scorpian
-
Posts
129 -
Joined
-
Last visited
Content Type
Events
Profiles
Forums
Posts posted by scorpian
-
-
Earlier i tried to run JRT but was unable to run it . only a black screen opens and closes. shall i run these instructed applications being online or offline.
-
Hello Borislav,i am really thankfull to you for your help in advance.
except MBAM, no other scan is showing delta.
the logs are as follows:
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 10.0.9200.16660Run by Kishore Reddy at 22:27:13 on 2013-08-22Microsoft Windows 7 Home Basic 6.1.7601.1.1252.91.1033.18.2807.1430 [GMT 5.5:30].AV: Microsoft Security Essentials *Enabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}SP: Spybot - Search and Destroy *Enabled/Outdated* {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}SP: Microsoft Security Essentials *Enabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}.============== Running Processes ===============.C:\Windows\system32\lsm.exeC:\Windows\system32\svchost.exe -k DcomLaunchC:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exeC:\Windows\system32\svchost.exe -k RPCSSc:\Program Files\Microsoft Security Client\MsMpEng.exeC:\Windows\System32\svchost.exe -k LocalServiceNetworkRestrictedC:\Windows\System32\svchost.exe -k LocalSystemNetworkRestrictedC:\Windows\system32\svchost.exe -k LocalServiceC:\Windows\system32\svchost.exe -k netsvcsC:\Windows\system32\svchost.exe -k GPSvcGroupC:\Program Files\Sandboxie\SbieSvc.exeC:\Windows\system32\svchost.exe -k NetworkServiceC:\Windows\system32\svchost.exe -k LocalServiceNoNetworkC:\Windows\system32\WLANExt.exeC:\Windows\System32\spoolsv.exeC:\Windows\system32\taskhost.exeC:\Program Files\SUPERAntiSpyware\SASCORE64.EXEC:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exeC:\Windows\system32\Dwm.exeC:\Windows\Explorer.EXEC:\Windows\system32\taskeng.exeC:\Users\KISHOR~1\AppData\Local\Temp\7zO41B1B645\NoAutorun.exeC:\Program Files (x86)\Google\Update\1.3.21.153\GoogleCrashHandler.exeC:\ProgramData\Aircel\OnlineUpdate\ouc.exeC:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exeC:\Program Files (x86)\GNU\GnuPG\dirmngr.exeC:\Windows\System32\igfxtray.exeC:\Program Files (x86)\Launch Manager\dsiwmis.exeC:\Program Files\Microsoft Security Client\msseces.exeC:\Program Files\Acer\Acer ePower Management\ePowerSvc.exeC:\Program Files\Sandboxie\SbieCtrl.exeC:\Program Files (x86)\Secunia\PSI\psi_tray.exeC:\Program Files (x86)\Acer\Registration\GREGsvc.exeC:\ProgramData\DatacardService\HWDeviceService64.exeC:\ProgramData\DatacardService\DCSHelper.exeC:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exeC:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exeC:\Program Files (x86)\Google\Update\1.3.21.153\GoogleCrashHandler64.exeC:\Program Files (x86)\ThreatFire\TFTray.exeC:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exeC:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exeC:\Program Files (x86)\Secunia\PSI\PSIA.exeC:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exeC:\Windows\system32\svchost.exe -k imgsvcC:\Windows\system32\svchost.exe -k LocalSystemNetworkRestrictedC:\Program Files (x86)\ThreatFire\TFService.exeC:\Program Files\Acer\Acer Updater\UpdaterService.exeC:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exeC:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exeC:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exeC:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXEc:\Program Files\Microsoft Security Client\NisSrv.exeC:\Program Files (x86)\KeyScrambler\KeyScrambler.exeC:\Program Files (x86)\Launch Manager\LManager.exeC:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exeC:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exeC:\Program Files (x86)\Launch Manager\MMDx64Fx.exeC:\Program Files (x86)\Launch Manager\LMworker.exeC:\Program Files (x86)\KeyScrambler\x64\KeyScrambler.exeC:\Windows\system32\wbem\unsecapp.exeC:\Windows\system32\wbem\wmiprvse.exeC:\Windows\system32\SearchIndexer.exeC:\Program Files (x86)\Panda USB Vaccine\USBVaccine.exeC:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonationC:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exeC:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exeC:\PROGRAM FILES (X86)\NEWTECH INFOSYSTEMS\ACER BACKUP MANAGER\BACKUPMANAGERTRAY.EXEC:\PROGRAM FILES\REALTEK\AUDIO\HDA\RAVCPL64.EXEC:\Program Files (x86)\FireTrust\MailWasher\MailWasher.exeC:\Windows\system32\wbem\wmiprvse.exeC:\Windows\System32\cscript.exe.============== Pseudo HJT Report ===============.uStart Page = about:blankuWindow Title = Windows Internet Explorer provided by MSN and BingmWinlogon: Userinit = userinit.exe,BHO: AutorunsDisabled - <orphaned>BHO: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dllBHO: Windows Live Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dllBHO: LastPass Vault: {95D9ECF5-2A4D-4550-BE49-70D42F71296E} - C:\Program Files (x86)\LastPass\LPToolbar.dllBHO: Advanced SystemCare Browser Protection: {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\Program Files (x86)\IObit\Advanced SystemCare 6\BrowerProtect\ASCPlugin_Protection.dllBHO: Free Download Manager: {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files (x86)\Free Download Manager\iefdm2.dllTB: LastPass Toolbar: {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar.dlluRun: [sandboxieControl] "C:\Program Files\Sandboxie\SbieCtrl.exe"mRun: [ThreatFire] C:\Program Files (x86)\ThreatFire\TFTray.exemRun: [KeyScrambler] C:\Program Files (x86)\KeyScrambler\keyscrambler.exe /amRun: [LManager] c:\program files (x86)\launch manager\lmanager.exemRun: [iAStorIcon] c:\program files (x86)\intel\intel® rapid storage technology\iastoricon.exemRun: [sDTray] c:\program files (x86)\spybot - search & destroy 2\sdtray.exeStartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\SECUNI~1.LNK - C:\Program Files (x86)\Secunia\PSI\psi_tray.exeuPolicies-Explorer: NoDriveTypeAutoRun = dword:124mPolicies-Explorer: NoActiveDesktop = dword:1mPolicies-Explorer: NoActiveDesktopChanges = dword:1mPolicies-Explorer: NoDriveTypeAutoRun = dword:255mPolicies-System: ConsentPromptBehaviorAdmin = dword:5mPolicies-System: ConsentPromptBehaviorUser = dword:3mPolicies-System: EnableUIADesktopToggle = dword:0IE: Download all with Free Download Manager - C:\Program Files (x86)\Free Download Manager\dlall.htmIE: Download selected with Free Download Manager - C:\Program Files (x86)\Free Download Manager\dlselected.htmIE: Download video with Free Download Manager - C:\Program Files (x86)\Free Download Manager\dlfvideo.htmIE: Download with Free Download Manager - C:\Program Files (x86)\Free Download Manager\dllink.htmIE: Free YouTube Download - C:\Users\Kishore Reddy\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htmIE: Free YouTube to MP3 Converter - C:\Users\Kishore Reddy\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htmIE: lastpass - C:\Users\Kishore Reddy\AppData\LocalLow\lastpass\context.html?cmd=lastpassIE: LastPass Fill Forms - C:\Users\Kishore Reddy\AppData\LocalLow\lastpass\context.html?cmd=fillformsIE: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htmIE: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htmIE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dllIE: {43699cd0-e34f-11de-8a39-0800200c9a66} - {95D9ECF5-2A4D-4550-BE49-70D42F71296E} - C:\Program Files (x86)\LastPass\LPToolbar.dllIE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htmIE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll.INFO: HKCU has more than 50 listed domains.If you wish to scan all of them, select the 'Force scan all domains' option...INFO: HKLM has more than 50 listed domains.If you wish to scan all of them, select the 'Force scan all domains' option..TCP: Interfaces\{74014D15-BF53-4AB2-8AE3-B51DF324B05C} : DHCPNameServer = 168.95.1.1TCP: Interfaces\{A20E3932-DF94-4653-BC8A-7A2694250D5A} : DHCPNameServer = 10.10.0.1TCP: Interfaces\{F893701F-8C69-4B7A-9239-8A552C12ECDE} : NameServer = 101.223.255.141 101.223.255.142Handler: AutorunsDisabled - <Clsid value has no data>Handler: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files (x86)\Belarc\Advisor\System\BAVoilaX.dllNotify: SDWinLogon - SDWinLogon.dllSSODL: WebCheck - <orphaned>mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.57\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chromeIFEO: taskmgr.exe - "C:\USERS\KISHORE REDDY\DOWNLOADS\NEW PROG\PROCESSEXPLORER\PROCEXP.EXE"x64-BHO: AutorunsDisabled - <orphaned>x64-BHO: cardisabled - <orphaned>x64-BHO: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - <orphaned>x64-BHO: {DBC80044-A445-435b-BC74-9C25C1C588A9} - <orphaned>x64-Run: [Persistence] C:\Windows\System32\igfxpers.exex64-Run: [igfxTray] C:\Windows\System32\igfxtray.exex64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exex64-Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkeyx64-Run: [ETDWare] C:\Program Files (x86)\elantech\etdctrl.exex64-IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm.INFO: x64-HKLM has more than 50 listed domains.If you wish to scan all of them, select the 'Force scan all domains' option..x64-Handler: AutorunsDisabled - <Clsid value has no data>x64-Handler: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - <orphaned>x64-Notify: igfxcui - igfxdev.dllx64-SSODL: WebCheck - <orphaned>x64-IFEO: taskmgr.exe - "C:\USERS\KISHORE REDDY\DOWNLOADS\NEW PROG\PROCESSEXPLORER\PROCEXP.EXE"Hosts: 127.0.0.1 www.spywareinfo.com.================= FIREFOX ===================.FF - ProfilePath - C:\Users\Kishore Reddy\AppData\Roaming\Mozilla\Firefox\Profiles\8l8f2rdt.default-1353771796483\FF - plugin: C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLLFF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dllFF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dllFF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dllFF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrlui.dllFF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dllFF - plugin: C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dllFF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dllFF - plugin: C:\Windows\SysWOW64\npDeployJava1.dllFF - plugin: C:\Windows\SysWOW64\npmproxy.dll.============= SERVICES / DRIVERS ===============.R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\System32\drivers\MpFilter.sys [2013-6-18 247216]R0 TfFsMon;TfFsMon;C:\Windows\System32\drivers\TfFsMon.sys [2012-11-16 65072]R0 TfSysMon;TfSysMon;C:\Windows\System32\drivers\TfSysMon.sys [2012-11-16 59880]R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\Windows\System32\drivers\dtsoftbus01.sys [2013-3-16 283200]R1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2011-7-22 14928]R1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2011-7-13 12368]R2 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCore64.exe [2013-5-8 143088]R2 AdvancedSystemCareService6;Advanced SystemCare Service 6;C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exe [2013-4-5 528192]R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2012-1-4 822624]R2 DirMngr;DirMngr;C:\Program Files (x86)\GNU\GnuPG\dirmngr.exe [2013-5-28 218112]R2 DsiWMIService;Dritek WMI Service;C:\Program Files (x86)\Launch Manager\dsiwmis.exe [2010-8-31 321104]R2 ePowerSvc;Acer ePower Service;C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe [2011-1-8 868896]R2 GREGService;GREGService;C:\Program Files (x86)\Acer\Registration\GREGsvc.exe [2010-1-8 23584]R2 HWDeviceService64.exe;HWDeviceService64.exe;C:\ProgramData\DatacardService\HWDeviceService64.exe [2011-3-14 346976]R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-8-31 13336]R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-9-30 418376]R2 NisDrv;Microsoft Network Inspection System;C:\Windows\System32\drivers\NisDrvWFP.sys [2011-4-27 139616]R2 NTI IScheduleSvc;NTI IScheduleSvc;C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [2010-6-29 255744]R2 SDScannerService;Spybot-S&D 2 Scanner Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [2012-12-30 1103392]R2 SDUpdateService;Spybot-S&D 2 Updating Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2012-12-30 1369624]R2 SDWSCService;Spybot-S&D 2 Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [2012-12-30 168384]R2 Secunia PSI Agent;Secunia PSI Agent;C:\Program Files (x86)\Secunia\PSI\psia.exe [2011-10-14 994360]R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-1 508776]R2 SSPORT;SSPORT;C:\Windows\System32\drivers\SSPORT.SYS [2013-2-3 11576]R2 ThreatFire;ThreatFire;C:\Program Files (x86)\ThreatFire\TFService.exe service --> C:\Program Files (x86)\ThreatFire\TFService.exe service [?]R2 TurboB;Turbo Boost UI Monitor driver;C:\Windows\System32\drivers\TurboB.sys [2009-11-3 13784]R2 UNS;Intel® Management & Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2010-8-31 2320920]R2 Updater Service;Updater Service;C:\Program Files\Acer\Acer Updater\UpdaterService.exe [2010-8-31 243232]R3 ETD;ELAN PS/2 Port Input Device;C:\Windows\System32\drivers\ETD.sys [2010-8-31 135560]R3 HECIx64;Intel® Management Engine Interface;C:\Windows\System32\drivers\HECIx64.sys [2010-8-31 56344]R3 huawei_enumerator;huawei_enumerator;C:\Windows\System32\drivers\ew_jubusenum.sys [2013-8-3 90112]R3 Impcd;Impcd;C:\Windows\System32\drivers\Impcd.sys [2010-8-31 158976]R3 IntcDAud;Intel® Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2010-8-31 287232]R3 k57nd60a;Broadcom NetLink Gigabit Ethernet - NDIS 6.0;C:\Windows\System32\drivers\k57nd60a.sys [2010-5-15 384040]R3 KeyScrambler;KeyScrambler;C:\Windows\System32\drivers\keyscrambler.sys [2012-5-21 222232]R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2012-4-5 25928]R3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2013-6-20 366600]R3 PSI;PSI;C:\Windows\System32\drivers\psi_mf.sys [2010-9-1 17976]R3 SbieDrv;SbieDrv;C:\Program Files\Sandboxie\SbieDrv.sys [2012-12-16 202632]R3 Sftfs;Sftfs;C:\Windows\System32\drivers\Sftfslh.sys [2011-10-1 764264]R3 Sftplay;Sftplay;C:\Windows\System32\drivers\Sftplaylh.sys [2011-10-1 268648]R3 Sftredir;Sftredir;C:\Windows\System32\drivers\Sftredirlh.sys [2011-10-1 25960]R3 Sftvol;Sftvol;C:\Windows\System32\drivers\Sftvollh.sys [2011-10-1 22376]R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-1 219496]R3 TfNetMon;TfNetMon;C:\Windows\System32\drivers\TfNetMon.sys [2012-11-16 41888]S2 Aircel. RunOuc;Aircel. OUC;C:\Program Files (x86)\Aircel\UpdateDog\ouc.exe [2013-8-3 655744]S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]S2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-9-30 701512]S3 btwampfl;Bluetooth AMP USB Filter;C:\Windows\System32\drivers\btwampfl.sys [2011-1-8 342056]S3 btwl2cap;Bluetooth L2CAP Service;C:\Windows\System32\drivers\btwl2cap.sys [2011-1-8 39464]S3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;C:\Windows\System32\drivers\ew_hwusbdev.sys [2013-8-3 117248]S3 ew_usbenumfilter;huawei_CompositeFilter;C:\Windows\System32\drivers\ew_usbenumfilter.sys [2013-8-3 13952]S3 HitmanPro37Crusader;HitmanPro 3.7 Crusader;C:\Users\Kishore Reddy\Downloads\HitmanPro36_x64.exe [2012-11-10 9853928]S3 huawei_cdcacm;huawei_cdcacm;C:\Windows\System32\drivers\ew_jucdcacm.sys [2013-8-3 104960]S3 huawei_ext_ctrl;huawei_ext_ctrl;C:\Windows\System32\drivers\ew_juextctrl.sys [2013-8-3 30720]S3 huawei_wwanecm;huawei_wwanecm;C:\Windows\System32\drivers\ew_juwwanecm.sys [2013-8-3 239104]S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2012-10-24 19456]S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\Windows\System32\drivers\RtsUStor.sys [2011-1-8 246376]S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2012-10-24 57856]S3 TurboBoost;TurboBoost;C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2009-11-3 126352]S3 ztemtusbser;ZTEMT Legacy Serial Communication;C:\Windows\System32\drivers\CT_ZTEMT_U_USBSER.sys [2011-8-30 120704]S4 avgwd;AVG WatchDog;"C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe" --> C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe [?]S4 BingDesktopUpdate;Bing Desktop Update service;C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe [2013-4-10 168592].