.sys
22:03:25.0371 9212 Serenum - ok
22:03:25.0410 9212 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\Windows\system32\DRIVERS\serial.sys
22:03:25.0554 9212 Serial - ok
22:03:25.0626 9212 sermouse (79bffb520327ff916a582dfea17aa813) C:\Windows\system32\DRIVERS\sermouse.sys
22:03:25.0711 9212 sermouse - ok
22:03:25.0984 9212 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) C:\Windows\system32\drivers\sffdisk.sys
22:03:26.0092 9212 sffdisk - ok
22:03:26.0214 9212 sffp_mmc (932a68ee27833cfd57c1639d375f2731) C:\Windows\system32\drivers\sffp_mmc.sys
22:03:26.0286 9212 sffp_mmc - ok
22:03:26.0351 9212 sffp_sd (6d4ccaedc018f1cf52866bbbaa235982) C:\Windows\system32\drivers\sffp_sd.sys
22:03:26.0436 9212 sffp_sd - ok
22:03:26.0527 9212 sfloppy (db96666cc8312ebc45032f30b007a547) C:\Windows\system32\DRIVERS\sfloppy.sys
22:03:26.0602 9212 sfloppy - ok
22:03:26.0817 9212 sisagp (2565cac0dc9fe0371bdce60832582b2e) C:\Windows\system32\drivers\sisagp.sys
22:03:26.0873 9212 sisagp - ok
22:03:26.0932 9212 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) C:\Windows\system32\DRIVERS\SiSRaid2.sys
22:03:26.0983 9212 SiSRaid2 - ok
22:03:27.0017 9212 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) C:\Windows\system32\DRIVERS\sisraid4.sys
22:03:27.0093 9212 SiSRaid4 - ok
22:03:27.0153 9212 skbdrv (e1e2af1a12bfb0bf4e7f78616ba17560) C:\Windows\system32\DRIVERS\skbdrv.sys
22:03:27.0232 9212 skbdrv - ok
22:03:27.0279 9212 Smb (3e21c083b8a01cb70ba1f09303010fce) C:\Windows\system32\DRIVERS\smb.sys
22:03:27.0381 9212 Smb - ok
22:03:27.0464 9212 snapman (c3bf55189aa92b8f919108ef9e4accae) C:\Windows\system32\DRIVERS\snapman.sys
22:03:27.0560 9212 snapman - ok
22:03:27.0614 9212 spldr (95cf1ae7527fb70f7816563cbc09d942) C:\Windows\system32\drivers\spldr.sys
22:03:27.0655 9212 spldr - ok
22:03:27.0780 9212 srv (e4c2764065d66ea1d2d3ebc28fe99c46) C:\Windows\system32\DRIVERS\srv.sys
22:03:27.0884 9212 srv - ok
22:03:27.0967 9212 srv2 (03f0545bd8d4c77fa0ae1ceedfcc71ab) C:\Windows\system32\DRIVERS\srv2.sys
22:03:28.0048 9212 srv2 - ok
22:03:28.0162 9212 SrvHsfHDA (e00fdfaff025e94f9821153750c35a6d) C:\Windows\system32\DRIVERS\VSTAZL3.SYS
22:03:28.0309 9212 SrvHsfHDA - ok
22:03:28.0376 9212 SrvHsfV92 (ceb4e3b6890e1e42dca6694d9e59e1a0) C:\Windows\system32\DRIVERS\VSTDPV3.SYS
22:03:28.0482 9212 SrvHsfV92 - ok
22:03:28.0539 9212 SrvHsfWinac (bc0c7ea89194c299f051c24119000e17) C:\Windows\system32\DRIVERS\VSTCNXT3.SYS
22:03:28.0616 9212 SrvHsfWinac - ok
22:03:28.0667 9212 srvnet (be6bd660caa6f291ae06a718a4fa8abc) C:\Windows\system32\DRIVERS\srvnet.sys
22:03:28.0754 9212 srvnet - ok
22:03:28.0841 9212 ssm_bus (9ece19a1a4f4896597c3bb840fbfa721) C:\Windows\system32\DRIVERS\ssm_bus.sys
22:03:28.0916 9212 ssm_bus - ok
22:03:28.0950 9212 ssm_mdfl (8e93a17a5253999a0e7c332f475699dc) C:\Windows\system32\DRIVERS\ssm_mdfl.sys
22:03:28.0993 9212 ssm_mdfl - ok
22:03:29.0037 9212 ssm_mdm (c0ba1357c63deacf3b3ccf4b989fef06) C:\Windows\system32\DRIVERS\ssm_mdm.sys
22:03:29.0116 9212 ssm_mdm - ok
22:03:29.0215 9212 stexstor (db32d325c192b801df274bfd12a7e72b) C:\Windows\system32\DRIVERS\stexstor.sys
22:03:29.0265 9212 stexstor - ok
22:03:29.0343 9212 STHDA (6a2a5e809c2c0178326d92b19ee4aad3) C:\Windows\system32\drivers\stwrt.sys
22:03:29.0452 9212 STHDA - ok
22:03:29.0617 9212 storflt (472af0311073dceceaa8fa18ba2bdf89) C:\Windows\system32\drivers\vmstorfl.sys
22:03:29.0686 9212 storflt - ok
22:03:29.0745 9212 storvsc (dcaffd62259e0bdb433dd67b5bb37619) C:\Windows\system32\drivers\storvsc.sys
22:03:29.0800 9212 storvsc - ok
22:03:29.0842 9212 swenum (e58c78a848add9610a4db6d214af5224) C:\Windows\system32\drivers\swenum.sys
22:03:29.0877 9212 swenum - ok
22:03:29.0927 9212 Synth3dVsc - ok
22:03:30.0093 9212 Tcpip (65d10b191c59c5501a1263fc33f6894b) C:\Windows\system32\drivers\tcpip.sys
22:03:30.0261 9212 Tcpip - ok
22:03:30.0379 9212 TCPIP6 (65d10b191c59c5501a1263fc33f6894b) C:\Windows\system32\DRIVERS\tcpip.sys
22:03:30.0480 9212 TCPIP6 - ok
22:03:30.0602 9212 tcpipreg (cca24162e055c3714ce5a88b100c64ed) C:\Windows\system32\drivers\tcpipreg.sys
22:03:30.0693 9212 tcpipreg - ok
22:03:30.0759 9212 TDPIPE (1cb91b2bd8f6dd367dfc2ef26fd751b2) C:\Windows\system32\drivers\tdpipe.sys
22:03:30.0848 9212 TDPIPE - ok
22:03:30.0931 9212 tdrpman (3b7b6779eb231f731bba8f9fe67aadfc) C:\Windows\system32\DRIVERS\tdrpman.sys
22:03:31.0033 9212 tdrpman - ok
22:03:31.0081 9212 TDTCP (2c2c5afe7ee4f620d69c23c0617651a8) C:\Windows\system32\drivers\tdtcp.sys
22:03:31.0138 9212 TDTCP - ok
22:03:31.0178 9212 tdx (b459575348c20e8121d6039da063c704) C:\Windows\system32\DRIVERS\tdx.sys
22:03:31.0305 9212 tdx - ok
22:03:31.0356 9212 TermDD (04dbf4b01ea4bf25a9a3e84affac9b20) C:\Windows\system32\drivers\termdd.sys
22:03:31.0420 9212 TermDD - ok
22:03:31.0550 9212 tifsfilter (b0b3122bff3910e0ba97014045467778) C:\Windows\system32\DRIVERS\tifsfilt.sys
22:03:31.0605 9212 tifsfilter - ok
22:03:31.0649 9212 timounter (13bfe330880ac0ce8672d00aa5aff738) C:\Windows\system32\DRIVERS\timntr.sys
22:03:31.0842 9212 timounter - ok
22:03:31.0903 9212 token1k (4c6f22f1c86b508aefe1386d7d6797c0) C:\Windows\system32\DRIVERS\eps1k.sys
22:03:31.0982 9212 token1k - ok
22:03:32.0156 9212 tssecsrv (254bb140eee3c59d6114c1a86b636877) C:\Windows\system32\DRIVERS\tssecsrv.sys
22:03:32.0259 9212 tssecsrv - ok
22:03:32.0327 9212 TsUsbFlt (fd1d6c73e6333be727cbcc6054247654) C:\Windows\system32\drivers\tsusbflt.sys
22:03:32.0457 9212 TsUsbFlt - ok
22:03:32.0569 9212 tsusbhub - ok
22:03:32.0677 9212 tunnel (b2fa25d9b17a68bb93d58b0556e8c90d) C:\Windows\system32\DRIVERS\tunnel.sys
22:03:32.0769 9212 tunnel - ok
22:03:32.0827 9212 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) C:\Windows\system32\DRIVERS\uagp35.sys
22:03:32.0883 9212 uagp35 - ok
22:03:32.0943 9212 udfs (ee43346c7e4b5e63e54f927babbb32ff) C:\Windows\system32\DRIVERS\udfs.sys
22:03:33.0026 9212 udfs - ok
22:03:33.0168 9212 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) C:\Windows\system32\drivers\uliagpkx.sys
22:03:33.0246 9212 uliagpkx - ok
22:03:33.0294 9212 umbus (d295bed4b898f0fd999fcfa9b32b071b) C:\Windows\system32\DRIVERS\umbus.sys
22:03:33.0352 9212 umbus - ok
22:03:33.0403 9212 UmPass (7550ad0c6998ba1cb4843e920ee0feac) C:\Windows\system32\DRIVERS\umpass.sys
22:03:33.0484 9212 UmPass - ok
22:03:33.0608 9212 USBAAPL (eafe1e00739afe6c51487a050e772e17) C:\Windows\system32\Drivers\usbaapl.sys
22:03:33.0685 9212 USBAAPL - ok
22:03:33.0733 9212 usbccgp (bd9c55d7023c5de374507acc7a14e2ac) C:\Windows\system32\DRIVERS\usbccgp.sys
22:03:33.0828 9212 usbccgp - ok
22:03:33.0882 9212 usbcir (04ec7cec62ec3b6d9354eee93327fc82) C:\Windows\system32\drivers\usbcir.sys
22:03:33.0941 9212 usbcir - ok
22:03:34.0004 9212 usbehci (f92de757e4b7ce9c07c5e65423f3ae3b) C:\Windows\system32\DRIVERS\usbehci.sys
