ERROR CODE 0x80073b01 on Windows 7 Professional start

[Vldmr60]

Hello to All specialists.

I have followed advice from Gringo on another forum for removal of Trojan:Win32/Sirefef and got both DDS Logs saved.

 

For any specialist who knows how to deal with this ERROR CODE 0x80073b01 Copy of one DDS log is below:

 DDS (Ver_2012-11-20.01) - NTFS_x86 

Internet Explorer: 8.0.7601.17514

Run by Vlad at 14:28:14 on 2013-08-03

Microsoft Windows 7 Professional   6.1.7601.1.1252.61.1033.18.3062.1661 [GMT 8:00]

.

AV: Microsoft Security Essentials *Enabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

SP: Microsoft Security Essentials *Enabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}

.

============== Running Processes ================

.

C:\windows\system32\wininit.exe

C:\windows\system32\lsm.exe

c:\Program Files\Microsoft Security Client\MsMpEng.exe

C:\windows\system32\atiesrxx.exe

C:\windows\system32\WLANExt.exe

C:\windows\system32\conhost.exe

C:\windows\System32\spoolsv.exe

C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe

C:\Program Files\LSI SoftModem\agrsmsvc.exe

C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe

C:\ProgramData\DatacardService\HWDeviceService.exe

C:\Program Files\Intel\Intel® Management Engine Components\LMS\LMS.exe

c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe

C:\windows\system32\atieclxx.exe

C:\ProgramData\Optus Mobile Broadband\OnlineUpdate\ouc.exe

C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe

c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe

c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe

C:\Program Files\Sierra Wireless Inc\Common\SwiCardDetect.exe

C:\Program Files\Clarus\Samsung Drive Manager\SZDrvSvc.exe

C:\windows\system32\TODDSrv.exe

C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe

C:\Program Files\TOSHIBA\TECO\TecoService.exe

C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\15.4.0\ToolbarUpdater.exe

C:\Program Files\Western Digital\WD Drive Manager\WDDriveService.exe

C:\Program Files\Western Digital\WD SmartWare\WDRulesEngine.exe

C:\Program Files\WinZip System Utilities Suite\WINZIPSSDefragSrv.exe

C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\15.4.0\loggingserver.exe

C:\windows\system32\conhost.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

C:\Program Files\Western Digital\WD SmartWare\WDBackupEngine.exe

C:\windows\system32\taskhost.exe

C:\windows\system32\SearchIndexer.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

C:\windows\system32\Dwm.exe

C:\windows\Explorer.EXE

C:\ProgramData\DatacardService\DCSHelper.exe

C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent.exe

C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe

C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe

C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe

C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

C:\Program Files\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe

C:\Program Files\TOSHIBA\TECO\Teco.exe

C:\Program Files\TOSHIBA\BulletinBoard\TosNcCore.exe

C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe

C:\Program Files\Telstra\Mobile Broadband Manager\TelstraUCM.exe

C:\Program Files\AVG Secure Search\vprot.exe

C:\Program Files\Western Digital\WD Security\WDDriveAutoUnlock.exe

C:\Program Files\Western Digital\WD Quick View\WDDMStatus.exe

C:\Program Files\Clarus\Samsung Drive Manager\Drive Manager.exe

C:\Users\Vlad\AppData\Roaming\Mail.Ru\Agent\magent.exe

C:\Program Files\Skype\Phone\Skype.exe

C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe

C:\Program Files\Clarus\Samsung Drive Manager\ABRTMon.exe

C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe

C:\windows\system32\taskeng.exe

C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe

C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe

C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe

C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe

C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe

C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosAVRC.exe

C:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosOBEX.exe

C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\TosBtProc.exe

c:\Program Files\Microsoft Security Client\NisSrv.exe

C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE

C:\Program Files\TOSHIBA\ConfigFree\CFSwMgr.exe

C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE

C:\Program Files\TOSHIBA\ConfigFree\CFIWmxSvcs.exe

C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe

C:\Program Files\Intel\Intel® Management Engine Components\UNS\UNS.exe

C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe

C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe

C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe

C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe

C:\windows\system32\wuauclt.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\windows\system32\taskeng.exe

