swapy
-
Posts
2 -
Joined
-
Last visited
Content Type
Events
Profiles
Forums
Posts posted by swapy
-
-
Hello,
I am trying to install Malwarebyte 1.65.1.1000 but unable to install it.
Once clicked on setup file "select setup languge" option(English) appears,once clicked on OK, setup window gets dissapered.
Please advice how to install Malwarebyte.I am using Windows 7 64bit machine.
Thank you.
MB not installating!
in Malwarebytes for Windows Support Forum
Posted
Hello,
I scanned my machine twice with VIPRE Av but did not find any infection, so i am assuming my machine is not infected
below are the logs for same.
attach :
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Professional
Boot Device: \Device\HarddiskVolume2
Install Date: 20-08-2012 11:22:46 AM
System Uptime: 28-12-2012 12:09:19 PM (3 hours ago)
.
Motherboard: Dell Inc. | | 0M5DCD
Processor: Intel® Core i5-2400 CPU @ 3.10GHz | CPU 1 | 1581/100mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 228 GiB total, 171.387 GiB free.
D: is FIXED (NTFS) - 228 GiB total, 199.47 GiB free.
.
==== Disabled Device Manager Items =============
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Realtek PCIe GBE Family Controller
Device ID: PCI\VEN_10EC&DEV_8168&SUBSYS_04F51028&REV_06\4&213E82F8&0&00E4
Manufacturer: Realtek
Name: Realtek PCIe GBE Family Controller
PNP Device ID: PCI\VEN_10EC&DEV_8168&SUBSYS_04F51028&REV_06\4&213E82F8&0&00E4
Service: RTL8167
.
==== System Restore Points ===================
.
RP71: 12-12-2012 02:20:01 PM - Scheduled Checkpoint
RP72: 20-12-2012 12:00:02 AM - Scheduled Checkpoint
RP73: 24-12-2012 03:15:11 AM - Windows Update
.
==== Installed Programs ======================
.
Adobe AIR
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Reader X (10.1.4)
BioAPI Framework
Conexant HD Audio
Custom
CutePDF Writer 3.0
D3DX10
Dell Backup and Recovery Manager
Dell Client System Update
Dell Data Protection | Access
Dell Data Protection | Access | Drivers
Dell Data Protection | Access | Middleware
Dell Edoc Viewer
DellAccess
EMBASSY Security Center
FileAlyzer 2
Gemalto
GFI Business Agent
Google Chrome
Google Update Helper
Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB946040)
Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB946308)
Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB946344)
Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB947540)
Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB947789)
Intel® Identity Protection Technology 1.2.22.0
Intel® Management Engine Components
Intel® Processor Graphics
ITSupport247-DPMA
Java 6 Update 3
Java 6 Update 33
Java 6 Update 37
Junk Mail filter update
Kingsoft Office 2012 (8.1.0.3036)
LogMeIn
Mesh Runtime
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Extended
Microsoft Application Error Reporting
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft SQL Server Compact 3.5 SP1 English
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable (x64)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
Microsoft Visual Studio Tools for Applications 2.0 - ENU
Microsoft XML Parser
Mozilla Firefox 16.0.1 (x86 en-US)
Mozilla Maintenance Service
MSVCRT
MSVCRT_amd64
MSXML 4.0 SP2 Parser and SDK
MSXML 4.0 SP3 Parser (KB2721691)
NTRU TCG Software Stack
OpenOffice.org 2.3
Pandion
PC-CCID
Preboot Manager
Private Information Manager
Realtek Ethernet Controller All-In-One Windows Driver
SAAZ Remote Console NOC
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
Security Update for Microsoft .NET Framework 4 Extended (KB2656351)
Spark 2.6.3.12555
SPBA 5.9
tools-linux
tools-windows
Trusted Drive Manager
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft .NET Framework 4 Extended (KB2468871)
Update for Microsoft .NET Framework 4 Extended (KB2533523)
Update for Microsoft .NET Framework 4 Extended (KB2600217)
Upek Touchchip Fingerprint Reader
VMware Player
Wave Infrastructure Installer
Wave Support Software Installer
Windows Driver Package - Dell Inc. PBADRV System (09/11/2009 1.0.1.6)
Windows Live Communications Platform
Windows Live Essentials
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Language Selector
Windows Live Mail
Windows Live Mesh
Windows Live Mesh ActiveX Control for Remote Connections
Windows Live Messenger
Windows Live MIME IFilter
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live Remote Client
Windows Live Remote Client Resources
Windows Live Remote Service
Windows Live Remote Service Resources
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
WinRAR archiver
WinZip
.
