Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Temporary files virus


  • This topic is locked This topic is locked
26 replies to this topic

#1 vkh21

vkh21

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:10:05 AM

Posted 15 April 2013 - 04:00 PM

I recently noticed my pc was running quite slow so I ran bitdefender 2013 and it found many viruses in the temp folder and it cleaned them. However now every 2-5 minutes I get a pop up from bitdefender saying a virus is on my pc. when I follow this up I found out that they are all random temp folders and files for example C:\Windows\Temp\tmp00004d67\tmp00000000 and I have run ccleaner, a full scan with viper internet security,hitman pro, malwarebytes, spybot s&d , superantispyware and I have also run hijackthis but don't know how to analyse a log like that.I shall add at the end of my post my log from hijack this. My thoughts were that something somewhere is making these temporary files throughout my highly unorganised files. If anybody could advise me what to do to neutralise this virus I would be very grateful.

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:30:48, on 15/04/2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v10.0 (10.00.9200.16537)
Boot mode: Normal

Running processes:
C:\Program Files\Sony\VAIO Care\listener.exe
C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe
C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\uTorrent\uTorrent.exe
C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe
C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
O2 - BHO: IESpeakDoc - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing)
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing)
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [ISBMgr.exe] "C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe"
O4 - HKLM\..\Run: [SBAMTray] "C:\Program Files (x86)\GFI Software\VIPRE\SBAMTray.exe"
O4 - HKLM\..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [KiesPreload] C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload
O4 - HKCU\..\Run: [KiesAirMessage] C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup
O4 - HKCU\..\Run: [] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-3082313803-2437717256-3910642539-1005\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-3082313803-2437717256-3910642539-1005\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O4 - Startup: Dropbox.lnk = Vish\AppData\Roaming\Dropbox\bin\Dropbox.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\MICROS~2\Office15\ONBttnIE.dll/105
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print 2.0\smartprintsetup.exe
O9 - Extra 'Tools' menuitem: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print 2.0\smartprintsetup.exe
O9 - Extra button: (no name) - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O9 - Extra 'Tools' menuitem: Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O21 - SSODL: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\SysWOW64\CbFsMntNtf3.dll
O22 - SharedTaskScheduler: Virtual Storage Mount Notification - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\SysWOW64\CbFsMntNtf3.dll
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Atheros Bt&Wlan Coex Agent - Atheros - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
O23 - Service: AtherosSvc - Atheros Commnucations - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - Unknown owner - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe (file missing)
O23 - Service: DCDhcpService - Atheros Communication Inc. - C:\Program Files\Sony\VAIO Smart Network\WFDA\DCDhcpService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: GFI LanGuard 10 Attendant Service (gfi_lanss10_attservice) - GFI Software Development Ltd. - C:\Program Files (x86)\GFI Software\VIPRE\LanGuard 10 Agent\lnssatt.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HitmanPro Scheduler (HitmanProScheduler) - SurfRight B.V. - C:\Program Files\HitmanPro\hmpsched.exe
O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: IconMan_R - Realsil Microelectronics Inc. - C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: SafeBox - Bitdefender - C:\Program Files\Bitdefender\Bitdefender SafeBox\safeboxservice.exe
O23 - Service: VAIO Care Performance Service (SampleCollector) - Sony Corporation - C:\Program Files\Sony\VAIO Care\VCPerfService.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: VIPRE Internet Security (SBAMSvc) - GFI Software - C:\Program Files (x86)\GFI Software\VIPRE\SBAMSvc.exe
O23 - Service: SB Recovery Service (SBPIMSvc) - GFI Software - C:\Program Files (x86)\GFI Software\VIPRE\SBPIMSvc.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: VAIO Content Importer (SOHCImp) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe
O23 - Service: VAIO Device Searcher (SOHDs) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe
O23 - Service: VAIO Entertainment Common Service (SpfService) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: CamMonitor (uCamMonitor) - ArcSoft, Inc. - C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel® Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
O23 - Service: Bitdefender Desktop Update Service (UPDATESRV) - Bitdefender - C:\Program Files\Bitdefender\Bitdefender 2013\updatesrv.exe
O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: VAIO Content Folder Watcher (VCFw) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
O23 - Service: VAIO Content Metadata Intelligent Analyzing Manager (VcmIAlzMgr) - Sony Corporation - C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
O23 - Service: VAIO Content Metadata Intelligent Network Service Manager (VcmINSMgr) - Sony Corporation - C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe
O23 - Service: VAIO Content Metadata XML Interface (VcmXmlIfHelper) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe
O23 - Service: VCService - Sony Corporation - C:\Program Files\Sony\VAIO Care\VCService.exe
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: VSNService - Sony Corporation - C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: Bitdefender Virus Shield (vsserv) - Bitdefender - C:\Program Files\Bitdefender\Bitdefender 2013\vsserv.exe
O23 - Service: VUAgent - Sony Corporation - C:\Program Files\Sony\VAIO Update\VUAgent.exe
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 16407 bytes



BC AdBot (Login to Remove)

 


#2 nasdaq

nasdaq

  • Malware Response Team
  • 40,159 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:05:05 AM

Posted 16 April 2013 - 09:32 AM

Hello, Welcome to BleepingComputer.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps.
===
HijackThis doesn't handle your version of Windows well. In your case I need to see a final DDS Log.
I suggest you remove HijackThis using the Add/Remove Programs list.


Please download and run this DDS Scanning Tool. Nothing will be deleted. It will just give me some additional information about your system.

Download DDS by sUBs from one of the following links, if you no longer have it available. Save it to your desktop.

1: DDS.scr (Not recommended if you use Chrome to download this .scr file. Use the other options.)
2: DDS.pif
3: DDS.COM

Double click on the DDS icon, allow it to run.
A small box will open, with an explanation about the tool. No input is needed, the scan is running.
Notepad will open with the results.
Follow the instructions that pop up for posting the results.
Please note: You may have to disable any script protection running if the scan fails to run.

dds_scr.gif

Please just paste the contents of the DDS.txt log in your next post. DO NOT attach the log.
===

Third party programs if not up to date can be the cause of infiltration an infection.

Please run this security check for my review.

Download Security Check by screen317 from here.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.
===

Search and delete the AdWare, PUP (Potentially Unwanted Program) installed on your computer.

Please download AdwCleaner by Xplode onto your Desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Delete tab follow the prompts.
  • A log file will automatically open after the scan has finished.
  • Please post the content of that log file with your next answer.
  • You can find the log file at C:\AdwCleaner[Rn].txt (n is a number).
Please paste the logs in your next reply, DO NOT ATTACH THEM
Let me know what problem persists.

#3 vkh21

vkh21
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:10:05 AM

Posted 16 April 2013 - 03:44 PM

Hi thanks for you help, here are the logs you requested :

 

 

 

 

 

DDS LOG:

