Jump to content
Sign in to follow this  
scorpian

system running slow.

Recommended Posts

Mr.Ron, the required log is as follows:

 

Vino's Event Viewer v01c run on Windows 2008 in English
Report run at 26/09/2013 14:12:57
 
Note: All dates below are in the format dd/mm/yyyy
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Critical Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'Application' Date/Time: 24/09/2013 21:50:38
Type: Error Category: 1
Event: 100 Source: CVHSVC
Information only. (Patch task for {90140011-0066-0409-0000-0000000FF1CE}): DownloadLatest Failed: There are currently no active network connections. Background Intelligent Transfer Service (BITS) will try again when an adapter is connected. 
 
Log: 'Application' Date/Time: 24/09/2013 21:03:23
Type: Error Category: 1
Event: 100 Source: CVHSVC
Information only. (Patch task for {90140011-0066-0409-0000-0000000FF1CE}): DownloadLatest Failed: There are currently no active network connections. Background Intelligent Transfer Service (BITS) will try again when an adapter is connected. 
 
Log: 'Application' Date/Time: 24/09/2013 19:23:53
Type: Error Category: 0
Event: 80 Source: SideBySide
Activation context generation failed for "c:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe".Error in manifest or policy file "" on line . A component version required by the application conflicts with another component version already active. Conflicting components are:. Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
 
Log: 'Application' Date/Time: 24/09/2013 15:15:20
Type: Error Category: 1
Event: 100 Source: CVHSVC
Information only. (Patch task for {90140011-0066-0409-0000-0000000FF1CE}): DownloadLatest Failed: There are currently no active network connections. Background Intelligent Transfer Service (BITS) will try again when an adapter is connected. 
 
Log: 'Application' Date/Time: 24/09/2013 14:56:37
Type: Error Category: 0
Event: 80 Source: SideBySide
Activation context generation failed for "C:\Users\Kishore Reddy\Downloads\esetsmartinstaller_enu.exe".Error in manifest or policy file "" on line . A component version required by the application conflicts with another component version already active. Conflicting components are:. Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
 
Log: 'Application' Date/Time: 24/09/2013 08:17:02
Type: Error Category: 1
Event: 100 Source: CVHSVC
Information only. (Patch task for {90140011-0066-0409-0000-0000000FF1CE}): DownloadLatest Failed: There are currently no active network connections. Background Intelligent Transfer Service (BITS) will try again when an adapter is connected. 
 
Log: 'Application' Date/Time: 24/09/2013 07:56:38
Type: Error Category: 1
Event: 100 Source: CVHSVC
Information only. (Patch task for {90140011-0066-0409-0000-0000000FF1CE}): DownloadLatest Failed: There are currently no active network connections. Background Intelligent Transfer Service (BITS) will try again when an adapter is connected. 
 
Log: 'Application' Date/Time: 24/09/2013 07:32:27
Type: Error Category: 0
Event: 80 Source: SideBySide
Activation context generation failed for "C:\Users\Kishore Reddy\Downloads\esetsmartinstaller_enu.exe".Error in manifest or policy file "" on line . A component version required by the application conflicts with another component version already active. Conflicting components are:. Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
 
Log: 'Application' Date/Time: 24/09/2013 05:46:12
Type: Error Category: 1
Event: 100 Source: CVHSVC
Information only. (Patch task for {90140011-0066-0409-0000-0000000FF1CE}): DownloadLatest Failed: There are currently no active network connections. Background Intelligent Transfer Service (BITS) will try again when an adapter is connected. 
 
Log: 'Application' Date/Time: 23/09/2013 21:44:16
Type: Error Category: 1
Event: 100 Source: CVHSVC
Information only. (Patch task for {90140011-0066-0409-0000-0000000FF1CE}): DownloadLatest Failed: There are currently no active network connections. Background Intelligent Transfer Service (BITS) will try again when an adapter is connected. 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Critical Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 26/09/2013 08:38:01
Type: Error Category: 0
Event: 7000 Source: Service Control Manager
The DgiVecp service failed to start due to the following error:  The system cannot find the device specified.
 
Log: 'System' Date/Time: 26/09/2013 08:38:00
Type: Error Category: 0
Event: 7000 Source: Service Control Manager
The Aircel. OUC service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
 
Log: 'System' Date/Time: 26/09/2013 08:38:00
Type: Error Category: 0
Event: 7009 Source: Service Control Manager
A timeout was reached (30000 milliseconds) while waiting for the Aircel. OUC service to connect.
 
Log: 'System' Date/Time: 26/09/2013 07:09:25
Type: Error Category: 0
Event: 7000 Source: Service Control Manager
The DgiVecp service failed to start due to the following error:  The system cannot find the device specified.
 
Log: 'System' Date/Time: 26/09/2013 07:09:25
Type: Error Category: 0
Event: 7000 Source: Service Control Manager
The Aircel. OUC service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
 
Log: 'System' Date/Time: 26/09/2013 07:09:25
Type: Error Category: 0
Event: 7009 Source: Service Control Manager
A timeout was reached (30000 milliseconds) while waiting for the Aircel. OUC service to connect.
 
Log: 'System' Date/Time: 26/09/2013 06:57:43
Type: Error Category: 0
Event: 7000 Source: Service Control Manager
The DgiVecp service failed to start due to the following error:  The system cannot find the device specified.
 
Log: 'System' Date/Time: 26/09/2013 06:57:43
Type: Error Category: 0
Event: 7000 Source: Service Control Manager
The Aircel. OUC service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
 
Log: 'System' Date/Time: 26/09/2013 06:57:43
Type: Error Category: 0
Event: 7009 Source: Service Control Manager
A timeout was reached (30000 milliseconds) while waiting for the Aircel. OUC service to connect.
 
Log: 'System' Date/Time: 25/09/2013 13:33:46
Type: Error Category: 0
Event: 7000 Source: Service Control Manager
The DgiVecp service failed to start due to the following error:  The system cannot find the device specified.

Share this post


Link to post
Share on other sites

Okay, notice the errors for 09/26/2013 those are new or continuing issues that need to be fixed.  I'll look up some solutions and get back to you tomorrow.

 

Cheers

Share this post


Link to post
Share on other sites

Hello Mr.Ron, Avira AV has found something and i am not sure what it is. so i am posting it for your advice. thankyou.

 

 

 
 
Avira Free Antivirus
Report file date: 26 September 2013  19:06
 
 
The program is running as an unrestricted full version.
Online services are available.
 
Licensee        : Avira Free Antivirus
Serial number   : 0000149996-ADJIE-0000001
Platform        : Windows 7 Home Basic
Windows version : (Service Pack 1)  [6.1.7601]
Boot mode       : Normally booted
Username        : SYSTEM
Computer name   : KISHOREREDDY-PC
 
