[Inactive] Internet is slow in lan but fast in wifi

sritce · Nov 14, 2010

Hi,,
my browsing is too slowbut getting good download speed in torrents.same internet connection,but try in my laptop using wifi ,speed is pretty good..kindly guide me to disinfect my system

Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Database version: 5111

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

11/14/2010 6:54:20 PM
mbam-log-2010-11-14 (18-54-20).txt

Scan type: Quick scan
Objects scanned: 140195
Time elapsed: 5 minute(s), 46 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)
**********************************************************************|

DDS (Ver_10-10-21.02) - NTFSx86
Run by sri at 17:59:09.79 on Sun 11/14/2010
Internet Explorer: 8.0.7600.16385
Microsoft Windows 7 Ultimate 6.1.7600.0.1252.1.1033.18.3070.2163 [GMT 5.5:30]

============== Running Processes ===============

C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\Dwm.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
C:\Windows\system32\STacSV.exe
C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k secsvcs
c:\program files\windows defender\MpCmdRun.exe
C:\Windows\System32\rundll32.exe
C:\Windows\explorer.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\sri\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\sri\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\sri\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\sri\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\sri\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\sri\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\sri\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\sri\AppData\Local\Google\Chrome\Application\chrome.exe
E:\New folder\gmer.exe
E:\New folder\dds.scr
C:\Windows\system32\conhost.exe
C:\Windows\system32\wbem\wmiprvse.exe

============== Pseudo HJT Report ===============

uStart Page = about:blank
uURLSearchHooks: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - c:\program files\utorrentbar\tbuTor.dll
mURLSearchHooks: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - c:\program files\utorrentbar\tbuTor.dll
BHO: IDMIEHlprObj Class: {0055c089-8582-441b-a0bf-17b458c2a3a8} - c:\program files\internet download manager\IDMIECC.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Conduit Engine: {30f9b915-b755-4826-820b-08fba6bd249d} - c:\program files\conduitengine\ConduitEngine.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\progra~1\micros~2\office12\GR469A~1.DLL
BHO: FlashGetBHO: {b070d3e3-fec0-47d9-8e8a-99d4eeb3d3b0} - c:\users\sri\appdata\roaming\flashgetbho\FlashGetBHO3.dll
BHO: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - c:\program files\utorrentbar\tbuTor.dll
BHO: Ask Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - c:\program files\ask.com\GenericAskToolbar.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
TB: Ask Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - c:\program files\ask.com\GenericAskToolbar.dll
TB: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - c:\program files\utorrentbar\tbuTor.dll
TB: Conduit Engine: {30f9b915-b755-4826-820b-08fba6bd249d} - c:\program files\conduitengine\ConduitEngine.dll
uRun: [SRS Audio Sandbox] "c:\program files\srs labs\audio sandbox\SRSSSC.exe" /hideme
uRun: [IDMan] c:\program files\internet download manager\IDMan.exe /onboot
uRun: [uTorrent] "c:\program files\utorrent\uTorrent.exe"
mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray
mRun: [egui] "c:\program files\eset\eset nod32 antivirus\egui.exe" /hide /waitservice
mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableLUA = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
mPolicies-system: PromptOnSecureDesktop = 0 (0x0)
IE: Download All By FlashGet3 - c:\users\sri\appdata\roaming\flashgetbho\GetAllUrl.htm
IE: Download all links with IDM - c:\program files\internet download manager\IEGetAll.htm
IE: Download By FlashGet3 - c:\users\sri\appdata\roaming\flashgetbho\GetUrl.htm
IE: Download FLV video content with IDM - c:\program files\internet download manager\IEGetVL.htm
IE: Download with IDM - c:\program files\internet download manager\IEExt.htm
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~2\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL
Trusted Zone: kuaiche.com\software
DPF: {2BCDB465-81F9-41CB-832C-8037A4064446} - c:\users\sri\appdata\local\temp\f5tmp\urxvpn.cab
DPF: {41EF3CD2-D8CC-4438-84B1-280BB4E77C8E} - c:\users\sri\appdata\local\temp\f5tmp\f5tunsrv.cab
DPF: {45B69029-F3AB-4204-92DE-D5140C3E8E74} - c:\users\sri\appdata\local\temp\ixp000.tmp\InstallerControl.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {983A9C21-8207-4B58-BBB8-0EBC3D7C5505} - hxxps://inblrm04.tcs.com/dwa8W.cab
DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CC85ACDF-B277-486F-8C70-2C9B2ED2A4E7} - c:\users\sri\appdata\local\temp\f5tmp\urxshost.cab
DPF: {E0FF21FA-B857-45C5-8621-F120A0C17FF2} - c:\users\sri\appdata\local\temp\f5tmp\urxhost.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\progra~1\micros~2\office12\GRA32A~1.DLL
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\progra~1\micros~2\office12\GR469A~1.DLL

================= FIREFOX ===================

FF - ProfilePath - c:\users\sri\appdata\roaming\mozilla\firefox\profiles\yd7m4oub.default\
FF - prefs.js: network.proxy.type - 0
FF - component: c:\users\sri\appdata\roaming\idm\idmmzcc3\components\idmmzcc.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\users\sri\appdata\local\google\update\1.2.183.39\npGoogleOneClick8.dll

---- FIREFOX POLICIES ----
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--fiqz9s", true); // Traditional
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--fiqs8s", true); // Simplified
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--j6w193g", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4a87g", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbqly7c0a67fbc", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbqly7cvafr", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--kpry57d", true); // Traditional
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--kprw13d", true); // Simplified

============= SERVICES / DRIVERS ===============

R2 ekrn;ESET Service;c:\program files\eset\eset nod32 antivirus\ekrn.exe [2009-5-14 731840]
R2 epfwwfpr;epfwwfpr;c:\windows\system32\drivers\epfwwfpr.sys [2009-5-14 93312]
R2 Hamachi2Svc;LogMeIn Hamachi 2.0 Tunneling Engine;c:\program files\logmein hamachi\hamachi-2.exe [2010-3-30 1107336]
R2 IDMWFP;IDMWFP;c:\windows\system32\drivers\idmwfp.sys [2010-9-30 71336]
R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2010-10-27 304464]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\nvidia corporation\3d vision\nvSCPAPISvr.exe [2009-7-14 239648]
R2 TeamViewer5;TeamViewer 5;c:\program files\teamviewer\version5\TeamViewer_Service.exe [2010-11-10 2011944]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2010-10-27 20952]
R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2010-10-27 38224]
R3 urvpndrv;F5 Networks VPN Adapter;c:\windows\system32\drivers\covpnwlh.sys [2010-1-26 34944]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-14 229888]
S3 f5ipfw;F5 Networks StoneWall Filter;c:\windows\system32\drivers\urfltwlh.sys [2010-10-30 13952]
S3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\wat\WatAdminSvc.exe [2010-10-28 1343400]

