[Unable to install MB4 Beta.]

Scan ran successfully without any glitch and no new issues were found.

Scan report attached for your reference.

Scan report.txt

[Unable to install MB4 Beta.]

Hello @nikhils,

I have successfully downloaded the installer and installed it on my system without any problem.

The issue was not with the browsers but it was sandboxie that was responsible. I strictly run all the browsers sandboxed and i was successful when  tried to download the installer file outside of sandboxie and installed it.  

[Unable to install MB4 Beta.]

I have already tried chrome and firefox to download but the same issue persists.

[Unable to install MB4 Beta.]

Hi,

I have downloaded the new beta version of malwarebytes (mb4-setup-consumer-4.0.0.142-1.0.628-1.0.10702) but unable to install it on my system.
It is showing the following error(The setup files are corrupted. Please obtain a new copy of the program.) 
Attached a copy of the screenshot for your reference.

[Introducing Malwarebytes Anti-Malware 2.0!]

Congratulations to all the team members of Malwarebytes but still believe that some fine tuning is required to keep up with the great reputation of yours.

[want to report a issue .]

MBAM 2.0 RC 1

 

Win 7/64 SP1

 

Full Scan (Threat Scan)

 

selected all the 3 options

 

Every time i try to cancel/stop the scan, it freezes and does not respond.i tried to cancel/stop the scan at different times of the scan and the result is the same. 

[want to report a issue .]

i want to report a issue regarding the scanner freezing and not responding. when i try to stop a ongoing scanning(any type of scanning), the Mbam freezes and does not respond. thankyou.

[Unable to UPDATE to Latest Version.]

thankyou for the information.

[Unable to UPDATE to Latest Version.]

can you be a bit specific on the subject.

[Unable to UPDATE to Latest Version.]

I am unable to update to the latest version of MBAM v2.0.00.0.503 from my previous version of MBAM v2.00.0.0028. When i click on CHECK FOR UPDATES in the application, it scans for the updates and says as NO UPDATES AVAILABLE. Do i need to delete the old beta version and install the updated beta version. thankyou.

[[SOLVED] Firefox 26 & other programs failing to launch]

I too had the problem of browser(chrome, firefox & ie11) blockage with MBAE 0.09.3.1000 but the problem was solved after updating to MBAE 0.09.5.0250. Now everything is running normally and no issues are found for the past 7 days. thankyou.

[system running slow.]

Mr.Ron, i have already removed all the tools but saved TFC for future use. I don't have words to express myself. thankyou for everything. Bye. 

[system running slow.]

Hello Mr.Ron, installed MBAE and the problem seems to be solved. the culprit was Threatfire and uninstalled it from the control panel.I also want to know which is the good option for protection against the viruses spread through USB removable devices (panda usb vaccine, noautoruns etc). thankyou.

[system running slow.]

Mr.Ron, unable to find any solution to this problem. uninstalling Threatfire seems to be the final solution to this problem. i want to know whether winpatrol is a good replacement. thankyou.

[system running slow.]

Mr.Ron, do you want me to uninstall Threatfire or there any other solution to this problem.

[system running slow.]

Mr.Ron,will be waiting to hear from you on this problem. thankyou.

[system running slow.]

Mr.Ron, the problem has resurfaced after reinstalling Notepad++ and Threatfire. the MBAM scan log is as follows:

 

Malwarebytes Anti-Malware 1.75.0.1300

www.malwarebytes.org

 

Database version: v2013.10.02.07

 

Windows 7 Service Pack 1 x64 NTFS

Internet Explorer 10.0.9200.16686

Kishore Reddy :: KISHOREREDDY-PC [administrator]

 

02/10/2013 23:47:31

mbam-log-2013-10-02 (23-47-31).txt

 

Scan type: Quick scan

Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P

Scan options disabled: 

Objects scanned: 208341

Time elapsed: 4 minute(s), 44 second(s)

 

Memory Processes Detected: 0

(No malicious items detected)

 

Memory Modules Detected: 0

(No malicious items detected)

 

Registry Keys Detected: 0

(No malicious items detected)

 

Registry Values Detected: 0

(No malicious items detected)

 

Registry Data Items Detected: 0

(No malicious items detected)

 

Folders Detected: 1

c:\users\kishore reddy\appdata\roaming\delta (PUP.Optional.Delta.A) -> Quarantined and deleted successfully.

 

Files Detected: 3

c:\users\kishore reddy\appdata\roaming\delta\sqlite3.dll (PUP.Optional.Delta.A) -> Delete on reboot.

c:\users\kishore reddy\appdata\local\google\chrome\user data\default\bprotector web data (PUP.Optional.BProtector.A) -> Delete on reboot.

c:\users\kishore reddy\appdata\local\google\chrome\user data\default\bprotectorpreferences (PUP.Optional.BProtector.A) -> Delete on reboot.

 

(end)

[system running slow.]

Hello Mr. Ron, the required MBAM log is posted below. i will install Notepad++ & Threatfire  and rescan with MBAM and post that log. thankyou.

 

Malwarebytes Anti-Malware 1.75.0.1300

www.malwarebytes.org

 

Database version: v2013.10.02.07

 

Windows 7 Service Pack 1 x64 NTFS

Internet Explorer 10.0.9200.16686

Kishore Reddy :: KISHOREREDDY-PC [administrator]

 

02/10/2013 22:31:15

mbam-log-2013-10-02 (22-31-15).txt

 

Scan type: Quick scan

Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P

Scan options disabled: 

Objects scanned: 208439

Time elapsed: 4 minute(s), 44 second(s)

 

Memory Processes Detected: 0

(No malicious items detected)

 

Memory Modules Detected: 0

(No malicious items detected)

 

Registry Keys Detected: 0

(No malicious items detected)

 

Registry Values Detected: 0

(No malicious items detected)

 

Registry Data Items Detected: 0

(No malicious items detected)

 

Folders Detected: 0

(No malicious items detected)

 

Files Detected: 0

(No malicious items detected)

 

(end)

[system running slow.]

Mr.Ron, saved TFC for future use and manually deleted all other tools from the desktop. do you want me to use Avira AV or go back to MSE. what shall i do about Threatfire, do i have any other option of HIPS in its place. there are some left over folders of Advanced system care do i need to manually delete them and the last thing, can i reinstall Notepad++ . thankyou.

[system running slow.]

Mr.Ron, i have the following on my Desktop. do you want me to manually delete them. thankyou.

 

• Drweb-cureit
• avg-remover
• aswclear
• VEW
• JRT
• rkill
• erunt-setup
• security check
• security look
• TFC

[system running slow.]

Mr.Ron, everything seems to be ok. the earlier problems are all resolved and the system is running quite nicely.the final decision in this regard is yours. you have to decide that the system is ok. thankyou.

[system running slow.]

Mr.Ron, if i am not online how can i reply to you in this forum. i am using windows firewall notifier and it does not allow any out going connection without my permission. thankyou.

[system running slow.]

yes, i am online. the service may be a somewhat slow. thankyou.

[system running slow.]

Mr.Ron, the required logs are as follows:

 

Farbar Service Scanner Version: 13-09-2013

Ran by Kishore Reddy (administrator) on 02-10-2013 at 13:28:30

Running from "C:\Users\Kishore Reddy\Desktop"

Microsoft Windows 7 Home Basic  Service Pack 1 (X64)

Boot Mode: Normal

****************************************************************

 

Internet Services:

============

 

Connection Status:

==============

Localhost is accessible.

LAN connected.

