Jump to content

system running slow.


Recommended Posts

Open My Computer, then your main drive C:\, look for folder named Users and then proceed to kishore reddy . If you couldn't see any of both, make sure you can see hidden files and folders:

http://www.bleepingcomputer.com/tutorials/show-hidden-files-in-windows-7/

And so on to roaming . There is a folder named delta , just delete it, reboot your system and check how are things.

Link to post
Share on other sites
  • Replies 210
  • Created
  • Last Reply

Mr.Borislav, as per your directions tried to find and delete Folder by name Delta but no Folder or File is present. so i have once again scanned my system using MBAM. the result was the same as before. MBAM once again detected the same two threats.the scan log is FWD for your analysis. thankyou for your time and hope that you will help me to get rid of this problem.

 

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org
 
Database version: v2013.08.29.03
 
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16660
Kishore Reddy :: KISHOREREDDY-PC [administrator]
 
30-08-2013 21:53:10
mbam-log-2013-08-30 (21-53-10).txt
 
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P
Scan options disabled: 
Objects scanned: 231541
Time elapsed: 12 minute(s), 10 second(s)
 
Memory Processes Detected: 0
(No malicious items detected)
 
Memory Modules Detected: 0
(No malicious items detected)
 
Registry Keys Detected: 0
(No malicious items detected)
 
Registry Values Detected: 0
(No malicious items detected)
 
Registry Data Items Detected: 0
(No malicious items detected)
 
Folders Detected: 1
c:\users\kishore reddy\appdata\roaming\delta (PUP.Optional.Delta) -> Quarantined and deleted successfully.
 
Files Detected: 1
c:\users\kishore reddy\appdata\roaming\delta\sqlite3.dll (PUP.Optional.Delta) -> Delete on reboot.
 
(end)
Link to post
Share on other sites

Hi,i just want to know whether i can use my system normally or should i wait for some more time.i have some work pending and worried about my system security . does this delta thing lead to any security or privacy problem on my system. i am just worried about my system security and which in turn stopping me from using my system. thank you.

Link to post
Share on other sites

Thanks for letting me know! Glad I could help! :)

Step 1

Please run OTL and click on CleanUp button.

Step 2

  • Double click on AdwCleaner.exe to run the tool.
  • Click on Uninstall
  • Confirm with Yes
Step 3

Please uninstall ESET Online Scanner and manually delete Kaspersky AVP

Step 4

Some malware preventions:

users.telenet.be/bluepatchy/miekiemoes/prevention.html

Safe surfing! :)

Link to post
Share on other sites

Hello Mr.Borislav, completed the four steps but i still have JRT.exe and SystemLook.exe on my Desktop. the two threats are still  detected by MBAM. should i ignore those threats? still confused.

Link to post
Share on other sites

i just want to know are they any threat to my system or can i just ignore them. is there a way to get rid of these threats, if possible. thank you for your help and i am glad that you spared me your precious time to help. bye.

Link to post
Share on other sites

Hello Mr.Borislav, i had a application crash problem (stackHash_163f).Every thing is running good except this application.Is this problem due to any other reason. the application is running good on my friends machine and my system is only facing this problem. Again need your help in this matter. thankyou.

Link to post
Share on other sites

Hello, i have custom scanned my main drive C:\ and the result did not show any threats.i am fwd the scan log for your analysis.

 

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org
 
Database version: v2013.09.03.02
 
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16660
Kishore Reddy :: KISHOREREDDY-PC [administrator]
 
03-09-2013 16:11:56
mbam-log-2013-09-03 (16-11-56).txt
 
Scan type: Custom scan (C:\|)
Scan options enabled: File System | Heuristics/Shuriken | PUP | PUM | P2P
Scan options disabled: Memory | Startup | Registry | Heuristics/Extra
Objects scanned: 193288
Time elapsed: 2 hour(s), 1 minute(s), 20 second(s)
 
Memory Processes Detected: 0
(No malicious items detected)
 
Memory Modules Detected: 0
(No malicious items detected)
 
Registry Keys Detected: 0
(No malicious items detected)
 
Registry Values Detected: 0
(No malicious items detected)
 
Registry Data Items Detected: 0
(No malicious items detected)
 
Folders Detected: 0
(No malicious items detected)
 
Files Detected: 0
(No malicious items detected)
 
(end)
Link to post
Share on other sites

Download Dr.Web CureIt to the desktop.

The download is nearly 104.6 MB in size

  • Turn OFF your antivirus program.