=============== Created Last 30 ================

2010-11-12 15:12:46 -------- d-----w- c:\users\sri\appdata\roaming\BITS
2010-11-12 15:12:45 -------- d-----w- c:\users\sri\appdata\roaming\FlashGet
2010-11-12 15:12:40 -------- d-----w- c:\users\sri\appdata\roaming\FlashGetBHO
2010-11-12 15:12:38 -------- d-----w- c:\program files\FlashGet Network
2010-11-12 13:49:39 -------- d-----w- c:\users\sri\appdata\roaming\DonationCoder
2010-11-12 13:49:35 -------- d-----w- c:\program files\WinPcap
2010-11-12 13:49:03 -------- d-----w- c:\program files\URLSnooper2
2010-11-12 13:49:03 -------- d-----w- c:\progra~2\DonationCoder
2010-11-12 12:58:56 6146896 ----a-w- c:\progra~2\microsoft\windows defender\definition updates\{ee4859bc-26ec-443a-a815-66ec6fc04319}\mpengine.dll
2010-11-11 04:24:10 -------- d-----w- c:\users\sri\appdata\roaming\PDF Writer
2010-11-11 04:24:10 -------- d-----w- c:\users\sri\appdata\local\PDF Writer
2010-11-11 04:24:10 -------- d-----w- c:\progra~2\PDF Writer
2010-11-11 04:23:32 90624 ----a-w- c:\windows\system32\spool\prtprocs\w32x86\HPZPPWN7.DLL
2010-11-11 04:21:36 227840 ----a-w- c:\windows\system32\bzFlRdr.dll
2010-11-11 04:21:36 103424 ----a-w- c:\windows\system32\bzDCT.dll
2010-11-11 04:21:36 -------- d-----w- c:\program files\common files\Bullzip
2010-11-11 04:21:35 135168 ----a-w- c:\windows\system32\bzpdfc.dll
2010-11-11 04:21:32 196096 ----a-w- c:\windows\system32\bzpdf.dll
2010-11-11 04:21:27 140288 ----a-w- c:\windows\system32\comdlg32.OCX
2010-11-11 04:21:27 -------- d-----w- c:\program files\Bullzip
2010-11-10 15:54:13 -------- d-----w- c:\program files\TeamViewer
2010-11-10 15:14:18 -------- d-----w- c:\users\sri\appdata\roaming\TeamViewer
2010-11-10 15:13:53 -------- d-----w- c:\program files\Garena
2010-11-10 15:13:37 -------- d-----w- c:\users\sri\temp
2010-11-10 14:58:12 679936 ----a-w- c:\windows\system32\D3DX81ab.dll
2010-11-10 14:58:12 1970176 ----a-w- c:\windows\system32\d3dx9.dll
2010-11-09 17:34:37 -------- d-----w- c:\program files\Conduit
2010-11-09 17:34:32 -------- d-----w- c:\program files\ConduitEngine
2010-11-09 17:34:28 -------- d-----w- c:\program files\uTorrentBar
2010-11-09 17:34:26 -------- d-----w- C:\extensions
2010-11-09 17:33:22 -------- d-----w- c:\users\sri\appdata\roaming\UseNeXT
2010-11-09 17:33:14 -------- d-----w- c:\program files\UseNeXT
2010-11-09 17:32:59 -------- d-----w- c:\program files\uTorrent
2010-11-09 17:32:37 -------- d-----w- c:\users\sri\appdata\roaming\uTorrent
2010-11-09 16:17:15 -------- d-----w- c:\program files\Cheat Engine
2010-10-31 09:13:05 -------- d-----w- c:\users\sri\appdata\local\ESET
2010-10-31 08:11:16 -------- d-----w- c:\program files\GRETECH
2010-10-30 09:15:59 -------- d-----w- C:\Downloads
2010-10-30 07:27:14 13952 ----a-w- c:\windows\system32\drivers\urfltwlh.sys
2010-10-30 04:42:10 -------- d-----w- C:\Films
2010-10-29 16:45:46 -------- d-----w- c:\program files\ESET
2010-10-29 11:28:13 6146896 ----a-w- c:\progra~2\microsoft\windows defender\definition updates\backup\mpengine.dll
2010-10-29 06:45:28 -------- d-----w- c:\users\sri\appdata\local\ElevatedDiagnostics
2010-10-28 17:25:58 -------- d-----w- c:\program files\VideoLAN
2010-10-28 16:19:26 -------- d-----w- c:\users\sri\appdata\roaming\My Battle for Middle-earth Files
2010-10-28 16:10:27 -------- d-----w- c:\program files\EA GAMES
2010-10-28 15:31:22 -------- d-----w- c:\progra~2\Kaspersky Lab Setup Files
2010-10-28 15:31:10 -------- d-----w- c:\users\sri\appdata\local\Adobe
2010-10-28 14:54:58 -------- d-----w- c:\program files\EA SPORTS
2010-10-28 14:22:43 -------- d-----w- c:\users\sri\appdata\roaming\IDM
2010-10-28 14:22:42 -------- d-----w- c:\users\sri\appdata\roaming\DMCache
2010-10-28 14:22:38 -------- d-----w- c:\program files\Internet Download Manager
2010-10-28 14:21:16 -------- d-----w- c:\program files\Ask.com
2010-10-28 14:08:57 33104 ----a-w- c:\windows\system32\spool\prtprocs\w32x86\msonpppr.dll
2010-10-28 14:08:57 32656 ----a-w- c:\windows\system32\msonpmon.dll
2010-10-28 14:06:40 -------- d-----w- c:\windows\PCHEALTH
2010-10-28 14:04:59 -------- d-----w- c:\program files\Microsoft Visual Studio 8
2010-10-28 14:04:11 -------- d-----w- c:\users\sri\appdata\local\Microsoft Help
2010-10-28 13:57:41 -------- d-----w- c:\program files\PowerISO
2010-10-28 13:55:50 -------- d-----w- c:\program files\CCleaner
2010-10-28 13:21:22 -------- d-----w- c:\users\sri\appdata\local\LogMeIn Hamachi
2010-10-28 13:18:46 -------- d-----w- c:\program files\LogMeIn Hamachi
2010-10-28 06:10:38 -------- d-----w- c:\windows\Panther
2010-10-27 18:34:52 -------- d-----w- c:\windows\system32\Wat
2010-10-27 18:25:23 472808 ----a-w- c:\windows\system32\deployJava1.dll
2010-10-27 17:57:39 257024 ----a-w- c:\windows\system32\msv1_0.dll
2010-10-27 17:56:16 99176 ----a-w- c:\windows\system32\PresentationHostProxy.dll
2010-10-27 17:56:16 49472 ----a-w- c:\windows\system32\netfxperf.dll
2010-10-27 17:56:16 297808 ----a-w- c:\windows\system32\mscoree.dll
2010-10-27 17:56:16 295264 ----a-w- c:\windows\system32\PresentationHost.exe
2010-10-27 17:56:16 1130824 ----a-w- c:\windows\system32\dfshim.dll
2010-10-27 17:49:49 190976 ----a-w- c:\windows\system32\drivers\ks.sys
2010-10-27 17:49:04 4247040 ----a-w- c:\program files\windows nt\accessories\wordpad.exe
2010-10-27 17:49:03 1413632 ----a-w- c:\windows\system32\ole32.dll
2010-10-27 17:47:56 224256 ----a-w- c:\windows\system32\schannel.dll
2010-10-27 17:47:55 37376 ----a-w- c:\windows\system32\rtutils.dll
2010-10-27 17:46:39 95744 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys
2010-10-27 17:46:39 221696 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2010-10-27 17:46:39 123392 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2010-10-27 17:46:35 13312 ----a-w- c:\program files\internet explorer\iecompat.dll
2010-10-27 17:43:56 70656 ----a-w- c:\windows\system32\fontsub.dll
2010-10-27 17:43:56 34304 ----a-w- c:\windows\system32\atmlib.dll
2010-10-27 17:43:56 293888 ----a-w- c:\windows\system32\atmfd.dll
2010-10-27 17:43:51 132608 ----a-w- c:\windows\system32\cabview.dll
2010-10-27 17:43:39 -------- d-----w- c:\users\sri\appdata\roaming\Malwarebytes
2010-10-27 17:43:30 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-10-27 17:43:28 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-10-27 17:43:28 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-10-27 17:43:28 -------- d-----w- c:\progra~2\Malwarebytes
2010-10-27 17:35:18 -------- d-----w- c:\program files\Show Desktop
2010-10-27 17:29:20 -------- d-----w- c:\users\sri\appdata\local\SRS Labs
2010-10-27 17:27:20 -------- d-----w- c:\progra~2\SRS Labs
2010-10-27 17:26:53 -------- d-----w- c:\program files\SRS Labs
2010-10-27 17:25:53 -------- d-----w- c:\program files\NVIDIA Corporation
2010-10-27 17:24:30 -------- d-----w- c:\windows\system32\AGEIA
2010-10-27 17:24:05 -------- d-----w- c:\program files\common files\Wise Installation Wizard
2010-10-27 17:23:27 485920 ----a-w- c:\windows\system32\NVUNINST.EXE
2010-10-27 17:23:03 485920 ----a-w- c:\windows\system32\nvudisp.exe
2010-10-27 17:16:04 222080 ------w- c:\windows\system32\MpSigStub.exe
2010-10-27 17:05:57 53248 ----a-w- c:\windows\system32\IASBB.dll
2010-10-27 17:05:57 40960 ----a-w- c:\windows\system32\SFIMLARK.dll
2010-10-27 17:05:57 274432 ----a-w- c:\windows\system32\IASDLL.dll
2010-10-27 17:05:53 -------- d-----w- c:\program files\Intel Audio Studio 2.7
2010-10-27 17:05:19 212992 ----a-w- c:\windows\system32\stacsv.exe
2010-10-27 17:05:18 -------- d-----w- c:\progra~2\SonicFocus
2010-10-27 17:04:32 146944 ----a-w- c:\windows\system32\staco.dll
2010-10-27 17:03:45 356352 ----a-w- c:\windows\system32\drivers\stwrt.sys
2010-10-27 17:03:43 69632 ----a-w- c:\windows\system32\SFFXCPStr.dll
2010-10-27 17:03:43 69120 ----a-w- c:\windows\system32\SFFXSAPO.dll
2010-10-27 17:03:43 69120 ----a-w- c:\windows\system32\SFFXHAPO.dll
2010-10-27 17:03:43 69120 ----a-w- c:\windows\system32\SFFXDAPO.dll
2010-10-27 17:03:43 58368 ----a-w- c:\windows\system32\SFFXComm.dll
2010-10-27 17:03:43 379392 ----a-w- c:\windows\system32\stapi32.dll
2010-10-27 17:03:43 208896 ----a-w- c:\windows\system32\SFFXProc.dll
2010-10-27 17:03:43 156672 ----a-w- c:\windows\system32\SFFXCPBL.dll
2010-10-27 17:03:41 -------- d-----w- c:\program files\IDT
2010-10-27 17:02:37 733184 ----a-w- c:\program files\common files\installshield\professional\runtime\10\01\intel32\iKernel.dll
2010-10-27 17:02:37 69715 ----a-w- c:\program files\common files\installshield\professional\runtime\10\01\intel32\ctor.dll
2010-10-27 17:02:37 5632 ----a-w- c:\program files\common files\installshield\professional\runtime\10\01\intel32\DotNetInstaller.exe
2010-10-27 17:02:37 32768 ----a-w- c:\program files\common files\installshield\professional\runtime\Objectps.dll
2010-10-27 17:02:37 266240 ----a-w- c:\program files\common files\installshield\professional\runtime\10\01\intel32\iscript.dll
2010-10-27 17:02:37 180356 ----a-w- c:\program files\common files\installshield\professional\runtime\10\01\intel32\iGdi.dll
2010-10-27 17:02:37 172032 ----a-w- c:\program files\common files\installshield\professional\runtime\10\01\intel32\iuser.dll
2010-10-27 17:02:36 303236 ----a-w- c:\program files\common files\installshield\professional\runtime\10\01\intel32\setup.dll
2010-10-27 17:01:51 -------- d-----w- c:\users\sri\appdata\local\Google
2010-10-27 17:01:37 -------- d-----w- c:\users\sri\appdata\local\Deployment
2010-10-27 17:01:37 -------- d-----w- c:\users\sri\appdata\local\Apps
2010-10-27 17:00:41 -------- d-----w- c:\windows\system32\wbem\Performance
2010-10-27 17:00:29 -------- d-sh--w- c:\windows\Installer