22:03:34.0089 9212 usbehci - ok
22:03:34.0146 9212 usbhub (8dc94aec6a7e644a06135ae7506dc2e9) C:\Windows\system32\DRIVERS\usbhub.sys
22:03:34.0237 9212 usbhub - ok
22:03:34.0340 9212 usbohci (e185d44fac515a18d9deddc23c2cdf44) C:\Windows\system32\drivers\usbohci.sys
22:03:34.0395 9212 usbohci - ok
22:03:34.0458 9212 usbprint (797d862fe0875e75c7cc4c1ad7b30252) C:\Windows\system32\DRIVERS\usbprint.sys
22:03:34.0528 9212 usbprint - ok
22:03:34.0591 9212 USBSTOR (f991ab9cc6b908db552166768176896a) C:\Windows\system32\DRIVERS\USBSTOR.SYS
22:03:34.0708 9212 USBSTOR - ok
22:03:34.0758 9212 usbuhci (68df884cf41cdada664beb01daf67e3d) C:\Windows\system32\DRIVERS\usbuhci.sys
22:03:34.0837 9212 usbuhci - ok
22:03:34.0934 9212 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\Windows\system32\drivers\vdrvroot.sys
22:03:34.0993 9212 vdrvroot - ok
22:03:35.0083 9212 vga (17c408214ea61696cec9c66e388b14f3) C:\Windows\system32\DRIVERS\vgapnp.sys
22:03:35.0140 9212 vga - ok
22:03:35.0173 9212 VgaSave (8e38096ad5c8570a6f1570a61e251561) C:\Windows\System32\drivers\vga.sys
22:03:35.0261 9212 VgaSave - ok
22:03:35.0295 9212 VGPU - ok
22:03:35.0355 9212 vhdmp (5461686cca2fda57b024547733ab42e3) C:\Windows\system32\drivers\vhdmp.sys
22:03:35.0411 9212 vhdmp - ok
22:03:35.0482 9212 viaagp (c829317a37b4bea8f39735d4b076e923) C:\Windows\system32\drivers\viaagp.sys
22:03:35.0538 9212 viaagp - ok
22:03:35.0591 9212 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) C:\Windows\system32\DRIVERS\viac7.sys
22:03:35.0657 9212 ViaC7 - ok
22:03:35.0705 9212 viaide (e43574f6a56a0ee11809b48c09e4fd3c) C:\Windows\system32\drivers\viaide.sys
22:03:35.0835 9212 viaide - ok
22:03:35.0999 9212 vmbus (c2f2911156fdc7817c52829c86da494e) C:\Windows\system32\drivers\vmbus.sys
22:03:36.0107 9212 vmbus - ok
22:03:36.0153 9212 VMBusHID (d4d77455211e204f370d08f4963063ce) C:\Windows\system32\drivers\VMBusHID.sys
22:03:36.0223 9212 VMBusHID - ok
22:03:36.0299 9212 volmgr (4c63e00f2f4b5f86ab48a58cd990f212) C:\Windows\system32\drivers\volmgr.sys
22:03:36.0369 9212 volmgr - ok
22:03:36.0431 9212 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\Windows\system32\drivers\volmgrx.sys
22:03:36.0487 9212 volmgrx - ok
22:03:36.0575 9212 volsnap (f497f67932c6fa693d7de2780631cfe7) C:\Windows\system32\drivers\volsnap.sys
22:03:36.0644 9212 volsnap - ok
22:03:36.0760 9212 vsmraid (9dfa0cc2f8855a04816729651175b631) C:\Windows\system32\DRIVERS\vsmraid.sys
22:03:36.0862 9212 vsmraid - ok
22:03:36.0927 9212 vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) C:\Windows\system32\DRIVERS\vwifibus.sys
22:03:36.0988 9212 vwifibus - ok
22:03:37.0057 9212 vwififlt (7090d3436eeb4e7da3373090a23448f7) C:\Windows\system32\DRIVERS\vwififlt.sys
22:03:37.0179 9212 vwififlt - ok
22:03:37.0218 9212 vwifimp (a3f04cbea6c2a10e6cb01f8b47611882) C:\Windows\system32\DRIVERS\vwifimp.sys
22:03:37.0262 9212 vwifimp - ok
22:03:37.0345 9212 WacomPen (de3721e89c653aa281428c8a69745d90) C:\Windows\system32\DRIVERS\wacompen.sys
22:03:37.0444 9212 WacomPen - ok
22:03:37.0502 9212 WANARP (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys
22:03:37.0601 9212 WANARP - ok
22:03:37.0622 9212 Wanarpv6 (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys
22:03:37.0714 9212 Wanarpv6 - ok
22:03:37.0969 9212 Wd (1112a9badacb47b7c0bb0392e3158dff) C:\Windows\system32\DRIVERS\wd.sys
22:03:38.0021 9212 Wd - ok
22:03:38.0072 9212 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys
22:03:38.0148 9212 Wdf01000 - ok
22:03:38.0319 9212 WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) C:\Windows\system32\DRIVERS\wfplwf.sys
22:03:38.0381 9212 WfpLwf - ok
22:03:38.0422 9212 WIMMount (5cf95b35e59e2a38023836fff31be64c) C:\Windows\system32\drivers\wimmount.sys
22:03:38.0459 9212 WIMMount - ok
22:03:38.0562 9212 winachsf (115946a53b62a6b171fd0ed197c71d52) C:\Windows\system32\DRIVERS\HSF_CNXT.sys
22:03:38.0629 9212 winachsf - ok
22:03:39.0063 9212 WinUsb (a67e5f9a400f3bd1be3d80613b45f708) C:\Windows\system32\DRIVERS\WinUsb.sys
22:03:39.0160 9212 WinUsb - ok
22:03:39.0263 9212 WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) C:\Windows\system32\drivers\wmiacpi.sys
22:03:39.0319 9212 WmiAcpi - ok
22:03:39.0502 9212 ws2ifsl (6db3276587b853bf886b69528fdb048c) C:\Windows\system32\drivers\ws2ifsl.sys
22:03:39.0641 9212 ws2ifsl - ok
22:03:39.0795 9212 WudfPf (e714a1c0354636837e20ccbf00888ee7) C:\Windows\system32\drivers\WudfPf.sys
22:03:39.0920 9212 WudfPf - ok
22:03:39.0980 9212 WUDFRd (1023ee888c9b47178c5293ed5336ab69) C:\Windows\system32\DRIVERS\WUDFRd.sys
22:03:40.0140 9212 WUDFRd - ok
22:03:40.0260 9212 XAudio (894f963be999ba9db5aac3aed55b115d) C:\Windows\system32\DRIVERS\XAudio32.sys
22:03:40.0378 9212 XAudio - ok
22:03:40.0554 9212 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
22:03:40.0774 9212 \Device\Harddisk0\DR0 - ok
22:03:40.0780 9212 MBR (0x1B8) (180dbde3af7ea48b3db3ac27b1ddf401) \Device\Harddisk2\DR4
22:03:41.0330 9212 \Device\Harddisk2\DR4 - ok
22:03:41.0338 9212 Boot (0x1200) (4cdc623637fb1c10d4e8fc7c5ca627f2) \Device\Harddisk0\DR0\Partition0
22:03:41.0340 9212 \Device\Harddisk0\DR0\Partition0 - ok
22:03:41.0352 9212 Boot (0x1200) (86d208db654d50496b867be03d81e74d) \Device\Harddisk0\DR0\Partition1
22:03:41.0355 9212 \Device\Harddisk0\DR0\Partition1 - ok
22:03:41.0360 9212 Boot (0x1200) (e2e49918a7164dfecb8ef4db0b7603fb) \Device\Harddisk2\DR4\Partition0
22:03:41.0363 9212 \Device\Harddisk2\DR4\Partition0 - ok
22:03:41.0368 9212 ============================================================
22:03:41.0368 9212 Scan finished
22:03:41.0368 9212 ============================================================
22:03:41.0398 9008 Detected object count: 6
22:03:41.0398 9008 Actual detected object count: 6
22:06:46.0973 9008 FeMouWDM ( UnsignedFile.Multi.Generic ) - skipped by user
22:06:46.0973 9008 FeMouWDM ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:06:46.0976 9008 FsUsbExDisk ( UnsignedFile.Multi.Generic ) - skipped by user
22:06:46.0976 9008 FsUsbExDisk ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:06:46.0983 9008 HSFHWAZL ( UnsignedFile.Multi.Generic ) - skipped by user
22:06:46.0983 9008 HSFHWAZL ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:06:46.0984 9008 HSF_DPV ( UnsignedFile.Multi.Generic ) - skipped by user
22:06:46.0984 9008 HSF_DPV ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:06:46.0986 9008 mcdbus ( UnsignedFile.Multi.Generic ) - skipped by user
22:06:46.0987 9008 mcdbus ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:06:46.0989 9008 moufiltr ( UnsignedFile.Multi.Generic ) - skipped by user
22:06:46.0989 9008 moufiltr ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:08:15.0366 10108 Deinitialize success

