Fault write error removal after effects(unsolved by moderator)

[adityascad]

Hi,

with the moderator's help i was able to remove the fault write error.But few problems still persist.

1. random audio adds keep playing in the background with no browsers or files opened.Random music keeps playing in the background too which is very annoying.

2. the browsers(both firefox and chrome) have become very slow and take a lot of time to navigate within pages(not a network problem because my roommates have no issues).Google takes a lot of time(0.53 secs approx) to return search results .

3.Also after the removal of the malware i connected my external hard disk but it doesnt show the files.They are hidden for some reason.

Please guide me through this.Last moderator is not following the topic so dont know what to do .

Here are the DDS and Attach log files as requested by the previous moderator.

this is DDS.txt

.

DDS (Ver_2011-08-26.01) - NTFSAMD64

Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_26

Run by Alokraj at 20:49:46 on 2012-09-18

Microsoft Windows 7 Home Premium 6.1.7601.1.1252.91.1033.18.3828.1166 [GMT -4:00]

.

AV: Symantec Endpoint Protection *Enabled/Updated* {88C95A36-8C3B-2F2C-1B8B-30FCCFDC4855}

SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

SP: Symantec Endpoint Protection *Enabled/Updated* {33A8BBD2-AA01-20A2-213B-0B8EB45B02E8}

FW: Symantec Endpoint Protection *Enabled* {B0F2DB13-C654-2E74-30D4-99C9310F0F2E}

.

============== Running Processes ===============

.

C:\Windows\system32\wininit.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\nvvsvc.exe

C:\Windows\system32\svchost.exe -k RPCSS

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\UnsignedThemesSvc.exe

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\nvvsvc.exe

C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\Smc.exe

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\system32\WLANExt.exe

C:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe

C:\Windows\system32\conhost.exe

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files\Bonjour\mDNSResponder.exe

c:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Users\Alokraj\Desktop\Malwarebytes' Anti-Malware\mbamscheduler.exe

C:\Windows\SysWOW64\PnkBstrA.exe

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe

C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE

C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe

C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

C:\Windows\system32\svchost.exe -k imgsvc

C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\Rtvscan.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

C:\Program Files\Intel\WiFi\bin\EvtEng.exe

C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

C:\Windows\system32\wbem\unsecapp.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE

C:\Windows\system32\svchost.exe -k bthsvcs

C:\Windows\system32\taskhost.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\SmcGui.exe

C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXE

C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe

C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe

C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe

C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\Users\Alokraj\AppData\Roaming\Google\Google Talk\googletalk.exe

C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE

C:\Windows\system32\wbem\unsecapp.exe

C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe

C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe

C:\Users\Alokraj\AppData\Roaming\Dropbox\bin\Dropbox.exe

C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe

C:\Program Files (x86)\Stardock\ObjectDockFree\ObjectDock.exe

C:\Program Files (x86)\Common Files\Symantec Shared\ccApp.exe

C:\Program Files (x86)\Stardock\ObjectDockFree\Dock64.exe

C:\Windows\SysWOW64\RunDll32.exe

c:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe

C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\ProtectionUtilSurrogate.exe

C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

C:\Windows\system32\SearchIndexer.exe

c:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe

C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

C:\Program Files (x86)\Mozilla Firefox\firefox.exe

C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe

C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe

C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_3_300_271.exe

C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_3_300_271.exe

C:\Users\Alokraj\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Alokraj\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Alokraj\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Alokraj\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Windows\system32\taskhost.exe