C:\windows\system32\conhost.exe

C:\windows\system32\wbem\wmiprvse.exe

C:\windows\system32\svchost.exe -k DcomLaunch

C:\windows\system32\svchost.exe -k RPCSS

C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\windows\system32\svchost.exe -k LocalService

C:\windows\system32\svchost.exe -k netsvcs

C:\windows\system32\svchost.exe -k GPSvcGroup

C:\windows\system32\svchost.exe -k NetworkService

C:\windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\windows\system32\svchost.exe -k SDRSVC

.

============== Pseudo HJT Report ===============

.

uWindow Title = Windows Internet Explorer provided by Yahoo!

BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - <orphaned>

BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll

BHO: AVG Security Toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - c:\program files\avg secure search\15.4.0.5\AVG Secure Search_toolbar.dll

BHO: AlterGeoBHO Class: {9BFBA68E-E21B-458E-AE12-FE85E903D2C0} - c:\programdata\altergeo\update for html5 geolocation provider\npHtml5loc.dll

BHO: WinZip Courier BHO: {A8FB70FA-0FDF-4601-9DC4-BFA1B357204F} - c:\program files\winzip courier\wzwmcie.dll

BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll

BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll

BHO: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - c:\program files\google\googletoolbarnotifier\5.7.8313.1002\swg.dll

BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - c:\program files\microsoft office\office14\URLREDIR.DLL

BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre6\bin\jp2ssv.dll

BHO: TOSHIBA Media Controller Plug-in: {F3C88694-EFFA-4d78-B409-54B7B2535B14} - c:\program files\toshiba\toshiba media controller plug-in\TOSHIBAMediaControllerIE.dll

TB: <No Name>: {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - LocalServer32 - <no file>

TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll

TB: AVG Security Toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - c:\program files\avg secure search\15.4.0.5\AVG Secure Search_toolbar.dll

TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll

uRun: [samsung Drive Manager] c:\program files\clarus\samsung drive manager\Drive Manager.exe -Hide

uRun: [MAgent] c:\users\vlad\appdata\roaming\mail.ru\agent\magent.exe -CU

uRun: [AlterGeoUpdater] c:\program files\altergeo\html5 geolocation provider\html5locsvc.exe

uRun: [skype] "c:\program files\skype\phone\Skype.exe" /minimized /regrun

uRun: [Mobile Partner] c:\program files\optus 3g wifi modem\Optus 3G WiFi Modem

uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"

mRun: [startCCC] "c:\program files\ati technologies\ati.ace\core-static\CLIStart.exe" MSRun

mRun: [smartAudio] c:\program files\conexant\saii\SAIICpl.exe /t

mRun: [cAudioFilterAgent] c:\program files\conexant\caudiofilteragent\cAudioFilterAgent.exe

mRun: [TPwrMain] c:\program files\toshiba\power saver\TPwrMain.EXE

mRun: [HSON] c:\program files\toshiba\tbs\HSON.exe

mRun: [smoothView] c:\program files\toshiba\smoothview\SmoothView.exe

mRun: [00TCrdMain] c:\program files\toshiba\flashcards\TCrdMain.exe

mRun: [synTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe

mRun: [iTSecMng] c:\program files\toshiba\bluetooth toshiba stack\ItSecMng.exe /START

mRun: [TWebCamera] "c:\program files\toshiba\toshiba web camera application\TWebCamera.exe" autorun

mRun: [smartFaceVWatcher] c:\program files\toshiba\smartfacev\SmartFaceVWatcher.exe

mRun: [TosSENotify] c:\program files\toshiba\toshiba hdd ssd alert\TosWaitSrv.exe