==== Event Viewer Messages From Past Week ========
.
28-12-2012 12:09:31 PM, Error: Service Control Manager [7001] - The NTRU TSS v1.2.1.34 TCS service depends on the TPM Base Services service which failed to start because of the following error: The operation completed successfully.
27-12-2012 05:42:25 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service wuauserv with arguments "" in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334}
26-12-2012 08:24:27 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service MSIServer with arguments "" in order to run the server: {000C101C-0000-0000-C000-000000000046}
26-12-2012 08:22:08 PM, Error: Service Control Manager [7001] - The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: The dependency service or group failed to start.
26-12-2012 08:22:08 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service TdmService with arguments "" in order to run the server: {285E95B2-ACD5-4405-8D24-2D73E65DD047}
26-12-2012 08:22:06 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}
26-12-2012 08:22:06 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
26-12-2012 08:22:04 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netprofm with arguments "" in order to run the server: {A47979D2-C419-11D9-A5B4-001185AD2B89}
26-12-2012 08:22:04 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netman with arguments "" in order to run the server: {BA126AD1-2166-11D1-B1D0-00805FC1270E}
26-12-2012 08:22:03 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
26-12-2012 08:21:58 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}
26-12-2012 08:21:49 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD CSC DfsC discache NetBIOS NetBT nsiproxy Psched rdbss spldr tdx Wanarpv6 WfpLwf ws2ifsl
26-12-2012 08:21:49 PM, Error: Service Control Manager [7001] - The Workstation service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
26-12-2012 08:21:49 PM, Error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.
26-12-2012 08:21:49 PM, Error: Service Control Manager [7001] - The SMB MiniRedirector Wrapper and Engine service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error: A device attached to the system is not functioning.
26-12-2012 08:21:49 PM, Error: Service Control Manager [7001] - The SMB 2.0 MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.
26-12-2012 08:21:49 PM, Error: Service Control Manager [7001] - The SMB 1.x MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.
26-12-2012 08:21:49 PM, Error: Service Control Manager [7001] - The Network Store Interface Service service depends on the NSI proxy service driver. service which failed to start because of the following error: A device attached to the system is not functioning.
26-12-2012 08:21:49 PM, Error: Service Control Manager [7001] - The Network Location Awareness service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
26-12-2012 08:21:49 PM, Error: Service Control Manager [7001] - The IP Helper service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
26-12-2012 08:21:49 PM, Error: Service Control Manager [7001] - The DNS Client service depends on the NetIO Legacy TDI Support Driver service which failed to start because of the following error: A device attached to the system is not functioning.
26-12-2012 08:21:49 PM, Error: Service Control Manager [7001] - The DHCP Client service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.
26-12-2012 08:21:49 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service TermService with arguments "" in order to run the server: {F9A874B6-F8A8-4D73-B5A8-AB610816828B}
24-12-2012 08:24:08 PM, Error: Microsoft-Windows-TerminalServices-Printers [1111] - Driver CutePDF Writer required for printer CutePDF Writer is unknown. Contact the administrator to install the driver before you log in again.
21-12-2012 03:21:19 PM, Error: Microsoft-Windows-TerminalServices-Printers [1111] - Driver Send to Microsoft OneNote 15 Driver required for printer Send To OneNote 2013 is unknown. Contact the administrator to install the driver before you log in again.
02-07-2013 04:21:41 AM, Error: Microsoft-Windows-TerminalServices-Printers [1111] - Driver Send To Microsoft OneNote Driver required for printer Send To OneNote 2007 is unknown. Contact the administrator to install the driver before you log in again.
01-07-2013 11:13:50 AM, Error: Microsoft-Windows-Time-Service [34] - The time service has detected that the system time needs to be changed by -25747198 seconds. The time service will not change the system time by more than 54000 seconds. Verify that your time and time zone are correct, and that the time source time.windows.com,0x9 (ntp.m|0x9|0.0.0.0:123->65.55.21.21:123) is working properly.
01-07-2013 06:14:06 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SBAMSvc service.