----------------------------------------------------

2. Malwarebytes' Anti-Malware log

Malwarebytes Anti-Malware (PRO) 1.60.1.1000
www.malwarebytes.org

Database version: v2012.03.19.04

Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 9.0.8112.16421
Om Deva :: OMDEVA-PC [administrator]

Protection: Enabled

19-Mar-12 22:10:21
mbam-log-2012-03-19 (22-10-21).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 182337
Time elapsed: 18 minute(s), 11 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

----------------------------------------------------

3. a new fresh DDS log file

.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_31
Run by Om Deva at 10:31:29 on 2012-03-20
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1033.18.2038.855 [GMT 5.5:30]
.
AV: Microsoft Security Essentials *Enabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}
SP: Microsoft Security Essentials *Enabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe
C:\Windows\system32\conhost.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
C:\Program Files\Sigmatel\C-Major Audio\WDM\aestsrv.exe
C:\Windows\system32\taskhost.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\Dwm.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\FsUsbExService.Exe
C:\Windows\system32\svchost.exe -k HsfXAudioService
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
C:\Program Files\Perfios\perfios_winsvc.exe
C:\Program Files\Airtel NetXpert\bin\sprtsvc.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Airtel NetXpert\bin\tgsrvc.exe
C:\Program Files\Common Files\Acronis\Fomatik\TrueImageTryStartService.exe
C:\Program Files\Common Files\Authentium\AntiVirus5\vsedsps.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe
C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe
C:\Program Files\Common Files\Authentium\AntiVirus5\vseamps.exe
C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\iolo\Common\Lib\ioloServiceManager.exe
C:\Program Files\iolo\System Mechanic Professional\SystemGuardAlerter.exe
C:\Windows\WindowsMobile\wmdc.exe
C:\Program Files\Airtel NetXpert\bin\sprtcmd.exe
C:\Program Files\Real\RealPlayer\Update\realsched.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\System32\r3proxy.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Hide My IP\HideMyIP.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Innovative Solutions\DriverMax\drivermax.exe
C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe
C:\Program Files\Common Files\Apple\Internet Services\ubd.exe
C:\Program Files\Google\Google Calendar Sync\GoogleCalendarSync.exe
C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe
C:\Program Files\MagicDisc\MagicDisc.exe
C:\Program Files\iolo\System Mechanic Professional\System Shield\ioloSSTray.exe
C:\Program Files\Common Files\Apple\Apple Application Support\distnoted.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\svchost.exe -k WindowsMobile
C:\Windows\system32\WUDFHost.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Hide My IP\HideMyIpSrv.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\taskmgr.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Windows\system32\msiexec.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\wmiprvse.exe
c:\program files\real\realplayer\RealPlay.exe
C:\Windows\system32\conhost.exe
.
============== Pseudo HJT Report ===============
.
uWindow Title = Internet Explorer, optimized for Bing and MSN
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - c:\programdata\real\realplayer\browserrecordplugin\ie\rpbrowserrecordplugin.dll
BHO: Java™ Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
uRun: [HideMyIP] c:\program files\hide my ip\HideMyIP.exe
uRun: [Google Update] "c:\users\om deva\appdata\local\google\update\GoogleUpdate.exe" /c
uRun: [DriverMax] "c:\program files\innovative solutions\drivermax\drivermax.exe" -agent
uRun: [DriverMax_RESTART] "c:\program files\innovative solutions\drivermax\drivermax.exe" -RESTART
uRun: [AutoStartNPSAgent] c:\program files\samsung\samsung new pc studio\NPSAgent.exe
uRun: [MobileDocuments] c:\program files\common files\apple\internet services\ubd.exe
mRun: [iolo Startup] "c:\program files\iolo\common\lib\ioloLManager.exe"
mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray
mRun: [Mouse Suite 98 Daemon] ico.EXE
mRun: [TrueImageMonitor.exe] c:\program files\acronis\trueimagehome\TrueImageMonitor.exe
mRun: [AcronisTimounterMonitor] c:\program files\acronis\trueimagehome\TimounterMonitor.exe
mRun: [Acronis Scheduler2 Service] "c:\program files\common files\acronis\schedule2\schedhlp.exe"
mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey
mRun: [InnovativeMemoryOptimizer] c:\program files\innovative solutions\innovative system optimizer - version 4\MemoryOptimizer.exe
mRun: [Windows Mobile Device Center] %windir%\WindowsMobile\wmdc.exe
mRun: [NPSStartup]
mRun: [netxpert] "c:\program files\airtel netxpert\bin\sprtcmd.exe" /P netxpert
mRun: [TkBellExe] "c:\program files\real\realplayer\update\realsched.exe" -osboot
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [Fellowes Proxy] c:\windows\system32\r3proxy.exe
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
StartupFolder: c:\users\omdeva~1\appdata\roaming\micros~1\windows\startm~1\programs\startup\magicd~1.lnk - c:\program files\magicdisc\MagicDisc.exe
StartupFolder: c:\users\omdeva~1\appdata\roaming\micros~1\windows\startm~1\programs\startup\openof~1.lnk - c:\program files\openoffice.org 3\program\quickstart.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\google~1.lnk - c:\program files\google\google calendar sync\GoogleCalendarSync.exe
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBC} - c:\program files\java\jre6\bin\ssv.dll
IE: {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - c:\windows\windowsmobile\INetRepl.dll
IE: {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - c:\windows\windowsmobile\INetRepl.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL
LSP: c:\windows\system32\HMIPCore.dll
LSP: c:\windows\system32\iavlsp.dll
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{7A511D57-6A8D-448B-8D3F-419488EC3A50} : DhcpNameServer = 192.168.1.1
Notify: igfxcui - igfxdev.dll
LSA: Authentication Packages = msv1_0 relog_ap
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\om deva\appdata\roaming\mozilla\firefox\profiles\0jmy17v4.default\
FF - prefs.js: browser.startup.homepage - hxxps://www.google.com/
FF - plugin: c:\program files\foxit software\foxit reader\plugins\npFoxitReaderPlugin.dll
FF - plugin: c:\program files\google\picasa3\npPicasa3.dll
FF - plugin: c:\program files\google\update\1.3.21.99\npGoogleUpdate3.dll
FF - plugin: c:\program files\java\jre6\bin\plugin2\npdeployJava1.dll
FF - plugin: c:\program files\java\jre6\bin\plugin2\npjp2.dll
FF - plugin: c:\program files\microsoft silverlight\4.1.10111.0\npctrlui.dll
FF - plugin: c:\programdata\real\realplayer\browserrecordplugin\mozillaplugins\nprpchromebrowserrecordext.dll
FF - plugin: c:\programdata\real\realplayer\browserrecordplugin\mozillaplugins\nprphtml5videoshim.dll
FF - plugin: c:\users\om deva\appdata\local\google\update\1.3.21.99\npGoogleUpdate3.dll
.
============= SERVICES / DRIVERS ===============
.
R0 MxEFUF;Matrox Extio Upper Function Filter;c:\windows\system32\drivers\MxEFUF32.sys [2012-3-13 108544]
R1 ElRawDisk;ElRawDisk;c:\windows\system32\drivers\ElRawDsk.sys [2012-3-8 20392]
R1 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2011-4-18 165648]
R1 MpKsl01203030;MpKsl01203030;c:\programdata\microsoft\microsoft antimalware\definition updates\{1a000d8f-418d-4bf8-b386-9b6c2d30ddb8}\MpKsl01203030.sys [2012-3-20 29904]
R1 MpKsl5b4ac7bc;MpKsl5b4ac7bc;c:\programdata\microsoft\microsoft antimalware\definition updates\{1a000d8f-418d-4bf8-b386-9b6c2d30ddb8}\MpKsl5b4ac7bc.sys [2012-3-19 29904]
R1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\drivers\vwififlt.sys [2009-7-14 48128]
R2 AESTFilters;Andrea ST Filters Service;c:\program files\sigmatel\c-major audio\wdm\AEstSrv.exe [2012-2-22 73728]
R2 AMP;Active Malware Protection Minifilter Driver;c:\windows\system32\drivers\amp.sys [2011-9-28 138048]
R2 AMPSE;Active Malware Protection Support Driver;c:\windows\system32\drivers\ampse.sys [2012-2-9 1189184]
R2 FsUsbExService;FsUsbExService;c:\windows\system32\FsUsbExService.Exe [2012-3-6 238952]
R2 HsfXAudioService;HsfXAudioService;c:\windows\system32\svchost.exe -k HsfXAudioService [2009-7-14 20992]
R2 ioloSystemService;iolo System Service;c:\program files\iolo\common\lib\ioloServiceManager.exe [2012-2-9 722616]
R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2012-2-9 652360]
R2 Perfios_Service;Perfios_Service;c:\program files\perfios\perfios_winsvc.exe [2010-8-26 122368]
R2 sprtsvc_netxpert;SupportSoft Sprocket Service (netxpert);c:\program files\airtel netxpert\bin\sprtsvc.exe [2012-3-8 206120]
R2 tgsrvc_netxpert;SupportSoft Repair Service (netxpert);c:\program files\airtel netxpert\bin\tgsrvc.exe [2012-3-8 185640]
R2 vseamps;vseamps;c:\program files\common files\authentium\antivirus5\vseamps.exe [2011-9-28 97088]
R2 vsedsps;vsedsps;c:\program files\common files\authentium\antivirus5\vsedsps.exe [2011-9-28 97088]
R3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2012-2-9 361000]
R3 FeMouWDM;Fellowes Mouse Driver;c:\windows\system32\drivers\FeMouWDM.sys [2012-3-13 12672]
R3 FsUsbExDisk;FsUsbExDisk;c:\windows\system32\FsUsbExDisk.Sys [2012-3-6 36608]
R3 HideMyIpSRV;HideMyIpSRV;c:\program files\hide my ip\HideMyIpSrv.exe [2012-2-9 3249512]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-2-9 20464]
R3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\drivers\MpNWMon.sys [2011-4-18 43392]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\drivers\NisDrvWFP.sys [2011-4-27 65024]
R3 NisSrv;Microsoft Network Inspection;c:\program files\microsoft security client\antimalware\NisSrv.exe [2011-4-27 208944]
R3 Reader_1000;USB SmartCard Reader Device 1000 ;c:\windows\system32\drivers\usbic1k.SYS [2007-4-25 12672]
R3 skbdrv;Encassa CoDefender;c:\windows\system32\drivers\skbdrv.sys [2012-2-10 52528]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\drivers\vwifimp.sys [2009-7-14 14336]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2012-2-9 136176]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2012-2-9 136176]
S3 hwusbfake;Huawei DataCard USB Fake;c:\windows\system32\drivers\ewusbfake.sys [2012-2-12 103040]
S3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\mozilla maintenance service\maintenanceservice.exe [2012-3-19 129976]