    How To Temporarily Disable Your Anti-virus, Firewall And Anti-malware Programs

  • Turn off any other add-on security app {if you have them} like MBAM File System Protection.
  • If this system is Windows 8/7 or VISTA, then Right-click on drweb-cureit.exe and select Run as Administrator.
  • Otherwise, on Windows XP, doubleclick on drweb-cureit.exe file to start the tool.
  • You will see a screen similar to this:

    Drweb-cureit-1_zps34a2f747.gif

    Click the checkbox to participate, and then click on Continue button.

  • Next

    Drweb-cureit-2_zpsee7bdcb6.gif

    Click on Select onjects for scanning

  • Next

    Drweb-cureit-3_zps137b4332.gif

    Put a checkmark by clicking on the boxes as shown.

    Do not select Temporary files or System Restore points.

    Then click on Start scanning button

  • The scan in progress will be shown like this

    Drweb-cureit-4_zps211037d0.gif

  • IF something is detected, you will see a screen similar to this

    Drweb-cureit-5_zpsd7be6acf.gif

    For each item "detected", click on the Action column down arrow, like this

    Drweb-cureit-8_zpsb099f9d5.gif

    Your options will be Cure or Ignore

    IF you see an item that you are very sure is ok, then un-check the checkbox for that item.

    Typically, you will keep the Cure default.

    Then click on the Neutralize button.

  • When the actions are completed, you will see this

    Drweb-cureit-7_zpsd290a127.gif

  • Click on the green Open Report line. It will pop-up the report in NOTEPAD.

    Save the report to your desktop. The report will be called Cureit.log

  • Close Dr.Web Cureit.
  • Reboot your computer to allow files that were in use to be moved/deleted during reboot.
  • After reboot, attach the log Cureit.log you saved previously in your next reply.
Re-Enable your antivirus program when all done.
Link to post
Share on other sites

Hello Mr.Borislav, the scan report of Dr.Web Cureit has not shown any threats.My personal files and folders are visible in the log report, so can i attach the file for further analysis as i do not want others to see those folders and files. thankyou.

Link to post
Share on other sites

Hello Mr.Borislav, here is the log report of the scan:

_________________________

_________________________

 

Total 6984573943 bytes in 24588 files scanned (36670 objects)
Total 24538 files (36616 objects) are clean
There are no infected objects detected
Total 35 files are raised error condition
Scan time is 00:13:48.953
_________________________
_________________________
Link to post
Share on other sites

Please download Farbar Recovery Scan Tool and save it to your desktop.

Note: You need to run the version compatibale with your system.  You can check here if you're not sure if your computer is 32-bit or 64-bit

  • Double-click to run it. When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.
Link to post
Share on other sites

the logs are as follows:

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 07-09-2013 03
Ran by Kishore Reddy (administrator) on KISHOREREDDY-PC on 07-09-2013 21:04:36
Running from C:\Users\Kishore Reddy\Desktop
Windows 7 Home Basic Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 10
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exe
(SANDBOXIE L.T.D) C:\Program Files\Sandboxie\SbieSvc.exe
(Microsoft Corporation) C:\Windows\system32\WLANExt.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.21.153\GoogleCrashHandler.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(SANDBOXIE L.T.D) C:\Program Files\Sandboxie\SbieCtrl.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
() C:\ProgramData\Aircel\OnlineUpdate\ouc.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
() C:\Program Files (x86)\GNU\GnuPG\dirmngr.exe
(PC Tools) C:\Program Files (x86)\ThreatFire\TFTray.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.21.153\GoogleCrashHandler64.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
() C:\ProgramData\DatacardService\HWDeviceService64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\PSIA.exe
(Panda Security) C:\Program Files (x86)\Panda USB Vaccine\USBVaccine.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(PC Tools) C:\Program Files (x86)\ThreatFire\TFService.exe
(Acer Group) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
(Microsoft Corporation) c:\Program Files\Microsoft Security Client\NisSrv.exe
(QFX Software Corporation) C:\Program Files (x86)\KeyScrambler\KeyScrambler.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMworker.exe
(QFX Software Corporation) C:\Program Files (x86)\KeyScrambler\x64\KeyScrambler.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(NewTech Infosystems, Inc.) C:\PROGRAM FILES (X86)\NEWTECH INFOSYSTEMS\ACER BACKUP MANAGER\BACKUPMANAGERTRAY.EXE
(Realtek Semiconductor) C:\PROGRAM FILES\REALTEK\AUDIO\HDA\RAVCPL64.EXE
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe
(Axantum Software AB) C:\Program Files\Axantum\AxCrypt\AxCrypt.exe
(Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe
() C:\Program Files (x86)\Aircel\Aircel.exe
 