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 10.0.9200.16537  BrowserJavaVersion: 1.6.0_43
Run by Vish at 20:59:21 on 2013-04-16
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.44.1033.18.8174.4776 [GMT 1:00]
.
AV: GFI Software VIPRE *Enabled/Updated* {E0D97DD4-42BA-B3F2-A5A7-22E9ACE81FC7}
AV: Bitdefender Antivirus *Disabled/Updated* {9B5F5313-CAF9-DD97-C460-E778420237B4}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: GFI Software VIPRE *Enabled/Updated* {5BB89C30-6480-BC7C-9F17-199BD76F557A}
SP: Bitdefender Antispyware *Disabled/Updated* {203EB2F7-ECC3-D219-FED0-DC0A39857D09}
FW: Bitdefender Firewall *Enabled* {A364D236-8096-DCCF-EF3F-4E4DBCD170CF}
FW: GFI Software VIPRE *Enabled* {D8E2FCF1-08D5-B2AA-8EF8-8BDC523B58BC}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Program Files\Bitdefender\Bitdefender 2013\vsserv.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Program Files\HitmanPro\hmpsched.exe
C:\Windows\system32\WLANExt.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\GFI Software\VIPRE\LanGuard 10 Agent\lnssatt.exe
C:\Program Files (x86)\GFI Software\VIPRE\SBPIMSvc.exe
C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Bitdefender\Bitdefender 2013\updatesrv.exe
C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
C:\Program Files\Bitdefender\Bitdefender SafeBox\safeboxservice.exe
C:\Windows\SysWOW64\DllHost.exe
C:\Windows\SysWOW64\DllHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Sony\VAIO Update\VUAgent.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files\Sony\VAIO Care\VCService.exe
C:\Windows\System32\vds.exe
C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\Sony\VAIO Smart Network\VSNClient.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent64.exe
C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
C:\Program Files\Apoint\Apoint.exe
C:\Program Files\Bitdefender\Bitdefender 2013\bdagent.exe
C:\Program Files\Apoint\ApMsgFwd.exe
C:\Program Files\Apoint\Apvfb.exe
C:\Program Files\Apoint\Apntex.exe
C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe
C:\Program Files\Sony\VAIO Care\VCsystray.exe
C:\Program Files\Sony\VAIO Care\VCAgent.exe
C:\Program Files (x86)\GFI Software\VIPRE\SBAMSvc.exe
C:\Program Files (x86)\GFI Software\VIPRE\LanGuard 10 Agent\Mantle.exe
C:\Program Files\Sony\VAIO Care\Admload.exe
C:\Program Files\Sony\VAIO Care\VCPerfService.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\PeerBlock\peerblock.exe
C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe
C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files (x86)\uTorrent\uTorrent.exe
C:\Program Files\Bitdefender\Bitdefender 2013\seccenter.exe
C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe
C:\Program Files\Sony\VAIO Care\listener.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\System32\WUDFHost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\Macromed\Flash\FlashUtil64_11_7_700_169_ActiveX.exe
C:\Windows\system32\msiexec.exe
C:\Windows\system32\vssvc.exe
C:\Windows\System32\svchost.exe -k swprv
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = about:blank
mStart Page = about:blank
uProxyOverride = <local>;*.local
mWinlogon: Userinit = userinit.exe
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
BHO: CIESpeechBHO Class: {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} -
TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
uRun: [KiesPreload] C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload
uRun: [KiesAirMessage] C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup
uRun: [] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
uRun: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
uRun: [AdobeBridge] <no file>
mRun: [IAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
mRun: [ISBMgr.exe] "C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe"
mRun: [SBAMTray] "C:\Program Files (x86)\GFI Software\VIPRE\SBAMTray.exe"
mRun: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
mRun: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
StartupFolder: C:\Users\Vish\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\Vish\AppData\Roaming\Dropbox\bin\Dropbox.exe
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: E&xport to Microsoft Excel - C:\PROGRA~1\MICROS~2\Office15\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\PROGRA~1\MICROS~2\Office15\ONBttnIE.dll/105
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print 2.0\smartprintsetup.exe
IE: {7815BE26-237D-41A8-A98F-F7BD75F71086} - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_43-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0043-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_43-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_43-windows-i586.cab
TCP: NameServer = 194.168.4.100 194.168.8.100
TCP: Interfaces\{D9A979E3-D0B1-43B3-8678-8071774677B2} : DHCPNameServer = 194.168.4.100 194.168.8.100
TCP: Interfaces\{D9A979E3-D0B1-43B3-8678-8071774677B2}\24C61636B6D2245627279702D4F62696C6560284F6473707F6470263631303 : DHCPNameServer = 10.0.0.2 10.0.0.3
TCP: Interfaces\{D9A979E3-D0B1-43B3-8678-8071774677B2}\5616374736F6163747D277966696 : DHCPNameServer = 10.101.0.1
TCP: Interfaces\{D9A979E3-D0B1-43B3-8678-8071774677B2}\9556C6C6F6773747F6E656 : DHCPNameServer = 10.0.0.2
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
SSODL: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\SysWOW64\CbFsMntNtf3.dll
STS: Virtual Storage Mount Notification - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\SysWOW64\CbFsMntNtf3.dll
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-mStart Page = about:blank
x64-BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
x64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-Run: [cAudioFilterAgent] C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe
x64-Run: [AtherosBtStack] "C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
x64-Run: [AthBtTray] "C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe"
x64-Run: [Apoint] C:\Program Files (x86)\Apoint\Apoint.exe
x64-Run: [SBRegRebootCleaner] "C:\Program Files (x86)\GFI Software\VIPRE\SBRC.exe"
x64-Run: [Bdagent] C:\Program Files\Bitdefender\Bitdefender 2013\bdagent.exe
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
x64-SSODL: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\System32\CbFsMntNtf3.dll
x64-STS: Virtual Storage Mount Notification - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\System32\CbFsMntNtf3.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Vish\AppData\Roaming\Mozilla\Firefox\Profiles\oeam0wc1.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/
FF - plugin: C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Users\Vish\AppData\Local\Roblox\Versions\version-5e6923568ada47d7\NPRobloxProxy.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_135.dll
FF - plugin: C:\Windows\SysWOW64\npdeployJava1.dll
FF - plugin: C:\Windows\SysWOW64\npmproxy.dll
FF - ExtSQL: 2013-03-11 19:24; {CAFEEFAC-0016-0000-0043-ABCDEFFEDCBA}; C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0043-ABCDEFFEDCBA}
.
============= SERVICES / DRIVERS ===============
.
R0 avc3;avc3;C:\Windows\System32\drivers\avc3.sys [2013-4-12 707528]
R1 BdfNdisf;BitDefender Firewall NDIS 6 Filter Driver;C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfndisf6.sys [2013-4-12 93160]
R1 bdfwfpf;bdfwfpf;C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [2013-4-12 103504]
R1 BDVEDISK;BDVEDISK;C:\Windows\System32\drivers\bdvedisk.sys [2013-4-12 76944]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\Windows\System32\drivers\dtsoftbus01.sys [2012-9-8 283200]
R1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2011-7-22 14928]
R1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2011-7-12 12368]
R1 SbFw;SbFw;C:\Windows\System32\drivers\SbFw.sys [2012-9-7 258848]
R2 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCore64.exe [2012-7-11 140672]
R2 Atheros Bt&Wlan Coex Agent;Atheros Bt&Wlan Coex Agent;C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [2011-4-29 146592]
R2 AtherosSvc;AtherosSvc;C:\Program Files (x86)\Bluetooth Suite\AdminService.exe [2011-4-29 91296]
R2 gfi_lanss10_attservice;GFI LanGuard 10 Attendant Service;C:\Program Files (x86)\GFI Software\VIPRE\LanGuard 10 Agent\lnssatt.exe [2012-9-12 115568]
R2 HitmanProScheduler;HitmanPro Scheduler;C:\Program Files\HitmanPro\hmpsched.exe [2012-9-7 108392]
R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2012-9-7 13336]
R2 IconMan_R;IconMan_R;C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2013-3-12 2429544]
R2 SafeBox;SafeBox;C:\Program Files\Bitdefender\Bitdefender Safebox\safeboxservice.exe [2013-4-12 95184]
R2 SampleCollector;VAIO Care Performance Service;C:\Program Files\Sony\VAIO Care\VCPerfService.exe [2012-9-8 259192]
R2 SBAMSvc;VIPRE Internet Security;C:\Program Files (x86)\GFI Software\VIPRE\SBAMSvc.exe [2012-9-20 3677000]
R2 sbapifs;sbapifs;C:\Windows\System32\drivers\sbapifs.sys [2012-9-12 82872]
R2 SBPIMSvc;SB Recovery Service;C:\Program Files (x86)\GFI Software\VIPRE\SBPIMSvc.exe [2012-9-20 175496]
R2 uCamMonitor;CamMonitor;C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [2012-9-7 105024]
R2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2012-9-7 2656280]
R2 UPDATESRV;Bitdefender Desktop Update Service;C:\Program Files\Bitdefender\Bitdefender 2013\updatesrv.exe [2013-4-12 68856]
R2 VSNService;VSNService;C:\Program Files\Sony\VAIO Smart Network\VSNService.exe [2012-9-8 971704]
R3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect;C:\Windows\System32\drivers\ArcSoftKsUFilter.sys [2012-9-7 19968]
R3 avchv;avchv Function Driver;C:\Windows\System32\drivers\avchv.sys [2013-4-12 261056]
R3 BTATH_BUS;Atheros Bluetooth Bus;C:\Windows\System32\drivers\btath_bus.sys [2011-4-29 29344]
R3 cbfs3;EldoS Callback File System driver v3;C:\Windows\System32\drivers\cbfs3.sys [2012-9-7 352144]
R3 gzflt;gzflt;C:\Windows\System32\drivers\gzflt.sys [2013-4-12 147232]
R3 pbfilter;pbfilter;C:\Program Files\PeerBlock\pbfilter.sys [2013-4-15 24176]
R3 RSPCIESTOR;Realtek PCIE CardReader Driver;C:\Windows\System32\drivers\RtsPStor.sys [2012-9-7 340072]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2011-3-29 425064]
R3 SBFWIMCL;Sunbelt Software Firewall NDIS IM Filter Miniport;C:\Windows\System32\drivers\SbFwIm.sys [2012-9-7 120064]
R3 sbwtis;sbwtis;C:\Windows\System32\drivers\sbwtis.sys [2012-9-20 86816]
R3 SFEP;Sony Firmware Extension Parser;C:\Windows\System32\drivers\SFEP.sys [2010-6-2 12032]
R3 VCService;VCService;C:\Program Files\Sony\VAIO Care\VCService.exe [2012-9-8 44736]
R3 VUAgent;VUAgent;C:\Program Files\Sony\VAIO Update\VUAgent.exe [2013-3-12 1286784]
R3 WsAudio_DeviceS(1);WsAudio_DeviceS(1);C:\Windows\System32\drivers\WsAudio_DeviceS(1).sys [2013-3-5 29288]
R3 WsAudio_DeviceS(2);WsAudio_DeviceS(2);C:\Windows\System32\drivers\WsAudio_DeviceS(2).sys [2013-3-5 29288]
R3 WsAudio_DeviceS(3);WsAudio_DeviceS(3);C:\Windows\System32\drivers\WsAudio_DeviceS(3).sys [2013-3-5 29288]
R3 WsAudio_DeviceS(4);WsAudio_DeviceS(4);C:\Windows\System32\drivers\WsAudio_DeviceS(4).sys [2013-3-5 29288]
R3 WsAudio_DeviceS(5);WsAudio_DeviceS(5);C:\Windows\System32\drivers\WsAudio_DeviceS(5).sys [2013-3-5 29288]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-4-7 418376]
S2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-4-7 701512]
S2 SBSDWSCService;SBSD Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2013-4-15 1153368]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-2-28 161384]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-2-9 383264]
S3 AirDisplay;Air Display Support;C:\Windows\System32\drivers\AVVideoCard.sys [2012-9-24 15808]
S3 AirDisplayMirror;Air Display Mirror Support;C:\Windows\System32\drivers\AVVideoCardMirror.sys [2012-9-24 15808]
S3 AthBTPort;Atheros Virtual Bluetooth Class;C:\Windows\System32\drivers\btath_flt.sys [2011-4-29 36000]
S3 avckf;avckf;C:\Windows\System32\drivers\avckf.sys [2013-4-12 589000]
S3 BBSvc;Bing Bar Update Service;C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-3-1 183560]
S3 BDSandBox;BDSandBox;C:\Windows\System32\drivers\bdsandbox.sys [2013-4-12 82384]
S3 BTATH_A2DP;Bluetooth A2DP Audio Driver;C:\Windows\System32\drivers\btath_a2dp.sys [2011-4-29 259232]
S3 btath_avdt;Atheros Bluetooth AVDT Service;C:\Windows\System32\drivers\btath_avdt.sys [2011-4-29 109216]
S3 BTATH_HCRP;Bluetooth HCRP Server driver;C:\Windows\System32\drivers\btath_hcrp.sys [2011-4-29 166048]
S3 BTATH_LWFLT;Bluetooth LWFLT Device;C:\Windows\System32\drivers\btath_lwflt.sys [2011-4-29 59040]
S3 BTATH_RCP;Bluetooth AVRCP Device;C:\Windows\System32\drivers\btath_rcp.sys [2011-4-29 283296]
S3 BtFilter;BtFilter;C:\Windows\System32\drivers\btfilter.sys [2011-4-29 288416]
S3 DCDhcpService;DCDhcpService;C:\Program Files\Sony\VAIO Smart Network\WFDA\DCDhcpService.exe [2012-9-8 104096]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);C:\Windows\System32\drivers\ssudbus.sys [2013-4-8 102936]
S3 e1yexpress;Intel® Gigabit Network Connections Driver;C:\Windows\System32\drivers\e1y60x64.sys [2009-6-10 281088]
S3 FsUsbExDisk;FsUsbExDisk;C:\Windows\SysWOW64\FsUsbExDisk.Sys [2013-2-21 37344]
S3 gfiark;gfiark;C:\Windows\System32\drivers\gfiark.sys [2012-11-13 38456]
S3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2013-4-7 25928]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2012-10-26 19456]
S3 SBFWIMCLMP;GFI Software Firewall NDIS IM Filter Miniport;C:\Windows\System32\drivers\SbFwIm.sys [2012-9-7 120064]
S3 SbHips;SbHips;C:\Windows\System32\drivers\sbhips.sys [2012-9-8 61216]
S3 SOHCImp;VAIO Content Importer;C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe [2011-2-21 113824]
S3 SOHDs;VAIO Device Searcher;C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe [2011-2-21 67232]
S3 SpfService;VAIO Entertainment Common Service;C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe [2011-12-1 289952]
S3 ssudmdm;SAMSUNG  Mobile USB Modem Drivers (DEVGURU Ver.);C:\Windows\System32\drivers\ssudmdm.sys [2013-4-8 203544]
S3 SwitchBoard;SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2012-10-26 57856]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2012-10-26 30208]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-9-28 53760]
S3 VCFw;VAIO Content Folder Watcher;C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [2011-12-29 960160]
S3 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [2011-12-21 550128]
S3 VcmINSMgr;VAIO Content Metadata Intelligent Network Service Manager;C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe [2011-2-18 385336]
S3 VcmXmlIfHelper;VAIO Content Metadata XML Interface;C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe [2011-8-26 101600]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2012-9-7 1255736]
