Jump to content

nobodyshaani

Honorary Members
 View Profile  See their activity

  • Posts

    34

  • Joined

  • Last visited

Reputation

0 Neutral
  1. nobodyshaani
    well that's bad news, i will change passwords immediatly,, from another computer,,, how do i take backup of the files i have in this hardisk ..?? is there a way without infecting the new harddisk?? i bought new external hardisks,, there are some video files i need to copy from this computer to the new hard disks,, ( i havent yet connected them to this computer) is there a way??
  2. nobodyshaani
    Avira Free Antivirus Report file date: Wednesday, March 20, 2013 09:20 The program is running as an unrestricted full version. Online services are available. Licensee : Avira Free Antivirus Serial number : 0000149996-ADJIE-0000001 Platform : Windows 7 Ultimate Windows version : (plain) [6.1.7600] Boot mode : Normally booted Username : parushaa Computer name : PARUSHAA-PC Version information: BUILD.DAT : 13.0.0.3185 47702 Bytes 1/30/2013 10:13:00 AVSCAN.EXE : 13.6.0.584 640224 Bytes 3/20/2013 03:32:15 AVSCANRC.DLL : 13.4.0.360 54560 Bytes 3/20/2013 03:32:17 LUKE.DLL : 13.6.0.602 67808 Bytes 3/20/2013 03:36:15 AVSCPLR.DLL : 13.6.0.986 94944 Bytes 3/20/2013 03:41:28 AVREG.DLL : 13.6.0.940 250592 Bytes 3/20/2013 03:41:24 avlode.dll : 13.6.2.624 434912 Bytes 3/20/2013 03:41:36 avlode.rdf : 13.0.0.38 15231 Bytes 3/20/2013 03:41:30 VBASE000.VDF : 7.10.0.0 19875328 Bytes 11/6/2009 03:08:53 VBASE001.VDF : 7.11.0.0 13342208 Bytes 12/14/2010 03:12:35 VBASE002.VDF : 7.11.19.170 14374912 Bytes 12/20/2011 03:16:34 VBASE003.VDF : 7.11.21.238 4472832 Bytes 2/1/2012 03:17:47 VBASE004.VDF : 7.11.26.44 4329472 Bytes 3/28/2012 03:18:59 VBASE005.VDF : 7.11.34.116 4034048 Bytes 6/29/2012 03:20:07 VBASE006.VDF : 7.11.41.250 4902400 Bytes 9/6/2012 03:21:28 VBASE007.VDF : 7.11.50.230 3904512 Bytes 11/22/2012 03:22:35 VBASE008.VDF : 7.11.60.10 6627328 Bytes 2/7/2013 03:24:31 VBASE009.VDF : 7.11.60.11 2048 Bytes 2/7/2013 03:24:31 VBASE010.VDF : 7.11.60.12 2048 Bytes 2/7/2013 03:24:32 VBASE011.VDF : 7.11.60.13 2048 Bytes 2/7/2013 03:24:32 VBASE012.VDF : 7.11.60.14 2048 Bytes 2/7/2013 03:24:32 VBASE013.VDF : 7.11.60.62 351232 Bytes 2/8/2013 03:24:39 VBASE014.VDF : 7.11.60.115 190976 Bytes 2/9/2013 03:24:43 VBASE015.VDF : 7.11.60.177 282624 Bytes 2/11/2013 03:24:50 VBASE016.VDF : 7.11.60.249 215552 Bytes 2/13/2013 03:24:54 VBASE017.VDF : 7.11.61.65 151040 Bytes 2/15/2013 03:24:57 VBASE018.VDF : 7.11.61.135 159232 Bytes 2/18/2013 03:25:01 VBASE019.VDF : 7.11.61.163 152064 Bytes 2/18/2013 03:25:05 VBASE020.VDF : 7.11.61.207 164352 Bytes 2/19/2013 03:25:11 VBASE021.VDF : 7.11.62.43 206336 Bytes 2/21/2013 03:25:18 VBASE022.VDF : 7.11.64.106 1510912 Bytes 3/11/2013 03:25:40 VBASE023.VDF : 7.11.64.157 137216 Bytes 3/12/2013 03:25:43 VBASE024.VDF : 7.11.64.233 159744 Bytes 3/14/2013 03:25:47 VBASE025.VDF : 7.11.65.19 143360 Bytes 3/15/2013 03:25:50 VBASE026.VDF : 7.11.65.63 150528 Bytes 3/17/2013 03:25:53 VBASE027.VDF : 7.11.65.107 162816 Bytes 3/19/2013 03:25:58 VBASE028.VDF : 7.11.65.108 2048 Bytes 3/19/2013 03:25:59 VBASE029.VDF : 7.11.65.109 2048 Bytes 3/19/2013 03:25:59 VBASE030.VDF : 7.11.65.110 2048 Bytes 3/19/2013 03:25:59 VBASE031.VDF : 7.11.65.130 19968 Bytes 3/19/2013 03:26:01 Engine version : 8.2.12.16 AEVDF.DLL : 8.1.2.10 102772 Bytes 3/20/2013 03:27:50 AESCRIPT.DLL : 8.1.4.98 475516 Bytes 3/20/2013 03:27:48 AESCN.DLL : 8.1.10.0 131445 Bytes 3/20/2013 03:27:41 AESBX.DLL : 8.2.5.12 606578 Bytes 3/20/2013 03:27:55 AERDL.DLL : 8.2.0.88 643444 Bytes 3/20/2013 03:27:38 AEPACK.DLL : 8.3.2.2 827767 Bytes 3/20/2013 03:27:30 AEOFFICE.DLL : 8.1.2.56 205180 Bytes 3/20/2013 03:27:21 AEHEUR.DLL : 8.1.4.248 5804409 Bytes 3/20/2013 03:27:19 AEHELP.DLL : 8.1.25.2 258423 Bytes 3/20/2013 03:26:27 AEGEN.DLL : 8.1.6.16 434549 Bytes 3/20/2013 03:26:24 AEEXP.DLL : 8.4.0.12 192886 Bytes 3/20/2013 03:27:58 AEEMU.DLL : 8.1.3.2 393587 Bytes 3/20/2013 03:26:18 AECORE.DLL : 8.1.31.2 201080 Bytes 3/20/2013 03:26:14 AEBB.DLL : 8.1.1.4 53619 Bytes 3/20/2013 03:26:11 AVWINLL.DLL : 13.6.0.480 26480 Bytes 3/20/2013 03:02:34 AVPREF.DLL : 13.6.0.480 51056 Bytes 3/20/2013 03:32:08 AVREP.DLL : 13.6.0.480 178544 Bytes 3/20/2013 03:41:27 AVARKT.DLL : 13.6.0.624 260832 Bytes 3/20/2013 03:31:09 AVEVTLOG.DLL : 13.6.0.600 167648 Bytes 3/20/2013 03:31:40 SQLITE3.DLL : 3.7.0.1 397704 Bytes 3/20/2013 03:38:43 AVSMTP.DLL : 13.6.0.480 62832 Bytes 3/20/2013 03:32:32 NETNT.DLL : 13.6.0.480 16240 Bytes 3/20/2013 03:37:18 RCIMAGE.DLL : 13.4.0.360 4782880 Bytes 3/20/2013 03:02:50 RCTEXT.DLL : 13.6.0.480 66928 Bytes 3/20/2013 03:02:52 Configuration settings for the scan: Jobname.............................: Quick system scan Configuration file..................: c:\program files (x86)\avira\antivir desktop\quicksysscan.avp Reporting...........................: default Primary action......................: Interactive Secondary action....................: Ignore Scan master boot sector.............: on Scan boot sector....................: on Process scan........................: on Scan registry.......................: on Search for rootkits.................: off Integrity checking of system files..: off Scan all files......................: Intelligent file selection Scan archives.......................: on Limit recursion depth...............: 20 Smart extensions....................: on Macrovirus heuristic................: on File heuristic......................: extended Start of the scan: Wednesday, March 20, 2013 09:20 Starting master boot sector scan: Master boot sector HD0 [iNFO] No virus was found! Start scanning boot sectors: The scan of running processes will be started: Scan process 'svchost.exe' - '52' Module(s) have been scanned Scan process 'svchost.exe' - '36' Module(s) have been scanned Scan process 'atiesrxx.exe' - '26' Module(s) have been scanned Scan process 'svchost.exe' - '77' Module(s) have been scanned Scan process 'svchost.exe' - '89' Module(s) have been scanned Scan process 'svchost.exe' - '170' Module(s) have been scanned Scan process 'UMVPFSrv.exe' - '34' Module(s) have been scanned Scan process 'svchost.exe' - '84' Module(s) have been scanned Scan process 'atieclxx.exe' - '30' Module(s) have been scanned Scan process 'svchost.exe' - '87' Module(s) have been scanned Scan process 'spoolsv.exe' - '77' Module(s) have been scanned Scan process 'svchost.exe' - '60' Module(s) have been scanned Scan process 