Version information:
BUILD.DAT       : 13.0.0.4052    55009 Bytes  29-08-2013 18:03:00
AVSCAN.EXE      : 13.6.20.2100   639032 Bytes  17-07-2013 14:07:09
AVSCANRC.DLL    : 13.6.20.2174    52280 Bytes  06-08-2013 13:24:14
LUKE.DLL        : 13.6.20.2174    65080 Bytes  31-07-2013 18:31:48
AVSCPLR.DLL     : 13.6.20.2174    92216 Bytes  31-07-2013 18:22:31
AVREG.DLL       : 13.6.20.2174   250424 Bytes  31-07-2013 18:21:56
avlode.dll      : 13.6.20.2174   497720 Bytes  31-07-2013 18:21:22
avlode.rdf      : 13.0.1.42      26846 Bytes  28-08-2013 07:31:36
VBASE000.VDF    : 7.11.70.0   66736640 Bytes  04-04-2013 05:30:13
VBASE001.VDF    : 7.11.74.226  2201600 Bytes  30-04-2013 07:11:13
VBASE002.VDF    : 7.11.80.60   2751488 Bytes  28-05-2013 04:32:30
VBASE003.VDF    : 7.11.85.214  2162688 Bytes  21-06-2013 08:10:18
VBASE004.VDF    : 7.11.91.176  3903488 Bytes  23-07-2013 08:58:27
VBASE005.VDF    : 7.11.98.186  6822912 Bytes  29-08-2013 06:20:30
VBASE006.VDF    : 7.11.103.230  2293248 Bytes  24-09-2013 08:18:38
VBASE007.VDF    : 7.11.103.231     2048 Bytes  24-09-2013 08:18:38
VBASE008.VDF    : 7.11.103.232     2048 Bytes  24-09-2013 08:18:38
VBASE009.VDF    : 7.11.103.233     2048 Bytes  24-09-2013 08:18:39
VBASE010.VDF    : 7.11.103.234     2048 Bytes  24-09-2013 08:18:39
VBASE011.VDF    : 7.11.103.235     2048 Bytes  24-09-2013 08:18:39
VBASE012.VDF    : 7.11.103.236     2048 Bytes  24-09-2013 08:18:40
VBASE013.VDF    : 7.11.103.237     2048 Bytes  24-09-2013 08:18:40
VBASE014.VDF    : 7.11.103.238     2048 Bytes  24-09-2013 08:18:40
VBASE015.VDF    : 7.11.103.239     2048 Bytes  24-09-2013 08:18:40
VBASE016.VDF    : 7.11.103.240     2048 Bytes  24-09-2013 08:18:41
VBASE017.VDF    : 7.11.103.241     2048 Bytes  24-09-2013 08:18:41
VBASE018.VDF    : 7.11.103.242     2048 Bytes  24-09-2013 08:18:41
VBASE019.VDF    : 7.11.103.243     2048 Bytes  24-09-2013 08:18:42
VBASE020.VDF    : 7.11.103.244     2048 Bytes  24-09-2013 08:18:42
VBASE021.VDF    : 7.11.103.245     2048 Bytes  24-09-2013 08:18:43
VBASE022.VDF    : 7.11.103.246     2048 Bytes  24-09-2013 08:18:43
VBASE023.VDF    : 7.11.103.247     2048 Bytes  24-09-2013 08:18:43
VBASE024.VDF    : 7.11.103.248     2048 Bytes  24-09-2013 08:18:44
VBASE025.VDF    : 7.11.103.249     2048 Bytes  24-09-2013 08:18:44
VBASE026.VDF    : 7.11.103.250     2048 Bytes  24-09-2013 08:18:44
VBASE027.VDF    : 7.11.103.251     2048 Bytes  24-09-2013 08:18:44
VBASE028.VDF    : 7.11.103.252     2048 Bytes  24-09-2013 08:18:45
VBASE029.VDF    : 7.11.103.253     2048 Bytes  24-09-2013 08:18:45
VBASE030.VDF    : 7.11.103.254     2048 Bytes  24-09-2013 08:18:45
VBASE031.VDF    : 7.11.104.112   320512 Bytes  25-09-2013 07:34:29
Engine version  : 8.2.12.122
AEVDF.DLL       : 8.1.3.4       102774 Bytes  17-06-2013 05:00:27
AESCRIPT.DLL    : 8.1.4.150     516478 Bytes  25-09-2013 08:19:17
AESCN.DLL       : 8.1.10.4      131446 Bytes  26-03-2013 11:24:32
AESBX.DLL       : 8.2.16.26    1245560 Bytes  23-08-2013 09:16:40
AERDL.DLL       : 8.2.0.128     688504 Bytes  17-06-2013 05:00:27
AEPACK.DLL      : 8.3.2.28      749945 Bytes  25-09-2013 08:19:15
AEOFFICE.DLL    : 8.1.2.76      205181 Bytes  08-08-2013 11:31:21
AEHEUR.DLL      : 8.1.4.648    6525306 Bytes  25-09-2013 08:19:12
AEHELP.DLL      : 8.1.27.6      266617 Bytes  28-08-2013 07:31:27
AEGEN.DLL       : 8.1.7.14      446839 Bytes  25-09-2013 08:18:50
AEEXP.DLL       : 8.4.1.62      328055 Bytes  25-09-2013 08:19:18
AEEMU.DLL       : 8.1.3.2       393587 Bytes  29-11-2012 06:56:05
AECORE.DLL      : 8.1.32.0      201081 Bytes  23-08-2013 09:16:38
AEBB.DLL        : 8.1.1.4        53619 Bytes  29-11-2012 06:56:05
AVWINLL.DLL     : 13.6.20.2174    23608 Bytes  31-07-2013 18:23:24
AVPREF.DLL      : 13.6.20.2174    48184 Bytes  31-07-2013 18:21:46
AVREP.DLL       : 13.6.20.2174   175672 Bytes  31-07-2013 18:22:20
AVARKT.DLL      : 13.6.20.2174   258104 Bytes  31-07-2013 18:19:34
AVEVTLOG.DLL    : 13.6.20.2174   165432 Bytes  31-07-2013 18:20:38
SQLITE3.DLL     : 3.7.0.1       394824 Bytes  31-07-2013 16:24:53
AVSMTP.DLL      : 13.6.20.2174    60472 Bytes  31-07-2013 18:23:03
NETNT.DLL       : 13.6.20.2174    13368 Bytes  31-07-2013 18:32:20
RCIMAGE.DLL     : 13.6.20.2174  4788792 Bytes  31-07-2013 18:41:15
RCTEXT.DLL      : 13.6.20.2175    66616 Bytes  22-08-2013 13:35:19
 
Configuration settings for the scan:
Jobname.............................: Complete system scan
Configuration file..................: C:\Program Files (x86)\Avira\AntiVir Desktop\sysscan.avp
Reporting...........................: default
Primary action......................: Interactive
Secondary action....................: Ignore
Scan master boot sector.............: on
Scan boot sector....................: on
Boot sectors........................: C:, Q:, 
Process scan........................: on
Extended process scan...............: on
Scan registry.......................: on
Search for rootkits.................: on
Integrity checking of system files..: off
Scan all files......................: All files
Scan archives.......................: on
Limit recursion depth...............: 20
Smart extensions....................: on
Macrovirus heuristic................: on
File heuristic......................: extended
 
Start of the scan: 26 September 2013  19:06
 
Starting master boot sector scan:
Master boot sector HD0
    [iNFO]      No virus was found!
 
Start scanning boot sectors:
Boot sector 'C:\'
    [iNFO]      No virus was found!
 
Starting search for hidden objects.
Hidden driver
  [NOTE]      A memory modification has been detected, which could potentially be used to hide file access attempts.
 
The scan of running processes will be started:
Scan process 'svchost.exe' - '52' Module(s) have been scanned
Scan process 'svchost.exe' - '39' Module(s) have been scanned
Scan process 'svchost.exe' - '76' Module(s) have been scanned
Scan process 'svchost.exe' - '100' Module(s) have been scanned
Scan process 'svchost.exe' - '63' Module(s) have been scanned
Scan process 'svchost.exe' - '167' Module(s) have been scanned
Scan process 'svchost.exe' - '28' Module(s) have been scanned
Scan process 'SbieSvc.exe' - '31' Module(s) have been scanned
Scan process 'svchost.exe' - '89' Module(s) have been scanned
Scan process 'svchost.exe' - '80' Module(s) have been scanned
Scan process 'WLANExt.exe' - '32' Module(s) have been scanned
Scan process 'conhost.exe' - '14' Module(s) have been scanned
Scan process 'spoolsv.exe' - '83' Module(s) have been scanned
Scan process 'sched.exe' - '46' Module(s) have been scanned
Scan process 'taskhost.exe' - '54' Module(s) have been scanned
Scan process 'Dwm.exe' - '31' Module(s) have been scanned
Scan process 'Explorer.EXE' - '163' Module(s) have been scanned
Scan process 'armsvc.exe' - '28' Module(s) have been scanned
Scan process 'igfxtray.exe' - '28' Module(s) have been scanned
Scan process 'psi_tray.exe' - '27' Module(s) have been scanned
Scan process 'ouc.exe' - '32' Module(s) have been scanned
Scan process 'avguard.exe' - '106' Module(s) have been scanned
Scan process 'btwdins.exe' - '33' Module(s) have been scanned
Scan process 'dirmngr.exe' - '38' Module(s) have been scanned
Scan process 'dsiwmis.exe' - '44' Module(s) have been scanned
Scan process 'ePowerSvc.exe' - '30' Module(s) have been scanned
Scan process 'GREGsvc.exe' - '15' Module(s) have been scanned
Scan process 'HWDeviceService64.exe' - '32' Module(s) have been scanned
Scan process 'LMS.exe' - '33' Module(s) have been scanned
Scan process 'DCSHelper.exe' - '32' Module(s) have been scanned
Scan process 'mbamscheduler.exe' - '37' Module(s) have been scanned
Scan process 'IScheduleSvc.exe' - '71' Module(s) have been scanned
Scan process 'PSIA.exe' - '84' Module(s) have been scanned
Scan process 'sftvsa.exe' - '32' Module(s) have been scanned
Scan process 'svchost.exe' - '32' Module(s) have been scanned
Scan process 'svchost.exe' - '34' Module(s) have been scanned
Scan process 'UpdaterService.exe' - '27' Module(s) have been scanned
Scan process 'sftlist.exe' - '77' Module(s) have been scanned
Scan process 'CVHSVC.EXE' - '82' Module(s) have been scanned
Scan process 'avshadow.exe' - '29' Module(s) have been scanned
Scan process 'AVWEBGRD.EXE' - '72' Module(s) have been scanned
Scan process 'SearchIndexer.exe' - '50' Module(s) have been scanned
Scan process 'KeyScrambler.exe' - '54' Module(s) have been scanned
Scan process 'LManager.exe' - '73' Module(s) have been scanned
Scan process 'IAStorIcon.exe' - '51' Module(s) have been scanned
Scan process 'avgnt.exe' - '95' Module(s) have been scanned
Scan process 'MMDx64Fx.exe' - '27' Module(s) have been scanned
Scan process 'LMworker.exe' - '26' Module(s) have been scanned
Scan process 'unsecapp.exe' - '28' Module(s) have been scanned
Scan process 'KeyScrambler.exe' - '28' Module(s) have been scanned
Scan process 'wmiprvse.exe' - '33' Module(s) have been scanned
Scan process 'svchost.exe' - '34' Module(s) have been scanned
Scan process 'GoogleUpdate.exe' - '55' Module(s) have been scanned
Scan process 'IAStorDataMgrSvc.exe' - '50' Module(s) have been scanned
Scan process 'GoogleCrashHandler.exe' - '34' Module(s) have been scanned
Scan process 'GoogleCrashHandler64.exe' - '29' Module(s) have been scanned
Scan process 'UNS.exe' - '59' Module(s) have been scanned
Scan process 'wuauclt.exe' - '37' Module(s) have been scanned
Scan process 'DCSHelper.exe' - '39' Module(s) have been scanned
Scan process 'Aircel.exe' - '151' Module(s) have been scanned
Scan process 'WUDFHost.exe' - '34' Module(s) have been scanned
Scan process 'MailWasher.exe' - '152' Module(s) have been scanned
Scan process 'avcenter.exe' - '105' Module(s) have been scanned
Scan process 'avscan.exe' - '122' Module(s) have been scanned
Scan process 'vssvc.exe' - '47' Module(s) have been scanned
Scan process 'svchost.exe' - '28' Module(s) have been scanned
Scan process 'smss.exe' - '2' Module(s) have been scanned
Scan process 'csrss.exe' - '18' Module(s) have been scanned
Scan process 'csrss.exe' - '18' Module(s) have been scanned
Scan process 'wininit.exe' - '26' Module(s) have been scanned
Scan process 'winlogon.exe' - '31' Module(s) have been scanned
Scan process 'services.exe' - '36' Module(s) have been scanned
Scan process 'lsass.exe' - '63' Module(s) have been scanned
Scan process 'lsm.exe' - '16' Module(s) have been scanned
 
Starting to scan executable files (registry):
The registry was scanned ( '5137' files ).
 