==================== Find3M ====================

2010-09-08 04:30:04 978432 ----a-w- c:\windows\system32\wininet.dll
2010-09-08 04:28:15 44544 ----a-w- c:\windows\system32\licmgr10.dll
2010-09-08 03:22:31 386048 ----a-w- c:\windows\system32\html.iec
2010-09-08 02:48:16 1638912 ----a-w- c:\windows\system32\mshtml.tlb
2010-09-01 04:23:49 12625408 ----a-w- c:\windows\system32\wmploc.DLL
2010-09-01 02:34:52 2327552 ----a-w- c:\windows\system32\win32k.sys
2010-08-31 04:32:30 954752 ----a-w- c:\windows\system32\mfc40.dll
2010-08-31 04:32:30 954288 ----a-w- c:\windows\system32\mfc40u.dll
2010-08-27 05:46:48 168448 ----a-w- c:\windows\system32\srvsvc.dll
2010-08-26 04:39:58 109056 ----a-w- c:\windows\system32\t2embed.dll
2010-08-21 05:36:33 738816 ----a-w- c:\windows\system32\wmpmde.dll
2010-08-21 05:33:24 530432 ----a-w- c:\windows\system32\comctl32.dll
2010-08-21 05:32:37 316928 ----a-w- c:\windows\system32\spoolsv.exe

============= FINISH: 18:00:07.05 ===============

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Ver_10-10-21.02)

Microsoft Windows 7 Ultimate
Boot Device: \Device\HarddiskVolume1
Install Date: 10/27/2010 10:27:18 PM
System Uptime: 11/14/2010 9:50:15 AM (9 hours ago)

Motherboard: Intel Corporation | | D945GCL
Processor: Intel(R) Core(TM)2 CPU 4300 @ 1.80GHz | | 1800/200mhz

==== Disk Partitions =========================

C: is FIXED (NTFS) - 40 GiB total, 2.141 GiB free.
D: is FIXED (NTFS) - 40 GiB total, 1.219 GiB free.
E: is FIXED (NTFS) - 69 GiB total, 0.075 GiB free.
F: is CDROM ()

==== Disabled Device Manager Items =============

==== System Restore Points ===================

No restore point in system.