01-07-2013 06:13:19 PM, Error: Microsoft-Windows-Time-Service [34] - The time service has detected that the system time needs to be changed by -25747198 seconds. The time service will not change the system time by more than 54000 seconds. Verify that your time and time zone are correct, and that the time source time.windows.com,0x9 (ntp.m|0x9|0.0.0.0:123->65.55.21.22:123) is working properly.
01-07-2013 06:02:21 PM, Error: Microsoft-Windows-Time-Service [34] - The time service has detected that the system time needs to be changed by -25747198 seconds. The time service will not change the system time by more than 54000 seconds. Verify that your time and time zone are correct, and that the time source time.windows.com,0x9 (ntp.m|0x9|0.0.0.0:123->65.55.21.17:123) is working properly.
01-07-2013 04:25:32 AM, Error: Microsoft-Windows-TerminalServices-Printers [1111] - Driver HP LaserJet required for printer !!10.10.10.10!HR_diana_Printer is unknown. Contact the administrator to install the driver before you log in again.
01-07-2013 03:59:34 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SAAZDPMACTL service.
01-07-2013 03:57:02 AM, Error: Microsoft-Windows-Time-Service [34] - The time service has detected that the system time needs to be changed by -25747198 seconds. The time service will not change the system time by more than 54000 seconds. Verify that your time and time zone are correct, and that the time source time.windows.com,0x9 (ntp.m|0x9|0.0.0.0:123->65.55.21.13:123) is working properly.
.
==== End Of File ===========================
DDS :
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 9.0.8112.16455 BrowserJavaVersion: 1.6.0_37
Run by Birendra at 15:53:44 on 2012-12-28
Microsoft Windows 7 Professional 6.1.7601.1.1252.91.1033.18.3993.2082 [GMT 5.5:30]
.
AV: GFI Software VIPRE *Disabled/Updated* {E0D97DD4-42BA-B3F2-A5A7-22E9ACE81FC7}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: GFI Software VIPRE *Disabled/Updated* {5BB89C30-6480-BC7C-9F17-199BD76F557A}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmService.exe
C:\Program Files\Common Files\SPBA\upeksvr.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe
C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe
C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe
C:\PROGRA~2\SAAZOD\zRealTime\SAAZappr.exe
C:\PROGRA~2\SAAZOD\zRealTime\SAAZapsc.exe
C:\PROGRA~2\SAAZOD\SAAZDPMACTL.exe
C:\PROGRA~2\SAAZOD\SAAZScheduler.exe
C:\PROGRA~2\SAAZOD\SAAZWatchDog.exe
C:\Program Files (x86)\GFI Software\GFIAgent\SBPIMSvc.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\SysWOW64\vmnat.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\SysWOW64\vmnetdhcp.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\SearchIndexer.exe
C:\Program Files (x86)\Windows Live\Mail\wlmail.exe
C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
C:\PROGRA~2\SAAZOD\zSCC\zinccm64.exe
C:\PROGRA~2\SAAZOD\zSCC\zCCM.exe
C:\Program Files (x86)\Spark\Spark.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\PROGRA~2\SAAZOD\zRealTime\rtHlpDk.exe
C:\PROGRA~2\SAAZOD\zRealTime\rtdrHlpDk.exe
C:\Program Files (x86)\Pandion\Application\pandion.exe
C:\Windows\system32\mmc.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.co.in/
mWinlogon: Userinit = userinit.exe,
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [sBAMTray] "C:\Program Files (x86)\GFI Software\GFIAgent\SBAMTray.exe"
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\Pandion.lnk - C:\Program Files (x86)\Pandion\Application\pandion.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\SC_ZAC~1.LNK - C:\Program Files (x86)\SAAZOD\zSCC\zAccEvt.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: DisableCAD = dword:1
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~4\Office12\EXCEL.EXE/3000
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
LSP: %windir%\system32\vsocklib.dll
DPF: {3591A50E-18FD-42BC-8D10-6C93BDAF2DA0} - hxxps://control.itsupport247.net/components/SG20o.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab
DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} - hxxps://secure.logmein.com//activex/ractrl.cab?lmi=972
TCP: NameServer = 10.10.10.10 4.2.2.2
TCP: Interfaces\{D1881DF5-BDF8-40A2-B7AD-D848A92B1397} : DHCPNameServer = 10.10.10.10 4.2.2.2
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
LSA: Authentication Packages = msv1_0 wvauth
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-Run: [igfxTray] C:\Windows\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe
x64-Run: [LogMeIn GUI] "C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe"
x64-DPF: {03D19749-C5FA-4CCC-99AB-00AB2AF45ACD} - hxxps://secure.logmein.com/activex/x64/RACtrl.cab?rnd=2659824698
x64-DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} - hxxps://secure.logmein.com/activex/x64/RACtrl.cab?rnd=2659824698
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-Notify: spba - C:\Program Files\Common Files\SPBA\homefus2.dll
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Birendra\AppData\Roaming\Mozilla\Firefox\Profiles\9ugya2ja.default\
FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Intel\Services\IPT\npIntelWebAPIIPT.dll
FF - plugin: C:\Program Files (x86)\Intel\Services\IPT\npIntelWebAPIUpdater.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll
FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_287.dll
FF - plugin: C:\Windows\SysWOW64\npdeployJava1.dll
FF - plugin: C:\Windows\SysWOW64\npmproxy.dll
.