 
Starting the file scan:
 
Begin scan in 'C:\' <Acer>
Begin scan in 'Q:\'
Search path Q:\ could not be opened!
System error [5]: Access is denied.
 
 
End of the scan: 26 September 2013  20:47
Used time:  1:41:16 Hour(s)
 
The scan has been done completely.
 
  34098 Scanned directories
 638583 Files were scanned
      0 Viruses and/or unwanted programs were found
      0 Files were classified as suspicious
      0 Files were deleted
      0 Viruses and unwanted programs were repaired
      0 Files were moved to quarantine
      0 Files were renamed
      0 Files cannot be scanned
 638583 Files not concerned
   9829 Archives were scanned
      0 Warnings
      1 Notes
 1101447 Objects were scanned with rootkit scan
      1 Hidden objects were found
 

Share this post


Link to post
Share on other sites

Please see if you can do the following

 

DgiVecp Services Wont Start

 

Then reboot and run this tool again.

 

Please download the following scanner from Kaspersky and save it to your computer: TDSSkiller

Then watch the following video on how to use the tool and make sure to temporarily disable your security applications before running TDSSkiller.



If any infection is found please make sure to choose SKIP and post back the log in case of a False Positive detection.

Once the tool has completed scanning make sure to re-enable your other security applications.
 

Share this post


Link to post
Share on other sites

Hello Mr.Ron, deleted the  DgiVecp but unable to find  OUC to delete from the registry. shall i move forward and scan with TDSSKiller. thankyou.

Share this post


Link to post
Share on other sites

Not sure deleting is the answer and why I linked you to another site that claims to address it.  For the OUC I'm not sure but we can review some other logs to see what we can do.

 

Yes, please run the TDSSkiller scan and post back the log.

Share this post


Link to post
Share on other sites

Mr.Ron, gone forward and done the TDSSKiller scan and no threats were found. the screen shot is attached. i do not require the samsung printer driver  as i last used the printer 3 months back and coming to the OUC (online update service of the internet provider or the Dongle soft updater)problem may be sorted if i uninstall  and reinstall the internet provider service software.Please let me know If you want me to merge DgiVecp back into the Registry. will be waiting for your instructions. thankyou.

post-144354-0-32155200-1380618445_thumb.

Share this post


Link to post
Share on other sites

No, if all is working okay then leave it as it is.  Go ahead and reinstall your ISP software then if they think it will help.
 
Once done let me have you run the combofix again. Delete your current copy and download a new fresh copy to run.
 
Please visit this webpage and read the ComboFix User's Guide:

  • Once you've read the article and are ready to use the program you can download it directly from the link below.
  • Important! - Please make sure you save combofix to your desktop and do not run it from your browser
  • Direct download link for: ComboFix.exe
  • Please make sure you disable your security applications before running ComboFix.
  • Once Combofix has completed it will produce and open a log file.  Please be patient as it can take some time to load.
  • Please attach that log file to your next reply.
  • If needed the file can be located here:  C:\combofix.txt
  • NOTE: If you receive the message "illegal operation has been attempted on a registry key that has been marked for deletion", just reboot the computer.

Share this post


Link to post
Share on other sites

Hello Mr.Ron, reinstalled OUC and has run combfix and the log is posted for further analysis.i also need to tell you that my system starting speed as increased considerably. thankyou.

 