C:\Users\Alokraj\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe

E:\EASetup.exe

C:\Windows\SysWOW64\msiexec.exe

C:\Windows\system32\msiexec.exe

C:\Windows\syswow64\MsiExec.exe

C:\Windows\System32\svchost.exe -k swprv

C:\Windows\syswow64\MsiExec.exe

C:\Windows\syswow64\MsiExec.exe

C:\Windows\system32\taskeng.exe

C:\Windows\SysWOW64\cmd.exe

C:\Windows\system32\conhost.exe

C:\Windows\SysWOW64\cscript.exe

C:\Windows\system32\wbem\wmiprvse.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = about:blank

uDefault_Search_URL = hxxp://www.google.com/ie

uInternet Settings,ProxyOverride = *.local

uSearchAssistant = hxxp://www.google.com/ie

uSearchURL,(Default) = hxxp://www.google.com/search?q=%s

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO: McAfee Phishing Filter: {27b4851a-3207-45a2-b947-be8afe6163ab} - c:\progra~1\mcafee\msk\mskapbho.dll

BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO: Windows Live Messenger Companion Helper: {9fdde16b-836f-4806-ab1f-1455cbeff289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll

BHO: Skype add-on for Internet Explorer: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

BHO: SSOIEAddonBHO Class: {da5bce70-d057-4d63-943d-5f3927ec59f1} - C:\Program Files (x86)\Sensible Vision\Fast Access\FAIESSO.dll

BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

uRun: [googletalk] C:\Users\Alokraj\AppData\Roaming\Google\Google Talk\googletalk.exe /autostart

uRun: [Facebook Update] "C:\Users\Alokraj\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver

uRun: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun

mRun: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe

mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

mRun: [ccApp] "C:\Program Files (x86)\Common Files\Symantec Shared\ccApp.exe"

StartupFolder: C:\Users\Alokraj\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\Alokraj\AppData\Roaming\Dropbox\bin\Dropbox.exe

StartupFolder: C:\Users\Alokraj\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\RAINME~1.LNK - C:\Program Files\Rainmeter\Rainmeter.exe

StartupFolder: C:\Users\Alokraj\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\STARDO~1.LNK - C:\Program Files (x86)\Stardock\ObjectDockFree\ObjectDock.exe

StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\BLUETO~1.LNK - C:\Program Files (x86)\WIDCOMM\Bluetooth Software\BTTray.exe

mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0)

mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)

mPolicies-system: EnableLUA = 0 (0x0)

mPolicies-system: EnableUIADesktopToggle = 0 (0x0)

mPolicies-system: PromptOnSecureDesktop = 0 (0x0)

IE: Add to Google Photos Screensa&ver - C:\Windows\system32\GPhotos.scr/200

IE: Send image to &Bluetooth Device... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm

IE: Send page to &Bluetooth Device... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll

IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab

TCP: DhcpNameServer = 209.18.47.61 209.18.47.62

TCP: Interfaces\{00E0742C-8083-49F7-99F8-E6D9CDA556F5} : DhcpNameServer = 209.18.47.61 209.18.47.62

TCP: Interfaces\{00E0742C-8083-49F7-99F8-E6D9CDA556F5}\13934393 : DhcpNameServer = 209.18.47.61 209.18.47.62

TCP: Interfaces\{00E0742C-8083-49F7-99F8-E6D9CDA556F5}\2437E6C6 : DhcpNameServer = 192.168.1.1

TCP: Interfaces\{00E0742C-8083-49F7-99F8-E6D9CDA556F5}\2456C6B696E6F5730323835323 : DhcpNameServer = 192.168.2.1

TCP: Interfaces\{00E0742C-8083-49F7-99F8-E6D9CDA556F5}\3474442343745314 : DhcpNameServer = 209.18.47.61 209.18.47.62

TCP: Interfaces\{00E0742C-8083-49F7-99F8-E6D9CDA556F5}\6596475636D2455636860225F6F6D6 : DhcpNameServer = 192.168.10.5 192.168.30.5

TCP: Interfaces\{00E0742C-8083-49F7-99F8-E6D9CDA556F5}\74944514D4 : DhcpNameServer = 192.168.1.1