============= SERVICES / DRIVERS ===============
.
R0 vsock;vSockets Driver;C:\Windows\System32\drivers\vsock.sys [2012-12-6 70296]
R1 SBRE;SBRE;C:\Windows\System32\drivers\sbredrv.sys [2012-8-20 57976]
R2 jhi_service;Intel® Identity Protection Technology Host Interface Service;C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe [2011-9-28 212944]
R2 LMIGuardianSvc;LMIGuardianSvc;C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe [2012-7-5 375728]
R2 LMIInfo;LogMeIn Kernel Information Provider;C:\Program Files (x86)\LogMeIn\x64\rainfo.sys [2012-6-8 15928]
R2 SAAZappr;SAAZ RMM Agent Presence-PR;C:\PROGRA~2\SAAZOD\zRealTime\SAAZappr.exe [2012-6-26 85296]
R2 SAAZapsc;SAAZ RMM Agent Presence-SC;C:\PROGRA~2\SAAZOD\zRealTime\SAAZapsc.exe [2012-6-26 85296]
R2 SAAZDPMACTL;SAAZDPMACTL;C:\PROGRA~2\SAAZOD\SAAZDPMACTL.exe [2012-11-27 89392]
R2 SAAZScheduler;SAAZScheduler;C:\PROGRA~2\SAAZOD\SAAZScheduler.exe [2012-11-8 85296]
R2 SAAZWatchDog;SAAZWatchDog;C:\PROGRA~2\SAAZOD\SAAZWatchDog.exe [2012-11-27 89392]
R2 sbapifs;sbapifs;C:\Windows\System32\drivers\sbapifs.sys [2012-8-1 82872]
R2 SBPIMSvc;SB Recovery Service;C:\Program Files (x86)\GFI Software\GFIAgent\SBPIMSvc.exe [2012-10-16 175496]
R2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2012-8-10 2594584]
R2 VMUSBArbService;VMware USB Arbitration Service;C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe [2012-10-11 918680]
R3 IntcDAud;Intel® Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2012-8-11 317440]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-19 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-19 138576]
S2 SAAZServerPlus;SAAZServerPlus;C:\PROGRA~2\SAAZOD\SAAZServerPlus.exe [2012-6-26 85296]
S2 SBAMSvc;VIPRE Business;C:\Program Files (x86)\GFI Software\GFIAgent\SBAMSvc.exe [2012-10-16 3675976]
S3 dmvsc;dmvsc;C:\Windows\System32\drivers\dmvsc.sys [2010-11-21 71168]
S3 netvsc;netvsc;C:\Windows\System32\drivers\netvsc60.sys [2010-11-21 168448]
S3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2012-8-11 685672]
S3 sbwtis;sbwtis;C:\Windows\System32\drivers\sbwtis.sys [2012-10-15 86816]
S3 StorSvc;Storage Service;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-14 27136]
S3 SynthVid;SynthVid;C:\Windows\System32\drivers\VMBusVideoM.sys [2010-11-21 22528]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2012-8-22 1255736]
S4 SAAZRemoteSupport;SAAZRemoteSupport;C:\PROGRA~2\SAAZOD\SAAZRemoteSupport.exe [2012-11-27 81200]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
S4 ZEvtSVC;ZEvtSVC;C:\PROGRA~2\SAAZOD\zSCC\zEvtSVC.exe [2012-6-26 232752]
.