==== Installed Programs ======================

µTorrent
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Reader 9.4.0
Ask Toolbar
Bullzip PDF Printer 7.1.0.1218
CCleaner
Cheat Engine 5.6.1
Conduit Engine
ESET NOD32 Antivirus
FIFA 07
FlashGet 3.3
Garena 2010
GOM Player
Google Chrome
GPL Ghostscript Lite 8.70
IDT Audio
Intel Audio Studio 2.7
Internet Download Manager
Java Auto Updater
Java(TM) 6 Update 22
LogMeIn Hamachi
Malwarebytes' Anti-Malware
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Mozilla Firefox (3.6.12)
NVIDIA Drivers
NVIDIA PhysX
NVIDIA Stereoscopic 3D Driver
OGA Notifier 2.0.0048.0
PowerISO
Security Update for 2007 Microsoft Office System (KB951550)
Security Update for 2007 Microsoft Office System (KB951944)
Show Desktop
SRS Audio Sandbox
TeamViewer 5
The Battle for Middle-earth (tm)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Infopath 2007 Help (KB963662)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Update for Outlook 2007 Junk Email Filter (KB2443839)
URL Snooper v2.28.01
UseNeXT
uTorrentBar Toolbar
VLC media player 1.1.4
WinPcap 4.1.1
WinRAR archiver

==== Event Viewer Messages From Past Week ========

11/14/2010 9:41:22 AM, Error: Service Control Manager [7016] - The NVIDIA Display Driver Service service has reported an invalid current state 32.
11/14/2010 9:41:21 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: The 2007 Microsoft Office Suite Service Pack 2 (SP2).
11/14/2010 9:18:50 AM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk1\DR1.
11/14/2010 5:57:54 PM, Error: Service Control Manager [7034] - The NVIDIA Display Driver Service service terminated unexpectedly. It has done this 1 time(s).
11/14/2010 4:54:34 PM, Error: bowser [8003] - The master browser has received a server announcement from the computer ULTIMATE-PC that believes that it is the master browser for the domain on transport NetBT_Tcpip_{026D91F7-A64B-4CDE-8755-A306E3. The master browser is stopping or an election is being forced.
11/14/2010 1:53:34 PM, Error: volsnap [36] - The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.
11/12/2010 8:47:50 PM, Error: bowser [8003] - The master browser has received a server announcement from the computer PEGASO that believes that it is the master browser for the domain on transport NetBT_Tcpip_{66B62F15-F86F-4ECA-9B62-2AE1F97EE8C. The master browser is stopping or an election is being forced.
11/10/2010 8:44:12 PM, Error: Service Control Manager [7030] - The TeamViewer 3 service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.
11/10/2010 11:30:34 AM, Error: Microsoft-Windows-HAL [12] - The platform firmware has corrupted memory across the previous system power transition. Please check for updated firmware for your system.

==== End Of File ===========================
GMER 1.0.15.15477 - http://www.gmer.net
Rootkit scan 2010-11-14 18:41:01
Windows 6.1.7600
Running: gmer.exe; Driver: C:\Users\sri\AppData\Local\Temp\uwldypow.sys

---- Kernel code sections - GMER 1.0.15 ----

.text ntkrnlpa.exe!ZwSaveKeyEx + 13AD 82854599 1 Byte [06]
.text ntkrnlpa.exe!KiDispatchInterrupt + 5A2 82878F52 19 Bytes [E0, 0F, BA, F0, 07, 73, 09, ...] {LOOPNZ 0x11; MOV EDX, 0x97307f0; MOV CR4, EAX; OR AL, 0x80; MOV CR4, EAX; RET ; MOV ECX, CR3}