TCP: Interfaces\{130CA25B-C8A0-4897-87E8-DB6807E770AE} : NameServer = 0.0.0.0

Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL

Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

Notify: FastAccess - C:\Program Files (x86)\Sensible Vision\Fast Access\FALogNot.dll

AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll

LSA: Notification Packages = scecli FAPassSync

BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO-X64: AcroIEHelperStub - No File

BHO-X64: McAfee Phishing Filter: {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\progra~1\mcafee\msk\mskapbho.dll

BHO-X64: McAfee Phishing Filter - No File

BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO-X64: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll

BHO-X64: Skype add-on for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

BHO-X64: SkypeIEPluginBHO - No File

BHO-X64: SSOIEAddonBHO Class: {DA5BCE70-D057-4D63-943D-5F3927EC59F1} - C:\Program Files (x86)\Sensible Vision\Fast Access\FAIESSO.dll

BHO-X64: SSOIEAddonBHO - No File

BHO-X64: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

mRun-x64: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe

mRun-x64: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

mRun-x64: [ccApp] "C:\Program Files (x86)\Common Files\Symantec Shared\ccApp.exe"

IE-X64: {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

AppInit_DLLs-X64: C:\Windows\SysWOW64\nvinit.dll

.

================= FIREFOX ===================

.

FF - ProfilePath - C:\Users\Alokraj\AppData\Roaming\Mozilla\Firefox\Profiles\5e1vri8j.default\

FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/

FF - prefs.js: network.proxy.type - 0

FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL

FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

FF - plugin: C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll

FF - plugin: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll

FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll

FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrlui.dll

FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npCouponPrinter.dll

FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npMozCouponPrinter.dll

FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npwachk.dll

FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll

FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll

FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

FF - plugin: C:\Users\Alokraj\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll

FF - plugin: C:\Users\Alokraj\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll

FF - plugin: C:\Users\Alokraj\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll

FF - plugin: C:\Users\Alokraj\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll

FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_271.dll

.

============= SERVICES / DRIVERS ===============

.

R0 nvpciflt;nvpciflt;C:\Windows\system32\DRIVERS\nvpciflt.sys --> C:\Windows\system32\DRIVERS\nvpciflt.sys [?]

R0 PxHlpa64;PxHlpa64;C:\Windows\system32\Drivers\PxHlpa64.sys --> C:\Windows\system32\Drivers\PxHlpa64.sys [?]

R0 stdcfltn;Disk Class Filter Driver for Accelerometer;C:\Windows\system32\DRIVERS\stdcfltn.sys --> C:\Windows\system32\DRIVERS\stdcfltn.sys [?]

R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\Windows\system32\DRIVERS\dtsoftbus01.sys --> C:\Windows\system32\DRIVERS\dtsoftbus01.sys [?]

R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]

R2 TurboB;Turbo Boost UI Monitor driver;C:\Windows\system32\DRIVERS\TurboB.sys --> C:\Windows\system32\DRIVERS\TurboB.sys [?]

R2 uxpatch;uxpatch;\??\C:\Windows\system32\drivers\uxpatch.sys --> C:\Windows\system32\drivers\uxpatch.sys [?]

R3 Acceler;Accelerometer Service;C:\Windows\system32\DRIVERS\Accelern.sys --> C:\Windows\system32\DRIVERS\Accelern.sys [?]

R3 btwampfl;Bluetooth AMP USB Filter;C:\Windows\system32\drivers\btwampfl.sys --> C:\Windows\system32\drivers\btwampfl.sys [?]

R3 btwl2cap;Bluetooth L2CAP Service;C:\Windows\system32\DRIVERS\btwl2cap.sys --> C:\Windows\system32\DRIVERS\btwl2cap.sys [?]

R3 CtClsFlt;Creative Camera Class Upper Filter Driver;C:\Windows\system32\DRIVERS\CtClsFlt.sys --> C:\Windows\system32\DRIVERS\CtClsFlt.sys [?]