=============== File Associations ===============
.
FileExt: .vbe: VBEFile="C:\Windows\System32\CScript.exe" "%1" %* [default=Open2]
FileExt: .vbs: VBSFile="C:\Windows\System32\CScript.exe" "%1" %* [default=Open2]
FileExt: .js: JSFile=C:\Windows\System32\CScript.exe "%1" %* [default=Open2]
FileExt: .jse: JSEFile=C:\Windows\System32\CScript.exe "%1" %* [default=Open2]
FileExt: .wsf: WSFFile="C:\Windows\System32\CScript.exe" "%1" %* [default=Open2]
.
=============== Created Last 30 ================
.
2013-07-01 16:57:10 -------- d-----w- C:\Users\Birendra\AppData\Local\{1EC7D20C-EC09-4010-850F-018D50A879BB}
2012-12-28 06:40:29 -------- d-----w- C:\Users\Birendra\AppData\Local\{0D4C7B8B-A95F-41D1-B809-D7F81E55E263}
2012-12-27 07:22:51 -------- d-----w- C:\Users\Birendra\AppData\Local\{F22A7E37-2C27-4D19-9087-6F834AB5F0EB}
2012-12-26 09:39:00 -------- d-----w- C:\Users\Birendra\AppData\Roaming\Malwarebytes
2012-12-26 09:38:27 -------- d-----w- C:\ProgramData\Malwarebytes
2012-12-26 06:30:42 -------- d-----w- C:\Users\Birendra\AppData\Local\{1D62D1E4-D376-4791-8F8B-238C1C391D62}
2012-12-25 13:06:45 -------- d-----w- C:\ApplicationLog
2012-12-24 15:04:45 -------- d-----w- C:\Users\Birendra\AppData\Local\{D01019D2-C992-4F28-814A-0C0385B870CA}
2012-12-23 21:45:26 9125352 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{2EDDA760-8C85-42B2-AF7A-A2CF17FB28DA}\mpengine.dll
2012-12-21 07:05:34 -------- d-----w- C:\Users\Birendra\AppData\Local\{80FF600B-81D0-477C-82EF-5250C992C03A}
2012-12-20 19:05:08 -------- d-----w- C:\Users\Birendra\AppData\Local\{5ADEA29C-7CD8-40D5-9CC8-86D6B3B3382D}
2012-12-20 07:04:55 -------- d-----w- C:\Users\Birendra\AppData\Local\{159CD0AF-B209-457E-A20E-37C0A3FDA100}
2012-12-19 18:34:16 -------- d-----w- C:\Users\Birendra\AppData\Local\{2E15194C-B412-4E04-B8B7-A1A484CD529B}
2012-12-19 06:34:03 -------- d-----w- C:\Users\Birendra\AppData\Local\{A4569A80-F55E-432F-A5ED-97EFE09B0B7C}
2012-12-18 06:27:45 -------- d-----w- C:\Users\Birendra\AppData\Local\{CF9D7D42-8F1A-4645-A09E-EB052EF83B17}
2012-12-17 18:27:32 -------- d-----w- C:\Users\Birendra\AppData\Local\{724B0744-99A9-4CD8-A522-52D1C829C028}
2012-12-17 06:27:07 -------- d-----w- C:\Users\Birendra\AppData\Local\{30AF4EA5-0E50-4D72-90E6-187243FF78BC}
2012-12-15 05:58:59 -------- d-----w- C:\Users\Birendra\AppData\Local\{27288E10-0339-4B0B-9943-910E5118C33D}
2012-12-14 17:58:43 -------- d-----w- C:\Users\Birendra\AppData\Local\{E1711131-CF61-4DA5-8BEC-3AAA4A8C5D28}
2012-12-14 05:58:31 -------- d-----w- C:\Users\Birendra\AppData\Local\{E0561777-CEF3-4252-BEEF-921CCF4E1FA5}
2012-12-13 06:05:12 -------- d-----w- C:\Users\Birendra\AppData\Local\{B3A212D8-1C6F-4C1D-B297-3E4BFCAF57A1}
2012-12-12 05:19:24 -------- d-----w- C:\Users\Birendra\AppData\Local\{A990CF78-FF49-4A61-A95C-71F35498B38D}
2012-12-11 21:33:04 87152 ----a-w- C:\Windows\System32\cpwmon64.dll
2012-12-11 21:33:03 -------- d-----w- C:\Program Files (x86)\Acro Software
2012-12-11 21:32:20 -------- d-----w- C:\Program Files (x86)\GPLGS
2012-12-11 17:19:12 -------- d-----w- C:\Users\Birendra\AppData\Local\{570FEF04-FB8E-4747-9BF1-010AABBD16D4}