---- User code sections - GMER 1.0.15 ----

.text C:\Users\sri\AppData\Local\Google\Chrome\Application\chrome.exe[188] ntdll.dll!NtCreateFile + 6 77BA4A36 4 Bytes [28, 00, 17, 00]
.text C:\Users\sri\AppData\Local\Google\Chrome\Application\chrome.exe[188] ntdll.dll!NtCreateFile + B 77BA4A3B 1 Byte [E2]
.text C:\Users\sri\AppData\Local\Google\Chrome\Application\chrome.exe[188] ntdll.dll!NtMapViewOfSection + 6 77BA5096 1 Byte [28]
.text C:\Users\sri\AppData\Local\Google\Chrome\Application\chrome.exe[188] ntdll.dll!NtMapViewOfSection + 6 77BA5096 4 Bytes [28, 03, 17, 00]
.text C:\Users\sri\AppData\Local\Google\Chrome\Application\chrome.exe[188] ntdll.dll!NtMapViewOfSection + B 77BA509B 1 Byte [E2]
.text C:\Users\sri\AppData\Local\Google\Chrome\Application\chrome.exe[188] ntdll.dll!NtOpenFile + 6 77BA5146 4 Bytes [68, 00, 17, 00]
.text C:\Users\sri\AppData\Local\Google\Chrome\Application\chrome.exe[188] ntdll.dll!NtOpenFile + B 77BA514B 1 Byte [E2]
.text C:\Users\sri\AppData\Local\Google\Chrome\Application\chrome.exe[188] ntdll.dll!NtOpenProcess + 6 77BA51F6 4 Bytes [A8, 01, 17, 00]
.text C:\Users\sri\AppData\Local\Google\Chrome\Application\chrome.exe[188] ntdll.dll!NtOpenProcess + B 77BA51FB 1 Byte [E2]
.text C:\Users\sri\AppData\Local\Google\Chrome\Application\chrome.exe[188] ntdll.dll!NtOpenProcessToken + 6 77BA5206 4 Bytes CALL 76BA690C
.text C:\Users\sri\AppData\Local\Google\Chrome\Application\chrome.exe[188] ntdll.dll!NtOpenProcessToken + B 77BA520B 1 Byte [E2]
.text C:\Users\sri\AppData\Local\Google\Chrome\Application\chrome.exe[188] ntdll.dll!NtOpenProcessTokenEx + 6 77BA5216 4 Bytes [A8, 02, 17, 00]
.text C:\Users\sri\AppData\Local\Google\Chrome\Application\chrome.exe[188] ntdll.dll!NtOpenProcessTokenEx + B 77BA521B 1 Byte [E2]
.text C:\Users\sri\AppData\Local\Google\Chrome\Application\chrome.exe[188] ntdll.dll!NtOpenThread + 6 77BA5276 4 Bytes [68, 01, 17, 00]
.text C:\Users\sri\AppData\Local\Google\Chrome\Application\chrome.exe[188] ntdll.dll!NtOpenThread + B 77BA527B 1 Byte [E2]
.text C:\Users\sri\AppData\Local\Google\Chrome\Application\chrome.exe[188] ntdll.dll!NtOpenThreadToken + 6 77BA5286 4 Bytes [68, 02, 17, 00]
.text C:\Users\sri\AppData\Local\Google\Chrome\Application\chrome.exe[188] ntdll.dll!NtOpenThreadToken + B 77BA528B 1 Byte [E2]
.text C:\Users\sri\AppData\Local\Google\Chrome\Application\chrome.exe[188] ntdll.dll!NtOpenThreadTokenEx + 6 77BA5296 4 Bytes CALL 76BA699D
.text C:\Users\sri\AppData\Local\Google\Chrome\Application\chrome.exe[188] ntdll.dll!NtOpenThreadTokenEx + B 77BA529B 1 Byte [E2]
.text C:\Users\sri\AppData\Local\Google\Chrome\Application\chrome.exe[188] ntdll.dll!NtQueryAttributesFile + 6 77BA53A6 4 Bytes [A8, 00, 17, 00]
.text C:\Users\sri\AppData\Local\Google\Chrome\Application\chrome.exe[188] ntdll.dll!NtQueryAttributesFile + B 77BA53AB 1 Byte [E2]
.text C:\Users\sri\AppData\Local\Google\Chrome\Application\chrome.exe[188] ntdll.dll!NtQueryFullAttributesFile + 6 77BA5456 4 Bytes CALL 76BA6B5B
.text C:\Users\sri\AppData\Local\Google\Chrome\Application\chrome.exe[188] ntdll.dll!NtQueryFullAttributesFile + B 77BA545B 1 Byte [E2]
.text C:\Users\sri\AppData\Local\Google\Chrome\Application\chrome.exe[188] ntdll.dll!NtSetInformationFile + 6 77BA5AA6 4 Bytes [28, 01, 17, 00]
.text C:\Users\sri\AppData\Local\Google\Chrome\Application\chrome.exe[188] ntdll.dll!NtSetInformationFile + B 77BA5AAB 1 Byte [E2]
.text C:\Users\sri\AppData\Local\Google\Chrome\Application\chrome.exe[188] ntdll.dll!NtSetInformationThread + 6 77BA5B06 4 Bytes [28, 02, 17, 00]
.text C:\Users\sri\AppData\Local\Google\Chrome\Application\chrome.exe[188] ntdll.dll!NtSetInformationThread + B 77BA5B0B 1 Byte [E2]
.text C:\Users\sri\AppData\Local\Google\Chrome\Application\chrome.exe[188] ntdll.dll!NtUnmapViewOfSection + 6 77BA5E26 1 Byte [68]
.text C:\Users\sri\AppData\Local\Google\Chrome\Application\chrome.exe[188] ntdll.dll!NtUnmapViewOfSection + 6 77BA5E26 4 Bytes [68, 03, 17, 00]
.text C:\Users\sri\AppData\Local\Google\Chrome\Application\chrome.exe[188] ntdll.dll!NtUnmapViewOfSection + B 77BA5E2B 1 Byte [E2]
.text C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe[1784] kernel32.dll!SetUnhandledExceptionFilter 76773162 4 Bytes [C2, 04, 00, 00]

---- User IAT/EAT - GMER 1.0.15 ----

IAT C:\Windows\System32\rundll32.exe[2052] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [75C05E25] C:\Windows\system32\apphelp.dll (Application Compatibility Client Library/Microsoft Corporation)
IAT C:\Windows\System32\rundll32.exe[2052] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [75C05E25] C:\Windows\system32\apphelp.dll (Application Compatibility Client Library/Microsoft Corporation)
IAT C:\Windows\System32\rundll32.exe[2052] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [75C05E25] C:\Windows\system32\apphelp.dll (Application Compatibility Client Library/Microsoft Corporation)
IAT C:\Windows\System32\rundll32.exe[2052] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [75C05E25] C:\Windows\system32\apphelp.dll (Application Compatibility Client Library/Microsoft Corporation)

---- Devices - GMER 1.0.15 ----

AttachedDevice \FileSystem\Ntfs \Ntfs eamon.sys (Amon monitor/ESET)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume1 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume1 rdyboost.sys (ReadyBoost Driver/Microsoft Corporation)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume2 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume2 rdyboost.sys (ReadyBoost Driver/Microsoft Corporation)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume3 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume3 rdyboost.sys (ReadyBoost Driver/Microsoft Corporation)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume4 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume4 rdyboost.sys (ReadyBoost Driver/Microsoft Corporation)

Device \Driver\ACPI_HAL \Device\0000004e halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation)

---- EOF - GMER 1.0.15 ----

Thanks
srini

Broni · Nov 14, 2010

What does make you think, your computer is infected?
You just reinstalled Windows: http://www.techspot.com/vb/topic155551.html

sritce · Nov 14, 2010

i dont know how to reopen that thread..that is why created a new one,and yeah i formated the system and all worked fine untill yesterday....i really dont know what is the cause of this problem..sorry if i overstepped any forums rules..

Broni · Nov 14, 2010

There is no reason to reopen your old thread.
What I'm saying, since this is a new Windows installation, I don't see how this is malware related.
I suggest, you start new topic in Windows forum.

sritce · Nov 14, 2010

but that is 2 weeks back i installed new os.

Broni · Nov 15, 2010

All, I can say, your logs don't show any infection, so you have to proceed in some other forum (Windows?).

sritce · Nov 15, 2010

yes ,i too think the same.. thoroughly scanned by all AV..ok thanks ,and i posted in OS forums..

Broni · Nov 15, 2010

Sure thing

sritce · Nov 15, 2010

Hi
at last problem solved..combofix solved it..i will post the log...what is the cause for this.

ComboFix 10-11-14.04 - sri 11/15/2010 23:45:04.1.2 - x86
Microsoft Windows 7 Ultimate 6.1.7600.0.1252.1.1033.18.3070.2095 [GMT 5.5:30]
Running from: c:\users\sri\Desktop\ComboFix.exe
* Resident AV is active

.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\system32\secustat.dat

.
((((((((((((((((((((((((( Files Created from 2010-10-15 to 2010-11-15 )))))))))))))))))))))))))))))))
.