Attempt to access Google IP returned error. Other errors

Attempt to access Google.com returned error: Other errors

Attempt to access Yahoo.com returned error: Other errors

 

 

Windows Firewall:

=============

 

Firewall Disabled Policy: 

==================

 

 

System Restore:

============

 

System Restore Disabled Policy: 

========================

 

 

Action Center:

============

 

 

Windows Update:

============

 

Windows Autoupdate Disabled Policy: 

============================

 

 

Windows Defender:

==============

WinDefend Service is not running. Checking service configuration:

The start type of WinDefend service is set to Demand. The default start type is Auto.

The ImagePath of WinDefend service is OK.

The ServiceDll of WinDefend service is OK.

 

 

Windows Defender Disabled Policy: 

==========================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]

"DisableAntiSpyware"=DWORD:1

 

 

Other Services:

==============

 

 

File Check:

========

C:\Windows\System32\nsisvc.dll => MD5 is legit

C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit

C:\Windows\System32\dhcpcore.dll => MD5 is legit

C:\Windows\System32\drivers\afd.sys => MD5 is legit

C:\Windows\System32\drivers\tdx.sys => MD5 is legit

C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit

C:\Windows\System32\dnsrslvr.dll => MD5 is legit

C:\Windows\System32\mpssvc.dll => MD5 is legit

C:\Windows\System32\bfe.dll => MD5 is legit

C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit

C:\Windows\System32\SDRSVC.dll => MD5 is legit

C:\Windows\System32\vssvc.exe => MD5 is legit

C:\Windows\System32\wscsvc.dll => MD5 is legit

C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit

C:\Windows\System32\wuaueng.dll => MD5 is legit

C:\Windows\System32\qmgr.dll => MD5 is legit

C:\Windows\System32\es.dll => MD5 is legit

C:\Windows\System32\cryptsvc.dll => MD5 is legit

C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit

C:\Windows\System32\svchost.exe => MD5 is legit

C:\Windows\System32\rpcss.dll => MD5 is legit

 

 

**** End of log ****

 

 

MiniToolBox by Farbar  Version: 13-07-2013

Ran by Kishore Reddy (administrator) on 02-10-2013 at 13:30:49

Running from "C:\Users\Kishore Reddy\Desktop"

Microsoft Windows 7 Home Basic  Service Pack 1 (X64)

Boot Mode: Normal

***************************************************************************

 

========================= Flush DNS: ===================================

 

Windows IP Configuration

 

Successfully flushed the DNS Resolver Cache.

 

========================= IE Proxy Settings: ============================== 

 

Proxy is not enabled.

No Proxy Server is set.

 

"Reset IE Proxy Settings": IE Proxy Settings were reset.

 

========================= FF Proxy Settings: ============================== 

 

 

"Reset FF Proxy Settings": Firefox Proxy settings were reset.

 

========================= Hosts content: =================================

 

127.0.0.1       localhost

 

========================= IP Configuration: ================================

 

HUAWEI Mobile Connect - Network Adapter = Mobile Broadband Connection (Connected)

Broadcom NetLink Gigabit Ethernet = Local Area Connection (Media disconnected)

Broadcom 802.11n Network Adapter = Wireless Network Connection (Media disconnected)

Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 2 (Media disconnected)

 

 

# ----------------------------------

# IPv4 Configuration

# ----------------------------------

pushd interface ipv4

 

reset

set global icmpredirects=enabled

set subinterface interface=?5. subinterface=ethernet_13 mtu=1477

 

 

popd

# End of IPv4 configuration

 

 

 

Windows IP Configuration

 

   Host Name . . . . . . . . . . . . : KishoreReddy-PC

   Primary Dns Suffix  . . . . . . . : 

   Node Type . . . . . . . . . . . . : Hybrid

   IP Routing Enabled. . . . . . . . : No

   WINS Proxy Enabled. . . . . . . . : No

 

Mobile Broadband adapter Mobile Broadband Connection:

 

   Connection-specific DNS Suffix  . : 

   Description . . . . . . . . . . . : HUAWEI Mobile Connect - Network Adapter

   Physical Address. . . . . . . . . : 58-2C-80-13-92-63

   DHCP Enabled. . . . . . . . . . . : No

   Autoconfiguration Enabled . . . . : Yes

   Link-local IPv6 Address . . . . . : fe80::590e:8445:d36f:8004%20(Preferred) 

   IPv4 Address. . . . . . . . . . . : 101.223.164.161(Preferred) 

   Subnet Mask . . . . . . . . . . . : 255.255.255.252

   Default Gateway . . . . . . . . . : 101.223.164.162

   DHCPv6 IAID . . . . . . . . . . . : 307768448

   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-14-BA-4C-07-1C-75-08-4A-5E-ED

   DNS Servers . . . . . . . . . . . : 101.223.255.141

                                       101.223.255.142

   NetBIOS over Tcpip. . . . . . . . : Enabled

 

Wireless LAN adapter Wireless Network Connection 2:

 

   Media State . . . . . . . . . . . : Media disconnected

   Connection-specific DNS Suffix  . : 

   Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter

   Physical Address. . . . . . . . . : 88-9F-FA-52-86-8D

   DHCP Enabled. . . . . . . . . . . : Yes

   Autoconfiguration Enabled . . . . : Yes

 

Wireless LAN adapter Wireless Network Connection:

 

   Media State . . . . . . . . . . . : Media disconnected

   Connection-specific DNS Suffix  . : 

   Description . . . . . . . . . . . : Broadcom 802.11n Network Adapter

   Physical Address. . . . . . . . . : 88-9F-FA-52-86-8D

   DHCP Enabled. . . . . . . . . . . : Yes

   Autoconfiguration Enabled . . . . : Yes

 

Ethernet adapter Local Area Connection:

 

   Media State . . . . . . . . . . . : Media disconnected

   Connection-specific DNS Suffix  . : ACERGAIA

   Description . . . . . . . . . . . : Broadcom NetLink Gigabit Ethernet

   Physical Address. . . . . . . . . : 1C-75-08-4A-5E-ED

   DHCP Enabled. . . . . . . . . . . : Yes

   Autoconfiguration Enabled . . . . : Yes

 

Tunnel adapter isatap.{6DDA0891-7C2F-43AB-A1E5-AD63177F46A2}:

 

   Media State . . . . . . . . . . . : Media disconnected

   Connection-specific DNS Suffix  . : 

   Description . . . . . . . . . . . : Microsoft ISATAP Adapter

   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0

   DHCP Enabled. . . . . . . . . . . : No

   Autoconfiguration Enabled . . . . : Yes

 

Tunnel adapter isatap.{7192A182-B59A-456C-8073-B43B8598DC04}:

 

   Media State . . . . . . . . . . . : Media disconnected

   Connection-specific DNS Suffix  . : 

   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2

   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0

   DHCP Enabled. . . . . . . . . . . : No

   Autoconfiguration Enabled . . . . : Yes

 

Tunnel adapter isatap.ACERGAIA:

 

   Media State . . . . . . . . . . . : Media disconnected

   Connection-specific DNS Suffix  . : 

   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3

   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0

   DHCP Enabled. . . . . . . . . . . : No

   Autoconfiguration Enabled . . . . : Yes

 

Tunnel adapter isatap.{CB371C0D-BBF8-4D21-8847-F7504903E527}:

 

   Media State . . . . . . . . . . . : Media disconnected

   Connection-specific DNS Suffix  . : 

   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #4

   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0

   DHCP Enabled. . . . . . . . . . . : No

   Autoconfiguration Enabled . . . . : Yes

 

Tunnel adapter 6TO4 Adapter:

 

   Connection-specific DNS Suffix  . : 