'BrowserProtect.exe' - '36' Module(s) have been scanned Scan process 'taskhost.exe' - '52' Module(s) have been scanned Scan process 'schtasks.exe' - '32' Module(s) have been scanned Scan process 'conhost.exe' - '14' Module(s) have been scanned Scan process 'BrowserProtect.exe' - '54' Module(s) have been scanned Scan process 'sppsvc.exe' - '27' Module(s) have been scanned Scan process 'svchost.exe' - '32' Module(s) have been scanned Scan process 'Y2Desktop.Updater.exe' - '53' Module(s) have been scanned Scan process 'rundll32.exe' - '28' Module(s) have been scanned Scan process 'Dwm.exe' - '32' Module(s) have been scanned Scan process 'Explorer.EXE' - '185' Module(s) have been scanned Scan process 'upt4pc_pt_14.exe' - '56' Module(s) have been scanned Scan process 'RAVCpl64.exe' - '42' Module(s) have been scanned Scan process 'YontooDesktop.exe' - '103' Module(s) have been scanned Scan process 'tuto4pc_pt_14.exe' - '51' Module(s) have been scanned Scan process 'SearchIndexer.exe' - '62' Module(s) have been scanned Scan process 'iexplore.exe' - '115' Module(s) have been scanned Scan process 'iexplore.exe' - '115' Module(s) have been scanned Scan process 'svchost.exe' - '49' Module(s) have been scanned Scan process 'iexplore.exe' - '113' Module(s) have been scanned Scan process 'wuauclt.exe' - '36' Module(s) have been scanned Scan process 'wmplayer.exe' - '118' Module(s) have been scanned Scan process 'avira_free_antivirus.exe' - '44' Module(s) have been scanned Scan process 'avwebloader.exe' - '78' Module(s) have been scanned Scan process 'presetup.exe' - '45' Module(s) have been scanned Scan process 'setup.exe' - '101' Module(s) have been scanned Scan process 'msiexec.exe' - '46' Module(s) have been scanned Scan process 'Updater.exe' - '63' Module(s) have been scanned Scan process 'SearchProtocolHost.exe' - '43' Module(s) have been scanned Scan process 'SearchFilterHost.exe' - '28' Module(s) have been scanned Scan process 'avguard.exe' - '98' Module(s) have been scanned Scan process 'avshadow.exe' - '20' Module(s) have been scanned Scan process 'sched.exe' - '45' Module(s) have been scanned Scan process 'AVWEBGRD.EXE' - '66' Module(s) have been scanned Scan process 'avgnt.exe' - '81' Module(s) have been scanned Scan process 'avconfig.exe' - '75' Module(s) have been scanned Scan process 'avcenter.exe' - '68' Module(s) have been scanned Scan process 'avscan.exe' - '105' Module(s) have been scanned Scan process 'SearchProtocolHost.exe' - '39' Module(s) have been scanned Scan process 'smss.exe' - '2' Module(s) have been scanned Scan process 'csrss.exe' - '18' Module(s) have been scanned Scan process 'wininit.exe' - '26' Module(s) have been scanned Scan process 'csrss.exe' - '16' Module(s) have been scanned Scan process 'services.exe' - '33' Module(s) have been scanned Scan process 'lsass.exe' - '62' Module(s) have been scanned Scan process 'lsm.exe' - '16' Module(s) have been scanned Scan process 'winlogon.exe' - '31' Module(s) have been scanned Starting to scan executable files (registry): C:\Program Files (x86)\Versalsoft\InternetDownload\InternetDownload.exe [DETECTION] Contains code of the W32/Sality.AG Windows virus C:\ProgramData\BrowserProtect\2.6.1095.52\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\uninstall.exe [DETECTION] Contains code of the W32/Sality.AG Windows virus C:\Program Files (x86)\DealPly\uninst.exe [DETECTION] Contains code of the W32/Sality.AG Windows virus C:\Program Files (x86)\Versalsoft\InternetDownload\Uninstall.exe [DETECTION] Contains code of the W32/Sality.AG Windows virus C:\Program Files (x86)\Versalsoft\InternetDownload\FLVPlayer.exe [DETECTION] Contains code of the W32/Sality.AG Windows virus C:\Program Files (x86)\Adobe\Adobe Utilities - CS5\ExtendScript Toolkit CS5\ExtendScript Toolkit.exe [DETECTION] Contains code of the W32/Sality.AG Windows virus C:\Program Files (x86)\Adobe\Adobe Extension Manager CS5\Adobe Extension Manager CS5.exe [DETECTION] Contains code of the W32/Sality.AG Windows virus C:\Program Files (x86)\Adobe\Adobe Utilities - CS5\Pixel Bender Toolkit 2\Pixel Bender Toolkit.exe [DETECTION] Contains code of the W32/Sality.AG Windows virus C:\Program Files (x86)\AnvSoft\Any Video Converter Professional\VideoConvPro.exe [DETECTION] Contains code of the W32/Sality.AG Windows virus C:\Program Files (x86)\AnvSoft\Any Video Converter Professional\unins000.exe [DETECTION] Contains code of the W32/Sality.AG Windows virus C:\Program Files (x86)\ERUNT\ERUNT.EXE [DETECTION] Contains code of the W32/Sality.AG Windows virus C:\Program Files (x86)\ERUNT\NTREGOPT.EXE [DETECTION] Contains code of the W32/Sality.AG Windows virus C:\Program Files (x86)\ERUNT\unins000.exe [DETECTION] Contains code of the W32/Sality.AG Windows virus C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [DETECTION] Contains code of the W32/Sality.AG Windows virus C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe [DETECTION] Contains code of the W32/Sality.AG Windows virus C:\Program Files (x86)\Malwarebytes' Anti-Malware\unins000.exe [DETECTION] Contains code of the W32/Sality.AG Windows virus C:\Program Files (x86)\Microsoft Silverlight\5.0.61118.0\Silverlight.Configuration.exe [DETECTION] Contains code of the W32/Sality.AG Windows virus C:\Program Files (x86)\Google\Picasa3\PicasaPhotoViewer.exe [DETECTION] Contains code of the W32/Sality.AG Windows virus C:\Program Files (x86)\Google\Picasa3\Uninstall.exe [DETECTION] Contains code of the W32/Sality.AG Windows virus C:\Program Files (x86)\tuto4pc_pt_14\Tuto4PC_widget.exe [DETECTION] Contains code of the W32/Sality.AG Windows virus C:\Program Files\Universal\UFileDownloadD\USetup.exe [DETECTION] Contains code of the W32/Sality.AG Windows virus C:\Users\parushaa\Downloads\mplayer_Setup.exe [DETECTION] Contains code of the W32/Sality.AG Windows virus D:\3D\Players\Firefox Setup 3.5.6.exe [DETECTION] Contains code of the W32/Sality.AG Windows virus D:\3D\Players\Firefox Setup 3.5.5.exe [DETECTION] Contains code of the W32/Sality.AG Windows virus The registry was scanned ( '4467' files ). Beginning disinfection: D:\3D\Players\Firefox Setup 3.5.5.exe [DETECTION] Contains code of the W32/Sality.AG Windows virus [NOTE] The file was repaired. D:\3D\Players\Firefox Setup 3.5.6.exe [DETECTION] Contains code of the W32/Sality.AG Windows virus [NOTE] The file was repaired. C:\Users\parushaa\Downloads\mplayer_Setup.exe [DETECTION] Contains code of the W32/Sality.AG