S3 WDC_SAM;WD SCSI Pass Thru driver;C:\Windows\System32\drivers\wdcsam64.sys [2008-5-6 14464]
S3 WinRing0_1_2_0;WinRing0_1_2_0;C:\Program Files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys [2012-9-7 14544]
S4 BdDesktopParental;Bitdefender Desktop Parental Control;C:\Program Files\Bitdefender\Bitdefender 2013\bdparentalservice.exe [2013-4-12 69392]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
.
=============== Created Last 30 ================
.
2013-04-15 19:55:21 -------- d-----w- C:\Program Files (x86)\Common Files\Symantec Shared
2013-04-15 19:53:29 -------- d-----w- C:\ProgramData\Symantec
2013-04-15 19:53:25 -------- d-----w- C:\Windows\System32\drivers\NSSx64\0307060.005
2013-04-15 19:53:25 -------- d-----w- C:\Windows\System32\drivers\NSSx64
2013-04-15 19:53:25 -------- d-----w- C:\ProgramData\Norton
2013-04-15 19:53:25 -------- d-----w- C:\Program Files (x86)\Norton Security Scan
2013-04-15 19:53:15 -------- d-----w- C:\ProgramData\NortonInstaller
2013-04-15 19:53:15 -------- d-----w- C:\Program Files (x86)\NortonInstaller
2013-04-15 19:24:10 -------- d-----w- C:\ProgramData\Spybot - Search & Destroy
2013-04-15 19:24:10 -------- d-----w- C:\Program Files (x86)\Spybot - Search & Destroy
2013-04-15 19:18:40 -------- d-----w- C:\Program Files (x86)\Trend Micro
2013-04-15 17:14:05 -------- d-----w- C:\Program Files\PeerBlock
2013-04-15 12:19:14 -------- d-----w- C:\Users\Vish\AppData\Local\{DA8A961D-0787-4855-B93B-50BBD2FA1F1F}
2013-04-15 11:27:24 -------- d-----w- C:\Users\Vish\Gone Girl By Gillian Flynn
2013-04-15 11:27:22 -------- d-----w- C:\Users\Vish\The Fault in Our Stars - John Green
2013-04-13 21:15:31 -------- d-----w- C:\Users\Vish\The 100-Year-Old Man Who Climbed Out the Window and Disappeared by Jonas Jonasson (epub, mobi)
2013-04-13 11:06:30 -------- d-----w- C:\Users\Vish\AppData\Local\{50032B50-704B-4E40-83E4-618A6C575F88}
2013-04-12 23:34:36 -------- d-----w- C:\Users\Vish\Suzanne Collins- The Hunger Games Trilogy(MOBI-EPUB-PDF)[Team Nanban][TPB]
2013-04-12 22:50:03 -------- d-----w- C:\ProgramData\bdch
2013-04-12 22:48:48 -------- d-----w- C:\Users\Vish\AppData\Local\vkh21
2013-04-12 22:32:17 -------- d-----w- C:\Users\Vish\AppData\Roaming\liQeNSoft
2013-04-12 22:28:24 2422645 ----a-w- C:\ProgramData\1365805372.bdinstall.bin
2013-04-12 22:26:55 -------- d-----w- C:\ProgramData\BDLogging
2013-04-12 22:26:51 76944 ------w- C:\Windows\System32\drivers\bdvedisk.sys
2013-04-12 22:26:46 90192 ----a-w- C:\Windows\System32\drivers\BdfNdisf6.sys
2013-04-12 22:26:46 82384 ------w- C:\Windows\System32\drivers\bdsandbox.sys
2013-04-12 22:26:46 511328 ----a-w- C:\Windows\capicom.dll
2013-04-12 22:26:42 1721576 ----a-w- C:\Windows\System32\WdfCoInstaller01009.dll
2013-04-12 22:26:38 589000 ------w- C:\Windows\System32\drivers\avckf.sys
2013-04-12 22:26:38 261056 ------w- C:\Windows\System32\drivers\avchv.sys
2013-04-12 22:26:36 707528 ------w- C:\Windows\System32\drivers\avc3.sys
2013-04-12 22:26:35 -------- d-----w- C:\Users\Vish\AppData\Roaming\Bitdefender
2013-04-12 22:26:30 -------- d-----w- C:\ProgramData\Bitdefender
2013-04-12 22:22:57 147232 ------w- C:\Windows\System32\drivers\gzflt.sys
2013-04-12 22:22:56 350160 ------w- C:\Windows\System32\drivers\trufos.sys
2013-04-12 22:19:10 49834 ----a-w- C:\ProgramData\1365805145.bdinstall.bin
2013-04-12 22:18:49 502 ----a-w- C:\ProgramData\1365805127.bdinstall.bin
2013-04-12 22:18:26 220040 ----a-w- C:\ProgramData\1365805094.bdinstall.bin
2013-04-12 22:18:25 -------- d-----w- C:\Program Files\Bitdefender
2013-04-12 22:12:31 59105 ----a-w- C:\ProgramData\1365804751.7672.bin
2013-04-12 22:10:02 49834 ----a-w- C:\ProgramData\1365804600.bdinstall.bin
2013-04-12 22:09:35 49834 ----a-w- C:\ProgramData\1365804571.bdinstall.bin
2013-04-12 21:54:26 57691 ----a-w- C:\ProgramData\1365803666.6896.bin
2013-04-12 21:54:05 237041 ----a-w- C:\ProgramData\1365803524.bdinstall.bin
2013-04-12 21:52:48 -------- d-----w- C:\Users\Vish\AppData\Roaming\QuickScan
2013-04-12 21:51:32 77426 ----a-w- C:\ProgramData\1365803487.bdinstall.bin
2013-04-12 21:35:31 389 ----a-w- C:\ProgramData\1365802531.2016.bin
2013-04-12 21:35:08 223658 ----a-w- C:\ProgramData\1365802493.bdinstall.bin
2013-04-12 21:30:05 49834 ----a-w- C:\ProgramData\1365802197.bdinstall.bin
2013-04-12 21:29:24 217921 ----a-w- C:\ProgramData\1365802133.bdinstall.bin
2013-04-12 21:27:59 77426 ----a-w- C:\ProgramData\1365802069.bdinstall.bin
2013-04-12 21:27:28 77426 ----a-w- C:\ProgramData\1365802040.bdinstall.bin
2013-04-12 21:20:26 49834 ----a-w- C:\ProgramData\1365801416.bdinstall.bin
2013-04-12 21:14:07 -------- d-----w- C:\Users\Vish\dads videos
2013-04-12 21:13:10 207964 ----a-w- C:\ProgramData\1365801152.bdinstall.bin
2013-04-12 21:08:19 -------- d-----w- C:\Users\Vish\AppData\Local\liQeNSoft
2013-04-12 21:04:48 -------- d-----w- C:\Users\Vish\AppData\Local\{27A9BC31-5C53-45BB-A9CC-5C1FBE24138C}
2013-04-12 21:00:15 49834 ----a-w- C:\ProgramData\1365800409.bdinstall.bin
2013-04-12 20:59:58 261141 ----a-w- C:\ProgramData\1365800320.bdinstall.bin
2013-04-12 20:58:34 -------- d-----w- C:\Program Files\Common Files\Bitdefender
2013-04-12 20:06:09 -------- d-----w- C:\Users\Vish\Microsoft Office Professional Plus 2013
2013-04-12 19:55:44 -------- d-----w- C:\Users\Vish\Microsoft.Office.2013.Professional.Plus.x86.x64.+.Keys
2013-04-12 09:04:03 -------- d-----w- C:\Users\Vish\AppData\Local\{D2F3DAAA-708D-4F87-A72E-B2AD5864458A}
2013-04-11 21:57:42 -------- d-----w- C:\Users\Vish\[ www.Torrenting.com ] - New.Girl.S02E22.720p.HDTV.X264-DIMENSION
2013-04-11 21:03:39 -------- d-----w- C:\Users\Vish\AppData\Local\{3809B63C-A49F-4598-B903-0E447C631545}
2013-04-10 20:59:38 3153408 ----a-w- C:\Windows\System32\win32k.sys
2013-04-10 20:59:38 1655656 ----a-w- C:\Windows\System32\drivers\ntfs.sys
2013-04-10 20:59:35 223752 ----a-w- C:\Windows\System32\drivers\fvevol.sys
2013-04-10 20:59:32 5550424 ----a-w- C:\Windows\System32\ntoskrnl.exe
2013-04-10 20:59:29 3968856 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2013-04-10 20:59:29 3913560 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2013-04-10 20:59:28 43520 ----a-w- C:\Windows\System32\csrsrv.dll
2013-04-10 20:59:28 112640 ----a-w- C:\Windows\System32\smss.exe
2013-04-10 20:59:27 6656 ----a-w- C:\Windows\SysWow64\apisetschema.dll
2013-04-10 19:01:52 -------- d-----w- C:\Users\Vish\AppData\Local\{CA67EDD0-C39F-4FE7-88A3-03DA556767DC}
2013-04-09 11:26:57 -------- d-----w- C:\Users\Vish\AppData\Local\{1BAE887C-3239-4597-8572-86E2EC815AA3}
2013-04-08 22:11:49 -------- d-----w- C:\Users\Vish\Doctor Who eBooks (epub and mobi)
2013-04-08 21:40:40 -------- d-----w- C:\Users\Vish\10th Doctor
2013-04-08 18:38:42 -------- d-----w- C:\Users\Vish\AppData\Roaming\Doctor Who - The Gunpowder Plot
2013-04-08 18:38:05 -------- d-----w- C:\Users\Vish\AppData\Local\Doctor Who - The Gunpowder Plot
2013-04-08 17:07:03 -------- d-----w- C:\Program Files (x86)\Doctor Who - The Gunpowder Plot
2013-04-08 10:03:46 -------- d-----w- C:\Program Files\SUPERAntiSpyware
2013-04-08 09:44:31 203544 ------w- C:\Windows\System32\drivers\ssudmdm.sys
2013-04-08 09:44:31 102936 ------w- C:\Windows\System32\drivers\ssudbus.sys
2013-04-08 09:38:09 -------- d-----w- C:\Users\Vish\AppData\Local\{962A4762-7337-42D1-A11B-DDC6A8833B03}
2013-04-07 19:58:24 25928 ------w- C:\Windows\System32\drivers\mbam.sys
2013-04-07 19:58:24 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-04-07 16:35:13 -------- d-----w- C:\Users\Vish\AppData\Local\{63939C87-B235-40F4-AC1C-F920DA2EC55A}
2013-04-07 14:10:48 -------- d-----w- C:\Users\Vish\AppData\Roaming\LocalAPK
2013-04-07 14:10:42 -------- d-----w- C:\Program Files\LocalAPK
2013-04-06 13:35:14 -------- d-----w- C:\Users\Vish\AppData\Local\{971FFC03-65A5-4988-A844-B0476243AAF4}
2013-04-05 23:05:55 -------- d-----w- C:\ProgramData\CPA_VA
2013-04-05 22:57:48 -------- d-----w- C:\found.000
2013-04-05 22:46:20 -------- d-----w- C:\ProgramData\Comodo
2013-04-05 22:46:18 -------- d-----w- C:\Program Files\COMODO
2013-04-05 22:46:06 -------- d-----w- C:\Program Files (x86)\Comodo
2013-04-05 22:46:05 1700352 ----a-w- C:\Windows\SysWow64\gdiplus.dll
2013-04-05 22:46:05 1060864 ----a-w- C:\Windows\SysWow64\mfc71.dll
2013-04-05 21:45:41 798773 ------w- C:\Windows\SysWow64\MFCO42D.DLL
2013-04-05 21:45:41 516173 ------w- C:\Windows\SysWow64\MSVCP60D.DLL
2013-04-05 21:45:41 385100 ------w- C:\Windows\SysWow64\MSVCRTD.DLL
2013-04-05 21:45:41 -------- d-----w- C:\Program Files (x86)\directx
2013-04-05 21:45:40 929844 ------w- C:\Windows\SysWow64\MFC42D.DLL
2013-04-05 21:45:15 306688 ----a-w- C:\Windows\IsUninst.exe
2013-04-05 20:04:14 -------- d-----w- C:\Users\Vish\AppData\Local\{7052661F-ADEB-43C3-A429-7E1F996F0E42}
2013-04-03 19:40:48 -------- d-----w- C:\Users\Vish\AppData\Local\{73E9873B-BA8B-4CEE-95E7-54D4314E4E78}
2013-04-02 11:14:03 -------- d-----w- C:\Users\Vish\AppData\Local\{76316668-6A6C-4167-BBD5-6E2456E20C60}
2013-03-31 17:13:55 -------- d-----w- C:\Windows\Hewlett-Packard
2013-03-30 22:43:12 -------- d-----w- C:\Users\Vish\AppData\Local\{81ACD4AE-5727-4737-9AE9-59A4EB05C24B}
2013-03-29 22:25:02 -------- dc----w- C:\Users\Vish\AppData\Local\MigWiz
2013-03-28 21:05:57 65032 ----a-w- C:\Windows\SysWow64\XAPOFX1_0.dll
2013-03-28 21:05:57 511496 ----a-w- C:\Windows\System32\XAudio2_1.dll
2013-03-28 21:05:56 25608 ----a-w- C:\Windows\SysWow64\X3DAudio1_4.dll
2013-03-28 21:05:56 177672 ----a-w- C:\Windows\System32\xactengine3_1.dll
2013-03-28 21:05:46 2006552 ----a-w- C:\Windows\System32\D3DCompiler_36.dll
2013-03-28 21:05:31 237848 ----a-w- C:\Windows\SysWow64\xactengine2_4.dll
2013-03-28 21:05:29 363288 ----a-w- C:\Windows\System32\xactengine2_3.dll
2013-03-28 19:32:30 -------- d-----w- C:\steamapps
2013-03-28 19:32:28 -------- d-----w- C:\ProgramData\Steam
2013-03-26 18:44:05 -------- d-----w- C:\Users\Vish\AppData\Local\{7B0ECE1D-B6D2-43B1-AA45-410498639F0A}
2013-03-25 18:31:04 -------- d-----w- C:\ProgramData\xml_param
2013-03-24 17:32:58 -------- d-----w- C:\Program Files (x86)\Dotjosh Studios
2013-03-24 16:21:42 -------- d-----w- C:\ProgramData\Visan
2013-03-24 16:21:42 -------- d-----w- C:\ProgramData\HP Photo Creations
2013-03-24 16:21:42 -------- d-----w- C:\Program Files (x86)\HP Photo Creations
2013-03-24 16:20:55 -------- d-----w- C:\Users\Vish\AppData\Roaming\HpUpdate
2013-03-24 16:20:11 741480 ------w- C:\Windows\System32\HPDiscoPMB011.dll
2013-03-24 16:18:28 -------- d-----w- C:\Program Files (x86)\HP
2013-03-24 16:15:04 -------- d-----w- C:\Program Files\HP
2013-03-24 16:11:30 -------- d-----w- C:\Users\Vish\AppData\Local\HP
2013-03-24 12:07:58 28168 ----a-w- C:\Windows\System32\X3DAudio1_3.dll
2013-03-24 12:06:32 3767504 ----a-w- C:\Windows\System32\d3dx9_26.dll
2013-03-23 22:46:40 -------- d-----w- C:\ProgramData\Bohemia Interactive Studio
2013-03-23 22:46:36 -------- d-----w- C:\Program Files (x86)\ArmA 2
2013-03-23 22:07:45 -------- d-----w- C:\Users\Vish\AppData\Roaming\Play withSIX
2013-03-23 22:07:43 -------- d-----w- C:\Users\Vish\AppData\Local\IsolatedStorage
2013-03-23 22:07:23 -------- d-----w- C:\Program Files (x86)\SIX Networks
2013-03-23 20:54:08 -------- d-----w- C:\Program Files (x86)\Steam
2013-03-23 17:12:17 -------- d-----w- C:\Users\Vish\AppData\Local\THQ
2013-03-23 11:56:50 -------- d-----w- C:\Users\Vish\AppData\Local\{795E94E9-4A69-43E6-A4C0-4C861AB634F4}
2013-03-22 16:02:03 -------- d-----w- C:\Users\Vish\AppData\Local\{513BD0A9-8996-454F-BA97-8E87439DE69F}
2013-03-21 20:02:52 -------- d-----w- C:\Users\Vish\AppData\Local\{0A4AC1F7-5D0D-43EA-BE50-D63D35350856}
2013-03-20 22:12:58 2284544 ----a-w- C:\Windows\SysWow64\msmpeg2vdec.dll
2013-03-20 22:10:47 19968 ----a-w- C:\Windows\System32\drivers\usb8023x.sys
2013-03-20 22:10:47 19968 ----a-w- C:\Windows\System32\drivers\usb8023.sys
2013-03-20 20:01:03 -------- d-----w- C:\Program Files (x86)\ATITool
2013-03-19 17:53:17 -------- d-----w- C:\Users\Vish\AppData\Local\{E085F9DB-8636-408A-97A2-0F97D48D242E}
.
==================== Find3M  ====================
.
2013-04-12 20:00:53 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2013-04-12 08:00:23 691592 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2013-03-11 20:08:36 108448 ----a-w- C:\Windows\System32\WindowsAccessBridge-64.dll
2013-03-11 20:08:35 963488 ----a-w- C:\Windows\System32\deployJava1.dll
2013-03-11 20:08:35 1085344 ----a-w- C:\Windows\System32\npdeployJava1.dll
2013-03-11 19:24:47 477616 ----a-w- C:\Windows\SysWow64\npdeployJava1.dll
2013-03-11 19:24:47 473520 ----a-w- C:\Windows\SysWow64\deployJava1.dll
2013-02-21 10:30:16 1766912 ----a-w- C:\Windows\SysWow64\wininet.dll
2013-02-21 10:29:39 2877440 ----a-w- C:\Windows\SysWow64\jscript9.dll
2013-02-21 10:29:37 61440 ----a-w- C:\Windows\SysWow64\iesetup.dll
2013-02-21 10:29:37 109056 ----a-w- C:\Windows\SysWow64\iesysprep.dll
2013-02-21 10:15:07 2240512 ----a-w- C:\Windows\System32\wininet.dll
2013-02-21 10:14:09 3958784 ----a-w- C:\Windows\System32\jscript9.dll
2013-02-21 10:14:05 67072 ----a-w- C:\Windows\System32\iesetup.dll
2013-02-21 10:14:05 136704 ----a-w- C:\Windows\System32\iesysprep.dll
2013-02-19 12:01:03 2706432 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2013-02-19 11:42:14 2706432 ----a-w- C:\Windows\System32\mshtml.tlb
2013-02-19 11:10:53 71680 ----a-w- C:\Windows\SysWow64\RegisterIEPKEYs.exe
2013-02-19 10:51:18 89600 ----a-w- C:\Windows\System32\RegisterIEPKEYs.exe
2013-02-17 23:05:06 1396346733 ----a-w- C:\Users\Vish\Adobe Photoshop CS6 Extended.exe
2013-02-12 05:45:24 135168 ----a-w- C:\Windows\apppatch\AppPatch64\AcXtrnal.dll
2013-02-12 05:45:22 350208 ----a-w- C:\Windows\apppatch\AppPatch64\AcLayers.dll
2013-02-12 05:45:22 308736 ----a-w- C:\Windows\apppatch\AppPatch64\AcGenral.dll
2013-02-12 05:45:22 111104 ----a-w- C:\Windows\apppatch\AppPatch64\acspecfc.dll
2013-02-12 04:48:31 474112 ----a-w- C:\Windows\apppatch\AcSpecfc.dll
2013-02-12 04:48:26 2176512 ----a-w- C:\Windows\apppatch\AcGenral.dll
2013-02-11 11:28:41 38456 ------w- C:\Windows\System32\drivers\gfiark.sys
2013-02-10 01:04:31 6393120 ----a-w- C:\Windows\System32\nvcpl.dll
2013-02-10 01:04:31 3472672 ----a-w- C:\Windows\System32\nvsvc64.dll
2013-02-10 01:04:29 877856 ------w- C:\Windows\System32\nvvsvc.exe
2013-02-10 01:04:29 63776 ----a-w- C:\Windows\System32\nvshext.dll
2013-02-10 01:04:29 2555680 ----a-w- C:\Windows\System32\nvsvcr.dll
2013-02-10 01:04:29 237856 ----a-w- C:\Windows\System32\nvmctray.dll
2013-02-09 18:43:52 555808 ----a-w- C:\Windows\SysWow64\nvStreaming.exe
2013-02-05 08:54:40 37344 ------w- C:\Windows\SysWow64\FsUsbExDisk.Sys
2013-02-05 08:54:40 233472 ----a-w- C:\Windows\SysWow64\FsUsbExService.Exe
.
============= FINISH: 20:59:56.96 ===============
 