   Description . . . . . . . . . . . : Microsoft 6to4 Adapter

   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0

   DHCP Enabled. . . . . . . . . . . : No

   Autoconfiguration Enabled . . . . : Yes

   IPv6 Address. . . . . . . . . . . : 2002:65df:a4a1::65df:a4a1(Preferred) 

   Default Gateway . . . . . . . . . : 

   DNS Servers . . . . . . . . . . . : 101.223.255.141

                                       101.223.255.142

   NetBIOS over Tcpip. . . . . . . . : Disabled

 

Tunnel adapter Teredo Tunneling Pseudo-Interface:

 

   Connection-specific DNS Suffix  . : 

   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface

   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0

   DHCP Enabled. . . . . . . . . . . : No

   Autoconfiguration Enabled . . . . : Yes

   IPv6 Address. . . . . . . . . . . : 2001:0:4137:9e76:3050:2049:9a20:5b5e(Preferred) 

   Link-local IPv6 Address . . . . . : fe80::3050:2049:9a20:5b5e%15(Preferred) 

   Default Gateway . . . . . . . . . : 

   NetBIOS over Tcpip. . . . . . . . : Disabled

DNS request timed out.

    timeout was 2 seconds.

Server:  UnKnown

Address:  101.223.255.141

 

DNS request timed out.

    timeout was 2 seconds.

DNS request timed out.

    timeout was 2 seconds.

DNS request timed out.

    timeout was 2 seconds.

Name:    google.com

Address:  2404:6800:4001:c01::66

 

 

Pinging google.com [74.125.135.102] with 32 bytes of data:

General failure.

General failure.

 

Ping statistics for 74.125.135.102:

    Packets: Sent = 2, Received = 0, Lost = 2 (100% loss),

Server:  UnKnown

Address:  101.223.255.141

 

Name:    yahoo.com

Addresses:  206.190.36.45

 98.139.183.24

 98.138.253.109

 

 

Pinging yahoo.com [98.139.183.24] with 32 bytes of data:

General failure.

General failure.

 

Ping statistics for 98.139.183.24:

    Packets: Sent = 2, Received = 0, Lost = 2 (100% loss),

 

Pinging 127.0.0.1 with 32 bytes of data:

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

 

Ping statistics for 127.0.0.1:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 0ms, Maximum = 0ms, Average = 0ms

===========================================================================

Interface List

 20...58 2c 80 13 92 63 ......HUAWEI Mobile Connect - Network Adapter

 17...88 9f fa 52 86 8d ......Microsoft Virtual WiFi Miniport Adapter

 13...88 9f fa 52 86 8d ......Broadcom 802.11n Network Adapter

 10...1c 75 08 4a 5e ed ......Broadcom NetLink Gigabit Ethernet

  1...........................Software Loopback Interface 1

 19...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter

 21...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2

 18...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #3

 34...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #4

 14...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter

 15...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface

===========================================================================

 

IPv4 Route Table

===========================================================================

Active Routes:

Network Destination        Netmask          Gateway       Interface  Metric

          0.0.0.0          0.0.0.0  101.223.164.162  101.223.164.161    296

  101.223.164.160  255.255.255.252         On-link   101.223.164.161    296

  101.223.164.161  255.255.255.255         On-link   101.223.164.161    296

  101.223.164.163  255.255.255.255         On-link   101.223.164.161    296

        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306

        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306

  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306

        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306

        224.0.0.0        240.0.0.0         On-link   101.223.164.161    296

  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306

  255.255.255.255  255.255.255.255         On-link   101.223.164.161    296

===========================================================================

Persistent Routes:

  None

 

IPv6 Route Table

===========================================================================

Active Routes:

 If Metric Network Destination      Gateway

  1    306 ::1/128                  On-link

 15     58 2001::/32                On-link

 15    306 2001:0:4137:9e76:3050:2049:9a20:5b5e/128

                                    On-link

 14   1040 2002::/16                On-link

 14    296 2002:65df:a4a1::65df:a4a1/128

                                    On-link

 20    296 fe80::/64                On-link

 15    306 fe80::/64                On-link

 15    306 fe80::3050:2049:9a20:5b5e/128

                                    On-link

 20    296 fe80::590e:8445:d36f:8004/128

                                    On-link

  1    306 ff00::/8                 On-link

 15    306 ff00::/8                 On-link

 20    296 ff00::/8                 On-link

===========================================================================

Persistent Routes:

  None

========================= Winsock entries =====================================

 

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)

Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)

Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)

Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)

Catalog5 05 C:\Windows\SysWOW64\wshbth.dll [36352] (Microsoft Corporation)

Catalog5 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)

Catalog5 07 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)

Catalog9 01 C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll [258104] (Avira Operations GmbH & Co. KG)

Catalog9 02 C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll [258104] (Avira Operations GmbH & Co. KG)

Catalog9 03 C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll [258104] (Avira Operations GmbH & Co. KG)

Catalog9 04 C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll [258104] (Avira Operations GmbH & Co. KG)

Catalog9 05 C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll [258104] (Avira Operations GmbH & Co. KG)

Catalog9 06 C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll [258104] (Avira Operations GmbH & Co. KG)

Catalog9 07 C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll [258104] (Avira Operations GmbH & Co. KG)

Catalog9 08 C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll [258104] (Avira Operations GmbH & Co. KG)

Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)

Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)

Catalog9 11 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)

Catalog9 12 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)

Catalog9 13 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)

Catalog9 14 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)

Catalog9 15 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)

Catalog9 16 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)

Catalog9 17 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)

Catalog9 18 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)

Catalog9 19 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)

Catalog9 20 C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll [258104] (Avira Operations GmbH & Co. KG)

x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)

x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)

x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)

x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)

x64-Catalog5 05 C:\Windows\System32\wshbth.dll [47104] (Microsoft Corporation)

x64-Catalog5 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

x64-Catalog5 07 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)

x64-Catalog9 01 C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll [231480] (Avira Operations GmbH & Co. KG)

x64-Catalog9 02 C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll [231480] (Avira Operations GmbH & Co. KG)

x64-Catalog9 03 C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll [231480] (Avira Operations GmbH & Co. KG)

x64-Catalog9 04 C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll [231480] (Avira Operations GmbH & Co. KG)

x64-Catalog9 05 C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll [231480] (Avira Operations GmbH & Co. KG)

x64-Catalog9 06 C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll [231480] (Avira Operations GmbH & Co. KG)

x64-Catalog9 07 C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll [231480] (Avira Operations GmbH & Co. KG)

x64-Catalog9 08 C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll [231480] (Avira Operations GmbH & Co. KG)

x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

x64-Catalog9 11 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

x64-Catalog9 12 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

x64-Catalog9 13 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

x64-Catalog9 14 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

x64-Catalog9 15 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

x64-Catalog9 16 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

x64-Catalog9 17 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

x64-Catalog9 18 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

x64-Catalog9 19 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

x64-Catalog9 20 C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll [231480] (Avira Operations GmbH & Co. KG)

 

========================= Event log errors: ===============================

 

Application errors:

==================

Error: (10/02/2013 00:08:31 PM) (Source: CVHSVC) (User: )

Description: Information only.

(Patch task for {90140011-0066-0409-0000-0000000FF1CE}): DownloadLatest Failed: There are currently no active network connections. Background Intelligent Transfer Service (BITS) will try again when an adapter is connected.

 

Error: (10/02/2013 10:56:34 AM) (Source: CVHSVC) (User: )

Description: Information only.