mRun: [ToshibaServiceStation] "c:\program files\toshiba\toshiba service station\ToshibaServiceStation.exe" /hide:60

mRun: [Teco] "c:\program files\toshiba\teco\Teco.exe" /r

mRun: [TosWaitSrv] c:\program files\toshiba\tphm\TosWaitSrv.exe

mRun: [TosVolRegulator] c:\program files\toshiba\tosvolregulator\TosVolRegulator.exe

mRun: [TosNC] c:\program files\toshiba\bulletinboard\TosNcCore.exe

mRun: [TosReelTimeMonitor] c:\program files\toshiba\reeltime\TosReelTimeMonitor.exe

mRun: [bigPondWirelessBroadbandCM] "c:\program files\telstra\mobile broadband manager\TelstraUCM.exe" -tsr

mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey

mRun: [vProt] "c:\program files\avg secure search\vprot.exe"

mRun: [WD Drive Unlocker] c:\program files\western digital\wd security\WDDriveAutoUnlock.exe

mRun: [WD Quick View] c:\program files\western digital\wd quick view\WDDMStatus.exe

mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"

mRun: [AlterGeoUpdater] c:\program files\altergeo\html5 geolocation provider\html5locsvc.exe

dRun: [AlterGeoUpdater] c:\programdata\altergeo\update for html5 geolocation provider\html5locsvc.exe

StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\blueto~1.lnk - c:\program files\toshiba\bluetooth toshiba stack\TosBtMng.exe

StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\samsun~1.lnk - c:\program files\clarus\samsung drive manager\ABRTMon.exe

mPolicies-System: ConsentPromptBehaviorAdmin = dword:5

mPolicies-System: ConsentPromptBehaviorUser = dword:3

mPolicies-System: EnableUIADesktopToggle = dword:0

IE: E&xport to Microsoft Excel - c:\progra~1\mif5ba~1\office14\EXCEL.EXE/3000

IE: Se&nd to OneNote - c:\progra~1\mif5ba~1\office14\ONBttnIE.dll/105

IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office14\ONBttnIE.dll

IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - c:\program files\microsoft office\office14\ONBttnIELinkedNotes.dll

IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll

TCP: NameServer = 192.168.1.1 192.168.1.1

TCP: Interfaces\{0E542920-662B-44D7-98BA-C9482EBDEFCD} : DHCPNameServer = 192.168.1.1 192.168.1.1

TCP: Interfaces\{53D61DF1-42CF-43B4-BD0B-10C50B9CAB06} : DHCPNameServer = 10.4.182.20 10.4.81.103

TCP: Interfaces\{B2CDC1E0-A6EA-4F10-8EBB-1CCAC1E11CBB} : DHCPNameServer = 192.168.1.1 192.168.1.1

TCP: Interfaces\{B2CDC1E0-A6EA-4F10-8EBB-1CCAC1E11CBB}\1627261647 : DHCPNameServer = 192.168.0.254

TCP: Interfaces\{B2CDC1E0-A6EA-4F10-8EBB-1CCAC1E11CBB}\2545C483138363D24656661657C647 : DHCPNameServer = 192.168.0.1 192.168.0.1

TCP: Interfaces\{B2CDC1E0-A6EA-4F10-8EBB-1CCAC1E11CBB}\441535 : DHCPNameServer = 192.168.50.1

TCP: Interfaces\{B2CDC1E0-A6EA-4F10-8EBB-1CCAC1E11CBB}\46C696E6B6F5D647372363 : DHCPNameServer = 192.168.0.1

TCP: Interfaces\{B2CDC1E0-A6EA-4F10-8EBB-1CCAC1E11CBB}\B4166656F51427963757 : DHCPNameServer = 192.168.0.1

TCP: Interfaces\{B2CDC1E0-A6EA-4F10-8EBB-1CCAC1E11CBB}\C4962627162797D275966496 : DHCPNameServer = 113.212.168.41 113.212.168.39