R3 EraserUtilRebootDrv;EraserUtilRebootDrv;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2012-9-18 138912]

R3 HECIx64;Intel® Management Engine Interface;C:\Windows\system32\DRIVERS\HECIx64.sys --> C:\Windows\system32\DRIVERS\HECIx64.sys [?]

R3 Impcd;Impcd;C:\Windows\system32\DRIVERS\Impcd.sys --> C:\Windows\system32\DRIVERS\Impcd.sys [?]

R3 IntcDAud;Intel® Display Audio;C:\Windows\system32\DRIVERS\IntcDAud.sys --> C:\Windows\system32\DRIVERS\IntcDAud.sys [?]

R3 NETw5s64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;C:\Windows\system32\DRIVERS\NETw5s64.sys --> C:\Windows\system32\DRIVERS\NETw5s64.sys [?]

R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;C:\Windows\system32\DRIVERS\nusb3hub.sys --> C:\Windows\system32\DRIVERS\nusb3hub.sys [?]

R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;C:\Windows\system32\DRIVERS\nusb3xhc.sys --> C:\Windows\system32\DRIVERS\nusb3xhc.sys [?]

R3 qicflt;upper Device Filter Driver;C:\Windows\system32\DRIVERS\qicflt.sys --> C:\Windows\system32\DRIVERS\qicflt.sys [?]

R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?]

R3 Sftfs;Sftfs;C:\Windows\system32\DRIVERS\Sftfslh.sys --> C:\Windows\system32\DRIVERS\Sftfslh.sys [?]

R3 Sftplay;Sftplay;C:\Windows\system32\DRIVERS\Sftplaylh.sys --> C:\Windows\system32\DRIVERS\Sftplaylh.sys [?]

R3 Sftredir;Sftredir;C:\Windows\system32\DRIVERS\Sftredirlh.sys --> C:\Windows\system32\DRIVERS\Sftredirlh.sys [?]

R3 Sftvol;Sftvol;C:\Windows\system32\DRIVERS\Sftvollh.sys --> C:\Windows\system32\DRIVERS\Sftvollh.sys [?]

R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\system32\DRIVERS\vwifimp.sys --> C:\Windows\system32\DRIVERS\vwifimp.sys [?]

R3 wdkmd;Intel WiDi KMD;C:\Windows\system32\DRIVERS\WDKMD.sys --> C:\Windows\system32\DRIVERS\WDKMD.sys [?]

S3 acsock;acsock;C:\Windows\system32\DRIVERS\acsock64.sys --> C:\Windows\system32\DRIVERS\acsock64.sys [?]

S3 FACAP;facap, FastAccess Video Capture;C:\Windows\system32\DRIVERS\facap.sys --> C:\Windows\system32\DRIVERS\facap.sys [?]

S3 JMCR;JMCR;C:\Windows\system32\DRIVERS\jmcr.sys --> C:\Windows\system32\DRIVERS\jmcr.sys [?]

S3 NVHDA;Service for NVIDIA High Definition Audio Driver;C:\Windows\system32\drivers\nvhda64v.sys --> C:\Windows\system32\drivers\nvhda64v.sys [?]

S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]

S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?]

.

=============== Created Last 30 ================

.

2012-09-19 00:48:03 520544 ----a-w- C:\Windows\System32\d3dx10_41.dll

2012-09-19 00:48:03 2430312 ----a-w- C:\Windows\System32\D3DCompiler_41.dll

2012-09-19 00:48:00 5425496 ----a-w- C:\Windows\System32\D3DX9_41.dll

2012-09-19 00:48:00 4178264 ----a-w- C:\Windows\SysWow64\D3DX9_41.dll

2012-09-18 06:15:47 -------- d-----w- C:\Users\Alokraj\AppData\Local\Symantec

2012-09-18 06:15:44 225328 ----a-w- C:\Windows\System32\drivers\wpshelper.sys

2012-09-18 06:14:16 173616 ----a-w- C:\Windows\System32\drivers\SYMEVENT64x86.SYS