S3 pelps2m;PS/2 Mouse Filter Driver;c:\windows\system32\drivers\pelps2m.sys [2012-2-9 40448]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-2-10 15872]
S3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\drivers\VSTAZL3.SYS [2009-7-14 207360]
S3 SrvHsfV92;SrvHsfV92;c:\windows\system32\drivers\VSTDPV3.SYS [2009-7-14 980992]
S3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\drivers\VSTCNXT3.SYS [2009-7-14 661504]
S3 token1k;usb driver for epass1k;c:\windows\system32\drivers\eps1k.sys [2007-4-25 26368]
S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2012-2-10 52224]
S3 vseqrts;vseqrts;c:\program files\common files\authentium\antivirus5\vseqrts.exe [2011-9-28 142144]
S3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\wat\WatAdminSvc.exe [2012-2-9 1343400]
.
=============== File Associations ===============
.
JSEFile=NOTEPAD.EXE %1
VBEFile=NOTEPAD.EXE %1
VBSFile=NOTEPAD.EXE %1
.
=============== Created Last 30 ================
.
2012-03-20 04:52:01 29904 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{1a000d8f-418d-4bf8-b386-9b6c2d30ddb8}\MpKsl01203030.sys
2012-03-19 08:28:09 -------- d-----w- c:\program files\Mozilla Maintenance Service
2012-03-19 08:27:54 129976 ----a-w- c:\program files\mozilla firefox\maintenanceservice.exe
2012-03-19 08:27:53 145960 ----a-w- c:\program files\mozilla firefox\maintenanceservice_installer.exe
2012-03-19 08:16:32 29904 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{1a000d8f-418d-4bf8-b386-9b6c2d30ddb8}\MpKsl5b4ac7bc.sys
2012-03-19 02:47:09 6552120 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{1a000d8f-418d-4bf8-b386-9b6c2d30ddb8}\mpengine.dll
2012-03-18 07:57:06 -------- d-----w- c:\program files\MagicISO
2012-03-16 03:02:43 -------- d-----w- c:\program files\iPod
2012-03-16 02:48:45 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin7.dll
2012-03-16 02:48:44 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin6.dll
2012-03-16 02:48:44 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin5.dll
2012-03-16 02:48:43 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin4.dll
2012-03-16 02:48:42 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin3.dll
2012-03-16 02:48:41 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin2.dll
2012-03-16 02:48:41 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin.dll
2012-03-16 02:46:04 -------- d-----w- c:\users\om deva\appdata\local\Diagnostics
2012-03-15 00:20:47 3968368 ----a-w- c:\windows\system32\ntkrnlpa.exe
2012-03-15 00:20:45 3913584 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-03-14 23:55:53 2343424 ----a-w- c:\windows\system32\win32k.sys
2012-03-14 23:55:51 1077248 ----a-w- c:\windows\system32\DWrite.dll
2012-03-14 03:17:06 8192 ----a-w- c:\windows\system32\rdrmemptylst.exe
2012-03-14 03:17:06 129536 ----a-w- c:\windows\system32\rdpcorekmts.dll
2012-03-14 03:17:05 58880 ----a-w- c:\windows\system32\rdpwsx.dll
2012-03-14 03:17:03 919040 ----a-w- c:\windows\system32\rdpcorets.dll
2012-03-14 03:17:03 826880 ----a-w- c:\windows\system32\rdpcore.dll
2012-03-14 03:17:02 24576 ----a-w- c:\windows\system32\drivers\tdtcp.sys
2012-03-14 03:17:02 183808 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-03-13 12:10:46 -------- d-----w- c:\program files\IDT
2012-03-13 12:09:07 915968 ----a-w- c:\windows\system32\stapo.dll
2012-03-13 12:09:07 495104 ----a-w- c:\windows\system32\stapi32.dll
2012-03-13 12:09:07 328704 ----a-w- c:\windows\system32\stcplx.dll
2012-03-13 12:09:05 176128 ----a-w- c:\windows\system32\st326233.dll
2012-03-13 12:07:14 98304 ----a-w- c:\windows\system32\r3proxy.exe
2012-03-13 12:07:14 2387968 ----a-w- c:\windows\system32\FEzPtCPL.dll
2012-03-13 12:07:14 12672 ----a-w- c:\windows\system32\drivers\FeMouWDM.sys
2012-03-13 12:07:13 131072 ----a-w- c:\windows\system32\language.dll
2012-03-13 12:06:50 90112 ----a-w- c:\windows\system32\femouse.dll
2012-03-13 11:55:21 140288 ----a-w- c:\windows\system32\igfxtvcx.dll
2012-03-13 11:30:36 985472 ----a-w- c:\windows\system32\drivers\HSF_DP.sys
2012-03-13 11:30:36 210688 ----a-w- c:\windows\system32\drivers\HSF_HWAZL.sys
2012-03-13 11:30:35 738360 ----a-w- c:\windows\system32\drivers\HSF_CNXT.sys
2012-03-13 11:29:47 38400 ----a-w- c:\windows\system32\drivers\rixdptsk.sys
2012-03-13 11:28:56 48128 ----a-w- c:\windows\system32\drivers\rimmptsk.sys
2012-03-13 11:27:31 44544 ----a-w- c:\windows\system32\drivers\rimsptsk.sys
2012-03-13 11:22:55 108544 ----a-w- c:\windows\system32\drivers\MxEFUF32.sys
2012-03-13 11:20:28 4703232 ----a-w- c:\windows\system32\drivers\BCMWL63.SYS
2012-03-13 11:16:13 -------- d-----w- C:\Intel
2012-03-13 11:12:47 81920 ----a-w- c:\windows\system32\igfxCoIn_v2226.dll
2012-03-13 11:12:45 208896 ----a-w- c:\windows\system32\iglhsip32.dll
2012-03-13 11:12:44 147456 ----a-w- c:\windows\system32\iglhcp32.dll
2012-03-13 11:12:43 874048 ----a-w- c:\windows\system32\igkrng575.bin
2012-03-13 11:12:39 86528 ----a-w- c:\windows\system32\igfxresn.lrc
2012-03-13 11:12:37 4096 ----a-w- c:\windows\system32\IGFXDEVLib.dll
2012-03-13 11:12:36 104796 ----a-w- c:\windows\system32\igfcg575m.bin
2012-03-13 11:12:30 127868 ----a-w- c:\windows\system32\igcompkrng575.bin
2012-03-13 11:12:25 3157784 ----a-w- c:\windows\system32\GfxUI.exe
2012-03-13 11:12:25 120320 ----a-w- c:\windows\system32\gfxSrvc.dll
2012-03-13 11:12:24 452440 ----a-w- c:\windows\system32\d3dx10_40.dll
2012-03-12 14:52:31 -------- d-----w- c:\program files\common files\xing shared
2012-03-09 06:34:01 -------- d-----w- c:\users\om deva\appdata\local\Jaksta_Technologies_Pty_L
2012-03-09 06:30:25 -------- d-----w- c:\program files\Applian Technologies
2012-03-09 06:29:15 -------- d-----w- c:\programdata\Applian
2012-03-08 04:24:42 -------- d-----w- c:\program files\common files\SupportSoft
2012-03-08 04:22:56 -------- d-----w- c:\users\om deva\appdata\local\SupportSoft
2012-03-08 04:22:55 -------- d-----w- c:\program files\Airtel NetXpert
2012-03-08 03:06:49 20392 ----a-w- c:\windows\system32\drivers\ElRawDsk.sys
2012-03-08 03:05:33 -------- d-----w- c:\program files\MSXML 4.0
2012-03-07 13:36:47 -------- d-----w- c:\program files\Perfios
2012-03-06 17:37:39 12416 ----a-w- c:\windows\system32\drivers\ssm_whnt.sys
2012-03-06 17:37:39 12416 ----a-w- c:\windows\system32\drivers\ssm_wh.sys
2012-03-06 17:37:38 14848 ----a-w- c:\windows\system32\drivers\ssm_mdfl.sys
2012-03-06 17:37:38 132608 ----a-w- c:\windows\system32\drivers\ssm_mdm.sys
2012-03-06 17:37:38 12544 ----a-w- c:\windows\system32\drivers\ssm_cmnt.sys
2012-03-06 17:37:38 12544 ----a-w- c:\windows\system32\drivers\ssm_cm.sys
2012-03-06 17:37:38 104448 ----a-w- c:\windows\system32\drivers\ssm_bus.sys
2012-03-06 17:33:03 36608 ----a-w- c:\windows\system32\FsUsbExDisk.Sys
2012-03-06 17:33:03 238952 ----a-w- c:\windows\system32\FsUsbExService.Exe
2012-03-06 17:33:02 110592 ----a-w- c:\windows\system32\FsUsbExDevice.Dll
2012-03-06 17:31:54 -------- d-----w- c:\users\om deva\appdata\roaming\Samsung
2012-03-06 17:29:35 -------- d-----w- c:\program files\MarkAny
2012-03-06 17:26:45 -------- d-----w- c:\program files\Samsung
2012-03-06 17:24:23 -------- d-----w- c:\programdata\Samsung
2012-03-06 17:23:01 -------- d-----w- c:\users\om deva\appdata\local\Downloaded Installations
2012-03-06 13:10:23 86016 ------w- c:\windows\unvise32.exe
2012-03-06 13:10:11 -------- d-----w- c:\program files\Bandwidth Monitor Pro
2012-03-06 12:43:36 737280 ----a-w- c:\windows\iun6002.exe
2012-03-05 13:29:37 30512 ----a-w- c:\windows\system32\spool\prtprocs\w32x86\mdippr.dll
2012-03-05 13:29:36 29552 ----a-w- c:\windows\system32\mdimon.dll
2012-02-28 08:26:48 -------- d-----w- c:\users\om deva\appdata\roaming\Foxit Software
2012-02-22 10:15:26 73728 ----a-w- c:\windows\system32\AEstSrv.exe
2012-02-22 10:15:23 647168 ----a-w- c:\windows\system32\aestecap.dll
2012-02-22 10:15:22 53248 ----a-w- c:\windows\system32\aestaren.dll
2012-02-22 10:15:22 131072 ----a-w- c:\windows\system32\aestacap.dll
2012-02-22 10:15:21 1601536 ----a-w- c:\windows\system32\stlang.dll
2012-02-22 10:15:21 102400 ----a-w- c:\windows\system32\stacsv.exe
2012-02-22 10:15:20 4947968 ----a-w- c:\windows\system32\stacgui.cpl
2012-02-22 10:08:42 330240 ----a-w- c:\windows\system32\drivers\stwrt.sys
2012-02-22 10:08:34 146944 ----a-w- c:\windows\system32\st325614.dll
2012-02-22 10:08:33 45568 ----a-w- c:\windows\system32\ctppld.dll
2012-02-22 10:08:32 492544 ----a-w- c:\windows\system32\ctapo32.dll
2012-02-22 10:08:23 -------- d-----w- c:\program files\SigmaTel
2012-02-22 09:45:59 -------- d-----w- c:\users\om deva\My Installables
2012-02-21 06:57:37 -------- d-----w- c:\programdata\Ilium Software
2012-02-21 03:41:06 -------- d-----w- c:\windows\WindowsMobile
2012-02-20 20:15:08 14744 ----a-w- c:\users\om deva\appdata\roaming\microsoft\identitycrl\production\ppcrlconfig.dll
2012-02-20 06:08:56 -------- d-----w- c:\programdata\boost_interprocess
2012-02-20 06:05:31 -------- d-----w- c:\program files\MediaFire Express
2012-02-20 06:05:20 -------- d-----w- c:\users\om deva\appdata\local\MediaFire Express
.
==================== Find3M ====================
.
2012-03-12 17:01:56 1608 ----a-w- c:\windows\fonts\JayHo.ttf
2012-03-06 17:35:06 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-02-22 12:08:10 472808 ----a-w- c:\windows\system32\deployJava1.dll
2012-02-15 05:31:50 4547944 ----a-w- c:\windows\system32\usbaaplrc.dll
2012-02-15 05:31:50 43520 ----a-w- c:\windows\system32\drivers\usbaapl.sys
2012-02-11 06:41:28 44384 ----a-w- c:\windows\system32\drivers\tifsfilt.sys
2012-02-11 06:41:28 441760 ----a-w- c:\windows\system32\drivers\timntr.sys
2012-02-11 06:41:24 132224 ----a-w- c:\windows\system32\drivers\snapman.sys
2012-02-11 06:41:16 368480 ----a-w- c:\windows\system32\drivers\tdrpman.sys
2012-02-11 06:06:32 348160 ----a-w- c:\windows\system32\msvcr71.dll
2012-02-11 06:06:31 499712 ----a-w- c:\windows\system32\msvcp71.dll
2012-02-10 05:21:53 152576 ----a-w- c:\windows\system32\msclmd.dll
2012-02-09 07:11:36 74703 ----a-w- c:\windows\system32\mfc45.dll
2012-01-31 12:44:05 237072 ------w- c:\windows\system32\MpSigStub.exe
2012-01-12 00:19:16 4448256 ----a-w- c:\windows\system32\GPhotos.scr
2012-01-06 06:21:24 29696 ----a-w- c:\windows\system32\iolobtdfg.exe
2012-01-06 06:21:16 11776 ----a-w- c:\windows\system32\smrgdf.exe
2012-01-06 05:59:06 2083464 ----a-w- c:\windows\system32\Incinerator32.dll
2012-01-04 08:58:41 442880 ----a-w- c:\windows\system32\ntshrui.dll
2011-12-30 05:27:56 478720 ----a-w- c:\windows\system32\timedate.cpl
.
============= FINISH: 10:35:36.10 ===============