(Patch task for {90140011-0066-0409-0000-0000000FF1CE}): DownloadLatest Failed: There are currently no active network connections. Background Intelligent Transfer Service (BITS) will try again when an adapter is connected.

 

Error: (10/01/2013 08:04:37 PM) (Source: CVHSVC) (User: )

Description: Information only.

(Patch task for {90140011-0066-0409-0000-0000000FF1CE}): DownloadLatest Failed: There are currently no active network connections. Background Intelligent Transfer Service (BITS) will try again when an adapter is connected.

 

Error: (10/01/2013 02:02:22 PM) (Source: CVHSVC) (User: )

Description: Information only.

(Patch task for {90140011-0066-0409-0000-0000000FF1CE}): DownloadLatest Failed: There are currently no active network connections. Background Intelligent Transfer Service (BITS) will try again when an adapter is connected.

 

Error: (10/01/2013 01:48:16 PM) (Source: CVHSVC) (User: )

Description: Information only.

(Patch task for {90140011-0066-0409-0000-0000000FF1CE}): DownloadLatest Failed: There are currently no active network connections. Background Intelligent Transfer Service (BITS) will try again when an adapter is connected.

 

Error: (10/01/2013 10:27:56 AM) (Source: CVHSVC) (User: )

Description: Information only.

(Patch task for {90140011-0066-0409-0000-0000000FF1CE}): DownloadLatest Failed: There are currently no active network connections. Background Intelligent Transfer Service (BITS) will try again when an adapter is connected.

 

Error: (09/29/2013 02:54:06 PM) (Source: SideBySide) (User: )

Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.

A component version required by the application conflicts with another component version already active.

Conflicting components are:.

Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

 

Error: (09/28/2013 10:22:47 PM) (Source: SideBySide) (User: )

Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.

A component version required by the application conflicts with another component version already active.

Conflicting components are:.

Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

 

Error: (09/27/2013 09:29:36 PM) (Source: CVHSVC) (User: )

Description: Information only.

(Patch task for {90140011-0066-0409-0000-0000000FF1CE}): DownloadLatest Failed: The server name or address could not be resolved

 

Error: (09/27/2013 00:08:56 PM) (Source: SideBySide) (User: )

Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.

A component version required by the application conflicts with another component version already active.

Conflicting components are:.

Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

 

 

System errors:

=============

Error: (10/02/2013 00:30:10 PM) (Source: Service Control Manager) (User: )

Description: The Aircel. OUC service failed to start due to the following error: 

%%1053

 

Error: (10/02/2013 00:30:10 PM) (Source: Service Control Manager) (User: )

Description: A timeout was reached (30000 milliseconds) while waiting for the Aircel. OUC service to connect.

 

Error: (10/02/2013 00:17:41 PM) (Source: Service Control Manager) (User: )

Description: The PEVSystemStart service is marked as an interactive service.  However, the system is configured to not allow interactive services.  This service may not function properly.

 

Error: (10/02/2013 00:17:06 PM) (Source: Application Popup) (User: )

Description: \??\C:\ComboFix\catchme.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.

 

Error: (10/02/2013 00:17:06 PM) (Source: Application Popup) (User: )

Description: \??\C:\ComboFix\catchme.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.

 

Error: (10/02/2013 00:15:05 PM) (Source: Service Control Manager) (User: )

Description: The PEVSystemStart service is marked as an interactive service.  However, the system is configured to not allow interactive services.  This service may not function properly.

 

Error: (10/02/2013 00:10:54 PM) (Source: Service Control Manager) (User: )

Description: The DirMngr service terminated unexpectedly.  It has done this 1 time(s).

 

Error: (10/02/2013 11:58:09 AM) (Source: Service Control Manager) (User: )

Description: The Aircel. OUC service failed to start due to the following error: 

%%1053

 

Error: (10/02/2013 11:58:09 AM) (Source: Service Control Manager) (User: )

Description: A timeout was reached (30000 milliseconds) while waiting for the Aircel. OUC service to connect.

 

Error: (10/02/2013 11:50:22 AM) (Source: Service Control Manager) (User: )

Description: The Aircel. OUC service failed to start due to the following error: 

%%1053

 

 

Microsoft Office Sessions:

=========================

Error: (10/02/2013 00:08:31 PM) (Source: CVHSVC)(User: )

Description: (Patch task for {90140011-0066-0409-0000-0000000FF1CE}): DownloadLatest Failed: There are currently no active network connections. Background Intelligent Transfer Service (BITS) will try again when an adapter is connected.

 

Error: (10/02/2013 10:56:34 AM) (Source: CVHSVC)(User: )

Description: (Patch task for {90140011-0066-0409-0000-0000000FF1CE}): DownloadLatest Failed: There are currently no active network connections. Background Intelligent Transfer Service (BITS) will try again when an adapter is connected.

 

Error: (10/01/2013 08:04:37 PM) (Source: CVHSVC)(User: )

Description: (Patch task for {90140011-0066-0409-0000-0000000FF1CE}): DownloadLatest Failed: There are currently no active network connections. Background Intelligent Transfer Service (BITS) will try again when an adapter is connected.

 

Error: (10/01/2013 02:02:22 PM) (Source: CVHSVC)(User: )

Description: (Patch task for {90140011-0066-0409-0000-0000000FF1CE}): DownloadLatest Failed: There are currently no active network connections. Background Intelligent Transfer Service (BITS) will try again when an adapter is connected.

 

Error: (10/01/2013 01:48:16 PM) (Source: CVHSVC)(User: )

Description: (Patch task for {90140011-0066-0409-0000-0000000FF1CE}): DownloadLatest Failed: There are currently no active network connections. Background Intelligent Transfer Service (BITS) will try again when an adapter is connected.

 

Error: (10/01/2013 10:27:56 AM) (Source: CVHSVC)(User: )

Description: (Patch task for {90140011-0066-0409-0000-0000000FF1CE}): DownloadLatest Failed: There are currently no active network connections. Background Intelligent Transfer Service (BITS) will try again when an adapter is connected.

 

Error: (09/29/2013 02:54:06 PM) (Source: SideBySide)(User: )

Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe

 

Error: (09/28/2013 10:22:47 PM) (Source: SideBySide)(User: )

Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe

 

Error: (09/27/2013 09:29:36 PM) (Source: CVHSVC)(User: )

Description: (Patch task for {90140011-0066-0409-0000-0000000FF1CE}): DownloadLatest Failed: The server name or address could not be resolved

 

Error: (09/27/2013 00:08:56 PM) (Source: SideBySide)(User: )

Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe

 

 

CodeIntegrity Errors:

===================================

  Date: 2013-10-02 12:17:06.705

  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

 

  Date: 2013-10-02 12:17:06.565

  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

 

  Date: 2013-10-02 12:17:06.409

  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

 

  Date: 2013-10-02 12:17:06.268

  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

 

  Date: 2013-09-20 13:19:22.806

  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

 

  Date: 2013-09-20 13:19:22.681

  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

 

  Date: 2013-09-20 13:19:22.557

  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

 

  Date: 2013-09-20 13:19:22.432

  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

 

  Date: 2013-09-12 13:27:41.653

  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

 

  Date: 2013-09-12 13:27:41.528

  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

 

 

=========================== Installed Programs ============================

 

7-Zip 9.22beta

Acer Backup Manager (Version: 2.0.0.68)

Acer Crystal Eye webcam (Version: 1.0.4.5)

Acer ePower Management (Version: 5.00.3005)

Acer eRecovery Management (Version: 4.05.3013)

Acer GameZone Console (Version: 6.1.0.40435)