2012-09-18 06:14:16 -------- d-----w- C:\Program Files\Symantec

2012-09-18 06:13:48 1060864 ----a-w- C:\Windows\SysWow64\MFC71.DLL

2012-09-18 06:13:15 -------- d-----w- C:\ProgramData\Symantec

2012-09-18 06:13:15 -------- d-----w- C:\Program Files\Common Files\Symantec Shared

2012-09-18 06:13:15 -------- d-----w- C:\Program Files (x86)\Symantec

2012-09-18 06:13:15 -------- d-----w- C:\Program Files (x86)\Common Files\Symantec Shared

2012-09-18 02:54:04 270912 ----a-w- C:\Windows\System32\drivers\dtsoftbus01.sys

2012-09-18 02:54:00 -------- d-----w- C:\Program Files (x86)\DAEMON Tools Lite

2012-09-18 02:04:59 -------- d-sh--w- C:\$RECYCLE.BIN

2012-09-18 01:38:57 -------- d-s---w- C:\ComboFix

2012-09-17 11:01:46 -------- d-----w- C:\Users\Alokraj\AppData\Roaming\Malwarebytes

2012-09-17 11:01:30 -------- d-----w- C:\ProgramData\Malwarebytes

2012-09-17 06:30:28 -------- d-----w- C:\Program Files (x86)\Microsoft Security Client

2012-09-17 06:30:25 -------- d-----w- C:\Program Files\Microsoft Security Client

2012-09-17 05:31:34 -------- d-----w- C:\Windows\pss

2012-09-12 17:09:54 950128 ----a-w- C:\Windows\System32\drivers\ndis.sys

2012-09-12 17:09:54 41472 ----a-w- C:\Windows\System32\drivers\RNDISMP.sys

2012-09-12 17:09:53 574464 ----a-w- C:\Windows\System32\d3d10level9.dll

2012-09-12 17:09:52 490496 ----a-w- C:\Windows\SysWow64\d3d10level9.dll

2012-09-12 17:09:51 376688 ----a-w- C:\Windows\System32\drivers\netio.sys

2012-09-12 17:09:51 288624 ----a-w- C:\Windows\System32\drivers\FWPKCLNT.SYS

2012-09-12 17:09:51 1913200 ----a-w- C:\Windows\System32\drivers\tcpip.sys

2012-09-10 09:12:19 107432 ----a-r- C:\Windows\System32\drivers\acsock64.sys

2012-09-10 04:27:39 -------- d-----w- C:\ProgramData\Minitab

2012-09-10 04:24:54 -------- d-----w- C:\Program Files (x86)\Minitab

2012-09-10 04:24:49 -------- d-----w- C:\Program Files (x86)\Common Files\Minitab Shared

2012-09-09 19:37:25 -------- d-----w- C:\ProgramData\Graboid Inc

2012-09-09 19:37:24 -------- d-----w- C:\Users\Alokraj\AppData\Local\Geckofx

2012-09-09 19:36:55 -------- d-----w- C:\Program Files (x86)\Graboid

2012-09-09 03:26:45 -------- d-----w- C:\Friday Night Lights[2004]DvDrip[Eng]-Grimmo

2012-09-07 16:33:57 73696 ----a-w- C:\Program Files (x86)\Mozilla Firefox\updated\breakpadinjector.dll

2012-09-07 16:33:57 266720 ----a-w- C:\Program Files (x86)\Mozilla Firefox\updated\components\browsercomps.dll

2012-09-07 16:33:57 18912 ----a-w- C:\Program Files (x86)\Mozilla Firefox\updated\AccessibleMarshal.dll

2012-09-02 01:03:52 -------- d-----w- C:\Extremely Loud & Incredibly Close[2011]BRRip XviD-ETRG