=============== Created Last 30 ================.2013-08-22 06:54:29 9515512 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{EA915592-C61B-4301-854F-05A11C33AD7B}\mpengine.dll2013-08-21 16:20:34 9515512 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll2013-08-21 13:38:35 0 ----a-w- C:\Windows\SysWow64\shoE566.tmp2013-08-18 12:39:11 -------- d-----w- C:\CCE_Quarantine2013-08-18 12:16:52 -------- d-----w- C:\Users\Kishore Reddy\AppData\Roaming\Comodo2013-08-15 05:38:56 39936 ----a-w- C:\Windows\System32\drivers\tssecsrv.sys2013-08-15 05:38:55 1910208 ----a-w- C:\Windows\System32\drivers\tcpip.sys2013-08-15 05:38:32 3913664 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe2013-08-15 05:38:30 5550528 ----a-w- C:\Windows\System32\ntoskrnl.exe2013-08-15 05:38:30 3968960 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe2013-08-15 05:38:30 1732032 ----a-w- C:\Windows\System32\ntdll.dll2013-08-15 05:38:29 243712 ----a-w- C:\Windows\System32\wow64.dll2013-08-15 05:38:29 1292192 ----a-w- C:\Windows\SysWow64\ntdll.dll2013-08-15 05:38:28 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll2013-08-15 05:38:27 7680 ----a-w- C:\Windows\SysWow64\instnm.exe2013-08-15 05:38:27 5120 ----a-w- C:\Windows\SysWow64\wow32.dll2013-08-15 05:38:27 25600 ----a-w- C:\Windows\SysWow64\setup16.exe2013-08-15 05:38:27 2048 ----a-w- C:\Windows\SysWow64\user.exe2013-08-15 03:21:12 175104 ----a-w- C:\Windows\SysWow64\wintrust.dll2013-08-15 03:21:12 140288 ----a-w- C:\Windows\SysWow64\cryptsvc.dll2013-08-15 03:21:12 1166848 ----a-w- C:\Windows\SysWow64\crypt32.dll2013-08-15 03:21:12 103936 ----a-w- C:\Windows\SysWow64\cryptnet.dll2013-08-15 03:20:52 224256 ----a-w- C:\Windows\System32\wintrust.dll2013-08-15 03:20:52 184320 ----a-w- C:\Windows\System32\cryptsvc.dll2013-08-15 03:20:52 1472512 ----a-w- C:\Windows\System32\crypt32.dll2013-08-15 03:20:52 139776 ----a-w- C:\Windows\System32\cryptnet.dll2013-08-15 03:19:39 2048 ----a-w- C:\Windows\SysWow64\tzres.dll2013-08-15 03:19:25 2048 ----a-w- C:\Windows\System32\tzres.dll2013-08-15 03:19:17 1888768 ----a-w- C:\Windows\System32\WMVDECOD.DLL2013-08-15 03:19:17 1620992 ----a-w- C:\Windows\SysWow64\WMVDECOD.DLL2013-08-15 03:18:51 663552 ----a-w- C:\Windows\SysWow64\rpcrt4.dll2013-08-15 03:18:48 1217024 ----a-w- C:\Windows\System32\rpcrt4.dll2013-08-12 11:52:42 0 ----a-w- C:\Windows\SysWow64\sho2A51.tmp2013-08-10 17:43:26 0 ----a-w- C:\Windows\SysWow64\shoF615.tmp2013-08-08 10:14:36 -------- d-----w- C:\Users\Kishore Reddy\AppData\Local\FreeOCR2013-08-08 10:05:38 2680320 ----a-w- C:\Windows\SysWow64\ImageEnXLibrary.ocx2013-08-08 10:05:34 -------- d-----w- C:\FreeOCR2013-08-07 16:52:29 -------- d-----w- C:\Users\Kishore Reddy\AppData\Local\gtk-2.02013-08-07 16:46:27 -------- d-----w- C:\Users\Kishore Reddy\AppData\Roaming\.kde2013-08-03 08:04:07 76288 ----a-w- C:\Windows\System32\drivers\ew_jucdcecm.sys2013-08-03 08:04:07 30720 ----a-w- C:\Windows\System32\drivers\ew_juextctrl.sys2013-08-03 08:04:07 239104 ----a-w- C:\Windows\System32\drivers\ew_juwwanecm.sys2013-08-03 08:04:07 104960 ----a-w- C:\Windows\System32\drivers\ew_jucdcacm.sys2013-08-03 08:04:06 90112 ----a-w- C:\Windows\System32\drivers\ew_jubusenum.sys2013-08-03 08:04:06 451072 ----a-w- C:\Windows\System32\drivers\ewusbwwan.sys2013-08-03 08:04:06 32768 ----a-w- C:\Windows\System32\drivers\ewdcsc.sys2013-08-03 08:04:06 225920 ----a-w- C:\Windows\System32\drivers\ewusbmdm.sys2013-08-03 08:04:06 22016 ----a-w- C:\Windows\System32\drivers\ew_hwupgrade.sys2013-08-03 08:04:06 13952 ----a-w- C:\Windows\System32\drivers\ew_usbenumfilter.sys2013-08-03 08:04:06 117248 ----a-w- C:\Windows\System32\drivers\ew_hwusbdev.sys2013-08-03 08:04:06 1001472 ----a-w- C:\Windows\System32\drivers\mod7700.sys2013-08-03 08:03:00 -------- d-----w- C:\Program Files (x86)\Aircel2013-07-30 16:24:00 -------- d-----w- C:\Python272013-07-30 08:46:01 -------- d-----w- C:\Users\Kishore Reddy\AppData\Roaming\TuneUp Software2013-07-30 07:42:59 0 ----a-w- C:\Windows\SysWow64\shoA49B.tmp2013-07-28 10:47:16 0 ----a-w- C:\Windows\SysWow64\sho30D4.tmp.==================== Find3M ====================.2013-08-19 07:30:50 692104 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe2013-08-19 07:30:49 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl2013-07-26 05:13:37 2241024 ----a-w- C:\Windows\System32\wininet.dll2013-07-26 05:12:08 3958784 ----a-w- C:\Windows\System32\jscript9.dll2013-07-26 05:12:04 136704 ----a-w- C:\Windows\System32\iesysprep.dll2013-07-26 05:12:03 67072 ----a-w- C:\Windows\System32\iesetup.dll2013-07-26 03:35:08 2706432 ----a-w- C:\Windows\System32\mshtml.tlb2013-07-26 03:13:24 1767936 ----a-w- C:\Windows\SysWow64\wininet.dll2013-07-26 03:12:04 2877440 ----a-w- C:\Windows\SysWow64\jscript9.dll2013-07-26 03:12:00 61440 ----a-w- C:\Windows\SysWow64\iesetup.dll2013-07-26 03:12:00 109056 ----a-w- C:\Windows\SysWow64\iesysprep.dll2013-07-26 02:49:14 2706432 ----a-w- C:\Windows\SysWow64\mshtml.tlb2013-07-26 02:39:38 89600 ----a-w- C:\Windows\System32\RegisterIEPKEYs.exe2013-07-26 01:59:38 71680 ----a-w- C:\Windows\SysWow64\RegisterIEPKEYs.exe2013-07-22 09:24:08 0 ----a-w- C:\Windows\SysWow64\sho6C2F.tmp2013-07-11 08:25:52 0 ----a-w- C:\Windows\SysWow64\sho8EE6.tmp2013-07-09 04:45:07 44032 ----a-w- C:\Windows\apppatch\acwow64.dll2013-07-05 08:56:58 0 ----a-w- C:\Windows\SysWow64\sho9EF0.tmp2013-07-04 09:02:35 0 ----a-w- C:\Windows\SysWow64\sho191D.tmp2013-07-01 16:51:34 0 ----a-w- C:\Windows\SysWow64\sho69CC.tmp2013-06-29 09:19:32 0 ----a-w- C:\Windows\SysWow64\shoDD37.tmp2013-06-28 12:19:59 0 ----a-w- C:\Windows\SysWow64\sho9543.tmp2013-06-25 09:40:08 867240 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll2013-06-25 09:40:08 789416 ----a-w- C:\Windows\SysWow64\deployJava1.dll2013-06-19 16:46:33 0 ----a-w- C:\Windows\SysWow64\sho4FB7.tmp2013-06-18 16:20:08 247216 ----a-w- C:\Windows\System32\drivers\MpFilter.sys2013-06-18 16:20:08 139616 ----a-w- C:\Windows\System32\drivers\NisDrvWFP.sys2013-06-13 09:53:51 0 ----a-w- C:\Windows\SysWow64\shoE561.tmp2013-06-12 10:56:09 0 ----a-w- C:\Windows\SysWow64\sho4911.tmp2013-06-05 03:34:27 3153920 ----a-w- C:\Windows\System32\win32k.sys2013-06-04 06:00:13 624128 ----a-w- C:\Windows\System32\qedit.dll2013-06-04 04:53:07 509440 ----a-w- C:\Windows\SysWow64\qedit.dll2013-06-02 16:05:38 0 ----a-w- C:\Windows\SysWow64\sho50CF.tmp2013-05-31 16:57:02 0 ----a-w- C:\Windows\SysWow64\shoCC38.tmp2013-05-07 14:33:38 10965504 ----a-w- C:\Program Files (x86)\Common Files\lpuninstall.exe.