==================== Registry (Whitelisted) ==================
 
HKLM\...\Run: [HotKeysCmds] - C:\Windows\system32\hkcmd.exe [ ] ()
HKLM\...\Run: [MSC] - c:\Program Files\Microsoft Security Client\msseces.exe [1356240 2013-06-20] (Microsoft Corporation)
HKLM\...\Run: [ETDWare] - C:\Program Files\elantech\etdctrl.exe [649608 2010-04-13] (ELAN Microelectronic Corp.)
HKLM\...\Policies\Explorer: [NoDriveTypeAutoRun] 255
HKCU\...\Run: [sandboxieControl] - C:\Program Files\Sandboxie\SbieCtrl.exe [765200 2012-12-16] (SANDBOXIE L.T.D)
HKCU\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKCU\...\Policies\Explorer: [NoDriveTypeAutoRun] 124
HKLM-x32\...\Run: [ThreatFire] - C:\Program Files (x86)\ThreatFire\TFTray.exe [378128 2010-01-14] (PC Tools)
HKLM-x32\...\Run: [KeyScrambler] - C:\Program Files (x86)\KeyScrambler\keyscrambler.exe [534160 2013-03-27] (QFX Software Corporation)
HKLM-x32\...\Run: [LManager] - c:\program files (x86)\launch manager\lmanager.exe [975952 2010-08-10] (Dritek System Inc.)
HKLM-x32\...\Run: [iAStorIcon] - c:\program files (x86)\intel\intel® rapid storage technology\iastoricon.exe [284696 2010-04-13] (Intel Corporation)
HKLM-x32\...\Run: [sDTray] - c:\program files (x86)\spybot - search & destroy 2\sdtray.exe [3825176 2012-11-13] (Safer-Networking Ltd.)
HKU\Default\...\RunOnce: [scrSav] - C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe [154144 2010-01-15] ()
HKU\Default User\...\RunOnce: [scrSav] - C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe [154144 2010-01-15] ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnk
ShortcutTarget: Secunia PSI Tray.lnk -> C:\Program Files (x86)\Secunia\PSI\psi_tray.exe (Secunia)
BootExecute: 
 
==================== Internet (Whitelisted) ====================
 
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKCU - DefaultScope {48D037B1-05CC-41FE-9EE6-DBA074FD2370} URL = http://www.bing.com/search?FORM=BDKTDF&PC=BDT3&q={searchTerms}&src=IE-SearchBox
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: No Name - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -  No File
BHO: No Name - {DBC80044-A445-435b-BC74-9C25C1C588A9} -  No File
BHO-x32: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll (Safer-Networking Ltd.)
BHO-x32: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: LastPass Vault - {95D9ECF5-2A4D-4550-BE49-70D42F71296E} - C:\Program Files (x86)\LastPass\LPToolbar.dll (LastPass)
BHO-x32: Advanced SystemCare Browser Protection - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\Program Files (x86)\IObit\Advanced SystemCare 6\BrowerProtect\ASCPlugin_Protection.dll (IObit)
BHO-x32: Free Download Manager - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files (x86)\Free Download Manager\iefdm2.dll (FreeDownloadManager.ORG)
Toolbar: HKLM-x32 - LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar.dll (LastPass)
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
Handler: AutorunsDisabled\linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgppa.dll No File
Handler: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} -  No File
Handler-x32: AutorunsDisabled\linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll No File
Handler-x32: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files (x86)\Belarc\Advisor\System\BAVoilaX.dll (Belarc, Inc.)
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
Tcpip\..\Interfaces\{F893701F-8C69-4B7A-9239-8A552C12ECDE}: [NameServer]101.223.255.141 101.223.255.142
 
FireFox:
========
FF ProfilePath: C:\Users\Kishore Reddy\AppData\Roaming\Mozilla\Firefox\Profiles\8l8f2rdt.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_94.dll ()
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin: @java.com/DTPlugin,version=10.7.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8117.0416 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF HKLM-x32\...\Firefox\Extensions: [{1E73965B-8B48-48be-9C8D-68B920ABC1C4}] C:\Program Files (x86)\AVG\AVG2012\Firefox4\
 