2012-08-31 17:01:08 73696 ----a-w- C:\Program Files (x86)\Mozilla Firefox\breakpadinjector.dll

2012-08-30 20:40:44 -------- d-----w- C:\Program Files (x86)\MSECache

2012-08-28 05:49:01 -------- d-----w- C:\Russell Peters - Green Card Tour 2011 with Bonus Footage [DVDRIP]

2012-08-28 05:48:10 -------- d-----w- C:\Russell Peters

2012-08-24 19:54:15 -------- d-----w- C:\Ek Tha Tiger (2012) - DvDScr - [HP]

2012-08-22 07:36:50 -------- d-----w- C:\Users\Alokraj\AppData\Roaming\ExportTool

2012-08-22 07:35:04 -------- d-----w- C:\Program Files (x86)\Samurize

2012-08-22 07:07:35 -------- d-----w- C:\Program Files (x86)\Winamp Detect

2012-08-22 05:50:01 -------- d-----w- C:\Users\Alokraj\AppData\Local\ODUI

2012-08-22 05:49:49 -------- d-----w- C:\Users\Alokraj\AppData\Roaming\Stardock

2012-08-22 05:49:43 -------- d-----w- C:\Users\Alokraj\AppData\Local\Stardock

2012-08-22 05:25:17 -------- d-----w- C:\Users\Alokraj\AppData\Roaming\Rainmeter

2012-08-22 05:23:53 -------- d-----w- C:\Program Files\Rainmeter

2012-08-22 02:43:03 -------- d-----w- C:\ProgramData\Common Files

2012-08-22 02:01:12 -------- d-----w- C:\Users\Alokraj\AppData\Local\Apps

2012-08-20 21:56:11 426184 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe

2012-08-20 21:36:32 552960 ----a-w- C:\Windows\System32\drivers\bthport.sys

2012-08-20 21:19:22 503808 ----a-w- C:\Windows\System32\srcore.dll

2012-08-20 21:19:22 43008 ----a-w- C:\Windows\SysWow64\srclient.dll

2012-08-20 21:19:05 751104 ----a-w- C:\Windows\System32\win32spl.dll

2012-08-20 21:19:05 559104 ----a-w- C:\Windows\System32\spoolsv.exe

2012-08-20 21:19:05 492032 ----a-w- C:\Windows\SysWow64\win32spl.dll

2012-08-20 21:19:04 67072 ----a-w- C:\Windows\splwow64.exe

2012-08-20 21:18:36 59392 ----a-w- C:\Windows\System32\browcli.dll

2012-08-20 21:18:36 136704 ----a-w- C:\Windows\System32\browser.dll

2012-08-20 21:18:35 41984 ----a-w- C:\Windows\SysWow64\browcli.dll

2012-08-20 21:18:31 3148800 ----a-w- C:\Windows\System32\win32k.sys

2012-08-20 21:18:10 956928 ----a-w- C:\Windows\System32\localspl.dll

.

==================== Find3M ====================

.

2012-08-21 02:32:40 70344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl

2012-06-29 03:56:34 2312704 ----a-w- C:\Windows\System32\jscript9.dll

2012-06-29 03:49:11 1392128 ----a-w- C:\Windows\System32\wininet.dll

2012-06-29 03:48:07 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl

2012-06-29 03:43:49 173056 ----a-w- C:\Windows\System32\ieUnatt.exe

2012-06-29 03:39:48 2382848 ----a-w- C:\Windows\System32\mshtml.tlb

2012-06-29 00:16:58 1800704 ----a-w- C:\Windows\SysWow64\jscript9.dll

2012-06-29 00:09:01 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll

2012-06-29 00:08:59 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl

2012-06-29 00:04:43 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe

2012-06-29 00:00:45 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb

2012-06-27 02:14:52 4472832 ----a-w- C:\Windows\SysWow64\GPhotos.scr

.