Windows virus [NOTE] The file was repaired. C:\Program Files\Universal\UFileDownloadD\USetup.exe [DETECTION] Contains code of the W32/Sality.AG Windows virus [NOTE] The file was repaired. C:\Program Files (x86)\tuto4pc_pt_14\Tuto4PC_widget.exe [DETECTION] Contains code of the W32/Sality.AG Windows virus [NOTE] The file was repaired. C:\Program Files (x86)\Google\Picasa3\Uninstall.exe [DETECTION] Contains code of the W32/Sality.AG Windows virus [NOTE] The file was repaired. C:\Program Files (x86)\Google\Picasa3\PicasaPhotoViewer.exe [DETECTION] Contains code of the W32/Sality.AG Windows virus [NOTE] The file was repaired. C:\Program Files (x86)\Microsoft Silverlight\5.0.61118.0\Silverlight.Configuration.exe [DETECTION] Contains code of the W32/Sality.AG Windows virus [NOTE] The file was repaired. C:\Program Files (x86)\Malwarebytes' Anti-Malware\unins000.exe [DETECTION] Contains code of the W32/Sality.AG Windows virus [NOTE] The file was repaired. C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe [DETECTION] Contains code of the W32/Sality.AG Windows virus [NOTE] The file was repaired. C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [DETECTION] Contains code of the W32/Sality.AG Windows virus [NOTE] The file was repaired. C:\Program Files (x86)\ERUNT\unins000.exe [DETECTION] Contains code of the W32/Sality.AG Windows virus [NOTE] The file was repaired. C:\Program Files (x86)\ERUNT\NTREGOPT.EXE [DETECTION] Contains code of the W32/Sality.AG Windows virus [NOTE] The file was repaired. C:\Program Files (x86)\ERUNT\ERUNT.EXE [DETECTION] Contains code of the W32/Sality.AG Windows virus [NOTE] The file was repaired. C:\Program Files (x86)\AnvSoft\Any Video Converter Professional\unins000.exe [DETECTION] Contains code of the W32/Sality.AG Windows virus [NOTE] The file was repaired. C:\Program Files (x86)\AnvSoft\Any Video Converter Professional\VideoConvPro.exe [DETECTION] Contains code of the W32/Sality.AG Windows virus [NOTE] The file was repaired. C:\Program Files (x86)\Adobe\Adobe Utilities - CS5\Pixel Bender Toolkit 2\Pixel Bender Toolkit.exe [DETECTION] Contains code of the W32/Sality.AG Windows virus [NOTE] The file was repaired. C:\Program Files (x86)\Adobe\Adobe Extension Manager CS5\Adobe Extension Manager CS5.exe [DETECTION] Contains code of the W32/Sality.AG Windows virus [NOTE] The file was repaired. C:\Program Files (x86)\Adobe\Adobe Utilities - CS5\ExtendScript Toolkit CS5\ExtendScript Toolkit.exe [DETECTION] Contains code of the W32/Sality.AG Windows virus [NOTE] The file was repaired. C:\Program Files (x86)\Versalsoft\InternetDownload\FLVPlayer.exe [DETECTION] Contains code of the W32/Sality.AG Windows virus [NOTE] The file was repaired. C:\Program Files (x86)\Versalsoft\InternetDownload\Uninstall.exe [DETECTION] Contains code of the W32/Sality.AG Windows virus [NOTE] The file was repaired. C:\Program Files (x86)\DealPly\uninst.exe [DETECTION] Contains code of the W32/Sality.AG Windows virus [NOTE] The file was repaired. C:\ProgramData\BrowserProtect\2.6.1095.52\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\uninstall.exe [DETECTION] Contains code of the W32/Sality.AG Windows virus [NOTE] The file was repaired. C:\Program Files (x86)\Versalsoft\InternetDownload\InternetDownload.exe [DETECTION] Contains code of the W32/Sality.AG Windows virus [NOTE] The file was repaired. End of the scan: Wednesday, March 20, 2013 09:45 Used time: 00:32 Minute(s) The scan has been done completely. 0 Scanned directories 5253 Files were scanned 24 Viruses and/or unwanted programs were found 0 Files were classified as suspicious 0 Files were deleted 24 Viruses and unwanted programs were repaired 0 Files were moved to quarantine 0 Files were renamed 0 Files cannot be scanned 5229 Files not concerned 45 Archives were scanned 0 Warnings 24 Notes
  3. nobodyshaani
    DDS (Ver_2012-11-20.01) - NTFS_AMD64 Internet Explorer: 9.0.8112.16470 Run by parushaa at 19:12:05 on 2013-03-18 Microsoft Windows 7 Ultimate 6.1.7600.0.1252.1.1033.18.5887.4318 [GMT 5.5:30] . SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . ============== Running Processes =============== . C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\system32\atiesrxx.exe C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\system32\atieclxx.exe C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\ProgramData\BrowserProtect\2.6.1095.52\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe C:\Windows\system32\taskhost.exe C:\ProgramData\BrowserProtect\2.6.1095.52\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe C:\Windows\system32\sppsvc.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Program Files (x86)\Yontoo\Y2Desktop.Updater.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Users\parushaa\AppData\Local\tuto4pc_pt_14\upt4pc_pt_14.exe C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe C:\Users\parushaa\AppData\Roaming\Yontoo\YontooDesktop.exe C:\Program Files (x86)\tuto4pc_pt_14\tuto4pc_pt_14.exe C:\Windows\system32\SearchIndexer.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\System32\svchost.exe -k secsvcs C:\Windows\system32\wuauclt.exe C:\Windows\system32\taskeng.exe C:\Windows\system32\taskeng.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Windows\system32\taskhost.exe C:\Windows\system32\SearchProtocolHost.exe C:\Windows\system32\SearchFilterHost.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\System32\cscript.exe . ============== Pseudo HJT Report =============== . uStart Page = hxxp://www.google.com uSearch Bar = Preserve uSearch Page = hxxp://www.Google.com/ mStart Page = hxxp://www.google.com uSearchAssistant = hxxp://www.google.com/ie uSearchURL,(Default) = hxxp://www.google.com/search?q=%s mWinlogon: Userinit = userinit.exe, BHO: E-Zsoft VideoDownloaderToolBar: {4322A444-92F8-4C3E-BD4C-013BA51E2871} - C:\Program Files (x86)\Versalsoft\InternetDownload\VDTB.dll BHO: delta Helper Object: {C1AF5FA5-852C-4C90-812E-A7F75E011D87} - C:\Program Files (x86)\Delta\delta\1.8.10.0\bh\delta.dll BHO: DealPly: {EF7BD87A-8024-11E2-F316-F3E56188709B} - C:\Program Files (x86)\DealPly\DealPlyIE.dll BHO: Yontoo: {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files (x86)\Yontoo\YontooIEClient.dll TB: E-Zsoft VideoDownloaderToolBar: {4322A444-92F8-4C3E-BD4C-013BA51E2871} - C:\Program Files (x86)\Versalsoft\InternetDownload\VDTB.dll TB: Delta Toolbar: {82E1477C-B154-48D3-9891-33D83C26BCD3} - C:\Program Files (x86)\Delta\delta\1.8.10.0\deltaTlbr.dll uRun: [Yontoo Desktop] "C:\Users\parushaa\AppData\Roaming\Yontoo\YontooDesktop.exe" mRun: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun mRun: [internetDownload_upgrade] "C:\Program Files (x86)\Versalsoft\InternetDownload\InternetDownload.exe" /upgrade mRun: [tuto4pc_pt_14] "C:\Program Files (x86)\tuto4pc_pt_14\tuto4pc_pt_14.exe" mRunOnce: [upt4pc_pt_14.exe] C:\Users\parushaa\AppData\Local\tuto4pc_pt_14\upt4pc_pt_14.exe -runonce uPolicies-Explorer: NoDriveTypeAutoRun = dword:145 uPolicies-System: DisableTaskMgr = dword:1 uPolicies-System: DisableRegistryTools = dword:1 mPolicies-Explorer: NoActiveDesktop = dword:1 mPolicies-System: ConsentPromptBehaviorAdmin = dword:5 mPolicies-System: ConsentPromptBehaviorUser = dword:3 mPolicies-System: EnableUIADesktopToggle = dword:0 mPolicies-System: EnableLUA = dword:0 mPolicies-System: DisableTaskMgr = dword:1 mPolicies-System: DisableRegistryTools = dword:1 TCP: Interfaces\{B393CEF6-5134-4D0F-8C31-8E1FEF51F577} : NameServer = 218.248.255.196 218.248.245.5 AppInit_DLLs= c:\progra~3\browse~1\261095~1.52\{c16c1~1\browse~1.dll SSODL: WebCheck - <orphaned> x64-mStart Page = hxxp://searchfunmoods.com/?f=1&a=ironpub12&cd=2XzuyEtN2Y1L1QzuyEtDyCtCzzyCzzyBzz0A0AzzyBtD0AyDtN0D0Tzu0CyEtAzytN1L2XzutBtFtBtFtCtFyDtDtAtN1L1Czu1L1C1F1G1E2Y1StCtB&cr=1358372692&ir= x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s x64-DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab x64-SSODL: WebCheck - <orphaned> . ============= SERVICES / DRIVERS =============== . R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2009-9-18 202752] R2 BrowserProtect;BrowserProtect;C:\ProgramData\BrowserProtect\2.6.1095.52\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe [2013-3-13 2561488] R2 UMVPFSrv;UMVPFSrv;C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [2012-1-18 450848] R2 Yontoo Desktop Updater;Yontoo Desktop Updater;C:\Program Files (x86)\Yontoo\Y2Desktop.Updater.exe [2013-3-13 23552] R3 LVUVC64;Logitech HD Webcam C270(UVC);C:\Windows\System32\drivers\lvuvc64.sys [2012-1-18 4865568] R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2009-6-11 187392] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576] S3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2013-2-25 24176] S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2013-2-27 1255736] . =============== Created Last 30 ================ . 2013-03-18 05:28:43 -------- d-----w- C:\Users\parushaa\AppData\Local\eorezo 2013-03-14 16:03:32 -------- d-----w- C:\Users\parushaa\AppData\Roaming\DealPly 2013-03-14 16:03:21 -------- d-----w- C:\Program Files (x86)\DealPly 2013-03-14 15:45:33 -------- d-----w- C:\Users\parushaa\AppData\Local\tuto4pc_pt_14 2013-03-14 15:45:33 -------- d-----w- C:\Program Files (x86)\tuto4pc_pt_14 2013-03-14 15:45:12 -------- d-----w- C:\Users\parushaa\AppData\Roaming\Funmoods 2013-03-14 06:37:24 19968 ----a-w- C:\Windows\System32\drivers\usb8023.sys 2013-03-13 16:21:18 -------- d-----w- C:\Users\parushaa\AppData\Roaming\0D1G1I1Q1B2Z1C1V0A1N1N1C1P1N1T2Z1F1C 2013-03-13 10:05:09 -------- d-----w- C:\Program Files (x86)\ESET 2013-03-13 05:18:22 -------- d-----w- C:\Users\parushaa\AppData\Local\Downloaded Installations 2013-03-13 05:10:57 -------- d-----w- C:\Users\parushaa\AppData\Roaming\Yontoo 2013-03-13 05:10:57 -------- d-----w- C:\Program Files (x86)\Yontoo 2013-03-13 05:10:27 -------- d-----w- C:\ProgramData\Tarma Installer 2013-03-13 03:27:50 -------- d-----w- C:\Windows\SysWow64\searchplugins 2013-03-13 03:27:50 -------- d-----w- C:\Windows\SysWow64\Extensions 2013-03-13 03:27:47 -------- d-----w- C:\ProgramData\BrowserProtect 2013-03-13 03:26:58 -------- d-----w- C:\Users\parushaa\AppData\Roaming\BabSolution 2013-03-13 03:24:45 -------- d-----w- C:\Program Files (x86)\Delta 2013-03-13 03:24:44 -------- d-----w- C:\Users\parushaa\AppData\Roaming\Delta 2013-03-13 03:22:13 -------- d-----w- C:\Users\parushaa\AppData\Roaming\Babylon 2013-03-13 03:22:13 -------- d-----w- C:\ProgramData\Babylon 2013-03-13 03:10:46 -------- d-----w- C:\Versalsoft 2013-03-13 03:10:40 -------- d-----w- C:\Program Files (x86)\Versalsoft 2013-03-13 03:10:38 -------- d-----w- C:\Program Files\Universal 2013-03-11 06:25:57 -------- d-----w- C:\Users\parushaa\Doctor Web 2013-03-11 05:00:39 16200 ----a-w- C:\Windows\stinger.sys 2013-03-11 04:59:23 -------- d-----w- C:\Program Files (x86)\stinger 2013-03-09 13:58:04 -------- d-----w- C:\Windows\System32\appmgmt 2013-03-08 04:33:33 -------- d-----w- C:\_OTL 2013-03-05 07:16:43 -------- d-----w- C:\Users\parushaa\AppData\Roaming\AnvSoft 2013-03-05 07:16:18 -------- d-----w- C:\Program Files (x86)\AnvSoft 2013-03-04 07:31:36 -------- d-----w- C:\Users\parushaa\AppData\Local\Facebook 2013-03-03 19:02:44 -------- d-----w- C:\FRST 2013-03-03 05:39:05 -------- d-----w- C:\Windows\ERUNT 2013-03-03 05:39:00 -------- d-----w- C:\JRT 2013-03-01 08:44:13 9162192 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{17BBC81F-CE17-4328-917C-343834B8AA66}\mpengine.dll 2013-02-27 17:19:32 996352 ----a-w- C:\Program Files\Common Files\Microsoft Shared\VGX\VGX.dll 2013-02-27 17:19:32 768000 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\VGX\VGX.dll 2013-02-27 13:33:53 73432 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl 2013-02-27 13:33:53 693976 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe 2013-02-27 05:29:21 1135104 ----a-w- C:\Windows\System32\FntCache.dll 2013-02-27 04:27:05 -------- d-----w- C:\Windows\SysWow64\Wat 2013-02-27 04:27:05 -------- d-----w- C:\Windows\System32\Wat 2013-02-27 04:05:19 367104 ----a-w- C:\Windows\System32\wcncsvc.dll 2013-02-27 04:05:19 276992 ----a-w- C:\Windows\SysWow64\wcncsvc.dll 2013-02-27 03:52:39 9728 ----a-w- C:\Windows\System32\Wdfres.dll 2013-02-27 03:52:39 785512 ----a-w- C:\Windows\System32\drivers\Wdf01000.sys 2013-02-27 03:52:39 54376 ----a-w- C:\Windows\System32\drivers\WdfLdr.sys 2013-02-27 03:52:39 2560 ----a-w- C:\Windows\System32\drivers\en-US\wdf01000.sys.mui 2013-02-27 03:47:28 99176 ----a-w- C:\Windows\SysWow64\PresentationHostProxy.dll 2013-02-27 03:47:28 49472 ----a-w- C:\Windows\SysWow64\netfxperf.dll 2013-02-27 03:47:28 48960 ----a-w- C:\Windows\System32\netfxperf.dll 2013-02-27 03:47:28 444752 ----a-w- C:\Windows\System32\mscoree.dll 2013-02-27 03:47:28 320352 ----a-w- C:\Windows\System32\PresentationHost.exe 2013-02-27 03:47:28 297808 ----a-w- C:\Windows\SysWow64\mscoree.dll 2013-02-27 