 ComboFix 13-10-01.03 - Kishore Reddy 02/10/2013  12:10:56.12.4 - x64

Microsoft Windows 7 Home Basic   6.1.7601.1.1252.91.1033.18.2807.1635 [GMT 5.5:30]
Running from: c:\users\Kishore Reddy\Desktop\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\wininit.ini
.
.
(((((((((((((((((((((((((   Files Created from 2013-09-02 to 2013-10-02  )))))))))))))))))))))))))))))))
.
.
2013-10-02 06:47 . 2013-10-02 06:47 -------- d-----w- c:\users\Public\AppData\Local\temp
2013-10-02 06:47 . 2013-10-02 06:47 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-10-02 06:00 . 2012-09-18 08:22 239104 ----a-w- c:\windows\system32\drivers\ew_juwwanecm.sys
2013-10-02 06:00 . 2012-09-14 01:28 451072 ----a-w- c:\windows\system32\drivers\ewusbwwan.sys
2013-10-02 06:00 . 2012-08-20 00:55 90112 ----a-w- c:\windows\system32\drivers\ew_jubusenum.sys
2013-10-02 06:00 . 2012-08-20 00:55 76288 ----a-w- c:\windows\system32\drivers\ew_jucdcecm.sys
2013-10-02 06:00 . 2012-08-20 00:55 30720 ----a-w- c:\windows\system32\drivers\ew_juextctrl.sys
2013-10-02 06:00 . 2012-08-20 00:55 104960 ----a-w- c:\windows\system32\drivers\ew_jucdcacm.sys
2013-10-02 06:00 . 2011-12-31 01:20 225920 ----a-w- c:\windows\system32\drivers\ewusbmdm.sys
2013-10-02 06:00 . 2010-10-08 08:59 32768 ----a-w- c:\windows\system32\drivers\ewdcsc.sys
2013-10-02 06:00 . 2010-09-26 10:09 22016 ----a-w- c:\windows\system32\drivers\ew_hwupgrade.sys
2013-10-02 06:00 . 2010-08-05 23:43 1001472 ----a-w- c:\windows\system32\drivers\mod7700.sys
2013-10-02 06:00 . 2010-07-27 01:52 117248 ----a-w- c:\windows\system32\drivers\ew_hwusbdev.sys
2013-10-02 06:00 . 2010-03-20 04:06 13952 ----a-w- c:\windows\system32\drivers\ew_usbenumfilter.sys
2013-10-02 05:59 . 2013-10-02 06:04 -------- d-----w- c:\program files (x86)\Aircel
2013-09-25 08:19 . 2013-09-25 08:19 81112 ----a-w- c:\windows\system32\drivers\avnetflt.sys
2013-09-25 08:16 . 2013-09-25 08:16 -------- d-----w- c:\users\Kishore Reddy\AppData\Roaming\Avira
2013-09-25 08:11 . 2013-09-25 08:11 -------- d-----w- c:\programdata\Avira
2013-09-25 08:11 . 2013-09-25 08:11 -------- d-----w- c:\program files (x86)\Avira
2013-09-25 08:11 . 2013-08-22 12:21 105344 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2013-09-25 08:11 . 2013-07-15 10:38 132088 ----a-w- c:\windows\system32\drivers\avipbb.sys
2013-09-25 08:11 . 2013-03-06 10:43 28600 ----a-w- c:\windows\system32\drivers\avkmgr.sys
2013-09-24 08:03 . 2013-09-24 08:03 -------- d-s---w- c:\windows\SysWow64\Microsoft
2013-09-24 07:36 . 2013-09-24 19:27 76232 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{A0939623-FEFE-4AC6-9581-8886E73E27E1}\offreg.dll
2013-09-24 05:50 . 2013-09-15 19:20 9694160 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{A0939623-FEFE-4AC6-9581-8886E73E27E1}\mpengine.dll
2013-09-22 07:24 . 2013-09-24 08:26 -------- d-----w- c:\program files\AVAST Software
2013-09-22 07:23 . 2013-09-25 07:58 -------- d-----w- c:\programdata\AVAST Software
2013-09-20 06:37 . 2013-09-23 20:56 -------- d-----w- C:\AdwCleaner
2013-09-20 05:21 . 2013-09-20 05:21 -------- d-----w- c:\windows\ERUNT
2013-09-12 08:06 . 2013-10-02 06:47 -------- d-----w- c:\users\Kishore Reddy\AppData\Local\temp
2013-09-12 06:38 . 2013-08-10 05:22 1084928 ----a-w- c:\program files\Common Files\Microsoft Shared\VGX\VGX.dll
2013-09-12 06:38 . 2013-08-10 05:21 53248 ----a-w- c:\windows\system32\jsproxy.dll
2013-09-12 06:38 . 2013-08-10 03:59 1767936 ----a-w- c:\windows\SysWow64\wininet.dll
2013-09-12 06:38 . 2013-08-10 05:22 2241024 ----a-w- c:\windows\system32\wininet.dll
2013-09-12 06:38 . 2013-08-10 05:20 15404544 ----a-w- c:\windows\system32\ieframe.dll
2013-09-12 06:38 . 2013-08-10 05:21 19246592 ----a-w- c:\windows\system32\mshtml.dll
2013-09-07 15:33 . 2013-09-17 07:44 -------- d-----w- C:\FRST
2013-09-06 09:37 . 2013-09-13 15:25 -------- d-----w- c:\users\Kishore Reddy\Doctor Web
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-09-12 06:32 . 2011-09-10 10:04 79143768 ----a-w- c:\windows\system32\MRT.exe
2013-08-29 11:01 . 2013-08-29 14:05 460888 ----a-w- c:\windows\system32\drivers\97771742.sys
2013-08-19 07:30 . 2012-04-02 15:46 692104 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-08-19 07:30 . 2012-03-11 09:16 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-08-06 22:52 . 2011-09-16 07:01 278800 ------w- c:\windows\system32\MpSigStub.exe
2013-08-02 01:48 . 2013-09-11 07:38 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2013-07-25 09:25 . 2013-08-15 03:19 1888768 ----a-w- c:\windows\system32\WMVDECOD.DLL
2013-07-25 08:57 . 2013-08-15 03:19 1620992 ----a-w- c:\windows\SysWow64\WMVDECOD.DLL
2013-07-19 01:58 . 2013-08-15 03:19 2048 ----a-w- c:\windows\system32\tzres.dll
2013-07-19 01:41 . 2013-08-15 03:19 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2013-07-09 05:52 . 2013-08-15 03:20 224256 ----a-w- c:\windows\system32\wintrust.dll
2013-07-09 05:51 . 2013-08-15 03:18 1217024 ----a-w- c:\windows\system32\rpcrt4.dll
2013-07-09 05:46 . 2013-08-15 03:20 184320 ----a-w- c:\windows\system32\cryptsvc.dll
2013-07-09 05:46 . 2013-08-15 03:20 1472512 ----a-w- c:\windows\system32\crypt32.dll
2013-07-09 05:46 . 2013-08-15 03:20 139776 ----a-w- c:\windows\system32\cryptnet.dll
2013-07-09 04:52 . 2013-08-15 03:18 663552 ----a-w- c:\windows\SysWow64\rpcrt4.dll
2013-07-09 04:52 . 2013-08-15 03:21 175104 ----a-w- c:\windows\SysWow64\wintrust.dll
2013-07-09 04:46 . 2013-08-15 03:21 140288 ----a-w- c:\windows\SysWow64\cryptsvc.dll
2013-07-09 04:46 . 2013-08-15 03:21 1166848 ----a-w- c:\windows\SysWow64\crypt32.dll
2013-07-09 04:46 . 2013-08-15 03:21 103936 ----a-w- c:\windows\SysWow64\cryptnet.dll
2013-07-06 06:03 . 2013-08-15 05:38 1910208 ----a-w- c:\windows\system32\drivers\tcpip.sys
2013-05-07 14:33 . 2013-03-19 06:51 10965504 ----a-w- c:\program files (x86)\Common Files\lpuninstall.exe
.
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"KeyScrambler"="c:\program files (x86)\KeyScrambler\keyscrambler.exe" [2013-03-26 534160]
"LManager"="c:\program files (x86)\launch manager\lmanager.exe" [2010-08-10 975952]
"IAStorIcon"="c:\program files (x86)\intel\intel® rapid storage technology\iastoricon.exe" [2010-04-13 284696]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2013-07-17 347192]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Secunia PSI Tray.lnk - c:\program files (x86)\Secunia\PSI\psi_tray.exe [2011-10-14 291896]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer2"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ  
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro36]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro36.sys]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37.sys]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37Crusader]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37CrusaderBoot]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-disabled]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe"
"vProt"=c:\program files (x86)\avg secure search\vprot.exe
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
.
R2 Aircel. RunOuc;Aircel. OUC;c:\program files (x86)\Aircel\UpdateDog\ouc.exe;c:\program files (x86)\Aircel\UpdateDog\ouc.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 DirMngr;DirMngr;c:\program files (x86)\GNU\GnuPG\dirmngr.exe;c:\program files (x86)\GNU\GnuPG\dirmngr.exe [x]
R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [x]
R3 btwampfl;Bluetooth AMP USB Filter;c:\windows\system32\drivers\btwampfl.sys;c:\windows\SYSNATIVE\drivers\btwampfl.sys [x]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys;c:\windows\SYSNATIVE\DRIVERS\btwl2cap.sys [x]
R3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;c:\windows\system32\DRIVERS\ew_hwusbdev.sys;c:\windows\SYSNATIVE\DRIVERS\ew_hwusbdev.sys [x]
R3 ew_usbenumfilter;huawei_CompositeFilter;c:\windows\system32\DRIVERS\ew_usbenumfilter.sys;c:\windows\SYSNATIVE\DRIVERS\ew_usbenumfilter.sys [x]
R3 huawei_cdcacm;huawei_cdcacm;c:\windows\system32\DRIVERS\ew_jucdcacm.sys;c:\windows\SYSNATIVE\DRIVERS\ew_jucdcacm.sys [x]
R3 huawei_ext_ctrl;huawei_ext_ctrl;c:\windows\system32\DRIVERS\ew_juextctrl.sys;c:\windows\SYSNATIVE\DRIVERS\ew_juextctrl.sys [x]
R3 huawei_wwanecm;huawei_wwanecm;c:\windows\system32\DRIVERS\ew_juwwanecm.sys;c:\windows\SYSNATIVE\DRIVERS\ew_juwwanecm.sys [x]
R3 PSI;PSI;c:\windows\system32\DRIVERS\psi_mf.sys;c:\windows\SYSNATIVE\DRIVERS\psi_mf.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUStor.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TurboBoost;TurboBoost;c:\program files\Intel\TurboBoost\TurboBoost.exe;c:\program files\Intel\TurboBoost\TurboBoost.exe [x]
R3 ztemtusbser;ZTEMT Legacy Serial Communication;c:\windows\system32\DRIVERS\CT_ZTEMT_U_USBSER.sys;c:\windows\SYSNATIVE\DRIVERS\CT_ZTEMT_U_USBSER.sys [x]
S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys;c:\windows\SYSNATIVE\DRIVERS\avkmgr.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S2 AntiVirSchedulerService;Avira Scheduler;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [x]
S2 AntiVirWebService;Avira Web Protection;c:\program files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE;c:\program files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [x]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [x]
S2 DsiWMIService;Dritek WMI Service;c:\program files (x86)\Launch Manager\dsiwmis.exe;c:\program files (x86)\Launch Manager\dsiwmis.exe [x]
S2 ePowerSvc;Acer ePower Service;c:\program files\Acer\Acer ePower Management\ePowerSvc.exe;c:\program files\Acer\Acer ePower Management\ePowerSvc.exe [x]
S2 GREGService;GREGService;c:\program files (x86)\Acer\Registration\GREGsvc.exe;c:\program files (x86)\Acer\Registration\GREGsvc.exe [x]
S2 HWDeviceService64.exe;HWDeviceService64.exe;c:\programdata\DatacardService\HWDeviceService64.exe;c:\programdata\DatacardService\HWDeviceService64.exe [x]
S2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [x]
S2 NTI IScheduleSvc;NTI IScheduleSvc;c:\program files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe;c:\program files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [x]
S2 Secunia PSI Agent;Secunia PSI Agent;c:\program files (x86)\Secunia\PSI\PSIA.exe;c:\program files (x86)\Secunia\PSI\PSIA.exe [x]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [x]
S2 SSPORT;SSPORT;c:\windows\system32\Drivers\SSPORT.sys;c:\windows\SYSNATIVE\Drivers\SSPORT.sys [x]
S2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys;c:\windows\SYSNATIVE\DRIVERS\TurboB.sys [x]
S2 UNS;Intel® Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [x]
S2 Updater Service;Updater Service;c:\program files\Acer\Acer Updater\UpdaterService.exe;c:\program files\Acer\Acer Updater\UpdaterService.exe [x]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys;c:\windows\SYSNATIVE\DRIVERS\ETD.sys [x]
S3 HECIx64;Intel® Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys;c:\windows\SYSNATIVE\DRIVERS\HECIx64.sys [x]
S3 huawei_enumerator;huawei_enumerator;c:\windows\system32\DRIVERS\ew_jubusenum.sys;c:\windows\SYSNATIVE\DRIVERS\ew_jubusenum.sys [x]
S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys;c:\windows\SYSNATIVE\DRIVERS\Impcd.sys [x]
S3 IntcDAud;Intel® Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 k57nd60a;Broadcom NetLink Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys;c:\windows\SYSNATIVE\DRIVERS\k57nd60a.sys [x]
S3 KeyScrambler;KeyScrambler;c:\windows\system32\drivers\keyscrambler.sys;c:\windows\SYSNATIVE\drivers\keyscrambler.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftfslh.sys [x]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftplaylh.sys [x]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftredirlh.sys [x]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftvollh.sys [x]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-09-20 03:38 1177552 ----a-w- c:\program files (x86)\Google\Chrome\Application\29.0.1547.76\Installer\chrmstp.exe
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Persistence"="c:\windows\system32\igfxpers.exe" [2012-01-10 417560]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-01-10 167704]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-01-10 392984]
"ETDWare"="c:\program files (x86)\elantech\etdctrl.exe" [bU]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
 
 
 
 
IE: Free YouTube Download - c:\users\Kishore Reddy\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm
IE: Free YouTube to MP3 Converter - c:\users\Kishore Reddy\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
 