Chrome: 
=======
CHR DefaultSearchURL: (Google) - {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR DefaultSuggestURL: (Google) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter}
CHR Plugin: (Shockwave Flash) - C:\program files (x86)\google\chrome\application\29.0.1547.66\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\program files (x86)\google\chrome\application\29.0.1547.66\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\program files (x86)\google\chrome\application\29.0.1547.66\pdf.dll ()
CHR Plugin: (NPLastPass) - C:\Users\Kishore Reddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\2.0.21_0\nplastpass.dll No File
CHR Plugin: (Free Download Manager Click Catcher Plug-In for Netscape, Opera, Mozilla) - C:\program files (x86)\google\chrome\application\plugins\npfdm.dll (FreeDownloadManager.org)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
CHR Plugin: (VLC Web Plugin) - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
CHR Plugin: (Windows Live\u00AE Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (PDF-XChange Viewer) - C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
CHR Plugin: (Java Deployment Toolkit 7.0.250.17) - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
CHR Extension: (Google Docs) - C:\Users\KISHOR~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0
CHR Extension: (Google Drive) - C:\Users\KISHOR~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_1
CHR Extension: (WOT) - C:\Users\KISHOR~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp\1.4.13_0
CHR Extension: (YouTube) - C:\Users\KISHOR~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_1
CHR Extension: (Adblock Plus) - C:\Users\KISHOR~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.5.5_0
CHR Extension: (Google Search) - C:\Users\KISHOR~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_1
CHR Extension: (VTchromizer) - C:\Users\KISHOR~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\efbjojhplkelaegfbieplglfidafgoka\1.2_0
CHR Extension: (HTTPS Everywhere) - C:\Users\KISHOR~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcbommkclmclpchllfjekcdonpmejbdp\2013.8.17_0
CHR Extension: (LastPass) - C:\Users\KISHOR~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\2.5.5_0
CHR Extension: (Ghostery) - C:\Users\KISHOR~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij\4.1.2_0
CHR Extension: (Chrome In-App Payments service) - C:\Users\KISHOR~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.10_0
CHR Extension: (Gmail) - C:\Users\KISHOR~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_2
CHR HKLM-x32\...\Chrome\Extension: [hdokiejnpimakedhajhdlcegeplioahd] - C:\Program Files (x86)\LastPass\lpchrome.crx
CHR HKLM-x32\...\Chrome\Extension: [nfengeggddojhakldhlpjdlddgkkjkdd] - C:\Program Files (x86)\IObit\Advanced SystemCare 6\BrowerProtect\ASC_GhromePlugin.crx
 
==================== Services (Whitelisted) =================
 
R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [143088 2013-05-08] (SUPERAntiSpyware.com)
R2 AdvancedSystemCareService6; C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exe [528192 2013-02-25] (IObit)
S2 Aircel. RunOuc; C:\Program Files (x86)\Aircel\UpdateDog\ouc.exe [655744 2012-06-28] ()
S4 BingDesktopUpdate; C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe [168592 2013-04-10] (Microsoft Corp.)
R2 DirMngr; C:\Program Files (x86)\GNU\GnuPG\dirmngr.exe [218112 2013-05-28] ()
S3 HitmanPro37Crusader; C:\Users\Kishore Reddy\Downloads\HitmanPro36_x64.exe [9879648 2013-09-02] (SurfRight B.V.)
R2 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [346976 2011-03-14] ()
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2013-06-20] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [366600 2013-06-20] (Microsoft Corporation)
R2 SbieSvc; C:\Program Files\Sandboxie\SbieSvc.exe [123664 2012-12-16] (SANDBOXIE L.T.D)
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1103392 2012-11-13] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [1369624 2012-11-13] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [168384 2012-11-13] (Safer-Networking Ltd.)
R2 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [994360 2011-10-14] (Secunia)
R2 ThreatFire; C:\Program Files (x86)\ThreatFire\TFService.exe [70928 2010-01-14] (PC Tools)
S4 avgwd; "C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe" [x]
 