2010-11-15 18:21 . 2010-11-15 18:21 -------- d-----w- c:\users\Default\AppData\Local\temp
2010-11-15 18:03 . 2010-11-15 18:03 301568 ----a-w- c:\windows\system32\cmd.execf
2010-11-15 05:27 . 2010-11-15 15:51 -------- d-----w- c:\users\sss
2010-11-14 18:42 . 2010-11-14 18:42 -------- d-----w- c:\program files\Switch Off
2010-11-13 05:18 . 2010-11-13 05:18 -------- d-----w- c:\users\Default\AppData\Local\Microsoft Help
2010-11-13 01:54 . 2010-11-13 01:54 -------- d-----w- c:\programdata\Office Genuine Advantage
2010-11-12 15:12 . 2010-11-12 15:12 -------- d-----w- c:\program files\FlashGet Network
2010-11-12 13:49 . 2010-11-12 13:49 -------- d-----w- c:\program files\WinPcap
2010-11-12 13:49 . 2010-11-12 13:49 -------- d-----w- c:\program files\URLSnooper2
2010-11-12 13:49 . 2010-11-12 13:49 -------- d-----w- c:\programdata\DonationCoder
2010-11-12 12:58 . 2010-10-18 04:11 6146896 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{EE4859BC-26EC-443A-A815-66EC6FC04319}\mpengine.dll
2010-11-11 04:24 . 2010-11-11 04:24 -------- d-----w- c:\programdata\PDF Writer
2010-11-11 04:23 . 2009-07-14 01:15 90624 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\HPZPPWN7.DLL
2010-11-11 04:21 . 2010-11-11 04:21 -------- d-----w- c:\program files\Common Files\Bullzip
2010-11-11 04:21 . 2008-10-30 17:45 227840 ----a-w- c:\windows\system32\bzFlRdr.dll
2010-11-11 04:21 . 2008-07-09 18:49 103424 ----a-w- c:\windows\system32\bzDCT.dll
2010-11-11 04:21 . 2010-09-27 09:57 135168 ----a-w- c:\windows\system32\bzpdfc.dll
2010-11-11 04:21 . 2010-09-27 09:58 196096 ----a-w- c:\windows\system32\bzpdf.dll
2010-11-11 04:21 . 2010-11-11 04:21 -------- d-----w- c:\program files\Bullzip
2010-11-11 04:21 . 1999-05-06 18:30 140288 ----a-w- c:\windows\system32\comdlg32.OCX
2010-11-10 15:54 . 2010-11-10 15:54 -------- d-----w- c:\program files\TeamViewer
2010-11-10 15:13 . 2010-11-14 15:31 -------- d-----w- c:\program files\Garena
2010-11-10 14:58 . 2009-11-03 08:37 679936 ----a-w- c:\windows\system32\D3DX81ab.dll
2010-11-10 14:58 . 2009-11-03 08:37 1970176 ----a-w- c:\windows\system32\d3dx9.dll
2010-11-09 17:34 . 2010-11-09 17:34 -------- d-----w- c:\program files\Conduit
2010-11-09 17:34 . 2010-11-09 17:34 -------- d-----w- C:\extensions
2010-11-09 17:33 . 2010-11-09 17:33 -------- d-----w- c:\program files\UseNeXT
2010-11-09 17:32 . 2010-11-09 17:34 -------- d-----w- c:\program files\uTorrent
2010-11-09 16:17 . 2010-11-14 13:31 -------- d-----w- c:\program files\Cheat Engine
2010-10-31 08:11 . 2010-10-31 08:11 -------- d-----w- c:\program files\GRETECH
2010-10-31 07:59 . 2010-10-31 07:59 -------- d-----w- c:\windows\Sun
2010-10-30 09:15 . 2010-10-30 09:16 -------- d-----w- C:\Downloads
2010-10-30 07:27 . 2010-01-25 21:18 13952 ----a-w- c:\windows\system32\drivers\urfltwlh.sys
2010-10-29 16:45 . 2010-11-14 14:23 -------- d-----w- c:\program files\ESET
2010-10-28 17:25 . 2010-10-28 17:25 -------- d-----w- c:\program files\VideoLAN
2010-10-28 16:10 . 2010-10-28 16:10 -------- d-----w- c:\program files\EA GAMES
2010-10-28 15:31 . 2010-10-28 15:31 -------- d-----w- c:\programdata\Kaspersky Lab Setup Files
2010-10-28 14:54 . 2010-10-28 15:34 -------- d-----w- c:\program files\EA SPORTS
2010-10-28 14:54 . 2010-10-28 14:54 -------- d-----w- c:\windows\system32\Macromed
2010-10-28 14:22 . 2010-10-30 11:09 -------- d-----w- c:\program files\Internet Download Manager
2010-10-28 14:21 . 2010-10-30 08:35 -------- d-----w- c:\program files\Ask.com
2010-10-28 14:13 . 2010-10-28 14:13 -------- d-----w- c:\program files\Common Files\Adobe
2010-10-28 14:08 . 2008-11-10 06:11 32656 ----a-w- c:\windows\system32\msonpmon.dll
2010-10-28 14:08 . 2006-10-26 14:26 33104 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\msonpppr.dll
2010-10-28 14:07 . 2010-11-14 18:45 -------- d-----w- c:\program files\Microsoft Works
2010-10-28 14:06 . 2010-10-28 14:06 -------- d-----w- c:\windows\PCHEALTH
2010-10-28 14:06 . 2010-10-28 14:06 -------- d-----w- c:\program files\Microsoft.NET
2010-10-28 14:04 . 2010-10-28 14:04 -------- d-----w- c:\program files\Microsoft Visual Studio 8
2010-10-28 14:04 . 2010-11-14 18:47 -------- d-----w- c:\programdata\Microsoft Help
2010-10-28 14:02 . 2010-10-28 14:02 -------- d-----r- C:\MSOCache
2010-10-28 13:57 . 2010-10-28 13:57 -------- d-----w- c:\program files\PowerISO
2010-10-28 13:55 . 2010-10-28 13:55 -------- d-----w- c:\program files\CCleaner
2010-10-28 13:18 . 2010-10-28 13:18 -------- d-----w- c:\program files\LogMeIn Hamachi
2010-10-28 06:10 . 2010-10-27 16:57 -------- d-----w- c:\windows\Panther
2010-10-27 18:34 . 2010-10-27 18:34 -------- d-----w- c:\windows\system32\Wat
2010-10-27 18:30 . 2010-10-27 18:30 -------- d-----w- c:\program files\Common Files\Java
2010-10-27 18:25 . 2010-10-27 18:25 472808 ----a-w- c:\windows\system32\deployJava1.dll