============= FINISH: 22:28:50.76 ===============DDS (Ver_2012-11-20.01).Microsoft Windows 7 Home BasicBoot Device: \Device\HarddiskVolume2Install Date: 17-08-2011 21:20:17System Uptime: 22-08-2013 18:55:19 (4 hours ago).Motherboard: Acer | | Aspire 5742Processor: Intel® Core i5 CPU M 480 @ 2.67GHz | CPU | 1173/1066mhz.==== Disk Partitions =========================.C: is FIXED (NTFS) - 453 GiB total, 391.043 GiB free.D: is CDROM ()E: is CDROM ().==== Disabled Device Manager Items =============.==== System Restore Points ===================.RP709: 15-08-2013 00:14:38 - Restore OperationRP710: 15-08-2013 00:25:15 - Windows UpdateRP711: 15-08-2013 08:46:11 - Windows UpdateRP712: 15-08-2013 09:27:36 - Restore OperationRP713: 15-08-2013 09:40:47 - Windows UpdateRP714: 15-08-2013 16:29:15 - Windows UpdateRP715: 17-08-2013 19:23:25 - 17/08/2013RP716: 18-08-2013 18:48:40 - 18/08/2013RP717: 18-08-2013 19:00:07 - Windows BackupRP718: 18-08-2013 19:49:05 - Windows UpdateRP720: 18-08-2013 21:38:26 - Microsoft Antimalware CheckpointRP721: 19-08-2013 12:57:35 - 19/08/2013RP722: 21-08-2013 21:49:55 - Windows Update.==== Installed Programs ======================..==== End Of File =========================== -
i some how installed delta search and when it tried to change my firefox home page,i removed it using Adwcleaner. the problem was solved but when i scan my system with Mbam it shows pup.optional.delta file and folder and when mbam removes and reboots it reappears when i scan again. it comes back again and again. so,please show mea solution to this problem and let me also know if any safety measures are necessary.i am posting the logs.
---------------------------------------------------------------------------------------------------------
DDS.txt
---------------------------------------------------------------------------------------------------------
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 10.0.9200.16660
Run by Kishore Reddy at 22:27:13 on 2013-08-22
Microsoft Windows 7 Home Basic 6.1.7601.1.1252.91.1033.18.2807.1430 [GMT 5.5:30]
.
AV: Microsoft Security Essentials *Enabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Spybot - Search and Destroy *Enabled/Outdated* {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
SP: Microsoft Security Essentials *Enabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exe
C:\Windows\system32\svchost.exe -k RPCSS
c:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Program Files\Sandboxie\SbieSvc.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\WLANExt.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\taskhost.exe
C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Users\KISHOR~1\AppData\Local\Temp\7zO41B1B645\NoAutorun.exe
C:\Program Files (x86)\Google\Update\1.3.21.153\GoogleCrashHandler.exe
C:\ProgramData\Aircel\OnlineUpdate\ouc.exe
C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
C:\Program Files (x86)\GNU\GnuPG\dirmngr.exe
C:\Windows\System32\igfxtray.exe
C:\Program Files (x86)\Launch Manager\dsiwmis.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
C:\Program Files\Sandboxie\SbieCtrl.exe
C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
C:\ProgramData\DatacardService\HWDeviceService64.exe
C:\ProgramData\DatacardService\DCSHelper.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files (x86)\Google\Update\1.3.21.153\GoogleCrashHandler64.exe
C:\Program Files (x86)\ThreatFire\TFTray.exe
C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
C:\Program Files (x86)\Secunia\PSI\PSIA.exe
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\Program Files (x86)\ThreatFire\TFService.exe
C:\Program Files\Acer\Acer Updater\UpdaterService.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
c:\Program Files\Microsoft Security Client\NisSrv.exe
C:\Program Files (x86)\KeyScrambler\KeyScrambler.exe
C:\Program Files (x86)\Launch Manager\LManager.exe
C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
C:\Program Files (x86)\Launch Manager\LMworker.exe
C:\Program Files (x86)\KeyScrambler\x64\KeyScrambler.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files (x86)\Panda USB Vaccine\USBVaccine.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
C:\PROGRAM FILES (X86)\NEWTECH INFOSYSTEMS\ACER BACKUP MANAGER\BACKUPMANAGERTRAY.EXE
C:\PROGRAM FILES\REALTEK\AUDIO\HDA\RAVCPL64.EXE
C:\Program Files (x86)\FireTrust\MailWasher\MailWasher.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = about:blank
uWindow Title = Windows Internet Explorer provided by MSN and Bing
mWinlogon: Userinit = userinit.exe,
BHO: AutorunsDisabled -
Handler: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files (x86)\Belarc\Advisor\System\BAVoilaX.dll
Notify: SDWinLogon - SDWinLogon.dll
SSODL: WebCheck -
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.57\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
IFEO: taskmgr.exe - "C:\USERS\KISHORE REDDY\DOWNLOADS\NEW PROG\PROCESSEXPLORER\PROCEXP.EXE"
x64-BHO: AutorunsDisabled -
x64-BHO: cardisabled -
x64-BHO: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -
x64-BHO: {DBC80044-A445-435b-BC74-9C25C1C588A9} -
x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe
x64-Run: [igfxTray] C:\Windows\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
x64-Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
x64-Run: [ETDWare] C:\Program Files (x86)\elantech\etdctrl.exe
x64-IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
.