Security check log:

 Results of screen317's Security Check version 0.99.62 
 Windows 7 Service Pack 1 x64 (UAC is enabled) 
 Internet Explorer 9 
``````````````Antivirus/Firewall Check:``````````````
 Windows Firewall Disabled! 
GFI Software VIPRE     
Bitdefender Antivirus  
 Antivirus up to date!  
`````````Anti-malware/Other Utilities Check:`````````
 Spybot - Search & Destroy
 Malwarebytes Anti-Malware version 1.75.0.1300 
 Java™ 6 Update 43 
 Java version out of Date!
 Adobe Flash Player 11.7.700.169 
 Adobe Reader 10.1.6 Adobe Reader out of Date! 
 Mozilla Firefox 17.0.1 Firefox out of Date! 
 Google Chrome 26.0.1410.43 
 Google Chrome 26.0.1410.64 
````````Process Check: objlist.exe by Laurent```````` 
 Malwarebytes Anti-Malware mbamservice.exe 
 Malwarebytes Anti-Malware mbamgui.exe 
 Malwarebytes' Anti-Malware mbamscheduler.exe  
 Bitdefender Bitdefender 2013 vsserv.exe 
 Bitdefender Bitdefender 2013 bdagent.exe 
 Bitdefender Bitdefender 2013 updatesrv.exe 
 Bitdefender Bitdefender SafeBox safeboxservice.exe 
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C: 2%
````````````````````End of Log``````````````````````
 

 

 

 

 

 

 

 

 

 

 

 

 

===============================================================

 

 

 

ADWCLEANER LOG:

# AdwCleaner v2.200 - Logfile created 04/16/2013 at 21:20:25
# Updated 02/04/2013 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : Vish - VISH-VAIO
# Boot Mode : Normal
# Running from : C:\Users\Vish\Downloads\adwcleaner (1).exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

Folder Deleted : C:\Users\Vish\AppData\Local\Ilivid Player

***** [Registry] *****

Key Deleted : HKCU\Software\Softonic
Key Deleted : HKLM\SOFTWARE\Classes\Applications\ilividsetupv1.exe
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\iLividSetupV1_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\iLividSetupV1_RASMANCS
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{7D86A08B-0A8F-4BE0-B693-F05E6947E780}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}

***** [Internet Browsers] *****

-\\ Internet Explorer v10.0.9200.16537

[OK] Registry is clean.

-\\ Mozilla Firefox v17.0.1 (en-US)

File : C:\Users\Vish\AppData\Roaming\Mozilla\Firefox\Profiles\oeam0wc1.default\prefs.js

[OK] File is clean.