Acer Registration (Version: 1.03.3003)

Acer ScreenSaver (Version: 1.1.0707.2010)

Acer Updater (Version: 1.02.3001)

Acrobat.com (Version: 1.6.65)

Adobe Community Help (Version: 3.5.23)

Adobe Flash Player 11 ActiveX (Version: 11.8.800.94)

Adobe Flash Player 11 Plugin (Version: 11.8.800.94)

Adobe Reader XI (11.0.03) (Version: 11.0.03)

Advanced Renamer (Version: 3.53)

Aegisub 3.0.4 (Version: 3.0.4)

AeroWallpaperChanger (Version: 1.1.0.2)

Aircel (Version: 23.009.05.01.850)

Any Video Converter 3.5.5

Ashampoo Burning Studio 2012 v.10.0.15 (Version: 10.0.15)

Astroburn Lite (Version: 1.8.0.0182)

Audacity 2.0.3 (Version: 2.0.3)

Avidemux 2.6 (Version: 2.6.1.8321)

Avira Free Antivirus (Version: 13.0.0.4052)

AviSynth 2.5

AxCrypt 1.7.2931.0 (Version: 1.7.2931.0)

Backup Manager Basic (Version: 2.0.0.68)

Belarc Advisor 8.3 (Version: 8.3.0.0)

BitMeter

Broadcom Gigabit NetLink Controller (Version: 14.0.2.3)

calibre (Version: 0.9.33)

CCleaner (Version: 4.05)

Cheat Engine 6.2

CyberLink PowerDVD 9 (Version: 9.0.3814.50)

DAEMON Tools Lite (Version: 4.47.1.0333)

Daum PotPlayer 1.5.39007 x64 Edition

DVD Decrypter (Remove Only)

DVD Shrink 3.2

Eraser 6.0.10.2620 (Version: 6.0.2620)

ESET Online Scanner v3

eSobi v2 (Version: 2.0.4.000274)

ETDWare PS/2-x64 7.0.6.5_WHQL (Version: 7.0.6.5)

FormatFactory 3.00 (Version: 3.00)

Free Download Manager 3.9.2

Free Studio version 5.7.6.1015 (Version: 5.7.6.1015)

FreeOCR v4.2

GIMP 2.8.4 (Version: 2.8.4)

GnuCash 2.4.13

Google Chrome (Version: 29.0.1547.76)

Google Earth (Version: 7.1.1.1888)

Gpg4win (2.1.1) (Version: 2.1.1)

GPL Ghostscript (Version: 9.07)

HandBrake 0.9.8 (Version: 0.9.8)

Identity Card (Version: 1.00.3003)

ImgBurn (Version: 2.5.8.0)

Inkscape 0.48.4 (Version: 0.48.4)

Intel® Control Center (Version: 1.2.1.1007)

Intel® Graphics Media Accelerator Driver (Version: 8.15.10.2182)

Intel® Management Engine Components (Version: 6.0.0.1179)

Intel® Rapid Storage Technology (Version: 9.6.2.1001)

Intel® Turbo Boost Technology Monitor (Version: 1.0.186.6)

Internet Explorer (Enable DEP)

Junk Mail filter update (Version: 14.0.8117.416)

KC Softwares SUMo

KeyScrambler (Version: 3.1.0.0)

K-Lite Mega Codec Pack 9.9.4 (Version: 9.9.4)

LADSPA_plugins-win-0.4.15

LastPass(uninstall only)

Launch Manager (Version: 4.0.14)

Lernout & Hauspie TruVoice American English TTS Engine

LibreOffice 4.0 Help Pack (English) (Version: 4.0.4.2)

LibreOffice 4.0.4.2 (Version: 4.0.4.2)

MailWasher (Version: 7.1.5)

Malwarebytes Anti-Malware version 1.75.0.1300 (Version: 1.75.0.1300)

Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)

Microsoft Application Error Reporting (Version: 12.0.6015.5000)

Microsoft Choice Guard (Version: 2.0.48.0)

Microsoft Office 2010 (Version: 14.0.4763.1000)

Microsoft Office Click-to-Run 2010 (Version: 14.0.4763.1000)

Microsoft Office Starter 2010 - English (Version: 14.0.4763.1000)

Microsoft Silverlight (Version: 5.1.20513.0)

Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)

Microsoft Text-to-Speech Engine 4.0 (English)

Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)

Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)

Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (Version: 9.0.21022)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)

Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (Version: 10.0.40219)

Microsoft_VC80_ATL_x86 (Version: 8.0.50727.4053)

Microsoft_VC80_ATL_x86_x64 (Version: 8.0.50727.4053)

Microsoft_VC80_CRT_x86 (Version: 8.0.50727.4053)

Microsoft_VC80_CRT_x86_x64 (Version: 8.0.50727.4053)

Microsoft_VC80_MFC_x86 (Version: 8.0.50727.4053)

Microsoft_VC80_MFC_x86_x64 (Version: 8.0.50727.4053)

Microsoft_VC80_MFCLOC_x86 (Version: 8.0.50727.4053)

Microsoft_VC80_MFCLOC_x86_x64 (Version: 80.50727.4053)

Microsoft_VC90_ATL_x86 (Version: 1.00.0000)

Microsoft_VC90_ATL_x86_x64 (Version: 1.00.0000)

Microsoft_VC90_CRT_x86 (Version: 1.00.0000)

Microsoft_VC90_CRT_x86_x64 (Version: 1.00.0000)

Microsoft_VC90_MFC_x86 (Version: 1.00.0000)

Microsoft_VC90_MFC_x86_x64 (Version: 1.00.0000)

Mozilla Firefox 24.0 (x86 en-US) (Version: 24.0)

Mozilla Maintenance Service (Version: 24.0)

MSVC90_x64 (Version: 1.0.1.2)

MSVC90_x86 (Version: 1.0.1.2)

MSVCRT (Version: 14.0.1468.721)

MusicBee 2.1 (Version: 2.1)

Nokia Connectivity Cable Driver (Version: 7.1.78.0)

Nokia PC Suite (Version: 7.1.180.94)

Paint.NET v3.5.10 (Version: 3.60.0)

PC Connectivity Solution (Version: 12.0.27.0)

PDFCreator (Version: 1.5.0)

PDFill PDF Editor with FREE Writer and FREE Tools (Version: 10.0)

PDF-Viewer (Version: 2.5.208.0)

PDF-XChange Viewer (Version: 2.5.206.0)

PhotoScape

Python 2.7.5 (Version: 2.7.5150)

RapidTyping (Version: 4.6.5)

Realtek High Definition Audio Driver (Version: 6.0.1.6141)

Realtek USB 2.0 Card Reader (Version: 6.1.7600.30122)

Recuva (Version: 1.46)

Revo Uninstaller 1.94 (Version: 1.94)

Samsung ML-2010 Series

Sandboxie 3.76 (64-bit) (Version: 3.76)

Secunia PSI (2.0.0.4003) (Version: 2.0.0.4003)

SecurityKISS Tunnel v0.3.0

Sizer 3.34 (Version: 3.3.4.0)

Speakonia (Version: 1.0.3.5)

Speccy (Version: 1.20)

TrueCrypt (Version: 7.1a)

Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)

Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)

Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)

Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (Version: 1)

Valkyrie Uploader 1.0

Visual Studio 2008 x64 Redistributables (Version: 10.0.0.2)

VLC media player 2.0.8 (Version: 2.0.8)

VobSub v2.23 (Remove Only)

WebSite Downloader 1.1 (Version: 1.1)

Welcome Center (Version: 1.02.3004)