INFO: x64-HKLM has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
x64-Handler: AutorunsDisabled -
x64-Handler: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} -
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck -
x64-IFEO: taskmgr.exe - "C:\USERS\KISHORE REDDY\DOWNLOADS\NEW PROG\PROCESSEXPLORER\PROCEXP.EXE"
Hosts: 127.0.0.1 www.spywareinfo.com
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Kishore Reddy\AppData\Roaming\Mozilla\Firefox\Profiles\8l8f2rdt.default-1353771796483\
FF - plugin: C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll
FF - plugin: C:\Windows\SysWOW64\npDeployJava1.dll
FF - plugin: C:\Windows\SysWOW64\npmproxy.dll
.
============= SERVICES / DRIVERS ===============
.
R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\System32\drivers\MpFilter.sys [2013-6-18 247216]
R0 TfFsMon;TfFsMon;C:\Windows\System32\drivers\TfFsMon.sys [2012-11-16 65072]
R0 TfSysMon;TfSysMon;C:\Windows\System32\drivers\TfSysMon.sys [2012-11-16 59880]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\Windows\System32\drivers\dtsoftbus01.sys [2013-3-16 283200]
R1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2011-7-22 14928]
R1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2011-7-13 12368]
R2 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCore64.exe [2013-5-8 143088]
R2 AdvancedSystemCareService6;Advanced SystemCare Service 6;C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exe [2013-4-5 528192]
R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2012-1-4 822624]
R2 DirMngr;DirMngr;C:\Program Files (x86)\GNU\GnuPG\dirmngr.exe [2013-5-28 218112]
R2 DsiWMIService;Dritek WMI Service;C:\Program Files (x86)\Launch Manager\dsiwmis.exe [2010-8-31 321104]
R2 ePowerSvc;Acer ePower Service;C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe [2011-1-8 868896]
R2 GREGService;GREGService;C:\Program Files (x86)\Acer\Registration\GREGsvc.exe [2010-1-8 23584]
R2 HWDeviceService64.exe;HWDeviceService64.exe;C:\ProgramData\DatacardService\HWDeviceService64.exe [2011-3-14 346976]
R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-8-31 13336]
R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-9-30 418376]
R2 NisDrv;Microsoft Network Inspection System;C:\Windows\System32\drivers\NisDrvWFP.sys [2011-4-27 139616]
R2 NTI IScheduleSvc;NTI IScheduleSvc;C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [2010-6-29 255744]
R2 SDScannerService;Spybot-S&D 2 Scanner Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [2012-12-30 1103392]
R2 SDUpdateService;Spybot-S&D 2 Updating Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2012-12-30 1369624]
R2 SDWSCService;Spybot-S&D 2 Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [2012-12-30 168384]
R2 Secunia PSI Agent;Secunia PSI Agent;C:\Program Files (x86)\Secunia\PSI\psia.exe [2011-10-14 994360]
R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-1 508776]
R2 SSPORT;SSPORT;C:\Windows\System32\drivers\SSPORT.SYS [2013-2-3 11576]
R2 ThreatFire;ThreatFire;C:\Program Files (x86)\ThreatFire\TFService.exe service --> C:\Program Files (x86)\ThreatFire\TFService.exe service [?]
R2 TurboB;Turbo Boost UI Monitor driver;C:\Windows\System32\drivers\TurboB.sys [2009-11-3 13784]
R2 UNS;Intel® Management & Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2010-8-31 2320920]
R2 Updater Service;Updater Service;C:\Program Files\Acer\Acer Updater\UpdaterService.exe [2010-8-31 243232]
R3 ETD;ELAN PS/2 Port Input Device;C:\Windows\System32\drivers\ETD.sys [2010-8-31 135560]
R3 HECIx64;Intel® Management Engine Interface;C:\Windows\System32\drivers\HECIx64.sys [2010-8-31 56344]
R3 huawei_enumerator;huawei_enumerator;C:\Windows\System32\drivers\ew_jubusenum.sys [2013-8-3 90112]
R3 Impcd;Impcd;C:\Windows\System32\drivers\Impcd.sys [2010-8-31 158976]
R3 IntcDAud;Intel® Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2010-8-31 287232]
R3 k57nd60a;Broadcom NetLink Gigabit Ethernet - NDIS 6.0;C:\Windows\System32\drivers\k57nd60a.sys [2010-5-15 384040]
R3 KeyScrambler;KeyScrambler;C:\Windows\System32\drivers\keyscrambler.sys [2012-5-21 222232]
R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2012-4-5 25928]
R3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2013-6-20 366600]
R3 PSI;PSI;C:\Windows\System32\drivers\psi_mf.sys [2010-9-1 17976]
R3 SbieDrv;SbieDrv;C:\Program Files\Sandboxie\SbieDrv.sys [2012-12-16 202632]
R3 Sftfs;Sftfs;C:\Windows\System32\drivers\Sftfslh.sys [2011-10-1 764264]
R3 Sftplay;Sftplay;C:\Windows\System32\drivers\Sftplaylh.sys [2011-10-1 268648]
R3 Sftredir;Sftredir;C:\Windows\System32\drivers\Sftredirlh.sys [2011-10-1 25960]
R3 Sftvol;Sftvol;C:\Windows\System32\drivers\Sftvollh.sys [2011-10-1 22376]
R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-1 219496]
R3 TfNetMon;TfNetMon;C:\Windows\System32\drivers\TfNetMon.sys [2012-11-16 41888]
S2 Aircel. RunOuc;Aircel. OUC;C:\Program Files (x86)\Aircel\UpdateDog\ouc.exe [2013-8-3 655744]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-9-30 701512]
S3 btwampfl;Bluetooth AMP USB Filter;C:\Windows\System32\drivers\btwampfl.sys [2011-1-8 342056]
S3 btwl2cap;Bluetooth L2CAP Service;C:\Windows\System32\drivers\btwl2cap.sys [2011-1-8 39464]
S3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;C:\Windows\System32\drivers\ew_hwusbdev.sys [2013-8-3 117248]
S3 ew_usbenumfilter;huawei_CompositeFilter;C:\Windows\System32\drivers\ew_usbenumfilter.sys [2013-8-3 13952]
S3 HitmanPro37Crusader;HitmanPro 3.7 Crusader;C:\Users\Kishore Reddy\Downloads\HitmanPro36_x64.exe [2012-11-10 9853928]
S3 huawei_cdcacm;huawei_cdcacm;C:\Windows\System32\drivers\ew_jucdcacm.sys [2013-8-3 104960]
S3 huawei_ext_ctrl;huawei_ext_ctrl;C:\Windows\System32\drivers\ew_juextctrl.sys [2013-8-3 30720]
S3 huawei_wwanecm;huawei_wwanecm;C:\Windows\System32\drivers\ew_juwwanecm.sys [2013-8-3 239104]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2012-10-24 19456]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\Windows\System32\drivers\RtsUStor.sys [2011-1-8 246376]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2012-10-24 57856]
S3 TurboBoost;TurboBoost;C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2009-11-3 126352]
S3 ztemtusbser;ZTEMT Legacy Serial Communication;C:\Windows\System32\drivers\CT_ZTEMT_U_USBSER.sys [2011-8-30 120704]
S4 avgwd;AVG WatchDog;"C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe" --> C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe [?]