-\\ Google Chrome v26.0.1410.64

File : C:\Users\Vish\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[S1].txt - [1676 octets] - [16/04/2013 21:20:25]

########## EOF - C:\AdwCleaner[S1].txt - [1736 octets] ##########

 

 

 

 

Thanks in advance for the virus help


Edited by vkh21, 16 April 2013 - 03:44 PM.


#4 nasdaq

nasdaq

  • Malware Response Team
  • 40,159 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:05:05 AM

Posted 17 April 2013 - 09:26 AM

Secure your system by updating 3rd party programs.

Your version of Java is outdated and needs to be updated to take advantage of fixes that have eliminated security vulnerabilities.

Be careful not to install malware posing as Java update!
Important read this blog.
http://blog.trendmicro.com/trendlabs-security-intelligence/malware-poses-as-an-update-for-java-0-day-fix/

Quoted from the page.
"In light of the recent events surrounding Java, users must seriously consider their use of Java. Do they really need it? If yes, make sure that users follow the steps we recommended and get the security update directly from the official oracle website." at:
http://www.oracle.com/technetwork/java/javase/downloads/index.html

How to disable Java in your browsers
http://www.infoworld.com/t/web-browsers/how-disable-java-in-your-browsers-210882

You can manually check your present version and update as recommended.
https://www.java.com/en/download/installed.jsp

If present remove the old version(s) of Java using the Add/Remove Programs applet.

Java 6 Update 43

Note
Java security update installs Ask Toolbar by default -- a single click in a multi-step installer.
http://www.benedelman.org/images/iac-jan13/ask-iac-011613-small.png
I suggest that your un-check the box "Install the Ask Toolbar" before proceeding.
===

Get the latest version of the Adobe Reader.
http://get.adobe.com/reader/
Before your download I suggest you unckeck the box on the top right "Yes, install McAfee Security Scan Plus - optional" this is not required if you are not a McAfee subscriber. While the installation is in progress you can also deny the installation of any other programs that may be suggested.

When installed remove your old version of the Reader using the Add/Remove Programs applet if present.
===

thisisujrt.gif Please download
Junkware Removal Tool to your Desktop.
  • Please close your security software to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista or 7, right-mouse click it and select Run as administrator.
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete, depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your Desktop and will automatically open.
  • Please post the contents of JRT.txt into your reply.
  • ===

    Please download ComboFix from any of the links below, and save it to your desktop. For information regarding this download, please visit this web page: http://www.bleepingcomputer.com/combofix/how-to-use-combofix

    Link 1
    Link 2

    * IMPORTANT !!! Save ComboFix.exe to your Desktop

    IMPORTANT....

    1. Close any open browsers.

    2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

    3. Do not install any other programs until this if fixed.


    How to : Disable Anti-virus and Firewall...
    http://www.bleepingcomputer.com/forums/topic114351.html

    Double click on ComboFix.exe & follow the prompts.
    • When finished, it will produce a report for you.
    • Please post the C:\ComboFix.txt
    Note:
    Do not mouse click ComboFix's window while it's running. That may cause it to stall


    Note: If you have difficulty properly disabling your protective programs, refer to this link --> http://www.bleepingcomputer.com/forums/topic114351.html

    Note: If after running ComboFix you get this error message "Illegal operation attempted on a registry key that has been marked for deletion." when attempting to run a program all you need to do is restart the computer to reset the registry.
    ==============

    Please post the logs and let me know what problem persists.


#5 vkh21

vkh21
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:10:05 AM

Posted 17 April 2013 - 02:47 PM

okay will try that also just thought id add viper internet security blocked this and says what was trying to use it I don't know if it any help but the temp files stopped for a while but now are back

Active Protection Event Details

 

Event Type 2 -- Notify Timeout 0(s) Monitor Source 2003 -- On File Access Message ID {597A9ABA-6667-48D9-BCB2-1E10C83CD702} Monitor Type 2 -- File Recommend System Scan Yes AP SDK Version 6.0.5449 Threat Definitions Version 16948 Event Actor Enum 2 -- Object Event Date/Time 2013-04-17T20:45:01 Remote Client Address  



 

Application Information

 

File Path C:\Windows\system32\SearchProtocolHost.exe Process ID 3464 File Size 249856(B) CRC8 0000000000000000 Application Rating 1 -- Known Good Added To Always Allow List No Company Microsoft Corporation File Version 7.00.7601.17610 (win7sp1_gdr.110503-1502) Product Name Windows® Search Product Version 7.00.7601.17610 Description Microsoft Windows Search Protocol Host Copyright © Microsoft Corporation. All rights reserved.



 

Attempted to modify the following file

 

File Path C:\Windows\Temp\tmp00006ada\tmp000066e7 MD5 031f24073b43717e018ba0c5f62cb0c2 CRC8 EEFC608BCAB20000 Application Rating 2 -- Known Bad Threat ID 4150696



 

Action Taken

 

User Name \\NT AUTHORITY\SYSTEM Action 2 -- Blocked Reason 2 -- VIPRE Known

 

 

 

 

Is this searchprotocolhost.exe infected somehow and I will follow the last replies steps and reply with that soon



#6 nasdaq

nasdaq

  • Malware Response Team
  • 40,159 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:05:05 AM

Posted 18 April 2013 - 07:03 AM

Check the path of your Office software. You may be experiencing the same problem reported by Norton.

http://www.symantec.com/business/support/index?page=content&id=TECH169660

#7 vkh21

vkh21
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:10:05 AM

Posted 19 April 2013 - 12:40 PM

I will post replies soon pc running slow


Edited by vkh21, 19 April 2013 - 12:42 PM.