#4 Maniac

Maniac

    Forum Deity

  • Experts
  • PipPipPipPipPipPip
  • 21,392 posts
  • Gender:Male
  • Location:Bulgaria, EU

Posted 20 March 2012 - 06:10 AM

What about FixExec.txt?
My help is free, however, if you wish to make a small donation to show appreciation and to help me continue the fight against Malware, then click here paypal.gif

#5 omdevn

omdevn

    New Member

  • Members
  • Pip
  • 6 posts

Posted 20 March 2012 - 09:31 AM

Sorry for the oversight. Here it is:

FixExec by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2012 BleepingComputer.com
More Information about FixExec can be found at this link:
http://www.bleepingc...ilities/fixexec

Program started at: 03/19/2012 09:57:46 PM in x86 mode.
Windows Version: Windows 7

Checking for processes to terminate before fixing executable associations.
* No processes found to kill.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.


Program finished at: 03/19/2012 09:58:07 PM
Execution time: 0 hours(s), 0 minute(s), and 21 seconds(s)

#6 Maniac

Maniac

    Forum Deity

  • Experts
  • PipPipPipPipPipPip
  • 21,392 posts
  • Gender:Male
  • Location:Bulgaria, EU

Posted 20 March 2012 - 11:09 AM

How are things now?
My help is free, however, if you wish to make a small donation to show appreciation and to help me continue the fight against Malware, then click here paypal.gif

#7 omdevn

omdevn

    New Member

  • Members
  • Pip
  • 6 posts

Posted 20 March 2012 - 09:41 PM

Thanks for the query. I feel that my system is doing well.

You have to confirm my feelings after going through the latest Full Scan report of MalwareBytes:

Malwarebytes Anti-Malware (PRO) 1.60.1.1000
www.malwarebytes.org

Database version: v2012.03.20.02

Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 9.0.8112.16421
Om Deva :: OMDEVA-PC [administrator]

Protection: Enabled

20-Mar-12 23:03:09
mbam-log-2012-03-20 (23-03-09).txt

Scan type: Full scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 312208
Time elapsed: 3 hour(s), 50 minute(s), 3 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

#8 Maniac

Maniac

    Forum Deity

  • Experts
  • PipPipPipPipPipPip
  • 21,392 posts
  • Gender:Male
  • Location:Bulgaria, EU

Posted 21 March 2012 - 07:25 AM

Please manually delete DDS, FixExec and TDSSKiller.

Some malware prevention tips:
http://forums.malwar...=0


Safe surfing! :)
My help is free, however, if you wish to make a small donation to show appreciation and to help me continue the fight against Malware, then click here paypal.gif

#9 omdevn

omdevn

    New Member

  • Members
  • Pip
  • 6 posts

Posted 21 March 2012 - 12:25 PM

Completed the task of manually deleting DDS, FixExec and TDSSKiller.

I have gone through the malware prevention tips at the suggested site. I shall implement the tips given therein.

Thank you for all the help in securing my system from malware.

#10 Maniac

Maniac

    Forum Deity

  • Experts
  • PipPipPipPipPipPip
  • 21,392 posts
  • Gender:Male
  • Location:Bulgaria, EU

Posted 21 March 2012 - 01:39 PM

You're welcome! :)
My help is free, however, if you wish to make a small donation to show appreciation and to help me continue the fight against Malware, then click here paypal.gif

#11 Maurice Naggar

Maurice Naggar

    Staff

  • Moderators
  • PipPipPipPipPipPip
  • 14,550 posts
  • Gender:Male
  • Location:USA
  • Interests:Security, Windows, Windows Update, malware prevention

Posted 22 March 2012 - 08:58 AM

Glad we could help. :)

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!
Maurice Naggar
Product Support

staff.png

Follow us: Twitter, Become a fan: Facebook

I close my threads if there is 5 days without a response.

#12 Maurice Naggar

Maurice Naggar

    Staff

  • Moderators
  • PipPipPipPipPipPip
  • 14,550 posts
  • Gender:Male
  • Location:USA
  • Interests:Security, Windows, Windows Update, malware prevention

Posted 22 March 2012 - 01:20 PM

This topic re-opened per request of omdevn.

@omdevn
I am quite surprised to hear you say the issue returned, given that you had just advised us the issue was done with.

a) Post a copy of the latest MBAM scan log.

b) Do not use pc for any outside purpose.

c) Run a fresh run of DDS and copy & paste those logs.

d) Allow time for review of your logs & a response.
Maurice Naggar
Product Support

staff.png

Follow us: Twitter, Become a fan: Facebook

I close my threads if there is 5 days without a response.

#13 omdevn

omdevn

    New Member

  • Members
  • Pip
  • 6 posts

Posted 23 March 2012 - 04:11 AM

I am sorry for bothering you with my problem once again.

Even I was surprised to see the issue cropping up again after I performed a quick scan with Malwarebytes yesterday (22-Mar-2012). It shows 2 Registry Data Items which were promptly quarantined. I wish to know how this is happening and how to get rid of these registry entries.