S4 BingDesktopUpdate;Bing Desktop Update service;C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe [2013-4-10 168592]
.
=============== Created Last 30 ================
.
2013-08-22 06:54:29 9515512 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{EA915592-C61B-4301-854F-05A11C33AD7B}\mpengine.dll
2013-08-21 16:20:34 9515512 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2013-08-21 13:38:35 0 ----a-w- C:\Windows\SysWow64\shoE566.tmp
2013-08-18 12:39:11 -------- d-----w- C:\CCE_Quarantine
2013-08-18 12:16:52 -------- d-----w- C:\Users\Kishore Reddy\AppData\Roaming\Comodo
2013-08-15 05:38:56 39936 ----a-w- C:\Windows\System32\drivers\tssecsrv.sys
2013-08-15 05:38:55 1910208 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2013-08-15 05:38:32 3913664 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2013-08-15 05:38:30 5550528 ----a-w- C:\Windows\System32\ntoskrnl.exe
2013-08-15 05:38:30 3968960 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2013-08-15 05:38:30 1732032 ----a-w- C:\Windows\System32\ntdll.dll
2013-08-15 05:38:29 243712 ----a-w- C:\Windows\System32\wow64.dll
2013-08-15 05:38:29 1292192 ----a-w- C:\Windows\SysWow64\ntdll.dll
2013-08-15 05:38:28 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll
2013-08-15 05:38:27 7680 ----a-w- C:\Windows\SysWow64\instnm.exe
2013-08-15 05:38:27 5120 ----a-w- C:\Windows\SysWow64\wow32.dll
2013-08-15 05:38:27 25600 ----a-w- C:\Windows\SysWow64\setup16.exe
2013-08-15 05:38:27 2048 ----a-w- C:\Windows\SysWow64\user.exe
2013-08-15 03:21:12 175104 ----a-w- C:\Windows\SysWow64\wintrust.dll
2013-08-15 03:21:12 140288 ----a-w- C:\Windows\SysWow64\cryptsvc.dll
2013-08-15 03:21:12 1166848 ----a-w- C:\Windows\SysWow64\crypt32.dll
2013-08-15 03:21:12 103936 ----a-w- C:\Windows\SysWow64\cryptnet.dll
2013-08-15 03:20:52 224256 ----a-w- C:\Windows\System32\wintrust.dll
2013-08-15 03:20:52 184320 ----a-w- C:\Windows\System32\cryptsvc.dll
2013-08-15 03:20:52 1472512 ----a-w- C:\Windows\System32\crypt32.dll
2013-08-15 03:20:52 139776 ----a-w- C:\Windows\System32\cryptnet.dll
2013-08-15 03:19:39 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2013-08-15 03:19:25 2048 ----a-w- C:\Windows\System32\tzres.dll
2013-08-15 03:19:17 1888768 ----a-w- C:\Windows\System32\WMVDECOD.DLL
2013-08-15 03:19:17 1620992 ----a-w- C:\Windows\SysWow64\WMVDECOD.DLL
2013-08-15 03:18:51 663552 ----a-w- C:\Windows\SysWow64\rpcrt4.dll
2013-08-15 03:18:48 1217024 ----a-w- C:\Windows\System32\rpcrt4.dll
2013-08-12 11:52:42 0 ----a-w- C:\Windows\SysWow64\sho2A51.tmp
2013-08-10 17:43:26 0 ----a-w- C:\Windows\SysWow64\shoF615.tmp
2013-08-08 10:14:36 -------- d-----w- C:\Users\Kishore Reddy\AppData\Local\FreeOCR
2013-08-08 10:05:38 2680320 ----a-w- C:\Windows\SysWow64\ImageEnXLibrary.ocx
2013-08-08 10:05:34 -------- d-----w- C:\FreeOCR
2013-08-07 16:52:29 -------- d-----w- C:\Users\Kishore Reddy\AppData\Local\gtk-2.0
2013-08-07 16:46:27 -------- d-----w- C:\Users\Kishore Reddy\AppData\Roaming\.kde
2013-08-03 08:04:07 76288 ----a-w- C:\Windows\System32\drivers\ew_jucdcecm.sys
2013-08-03 08:04:07 30720 ----a-w- C:\Windows\System32\drivers\ew_juextctrl.sys
2013-08-03 08:04:07 239104 ----a-w- C:\Windows\System32\drivers\ew_juwwanecm.sys
2013-08-03 08:04:07 104960 ----a-w- C:\Windows\System32\drivers\ew_jucdcacm.sys
2013-08-03 08:04:06 90112 ----a-w- C:\Windows\System32\drivers\ew_jubusenum.sys
2013-08-03 08:04:06 451072 ----a-w- C:\Windows\System32\drivers\ewusbwwan.sys
2013-08-03 08:04:06 32768 ----a-w- C:\Windows\System32\drivers\ewdcsc.sys
2013-08-03 08:04:06 225920 ----a-w- C:\Windows\System32\drivers\ewusbmdm.sys
2013-08-03 08:04:06 22016 ----a-w- C:\Windows\System32\drivers\ew_hwupgrade.sys
2013-08-03 08:04:06 13952 ----a-w- C:\Windows\System32\drivers\ew_usbenumfilter.sys
2013-08-03 08:04:06 117248 ----a-w- C:\Windows\System32\drivers\ew_hwusbdev.sys
2013-08-03 08:04:06 1001472 ----a-w- C:\Windows\System32\drivers\mod7700.sys
2013-08-03 08:03:00 -------- d-----w- C:\Program Files (x86)\Aircel
2013-07-30 16:24:00 -------- d-----w- C:\Python27
2013-07-30 08:46:01 -------- d-----w- C:\Users\Kishore Reddy\AppData\Roaming\TuneUp Software
2013-07-30 07:42:59 0 ----a-w- C:\Windows\SysWow64\shoA49B.tmp
2013-07-28 10:47:16 0 ----a-w- C:\Windows\SysWow64\sho30D4.tmp
.