 
IE: Send image to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
LSP: c:\program files (x86)\Avira\AntiVir Desktop\avsda.dll
FF - ProfilePath - c:\users\Kishore Reddy\AppData\Roaming\Mozilla\Firefox\Profiles\8l8f2rdt.default-1353771796483\
FF - ExtSQL: 2013-09-03 13:38; firefox@ghostery.com; c:\users\Kishore Reddy\AppData\Roaming\Mozilla\Firefox\Profiles\8l8f2rdt.default-1353771796483\extensions\firefox@ghostery.com.xpi
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-Locked - (no file)
SafeBoot-38477474.sys
ShellIconOverlayIdentifiers-{FB314ED9-A251-47B7-93E1-CDD82E34AF8B} - (no file)
ShellIconOverlayIdentifiers-{FB314EDA-A251-47B7-93E1-CDD82E34AF8B} - (no file)
ShellIconOverlayIdentifiers-{FB314EDB-A251-47B7-93E1-CDD82E34AF8B} - (no file)
ShellIconOverlayIdentifiers-{FB314EDC-A251-47B7-93E1-CDD82E34AF8B} - (no file)
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\Approved Extensions]
@Denied: (2) (LocalSystem)
"{18DF081C-E8AD-4283-A596-FA578C2EBDC3}"=hex:51,66,7a,6c,4c,1d,38,12,72,0b,cc,
   1c,9f,a6,ed,07,da,80,b9,17,89,70,f9,d7
"{2B9F5787-88A5-4945-90E7-C4B18563BC5E}"=hex:51,66,7a,6c,4c,1d,38,12,e9,54,8c,
   2f,97,c6,2b,0c,ef,f1,87,f1,80,3d,f8,4a
"{31332EEF-CB9F-458F-AFEB-D30E9A66B6BA}"=hex:51,66,7a,6c,4c,1d,38,12,81,2d,20,
   35,ad,85,e1,00,d0,fd,90,4e,9f,38,f2,ae
"{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}"=hex:51,66,7a,6c,4c,1d,38,12,7c,f0,b1,
   38,5c,21,3d,0e,d9,78,0d,25,e1,c9,8c,d4
"{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}"=hex:51,66,7a,6c,4c,1d,38,12,d5,94,07,
   72,c2,98,42,03,c9,fd,97,9a,f4,87,69,57
"{9030D464-4C02-4ABF-8ECC-5164760863C6}"=hex:51,66,7a,6c,4c,1d,38,12,0a,d7,23,
   94,30,02,d1,0f,f1,da,12,24,73,56,27,d2
"{CC59E0F9-7E43-44FA-9FAA-8377850BF205}"=hex:51,66,7a,6c,4c,1d,38,12,97,e3,4a,
   c8,71,30,94,01,e0,bc,c0,37,80,55,b6,11
"{DBC80044-A445-435B-BC74-9C25C1C588A9}"=hex:51,66,7a,6c,4c,1d,38,12,2a,03,db,
   df,77,ea,35,06,c3,62,df,65,c4,9b,cc,bd
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\ApprovedExtensionsMigration]
@Denied: (2) (LocalSystem)
"Timestamp"=hex:e6,1e,6f,07,11,c4,cd,01
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (LocalSystem)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
   d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,08,60,ce,f5,dc,1a,92,4a,98,22,81,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
   d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,08,60,ce,f5,dc,1a,92,4a,98,22,81,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_8_800_94_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_8_800_94_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_8_800_94_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_8_800_94_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_94.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_94.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_94.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_94.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2013-10-02  12:20:45
ComboFix-quarantined-files.txt  2013-10-02 06:50
ComboFix2.txt  2013-09-25 06:08
ComboFix3.txt  2013-09-23 18:37
ComboFix4.txt  2013-09-23 07:03
ComboFix5.txt  2013-10-02 06:40
.
Pre-Run: 422,435,205,120 bytes free
Post-Run: 422,073,495,552 bytes free
.
- - End Of File - - A92D4B833CF4C9CE11C2CB1ABE9D938E

Share this post


Link to post
Share on other sites

Well speed is good, but we want it working well and safe too.
 
Okay, let's run the following and see if the services are running okay now or not.
 
 
Please download Farbar Service Scanner and run it on the computer with the issue.

  • Make sure ALL the following options are checked:
    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center/Action Center
    • Windows Update
    • Windows Defender
  • Press "Scan".
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the log to your reply.

 

 

 

 

Then run this one as well.
 
Please download MiniToolBox save it to your desktop and run it.

Checkmark the following check-boxes:

  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Devices
  • List Users, Partitions and Memory size.
  • List Minidump Files

Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.

Note: When using Reset FF Proxy Settings option Firefox should be closed.

Share this post


Link to post
Share on other sites

Mr.Ron, the required logs are as follows:

 

Farbar Service Scanner Version: 13-09-2013
Ran by Kishore Reddy (administrator) on 02-10-2013 at 13:28:30
Running from "C:\Users\Kishore Reddy\Desktop"
Microsoft Windows 7 Home Basic  Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************
 
Internet Services:
============
 
Connection Status:
==============
Localhost is accessible.
LAN connected.
Attempt to access Google IP returned error. Other errors
Attempt to access Google.com returned error: Other errors
Attempt to access Yahoo.com returned error: Other errors
 
 
Windows Firewall:
=============
 
Firewall Disabled Policy: 
==================
 
 
System Restore:
============
 
System Restore Disabled Policy: 
========================
 
 
Action Center:
============
 
 
Windows Update:
============
 
Windows Autoupdate Disabled Policy: 
============================
 
 
Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.
 
 
Windows Defender Disabled Policy: 
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1
 
 
Other Services:
==============
 
 
File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
 
 
**** End of log ****
 
 
MiniToolBox by Farbar  Version: 13-07-2013
Ran by Kishore Reddy (administrator) on 02-10-2013 at 13:30:49
Running from "C:\Users\Kishore Reddy\Desktop"
Microsoft Windows 7 Home Basic  Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************
 
========================= Flush DNS: ===================================
 
Windows IP Configuration
 
Successfully flushed the DNS Resolver Cache.
 
========================= IE Proxy Settings: ============================== 
 
Proxy is not enabled.
No Proxy Server is set.
 
"Reset IE Proxy Settings": IE Proxy Settings were reset.
 
========================= FF Proxy Settings: ============================== 
 
 
"Reset FF Proxy Settings": Firefox Proxy settings were reset.
 
========================= Hosts content: =================================
 
127.0.0.1       localhost
 
========================= IP Configuration: ================================
 
HUAWEI Mobile Connect - Network Adapter = Mobile Broadband Connection (Connected)
Broadcom NetLink Gigabit Ethernet = Local Area Connection (Media disconnected)
Broadcom 802.11n Network Adapter = Wireless Network Connection (Media disconnected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 2 (Media disconnected)
 
 
# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4
 
reset
set global icmpredirects=enabled
set subinterface interface=?5. subinterface=ethernet_13 mtu=1477
 
 
popd
# End of IPv4 configuration
 
 
 
Windows IP Configuration
 
   Host Name . . . . . . . . . . . . : KishoreReddy-PC
   Primary Dns Suffix  . . . . . . . : 
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
 
Mobile Broadband adapter Mobile Broadband Connection:
 
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : HUAWEI Mobile Connect - Network Adapter
   Physical Address. . . . . . . . . : 58-2C-80-13-92-63
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::590e:8445:d36f:8004%20(Preferred) 
   IPv4 Address. . . . . . . . . . . : 101.223.164.161(Preferred) 
   Subnet Mask . . . . . . . . . . . : 255.255.255.252
   Default Gateway . . . . . . . . . : 101.223.164.162
   DHCPv6 IAID . . . . . . . . . . . : 307768448
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-14-BA-4C-07-1C-75-08-4A-5E-ED
   DNS Servers . . . . . . . . . . . : 101.223.255.141
                                       101.223.255.142
   NetBIOS over Tcpip. . . . . . . . : Enabled
 
Wireless LAN adapter Wireless Network Connection 2:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter
   Physical Address. . . . . . . . . : 88-9F-FA-52-86-8D
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
 
Wireless LAN adapter Wireless Network Connection:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Broadcom 802.11n Network Adapter
   Physical Address. . . . . . . . . : 88-9F-FA-52-86-8D
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
 
Ethernet adapter Local Area Connection:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : ACERGAIA
   Description . . . . . . . . . . . : Broadcom NetLink Gigabit Ethernet
   Physical Address. . . . . . . . . : 1C-75-08-4A-5E-ED
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter isatap.{6DDA0891-7C2F-43AB-A1E5-AD63177F46A2}:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter isatap.{7192A182-B59A-456C-8073-B43B8598DC04}:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter isatap.ACERGAIA:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter isatap.{CB371C0D-BBF8-4D21-8847-F7504903E527}:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #4
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter 6TO4 Adapter:
 
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft 6to4 Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2002:65df:a4a1::65df:a4a1(Preferred) 
   Default Gateway . . . . . . . . . : 
   DNS Servers . . . . . . . . . . . : 101.223.255.141
                                       101.223.255.142
   NetBIOS over Tcpip. . . . . . . . : Disabled
 
Tunnel adapter Teredo Tunneling Pseudo-Interface:
 
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2001:0:4137:9e76:3050:2049:9a20:5b5e(Preferred) 
   Link-local IPv6 Address . . . . . : fe80::3050:2049:9a20:5b5e%15(Preferred) 
   Default Gateway . . . . . . . . . : 
   NetBIOS over Tcpip. . . . . . . . : Disabled
DNS request timed out.
    timeout was 2 seconds.
Server:  UnKnown
Address:  101.223.255.141
 
DNS request timed out.
    timeout was 2 seconds.
DNS request timed out.
    timeout was 2 seconds.
DNS request timed out.
    timeout was 2 seconds.
Name:    google.com
Address:  2404:6800:4001:c01::66
 
 
Pinging google.com [74.125.135.102] with 32 bytes of data:
General failure.
General failure.
 