TCP: Interfaces\{B2CDC1E0-A6EA-4F10-8EBB-1CCAC1E11CBB}\F60756E6F567F6B6A716C6 : DHCPNameServer = 192.168.32.1 8.8.8.8

TCP: Interfaces\{B31DB046-2C4D-4273-94B8-C88B91E42F0E} : DHCPNameServer = 192.168.22.250 192.168.22.190

Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\common files\microsoft shared\office14\MSOXMLMF.DLL

Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll

Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files\common files\avg secure search\viprotocolinstaller\15.4.0\ViProtocol.dll

SSODL: WebCheck - <orphaned>

mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\program files\google\chrome\application\28.0.1500.95\installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome

.

================= FIREFOX ===================

.

FF - ProfilePath - c:\users\vlad\appdata\roaming\mozilla\firefox\profiles\z90lj8ei.default\

FF - prefs.js: network.proxy.ftp - 192.168.9.250

FF - prefs.js: network.proxy.ftp_port - 3128

FF - prefs.js: network.proxy.http - 192.168.9.250

FF - prefs.js: network.proxy.http_port - 3128

FF - prefs.js: network.proxy.socks - 192.168.9.250

FF - prefs.js: network.proxy.socks_port - 3128

FF - prefs.js: network.proxy.ssl - 192.168.9.250

FF - prefs.js: network.proxy.ssl_port - 3128

FF - prefs.js: network.proxy.type - 1

FF - plugin: c:\progra~1\mif5ba~1\office14\NPAUTHZ.DLL

FF - plugin: c:\progra~1\mif5ba~1\office14\NPSPWRAP.DLL

FF - plugin: c:\program files\adobe\reader 11.0\reader\air\nppdf32.dll

FF - plugin: c:\program files\altergeo\html5 geolocation provider\npHtml5loc.dll

FF - plugin: c:\program files\common files\avg secure search\sitesafetyinstaller\15.3.0\npsitesafety.dll

FF - plugin: c:\program files\google\update\1.3.21.145\npGoogleUpdate3.dll

FF - plugin: c:\program files\microsoft silverlight\5.1.20125.0\npctrlui.dll

FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll

FF - plugin: c:\programdata\altergeo\update for html5 geolocation provider\npHtml5loc.dll

.

============= SERVICES / DRIVERS ===============

.

R0 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2013-6-18 211560]

R1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx86.sys [2012-8-27 37664]

R1 MpKsl62297a4f;MpKsl62297a4f;c:\programdata\microsoft\microsoft antimalware\definition updates\{826357c5-2ed2-40d0-bfad-c60c0558a6ed}\MpKsl62297a4f.sys [2013-8-3 29904]

R2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2010-3-15 172032]

R2 cfWiMAXService;ConfigFree WiMAX Service;c:\program files\toshiba\configfree\CFIWmxSvcs.exe [2010-1-29 185712]

R2 ConfigFree Service;ConfigFree Service;c:\program files\toshiba\configfree\CFSvcs.exe [2009-3-11 46448]

R2 HWDeviceService.exe;HWDeviceService.exe;c:\programdata\datacardservice\HWDeviceService.exe [2011-3-14 271712]

R2 NisDrv;Microsoft Network Inspection System;c:\windows\system32\drivers\NisDrvWFP.sys [2013-6-18 107392]

R2 Skype C2C Service;Skype C2C Service;c:\programdata\skype\toolbars\skype c2c service\c2c_service.exe [2013-7-12 3289472]

R2 SwiCardDetectSvc;Sierra Wireless Card Detection Service;c:\program files\sierra wireless inc\common\SwiCardDetect.exe [2011-6-24 238960]

R2 SZDrvSvc;Samsung Drive Manager Service;c:\program files\clarus\samsung drive manager\SZDrvSvc.exe [2012-1-7 19456]