Here is the MBAM scan log:

Malwarebytes Anti-Malware (PRO) 1.60.1.1000
www.malwarebytes.org

Database version: v2012.03.22.03

Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 9.0.8112.16421
Om Deva :: OMDEVA-PC [administrator]

Protection: Enabled

22-Mar-12 21:03:58
mbam-log-2012-03-22 (21-03-58).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 183891
Time elapsed: 16 minute(s), 10 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 2
HKCR\scrfile\shell\open\command| (Broken.OpenCommand) -> Bad: (NOTEPAD.EXE %1) Good: ("%1" /S) -> Quarantined and repaired successfully.
HKCR\regfile\shell\open\command| (Broken.OpenCommand) -> Bad: (NOTEPAD.EXE %1) Good: (regedit.exe "%1") -> Quarantined and repaired successfully.

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

This is the DDS log:

.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_31
Run by Om Deva at 14:22:24 on 2012-03-23
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1033.18.2038.813 [GMT 5.5:30]
.
AV: Microsoft Security Essentials *Enabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}
SP: Microsoft Security Essentials *Enabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe
C:\Windows\system32\conhost.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
C:\Program Files\Sigmatel\C-Major Audio\WDM\aestsrv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe
C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe
C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Windows\WindowsMobile\wmdc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\FsUsbExService.Exe
C:\Windows\system32\svchost.exe -k HsfXAudioService
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
C:\Program Files\Perfios\perfios_winsvc.exe
C:\Program Files\Airtel NetXpert\bin\sprtsvc.exe
C:\Program Files\Airtel NetXpert\bin\sprtcmd.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe
C:\Program Files\Real\RealPlayer\Update\realsched.exe
C:\Program Files\Airtel NetXpert\bin\tgsrvc.exe
C:\Program Files\Common Files\Acronis\Fomatik\TrueImageTryStartService.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Common Files\Authentium\AntiVirus5\vsedsps.exe
C:\Program Files\Common Files\Authentium\AntiVirus5\vseamps.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\iolo\Common\Lib\ioloServiceManager.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Hide My IP\HideMyIP.exe
C:\Program Files\TeamViewer\Version7\TeamViewer.exe
C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe
C:\Program Files\iolo\System Mechanic Professional\SystemGuardAlerter.exe
C:\Program Files\Common Files\Apple\Internet Services\ubd.exe
C:\Program Files\iolo\System Mechanic Professional\System Shield\ioloSSTray.exe
C:\Program Files\Common Files\Apple\Apple Application Support\distnoted.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\svchost.exe -k WindowsMobile
C:\Program Files\Google\Google Calendar Sync\GoogleCalendarSync.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\MagicDisc\MagicDisc.exe
C:\Program Files\Hide My IP\HideMyIpSrv.exe
C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\WUDFHost.exe
C:\Program Files\TeamViewer\Version7\tv_w32.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Windows\system32\NOTEPAD.EXE
C:\Program Files\Foxit Software\Foxit Reader\Foxit Reader.exe
C:\Windows\System32\taskmgr.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
C:\Windows\system32\NOTEPAD.EXE
C:\Program Files\Microsoft Office\Office12\WINWORD.EXE
C:\Windows\system32\conhost.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uWindow Title = Internet Explorer, optimized for Bing and MSN
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - c:\programdata\real\realplayer\browserrecordplugin\ie\rpbrowserrecordplugin.dll
BHO: Java™ Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
uRun: [HideMyIP] c:\program files\hide my ip\HideMyIP.exe
uRun: [Google Update] "c:\users\om deva\appdata\local\google\update\GoogleUpdate.exe" /c
uRun: [AutoStartNPSAgent] c:\program files\samsung\samsung new pc studio\NPSAgent.exe
uRun: [MobileDocuments] c:\program files\common files\apple\internet services\ubd.exe
uRun: [PC Suite Tray] "c:\program files\nokia\nokia pc suite 7\PCSuite.exe" -onlytray
uRun: [DriverMax] "c:\program files\innovative solutions\drivermax\drivermax.exe" -agent
uRun: [DriverMax_RESTART] "c:\program files\innovative solutions\drivermax\drivermax.exe" -RESTART
mRun: [iolo Startup] "c:\program files\iolo\common\lib\ioloLManager.exe"
mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray
mRun: [Mouse Suite 98 Daemon] ico.EXE
mRun: [TrueImageMonitor.exe] c:\program files\acronis\trueimagehome\TrueImageMonitor.exe
mRun: [AcronisTimounterMonitor] c:\program files\acronis\trueimagehome\TimounterMonitor.exe
mRun: [Acronis Scheduler2 Service] "c:\program files\common files\acronis\schedule2\schedhlp.exe"
mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey
mRun: [Windows Mobile Device Center] %windir%\WindowsMobile\wmdc.exe
mRun: [NPSStartup]
mRun: [netxpert] "c:\program files\airtel netxpert\bin\sprtcmd.exe" /P netxpert
mRun: [TkBellExe] "c:\program files\real\realplayer\update\realsched.exe" -osboot
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [Fellowes Proxy] c:\windows\system32\r3proxy.exe
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRunOnce: [SMRequiresRestart]
StartupFolder: c:\users\omdeva~1\appdata\roaming\micros~1\windows\startm~1\programs\startup\magicd~1.lnk - c:\program files\magicdisc\MagicDisc.exe
StartupFolder: c:\users\omdeva~1\appdata\roaming\micros~1\windows\startm~1\programs\startup\openof~1.lnk - c:\program files\openoffice.org 3\program\quickstart.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\google~1.lnk - c:\program files\google\google calendar sync\GoogleCalendarSync.exe
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - c:\windows\windowsmobile\INetRepl.dll
IE: {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - c:\windows\windowsmobile\INetRepl.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL
LSP: c:\windows\system32\HMIPCore.dll
LSP: c:\windows\system32\iavlsp.dll
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{7A511D57-6A8D-448B-8D3F-419488EC3A50} : DhcpNameServer = 192.168.1.1
TCP: Interfaces\{C6B1B7EA-81F1-40B7-9D7C-4CDD9A2BB155} : DhcpNameServer = 192.168.1.1
Notify: igfxcui - igfxdev.dll
LSA: Authentication Packages = msv1_0 relog_ap
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\om deva\appdata\roaming\mozilla\firefox\profiles\0jmy17v4.default\
FF - prefs.js: browser.startup.homepage - hxxps://www.google.com/
FF - plugin: c:\program files\foxit software\foxit reader\plugins\npFoxitReaderPlugin.dll
FF - plugin: c:\program files\google\picasa3\npPicasa3.dll
FF - plugin: c:\program files\google\update\1.3.21.111\npGoogleUpdate3.dll
FF - plugin: c:\program files\google\update\1.3.21.99\npGoogleUpdate3.dll
FF - plugin: c:\program files\java\jre6\bin\plugin2\npdeployJava1.dll
FF - plugin: c:\program files\java\jre6\bin\plugin2\npjp2.dll
FF - plugin: c:\program files\microsoft silverlight\4.1.10111.0\npctrlui.dll
FF - plugin: c:\programdata\real\realplayer\browserrecordplugin\mozillaplugins\nprpchromebrowserrecordext.dll
FF - plugin: c:\programdata\real\realplayer\browserrecordplugin\mozillaplugins\nprphtml5videoshim.dll
FF - plugin: c:\users\om deva\appdata\local\google\update\1.3.21.111\npGoogleUpdate3.dll
.
============= SERVICES / DRIVERS ===============
.
R2 AMP;Active Malware Protection Minifilter Driver;c:\windows\system32\drivers\amp.sys [2011-9-28 138048]
R2 AMPSE;Active Malware Protection Support Driver;c:\windows\system32\drivers\ampse.sys [2012-2-9 1189184]
R3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2012-2-9 361000]
.
=============== File Associations ===============
.
JSEFile=NOTEPAD.EXE %1
regfile=NOTEPAD.EXE %1
scrfile=NOTEPAD.EXE %1
VBEFile=NOTEPAD.EXE %1
VBSFile=NOTEPAD.EXE %1
.
=============== Created Last 30 ================
.
2012-03-23 08:40:57 40776 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2012-03-23 06:52:56 56200 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{9c823277-8e22-4e6e-9f94-55268eea3b00}\offreg.dll
2012-03-23 06:52:56 29904 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{9c823277-8e22-4e6e-9f94-55268eea3b00}\MpKslb6b96e65.sys
2012-03-23 06:50:24 6582328 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{9c823277-8e22-4e6e-9f94-55268eea3b00}\mpengine.dll
2012-03-21 06:59:46 25088 ----a-w- c:\windows\system32\drivers\teamviewervpn.sys
2012-03-21 06:59:29 -------- d-----w- c:\program files\TeamViewer
2012-03-20 09:57:17 -------- d-----w- c:\program files\common files\PCSuite
2012-03-20 09:56:44 -------- d-----w- c:\program files\common files\Nokia
2012-03-20 09:56:29 18816 ----a-w- c:\windows\system32\drivers\pccsmcfd.sys
2012-03-20 09:55:59 -------- d-----w- c:\program files\PC Connectivity Solution
2012-03-20 09:54:55 75264 ----a-w- c:\windows\system32\nmwcdcls.dll
2012-03-20 09:54:52 -------- d-----w- c:\program files\Nokia
2012-03-19 08:28:09 -------- d-----w- c:\program files\Mozilla Maintenance Service
2012-03-19 08:27:54 129976 ----a-w- c:\program files\mozilla firefox\maintenanceservice.exe
2012-03-19 08:27:53 145960 ----a-w- c:\program files\mozilla firefox\maintenanceservice_installer.exe
2012-03-18 07:57:06 -------- d-----w- c:\program files\MagicISO
2012-03-16 03:02:43 -------- d-----w- c:\program files\iPod