Ping statistics for 74.125.135.102:
    Packets: Sent = 2, Received = 0, Lost = 2 (100% loss),
Server:  UnKnown
Address:  101.223.255.141
 
Name:    yahoo.com
Addresses:  206.190.36.45
 98.139.183.24
 98.138.253.109
 
 
Pinging yahoo.com [98.139.183.24] with 32 bytes of data:
General failure.
General failure.
 
Ping statistics for 98.139.183.24:
    Packets: Sent = 2, Received = 0, Lost = 2 (100% loss),
 
Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
 
Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
 20...58 2c 80 13 92 63 ......HUAWEI Mobile Connect - Network Adapter
 17...88 9f fa 52 86 8d ......Microsoft Virtual WiFi Miniport Adapter
 13...88 9f fa 52 86 8d ......Broadcom 802.11n Network Adapter
 10...1c 75 08 4a 5e ed ......Broadcom NetLink Gigabit Ethernet
  1...........................Software Loopback Interface 1
 19...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
 21...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
 18...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #3
 34...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #4
 14...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter
 15...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================
 
IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0  101.223.164.162  101.223.164.161    296
  101.223.164.160  255.255.255.252         On-link   101.223.164.161    296
  101.223.164.161  255.255.255.255         On-link   101.223.164.161    296
  101.223.164.163  255.255.255.255         On-link   101.223.164.161    296
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link   101.223.164.161    296
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link   101.223.164.161    296
===========================================================================
Persistent Routes:
  None
 
IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
  1    306 ::1/128                  On-link
 15     58 2001::/32                On-link
 15    306 2001:0:4137:9e76:3050:2049:9a20:5b5e/128
                                    On-link
 14   1040 2002::/16                On-link
 14    296 2002:65df:a4a1::65df:a4a1/128
                                    On-link
 20    296 fe80::/64                On-link
 15    306 fe80::/64                On-link
 15    306 fe80::3050:2049:9a20:5b5e/128
                                    On-link
 20    296 fe80::590e:8445:d36f:8004/128
                                    On-link
  1    306 ff00::/8                 On-link
 15    306 ff00::/8                 On-link
 20    296 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================
 
Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\wshbth.dll [36352] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 07 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog9 01 C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll [258104] (Avira Operations GmbH & Co. KG)
Catalog9 02 C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll [258104] (Avira Operations GmbH & Co. KG)
Catalog9 03 C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll [258104] (Avira Operations GmbH & Co. KG)
Catalog9 04 C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll [258104] (Avira Operations GmbH & Co. KG)
Catalog9 05 C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll [258104] (Avira Operations GmbH & Co. KG)
Catalog9 06 C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll [258104] (Avira Operations GmbH & Co. KG)
Catalog9 07 C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll [258104] (Avira Operations GmbH & Co. KG)
Catalog9 08 C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll [258104] (Avira Operations GmbH & Co. KG)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 11 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 12 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 13 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 14 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 15 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 16 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 17 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 18 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 19 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 20 C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll [258104] (Avira Operations GmbH & Co. KG)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\wshbth.dll [47104] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 07 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog9 01 C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll [231480] (Avira Operations GmbH & Co. KG)
x64-Catalog9 02 C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll [231480] (Avira Operations GmbH & Co. KG)
x64-Catalog9 03 C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll [231480] (Avira Operations GmbH & Co. KG)
x64-Catalog9 04 C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll [231480] (Avira Operations GmbH & Co. KG)
x64-Catalog9 05 C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll [231480] (Avira Operations GmbH & Co. KG)
x64-Catalog9 06 C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll [231480] (Avira Operations GmbH & Co. KG)
x64-Catalog9 07 C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll [231480] (Avira Operations GmbH & Co. KG)
x64-Catalog9 08 C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll [231480] (Avira Operations GmbH & Co. KG)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 11 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 12 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 13 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 14 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 15 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 16 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 17 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 18 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 19 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 20 C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll [231480] (Avira Operations GmbH & Co. KG)
 
========================= Event log errors: ===============================
 
Application errors:
==================
Error: (10/02/2013 00:08:31 PM) (Source: CVHSVC) (User: )
Description: Information only.
(Patch task for {90140011-0066-0409-0000-0000000FF1CE}): DownloadLatest Failed: There are currently no active network connections. Background Intelligent Transfer Service (BITS) will try again when an adapter is connected.
 
Error: (10/02/2013 10:56:34 AM) (Source: CVHSVC) (User: )
Description: Information only.
(Patch task for {90140011-0066-0409-0000-0000000FF1CE}): DownloadLatest Failed: There are currently no active network connections. Background Intelligent Transfer Service (BITS) will try again when an adapter is connected.
 
Error: (10/01/2013 08:04:37 PM) (Source: CVHSVC) (User: )
Description: Information only.
(Patch task for {90140011-0066-0409-0000-0000000FF1CE}): DownloadLatest Failed: There are currently no active network connections. Background Intelligent Transfer Service (BITS) will try again when an adapter is connected.
 
Error: (10/01/2013 02:02:22 PM) (Source: CVHSVC) (User: )
Description: Information only.
(Patch task for {90140011-0066-0409-0000-0000000FF1CE}): DownloadLatest Failed: There are currently no active network connections. Background Intelligent Transfer Service (BITS) will try again when an adapter is connected.
 
Error: (10/01/2013 01:48:16 PM) (Source: CVHSVC) (User: )
Description: Information only.
(Patch task for {90140011-0066-0409-0000-0000000FF1CE}): DownloadLatest Failed: There are currently no active network connections. Background Intelligent Transfer Service (BITS) will try again when an adapter is connected.
 
Error: (10/01/2013 10:27:56 AM) (Source: CVHSVC) (User: )
Description: Information only.
(Patch task for {90140011-0066-0409-0000-0000000FF1CE}): DownloadLatest Failed: There are currently no active network connections. Background Intelligent Transfer Service (BITS) will try again when an adapter is connected.
 
Error: (09/29/2013 02:54:06 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
 
Error: (09/28/2013 10:22:47 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
 
Error: (09/27/2013 09:29:36 PM) (Source: CVHSVC) (User: )
Description: Information only.
(Patch task for {90140011-0066-0409-0000-0000000FF1CE}): DownloadLatest Failed: The server name or address could not be resolved
 
Error: (09/27/2013 00:08:56 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
 
 
System errors:
=============
Error: (10/02/2013 00:30:10 PM) (Source: Service Control Manager) (User: )
Description: The Aircel. OUC service failed to start due to the following error: 
%%1053
 
Error: (10/02/2013 00:30:10 PM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Aircel. OUC service to connect.
 
Error: (10/02/2013 00:17:41 PM) (Source: Service Control Manager) (User: )
Description: The PEVSystemStart service is marked as an interactive service.  However, the system is configured to not allow interactive services.  This service may not function properly.
 
Error: (10/02/2013 00:17:06 PM) (Source: Application Popup) (User: )
Description: \??\C:\ComboFix\catchme.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.
 
Error: (10/02/2013 00:17:06 PM) (Source: Application Popup) (User: )
Description: \??\C:\ComboFix\catchme.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.
 
Error: (10/02/2013 00:15:05 PM) (Source: Service Control Manager) (User: )
Description: The PEVSystemStart service is marked as an interactive service.  However, the system is configured to not allow interactive services.  This service may not function properly.
 
Error: (10/02/2013 00:10:54 PM) (Source: Service Control Manager) (User: )
Description: The DirMngr service terminated unexpectedly.  It has done this 1 time(s).
 
Error: (10/02/2013 11:58:09 AM) (Source: Service Control Manager) (User: )
Description: The Aircel. OUC service failed to start due to the following error: 
%%1053
 
Error: (10/02/2013 11:58:09 AM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Aircel. OUC service to connect.
 
Error: (10/02/2013 11:50:22 AM) (Source: Service Control Manager) (User: )
Description: The Aircel. OUC service failed to start due to the following error: 
%%1053
 
 
Microsoft Office Sessions:
=========================
Error: (10/02/2013 00:08:31 PM) (Source: CVHSVC)(User: )
Description: (Patch task for {90140011-0066-0409-0000-0000000FF1CE}): DownloadLatest Failed: There are currently no active network connections. Background Intelligent Transfer Service (BITS) will try again when an adapter is connected.
 
Error: (10/02/2013 10:56:34 AM) (Source: CVHSVC)(User: )
Description: (Patch task for {90140011-0066-0409-0000-0000000FF1CE}): DownloadLatest Failed: There are currently no active network connections. Background Intelligent Transfer Service (BITS) will try again when an adapter is connected.
 
Error: (10/01/2013 08:04:37 PM) (Source: CVHSVC)(User: )
Description: (Patch task for {90140011-0066-0409-0000-0000000FF1CE}): DownloadLatest Failed: There are currently no active network connections. Background Intelligent Transfer Service (BITS) will try again when an adapter is connected.
 