R2 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service;c:\program files\toshiba\teco\TecoService.exe [2010-3-18 189808]

R2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver;c:\windows\system32\drivers\TVALZFL.sys [2009-6-20 12920]

R2 UNS;Intel® Management & Security Application User Notification Service;c:\program files\intel\intel® management engine components\uns\UNS.exe [2012-1-4 2320920]

R2 vToolbarUpdater15.4.0;vToolbarUpdater15.4.0;c:\program files\common files\avg secure search\vtoolbarupdater\15.4.0\ToolbarUpdater.exe [2013-7-29 1616048]

R2 WDBackup;WD Backup;c:\program files\western digital\wd smartware\WDBackupEngine.exe [2012-6-14 1151424]

R2 WDDriveService;WD Drive Manager;c:\program files\western digital\wd drive manager\WDDriveService.exe [2012-9-6 248248]

R2 WDRulesService;WD Rules;c:\program files\western digital\wd smartware\WDRulesEngine.exe [2012-6-14 1177536]

R2 WINZIPSSDiskOptimizer;WINZIPSSDiskOptimizer;c:\program files\winzip system utilities suite\WINZIPSSDefragSrv.exe [2012-8-29 606608]

R3 CnxtHdmiAudService;Conexant UAA HDMI Function Driver for High Definition Audio Service;c:\windows\system32\drivers\CHDMI32.sys [2010-3-6 516152]

R3 FwLnk;FwLnk Driver;c:\windows\system32\drivers\FwLnk.sys [2012-1-4 7680]

R3 huawei_enumerator;huawei_enumerator;c:\windows\system32\drivers\ew_jubusenum.sys [2013-7-22 76544]

R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\drivers\L1C62x86.sys [2011-4-18 69232]

R3 mdf16;mdf16;c:\program files\clarus\samsung drive manager\mdf16.sys [2012-1-7 18288]

R3 mvd23;mvd23;c:\program files\clarus\samsung drive manager\mvd23.sys [2012-1-7 90944]

R3 NisSrv;Microsoft Network Inspection;c:\program files\microsoft security client\NisSrv.exe [2013-7-18 295376]

R3 PGEffect;Pangu effect driver;c:\windows\system32\drivers\PGEffect.sys [2012-1-4 24064]

R3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;c:\program files\toshiba\toshiba hdd ssd alert\TosSmartSrv.exe [2010-2-6 111960]

R3 TPCHSrv;TPCH Service;c:\program files\toshiba\tphm\TPCHSrv.exe [2010-2-24 685424]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 Optus Mobile Broadband. RunOuc;Optus Mobile Broadband. OUC;c:\program files\optus mobile broadband\updatedog\ouc.exe [2012-2-11 246112]

S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2013-6-21 162408]

S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-14 229888]

S3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;c:\windows\system32\drivers\ew_hwusbdev.sys [2013-7-22 102784]

S3 ew_usbenumfilter;huawei_CompositeFilter;c:\windows\system32\drivers\ew_usbenumfilter.sys [2013-7-22 11136]

S3 huawei_cdcacm;huawei_cdcacm;c:\windows\system32\drivers\ew_jucdcacm.sys [2013-7-22 95616]

S3 huawei_cdcecm;huawei_cdcecm;c:\windows\system32\drivers\ew_jucdcecm.sys [2013-7-22 70016]

S3 huawei_ext_ctrl;huawei_ext_ctrl;c:\windows\system32\drivers\ew_juextctrl.sys [2013-7-22 27520]

S3 huawei_wwanecm;huawei_wwanecm;c:\windows\system32\drivers\ew_juwwanecm.sys [2013-7-22 202752]

S3 massfilter;ZTE Mass Storage Filter Driver;c:\windows\system32\drivers\massfilter.sys [2010-7-16 7168]

S3 massfilter_lte;LTE Device Mass Storage Filter Driver;c:\windows\system32\drivers\massfilter_LTE.sys [2011-10-4 15896]