03:47:28 295264 ----a-w- C:\Windows\SysWow64\PresentationHost.exe 2013-02-27 03:47:28 1942856 ----a-w- C:\Windows\System32\dfshim.dll 2013-02-27 03:47:28 1130824 ----a-w- C:\Windows\SysWow64\dfshim.dll 2013-02-27 03:47:28 109912 ----a-w- C:\Windows\System32\PresentationHostProxy.dll 2013-02-27 03:39:35 46080 ----a-w- C:\Windows\System32\atmlib.dll 2013-02-27 03:39:35 367616 ----a-w- C:\Windows\System32\atmfd.dll 2013-02-27 03:39:35 34304 ----a-w- C:\Windows\SysWow64\atmlib.dll 2013-02-27 03:39:35 295424 ----a-w- C:\Windows\SysWow64\atmfd.dll 2013-02-27 03:38:58 87040 ----a-w- C:\Windows\System32\drivers\WUDFPf.sys 2013-02-27 03:38:58 84992 ----a-w- C:\Windows\System32\WUDFSvc.dll 2013-02-27 03:38:58 744448 ----a-w- C:\Windows\System32\WUDFx.dll 2013-02-27 03:38:58 45056 ----a-w- C:\Windows\System32\WUDFCoinstaller.dll 2013-02-27 03:38:58 229888 ----a-w- C:\Windows\System32\WUDFHost.exe 2013-02-27 03:38:58 198656 ----a-w- C:\Windows\System32\drivers\WUDFRd.sys 2013-02-27 03:38:58 194048 ----a-w- C:\Windows\System32\WUDFPlatform.dll 2013-02-27 03:36:21 80896 ----a-w- C:\Windows\System32\imagehlp.dll 2013-02-27 03:36:21 5120 ----a-w- C:\Windows\SysWow64\wmi.dll 2013-02-27 03:36:21 5120 ----a-w- C:\Windows\System32\wmi.dll 2013-02-27 03:36:21 22896 ----a-w- C:\Windows\System32\drivers\fs_rec.sys 2013-02-27 03:36:21 158720 ----a-w- C:\Windows\SysWow64\imagehlp.dll 2013-02-27 03:34:44 243712 ----a-w- C:\Windows\System32\drivers\ks.sys 2013-02-27 03:34:44 184832 ----a-w- C:\Windows\System32\drivers\usbvideo.sys 2013-02-26 17:00:26 1656688 ----a-w- C:\Windows\System32\drivers\ntfs.sys 2013-02-26 17:00:19 5500776 ----a-w- C:\Windows\System32\ntoskrnl.exe 2013-02-26 17:00:18 3957608 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe 2013-02-26 17:00:18 3902312 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe 2013-02-26 16:58:01 142336 ----a-w- C:\Windows\System32\poqexec.exe 2013-02-26 16:58:01 123904 ----a-w- C:\Windows\SysWow64\poqexec.exe 2013-02-26 16:57:55 2870272 ----a-w- C:\Windows\explorer.exe 2013-02-26 16:57:54 2614784 ----a-w- C:\Windows\SysWow64\explorer.exe 2013-02-26 16:57:52 2048 ----a-w- C:\Windows\SysWow64\tzres.dll 2013-02-26 16:57:52 2048 ----a-w- C:\Windows\System32\tzres.dll 2013-02-26 16:57:43 961024 ----a-w- C:\Windows\System32\CPFilters.dll 2013-02-26 16:57:43 850432 ----a-w- C:\Windows\SysWow64\sbe.dll 2013-02-26 16:57:43 642048 ----a-w- C:\Windows\SysWow64\CPFilters.dll 2013-02-26 16:57:43 259072 ----a-w- C:\Windows\System32\mpg2splt.ax 2013-02-26 16:57:43 199680 ----a-w- C:\Windows\SysWow64\mpg2splt.ax 2013-02-26 16:57:43 1118720 ----a-w- C:\Windows\System32\sbe.dll 2013-02-26 16:57:38 148992 ----a-w- C:\Windows\System32\t2embed.dll 2013-02-26 16:57:38 109056 ----a-w- C:\Windows\SysWow64\t2embed.dll 2013-02-26 16:50:35 483840 ----a-w- C:\Windows\System32\StructuredQuery.dll 2013-02-26 16:50:35 363520 ----a-w- C:\Windows\SysWow64\StructuredQuery.dll 2013-02-26 16:50:34 287744 ----a-w- C:\Windows\System32\drivers\mrxsmb10.sys 2013-02-26 16:50:34 157696 ----a-w- C:\Windows\System32\drivers\mrxsmb.sys 2013-02-26 16:50:34 126464 ----a-w- C:\Windows\System32\drivers\mrxsmb20.sys 2013-02-26 16:50:29 395776 ----a-w- C:\Windows\System32\webio.dll 2013-02-26 16:50:28 314368 ----a-w- C:\Windows\SysWow64\webio.dll 2013-02-26 16:50:19 3150848 ----a-w- C:\Windows\System32\win32k.sys 2013-02-26 16:45:41 2080256 ----a-w- C:\Program Files\Windows Mail\msoe.dll 2013-02-26 16:45:41 1619968 ----a-w- C:\Program Files (x86)\Windows Mail\msoe.dll 2013-02-26 16:45:40 552960 ----a-w- C:\Windows\System32\msdri.dll 2013-02-26 16:44:33 515584 ----a-w- C:\Windows\System32\timedate.cpl 2013-02-26 16:44:33 478208 ----a-w- C:\Windows\SysWow64\timedate.cpl 2013-02-26 16:44:33 43520 ----a-w- C:\Windows\System32\csrsrv.dll 2013-02-26 16:44:32 476160 ----a-w- C:\Windows\System32\XpsGdiConverter.dll 2013-02-26 16:44:32 288256 ----a-w- C:\Windows\SysWow64\XpsGdiConverter.dll 2013-02-26 16:41:45 662528 ----a-w- C:\Windows\System32\XpsPrint.dll 2013-02-26 16:41:45 442880 ----a-w- C:\Windows\SysWow64\XpsPrint.dll 2013-02-26 16:41:23 1395712 ----a-w- C:\Windows\System32\mfc42.dll 2013-02-26 16:41:23 1359872 ----a-w- C:\Windows\System32\mfc42u.dll 2013-02-26 16:41:23 1164288 ----a-w- C:\Windows\SysWow64\mfc42u.dll 2013-02-26 16:41:23 1137664 ----a-w- C:\Windows\SysWow64\mfc42.dll 2013-02-26 16:38:55 4068864 ----a-w- C:\Windows\System32\mf.dll 2013-02-26 16:37:26 2001408 ----a-w- C:\Windows\System32\msxml6.dll 2013-02-26 16:37:26 1880064 ----a-w- C:\Windows\System32\msxml3.dll 2013-02-26 16:37:26 1388544 ----a-w- C:\Windows\SysWow64\msxml6.dll 2013-02-26 16:37:26 1236992 ----a-w- C:\Windows\SysWow64\msxml3.dll 2013-02-26 16:37:08 27008 ----a-w- C:\Windows\System32\drivers\Diskdump.sys 2013-02-26 16:37:06 82944 ----a-w- C:\Windows\SysWow64\iccvid.dll 2013-02-26 16:37:05 223448 ----a-w- C:\Windows\System32\drivers\fvevol.sys 2013-02-26 16:37:03 208896 ----a-w- C:\Windows\System32\profsvc.dll 2013-02-26 16:37:01 30208 ----a-w- C:\Windows\System32\dnscacheugc.exe 2013-02-26 16:37:01 28672 ----a-w- C:\Windows\SysWow64\dnscacheugc.exe 2013-02-26 16:37:01 182272 ----a-w- C:\Windows\System32\dnsrslvr.dll 2013-02-26 16:36:24 478208 ----a-w- C:\Windows\System32\dpnet.dll 2013-02-26 16:36:24 376832 ----a-w- C:\Windows\SysWow64\dpnet.dll 2013-02-26 16:36:23 738816 ----a-w- C:\Windows\SysWow64\wmpmde.dll 2013-02-26 16:36:23 307200 ----a-w- C:\Windows\System32\ncrypt.dll 2013-02-26 16:36:23 219136 ----a-w- C:\Windows\SysWow64\ncrypt.dll 2013-02-26 16:36:23 1024512 ----a-w- C:\Windows\System32\wmpmde.dll 2013-02-26 16:36:22 220160 ----a-w- C:\Windows\System32\wintrust.dll 2013-02-26 16:36:22 172544 ----a-w- C:\Windows\SysWow64\wintrust.dll 2013-02-26 16:32:57 295792 ----a-w- C:\Windows\System32\drivers\volsnap.sys 2013-02-26 16:31:28 516096 ----a-w- C:\Program Files\Windows Mail\wab.exe 2013-02-26 16:31:28 516096 ----a-w- C:\Program Files (x86)\Windows Mail\wab.exe 2013-02-26 16:31:28 35328 ----a-w- C:\Program Files\Windows Mail\wabfind.dll 2013-02-26 16:31:27 499200 ----a-w- C:\Windows\System32\drivers\afd.sys 2013-02-26 16:31:26 75632 ----a-w- C:\Windows\System32\drivers\partmgr.sys 2013-02-26 16:31:24 9162192 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll 2013-02-26 16:31:22 714752 ----a-w- C:\Windows\System32\kerberos.dll 2013-02-26 16:31:22 541184 ----a-w- C:\Windows\SysWow64\kerberos.dll 2013-02-26 16:28:10 3213824 ----a-w- C:\Windows\System32\msi.dll 