#8 vkh21

vkh21
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:10:05 AM

Posted 19 April 2013 - 12:47 PM

Combofix log

ComboFix 13-04-18.03 - Vish 18/04/2013  21:18:42.1.4 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.44.1033.18.8174.6062 [GMT 1:00]
Running from: c:\users\Vish\Downloads\ComboFix.exe
AV: Bitdefender Antivirus *Disabled/Updated* {9B5F5313-CAF9-DD97-C460-E778420237B4}
AV: GFI Software VIPRE *Disabled/Updated* {E0D97DD4-42BA-B3F2-A5A7-22E9ACE81FC7}
FW: Bitdefender Firewall *Disabled* {A364D236-8096-DCCF-EF3F-4E4DBCD170CF}
FW: GFI Software VIPRE *Disabled* {D8E2FCF1-08D5-B2AA-8EF8-8BDC523B58BC}
SP: Bitdefender Antispyware *Disabled/Updated* {203EB2F7-ECC3-D219-FED0-DC0A39857D09}
SP: GFI Software VIPRE *Disabled/Updated* {5BB89C30-6480-BC7C-9F17-199BD76F557A}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\1365800320.bdinstall.bin
c:\programdata\1365800409.bdinstall.bin
c:\programdata\1365801152.bdinstall.bin
c:\programdata\1365801416.bdinstall.bin
c:\programdata\1365802040.bdinstall.bin
c:\programdata\1365802069.bdinstall.bin
c:\programdata\1365802133.bdinstall.bin
c:\programdata\1365802197.bdinstall.bin
c:\programdata\1365802493.bdinstall.bin
c:\programdata\1365802531.2016.bin
c:\programdata\1365803487.bdinstall.bin
c:\programdata\1365803524.bdinstall.bin
c:\programdata\1365803666.6896.bin
c:\programdata\1365804571.bdinstall.bin
c:\programdata\1365804600.bdinstall.bin
c:\programdata\1365804751.7672.bin
c:\programdata\1365805094.bdinstall.bin
c:\programdata\1365805127.bdinstall.bin
c:\programdata\1365805145.bdinstall.bin
c:\programdata\1365805372.bdinstall.bin
c:\users\Vish\Adobe Photoshop CS6 Extended.exe
c:\windows\security\Database\tmp.edb
c:\windows\SysWow64\muzapp.exe
.
.
(((((((((((((((((((((((((   Files Created from 2013-03-18 to 2013-04-18  )))))))))))))))))))))))))))))))
.
.
2013-04-18 21:02 . 2013-04-18 21:02 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2013-04-18 21:02 . 2013-04-18 21:02 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-04-17 20:15 . 2013-04-18 19:43 -------- d-----w- C:\JRT
2013-04-17 19:02 . 2013-04-17 19:02 -------- d-----w- c:\users\Vish\Darren Shan
2013-04-16 20:49 . 2013-04-16 20:51 -------- d-----w- c:\users\Vish\demonata
2013-04-16 20:48 . 2013-04-16 20:50 -------- d-----w- c:\program files (x86)\EPUB to MOBI
2013-04-15 19:55 . 2013-04-15 19:55 -------- d-----w- c:\program files (x86)\Common Files\Symantec Shared
2013-04-15 19:53 . 2013-04-15 19:53 -------- d-----w- c:\programdata\Symantec
2013-04-15 19:53 . 2013-04-15 19:53 -------- d-----w- c:\windows\system32\drivers\NSSx64
2013-04-15 19:53 . 2013-04-15 19:53 -------- d-----w- c:\programdata\Norton
2013-04-15 19:53 . 2013-04-15 19:53 -------- d-----w- c:\program files (x86)\Norton Security Scan
2013-04-15 19:53 . 2013-04-15 19:53 -------- d-----w- c:\program files (x86)\NortonInstaller
2013-04-15 19:24 . 2013-04-15 19:25 -------- d-----w- c:\programdata\Spybot - Search & Destroy
2013-04-15 19:24 . 2013-04-15 19:24 -------- d-----w- c:\program files (x86)\Spybot - Search & Destroy
2013-04-15 19:18 . 2013-04-15 19:18 -------- d-----w- c:\program files (x86)\Trend Micro
2013-04-15 17:14 . 2013-04-16 20:20 -------- d-----w- c:\program files\PeerBlock
2013-04-12 22:50 . 2013-04-12 22:50 -------- d-----w- c:\programdata\bdch
2013-04-12 22:48 . 2013-04-12 22:48 -------- d-----w- c:\users\Vish\AppData\Local\vkh21
2013-04-12 22:32 . 2013-04-12 22:32 -------- d-----w- c:\users\Vish\AppData\Roaming\liQeNSoft
2013-04-12 22:26 . 2013-04-12 22:36 -------- d-----w- c:\programdata\BDLogging
2013-04-12 21:52 . 2013-04-12 21:52 -------- d-----w- c:\users\Vish\AppData\Roaming\QuickScan
2013-04-12 21:33 . 2013-04-12 21:33 -------- d-----w- c:\windows\Sun
2013-04-12 21:14 . 2013-04-12 21:19 -------- d-----w- c:\users\Vish\dads videos
2013-04-12 21:08 . 2013-04-12 21:08 -------- d-----w- c:\users\Vish\AppData\Local\liQeNSoft
2013-04-12 20:58 . 2013-04-12 22:22 -------- d-----w- c:\program files\Common Files\Bitdefender
2013-04-10 20:59 . 2013-03-02 06:04 1655656 ----a-w- c:\windows\system32\drivers\ntfs.sys
2013-04-10 20:59 . 2013-03-01 03:36 3153408 ----a-w- c:\windows\system32\win32k.sys
2013-04-10 20:59 . 2013-01-24 06:01 223752 ----a-w- c:\windows\system32\drivers\fvevol.sys
2013-04-10 20:59 . 2013-03-19 06:04 5550424 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-04-10 20:59 . 2013-03-19 05:04 3968856 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2013-04-10 20:59 . 2013-03-19 05:04 3913560 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2013-04-10 20:59 . 2013-03-19 05:46 43520 ----a-w- c:\windows\system32\csrsrv.dll
2013-04-10 20:59 . 2013-03-19 03:06 112640 ----a-w- c:\windows\system32\smss.exe
2013-04-10 20:59 . 2013-03-19 04:47 6656 ----a-w- c:\windows\SysWow64\apisetschema.dll
2013-04-08 22:11 . 2013-04-09 16:29 -------- d-----w- c:\users\Vish\Doctor Who eBooks (epub and mobi)
2013-04-08 21:40 . 2013-04-08 21:40 -------- d-----w- c:\users\Vish\10th Doctor
2013-04-08 18:38 . 2013-04-08 18:38 -------- d-----w- c:\users\Vish\AppData\Roaming\Doctor Who - The Gunpowder Plot
2013-04-08 18:38 . 2013-04-08 18:38 -------- d-----w- c:\users\Vish\AppData\Local\Doctor Who - The Gunpowder Plot
2013-04-08 17:07 . 2013-04-08 18:38 -------- d-----w- c:\program files (x86)\Doctor Who - The Gunpowder Plot
2013-04-08 10:03 . 2013-04-08 10:04 -------- d-----w- c:\program files\SUPERAntiSpyware
2013-04-08 09:44 . 2013-02-22 07:17 203544 ------w- c:\windows\system32\drivers\ssudmdm.sys
2013-04-08 09:44 . 2013-02-22 07:17 102936 ------w- c:\windows\system32\drivers\ssudbus.sys
2013-04-07 19:58 . 2013-04-12 18:39 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2013-04-07 19:58 . 2013-04-04 13:50 25928 ------w- c:\windows\system32\drivers\mbam.sys
2013-04-07 14:10 . 2013-04-07 14:10 -------- d-----w- c:\users\Vish\AppData\Roaming\LocalAPK
2013-04-07 14:10 . 2013-04-07 14:10 -------- d-----w- c:\program files\LocalAPK
2013-04-05 23:05 . 2013-04-06 01:02 -------- d-----w- c:\programdata\CPA_VA
2013-04-05 22:57 . 2013-04-05 22:57 -------- d-----w- C:\found.000
2013-04-05 22:46 . 2013-04-06 01:55 -------- d-----w- c:\programdata\Comodo
2013-04-05 22:46 . 2013-04-06 01:02 -------- d-----w- c:\program files\COMODO
2013-04-05 22:46 . 2013-04-07 16:59 -------- d-----w- c:\program files (x86)\Comodo
2013-04-05 22:46 . 2013-04-05 22:46 1700352 ----a-w- c:\windows\SysWow64\gdiplus.dll
2013-04-05 22:46 . 2013-04-05 22:46 1060864 ----a-w- c:\windows\SysWow64\mfc71.dll
2013-04-05 21:45 . 2013-04-05 21:45 -------- d-----w- c:\program files (x86)\directx
2013-04-05 21:45 . 1998-09-24 22:00 798773 ------w- c:\windows\SysWow64\MFCO42D.DLL
2013-04-05 21:45 . 1998-09-23 22:00 385100 ------w- c:\windows\SysWow64\MSVCRTD.DLL
2013-04-05 21:45 . 1998-06-16 22:00 516173 ------w- c:\windows\SysWow64\MSVCP60D.DLL
2013-04-05 21:45 . 1998-09-24 22:00 929844 ------w- c:\windows\SysWow64\MFC42D.DLL
2013-04-05 21:45 . 1998-10-29 15:45 306688 ----a-w- c:\windows\IsUninst.exe
2013-03-31 17:13 . 2013-03-31 17:13 -------- d-----w- c:\windows\Hewlett-Packard
2013-03-29 22:25 . 2013-04-15 19:08 -------- dc----w- c:\users\Vish\AppData\Local\MigWiz
2013-03-28 21:05 . 2008-05-30 14:19 511496 ----a-w- c:\windows\system32\XAudio2_1.dll
2013-03-28 21:05 . 2008-05-30 14:17 65032 ----a-w- c:\windows\SysWow64\XAPOFX1_0.dll
2013-03-28 21:05 . 2008-05-30 14:18 177672 ----a-w- c:\windows\system32\xactengine3_1.dll
2013-03-28 21:05 . 2008-05-30 14:17 25608 ----a-w- c:\windows\SysWow64\X3DAudio1_4.dll
2013-03-28 21:05 . 2007-10-12 15:14 2006552 ----a-w- c:\windows\system32\D3DCompiler_36.dll
2013-03-28 21:05 . 2006-09-28 16:05 237848 ----a-w- c:\windows\SysWow64\xactengine2_4.dll
2013-03-28 21:05 . 2006-07-28 09:30 363288 ----a-w- c:\windows\system32\xactengine2_3.dll
2013-03-28 19:32 . 2013-03-28 19:32 -------- d-----w- C:\steamapps
2013-03-28 19:32 . 2013-03-28 19:32 -------- d-----w- c:\programdata\Steam
2013-03-28 19:16 . 2013-03-28 19:16 -------- d-----w- c:\program files (x86)\Common Files\Skype
2013-03-25 18:31 . 2013-03-25 18:31 -------- d-----w- c:\programdata\xml_param
2013-03-24 17:32 . 2013-03-24 17:32 -------- d-----w- c:\program files (x86)\Dotjosh Studios
2013-03-24 16:21 . 2013-03-24 16:21 -------- d-----w- c:\program files (x86)\Hewlett-Packard
2013-03-24 16:21 . 2013-03-24 16:21 -------- d-----w- c:\program files (x86)\HP Photo Creations
2013-03-24 16:21 . 2013-03-24 16:21 -------- d-----w- c:\programdata\Visan
2013-03-24 16:21 . 2013-03-24 16:21 -------- d-----w- c:\programdata\HP Photo Creations
2013-03-24 16:20 . 2013-04-07 17:45 -------- d-----w- c:\users\Vish\AppData\Roaming\HpUpdate
2013-03-24 16:20 . 2012-10-17 04:31 741480 ------w- c:\windows\system32\HPDiscoPMB011.dll
2013-03-24 16:18 . 2013-03-24 16:18 -------- d-----w- c:\programdata\HP
2013-03-24 16:18 . 2013-03-31 17:14 -------- d-----w- c:\program files (x86)\HP
2013-03-24 16:15 . 2013-03-24 16:15 -------- d-----w- c:\program files\HP
2013-03-24 16:11 . 2013-03-24 16:40 -------- d-----w- c:\users\Vish\AppData\Local\HP
2013-03-24 12:07 . 2008-03-05 16:00 28168 ----a-w- c:\windows\system32\X3DAudio1_3.dll
2013-03-24 12:06 . 2006-02-03 08:41 16592 ----a-w- c:\windows\system32\x3daudio1_0.dll
2013-03-24 12:06 . 2006-02-03 08:43 3830992 ----a-w- c:\windows\system32\d3dx9_29.dll
2013-03-24 12:06 . 2005-05-26 15:34 3767504 ----a-w- c:\windows\system32\d3dx9_26.dll
2013-03-24 12:06 . 2005-03-18 17:19 3823312 ----a-w- c:\windows\system32\d3dx9_25.dll
2013-03-23 22:50 . 2005-02-05 19:45 3544272 ----a-w- c:\windows\system32\d3dx9_24.dll
2013-03-23 22:46 . 2013-03-23 22:46 -------- d-----w- c:\programdata\Bohemia Interactive Studio
2013-03-23 22:46 . 2013-03-23 22:46 -------- d-----w- c:\program files (x86)\ArmA 2
2013-03-23 22:07 . 2013-03-23 22:08 -------- d-----w- c:\users\Vish\AppData\Roaming\Play withSIX
2013-03-23 22:07 . 2013-03-23 22:07 -------- d-----w- c:\users\Vish\AppData\Local\IsolatedStorage
2013-03-23 22:07 . 2013-03-23 22:07 -------- d-----w- c:\program files (x86)\SIX Networks
2013-03-23 20:54 . 2013-04-15 19:09 -------- d-----w- c:\program files (x86)\Steam
2013-03-23 17:12 . 2013-03-23 17:12 -------- d-----w- c:\users\Vish\AppData\Local\THQ
2013-03-20 22:12 . 2013-01-04 06:11 2284544 ----a-w- c:\windows\SysWow64\msmpeg2vdec.dll
2013-03-20 22:10 . 2013-02-12 04:12 19968 ----a-w- c:\windows\system32\drivers\usb8023x.sys
2013-03-20 22:10 . 2013-02-12 04:12 19968 ----a-w- c:\windows\system32\drivers\usb8023.sys
2013-03-20 20:01 . 2013-03-20 20:10 -------- d-----w- c:\program files (x86)\ATITool
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-04-12 20:00 . 2012-09-17 18:49 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-04-12 08:00 . 2012-09-17 18:49 691592 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-04-11 23:13 . 2012-09-07 16:24 72702784 ----a-w- c:\windows\system32\MRT.exe
2013-03-11 20:08 . 2013-03-11 20:08 310688 ------w- c:\windows\system32\javaws.exe
2013-03-11 20:08 . 2013-03-11 20:08 188832 ----a-w- c:\windows\system32\javaw.exe
2013-03-11 20:08 . 2013-03-11 20:08 188320 ----a-w- c:\windows\system32\java.exe
2013-03-11 20:08 . 2013-03-11 20:08 108448 ----a-w- c:\windows\system32\WindowsAccessBridge-64.dll
2013-03-11 20:08 . 2012-12-15 08:32 963488 ----a-w- c:\windows\system32\deployJava1.dll
2013-03-11 20:08 . 2012-12-15 08:32 1085344 ----a-w- c:\windows\system32\npdeployJava1.dll
2013-03-11 19:24 . 2013-03-11 19:24 473520 ----a-w- c:\windows\SysWow64\deployJava1.dll
2013-03-11 19:24 . 2012-11-12 19:12 477616 ----a-w- c:\windows\SysWow64\npdeployJava1.dll
2013-02-12 05:45 . 2013-03-13 17:02 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2013-02-12 05:45 . 2013-03-13 17:02 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll
2013-02-12 05:45 . 2013-03-13 17:02 308736 ----a-w- c:\windows\apppatch\AppPatch64\AcGenral.dll
2013-02-12 05:45 . 2013-03-13 17:02 111104 ----a-w- c:\windows\apppatch\AppPatch64\acspecfc.dll
2013-02-12 04:48 . 2013-03-13 17:02 474112 ----a-w- c:\windows\apppatch\AcSpecfc.dll
2013-02-12 04:48 . 2013-03-13 17:02 2176512 ------w- c:\windows\apppatch\AcGenral.dll
2013-02-11 11:28 . 2012-11-13 01:00 38456 ------w- c:\windows\system32\drivers\gfiark.sys
2013-02-10 03:25 . 2013-03-17 11:54 7569184 ----a-w- c:\windows\system32\nvopencl.dll
2013-02-10 03:25 . 2013-03-17 11:54 6267240 ----a-w- c:\windows\SysWow64\nvopencl.dll
2013-02-10 03:25 . 2013-03-17 11:54 26947360 ----a-w- c:\windows\system32\nvoglv64.dll
2013-02-10 03:25 . 2013-03-17 11:54 20534560 ----a-w- c:\windows\SysWow64\nvoglv32.dll
2013-02-10 03:25 . 2013-03-17 11:54 1807136 ----a-w- c:\windows\system32\nvdispco6420294.dll
2013-02-10 03:25 . 2013-03-17 11:54 1510176 ----a-w- c:\windows\system32\nvdispgenco6420162.dll
2013-02-10 03:25 . 2013-03-17 11:54 11040544 ------w- c:\windows\system32\drivers\nvlddmkm.sys
2013-02-10 03:25 . 2013-03-17 11:54 9422672 ----a-w- c:\windows\system32\nvcuda.dll
2013-02-10 03:25 . 2013-03-17 11:54 7964680 ----a-w- c:\windows\SysWow64\nvcuda.dll
2013-02-10 03:25 . 2013-03-17 11:54 2911008 ----a-w- c:\windows\system32\nvcuvid.dll
2013-02-10 03:25 . 2013-03-17 11:54 2854344 ------w- c:\windows\system32\nvapi64.dll
2013-02-10 03:25 . 2013-03-17 11:54 2726176 ----a-w- c:\windows\SysWow64\nvcuvid.dll
2013-02-10 03:25 . 2013-03-17 11:54 2528840 ------w- c:\windows\SysWow64\nvapi.dll
2013-02-10 03:25 . 2013-03-17 11:54 25256736 ----a-w- c:\windows\system32\nvcompiler.dll
2013-02-10 03:25 . 2013-03-17 11:54 2350368 ----a-w- c:\windows\system32\nvcuvenc.dll
2013-02-10 03:25 . 2013-03-17 11:54 1990944 ----a-w- c:\windows\SysWow64\nvcuvenc.dll
2013-02-10 03:25 . 2013-03-17 11:54 17560352 ----a-w- c:\windows\SysWow64\nvcompiler.dll
2013-02-10 03:25 . 2013-03-12 17:37 17987192 ----a-w- c:\windows\system32\nvd3dumx.dll
2013-02-10 03:25 . 2013-03-12 17:37 15038296 ----a-w- c:\windows\SysWow64\nvd3dum.dll
2013-02-10 03:25 . 2012-09-07 15:12 15275744 ----a-w- c:\windows\system32\nvwgf2umx.dll
2013-02-10 03:25 . 2012-09-07 15:12 12862400 ------w- c:\windows\SysWow64\nvwgf2um.dll
2013-02-10 01:04 . 2012-05-12 04:39 6393120 ----a-w- c:\windows\system32\nvcpl.dll
2013-02-10 01:04 . 2012-05-12 04:38 3472672 ----a-w- c:\windows\system32\nvsvc64.dll
2013-02-10 01:04 . 2012-05-12 04:39 877856 ------w- c:\windows\system32\nvvsvc.exe
2013-02-10 01:04 . 2012-05-12 04:39 2555680 ----a-w- c:\windows\system32\nvsvcr.dll
2013-02-10 01:04 . 2012-05-12 04:39 237856 ----a-w- c:\windows\system32\nvmctray.dll
2013-02-10 01:04 . 2011-02-18 11:19 63776 ----a-w- c:\windows\system32\nvshext.dll
2013-02-09 18:43 . 2013-02-09 18:43 555808 ----a-w- c:\windows\SysWow64\nvStreaming.exe
2013-02-05 08:54 . 2013-02-20 23:12 37344 ------w- c:\windows\SysWow64\FsUsbExDisk.Sys
2013-02-05 08:54 . 2013-02-20 23:12 233472 ----a-w- c:\windows\SysWow64\FsUsbExService.Exe
.
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 129272 ----a-w- c:\users\Vish\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 129272 ----a-w- c:\users\Vish\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 129272 ----a-w- c:\users\Vish\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\EldosIconOverlay]