WIDCOMM Bluetooth Software (Version: 6.3.0.6000)

Windows Driver Package - Nokia Modem  (02/25/2011 4.7) (Version: 02/25/2011 4.7)

Windows Driver Package - Nokia Modem  (02/25/2011 7.01.0.9) (Version: 02/25/2011 7.01.0.9)

Windows Driver Package - Nokia pccsmcfd LegacyDriver  (05/31/2012 7.1.2.0) (Version: 05/31/2012 7.1.2.0)

Windows Live Call (Version: 14.0.8117.0416)

Windows Live Communications Platform (Version: 14.0.8117.416)

Windows Live Essentials (Version: 14.0.8117.0416)

Windows Live Essentials (Version: 14.0.8117.416)

Windows Live Mail (Version: 14.0.8117.0416)

Windows Live Messenger (Version: 14.0.8117.0416)

Windows Live Movie Maker (Version: 14.0.8117.0416)

Windows Live Photo Gallery (Version: 14.0.8117.416)

Windows Live Sign-in Assistant (Version: 5.000.818.5)

Windows Live Sync (Version: 14.0.8117.416)

Windows Live Upload Tool (Version: 14.0.8014.1029)

Windows Live Writer (Version: 14.0.8117.0416)

yEd Graph Editor 3.10.2 (Version: 3.10.2)

 

========================= Devices: ================================

 

 

========================= Memory info: ===================================

 

Percentage of memory in use: 45%

Total physical RAM: 2806.71 MB

Available physical RAM: 1536.34 MB

Total Pagefile: 5611.61 MB

Available Pagefile: 3693.96 MB

Total Virtual: 4095.88 MB

Available Virtual: 3965.89 MB

 

========================= Partitions: =====================================

 

1 Drive c: (Acer) (Fixed) (Total:452.66 GB) (Free:393.18 GB) NTFS

4 Drive f: (Aircel) (CDROM) (Total:0.07 GB) (Free:0 GB) CDFS

 

========================= Users: ========================================

 

User accounts for \\KISHOREREDDY-PC

 

Administrator            Guest                    Kishore Reddy            

 

========================= Minidump Files ==================================

 

No minidump file found

 

 

**** End of log ****

 

[system running slow.]

Hello Mr.Ron, reinstalled OUC and has run combfix and the log is posted for further analysis.i also need to tell you that my system starting speed as increased considerably. thankyou.

 

 ComboFix 13-10-01.03 - Kishore Reddy 02/10/2013  12:10:56.12.4 - x64

Microsoft Windows 7 Home Basic   6.1.7601.1.1252.91.1033.18.2807.1635 [GMT 5.5:30]

Running from: c:\users\Kishore Reddy\Desktop\ComboFix.exe

AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}

SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

.

(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

c:\windows\wininit.ini

.

.

(((((((((((((((((((((((((   Files Created from 2013-09-02 to 2013-10-02  )))))))))))))))))))))))))))))))

.

.

2013-10-02 06:47 . 2013-10-02 06:47 -------- d-----w- c:\users\Public\AppData\Local\temp

2013-10-02 06:47 . 2013-10-02 06:47 -------- d-----w- c:\users\Default\AppData\Local\temp

2013-10-02 06:00 . 2012-09-18 08:22 239104 ----a-w- c:\windows\system32\drivers\ew_juwwanecm.sys

2013-10-02 06:00 . 2012-09-14 01:28 451072 ----a-w- c:\windows\system32\drivers\ewusbwwan.sys

2013-10-02 06:00 . 2012-08-20 00:55 90112 ----a-w- c:\windows\system32\drivers\ew_jubusenum.sys

2013-10-02 06:00 . 2012-08-20 00:55 76288 ----a-w- c:\windows\system32\drivers\ew_jucdcecm.sys

2013-10-02 06:00 . 2012-08-20 00:55 30720 ----a-w- c:\windows\system32\drivers\ew_juextctrl.sys

2013-10-02 06:00 . 2012-08-20 00:55 104960 ----a-w- c:\windows\system32\drivers\ew_jucdcacm.sys

2013-10-02 06:00 . 2011-12-31 01:20 225920 ----a-w- c:\windows\system32\drivers\ewusbmdm.sys

2013-10-02 06:00 . 2010-10-08 08:59 32768 ----a-w- c:\windows\system32\drivers\ewdcsc.sys

2013-10-02 06:00 . 2010-09-26 10:09 22016 ----a-w- c:\windows\system32\drivers\ew_hwupgrade.sys

2013-10-02 06:00 . 2010-08-05 23:43 1001472 ----a-w- c:\windows\system32\drivers\mod7700.sys

2013-10-02 06:00 . 2010-07-27 01:52 117248 ----a-w- c:\windows\system32\drivers\ew_hwusbdev.sys

2013-10-02 06:00 . 2010-03-20 04:06 13952 ----a-w- c:\windows\system32\drivers\ew_usbenumfilter.sys

2013-10-02 05:59 . 2013-10-02 06:04 -------- d-----w- c:\program files (x86)\Aircel

2013-09-25 08:19 . 2013-09-25 08:19 81112 ----a-w- c:\windows\system32\drivers\avnetflt.sys

2013-09-25 08:16 . 2013-09-25 08:16 -------- d-----w- c:\users\Kishore Reddy\AppData\Roaming\Avira

2013-09-25 08:11 . 2013-09-25 08:11 -------- d-----w- c:\programdata\Avira

2013-09-25 08:11 . 2013-09-25 08:11 -------- d-----w- c:\program files (x86)\Avira

2013-09-25 08:11 . 2013-08-22 12:21 105344 ----a-w- c:\windows\system32\drivers\avgntflt.sys

2013-09-25 08:11 . 2013-07-15 10:38 132088 ----a-w- c:\windows\system32\drivers\avipbb.sys

2013-09-25 08:11 . 2013-03-06 10:43 28600 ----a-w- c:\windows\system32\drivers\avkmgr.sys

2013-09-24 08:03 . 2013-09-24 08:03 -------- d-s---w- c:\windows\SysWow64\Microsoft

2013-09-24 07:36 . 2013-09-24 19:27 76232 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{A0939623-FEFE-4AC6-9581-8886E73E27E1}\offreg.dll

2013-09-24 05:50 . 2013-09-15 19:20 9694160 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{A0939623-FEFE-4AC6-9581-8886E73E27E1}\mpengine.dll

2013-09-22 07:24 . 2013-09-24 08:26 -------- d-----w- c:\program files\AVAST Software

2013-09-22 07:23 . 2013-09-25 07:58 -------- d-----w- c:\programdata\AVAST Software

2013-09-20 06:37 . 2013-09-23 20:56 -------- d-----w- C:\AdwCleaner

2013-09-20 05:21 . 2013-09-20 05:21 -------- d-----w- c:\windows\ERUNT

2013-09-12 08:06 . 2013-10-02 06:47 -------- d-----w- c:\users\Kishore Reddy\AppData\Local\temp

2013-09-12 06:38 . 2013-08-10 05:22 1084928 ----a-w- c:\program files\Common Files\Microsoft Shared\VGX\VGX.dll

2013-09-12 06:38 . 2013-08-10 05:21 53248 ----a-w- c:\windows\system32\jsproxy.dll

2013-09-12 06:38 . 2013-08-10 03:59 1767936 ----a-w- c:\windows\SysWow64\wininet.dll

2013-09-12 06:38 . 2013-08-10 05:22 2241024 ----a-w- c:\windows\system32\wininet.dll

2013-09-12 06:38 . 2013-08-10 05:20 15404544 ----a-w- c:\windows\system32\ieframe.dll

2013-09-12 06:38 . 2013-08-10 05:21 19246592 ----a-w- c:\windows\system32\mshtml.dll

2013-09-07 15:33 . 2013-09-17 07:44 -------- d-----w- C:\FRST

2013-09-06 09:37 . 2013-09-13 15:25 -------- d-----w- c:\users\Kishore Reddy\Doctor Web

.