Error: (10/01/2013 02:02:22 PM) (Source: CVHSVC)(User: )
Description: (Patch task for {90140011-0066-0409-0000-0000000FF1CE}): DownloadLatest Failed: There are currently no active network connections. Background Intelligent Transfer Service (BITS) will try again when an adapter is connected.
 
Error: (10/01/2013 01:48:16 PM) (Source: CVHSVC)(User: )
Description: (Patch task for {90140011-0066-0409-0000-0000000FF1CE}): DownloadLatest Failed: There are currently no active network connections. Background Intelligent Transfer Service (BITS) will try again when an adapter is connected.
 
Error: (10/01/2013 10:27:56 AM) (Source: CVHSVC)(User: )
Description: (Patch task for {90140011-0066-0409-0000-0000000FF1CE}): DownloadLatest Failed: There are currently no active network connections. Background Intelligent Transfer Service (BITS) will try again when an adapter is connected.
 
Error: (09/29/2013 02:54:06 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe
 
Error: (09/28/2013 10:22:47 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe
 
Error: (09/27/2013 09:29:36 PM) (Source: CVHSVC)(User: )
Description: (Patch task for {90140011-0066-0409-0000-0000000FF1CE}): DownloadLatest Failed: The server name or address could not be resolved
 
Error: (09/27/2013 00:08:56 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe
 
 
CodeIntegrity Errors:
===================================
  Date: 2013-10-02 12:17:06.705
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2013-10-02 12:17:06.565
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2013-10-02 12:17:06.409
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2013-10-02 12:17:06.268
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2013-09-20 13:19:22.806
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2013-09-20 13:19:22.681
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2013-09-20 13:19:22.557
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2013-09-20 13:19:22.432
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2013-09-12 13:27:41.653
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2013-09-12 13:27:41.528
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
 
=========================== Installed Programs ============================
 
7-Zip 9.22beta
Acer Backup Manager (Version: 2.0.0.68)
Acer Crystal Eye webcam (Version: 1.0.4.5)
Acer ePower Management (Version: 5.00.3005)
Acer eRecovery Management (Version: 4.05.3013)
Acer GameZone Console (Version: 6.1.0.40435)
Acer Registration (Version: 1.03.3003)
Acer ScreenSaver (Version: 1.1.0707.2010)
Acer Updater (Version: 1.02.3001)
Acrobat.com (Version: 1.6.65)
Adobe Community Help (Version: 3.5.23)
Adobe Flash Player 11 ActiveX (Version: 11.8.800.94)
Adobe Flash Player 11 Plugin (Version: 11.8.800.94)
Adobe Reader XI (11.0.03) (Version: 11.0.03)
Advanced Renamer (Version: 3.53)
Aegisub 3.0.4 (Version: 3.0.4)
AeroWallpaperChanger (Version: 1.1.0.2)
Aircel (Version: 23.009.05.01.850)
Any Video Converter 3.5.5
Ashampoo Burning Studio 2012 v.10.0.15 (Version: 10.0.15)
Astroburn Lite (Version: 1.8.0.0182)
Audacity 2.0.3 (Version: 2.0.3)
Avidemux 2.6 (Version: 2.6.1.8321)
Avira Free Antivirus (Version: 13.0.0.4052)
AviSynth 2.5
AxCrypt 1.7.2931.0 (Version: 1.7.2931.0)
Backup Manager Basic (Version: 2.0.0.68)
Belarc Advisor 8.3 (Version: 8.3.0.0)
BitMeter
Broadcom Gigabit NetLink Controller (Version: 14.0.2.3)
calibre (Version: 0.9.33)
CCleaner (Version: 4.05)
Cheat Engine 6.2
CyberLink PowerDVD 9 (Version: 9.0.3814.50)
DAEMON Tools Lite (Version: 4.47.1.0333)
Daum PotPlayer 1.5.39007 x64 Edition
DVD Decrypter (Remove Only)
DVD Shrink 3.2
Eraser 6.0.10.2620 (Version: 6.0.2620)
ESET Online Scanner v3
eSobi v2 (Version: 2.0.4.000274)
ETDWare PS/2-x64 7.0.6.5_WHQL (Version: 7.0.6.5)
FormatFactory 3.00 (Version: 3.00)
Free Download Manager 3.9.2
Free Studio version 5.7.6.1015 (Version: 5.7.6.1015)
FreeOCR v4.2
GIMP 2.8.4 (Version: 2.8.4)
GnuCash 2.4.13
Google Chrome (Version: 29.0.1547.76)
Google Earth (Version: 7.1.1.1888)
Gpg4win (2.1.1) (Version: 2.1.1)
GPL Ghostscript (Version: 9.07)
HandBrake 0.9.8 (Version: 0.9.8)
Identity Card (Version: 1.00.3003)
ImgBurn (Version: 2.5.8.0)
Inkscape 0.48.4 (Version: 0.48.4)
Intel® Control Center (Version: 1.2.1.1007)
Intel® Graphics Media Accelerator Driver (Version: 8.15.10.2182)
Intel® Management Engine Components (Version: 6.0.0.1179)
Intel® Rapid Storage Technology (Version: 9.6.2.1001)
Intel® Turbo Boost Technology Monitor (Version: 1.0.186.6)
Internet Explorer (Enable DEP)
Junk Mail filter update (Version: 14.0.8117.416)
KC Softwares SUMo
KeyScrambler (Version: 3.1.0.0)
K-Lite Mega Codec Pack 9.9.4 (Version: 9.9.4)
LADSPA_plugins-win-0.4.15
LastPass(uninstall only)
Launch Manager (Version: 4.0.14)
Lernout & Hauspie TruVoice American English TTS Engine
LibreOffice 4.0 Help Pack (English) (Version: 4.0.4.2)
LibreOffice 4.0.4.2 (Version: 4.0.4.2)
MailWasher (Version: 7.1.5)
Malwarebytes Anti-Malware version 1.75.0.1300 (Version: 1.75.0.1300)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Choice Guard (Version: 2.0.48.0)
Microsoft Office 2010 (Version: 14.0.4763.1000)
Microsoft Office Click-to-Run 2010 (Version: 14.0.4763.1000)
Microsoft Office Starter 2010 - English (Version: 14.0.4763.1000)
Microsoft Silverlight (Version: 5.1.20513.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Text-to-Speech Engine 4.0 (English)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft_VC80_ATL_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_ATL_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_CRT_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_CRT_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86_x64 (Version: 80.50727.4053)
Microsoft_VC90_ATL_x86 (Version: 1.00.0000)
Microsoft_VC90_ATL_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_CRT_x86 (Version: 1.00.0000)
Microsoft_VC90_CRT_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_MFC_x86 (Version: 1.00.0000)
Microsoft_VC90_MFC_x86_x64 (Version: 1.00.0000)
Mozilla Firefox 24.0 (x86 en-US) (Version: 24.0)
Mozilla Maintenance Service (Version: 24.0)
MSVC90_x64 (Version: 1.0.1.2)
MSVC90_x86 (Version: 1.0.1.2)
MSVCRT (Version: 14.0.1468.721)
MusicBee 2.1 (Version: 2.1)
Nokia Connectivity Cable Driver (Version: 7.1.78.0)
Nokia PC Suite (Version: 7.1.180.94)
Paint.NET v3.5.10 (Version: 3.60.0)
PC Connectivity Solution (Version: 12.0.27.0)
PDFCreator (Version: 1.5.0)
PDFill PDF Editor with FREE Writer and FREE Tools (Version: 10.0)
PDF-Viewer (Version: 2.5.208.0)
PDF-XChange Viewer (Version: 2.5.206.0)
PhotoScape
Python 2.7.5 (Version: 2.7.5150)
RapidTyping (Version: 4.6.5)
Realtek High Definition Audio Driver (Version: 6.0.1.6141)
Realtek USB 2.0 Card Reader (Version: 6.1.7600.30122)
Recuva (Version: 1.46)
Revo Uninstaller 1.94 (Version: 1.94)
Samsung ML-2010 Series
Sandboxie 3.76 (64-bit) (Version: 3.76)
Secunia PSI (2.0.0.4003) (Version: 2.0.0.4003)
SecurityKISS Tunnel v0.3.0
Sizer 3.34 (Version: 3.3.4.0)
Speakonia (Version: 1.0.3.5)
Speccy (Version: 1.20)
TrueCrypt (Version: 7.1a)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (Version: 1)
Valkyrie Uploader 1.0
Visual Studio 2008 x64 Redistributables (Version: 10.0.0.2)
VLC media player 2.0.8 (Version: 2.0.8)
VobSub v2.23 (Remove Only)
WebSite Downloader 1.1 (Version: 1.1)
Welcome Center (Version: 1.02.3004)
WIDCOMM Bluetooth Software (Version: 6.3.0.6000)
Windows Driver Package - Nokia Modem  (02/25/2011 4.7) (Version: 02/25/2011 4.7)
Windows Driver Package - Nokia Modem  (02/25/2011 7.01.0.9) (Version: 02/25/2011 7.01.0.9)
Windows Driver Package - Nokia pccsmcfd LegacyDriver  (05/31/2012 7.1.2.0) (Version: 05/31/2012 7.1.2.0)
Windows Live Call (Version: 14.0.8117.0416)
Windows Live Communications Platform (Version: 14.0.8117.416)
Windows Live Essentials (Version: 14.0.8117.0416)
Windows Live Essentials (Version: 14.0.8117.416)
Windows Live Mail (Version: 14.0.8117.0416)
Windows Live Messenger (Version: 14.0.8117.0416)
Windows Live Movie Maker (Version: 14.0.8117.0416)
Windows Live Photo Gallery (Version: 14.0.8117.416)
Windows Live Sign-in Assistant (Version: 5.000.818.5)
Windows Live Sync (Version: 14.0.8117.416)
Windows Live Upload Tool (Version: 14.0.8014.1029)
Windows Live Writer (Version: 14.0.8117.0416)
yEd Graph Editor 3.10.2 (Version: 3.10.2)
 