@="{5BB532A2-BF14-4CCC-86B7-71B81EF6F8BC}"
[HKEY_CLASSES_ROOT\CLSID\{5BB532A2-BF14-4CCC-86B7-71B81EF6F8BC}]
2012-04-09 15:27 158224 ------w- c:\windows\SysWOW64\CbFsMntNtf3.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"KiesPreload"="c:\program files (x86)\Samsung\Kies\Kies.exe" [2013-03-28 1511792]
"KiesAirMessage"="c:\program files (x86)\Samsung\Kies\KiesAirMessage.exe" [2013-03-20 578560]
"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2012-11-01 5629312]
"SpybotSD TeaTimer"="c:\program files (x86)\Spybot - Search & Destroy\TeaTimer.exe" [2009-01-26 2144088]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" [2010-09-13 283160]
"ISBMgr.exe"="c:\program files (x86)\Sony\ISB Utility\ISBMgr.exe" [2011-02-15 2757312]
"SBAMTray"="c:\program files (x86)\GFI Software\VIPRE\SBAMTray.exe" [2012-09-20 3149704]
"KiesTrayAgent"="c:\program files (x86)\Samsung\Kies\KiesTrayAgent.exe" [2013-03-28 310640]
"HP Software Update"="c:\program files (x86)\Hp\HP Software Update\HPWuSchd2.exe" [2011-10-28 49208]
.
c:\users\Vish\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\Vish\AppData\Roaming\Dropbox\bin\Dropbox.exe [2013-3-12 29106336]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"Userinit"="userinit.exe"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro36]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro36.sys]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SBAMSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SBPIMSvc]
@="Service"
.
R1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\DRIVERS\cmdguard.sys [x]
R1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\DRIVERS\cmdhlp.sys [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-04-04 418376]
R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-04-04 701512]
R2 SBAMSvc;VIPRE Internet Security;c:\program files (x86)\GFI Software\VIPRE\SBAMSvc.exe [2012-09-20 3677000]
R2 SBSDWSCService;SBSD Security Center Service;c:\program files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2013-02-28 161384]
R2 UNS;Intel® Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2011-02-01 2656280]
R3 AirDisplay;Air Display Support;c:\windows\system32\DRIVERS\AVVideoCard.sys [2012-09-24 15808]
R3 AirDisplayMirror;Air Display Mirror Support;c:\windows\system32\DRIVERS\AVVideoCardMirror.sys [2012-09-24 15808]
R3 AthBTPort;Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys [2011-04-29 36000]
R3 avckf;avckf;c:\windows\system32\DRIVERS\avckf.sys [2013-04-12 589000]
R3 BBSvc;Bing Bar Update Service;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-03-01 183560]
R3 BDSandBox;BDSandBox;c:\windows\system32\drivers\bdsandbox.sys [2013-04-12 82384]
R3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys [2011-04-29 259232]
R3 btath_avdt;Atheros Bluetooth AVDT Service;c:\windows\system32\drivers\btath_avdt.sys [2011-04-29 109216]
R3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\system32\DRIVERS\btath_hcrp.sys [2011-04-29 166048]
R3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\btath_lwflt.sys [2011-04-29 59040]
R3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\DRIVERS\btath_rcp.sys [2011-04-29 283296]
R3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys [2011-04-29 288416]
R3 DCDhcpService;DCDhcpService;c:\program files\Sony\VAIO Smart Network\WFDA\DCDhcpService.exe [2011-07-19 104096]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys [2013-02-22 102936]
R3 e1yexpress;Intel® Gigabit Network Connections Driver;c:\windows\system32\DRIVERS\e1y60x64.sys [2009-06-10 281088]
R3 FsUsbExDisk;FsUsbExDisk;c:\windows\SysWOW64\FsUsbExDisk.SYS [2013-02-05 37344]
R3 gfiark;gfiark;c:\windows\system32\drivers\gfiark.sys [2013-02-11 38456]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2013-04-04 25928]
R3 pbfilter;pbfilter;c:\program files\PeerBlock\pbfilter.sys [2010-11-06 24176]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-08-23 19456]
R3 SBFWIMCLMP;GFI Software Firewall NDIS IM Filter Miniport;c:\windows\system32\DRIVERS\SBFWIM.sys [2012-09-12 120064]
R3 SbHips;SbHips;c:\windows\system32\drivers\sbhips.sys [2012-09-20 61216]
R3 sbwtis;sbwtis;c:\windows\system32\DRIVERS\sbwtis.sys [2012-09-20 86816]
R3 SOHCImp;VAIO Content Importer;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe [2011-02-21 113824]
R3 SOHDs;VAIO Device Searcher;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe [2011-02-21 67232]
R3 SpfService;VAIO Entertainment Common Service;c:\program files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe [2011-12-01 289952]
R3 ssudmdm;SAMSUNG  Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys [2013-02-22 203544]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2012-09-28 53760]
R3 VCFw;VAIO Content Folder Watcher;c:\program files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [2011-12-29 960160]
R3 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;c:\program files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [2011-12-21 550128]
R3 VcmINSMgr;VAIO Content Metadata Intelligent Network Service Manager;c:\program files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe [2011-02-18 385336]
R3 VcmXmlIfHelper;VAIO Content Metadata XML Interface;c:\program files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe [2011-08-26 101600]
R3 VCService;VCService;c:\program files\Sony\VAIO Care\VCService.exe [2011-02-14 44736]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2012-09-07 1255736]
R3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\DRIVERS\wdcsam64.sys [2008-05-06 14464]
R3 WinRing0_1_2_0;WinRing0_1_2_0;c:\program files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys [2010-11-01 14544]
R4 BdDesktopParental;Bitdefender Desktop Parental Control;c:\program files\Bitdefender\Bitdefender 2013\bdparentalservice.exe [2013-04-12 69392]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
S0 avc3;avc3;c:\windows\system32\DRIVERS\avc3.sys [2013-04-12 707528]
S0 gzflt;gzflt;c:\windows\system32\DRIVERS\gzflt.sys [2013-04-12 147232]
S1 BdfNdisf;BitDefender Firewall NDIS 6 Filter Driver;c:\program files\common files\bitdefender\bitdefender firewall\bdfndisf6.sys [2013-04-12 93160]
S1 bdfwfpf;bdfwfpf;c:\program files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [2011-11-14 103504]
S1 BDVEDISK;BDVEDISK;c:\windows\system32\DRIVERS\bdvedisk.sys [2012-04-17 76944]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2012-09-08 283200]
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS [2011-07-22 14928]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS [2011-07-12 12368]
S1 SbFw;SbFw;c:\windows\system32\drivers\SbFw.sys [2012-09-20 258848]
S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE64.EXE [2012-07-11 140672]
S2 Atheros Bt&Wlan Coex Agent;Atheros Bt&Wlan Coex Agent;c:\program files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [2011-04-29 146592]
S2 AtherosSvc;AtherosSvc;c:\program files (x86)\Bluetooth Suite\adminservice.exe [2011-04-29 91296]
S2 gfi_lanss10_attservice;GFI LanGuard 10 Attendant Service;c:\program files (x86)\GFI Software\VIPRE\LanGuard 10 Agent\lnssatt.exe [2012-09-12 115568]
S2 HitmanProScheduler;HitmanPro Scheduler;c:\program files\HitmanPro\hmpsched.exe [2012-09-07 108392]
S2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-09-13 13336]
S2 IconMan_R;IconMan_R;c:\program files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2012-03-12 2429544]
S2 SafeBox;SafeBox;c:\program files\Bitdefender\Bitdefender SafeBox\safeboxservice.exe [2013-04-12 95184]
S2 SampleCollector;VAIO Care Performance Service;c:\program files\Sony\VAIO Care\VCPerfService.exe [2011-01-29 259192]
S2 sbapifs;sbapifs;c:\windows\system32\DRIVERS\sbapifs.sys [2012-09-12 82872]
S2 SBPIMSvc;SB Recovery Service;c:\program files (x86)\GFI Software\VIPRE\SBPIMSvc.exe [2012-09-20 175496]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-02-09 383264]
S2 uCamMonitor;CamMonitor;c:\program files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [2011-02-23 105024]
S2 UPDATESRV;Bitdefender Desktop Update Service;c:\program files\Bitdefender\Bitdefender 2013\updatesrv.exe [2013-04-12 68856]
S2 VSNService;VSNService;c:\program files\Sony\VAIO Smart Network\VSNService.exe [2011-08-12 971704]
S3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect;c:\windows\system32\DRIVERS\ArcSoftKsUFilter.sys [2009-05-26 19968]
S3 avchv;avchv Function Driver;c:\windows\system32\DRIVERS\avchv.sys [2013-04-12 261056]
S3 BTATH_BUS;Atheros Bluetooth Bus;c:\windows\system32\DRIVERS\btath_bus.sys [2011-04-29 29344]
S3 cbfs3;EldoS Callback File System driver v3;c:\windows\system32\DRIVERS\cbfs3.sys [2012-04-09 352144]
S3 pcouffin;VSO Software pcouffin;c:\windows\system32\Drivers\pcouffin.sys [2012-09-08 82048]
S3 RSPCIESTOR;Realtek PCIE CardReader Driver;c:\windows\system32\DRIVERS\RtsPStor.sys [2012-03-12 340072]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2011-03-29 425064]
S3 SBFWIMCL;Sunbelt Software Firewall NDIS IM Filter Miniport;c:\windows\system32\DRIVERS\sbfwim.sys [2012-09-12 120064]
S3 SFEP;Sony Firmware Extension Parser;c:\windows\system32\DRIVERS\SFEP.sys [2010-04-26 12032]
S3 VUAgent;VUAgent;c:\program files\Sony\VAIO Update\VUAgent.exe [2012-10-26 1286784]
S3 WsAudio_DeviceS(1);WsAudio_DeviceS(1);c:\windows\system32\drivers\WsAudio_DeviceS(1).sys [2011-12-19 29288]
S3 WsAudio_DeviceS(2);WsAudio_DeviceS(2);c:\windows\system32\drivers\WsAudio_DeviceS(2).sys [2011-12-19 29288]
S3 WsAudio_DeviceS(3);WsAudio_DeviceS(3);c:\windows\system32\drivers\WsAudio_DeviceS(3).sys [2011-12-19 29288]
S3 WsAudio_DeviceS(4);WsAudio_DeviceS(4);c:\windows\system32\drivers\WsAudio_DeviceS(4).sys [2011-12-19 29288]
S3 WsAudio_DeviceS(5);WsAudio_DeviceS(5);c:\windows\system32\drivers\WsAudio_DeviceS(5).sys [2011-12-19 29288]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-04-12 07:54 1642448 ------w- c:\program files (x86)\Google\Chrome\Application\26.0.1410.64\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
c:\windows\Tasks\Adobe Flash Player Updater.job
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
c:\windows\Tasks\Norton Security Scan for Vish.job
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 162552 ------w- c:\users\Vish\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 162552 ------w- c:\users\Vish\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 162552 ------w- c:\users\Vish\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 162552 ------w- c:\users\Vish\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\EldosIconOverlay]
@="{5BB532A2-BF14-4CCC-86B7-71B81EF6F8BC}"
[HKEY_CLASSES_ROOT\CLSID\{5BB532A2-BF14-4CCC-86B7-71B81EF6F8BC}]
2012-04-09 15:27 190480 ------w- c:\windows\System32\CbFsMntNtf3.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\__SafeBox1]
@="{152C96EB-288E-4EDC-B7C6-D21F8250ADF3}"
[HKEY_CLASSES_ROOT\CLSID\{152C96EB-288E-4EDC-B7C6-D21F8250ADF3}]
2013-04-12 23:33 269200 ------w- c:\program files\Bitdefender\Bitdefender Safebox\safeboxshell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\__SafeBox2]
@="{342DAA0B-D796-460D-8566-901E08A1CCAD}"
[HKEY_CLASSES_ROOT\CLSID\{342DAA0B-D796-460D-8566-901E08A1CCAD}]
2013-04-12 23:33 269200 ------w- c:\program files\Bitdefender\Bitdefender Safebox\safeboxshell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\__SafeBox3]
@="{57595DAE-1AE1-4D97-A49E-67CBB53B52DF}"
[HKEY_CLASSES_ROOT\CLSID\{57595DAE-1AE1-4D97-A49E-67CBB53B52DF}]
2013-04-12 23:33 269200 ------w- c:\program files\Bitdefender\Bitdefender Safebox\safeboxshell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\__SafeBox4]
@="{33816773-98AE-4723-ADE0-EBE54C8B5A67}"
[HKEY_CLASSES_ROOT\CLSID\{33816773-98AE-4723-ADE0-EBE54C8B5A67}]
2013-04-12 23:33 269200 ------w- c:\program files\Bitdefender\Bitdefender Safebox\safeboxshell.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"cAudioFilterAgent"="c:\program files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe" [2011-03-29 518784]
"AtherosBtStack"="c:\program files (x86)\Bluetooth Suite\BtvStack.exe" [2011-04-29 790688]
"AthBtTray"="c:\program files (x86)\Bluetooth Suite\AthBtTray.exe" [2011-04-29 657568]
"SBRegRebootCleaner"="c:\program files (x86)\GFI Software\VIPRE\SBRC.exe" [2012-09-20 201608]
"Bdagent"="c:\program files\Bitdefender\Bitdefender 2013\bdagent.exe" [2013-04-12 1576240]
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost  - LocalService
FontCache
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = about:blank
mStart Page = about:blank
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = <local>;*.local
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office15\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~1\MICROS~2\Office15\ONBttnIE.dll/105
TCP: DhcpNameServer = 194.168.4.100 194.168.8.100
FF - ProfilePath - c:\users\Vish\AppData\Roaming\Mozilla\Firefox\Profiles\oeam0wc1.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/
FF - ExtSQL: 2013-03-11 19:24; {CAFEEFAC-0016-0000-0043-ABCDEFFEDCBA}; c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0043-ABCDEFFEDCBA}
.
- - - - ORPHANS REMOVED - - - -
.
Wow6432Node-HKCU-Run-AdobeBridge - (no file)
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
HKLM-Run-Apoint - c:\program files (x86)\Apoint\Apoint.exe
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\SampleCollector]
"ImagePath"="\"c:\program files\Sony\VAIO Care\VCPerfService.exe\" \"/service\" \"/sstates\" \"/sampleinterval=5000\" \"/procinterval=5\" \"/dllinterval=120\" \"/counter=\Processor(_Total)\% Processor Time:1/counter=\PhysicalDisk(_Total)\Disk Bytes/sec:1\" \"/counter=\Network Interface(*)\Bytes Total/sec:1\" \"/expandcounter=\Processor Information(*)\Processor Frequency:1\" \"/expandcounter=\Processor(*)\% Idle Time:1\" \"/expandcounter=\Processor(*)\% C1 Time:1\" \"/expandcounter=\Processor(*)\% C2 Time:1\" \"/expandcounter=\Processor(*)\% C3 Time:1\" \"/expandcounter=\Processor(*)\% Processor Time:1\" \"/directory=c:\programdata\Sony Corporation\VAIO Care\inteldata\""
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-3082313803-2437717256-3910642539-1000\Software\SecuROM\License information*]
"datasecu"=hex:26,45,ef,39,42,67,5d,de,d0,7e,58,73,3a,30,a4,02,70,6b,a1,2c,2a,
   c2,8d,29,81,c6,19,50,69,8b,f1,e5,1e,84,da,9b,76,3f,3b,10,03,e6,04,1a,00,5b,\
"rkeysecu"=hex:2f,0f,d5,3e,02,2b,06,63,b1,0b,dd,b6,71,e2,54,98
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_169_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_169_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_169_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_169_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_169.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_169.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_169.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_169.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
   00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2013-04-18  22:04:32
ComboFix-quarantined-files.txt  2013-04-18 21:04
.
Pre-Run: 126,347,231,232 bytes free
Post-Run: 126,170,533,888 bytes free
.
- - End Of File - - 93639B3AE433DD9DC94830D861E71929
 