2012-12-11 05:18:46 -------- d-----w- C:\Users\Birendra\AppData\Local\{C261890B-68C2-4B10-B82A-EF3D9F5DD81A}
2012-12-10 17:18:34 -------- d-----w- C:\Users\Birendra\AppData\Local\{0C7900F2-CB52-4EF7-9637-D89D9B6543D6}
2012-12-10 07:42:57 -------- d-----w- C:\Users\Birendra\AppData\Local\Kingsoft
2012-12-10 05:18:21 -------- d-----w- C:\Users\Birendra\AppData\Local\{06D9A0E0-BA61-4850-A41E-7F6B6AAEC24C}
2012-12-08 05:45:15 -------- d-----w- C:\Users\Birendra\AppData\Local\{6827684E-1FAD-45FB-9B41-B6521F323E41}
2012-12-07 22:04:50 95744 ----a-w- C:\Windows\System32\synceng.dll
2012-12-07 22:04:49 78336 ----a-w- C:\Windows\SysWow64\synceng.dll
2012-12-07 21:16:09 3149824 ----a-w- C:\Windows\System32\win32k.sys
2012-12-07 17:44:50 -------- d-----w- C:\Users\Birendra\AppData\Local\{98D77511-55B3-41C5-864E-F1CBB86C7BC1}
2012-12-07 13:19:16 -------- d-----w- C:\Users\Birendra\AppData\Roaming\Kingsoft
2012-12-07 13:19:15 -------- d-----w- C:\ProgramData\Kingsoft
2012-12-07 13:19:11 -------- d-----w- C:\Program Files (x86)\Kingsoft
2012-12-07 05:44:37 -------- d-----w- C:\Users\Birendra\AppData\Local\{DD4B4EF3-B0C9-42EA-BE59-CA866E1CE0F7}
2012-12-06 06:24:32 67224 ----a-w- C:\Windows\System32\vsocklib.dll
2012-12-06 06:24:32 63128 ----a-w- C:\Windows\SysWow64\vsocklib.dll
2012-12-06 06:24:31 70296 ----a-w- C:\Windows\System32\drivers\vsock.sys
2012-12-06 06:24:25 67224 ----a-w- C:\Windows\System32\drivers\vmx86.sys
2012-12-06 06:24:24 32920 ----a-w- C:\Windows\System32\drivers\VMkbd.sys
2012-12-06 06:23:59 357016 ----a-w- C:\Windows\SysWow64\vmnetdhcp.exe
2012-12-06 06:23:55 435864 ----a-w- C:\Windows\SysWow64\vmnat.exe
2012-12-06 06:23:55 30360 ----a-w- C:\Windows\System32\drivers\vmnetuserif.sys
2012-12-06 06:23:50 933528 ----a-w- C:\Windows\System32\vnetlib64.dll
2012-12-06 06:23:13 52376 ----a-w- C:\Windows\System32\drivers\hcmon.sys
2012-12-06 06:22:27 -------- d-----w- C:\Program Files\Common Files\VMware
2012-12-06 06:22:12 -------- d-----w- C:\Program Files (x86)\VMware
2012-12-06 06:22:12 -------- d-----w- C:\Program Files (x86)\Common Files\VMware
2012-12-06 05:38:22 -------- d-----w- C:\Users\Birendra\AppData\Local\{A122BA12-4DAE-4F95-A156-C9DDF71E3285}
2012-12-05 05:25:42 -------- d-----w- C:\Users\Birendra\AppData\Local\{D7655103-CE4F-45C0-BF2C-EE047CAAF7D2}
2012-12-04 17:25:29 -------- d-----w- C:\Users\Birendra\AppData\Local\{8C630FE7-5089-44BA-8C48-866F5E8EF4F8}
2012-12-04 05:25:16 -------- d-----w- C:\Users\Birendra\AppData\Local\{C682325B-7F6A-4BD4-AB1E-AC263B5AE2AC}
2012-12-03 05:14:30 -------- d-----w- C:\Users\Birendra\AppData\Local\{3619048C-AECD-40B6-B0E2-72A3CDBA309D}
2012-12-01 06:05:31 -------- d-----w- C:\Users\Birendra\AppData\Local\{D75BC3B3-0DAF-437C-9AFC-334304C18608}
2012-11-30 18:05:05 -------- d-----w- C:\Users\Birendra\AppData\Local\{29F95BA2-894F-47F1-96D0-D929D03FB675}
2012-11-30 06:04:53 -------- d-----w- C:\Users\Birendra\AppData\Local\{C18B13D5-6AF6-4293-B57F-B55183A062EE}
2012-11-29 05:42:40 -------- d-----w- C:\Users\Birendra\AppData\Local\{E4C65896-A715-43B9-84F2-75CF8D4B412E}
.