========================= Devices: ================================
 
 
========================= Memory info: ===================================
 
Percentage of memory in use: 45%
Total physical RAM: 2806.71 MB
Available physical RAM: 1536.34 MB
Total Pagefile: 5611.61 MB
Available Pagefile: 3693.96 MB
Total Virtual: 4095.88 MB
Available Virtual: 3965.89 MB
 
========================= Partitions: =====================================
 
1 Drive c: (Acer) (Fixed) (Total:452.66 GB) (Free:393.18 GB) NTFS
4 Drive f: (Aircel) (CDROM) (Total:0.07 GB) (Free:0 GB) CDFS
 
========================= Users: ========================================
 
User accounts for \\KISHOREREDDY-PC
 
Administrator            Guest                    Kishore Reddy            
 
========================= Minidump Files ==================================
 
No minidump file found
 
 
**** End of log ****
 

Share this post


Link to post
Share on other sites

yes, i am online. the service may be a somewhat slow. thankyou.

Share this post


Link to post
Share on other sites

Is this computer actually online?  Can you access Internet sites from this computer?

The logs seem to indicate that the network is not working.

Share this post


Link to post
Share on other sites

Mr.Ron, if i am not online how can i reply to you in this forum. i am using windows firewall notifier and it does not allow any out going connection without my permission. thankyou.

Share this post


Link to post
Share on other sites

Users often will copy the results to a USB stick and then post from another computer when not working.

 

Aside from this error most of the system appears to be working okay.

 

Error: (10/02/2013 11:58:09 AM) (Source: Service Control Manager) (User: )
Description: The Aircel. OUC service failed to start due to the following error: 
%%1053
 
How is the computer working for you now?
Are you experiencing any malware issues or seeing anything wrong?

Share this post


Link to post
Share on other sites

Mr.Ron, everything seems to be ok. the earlier problems are all resolved and the system is running quite nicely.the final decision in this regard is yours. you have to decide that the system is ok. thankyou.

Share this post


Link to post
Share on other sites

Well I'm not seeing anymore signs of an infection in the logs at this time. There is still some damage but that is beyond the scope of malware detection and removal as you might actually need to reinstall Windows in order to correct all errors caused by the infections.

 


Let's go ahead and remove the tools and logs we've used during this process.

Most of the tools used are potentially dangerous to use unsupervised or if ran at the wrong time.
They are often updated daily so if you went to use them again in the future they would be outdated anyways.

The following procedures will implement some cleanup procedures to remove these tools.
It will also reset your System Restore by flushing out previous restore points and create a new restore point.
It will also remove all the backups our tools may have created.

Uninstall ComboFix (if used):

  • Turn off all active protection software including your antivirus.
  • Push the "Windows key" + "R" (between the "Ctrl" button and "Alt" Button)
  • Please copy and past the following into the box ComboFix /Uninstall and click OK.
  • Note the space between the X and the /Uninstall, it needs to be there.

CF-Uninstall.png

Remove the rest of the tools used:





Please download OTCleanIt and save it to your Desktop. This tool will remove all the tools we used to clean your pc.

  • Double-click OTCleanIt.exe.
  • Click the CleanUp! button.
  • Select Yes when the "Begin cleanup Process?" prompt appears.
  • If you are prompted to Reboot during the cleanup, select Yes.
  • The tool will delete itself once it finishes, if not go ahead and delete it by yourself.
  • If asked to restart the computer, please do so

Note: If you receive a warning from your firewall or other security programs regarding OTCleanIt attempting to contact the internet, please allow it to do so.

AdwCleaner Removal:


  • Double click on AdwCleaner.exe to run the tool.
  • Click on Uninstall
  • Confirm with Yes

ESET antivirus Removal:


  • This tool can be uninstalled via the Control Panel, Programs, Uninstall

If there are any other left over Folders, Files, Logs then you can delete them on your own.

Please visit the following link to see how to delete old System Restore Points. Please delete all of them and create a new one at this time.
How to Delete System Protection Restore Points in Windows 7 and Windows 8

Remove all but the most recent Restore Point on Windows XP


As Java seems to get exploited on a regular basis I advise not using Java if possible but to at least disable java in your web browsers
How do I disable Java in my web browser? - Disable Java

A lot of reading here but if you take the time to read a bit of it you'll see why/how infections and general damage are so easily inflicted on the computer. There is also advice on how to prevent it and keep the system working well. Don't forget about good, solid backups of your data to an external drive that is not connected except when backing up your data. If you leave a backup drive connected and you do get infected it can easily damage, encrypt, delete, or corrupt your backups as well and then you'd lose all data.
Nothing is 100% bulletproof but with a little bit of education you can certainly swing things in your favor.

 
If you're not currently using Malwarebytes PRO then you may want to consider purchasing the product which can also help greatly reduce the risk of a future infection.
 

 

 

 

 

Share this post


Link to post
Share on other sites

Mr.Ron, i have the following on my Desktop. do you want me to manually delete them. thankyou.

 

  • Drweb-cureit
  • avg-remover
  • aswclear
  • VEW
  • JRT
  • rkill
  • erunt-setup
  • security check
  • security look
  • TFC

Share this post


Link to post
Share on other sites

Mr.Ron, saved TFC for future use and manually deleted all other tools from the desktop. do you want me to use Avira AV or go back to MSE. what shall i do about Threatfire, do i have any other option of HIPS in its place. there are some left over folders of Advanced system care do i need to manually delete them and the last thing, can i reinstall Notepad++ . thankyou.

Share this post


Link to post
Share on other sites

I would use Avira myself as it's a better antivirus product.   Threatfire has not been updated in years that I know of but if you want to run it then I suppose it should be okay.

 

As long as you've run the uninstaller for Advanced system care then you should be able to manually delete any left over folders for that program.

Yes you can reinstall Notepad++ (great program, I use it too).

 

Let me get a new MBAM Quick Scan log please, check for updates first.

Share this post


Link to post
Share on other sites

Hello Mr. Ron, the required MBAM log is posted below. i will install Notepad++ & Threatfire  and rescan with MBAM and post that log. thankyou.

 

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org
 
Database version: v2013.10.02.07
 
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16686
Kishore Reddy :: KISHOREREDDY-PC [administrator]
 
02/10/2013 22:31:15
mbam-log-2013-10-02 (22-31-15).txt
 
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P
Scan options disabled: 
Objects scanned: 208439
Time elapsed: 4 minute(s), 44 second(s)
 
Memory Processes Detected: 0
(No malicious items detected)
 
Memory Modules Detected: 0
(No malicious items detected)
 
Registry Keys Detected: 0
(No malicious items detected)
 
Registry Values Detected: 0
(No malicious items detected)
 
Registry Data Items Detected: 0
(No malicious items detected)
 
Folders Detected: 0
(No malicious items detected)
 
Files Detected: 0
(No malicious items detected)
 
(end)

Share this post


Link to post
Share on other sites

Mr.Ron, the problem has resurfaced after reinstalling Notepad++ and Threatfire. the MBAM scan log is as follows:

 

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org
 
Database version: v2013.10.02.07
 
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16686
Kishore Reddy :: KISHOREREDDY-PC [administrator]
 
02/10/2013 23:47:31
mbam-log-2013-10-02 (23-47-31).txt
 
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P
Scan options disabled: 
Objects scanned: 208341
Time elapsed: 4 minute(s), 44 second(s)
 
Memory Processes Detected: 0
(No malicious items detected)
 
Memory Modules Detected: 0
(No malicious items detected)
 
Registry Keys Detected: 0
(No malicious items detected)
 
Registry Values Detected: 0
(No malicious items detected)
 
Registry Data Items Detected: 0
(No malicious items detected)
 
Folders Detected: 1
c:\users\kishore reddy\appdata\roaming\delta (PUP.Optional.Delta.A) -> Quarantined and deleted successfully.
 
Files Detected: 3
c:\users\kishore reddy\appdata\roaming\delta\sqlite3.dll (PUP.Optional.Delta.A) -> Delete on reboot.
c:\users\kishore reddy\appdata\local\google\chrome\user data\default\bprotector web data (PUP.Optional.BProtector.A) -> Delete on reboot.
c:\users\kishore reddy\appdata\local\google\chrome\user data\default\bprotectorpreferences (PUP.Optional.BProtector.A) -> Delete on reboot.
 
(end)

Share this post


Link to post
Share on other sites

It has to be Threatfire.  That is an old program and does do blocking.  I don't use the program myself but look and see if there is someway to allow or whitelist the MBAM program folder and it's files.  I use Notepad++ myself so I don't think that is it.   I'll download a new fresh copy and see what it does on my system.

Share this post


Link to post
Share on other sites
Guest
This topic is now closed to further replies.
Sign in to follow this  

  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.