==================== Drivers (Whitelisted) ====================
 
R0 97771742; C:\Windows\System32\DRIVERS\97771742.sys [460888 2013-08-29] (Kaspersky Lab ZAO)
S2 DgiVecp; C:\Windows\system32\Drivers\DgiVecp.sys [53816 2009-03-02] (Samsung Electronics Co., Ltd.)
S2 DgiVecp; C:\Windows\system32\Drivers\DgiVecp.sys [53816 2009-03-02] (Samsung Electronics Co., Ltd.)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2013-03-16] (DT Soft Ltd)
R3 huawei_wwanecm; C:\Windows\System32\DRIVERS\ew_juwwanecm.sys [239104 2012-09-18] (Huawei Technologies Co., Ltd.)
R3 KeyScrambler; C:\Windows\System32\drivers\keyscrambler.sys [222232 2013-03-27] (QFX Software Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [247216 2013-06-18] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [139616 2013-06-18] (Microsoft Corporation)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-13] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R3 SbieDrv; C:\Program Files\Sandboxie\SbieDrv.sys [202632 2012-12-16] (SANDBOXIE L.T.D)
S3 Serial; C:\Windows\system32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [560184 2012-07-02] (Duplex Secure Ltd.)
R0 TfFsMon; C:\Windows\System32\drivers\TfFsMon.sys [65072 2010-01-14] (PC Tools)
R3 TfNetMon; C:\Windows\system32\drivers\TfNetMon.sys [41888 2010-01-14] (PC Tools)
R3 TfNetMon; C:\Windows\system32\drivers\TfNetMon.sys [41888 2010-01-14] (PC Tools)
R0 TfSysMon; C:\Windows\System32\drivers\TfSysMon.sys [59880 2010-01-14] (PC Tools)
R2 TurboB; C:\Windows\System32\DRIVERS\TurboB.sys [13784 2009-11-03] ()
S3 ztemtusbser; C:\Windows\System32\DRIVERS\CT_ZTEMT_U_USBSER.sys [120704 2010-11-04] (ZTEMT Incorporated)
U3 AppMgmt; %SystemRoot%\system32\svchost.exe -k netsvcs
U5 Avgldx64; C:\Windows\System32\Drivers\Avgldx64.sys [307040 2012-11-08] (AVG Technologies CZ, s.r.o.)
U5 Avgtdia; C:\Windows\System32\Drivers\Avgtdia.sys [384800 2013-04-11] (AVG Technologies CZ, s.r.o.)
U2 CscService; 
U3 PeerDistSvc; 
 