S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-10-25 14848]

S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\drivers\RtsUStor.sys [2012-1-4 182304]

S3 StorSvc;Storage Service;c:\windows\system32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-14 20992]

S3 TMachInfo;TMachInfo;c:\program files\toshiba\toshiba service station\TMachInfo.exe [2012-1-4 51512]

S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2012-10-25 49664]

S3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\wat\WatAdminSvc.exe [2012-1-3 1343400]

S3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\drivers\wdcsam.sys [2008-5-6 11520]

S3 zgdcat;ZTE Datacard AT Port;c:\windows\system32\drivers\zgdcat.sys [2012-3-30 114456]

S3 zgdcdiag;ZTE Datacard Diagnostics Port;c:\windows\system32\drivers\zgdcdiag.sys [2012-3-30 114456]

S3 zgdcmdm;ZTE Datacard Modem;c:\windows\system32\drivers\zgdcmdm.sys [2012-3-30 114456]

S3 zgdcnet;ZTE Datacard Network Adapter;c:\windows\system32\drivers\zgdcnet.sys [2012-3-30 144408]

.

=============== Created Last 30 ================

.

2013-08-03 06:07:10 29904 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{826357c5-2ed2-40d0-bfad-c60c0558a6ed}\MpKsl62297a4f.sys

2013-08-02 22:30:06 7143960 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{826357c5-2ed2-40d0-bfad-c60c0558a6ed}\mpengine.dll

2013-08-01 22:29:51 7143960 ------w- c:\programdata\microsoft\microsoft antimalware\definition updates\backup\mpengine.dll

2013-07-26 12:24:10 838792 ----a-w- c:\program files\windows defender\en-us\x86\setup.exe

2013-07-26 12:24:10 707448 ----a-w- c:\program files\windows defender\en-us\x86\LegitLib.dll

2013-07-26 12:24:10 196416 ----a-w- c:\program files\windows defender\en-us\x86\sqmapi.dll

2013-07-21 22:29:13 95616 ----a-w- c:\windows\system32\drivers\ew_jucdcacm.sys

2013-07-21 22:29:13 861696 ----a-w- c:\windows\system32\drivers\mod7700.sys

2013-07-21 22:29:13 76544 ----a-w- c:\windows\system32\drivers\ew_jubusenum.sys

2013-07-21 22:29:13 70016 ----a-w- c:\windows\system32\drivers\ew_jucdcecm.sys

2013-07-21 22:29:13 377856 ----a-w- c:\windows\system32\drivers\ewusbwwan.sys

2013-07-21 22:29:13 27520 ----a-w- c:\windows\system32\drivers\ew_juextctrl.sys

2013-07-21 22:29:13 25856 ----a-w- c:\windows\system32\drivers\ewdcsc.sys

2013-07-21 22:29:13 202752 ----a-w- c:\windows\system32\drivers\ew_juwwanecm.sys

2013-07-21 22:29:13 199168 ----a-w- c:\windows\system32\drivers\ewusbmdm.sys

2013-07-21 22:29:13 19200 ----a-w- c:\windows\system32\drivers\ew_hwupgrade.sys

2013-07-21 22:29:13 11136 ----a-w- c:\windows\system32\drivers\ew_usbenumfilter.sys

2013-07-21 22:29:13 102784 ----a-w- c:\windows\system32\drivers\ew_hwusbdev.sys

2013-07-17 05:58:31 698504 ------w- c:\programdata\microsoft\microsoft antimalware\definition updates\{776d7fe2-2b04-43a2-ac8d-8d839c7a84ce}\gapaengine.dll

2013-07-16 03:14:23 -------- d-----w- c:\windows\system32\MRT

2013-07-16 03:08:35 8864 ----a-w- c:\program files\windows defender\en-us\setupres.dll

2013-07-16 03:08:35 185664 ----a-w- c:\program files\windows defender\en-us\EppManifest.dll