==================== Find3M ====================
.
2012-12-24 12:39:42 57976 ----a-w- C:\Windows\System32\drivers\sbredrv.sys
2012-11-12 12:49:02 73656 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2012-11-12 12:49:02 697272 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2012-11-10 11:57:45 83880 ----a-w- C:\Windows\System32\LMIinit.dll
2012-11-07 20:40:55 477168 ----a-w- C:\Windows\SysWow64\npdeployJava1.dll
2012-11-07 20:40:55 473072 ----a-w- C:\Windows\SysWow64\deployJava1.dll
2012-11-07 12:11:49 290816 ----a-w- C:\Windows\SysWow64\WINHTTP5.DLL
2012-11-07 12:11:49 102912 ----a-w- C:\Windows\SysWow64\VB6STKIT.DLL
2012-11-07 11:58:24 74 ----a-w- C:\MSXML3.bat
2012-11-07 06:46:23 203976 ----a-w- C:\Windows\System32\RICHTX32.OCX
2012-11-05 15:03:06 106496 ----a-w- C:\Program Files (x86)\AgntUninstallPID.exe
2012-10-31 21:04:10 62104 ----a-w- C:\Windows\System32\vmnetbridge.dll
2012-10-31 21:04:10 45720 ----a-w- C:\Windows\System32\drivers\vmnetbridge.sys
2012-10-31 21:04:08 48792 ----a-w- C:\Windows\System32\vnetinst.dll
2012-10-31 21:04:08 24216 ----a-w- C:\Windows\System32\drivers\vmnet.sys
2012-10-31 21:04:08 20120 ----a-w- C:\Windows\System32\drivers\vmnetadapter.sys
2012-10-31 19:32:08 353280 ----a-w- C:\Windows\SysWow64\vmnc.dll
2012-10-29 11:25:43 12868626 ----a-w- C:\ContinuumMalwareByteTest.exe
2012-10-24 08:47:10 85104 ----a-w- C:\Windows\System32\drivers\vmci.sys
2012-10-16 09:33:12 47496 ----a-w- C:\Windows\SysWow64\sbbd.exe
2012-10-15 15:31:36 86816 ----a-w- C:\Windows\System32\drivers\sbwtis.sys
2012-10-11 11:45:06 37680 ----a-w- C:\Windows\System32\drivers\vmusb.sys
2012-10-08 11:31:03 2312704 ----a-w- C:\Windows\System32\jscript9.dll
2012-10-08 11:23:52 1392128 ----a-w- C:\Windows\System32\wininet.dll
2012-10-08 11:22:55 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl
2012-10-08 11:18:22 173056 ----a-w- C:\Windows\System32\ieUnatt.exe
2012-10-08 11:17:35 599040 ----a-w- C:\Windows\System32\vbscript.dll
2012-10-08 11:13:33 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
2012-10-08 07:56:24 1800704 ----a-w- C:\Windows\SysWow64\jscript9.dll
2012-10-08 07:48:03 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll
2012-10-08 07:47:44 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2012-10-08 07:44:05 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2012-10-08 07:43:21 420864 ----a-w- C:\Windows\SysWow64\vbscript.dll
2012-10-08 07:40:56 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
.
============= FINISH: 15:53:59.59 ===============
Please advise....