==================== NetSvcs (Whitelisted) ===================
 
 
==================== One Month Created Files and Folders ========
 
2013-09-07 20:56 - 2013-09-07 20:59 - 01948628 _____ (Farbar) C:\Users\Kishore Reddy\Desktop\FRST64.exe
2013-09-07 12:16 - 2013-09-07 12:16 - 00000022 _____ C:\Windows\S.dirmngr
2013-09-06 15:34 - 2013-09-06 15:34 - 02652287 _____ C:\Users\Kishore Reddy\Desktop\cureit.log
2013-09-06 15:07 - 2013-09-06 15:07 - 00000000 ____D C:\Users\Kishore Reddy\Doctor Web
2013-09-06 12:31 - 2013-09-06 15:05 - 129644008 _____ C:\Users\Kishore Reddy\Desktop\1lfqj0fo.exe
2013-09-06 01:39 - 2013-09-06 01:39 - 00000000 _____ C:\Windows\SysWOW64\sho9146.tmp
2013-09-04 11:33 - 2013-09-07 21:04 - 00274564 _____ C:\Windows\WindowsUpdate.log
2013-09-02 21:53 - 2013-09-02 21:54 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-09-02 11:58 - 2013-09-02 11:58 - 00000017 _____ C:\Users\Kishore Reddy\Documents\secret.txt
2013-09-01 21:51 - 2013-09-01 21:51 - 00000000 _____ C:\Windows\SysWOW64\shoA82C.tmp
2013-09-01 14:59 - 2013-09-01 14:59 - 00005417 _____ C:\Users\Kishore Reddy\Documents\new.odt
2013-09-01 14:37 - 2013-09-01 14:37 - 00010196 _____ C:\Users\Kishore Reddy\Documents\personal.odt
2013-08-31 11:00 - 2013-08-31 11:00 - 00001402 _____ C:\Users\KISHOR~1\AppData\Local\recently-used.xbel
2013-08-29 19:37 - 2013-08-29 19:37 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2013-08-29 19:35 - 2013-08-29 16:31 - 00460888 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\97771742.sys
2013-08-26 11:39 - 2013-08-26 21:48 - 00000000 ____D C:\Windows\erdnt
2013-08-18 18:09 - 2013-08-18 18:09 - 00000000 ____D C:\CCE_Quarantine
2013-08-18 17:46 - 2013-08-18 17:46 - 00000000 ____D C:\Users\Kishore Reddy\AppData\Roaming\Comodo
2013-08-15 16:39 - 2013-07-26 10:43 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-08-15 16:39 - 2013-07-26 10:43 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-08-15 16:39 - 2013-07-26 10:43 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-08-15 16:39 - 2013-07-26 10:42 - 19239424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-08-15 16:39 - 2013-07-26 10:42 - 15405056 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-08-15 16:39 - 2013-07-26 10:42 - 03958784 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-08-15 16:39 - 2013-07-26 10:42 - 02647040 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-08-15 16:39 - 2013-07-26 10:42 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-08-15 16:39 - 2013-07-26 10:42 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-08-15 16:39 - 2013-07-26 10:42 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-08-15 16:39 - 2013-07-26 10:42 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-08-15 16:39 - 2013-07-26 10:42 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-08-15 16:39 - 2013-07-26 10:42 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-08-15 16:39 - 2013-07-26 10:42 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-08-15 16:39 - 2013-07-26 09:05 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-08-15 16:39 - 2013-07-26 08:43 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-08-15 16:39 - 2013-07-26 08:43 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-08-15 16:39 - 2013-07-26 08:42 - 14329344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-08-15 16:39 - 2013-07-26 08:42 - 02877440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-08-15 16:39 - 2013-07-26 08:42 - 02048512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-08-15 16:39 - 2013-07-26 08:42 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-08-15 16:39 - 2013-07-26 08:42 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-08-15 16:39 - 2013-07-26 08:42 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-08-15 16:39 - 2013-07-26 08:42 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-08-15 16:39 - 2013-07-26 08:42 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-08-15 16:39 - 2013-07-26 08:42 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-08-15 16:39 - 2013-07-26 08:41 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-08-15 16:39 - 2013-07-26 08:41 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-08-15 16:39 - 2013-07-26 08:19 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-08-15 16:39 - 2013-07-26 08:09 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-08-15 16:39 - 2013-07-26 07:29 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-08-15 11:08 - 2013-07-09 11:33 - 05550528 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-08-15 11:08 - 2013-07-09 11:24 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2013-08-15 11:08 - 2013-07-09 11:23 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2013-08-15 11:08 - 2013-07-09 10:33 - 03968960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2013-08-15 11:08 - 2013-07-09 10:33 - 03913664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2013-08-15 11:08 - 2013-07-09 10:23 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2013-08-15 11:08 - 2013-07-09 10:22 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2013-08-15 11:08 - 2013-07-09 08:19 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2013-08-15 11:08 - 2013-07-09 08:19 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2013-08-15 11:08 - 2013-07-09 08:19 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2013-08-15 11:08 - 2013-07-09 08:19 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2013-08-15 11:08 - 2013-07-06 11:33 - 01910208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-08-15 11:08 - 2013-06-15 10:02 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2013-08-15 08:51 - 2013-07-09 10:22 - 00175104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2013-08-15 08:51 - 2013-07-09 10:16 - 01166848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-08-15 08:51 - 2013-07-09 10:16 - 00140288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2013-08-15 08:51 - 2013-07-09 10:16 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2013-08-15 08:50 - 2013-07-09 11:22 - 00224256 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2013-08-15 08:50 - 2013-07-09 11:16 - 01472512 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-08-15 08:50 - 2013-07-09 11:16 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2013-08-15 08:50 - 2013-07-09 11:16 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2013-08-15 08:49 - 2013-07-25 14:55 - 01888768 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-08-15 08:49 - 2013-07-25 14:27 - 01620992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2013-08-15 08:49 - 2013-07-19 07:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2013-08-15 08:49 - 2013-07-19 07:11 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2013-08-15 08:48 - 2013-07-09 11:21 - 01217024 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2013-08-15 08:48 - 2013-07-09 10:22 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2013-08-10 21:55 - 2013-08-10 22:19 - 23003252 _____ C:\Users\Kishore Reddy\Downloads\vlc-2.0.8-win32.exe
2013-08-10 21:45 - 2013-08-10 21:47 - 19828840 _____ (Mozilla) C:\Users\Kishore Reddy\Downloads\Thunderbird Setup 17.0.8.exe
2013-08-08 15:44 - 2013-08-15 09:33 - 00000000 ____D C:\Users\KISHOR~1\AppData\Local\FreeOCR
2013-08-08 15:35 - 2013-08-12 20:52 - 00000000 ____D C:\FreeOCR
2013-08-08 15:35 - 2007-03-10 10:11 - 02680320 _____ (HiComponents) C:\Windows\SysWOW64\ImageEnXLibrary.ocx
 