2013-02-26 16:28:10 2342400 ----a-w- C:\Windows\SysWow64\msi.dll 2013-02-26 16:20:28 95744 ----a-w- C:\Windows\System32\synceng.dll 2013-02-26 16:20:28 78336 ----a-w- C:\Windows\SysWow64\synceng.dll 2013-02-26 16:20:26 640896 ----a-w- C:\Windows\System32\winload.efi 2013-02-26 16:20:26 603976 ----a-w- C:\Windows\System32\winload.exe 2013-02-26 16:20:26 556928 ----a-w- C:\Windows\System32\winresume.efi 2013-02-26 16:20:26 518160 ----a-w- C:\Windows\System32\winresume.exe 2013-02-26 16:20:26 20352 ----a-w- C:\Windows\System32\kdusb.dll 2013-02-26 16:20:26 19328 ----a-w- C:\Windows\System32\kd1394.dll 2013-02-26 16:20:26 17792 ----a-w- C:\Windows\System32\kdcom.dll 2013-02-26 16:20:09 954752 ----a-w- C:\Windows\SysWow64\mfc40.dll 2013-02-26 16:20:09 954288 ----a-w- C:\Windows\SysWow64\mfc40u.dll 2013-02-26 16:14:59 167424 ----a-w- C:\Program Files\Windows Media Player\wmplayer.exe 2013-02-26 16:13:44 956416 ----a-w- C:\Windows\System32\localspl.dll 2013-02-26 16:13:39 90624 ----a-w- C:\Windows\System32\drivers\bowser.sys 2013-02-26 16:13:34 861184 ----a-w- C:\Windows\System32\oleaut32.dll 2013-02-26 16:13:33 571904 ----a-w- C:\Windows\SysWow64\oleaut32.dll 2013-02-26 16:13:33 331776 ----a-w- C:\Windows\System32\oleacc.dll 2013-02-26 16:13:33 233472 ----a-w- C:\Windows\SysWow64\oleacc.dll 2013-02-26 16:13:25 723456 ----a-w- C:\Windows\System32\EncDec.dll 2013-02-26 16:13:25 534528 ----a-w- C:\Windows\SysWow64\EncDec.dll 2013-02-26 16:13:11 1732096 ----a-w- C:\Program Files\Windows Journal\NBDoc.DLL 2013-02-26 16:13:10 936960 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\ink\journal.dll 2013-02-26 16:13:10 1402880 ----a-w- C:\Program Files\Windows Journal\JNWDRV.dll 2013-02-26 16:13:10 1393664 ----a-w- C:\Program Files\Windows Journal\JNTFiltr.dll 2013-02-26 16:13:10 1367552 ----a-w- C:\Program Files\Common Files\Microsoft Shared\ink\journal.dll 2013-02-26 16:12:38 987136 ----a-w- C:\Program Files (x86)\Common Files\System\ado\msado15.dll 2013-02-26 16:12:38 1425408 ----a-w- C:\Program Files\Common Files\System\ado\msado15.dll 2013-02-26 16:11:57 720896 ----a-w- C:\Windows\System32\odbc32.dll 2013-02-26 16:11:57 573440 ----a-w- C:\Windows\SysWow64\odbc32.dll 2013-02-26 16:11:57 495616 ----a-w- C:\Program Files\Common Files\System\ado\msadox.dll 2013-02-26 16:11:57 466944 ----a-w- C:\Program Files\Common Files\System\ado\msadomd.dll 2013-02-26 16:11:57 372736 ----a-w- C:\Program Files (x86)\Common Files\System\ado\msadox.dll 2013-02-26 16:11:57 352256 ----a-w- C:\Program Files (x86)\Common Files\System\ado\msadomd.dll 2013-02-26 16:11:57 258048 ----a-w- C:\Program Files\Common Files\System\msadc\msadco.dll 2013-02-26 16:11:57 208896 ----a-w- C:\Program Files (x86)\Common Files\System\msadc\msadco.dll 2013-02-26 16:11:28 1739160 ----a-w- C:\Windows\System32\ntdll.dll 2013-02-26 16:11:28 1292592 ----a-w- C:\Windows\SysWow64\ntdll.dll 2013-02-26 16:10:56 9728 ----a-w- C:\Windows\SysWow64\sscore.dll 2013-02-26 16:10:56 236032 ----a-w- C:\Windows\System32\srvsvc.dll 2013-02-26 16:10:45 67584 ----a-w- C:\Windows\splwow64.exe 2013-02-26 16:10:45 559104 ----a-w- C:\Windows\System32\spoolsv.exe 2013-02-26 16:08:35 182272 ----a-w- C:\Windows\System32\cryptsvc.dll 2013-02-26 16:08:35 1462784 ----a-w- C:\Windows\System32\crypt32.dll 2013-02-26 16:08:35 140288 ----a-w- C:\Windows\System32\cryptnet.dll 2013-02-26 16:08:35 139264 ----a-w- C:\Windows\SysWow64\cryptsvc.dll 2013-02-26 16:08:35 1157632 ----a-w- C:\Windows\SysWow64\crypt32.dll 2013-02-26 16:08:35 103936 ----a-w- C:\Windows\SysWow64\cryptnet.dll 2013-02-26 16:08:29 77312 ----a-w- C:\Windows\System32\packager.dll 2013-02-26 16:08:29 67072 ----a-w- C:\Windows\SysWow64\packager.dll 2013-02-26 15:45:45 139264 ----a-w- C:\Windows\System32\cabview.dll 2013-02-26 15:45:45 132608 ----a-w- C:\Windows\SysWow64\cabview.dll 2013-02-26 15:45:38 826368 ----a-w- C:\Windows\SysWow64\rdpcore.dll 2013-02-26 15:45:38 23552 ----a-w- C:\Windows\System32\drivers\tdtcp.sys 2013-02-26 15:45:38 1031680 ----a-w- C:\Windows\System32\rdpcore.dll 2013-02-26 15:34:03 2622464 ----a-w- C:\Windows\System32\wucltux.dll 2013-02-26 15:33:58 99840 ----a-w- C:\Windows\System32\wudriver.dll 2013-02-26 15:33:54 36864 ----a-w- C:\Windows\System32\wuapp.exe 2013-02-26 15:33:54 186752 ----a-w- C:\Windows\System32\wuwebv.dll 2013-02-26 00:18:04 0 ----a-w- C:\Windows\ativpsrm.bin 2013-02-26 00:16:02 -------- d-sh--w- C:\Boot 2013-02-25 14:22:29 -------- d-----w- C:\Users\parushaa\AppData\Local\Deployment 2013-02-25 14:22:29 -------- d-----w- C:\Users\parushaa\AppData\Local\Apps 2013-02-25 12:59:24 -------- d-----w- C:\Users\parushaa\AppData\Roaming\Malwarebytes 2013-02-25 12:59:22 24176 ----a-w- C:\Windows\System32\drivers\mbam.sys 2013-02-25 12:59:22 -------- d-----w- C:\ProgramData\Malwarebytes 2013-02-25 12:59:22 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware 2013-02-25 12:59:14 -------- d-----w- C:\Users\parushaa\AppData\Local\Programs 2013-02-25 11:18:57 -------- d-----w- C:\Users\parushaa\AppData\Local\Adobe 2013-02-25 11:14:19 -------- d-----w- C:\Users\parushaa\AppData\Local\Google 2013-02-25 11:13:22 -------- d-----w- C:\Program Files (x86)\VideoLAN 2013-02-25 11:10:03 -------- d-----w- C:\Users\parushaa\AppData\Local\ATI 2013-02-25 11:07:11 16440 ----a-w- C:\Windows\System32\drivers\AtiPcie.sys 2013-02-25 11:07:10 -------- d-----w- C:\Program Files\Common Files\ATI Technologies 2013-02-25 11:07:06 121872 ----a-w- C:\Windows\System32\drivers\AtiHdmi.sys 2013-02-25 11:06:59 446464 ----a-w- C:\Windows\System32\ATIDEMGX.dll 2013-02-25 11:06:49 -------- d-----w- C:\Program Files (x86)\ATI Technologies 2013-02-25 11:06:32 -------- d-sh--w- C:\Windows\Installer 2013-02-25 11:05:59 -------- d-----w- C:\Program Files\ATI Technologies 2013-02-25 11:05:46 -------- d-----w- C:\Program Files\ATI 2013-02-25 11:03:58 -------- d--h--w- C:\Program Files (x86)\Temp 2013-02-25 11:03:57 831488 ------r- C:\Windows\RtlExUpd.dll 2013-02-25 11:03:56 757760 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\iKernel.dll 2013-02-25 11:03:56 69715 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\ctor.dll 2013-02-25 11:03:56 65024 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\ISBEW64.exe 2013-02-25 11:03:56 5632 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\DotNetInstaller.exe 2013-02-25 11:03:56 32768 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\Objectps.dll 2013-02-25 11:03:56 274432 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\iscript.dll 2013-02-25 11:03:56 204800 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\iuser.dll 2013-02-25 11:03:55 331908 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\setup.dll 2013-02-25 11:03:55 200836 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\iGdi.dll 2013-02-25 10:57:25 -------- d-sh--we C:\Documents and Settings 2013-02-25 10:57:25 -------- d-sh--w- C:\Recovery . ==================== Find3M ==================== . 