============= FINISH: 20:59:38.15 ===============

Attach.txt

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2011-08-26.01)

.

Microsoft Windows 7 Home Premium

Boot Device: \Device\HarddiskVolume2

Install Date: 18-06-2011 15:04:40

System Uptime: 18-09-2012 16:15:46 (4 hours ago)

.

Motherboard: Dell Inc. | | 00CKNG

Processor: Intel® Core™ i5 CPU M 480 @ 2.67GHz | U2E1 | 2667/133mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 451 GiB total, 332.059 GiB free.

D: is CDROM ()

E: is CDROM (UDF)

F: is FIXED (NTFS) - 466 GiB total, 64.845 GiB free.

.

==== Disabled Device Manager Items =============

.

Class GUID: {6bdd1fc6-810f-11d0-bec7-08002be2092f}

Description: facap, FastAccess Video Capture

Device ID: ROOT\IMAGE\0000

Manufacturer: Sensible Vision

Name: facap, FastAccess Video Capture

PNP Device ID: ROOT\IMAGE\0000

Service: FACAP

.

==== System Restore Points ===================

.

RP119: 17-09-2012 21:40:09 - ComboFix created restore point

RP120: 17-09-2012 22:54:06 - Device Driver Package Install: DT Soft Ltd System devices

RP121: 18-09-2012 02:12:31 - Installed Symantec Endpoint Protection.

RP122: 18-09-2012 20:44:49 - Installed ProductName from default.wxl

.

==== Installed Programs ======================

.

µTorrent

AccelerometerP11

Adobe Flash Player 11 ActiveX

Adobe Flash Player 11 Plugin

Adobe Reader X (10.1.4) MUI

Advanced Audio FX Engine

Apple Application Support

Apple Software Update

BlackBerry Desktop Software 6.1

Bootstrapper

Coupon Printer for Windows

D3DX10

DAEMON Tools Lite

Dell DataSafe Local Backup

Dell DataSafe Local Backup - Support Software

Dell DataSafe Online

Dell Getting Started Guide

Dell MusicStage

Dell PhotoStage

Dell Product Registration

Dell Stage

Dell VideoStage

Dell Webcam Central

DirectX 9 Runtime

Dropbox

Facebook Video Calling 1.2.0.159

FIFA 11

Google Chrome

Google Talk (remove only)

Google Talk Plugin

GoToAssist Corporate

HP Deskjet 1050 J410 series Help

HP Photo Creations

HP Update

Intel® Control Center

Intel® Graphics Media Accelerator Driver

Intel® Management Engine Components

Intel® Rapid Storage Technology

Java Auto Updater

Java™ 6 Update 26

JMicron Flash Media Controller Driver

Junk Mail filter update

LiveUpdate 3.3 (Symantec Corporation)

Malwarebytes Anti-Malware version 1.65.0.1400

Mesh Runtime

Messenger Companion

Microsoft Games for Windows - LIVE Redistributable

Microsoft Games for Windows Marketplace

Microsoft Office 2010

Microsoft Office Click-to-Run 2010

Microsoft Office Starter 2010 - English

Microsoft PowerPoint Viewer

Microsoft SQL Server 2005 Compact Edition [ENU]

Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319

Minitab 16

Minitab Software Update Manager

Minitab16

Mozilla Firefox 15.0.1 (x86 en-US)

Mozilla Maintenance Service

MSVCRT

MSVCRT_amd64

MSXML 4.0 SP2 (KB954430)

MSXML 4.0 SP2 (KB973688)

NVIDIA Stereoscopic 3D Driver

NVIDIA Updatus

ObjectDock Free

OpenAL

PhotoShowExpress

Picasa 3

PunkBuster Services

Rainmeter

Rapture3D 2.4.9 Game

Realtek High Definition Audio Driver

Reliance Netconnect - Broadband+

Roxio Activation Module

Roxio BackOnTrack

Roxio Burn

Roxio Creator Starter

Roxio Express Labeler 3

Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)