.

.

((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2013-09-12 06:32 . 2011-09-10 10:04 79143768 ----a-w- c:\windows\system32\MRT.exe

2013-08-29 11:01 . 2013-08-29 14:05 460888 ----a-w- c:\windows\system32\drivers\97771742.sys

2013-08-19 07:30 . 2012-04-02 15:46 692104 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe

2013-08-19 07:30 . 2012-03-11 09:16 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl

2013-08-06 22:52 . 2011-09-16 07:01 278800 ------w- c:\windows\system32\MpSigStub.exe

2013-08-02 01:48 . 2013-09-11 07:38 44032 ----a-w- c:\windows\apppatch\acwow64.dll

2013-07-25 09:25 . 2013-08-15 03:19 1888768 ----a-w- c:\windows\system32\WMVDECOD.DLL

2013-07-25 08:57 . 2013-08-15 03:19 1620992 ----a-w- c:\windows\SysWow64\WMVDECOD.DLL

2013-07-19 01:58 . 2013-08-15 03:19 2048 ----a-w- c:\windows\system32\tzres.dll

2013-07-19 01:41 . 2013-08-15 03:19 2048 ----a-w- c:\windows\SysWow64\tzres.dll

2013-07-09 05:52 . 2013-08-15 03:20 224256 ----a-w- c:\windows\system32\wintrust.dll

2013-07-09 05:51 . 2013-08-15 03:18 1217024 ----a-w- c:\windows\system32\rpcrt4.dll

2013-07-09 05:46 . 2013-08-15 03:20 184320 ----a-w- c:\windows\system32\cryptsvc.dll

2013-07-09 05:46 . 2013-08-15 03:20 1472512 ----a-w- c:\windows\system32\crypt32.dll

2013-07-09 05:46 . 2013-08-15 03:20 139776 ----a-w- c:\windows\system32\cryptnet.dll

2013-07-09 04:52 . 2013-08-15 03:18 663552 ----a-w- c:\windows\SysWow64\rpcrt4.dll

2013-07-09 04:52 . 2013-08-15 03:21 175104 ----a-w- c:\windows\SysWow64\wintrust.dll

2013-07-09 04:46 . 2013-08-15 03:21 140288 ----a-w- c:\windows\SysWow64\cryptsvc.dll

2013-07-09 04:46 . 2013-08-15 03:21 1166848 ----a-w- c:\windows\SysWow64\crypt32.dll

2013-07-09 04:46 . 2013-08-15 03:21 103936 ----a-w- c:\windows\SysWow64\cryptnet.dll

2013-07-06 06:03 . 2013-08-15 05:38 1910208 ----a-w- c:\windows\system32\drivers\tcpip.sys

2013-05-07 14:33 . 2013-03-19 06:51 10965504 ----a-w- c:\program files (x86)\Common Files\lpuninstall.exe

.

.

(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown 

REGEDIT4

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]

"KeyScrambler"="c:\program files (x86)\KeyScrambler\keyscrambler.exe" [2013-03-26 534160]

"LManager"="c:\program files (x86)\launch manager\lmanager.exe" [2010-08-10 975952]

"IAStorIcon"="c:\program files (x86)\intel\intel® rapid storage technology\iastoricon.exe" [2010-04-13 284696]

"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2013-07-17 347192]

.

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\

Secunia PSI Tray.lnk - c:\program files (x86)\Secunia\PSI\psi_tray.exe [2011-10-14 291896]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 5 (0x5)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableUIADesktopToggle"= 0 (0x0)

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]

"mixer2"=wdmaud.drv

.

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]

BootExecute REG_MULTI_SZ  

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro36]

@=""

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro36.sys]

@=""

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37]

@=""

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37.sys]

@=""

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37Crusader]

@=""

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37CrusaderBoot]

@=""

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

@=""

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-disabled]

"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe"

"vProt"=c:\program files (x86)\avg secure search\vprot.exe

"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

.

R2 Aircel. RunOuc;Aircel. OUC;c:\program files (x86)\Aircel\UpdateDog\ouc.exe;c:\program files (x86)\Aircel\UpdateDog\ouc.exe [x]

R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]

R2 DirMngr;DirMngr;c:\program files (x86)\GNU\GnuPG\dirmngr.exe;c:\program files (x86)\GNU\GnuPG\dirmngr.exe [x]

R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [x]

R3 btwampfl;Bluetooth AMP USB Filter;c:\windows\system32\drivers\btwampfl.sys;c:\windows\SYSNATIVE\drivers\btwampfl.sys [x]

R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys;c:\windows\SYSNATIVE\DRIVERS\btwl2cap.sys [x]

R3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;c:\windows\system32\DRIVERS\ew_hwusbdev.sys;c:\windows\SYSNATIVE\DRIVERS\ew_hwusbdev.sys [x]

R3 ew_usbenumfilter;huawei_CompositeFilter;c:\windows\system32\DRIVERS\ew_usbenumfilter.sys;c:\windows\SYSNATIVE\DRIVERS\ew_usbenumfilter.sys [x]

R3 huawei_cdcacm;huawei_cdcacm;c:\windows\system32\DRIVERS\ew_jucdcacm.sys;c:\windows\SYSNATIVE\DRIVERS\ew_jucdcacm.sys [x]

R3 huawei_ext_ctrl;huawei_ext_ctrl;c:\windows\system32\DRIVERS\ew_juextctrl.sys;c:\windows\SYSNATIVE\DRIVERS\ew_juextctrl.sys [x]

R3 huawei_wwanecm;huawei_wwanecm;c:\windows\system32\DRIVERS\ew_juwwanecm.sys;c:\windows\SYSNATIVE\DRIVERS\ew_juwwanecm.sys [x]

R3 PSI;PSI;c:\windows\system32\DRIVERS\psi_mf.sys;c:\windows\SYSNATIVE\DRIVERS\psi_mf.sys [x]

R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]

R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUStor.sys [x]

R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]

R3 TurboBoost;TurboBoost;c:\program files\Intel\TurboBoost\TurboBoost.exe;c:\program files\Intel\TurboBoost\TurboBoost.exe [x]

R3 ztemtusbser;ZTEMT Legacy Serial Communication;c:\windows\system32\DRIVERS\CT_ZTEMT_U_USBSER.sys;c:\windows\SYSNATIVE\DRIVERS\CT_ZTEMT_U_USBSER.sys [x]

S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]

S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys;c:\windows\SYSNATIVE\DRIVERS\avkmgr.sys [x]

S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]

S2 AntiVirSchedulerService;Avira Scheduler;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [x]

S2 AntiVirWebService;Avira Web Protection;c:\program files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE;c:\program files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [x]

S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [x]

S2 DsiWMIService;Dritek WMI Service;c:\program files (x86)\Launch Manager\dsiwmis.exe;c:\program files (x86)\Launch Manager\dsiwmis.exe [x]

S2 ePowerSvc;Acer ePower Service;c:\program files\Acer\Acer ePower Management\ePowerSvc.exe;c:\program files\Acer\Acer ePower Management\ePowerSvc.exe [x]

S2 GREGService;GREGService;c:\program files (x86)\Acer\Registration\GREGsvc.exe;c:\program files (x86)\Acer\Registration\GREGsvc.exe [x]