2013-02-02 06:57:02 2312704 ----a-w- C:\Windows\System32\jscript9.dll 2013-02-02 06:47:24 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl 2013-02-02 06:47:19 1392128 ----a-w- C:\Windows\System32\wininet.dll 2013-02-02 06:42:18 173056 ----a-w- C:\Windows\System32\ieUnatt.exe 2013-02-02 06:41:51 599040 ----a-w- C:\Windows\System32\vbscript.dll 2013-02-02 06:38:01 2382848 ----a-w- C:\Windows\System32\mshtml.tlb 2013-02-02 03:38:35 1800704 ----a-w- C:\Windows\SysWow64\jscript9.dll 2013-02-02 03:30:32 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl 2013-02-02 03:30:21 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll 2013-02-02 03:26:47 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe 2013-02-02 03:26:21 420864 ----a-w- C:\Windows\SysWow64\vbscript.dll 2013-02-02 03:23:28 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb 2013-01-16 19:58:58 273840 ------w- C:\Windows\System32\MpSigStub.exe 2013-01-04 05:41:01 1893224 ----a-w- C:\Windows\System32\drivers\tcpip.sys 2013-01-04 05:40:54 287576 ----a-w- C:\Windows\System32\drivers\FWPKCLNT.SYS 2013-01-04 05:37:01 362496 ----a-w- C:\Windows\System32\wow64win.dll 2013-01-04 05:37:00 243200 ----a-w- C:\Windows\System32\wow64.dll 2013-01-04 05:37:00 13312 ----a-w- C:\Windows\System32\wow64cpu.dll 2013-01-04 05:36:33 215040 ----a-w- C:\Windows\System32\winsrv.dll 2013-01-04 05:33:49 16384 ----a-w- C:\Windows\System32\ntvdm64.dll 2013-01-04 05:30:34 424960 ----a-w- C:\Windows\System32\KernelBase.dll 2013-01-04 05:27:03 6144 ---ha-w- C:\Windows\System32\api-ms-win-security-base-l1-1-0.dll 2013-01-04 05:27:03 3072 ---ha-w- C:\Windows\System32\api-ms-win-core-xstate-l1-1-0.dll 2013-01-04 05:27:03 3072 ---ha-w- C:\Windows\System32\api-ms-win-core-util-l1-1-0.dll 2013-01-04 05:27:02 4608 ---ha-w- C:\Windows\System32\api-ms-win-core-threadpool-l1-1-0.dll 2013-01-04 05:27:02 4096 ---ha-w- C:\Windows\System32\api-ms-win-core-sysinfo-l1-1-0.dll 2013-01-04 05:27:02 4096 ---ha-w- C:\Windows\System32\api-ms-win-core-synch-l1-1-0.dll 2013-01-04 05:27:01 3584 ---ha-w- C:\Windows\System32\api-ms-win-core-rtlsupport-l1-1-0.dll 2013-01-04 05:27:01 3072 ---ha-w- C:\Windows\System32\api-ms-win-core-string-l1-1-0.dll 2013-01-04 05:27:00 4608 ---ha-w- C:\Windows\System32\api-ms-win-core-processthreads-l1-1-0.dll 2013-01-04 05:27:00 3584 ---ha-w- C:\Windows\System32\api-ms-win-core-processenvironment-l1-1-0.dll 2013-01-04 05:27:00 3072 ---ha-w- C:\Windows\System32\api-ms-win-core-profile-l1-1-0.dll 2013-01-04 04:51:09 5120 ----a-w- C:\Windows\SysWow64\wow32.dll 2013-01-04 04:51:08 274944 ----a-w- C:\Windows\SysWow64\KernelBase.dll 2013-01-04 03:19:55 338432 ----a-w- C:\Windows\System32\conhost.exe 2013-01-04 02:48:37 25600 ----a-w- C:\Windows\SysWow64\setup16.exe 2013-01-04 02:48:34 7680 ----a-w- C:\Windows\SysWow64\instnm.exe 2013-01-04 02:48:34 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll 2013-01-04 02:48:33 2048 ----a-w- C:\Windows\SysWow64\user.exe 2013-01-04 02:43:35 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll 2013-01-04 02:43:34 6144 ---ha-w- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll 2013-01-04 02:43:34 4608 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll 2013-01-04 02:43:34 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll . ============= FINISH: 19:12:38.79 ===============</orphaned></orphaned>
  4. nobodyshaani
    . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2012-11-20.01) . Microsoft Windows 7 Ultimate Boot Device: \Device\HarddiskVolume1 Install Date: 2/26/2013 5:48:42 AM System Uptime: 3/18/2013 1:08:27 PM (6 hours ago) . Motherboard: MICRO-STAR INTERNATIONAL CO.,LTD | | 790GX-G65 (MS-7576) Processor: AMD Phenom II X4 965 Processor | CPU1 | 3400/200mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 98 GiB total, 64.731 GiB free. D: is FIXED (NTFS) - 181 GiB total, 13.735 GiB free. E: is FIXED (NTFS) - 187 GiB total, 14.866 GiB free. F: is CDROM () . ==== Disabled Device Manager Items ============= . ==== System Restore Points =================== . RP9: 3/8/2013 10:04:11 AM - OTL Restore Point - 3/8/2013 10:04:10 AM RP10: 3/9/2013 7:27:39 PM - Removed Adobe Reader 9.2. RP11: 3/14/2013 11:32:21 PM - Windows Update RP12: 3/16/2013 12:06:06 AM - Windows Update . ==== Installed Programs ====================== . Adobe Creative Suite 5 Master Collection Adobe Flash Player (IE) Packages Adobe Flash Player 11 ActiveX Any Video Converter Professional 3.5.8 ATI AVIVO64 Codecs ATI Catalyst Install Manager BrowserProtect Catalyst Control Center - Branding Catalyst Control Center Core Implementation Catalyst Control Center Graphics Full Existing Catalyst Control Center Graphics Full New Catalyst Control Center Graphics Light Catalyst Control Center Graphics Previews Vista Catalyst Control Center InstallProxy Catalyst Control Center Localization All ccc-core-static ccc-utility64 CCC Help Chinese Standard CCC Help Chinese Traditional CCC Help Czech CCC Help Danish CCC Help Dutch CCC Help English CCC Help Finnish CCC Help French CCC Help German CCC Help Greek CCC Help Hungarian CCC Help Italian CCC Help Japanese CCC Help Korean CCC Help Norwegian CCC Help Polish CCC Help Portuguese CCC Help Russian CCC Help Spanish CCC Help Swedish CCC Help Thai CCC Help Turkish DealPly DealPly (remove only) Delta Chrome Toolbar Delta toolbar ERUNT 1.1j ESET Online Scanner v3 Facebook Video Calling 1.2.0.287 Google Chrome Google Update Helper Malwarebytes Anti-Malware version 1.70.0.1100 Microsoft .NET Framework 4 Client Profile Microsoft Silverlight Microsoft Visual C++ 2005 Redistributable (x64) Microsoft_VC80_ATL_x86 Microsoft_VC80_ATL_x86_x64 Microsoft_VC80_CRT_x86 Microsoft_VC80_CRT_x86_x64 Microsoft_VC80_MFC_x86 Microsoft_VC80_MFC_x86_x64 Microsoft_VC80_MFCLOC_x86 Microsoft_VC80_MFCLOC_x86_x64 Microsoft_VC90_ATL_x86 Microsoft_VC90_ATL_x86_x64 Microsoft_VC90_CRT_x86 Microsoft_VC90_CRT_x86_x64 Microsoft_VC90_MFC_x86 Microsoft_VC90_MFC_x86_x64 Picasa 3 Realtek High Definition Audio Driver Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449) Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019) Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595) Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642) tuto4pc_pt_14 Update for Microsoft .NET Framework 4 Client Profile (KB2468871) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) VLC media player 1.0.3 WinRAR archiver Yontoo 2.04.1 . ==== Event Viewer Messages From Past Week ======== . 