==================== One Month Modified Files and Folders =======
 
2013-09-07 21:04 - 2013-09-04 11:33 - 00274564 _____ C:\Windows\WindowsUpdate.log
2013-09-07 21:03 - 2013-09-07 21:03 - 00000000 ____D C:\FRST
2013-09-07 20:59 - 2013-09-07 20:56 - 01948628 _____ (Farbar) C:\Users\Kishore Reddy\Desktop\FRST64.exe
2013-09-07 20:48 - 2013-06-13 12:03 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-09-07 20:42 - 2011-12-13 19:23 - 00000912 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-09-07 20:37 - 2009-07-14 10:43 - 00727374 _____ C:\Windows\system32\PerfStringBackup.INI
2013-09-07 13:39 - 2012-09-18 14:00 - 00000000 ____D C:\Users\Kishore Reddy\AppData\Roaming\Abine
2013-09-07 12:42 - 2011-12-13 19:23 - 00000908 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-09-07 12:24 - 2009-07-14 10:15 - 00016752 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-09-07 12:24 - 2009-07-14 10:15 - 00016752 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-09-07 12:16 - 2013-09-07 12:16 - 00000022 _____ C:\Windows\S.dirmngr
2013-09-07 12:16 - 2009-07-14 10:38 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-09-06 15:34 - 2013-09-06 15:34 - 02652287 _____ C:\Users\Kishore Reddy\Desktop\cureit.log
2013-09-06 15:07 - 2013-09-06 15:07 - 00000000 ____D C:\Users\Kishore Reddy\Doctor Web
2013-09-06 15:07 - 2011-08-17 21:20 - 00000000 ____D C:\Users\Kishore Reddy
2013-09-06 15:05 - 2013-09-06 12:31 - 129644008 _____ C:\Users\Kishore Reddy\Desktop\1lfqj0fo.exe
2013-09-06 01:39 - 2013-09-06 01:39 - 00000000 _____ C:\Windows\SysWOW64\sho9146.tmp
2013-09-05 18:57 - 2013-06-14 12:59 - 00003210 _____ C:\Windows\Sandboxie.ini
2013-09-04 11:47 - 2013-02-27 19:42 - 00002147 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2013-09-03 11:34 - 2012-11-08 11:41 - 00000000 ____D C:\Users\Kishore Reddy\Downloads\new prog
2013-09-03 11:15 - 2012-11-09 20:46 - 00000826 _____ C:\Users\Public\Desktop\CCleaner.lnk
2013-09-03 11:15 - 2012-11-09 20:46 - 00000000 ____D C:\Program Files\CCleaner
2013-09-03 11:07 - 2012-08-14 15:13 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-09-02 22:09 - 2011-08-17 21:22 - 00000000 ___RD C:\Users\Kishore Reddy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-09-02 21:57 - 2012-11-10 13:35 - 09879648 _____ (SurfRight B.V.) C:\Users\Kishore Reddy\Downloads\HitmanPro36_x64.exe
2013-09-02 21:54 - 2013-09-02 21:53 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-09-02 12:31 - 2012-12-03 22:00 - 00000000 ___RD C:\Users\Kishore Reddy\Dropbox
2013-09-02 12:31 - 2012-12-01 14:35 - 00000000 ____D C:\Users\Kishore Reddy\AppData\Roaming\Dropbox
2013-09-02 11:58 - 2013-09-02 11:58 - 00000017 _____ C:\Users\Kishore Reddy\Documents\secret.txt
2013-09-01 21:51 - 2013-09-01 21:51 - 00000000 _____ C:\Windows\SysWOW64\shoA82C.tmp
2013-09-01 20:57 - 2013-07-21 12:17 - 00003130 _____ C:\Windows\System32\Tasks\NoAutorun
2013-09-01 16:38 - 2011-09-11 20:48 - 00000000 ____D C:\Users\Kishore Reddy\AppData\Roaming\SoftGrid Client
2013-09-01 14:59 - 2013-09-01 14:59 - 00005417 _____ C:\Users\Kishore Reddy\Documents\new.odt
2013-09-01 14:37 - 2013-09-01 14:37 - 00010196 _____ C:\Users\Kishore Reddy\Documents\personal.odt
2013-08-31 23:23 - 2012-04-20 15:08 - 00000000 ____D C:\Users\Kishore Reddy\AppData\Roaming\vlc
2013-08-31 23:12 - 2013-08-07 22:22 - 00000000 ____D C:\Users\KISHOR~1\AppData\Local\gtk-2.0