S2 HWDeviceService64.exe;HWDeviceService64.exe;c:\programdata\DatacardService\HWDeviceService64.exe;c:\programdata\DatacardService\HWDeviceService64.exe [x]

S2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [x]

S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [x]

S2 NTI IScheduleSvc;NTI IScheduleSvc;c:\program files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe;c:\program files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [x]

S2 Secunia PSI Agent;Secunia PSI Agent;c:\program files (x86)\Secunia\PSI\PSIA.exe;c:\program files (x86)\Secunia\PSI\PSIA.exe [x]

S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [x]

S2 SSPORT;SSPORT;c:\windows\system32\Drivers\SSPORT.sys;c:\windows\SYSNATIVE\Drivers\SSPORT.sys [x]

S2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys;c:\windows\SYSNATIVE\DRIVERS\TurboB.sys [x]

S2 UNS;Intel® Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [x]

S2 Updater Service;Updater Service;c:\program files\Acer\Acer Updater\UpdaterService.exe;c:\program files\Acer\Acer Updater\UpdaterService.exe [x]

S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys;c:\windows\SYSNATIVE\DRIVERS\ETD.sys [x]

S3 HECIx64;Intel® Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys;c:\windows\SYSNATIVE\DRIVERS\HECIx64.sys [x]

S3 huawei_enumerator;huawei_enumerator;c:\windows\system32\DRIVERS\ew_jubusenum.sys;c:\windows\SYSNATIVE\DRIVERS\ew_jubusenum.sys [x]

S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys;c:\windows\SYSNATIVE\DRIVERS\Impcd.sys [x]

S3 IntcDAud;Intel® Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]

S3 k57nd60a;Broadcom NetLink Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys;c:\windows\SYSNATIVE\DRIVERS\k57nd60a.sys [x]

S3 KeyScrambler;KeyScrambler;c:\windows\system32\drivers\keyscrambler.sys;c:\windows\SYSNATIVE\drivers\keyscrambler.sys [x]

S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]

S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftfslh.sys [x]

S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftplaylh.sys [x]

S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftredirlh.sys [x]

S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftvollh.sys [x]

S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [x]

.

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]

2013-09-20 03:38 1177552 ----a-w- c:\program files (x86)\Google\Chrome\Application\29.0.1547.76\Installer\chrmstp.exe

.

.

--------- X64 Entries -----------

.

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Persistence"="c:\windows\system32\igfxpers.exe" [2012-01-10 417560]

"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-01-10 167704]

"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-01-10 392984]

"ETDWare"="c:\program files (x86)\elantech\etdctrl.exe" [bU]

.

------- Supplementary Scan -------

.

uLocal Page = c:\windows\system32\blank.htm

 

 

 

 

IE: Free YouTube Download - c:\users\Kishore Reddy\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm

IE: Free YouTube to MP3 Converter - c:\users\Kishore Reddy\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm

 

 

IE: Send image to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm

IE: Send page to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

LSP: c:\program files (x86)\Avira\AntiVir Desktop\avsda.dll

FF - ProfilePath - c:\users\Kishore Reddy\AppData\Roaming\Mozilla\Firefox\Profiles\8l8f2rdt.default-1353771796483\

FF - ExtSQL: 2013-09-03 13:38; firefox@ghostery.com; c:\users\Kishore Reddy\AppData\Roaming\Mozilla\Firefox\Profiles\8l8f2rdt.default-1353771796483\extensions\firefox@ghostery.com.xpi

.

- - - - ORPHANS REMOVED - - - -

.

Toolbar-Locked - (no file)

SafeBoot-38477474.sys

ShellIconOverlayIdentifiers-{FB314ED9-A251-47B7-93E1-CDD82E34AF8B} - (no file)

ShellIconOverlayIdentifiers-{FB314EDA-A251-47B7-93E1-CDD82E34AF8B} - (no file)

ShellIconOverlayIdentifiers-{FB314EDB-A251-47B7-93E1-CDD82E34AF8B} - (no file)

ShellIconOverlayIdentifiers-{FB314EDC-A251-47B7-93E1-CDD82E34AF8B} - (no file)

.

.

.

--------------------- LOCKED REGISTRY KEYS ---------------------

.

[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\Approved Extensions]

@Denied: (2) (LocalSystem)

"{18DF081C-E8AD-4283-A596-FA578C2EBDC3}"=hex:51,66,7a,6c,4c,1d,38,12,72,0b,cc,

   1c,9f,a6,ed,07,da,80,b9,17,89,70,f9,d7

"{2B9F5787-88A5-4945-90E7-C4B18563BC5E}"=hex:51,66,7a,6c,4c,1d,38,12,e9,54,8c,

   2f,97,c6,2b,0c,ef,f1,87,f1,80,3d,f8,4a

"{31332EEF-CB9F-458F-AFEB-D30E9A66B6BA}"=hex:51,66,7a,6c,4c,1d,38,12,81,2d,20,

   35,ad,85,e1,00,d0,fd,90,4e,9f,38,f2,ae

"{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}"=hex:51,66,7a,6c,4c,1d,38,12,7c,f0,b1,

   38,5c,21,3d,0e,d9,78,0d,25,e1,c9,8c,d4

"{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}"=hex:51,66,7a,6c,4c,1d,38,12,d5,94,07,

   72,c2,98,42,03,c9,fd,97,9a,f4,87,69,57

"{9030D464-4C02-4ABF-8ECC-5164760863C6}"=hex:51,66,7a,6c,4c,1d,38,12,0a,d7,23,

   94,30,02,d1,0f,f1,da,12,24,73,56,27,d2

"{CC59E0F9-7E43-44FA-9FAA-8377850BF205}"=hex:51,66,7a,6c,4c,1d,38,12,97,e3,4a,

   c8,71,30,94,01,e0,bc,c0,37,80,55,b6,11

"{DBC80044-A445-435B-BC74-9C25C1C588A9}"=hex:51,66,7a,6c,4c,1d,38,12,2a,03,db,

   df,77,ea,35,06,c3,62,df,65,c4,9b,cc,bd

.

[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\ApprovedExtensionsMigration]

@Denied: (2) (LocalSystem)

"Timestamp"=hex:e6,1e,6f,07,11,c4,cd,01

.

[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]

@Denied: (2) (LocalSystem)

"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,

   d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,08,60,ce,f5,dc,1a,92,4a,98,22,81,\

"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,

   d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,08,60,ce,f5,dc,1a,92,4a,98,22,81,\

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_8_800_94_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]

@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_8_800_94_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="IFlashBroker5"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_8_800_94_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_8_800_94_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Shockwave Flash Object"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_94.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]

@="0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]

@="ShockwaveFlash.ShockwaveFlash.11"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_94.ocx, 1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="ShockwaveFlash.ShockwaveFlash"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Macromedia Flash Factory Object"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_94.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]

@="FlashFactory.FlashFactory.1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_94.ocx, 1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="FlashFactory.FlashFactory"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="IFlashBroker5"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

Completion time: 2013-10-02  12:20:45

ComboFix-quarantined-files.txt  2013-10-02 06:50

ComboFix2.txt  2013-09-25 06:08

ComboFix3.txt  2013-09-23 18:37

ComboFix4.txt  2013-09-23 07:03

ComboFix5.txt  2013-10-02 06:40

.

Pre-Run: 422,435,205,120 bytes free

Post-Run: 422,073,495,552 bytes free

.

- - End Of File - - A92D4B833CF4C9CE11C2CB1ABE9D938E