==================== Find3M ====================
.
2013-08-19 07:30:50 692104 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2013-08-19 07:30:49 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2013-07-26 05:13:37 2241024 ----a-w- C:\Windows\System32\wininet.dll
2013-07-26 05:12:08 3958784 ----a-w- C:\Windows\System32\jscript9.dll
2013-07-26 05:12:04 136704 ----a-w- C:\Windows\System32\iesysprep.dll
2013-07-26 05:12:03 67072 ----a-w- C:\Windows\System32\iesetup.dll
2013-07-26 03:35:08 2706432 ----a-w- C:\Windows\System32\mshtml.tlb
2013-07-26 03:13:24 1767936 ----a-w- C:\Windows\SysWow64\wininet.dll
2013-07-26 03:12:04 2877440 ----a-w- C:\Windows\SysWow64\jscript9.dll
2013-07-26 03:12:00 61440 ----a-w- C:\Windows\SysWow64\iesetup.dll
2013-07-26 03:12:00 109056 ----a-w- C:\Windows\SysWow64\iesysprep.dll
2013-07-26 02:49:14 2706432 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2013-07-26 02:39:38 89600 ----a-w- C:\Windows\System32\RegisterIEPKEYs.exe
2013-07-26 01:59:38 71680 ----a-w- C:\Windows\SysWow64\RegisterIEPKEYs.exe
2013-07-22 09:24:08 0 ----a-w- C:\Windows\SysWow64\sho6C2F.tmp
2013-07-11 08:25:52 0 ----a-w- C:\Windows\SysWow64\sho8EE6.tmp
2013-07-09 04:45:07 44032 ----a-w- C:\Windows\apppatch\acwow64.dll
2013-07-05 08:56:58 0 ----a-w- C:\Windows\SysWow64\sho9EF0.tmp
2013-07-04 09:02:35 0 ----a-w- C:\Windows\SysWow64\sho191D.tmp
2013-07-01 16:51:34 0 ----a-w- C:\Windows\SysWow64\sho69CC.tmp
2013-06-29 09:19:32 0 ----a-w- C:\Windows\SysWow64\shoDD37.tmp
2013-06-28 12:19:59 0 ----a-w- C:\Windows\SysWow64\sho9543.tmp
2013-06-25 09:40:08 867240 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll
2013-06-25 09:40:08 789416 ----a-w- C:\Windows\SysWow64\deployJava1.dll
2013-06-19 16:46:33 0 ----a-w- C:\Windows\SysWow64\sho4FB7.tmp
2013-06-18 16:20:08 247216 ----a-w- C:\Windows\System32\drivers\MpFilter.sys
2013-06-18 16:20:08 139616 ----a-w- C:\Windows\System32\drivers\NisDrvWFP.sys
2013-06-13 09:53:51 0 ----a-w- C:\Windows\SysWow64\shoE561.tmp
2013-06-12 10:56:09 0 ----a-w- C:\Windows\SysWow64\sho4911.tmp
2013-06-05 03:34:27 3153920 ----a-w- C:\Windows\System32\win32k.sys
2013-06-04 06:00:13 624128 ----a-w- C:\Windows\System32\qedit.dll
2013-06-04 04:53:07 509440 ----a-w- C:\Windows\SysWow64\qedit.dll
2013-06-02 16:05:38 0 ----a-w- C:\Windows\SysWow64\sho50CF.tmp
2013-05-31 16:57:02 0 ----a-w- C:\Windows\SysWow64\shoCC38.tmp
2013-05-07 14:33:38 10965504 ----a-w- C:\Program Files (x86)\Common Files\lpuninstall.exe
.
============= FINISH: 22:28:50.76 ===============
--------------------------------------------------------------------------------------------------------
Attach.txt
---------------------------------------------------------------------------------------------------------
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Home Basic
Boot Device: \Device\HarddiskVolume2
Install Date: 17-08-2011 21:20:17
System Uptime: 22-08-2013 18:55:19 (4 hours ago)
.
Motherboard: Acer | | Aspire 5742
Processor: Intel® Core i5 CPU M 480 @ 2.67GHz | CPU | 1173/1066mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 453 GiB total, 391.043 GiB free.
D: is CDROM ()
E: is CDROM ()
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP709: 15-08-2013 00:14:38 - Restore Operation
RP710: 15-08-2013 00:25:15 - Windows Update
RP711: 15-08-2013 08:46:11 - Windows Update
RP712: 15-08-2013 09:27:36 - Restore Operation
RP713: 15-08-2013 09:40:47 - Windows Update
RP714: 15-08-2013 16:29:15 - Windows Update
RP715: 17-08-2013 19:23:25 - 17/08/2013
RP716: 18-08-2013 18:48:40 - 18/08/2013
RP717: 18-08-2013 19:00:07 - Windows Backup
RP718: 18-08-2013 19:49:05 - Windows Update
RP720: 18-08-2013 21:38:26 - Microsoft Antimalware Checkpoint
RP721: 19-08-2013 12:57:35 - 19/08/2013
RP722: 21-08-2013 21:49:55 - Windows Update
.
==== Installed Programs ======================
.
.
==== End Of File ===========================
system running slow.
in Resolved Malware Removal Logs
Posted
still unable to run JRL. the black box appears and closes immediately.
the AdwCleaner and MBAM logs are as follows:
----------------------------------------------------------------------------------------------------------------
----------------------------------------------------------------------------------------------------------------