2013-07-15 00:42:56 1247744 ----a-w- c:\windows\system32\DWrite.dll

2013-07-15 00:42:48 2347520 ----a-w- c:\windows\system32\win32k.sys

2013-07-15 00:42:47 509440 ----a-w- c:\windows\system32\qedit.dll

2013-07-15 00:42:37 936448 ----a-w- c:\program files\common files\microsoft shared\ink\journal.dll

2013-07-15 00:42:36 988672 ----a-w- c:\program files\windows journal\JNTFiltr.dll

2013-07-15 00:42:36 969216 ----a-w- c:\program files\windows journal\JNWDRV.dll

2013-07-15 00:42:35 1221632 ----a-w- c:\program files\windows journal\NBDoc.DLL

2013-07-15 00:42:34 1620480 ----a-w- c:\windows\system32\WMVDECOD.DLL

2013-07-12 06:42:18 6129024 ----a-w- c:\program files\mozilla firefox\extensions\{82af8dca-6de9-405d-bd5e-43525bdad38a}\components\SkypeFfComponent.dll

2013-07-12 06:42:18 6129024 ----a-w- c:\program files\mozilla firefox\browser\extensions\{82af8dca-6de9-405d-bd5e-43525bdad38a}\components\SkypeFfComponent.dll

.

==================== Find3M  ====================

.

2013-07-29 12:29:48 37664 ----a-w- c:\windows\system32\drivers\avgtpx86.sys

2013-06-18 13:50:08 211560 ----a-w- c:\windows\system32\drivers\MpFilter.sys

2013-06-18 13:50:08 107392 ----a-w- c:\windows\system32\drivers\NisDrvWFP.sys

2013-06-12 14:43:23 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2013-06-12 14:43:23 692104 ----a-w- c:\windows\system32\FlashPlayerApp.exe

2013-05-27 05:02:03 981504 ----a-w- c:\windows\system32\wininet.dll

2013-05-27 03:20:41 1638912 ----a-w- c:\windows\system32\mshtml.tlb

2013-05-13 04:45:55 140288 ----a-w- c:\windows\system32\cryptsvc.dll

2013-05-13 04:45:55 1160192 ----a-w- c:\windows\system32\crypt32.dll

2013-05-13 04:45:55 103936 ----a-w- c:\windows\system32\cryptnet.dll

2013-05-13 03:08:10 903168 ----a-w- c:\windows\system32\certutil.exe

2013-05-13 03:08:06 43008 ----a-w- c:\windows\system32\certenc.dll

2013-05-10 03:20:54 24576 ----a-w- c:\windows\system32\cryptdlg.dll

2013-05-08 05:38:00 1293672 ----a-w- c:\windows\system32\drivers\tcpip.sys

2013-05-06 05:06:47 3968872 ----a-w- c:\windows\system32\ntkrnlpa.exe

2013-05-06 05:06:47 3913576 ----a-w- c:\windows\system32\ntoskrnl.exe

.

============= FINISH: 14:34:42.37 ===============

Not too sure on how to clean up this issue and have laptop secured. Never use any suspicious sites. Look through professional information and government sites. The only time I have given access to IT guy - is to set up automatic log into WiFi in Irkutsk University - Russia in front of me - was reading / conducting Safety Training to Australian qualifications on voluntary basis with help from donated money. DDS Log (marked Attach) is also attached. Thanks in advance. 

Attach-Notepad-3-Aug-2013.txt

[AdvancedSetup]

You need to go back and work with Gringo on the other site.  Working on the same issue from different sites simply wastes resources and makes clean up more difficult.

 

Thank you

[AdvancedSetup]

I'm sorry I spoke with Gringo about this and it appears you were just viewing a post he did and not working on one - I apologize for that.

 

I would suggest following the advice from the topic here Available Assistance for Possibly Infected Computers and having one of the Experts assist you with looking into your issue.


Thank you