2012-03-16 02:48:45 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin7.dll
2012-03-16 02:48:44 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin6.dll
2012-03-16 02:48:44 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin5.dll
2012-03-16 02:48:43 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin4.dll
2012-03-16 02:48:42 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin3.dll
2012-03-16 02:48:41 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin2.dll
2012-03-16 02:48:41 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin.dll
2012-03-16 02:46:04 -------- d-----w- c:\users\om deva\appdata\local\Diagnostics
2012-03-15 00:20:47 3968368 ----a-w- c:\windows\system32\ntkrnlpa.exe
2012-03-15 00:20:45 3913584 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-03-14 23:55:53 2343424 ----a-w- c:\windows\system32\win32k.sys
2012-03-14 23:55:51 1077248 ----a-w- c:\windows\system32\DWrite.dll
2012-03-14 03:17:06 8192 ----a-w- c:\windows\system32\rdrmemptylst.exe
2012-03-14 03:17:06 129536 ----a-w- c:\windows\system32\rdpcorekmts.dll
2012-03-14 03:17:05 58880 ----a-w- c:\windows\system32\rdpwsx.dll
2012-03-14 03:17:03 919040 ----a-w- c:\windows\system32\rdpcorets.dll
2012-03-14 03:17:03 826880 ----a-w- c:\windows\system32\rdpcore.dll
2012-03-14 03:17:02 24576 ----a-w- c:\windows\system32\drivers\tdtcp.sys
2012-03-14 03:17:02 183808 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-03-13 12:10:46 -------- d-----w- c:\program files\IDT
2012-03-13 12:09:07 915968 ----a-w- c:\windows\system32\stapo.dll
2012-03-13 12:09:07 495104 ----a-w- c:\windows\system32\stapi32.dll
2012-03-13 12:09:07 328704 ----a-w- c:\windows\system32\stcplx.dll
2012-03-13 12:09:05 176128 ----a-w- c:\windows\system32\st326233.dll
2012-03-13 12:07:14 98304 ----a-w- c:\windows\system32\r3proxy.exe
2012-03-13 12:07:14 2387968 ----a-w- c:\windows\system32\FEzPtCPL.dll
2012-03-13 12:07:14 12672 ----a-w- c:\windows\system32\drivers\FeMouWDM.sys
2012-03-13 12:07:13 131072 ----a-w- c:\windows\system32\language.dll
2012-03-13 12:06:50 90112 ----a-w- c:\windows\system32\femouse.dll
2012-03-13 11:55:21 140288 ----a-w- c:\windows\system32\igfxtvcx.dll
2012-03-13 11:30:36 985472 ----a-w- c:\windows\system32\drivers\HSF_DP.sys
2012-03-13 11:30:36 210688 ----a-w- c:\windows\system32\drivers\HSF_HWAZL.sys
2012-03-13 11:30:35 738360 ----a-w- c:\windows\system32\drivers\HSF_CNXT.sys
2012-03-13 11:29:47 38400 ----a-w- c:\windows\system32\drivers\rixdptsk.sys
2012-03-13 11:28:56 48128 ----a-w- c:\windows\system32\drivers\rimmptsk.sys
2012-03-13 11:27:31 44544 ----a-w- c:\windows\system32\drivers\rimsptsk.sys
2012-03-13 11:22:55 108544 ----a-w- c:\windows\system32\drivers\MxEFUF32.sys
2012-03-13 11:20:28 4703232 ----a-w- c:\windows\system32\drivers\BCMWL63.SYS
2012-03-13 11:16:13 -------- d-----w- C:\Intel
2012-03-13 11:12:47 81920 ----a-w- c:\windows\system32\igfxCoIn_v2226.dll
2012-03-13 11:12:45 208896 ----a-w- c:\windows\system32\iglhsip32.dll
2012-03-13 11:12:44 147456 ----a-w- c:\windows\system32\iglhcp32.dll
2012-03-13 11:12:43 874048 ----a-w- c:\windows\system32\igkrng575.bin
2012-03-13 11:12:39 86528 ----a-w- c:\windows\system32\igfxresn.lrc
2012-03-13 11:12:37 4096 ----a-w- c:\windows\system32\IGFXDEVLib.dll
2012-03-13 11:12:36 104796 ----a-w- c:\windows\system32\igfcg575m.bin
2012-03-13 11:12:30 127868 ----a-w- c:\windows\system32\igcompkrng575.bin
2012-03-13 11:12:25 3157784 ----a-w- c:\windows\system32\GfxUI.exe
2012-03-13 11:12:25 120320 ----a-w- c:\windows\system32\gfxSrvc.dll
2012-03-13 11:12:24 452440 ----a-w- c:\windows\system32\d3dx10_40.dll
2012-03-12 14:52:31 -------- d-----w- c:\program files\common files\xing shared
2012-03-09 06:34:01 -------- d-----w- c:\users\om deva\appdata\local\Jaksta_Technologies_Pty_L
2012-03-09 06:30:25 -------- d-----w- c:\program files\Applian Technologies
2012-03-09 06:29:15 -------- d-----w- c:\programdata\Applian
2012-03-08 04:24:42 -------- d-----w- c:\program files\common files\SupportSoft
2012-03-08 04:22:56 -------- d-----w- c:\users\om deva\appdata\local\SupportSoft
2012-03-08 04:22:55 -------- d-----w- c:\program files\Airtel NetXpert
2012-03-08 03:06:49 20392 ----a-w- c:\windows\system32\drivers\ElRawDsk.sys
2012-03-08 03:05:33 -------- d-----w- c:\program files\MSXML 4.0
2012-03-07 13:36:47 -------- d-----w- c:\program files\Perfios
2012-03-06 17:37:39 12416 ----a-w- c:\windows\system32\drivers\ssm_whnt.sys
2012-03-06 17:37:39 12416 ----a-w- c:\windows\system32\drivers\ssm_wh.sys
2012-03-06 17:37:38 14848 ----a-w- c:\windows\system32\drivers\ssm_mdfl.sys
2012-03-06 17:37:38 132608 ----a-w- c:\windows\system32\drivers\ssm_mdm.sys
2012-03-06 17:37:38 12544 ----a-w- c:\windows\system32\drivers\ssm_cmnt.sys
2012-03-06 17:37:38 12544 ----a-w- c:\windows\system32\drivers\ssm_cm.sys
2012-03-06 17:37:38 104448 ----a-w- c:\windows\system32\drivers\ssm_bus.sys
2012-03-06 17:33:03 36608 ----a-w- c:\windows\system32\FsUsbExDisk.Sys
2012-03-06 17:33:03 238952 ----a-w- c:\windows\system32\FsUsbExService.Exe
2012-03-06 17:33:02 110592 ----a-w- c:\windows\system32\FsUsbExDevice.Dll
2012-03-06 17:31:54 -------- d-----w- c:\users\om deva\appdata\roaming\Samsung
2012-03-06 17:29:35 -------- d-----w- c:\program files\MarkAny
2012-03-06 17:26:45 -------- d-----w- c:\program files\Samsung
2012-03-06 17:24:23 -------- d-----w- c:\programdata\Samsung
2012-03-06 17:23:01 -------- d-----w- c:\users\om deva\appdata\local\Downloaded Installations
2012-03-06 13:10:23 86016 ------w- c:\windows\unvise32.exe
2012-03-06 13:10:11 -------- d-----w- c:\program files\Bandwidth Monitor Pro
2012-03-06 12:43:36 737280 ----a-w- c:\windows\iun6002.exe
2012-03-05 13:29:37 30512 ----a-w- c:\windows\system32\spool\prtprocs\w32x86\mdippr.dll
2012-03-05 13:29:36 29552 ----a-w- c:\windows\system32\mdimon.dll
2012-02-28 08:26:48 -------- d-----w- c:\users\om deva\appdata\roaming\Foxit Software
2012-02-22 10:15:26 73728 ----a-w- c:\windows\system32\AEstSrv.exe
2012-02-22 10:15:23 647168 ----a-w- c:\windows\system32\aestecap.dll
2012-02-22 10:15:22 53248 ----a-w- c:\windows\system32\aestaren.dll
2012-02-22 10:15:22 131072 ----a-w- c:\windows\system32\aestacap.dll
2012-02-22 10:15:21 1601536 ----a-w- c:\windows\system32\stlang.dll
2012-02-22 10:15:21 102400 ----a-w- c:\windows\system32\stacsv.exe
2012-02-22 10:15:20 4947968 ----a-w- c:\windows\system32\stacgui.cpl
2012-02-22 10:08:42 330240 ----a-w- c:\windows\system32\drivers\stwrt.sys
2012-02-22 10:08:34 146944 ----a-w- c:\windows\system32\st325614.dll
2012-02-22 10:08:33 45568 ----a-w- c:\windows\system32\ctppld.dll
2012-02-22 10:08:32 492544 ----a-w- c:\windows\system32\ctapo32.dll
2012-02-22 10:08:23 -------- d-----w- c:\program files\SigmaTel
2012-02-22 09:45:59 -------- d-----w- c:\users\om deva\My Installables
.
==================== Find3M ====================
.
2012-03-12 17:01:56 1608 ----a-w- c:\windows\fonts\JayHo.ttf
2012-03-06 17:35:06 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-02-22 12:08:10 472808 ----a-w- c:\windows\system32\deployJava1.dll
2012-02-15 05:31:50 4547944 ----a-w- c:\windows\system32\usbaaplrc.dll
2012-02-15 05:31:50 43520 ----a-w- c:\windows\system32\drivers\usbaapl.sys
2012-02-11 06:41:28 44384 ----a-w- c:\windows\system32\drivers\tifsfilt.sys
2012-02-11 06:41:28 441760 ----a-w- c:\windows\system32\drivers\timntr.sys
2012-02-11 06:41:24 132224 ----a-w- c:\windows\system32\drivers\snapman.sys
2012-02-11 06:41:16 368480 ----a-w- c:\windows\system32\drivers\tdrpman.sys
2012-02-11 06:06:32 348160 ----a-w- c:\windows\system32\msvcr71.dll
2012-02-11 06:06:31 499712 ----a-w- c:\windows\system32\msvcp71.dll
2012-02-10 05:21:53 152576 ----a-w- c:\windows\system32\msclmd.dll
2012-02-09 07:11:36 74703 ----a-w- c:\windows\system32\mfc45.dll
2012-01-31 12:44:05 237072 ------w- c:\windows\system32\MpSigStub.exe
2012-01-12 00:19:16 4448256 ----a-w- c:\windows\system32\GPhotos.scr
2012-01-06 06:21:24 29696 ----a-w- c:\windows\system32\iolobtdfg.exe
2012-01-06 06:21:16 11776 ----a-w- c:\windows\system32\smrgdf.exe
2012-01-06 05:59:06 2083464 ----a-w- c:\windows\system32\Incinerator32.dll
2012-01-04 08:58:41 442880 ----a-w- c:\windows\system32\ntshrui.dll
2011-12-30 05:27:56 478720 ----a-w- c:\windows\system32\timedate.cpl
.
=================== ROOTKIT ====================
.
Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
Windows 6.1.7601 Disk: ST932032 rev.SD03 -> Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-0
.
device: opened successfully
user: MBR read successfully
.
Disk trace:
called modules: >>UNKNOWN [0x82C1C000]<< >>UNKNOWN [0x833C0000]<< >>UNKNOWN [0x88DE4000]<< >>UNKNOWN [0x88C00000]<< >>UNKNOWN [0x8302E000]<<
_asm { DEC EBP; POP EDX; NOP ; ADD [EBX], AL; ADD [EAX], AL; ADD [EAX+EAX], AL; ADD [EAX], AL; }
1 ntkrnlpa!IofCallDriver[0x82C5355A] -> \Device\Harddisk0\DR0[0x8726F5A8]
\Driver\Disk[0x8726EB78] -> IRP_MJ_CREATE -> 0x833C439F
3 [0x833C459E] -> ntkrnlpa!IofCallDriver[0x82C5355A] -> \Device\Ide\IAAStorageDevice-0[0x8580F028]
\Driver\iaStor[0x8578FB48] -> IRP_MJ_CREATE -> 0x88C230F8
kernel: MBR read successfully
_asm { XOR AX, AX; MOV SS, AX; MOV SP, 0x7c00; MOV ES, AX; MOV DS, AX; MOV SI, 0x7c00; MOV DI, 0x600; MOV CX, 0x200; CLD ; REP MOVSB ; PUSH AX; PUSH 0x61c; RETF ; STI ; MOV CX, 0x4; MOV BP, 0x7be; CMP BYTE [BP+0x0], 0x0; }
user & kernel MBR OK
Warning: possible TDL3 rootkit infection !
.
============= FINISH: 14:24:32.69 ===============