3/17/2013 2:52:02 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk1\DR1. 3/16/2013 9:54:02 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk1\DR5. 3/16/2013 9:51:44 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk1\DR3. 3/13/2013 6:46:38 PM, Error: Service Control Manager [7023] - The Server service terminated with the following error: The service has not been started. 3/13/2013 10:41:02 AM, Error: Service Control Manager [7031] - The BrowserProtect service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service. 3/11/2013 9:48:36 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Google Update Service (gupdate) service to connect. 3/11/2013 9:48:36 AM, Error: Service Control Manager [7000] - The Google Update Service (gupdate) service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. 3/11/2013 9:46:35 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the MBAMService service to connect. 3/11/2013 9:46:35 AM, Error: Service Control Manager [7000] - The MBAMService service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. 3/11/2013 9:46:20 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the MBAMScheduler service to connect. 3/11/2013 9:46:20 AM, Error: Service Control Manager [7000] - The MBAMScheduler service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. . ==== End Of File ===========================
  5. nobodyshaani
    why do you need fresh DDS and attach text files? i didnt install window . it was before we started talking,,, read my comment on second page
  6. nobodyshaani
    trying to run ESET online scanner , but it is showing the same error
  7. nobodyshaani
    no i didnt installed windows yesterday , i meant i did that after i realised i couldnt delete this virus , a month ago before we started talking
  8. nobodyshaani
    and sorry for the late replies,, i am an independent filmaker,, i am shooting these days, and i need my computer to edit my movie,, and the virus is still thre and i am afraid it might start erasing my files..how much more time do you think this virus might take to leave? because i have reinstalled windows , its still there ,, and we are doing all these steps,, but its still there ,, my work is getting late and i dont have any other computer to work on.
  9. nobodyshaani
    when ever ESET online scanner starts, i Accept the Terms of Use and press Start button; Enable (check) the Remove found threats option, and run the scan. iwhile it downloads virus signature database another window opens , showing message that "online cmdlinescanner.exe has stopped working, windows is looking for the solution to the problem, i resarted the computer but its still there , thn after some time scan shows unexpected error 101
  10. nobodyshaani
    cureit.log
  11. nobodyshaani
    when i go to eset online scanner , i click on the "run eset online scanner " a pop up window opens,, and thn i accepted the terms, the next page doest show anything,.. what might be the problem ,, is active x or flash player missing,, youtube and other video links works fine on internet explorer..
  12. nobodyshaani
    cure it. log is too big to copy and paste into a reply , even would'nt fit into many replies... how can i attatch the file , i couldnt find the attatch button , in the meantime i will do the next steps you have told me to do ,,,
  13. nobodyshaani
    thing is that i ran drweb cure it,, i reboot the computer and forgot to open log, and save it , but i let it cure the .exe files ,, and did the scan again , and pasting the log file it created second time,,,
  14. nobodyshaani
    McAfee® Labs Stinger Version 10.2.0.1015 built on Mar 8 2013 Copyright © 2012 McAfee, Inc. All Rights Reserved. Virus data file v1000.0000 created on Mar 8 2013. Ready to scan for 6172 viruses, trojans and variants. Scan initiated on Mon Mar 11 10:30:35 2013 Rootkit scan result : Not Scanned Master Boot Record(s):....1 Possibly Infected:.............0 Boot Sector(s):.................3 Possibly Infected: ............0 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe Found the W32/Sality.gen.e virus !!! C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe is infected with the W32/Sality.gen.e virus !!! C:\PROGRAM FILES (X86)\GOOGLE\UPDATE\1.3.21.135\GOOGLECRASHHANDLER.EXE Found the W32/Sality.gen.e virus !!! C:\PROGRAM FILES (X86)\GOOGLE\UPDATE\1.3.21.135\GOOGLECRASHHANDLER.EXE is infected with the W32/Sality.gen.e virus !!! C:\PROGRAM FILES (X86)\GOOGLE\UPDATE\1.3.21.135\GOOGLEUPDATEBROKER.EXE Found the W32/Sality.gen.e virus !!! C:\PROGRAM FILES (X86)\GOOGLE\UPDATE\1.3.21.135\GOOGLEUPDATEBROKER.EXE is infected with the W32/Sality.gen.e virus !!! C:\PROGRAM FILES (X86)\MALWAREBYTES' ANTI-MALWARE\CHAMELEON\MBAM-CHAMELEON.EXE Found the W32/Sality.gen.e virus !!! C:\PROGRAM FILES (X86)\MALWAREBYTES' ANTI-MALWARE\CHAMELEON\MBAM-CHAMELEON.EXE is infected with the W32/Sality.gen.e virus !!! C:\Users\parushaa\DESKTOP\Scheck.exe\NIRCMDC.EXE Found the Artemis!9CB3A3808880 trojan !!! C:\Users\parushaa\DESKTOP\Scheck.exe\NIRCMDC.EXE is infected with the Artemis!9CB3A3808880 virus !!! Number of clean files: 14233 Number of infected files: 5 Number of files renamed: 5
  15. nobodyshaani
    Results of screen317's Security Check version 0.99.60 Windows 7 x64 (UAC is disabled!) Out of date service pack!! Internet Explorer 9 ``````````````Antivirus/Firewall Check:`````````````` Windows Firewall Enabled! Windows Firewall Disabled! WMI entry may not exist for antivirus; attempting automatic update. `````````Anti-malware/Other Utilities Check:````````` Malwarebytes Anti-Malware version 1.70.0.1100 Adobe Reader 9 Adobe Reader out of Date! Google Chrome 25.0.1364.97 ````````Process Check: objlist.exe by Laurent```````` `````````````````System Health check````````````````` Total Fragmentation on Drive C: 3% ````````````````````End of Log``````````````````````
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.