2010-10-27 18:25 . 2010-10-27 18:25 -------- d-----w- c:\program files\Java
2010-10-27 17:57 . 2009-09-10 05:52 257024 ----a-w- c:\windows\system32\msv1_0.dll
2010-10-27 17:56 . 2009-11-25 07:17 99176 ----a-w- c:\windows\system32\PresentationHostProxy.dll
2010-10-27 17:56 . 2009-11-25 07:17 49472 ----a-w- c:\windows\system32\netfxperf.dll
2010-10-27 17:56 . 2009-11-25 07:17 297808 ----a-w- c:\windows\system32\mscoree.dll
2010-10-27 17:56 . 2009-11-25 07:17 295264 ----a-w- c:\windows\system32\PresentationHost.exe
2010-10-27 17:56 . 2009-11-25 07:17 1130824 ----a-w- c:\windows\system32\dfshim.dll
2010-10-27 17:49 . 2010-03-04 03:57 190976 ----a-w- c:\windows\system32\drivers\ks.sys
2010-10-27 17:49 . 2010-06-29 04:57 4247040 ----a-w- c:\program files\Windows NT\Accessories\wordpad.exe
2010-10-27 17:49 . 2010-06-29 05:02 1413632 ----a-w- c:\windows\system32\ole32.dll
2010-10-27 17:47 . 2010-08-21 05:36 224256 ----a-w- c:\windows\system32\schannel.dll
2010-10-27 17:47 . 2010-06-19 06:23 37376 ----a-w- c:\windows\system32\rtutils.dll
2010-10-27 17:46 . 2010-02-27 07:32 221696 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2010-10-27 17:46 . 2010-02-27 07:32 95744 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys
2010-10-27 17:46 . 2010-02-27 07:32 123392 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2010-10-27 17:46 . 2010-08-27 05:30 13312 ----a-w- c:\program files\Internet Explorer\iecompat.dll
2010-10-27 17:43 . 2010-05-27 07:24 34304 ----a-w- c:\windows\system32\atmlib.dll
2010-10-27 17:43 . 2010-05-27 03:49 293888 ----a-w- c:\windows\system32\atmfd.dll
2010-10-27 17:43 . 2009-10-19 14:10 70656 ----a-w- c:\windows\system32\fontsub.dll
2010-10-27 17:43 . 2010-01-09 06:52 132608 ----a-w- c:\windows\system32\cabview.dll
2010-10-27 17:43 . 2010-04-29 10:09 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-10-27 17:43 . 2010-11-15 15:51 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-10-27 17:43 . 2010-11-15 15:50 -------- d-----w- c:\programdata\Malwarebytes
2010-10-27 17:43 . 2010-04-29 10:09 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-10-27 17:35 . 2010-10-27 17:35 -------- d-----w- c:\program files\Show Desktop
2010-10-27 17:27 . 2010-10-27 17:27 -------- d-----w- c:\programdata\SRS Labs
2010-10-27 17:26 . 2010-10-27 17:26 -------- d-----w- c:\program files\SRS Labs
2010-10-27 17:25 . 2010-10-27 17:25 -------- d-----w- c:\program files\NVIDIA Corporation
2010-10-27 17:25 . 2010-11-15 15:57 -------- d-----w- c:\programdata\NVIDIA
2010-10-27 17:24 . 2010-10-27 17:24 -------- d-----w- c:\program files\AGEIA Technologies
2010-10-27 17:24 . 2010-10-27 17:24 -------- d-----w- c:\windows\system32\AGEIA
2010-10-27 17:24 . 2010-10-27 17:24 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2010-10-27 17:23 . 2009-07-10 01:31 485920 ----a-w- c:\windows\system32\NVUNINST.EXE
2010-10-27 17:23 . 2009-07-14 18:54 485920 ----a-w- c:\windows\system32\nvudisp.exe
2010-10-27 17:22 . 2009-07-14 18:54 795104 ----a-w- c:\windows\system32\dpinst.exe
2010-10-27 17:22 . 2009-07-14 18:54 252448 ----a-w- c:\windows\system32\nvdecodemft.dll
2010-10-27 17:22 . 2009-07-14 18:54 1919520 ----a-w- c:\windows\system32\nvencodemft.dll
2010-10-27 17:22 . 2009-07-14 18:54 10854400 ----a-w- c:\windows\system32\nvoglv32.dll
2010-10-27 17:22 . 2009-07-14 18:54 7565824 ----a-w- c:\windows\system32\nvd3dum.dll
2010-10-27 17:22 . 2009-07-14 18:54 2169376 ----a-w- c:\windows\system32\nvcuvid.dll
2010-10-27 17:22 . 2009-07-14 18:54 1983488 ----a-w- c:\windows\system32\nvcuda.dll
2010-10-27 17:22 . 2009-07-14 18:54 1706528 ----a-w- c:\windows\system32\nvcuvenc.dll
2010-10-27 17:22 . 2009-07-14 18:54 151552 ----a-w- c:\windows\system32\nvcod157.dll
2010-10-27 17:22 . 2009-07-14 18:54 151552 ----a-w- c:\windows\system32\nvcod.dll
2010-10-27 17:22 . 2009-07-14 18:54 1044992 ----a-w- c:\windows\system32\nvapi.dll
2010-10-27 17:22 . 2010-10-27 17:22 -------- d-----w- C:\NVIDIA
2010-10-27 17:16 . 2010-10-19 06:11 222080 ------w- c:\windows\system32\MpSigStub.exe
2010-10-27 17:05 . 2006-11-11 08:32 274432 ----a-w- c:\windows\system32\IASDLL.dll
2010-10-27 17:05 . 2005-11-18 08:27 40960 ----a-w- c:\windows\system32\SFIMLARK.dll
2010-10-27 17:05 . 2005-07-21 13:58 53248 ----a-w- c:\windows\system32\IASBB.dll
2010-10-27 17:05 . 2010-10-27 17:05 -------- d-----w- c:\program files\Intel Audio Studio 2.7
2010-10-27 17:02 . 2010-10-27 17:02 -------- d-----w- c:\program files\Common Files\InstallShield
2010-10-27 17:00 . 2010-11-15 15:59 -------- d-----w- c:\windows\system32\wbem\Performance
2010-10-27 17:00 . 2010-11-14 18:47 -------- d-sh--w- c:\windows\Installer
2010-10-27 16:57 . 2010-11-15 15:57 -------- d-----w- c:\users\sri
2010-10-27 16:57 . 2010-10-27 16:57 -------- d-----w- C:\Recovery