This is the Attack.txt file:

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft Windows 7 Ultimate
Boot Device: \Device\HarddiskVolume1
Install Date: 09-Feb-12 12:13:14
System Uptime: 23-Mar-12 07:54:15 (7 hours ago)
.
Motherboard: Dell Inc. | | 0TT347
Processor: Intel® Core™2 Duo CPU T5270 @ 1.40GHz | Microprocessor | 1386/200mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 298 GiB total, 162.718 GiB free.
D: is CDROM ()
F: is CDROM (UDF)
G: is FIXED (NTFS) - 466 GiB total, 254.548 GiB free.
H: is Removable
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP138: 23-Mar-12 12:28:23 - Scheduled Checkpoint
.
==== Installed Programs ======================
.
Update for Microsoft Office 2007 (KB2508958)
7-Zip 4.62
Acronis Disk Director Suite
Acronis True Image Home
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Advanced Task Manager for Windows Vista & Windows XP
Advanced Uninstaller PRO - Version 9
Airtel NetXpert 3.0
Apple Application Support
Apple Mobile Device Support
Apple Software Update
AVSDK5
Beyond Compare Version 3.3.4
Bonjour
CanSecure-Retail
Carbon Folder
Conexant HDA D330 MDC V.92 Modem
Daily Planner Journal 5.6
DriverMax 6
EssentialPIM
eWallet 7.2
Foxit Reader 5.1
Google Calendar Sync
Google Chrome
Google Toolbar for Internet Explorer
Google Update Helper
Hide My IP 5.3
iCloud
Innovative System Optimizer - version 4
Intel® Graphics Media Accelerator Driver
Intel® TV Wizard
iolo technologies' System Mechanic Professional
iTunes
Java Auto Updater
Java™ 6 Update 31
Kensington SlimBlade Driver
Magic ISO Maker v5.5 (build 0273)
MagicDisc 2.7.106
Malwarebytes Anti-Malware version 1.60.1.1000
MediaFire Express (beta)
Microsoft .NET Framework 4 Client Profile
Microsoft Antimalware
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office File Validation Add-In
Microsoft Office Outlook Connector
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Professional 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Security Client
Microsoft Security Essentials
Microsoft Silverlight
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Mobile Partner
Mozilla Firefox 12.0 (x86 en-US)
Mozilla Maintenance Service
MSVC90_x86
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Nokia Connectivity Cable Driver
Nokia PC Suite
OpenOffice.org 3.3
PC Connectivity Solution
Perfios SmartUpdate
Picasa 3
QuickTime
RealNetworks - Microsoft Visual C++ 2008 Runtime
RealPlayer
RealUpgrade 1.1
RICOH Media Driver ver.2.07.01.04
RICOH R5U8xx Media Driver ver.3.62.02
RoboTask Lite 3.0
Safari
Samsung New PC Studio
SAMSUNG USB Driver for Mobile Phones
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
Security Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit Edition
SigmaTel Audio
StarToken
TeamViewer 7
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 suites (KB2596651) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596789) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2597970) 32-Bit Edition
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 (KB2596596) 32-Bit Edition
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
VLC media player 2.0.1
Windows Driver Package - Nokia Modem (02/25/2011 4.7)
Windows Driver Package - Nokia Modem (02/25/2011 7.01.0.9)
Windows Driver Package - Nokia pccsmcfd (08/22/2008 7.0.0.0)
Windows Mobile Device Center
Windows Mobile Device Center Driver Update
.
==== Event Viewer Messages From Past Week ========
.
23-Mar-12 11:55:03, Error: volsnap [36] - The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.
23-Mar-12 07:55:43, Error: Service Control Manager [7023] - The iPod Service service terminated with the following error: %%-2147417831
23-Mar-12 07:55:27, Error: Service Control Manager [7034] - The SigmaTel Audio Service service terminated unexpectedly. It has done this 1 time(s).
23-Mar-12 07:55:27, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: eairwnet FileDisk
22-Mar-12 20:50:40, Error: BTHUSB [17] - The local Bluetooth adapter has failed in an undetermined manner and will not be used. The driver has been unloaded.
22-Mar-12 12:13:09, Error: Ntfs [55] - The file system structure on the disk is corrupt and unusable. Please run the chkdsk utility on the volume I:.
22-Mar-12 11:55:38, Error: Service Control Manager [7031] - The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.
22-Mar-12 11:55:38, Error: Service Control Manager [7024] - The Windows Search service terminated with service-specific error %%-2147218173.
.
==== End Of File ===========================

#14 Maurice Naggar

Maurice Naggar

    Staff

  • Moderators
  • PipPipPipPipPipPip
  • 14,550 posts
  • Gender:Male
  • Location:USA
  • Interests:Security, Windows, Windows Update, malware prevention

Posted 23 March 2012 - 10:12 AM

I am sorry for bothering you with my problem once again.

Even I was surprised to see the issue cropping up again after I performed a quick scan with Malwarebytes yesterday (22-Mar-2012). It shows 2 Registry Data Items which were promptly quarantined. I wish to know how this is happening and how to get rid of these registry entries.

The MBAM run fixed that issue. The log showed

Quarantined and repaired successfully.


One cannot tell how the issue originated. Maybe you got & ran something out of the ordinary.
Maurice Naggar
Product Support

staff.png

Follow us: Twitter, Become a fan: Facebook

I close my threads if there is 5 days without a response.

#15 Maurice Naggar

Maurice Naggar

    Staff

  • Moderators
  • PipPipPipPipPipPip
  • 14,550 posts
  • Gender:Male
  • Location:USA
  • Interests:Security, Windows, Windows Update, malware prevention

Posted 05 April 2012 - 09:44 PM

Hi,

Next, please run a free online scan with the ESET Online Scanner
Note: You will need to use Internet Explorer for this scan.
  • Tick the box next to YES, I accept the Terms of Use.
  • Click Start
  • When asked, allow the ActiveX control to install
  • Click Start
  • Make sure that the options Remove found threats and the option Scan unwanted applications is checked
  • Click Scan
    Wait for the scan to finish
  • Use Notepad to open the logfile located at C:\Program Files\EsetOnlineScanner\log.txt
  • Copy and paste that log as a reply to this topic


Next, download my Security Check from here or here.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.

Let me know how things are running now and what issues remain.
Maurice Naggar
Product Support

staff.png

Follow us: Twitter, Become a fan: Facebook

I close my threads if there is 5 days without a response.

#16 Maurice Naggar

Maurice Naggar

    Staff

  • Moderators
  • PipPipPipPipPipPip
  • 14,550 posts
  • Gender:Male
  • Location:USA
  • Interests:Security, Windows, Windows Update, malware prevention

Posted 13 April 2012 - 02:37 PM

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!
Maurice Naggar
Product Support

staff.png

Follow us: Twitter, Become a fan: Facebook

I close my threads if there is 5 days without a response.





Also tagged with one or more of these keywords: broken.opencommand

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users