#9 vkh21

vkh21
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:10:05 AM

Posted 19 April 2013 - 01:43 PM

JRT log

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.8.4 (04.16.2013:1)
OS: Windows 7 Home Premium x64
Ran by Vish on 19/04/2013 at 18:52:35.57
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

~~~ Services

 

~~~ Registry Values

 

~~~ Registry Keys

 

~~~ Files

 

~~~ Folders

 

~~~ FireFox

Successfully deleted: [File] "C:\Users\Vish\AppData\Roaming\mozilla\firefox\profiles\oeam0wc1.default\extensions\jid0-hyjN250ZzTOOX3evFwwAQBxE4ik@jetpack.xpi"

 

~~~ Event Viewer Logs were cleared

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 19/04/2013 at 19:02:46.46
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~



#10 vkh21

vkh21
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:10:05 AM

Posted 19 April 2013 - 03:48 PM

also every time i start the pc i get a notepad document called desktop.ini containing this

 

[.ShellClassInfo]
LocalizedResourceName=@%SystemRoot%\system32\shell32.dll,-21787
 

and also comes up when it says this page is secure and nobody else can see it or something like this (which happened today when i visited this page)



#11 nasdaq

nasdaq

  • Malware Response Team
  • 40,159 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:05:05 AM

Posted 20 April 2013 - 07:23 AM

also every time i start the pc i get a notepad document called desktop.ini containing this

[.ShellClassInfo]
LocalizedResourceName=@%SystemRoot%\system32\shell32.dll,-21787

You will find the fix on this page.

http://support.microsoft.com/kb/330132

Use the Fix me button.

---

 

and also comes up when it says this page is secure and nobody else can see it or something like this (which happened today when i visited this page)

Are you getting this error with Firefox or Internet Explorer?

#12 vkh21

vkh21
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:10:05 AM

Posted 20 April 2013 - 05:35 PM

Internet Explorer

#13 nasdaq

nasdaq

  • Malware Response Team
  • 40,159 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:05:05 AM

Posted 21 April 2013 - 07:48 AM

Open your tool menu / Internet Options / Advanced Tab

Under Security - near the end
Uncheck
"Warn if changing between secure and not secure mode"
Press the Apply button.

Restart the computer.

If this does not solve you issue please post the exact and complete message.

#14 vkh21

vkh21
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:10:05 AM

Posted 21 April 2013 - 10:56 AM

okay thanks and another problem has arisen: combo fix has also had the affect of making it so when i went onto internet explorer and the homepage had changed to about blank and both the url bar and google search bar didn't work ie if i type in something and click enter nothing happens so i went to internet settings and changed my homepage to google.co.uk and i can search on that fine but url bar and search bar both dont work.

 Google chrome still works fine(which is what im using to type on) and so does firefox but not IE 10

i then degraded down to internet explorer 9 and it worked fine so i went ahead and reupgraded to IE 10 and again it isn't working so it's something to do with this version of IE.


Edited by vkh21, 21 April 2013 - 11:00 AM.


#15 vkh21

vkh21
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:10:05 AM

Posted 21 April 2013 - 11:02 AM

and the fixit link says this microsoft fix it does not apply to your operation system or application version






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users