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-09-29 20:53 . 2010-09-29 18:56 71336 ----a-w- c:\windows\system32\drivers\idmwfp.sys
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}"= "c:\program files\uTorrentBar\tbuTor.dll" [2010-10-10 3906656]

[HKEY_CLASSES_ROOT\clsid\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
2010-10-10 10:21 3906656 ----a-w- c:\program files\ConduitEngine\ConduitEngine.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}]
2010-10-10 10:21 3906656 ----a-w- c:\program files\uTorrentBar\tbuTor.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
2010-09-28 17:14 1400712 ----a-w- c:\program files\Ask.com\GenericAskToolbar.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2010-09-28 1400712]
"{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}"= "c:\program files\uTorrentBar\tbuTor.dll" [2010-10-10 3906656]
"{30F9B915-B755-4826-820B-08FBA6BD249D}"= "c:\program files\ConduitEngine\ConduitEngine.dll" [2010-10-10 3906656]

[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]

[HKEY_CLASSES_ROOT\clsid\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}]

[HKEY_CLASSES_ROOT\clsid\{30f9b915-b755-4826-820b-08fba6bd249d}]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2010-09-28 1400712]
"{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC}"= "c:\program files\uTorrentBar\tbuTor.dll" [2010-10-10 3906656]

[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]

[HKEY_CLASSES_ROOT\clsid\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\IDM Shell Extension]
@="{CDC95B92-E27C-4745-A8C5-64A52A78855D}"
[HKEY_CLASSES_ROOT\CLSID\{CDC95B92-E27C-4745-A8C5-64A52A78855D}]
2010-09-29 20:53 72336 ----a-w- c:\program files\Internet Download Manager\IDMShellExt.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SRS Audio Sandbox"="c:\program files\SRS Labs\Audio Sandbox\SRSSSC.exe" [2010-01-07 3216664]
"IDMan"="c:\program files\Internet Download Manager\IDMan.exe" [2010-10-28 3249504]
"uTorrent"="c:\program files\uTorrent\uTorrent.exe" [2010-11-09 328056]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2010-04-29 437584]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2009-05-14 2029640]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"mixer1"=wdmaud.drv

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2010-09-20 17:37 932288 ----a-r- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2010-09-22 23:17 35760 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FlashGet 3]
2009-12-22 08:48 2127408 ----a-w- c:\program files\FlashGet Network\FlashGet 3\Flashget3.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
2010-10-27 17:01 136176 ----atw- c:\users\sri\AppData\Local\Google\Update\GoogleUpdate.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
2008-10-25 06:14 31072 ----a-w- c:\program files\Microsoft Office\Office12\GrooveMonitor.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IDMan]
2010-10-28 15:28 3249504 ----a-w- c:\program files\Internet Download Manager\IDMan.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IntelAudioStudio]
2008-05-27 03:40 8003584 ----a-w- c:\program files\Intel Audio Studio 2.7\IntelAudioStudio.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn Hamachi Ui]
2010-03-30 05:46 1820040 ----a-w- c:\program files\LogMeIn Hamachi\hamachi-2-ui.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PWRISOVM.EXE]
2008-01-20 07:05 217088 ----a-w- c:\program files\PowerISO\PWRISOVM.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2010-05-14 06:14 248552 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe

R3 f5ipfw;F5 Networks StoneWall Filter;c:\windows\system32\drivers\urfltwlh.sys [2010-01-25 13952]
R3 GGSAFERDriver;GGSAFER Driver;c:\program files\Garena\safedrv.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2010-10-27 1343400]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [2009-05-14 107256]
S2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [2009-05-14 731840]
S2 epfwwfpr;epfwwfpr;c:\windows\system32\DRIVERS\epfwwfpr.sys [2009-05-14 93312]
S2 Hamachi2Svc;LogMeIn Hamachi 2.0 Tunneling Engine;c:\program files\LogMeIn Hamachi\hamachi-2.exe [2010-03-30 1107336]
S2 IDMWFP;IDMWFP;c:\windows\system32\DRIVERS\idmwfp.sys [2010-09-29 71336]
S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [2010-04-29 304464]
S2 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2009-10-20 50704]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2009-07-14 239648]
S2 TeamViewer5;TeamViewer 5;c:\program files\TeamViewer\Version5\TeamViewer_Service.exe [2010-10-19 2011944]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2010-04-29 20952]
S3 urvpndrv;F5 Networks VPN Adapter;c:\windows\system32\DRIVERS\covpnwlh.sys [2010-01-25 34944]

.
Contents of the 'Scheduled Tasks' folder

2010-11-15 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4011064965-1581801092-1242194099-1000Core.job
- c:\users\sri\AppData\Local\Google\Update\GoogleUpdate.exe [2010-10-27 17:01]

2010-11-15 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4011064965-1581801092-1242194099-1000UA.job
- c:\users\sri\AppData\Local\Google\Update\GoogleUpdate.exe [2010-10-27 17:01]
.
.
------- Supplementary Scan -------
.
uStart Page = about:blank
IE: Download All By FlashGet3 - c:\users\sri\AppData\Roaming\FlashGetBHO\GetAllUrl.htm
IE: Download all links with IDM - c:\program files\Internet Download Manager\IEGetAll.htm
IE: Download By FlashGet3 - c:\users\sri\AppData\Roaming\FlashGetBHO\GetUrl.htm
IE: Download FLV video content with IDM - c:\program files\Internet Download Manager\IEGetVL.htm
IE: Download with IDM - c:\program files\Internet Download Manager\IEExt.htm
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
Trusted Zone: kuaiche.com\software
FF - ProfilePath - c:\users\sri\AppData\Roaming\Mozilla\Firefox\Profiles\yd7m4oub.default\
FF - prefs.js: network.proxy.type - 0
FF - component: c:\users\sri\AppData\Roaming\IDM\idmmzcc3\components\idmmzcc.dll
FF - plugin: c:\program files\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\users\sri\AppData\Local\Google\Update\1.2.183.39\npGoogleOneClick8.dll

---- FIREFOX POLICIES ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--fiqz9s", true); // Traditional
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--fiqs8s", true); // Simplified
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--j6w193g", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4a87g", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbqly7c0a67fbc", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbqly7cvafr", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--kpry57d", true); // Traditional
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--kprw13d", true); // Simplified
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10k_ActiveX.exe,-101"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10k_ActiveX.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"

[HKEY_LOCAL_MACHINE\SOFTWARE\ESET\ESET Security\CurrentVersion\Info]
@Denied: (2) (LocalSystem)
"AppDataDir"="c:\\ProgramData\\ESET\\ESET NOD32 Antivirus\\"
"DataDir"="ESET\\ESET NOD32 Antivirus\\"
"EditionName"=" "
"InstallDir"="c:\\Program Files\\ESET\\ESET NOD32 Antivirus\\"
"LanguageId"=dword:00000409
"PackageTag"=dword:6090e758
"ProductBase"=dword:00000000
"ProductCode"="{2EEBAC31-3EEF-4118-91CB-1A286A507DB2}"
"ProductName"="ESET NOD32 Antivirus"
"ProductType"="eav"
"ProductVersion"="4.0.437.0"
"UniqueId"="00CFC91C4CCAFA5B"
"ScannerBuild"=dword:00001329
"ScannerVersionId"=dword:00000feb
"ScannerVersion"="Locked/open ESET for status."
"FixId"=dword:00000007

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2010-11-15 23:55:09
ComboFix-quarantined-files.txt 2010-11-15 18:25

Pre-Run: 9,410,048,000 bytes free
Post-Run: 9,343,971,328 bytes free

- - End Of File - - EF18D597C0757CC086B7051A317C6071

Broni · Nov 15, 2010

I have no idea.
secustat.dat is a data file, so it can't be active causing any issues.

TechSpot

[Inactive] Internet is slow in lan but fast in wifi

sritce Newcomer, in training

Broni Malware Annihilator

sritce Newcomer, in training

Broni Malware Annihilator

sritce Newcomer, in training

Broni Malware Annihilator

sritce Newcomer, in training

Broni Malware Annihilator

sritce Newcomer, in training

Broni Malware Annihilator