Serious Samurize

Skype Toolbars

Skype™ 5.10

SoftwareManager

Sonic CinePlayer Decoder Pack

Ubisoft Game Launcher

Update for Microsoft .NET Framework 4 Client Profile (KB2468871)

Update for Microsoft .NET Framework 4 Client Profile (KB2533523)

Update for Microsoft .NET Framework 4 Client Profile (KB2600217)

VLC media player 2.0.2

Winamp

Winamp Detector Plug-in

Windows Live Communications Platform

Windows Live Essentials

Windows Live Installer

Windows Live Mail

Windows Live Mesh

Windows Live Mesh ActiveX Control for Remote Connections

Windows Live Messenger

Windows Live Messenger Companion Core

Windows Live Movie Maker

Windows Live Photo Common

Windows Live Photo Gallery

Windows Live PIMT Platform

Windows Live SOXE

Windows Live SOXE Definitions

Windows Live UX Platform

Windows Live UX Platform Language Pack

Windows Live Writer

Windows Live Writer Resources

.

==== Event Viewer Messages From Past Week ========

.

18-09-2012 16:19:48, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SftService service.

18-09-2012 16:17:22, Error: Service Control Manager [7001] - The MBAMService service depends on the MBAMProtector service which failed to start because of the following error: The system cannot find the file specified.

18-09-2012 16:17:08, Error: Service Control Manager [7000] - The MBAMProtector service failed to start due to the following error: The system cannot find the file specified.

18-09-2012 02:14:31, Error: Service Control Manager [7030] - The Symantec Management Client service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.

17-09-2012 21:37:04, Error: Service Control Manager [7034] - The MBAMScheduler service terminated unexpectedly. It has done this 1 time(s).

17-09-2012 21:22:19, Error: Service Control Manager [7000] - The Windows Presentation Foundation Font Cache 3.0.0.0 service failed to start due to the following error: A device attached to the system is not functioning.

17-09-2012 19:51:00, Error: Service Control Manager [7023] - The Windows Defender service terminated with the following error: The specified module could not be found.

17-09-2012 19:49:34, Error: Service Control Manager [7030] - The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.

17-09-2012 19:40:47, Error: Application Popup [1060] - \??\C:\ComboFix\catchme.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.

17-09-2012 18:56:17, Error: Service Control Manager [7003] - The McAfee Personal Firewall Service service depends the following service: MpsSvc. This service might not be installed.

17-09-2012 18:34:54, Error: Service Control Manager [7023] - The Function Discovery Resource Publication service terminated with the following error: %%-2147024891

17-09-2012 18:34:54, Error: Service Control Manager [7003] - The IPsec Policy Agent service depends the following service: BFE. This service might not be installed.

17-09-2012 18:34:51, Error: Service Control Manager [7003] - The IKE and AuthIP IPsec Keying Modules service depends the following service: BFE. This service might not be installed.

17-09-2012 18:34:50, Error: Service Control Manager [7023] - The Computer Browser service terminated with the following error: The specified service does not exist as an installed service.

17-09-2012 06:07:12, Error: Microsoft-Windows-WLAN-AutoConfig [10003] - WLAN Extensibility Module has stopped unexpectedly. Module Path: C:\Windows\System32\IWMSSvc.dll

14-09-2012 09:00:57, Error: Service Control Manager [7001] - The HomeGroup Provider service depends on the Function Discovery Resource Publication service which failed to start because of the following error: %%-2147024891

13-09-2012 17:29:08, Error: NetBT [4321] - The name "A :0" could not be registered on the interface with IP address 67.20.211.204. The computer with the IP address 128.205.242.234 did not allow the name to be claimed by this computer.

.

==== End Of File ===========================

Aditya

[LDTate]

http://forums.malwarebytes.org/index.php?showtopic=116046&st=0&p=598445entry598445

[screen317]

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!