2013-08-31 23:12 - 2009-07-14 08:50 - 00000000 ____D C:\Windows\registration
2013-08-31 23:12 - 2009-07-14 08:50 - 00000000 ____D C:\Windows\AppCompat
2013-08-31 11:00 - 2013-08-31 11:00 - 00001402 _____ C:\Users\KISHOR~1\AppData\Local\recently-used.xbel
2013-08-31 10:59 - 2013-05-01 20:54 - 00000000 ____D C:\Users\Kishore Reddy\AppData\Roaming\gnupg
2013-08-29 19:37 - 2013-08-29 19:37 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2013-08-29 16:31 - 2013-08-29 19:35 - 00460888 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\97771742.sys
2013-08-28 20:31 - 2009-07-14 08:04 - 00000244 _____ C:\Windows\system.ini
2013-08-26 21:51 - 2009-07-14 10:38 - 00032608 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-08-26 21:49 - 2009-07-14 08:04 - 78643200 _____ C:\Windows\system32\config\SOFTWARE.bak
2013-08-26 21:49 - 2009-07-14 08:04 - 19660800 _____ C:\Windows\system32\config\SYSTEM.bak
2013-08-26 21:49 - 2009-07-14 08:04 - 05648384 _____ C:\Windows\system32\config\DEFAULT.bak
2013-08-26 21:49 - 2009-07-14 08:04 - 00057344 _____ C:\Windows\system32\config\SAM.bak
2013-08-26 21:49 - 2009-07-14 08:04 - 00024576 _____ C:\Windows\system32\config\SECURITY.bak
2013-08-26 21:48 - 2013-08-26 11:39 - 00000000 ____D C:\Windows\erdnt
2013-08-26 12:14 - 2009-07-14 08:50 - 00000000 __RHD C:\Users\Default
2013-08-22 18:59 - 2012-07-17 21:06 - 00000000 ____D C:\Users\Kishore Reddy\Documents\Calibre Library
2013-08-21 14:37 - 2013-08-05 15:04 - 00000000 ____D C:\Users\Kishore Reddy\Desktop\forms
2013-08-20 11:56 - 2013-03-27 14:25 - 00000000 ____D C:\Users\Kishore Reddy\Documents\storing folder
2013-08-19 13:00 - 2012-04-02 21:16 - 00692104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-08-19 13:00 - 2012-03-11 14:46 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-08-19 12:25 - 2012-11-16 15:11 - 00000000 ____D C:\Program Files (x86)\ThreatFire
2013-08-18 20:23 - 2012-09-29 15:43 - 00000000 ____D C:\Windows\rescache
2013-08-18 18:09 - 2013-08-18 18:09 - 00000000 ____D C:\CCE_Quarantine
2013-08-18 18:09 - 2012-09-03 22:08 - 00000000 ____D C:\Program Files\SUPERAntiSpyware
2013-08-18 17:46 - 2013-08-18 17:46 - 00000000 ____D C:\Users\Kishore Reddy\AppData\Roaming\Comodo
2013-08-16 18:46 - 2011-08-31 17:06 - 00000000 ____D C:\Users\Kishore Reddy\Tracing
2013-08-15 18:27 - 2007-07-12 07:19 - 00000000 ____D C:\Windows\Panther
2013-08-15 16:34 - 2013-07-13 12:34 - 00000000 ____D C:\Windows\system32\MRT
2013-08-15 16:30 - 2011-09-10 15:34 - 78161360 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-08-15 09:34 - 2009-07-14 08:50 - 00000000 ____D C:\Windows\servicing
2013-08-15 09:33 - 2013-08-08 15:44 - 00000000 ____D C:\Users\KISHOR~1\AppData\Local\FreeOCR
2013-08-15 09:33 - 2012-10-20 19:28 - 00000000 ____D C:\Program Files (x86)\MusicBee
2013-08-15 09:33 - 2012-07-09 20:39 - 00000000 ____D C:\Users\Kishore Reddy\AppData\Roaming\MusicBee
2013-08-15 09:33 - 2012-02-03 22:31 - 00000000 ____D C:\ProgramData\IObit
2013-08-15 09:33 - 2009-07-14 08:50 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2013-08-15 09:31 - 2012-02-11 21:55 - 00000000 ____D C:\Users\Kishore Reddy\AppData\Roaming\Malwarebytes
2013-08-14 23:39 - 2012-12-30 14:34 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2013-08-13 19:14 - 2012-10-01 19:55 - 00000000 ____D C:\Users\Kishore Reddy\Desktop\personal folder
2013-08-12 20:52 - 2013-08-08 15:35 - 00000000 ____D C:\FreeOCR
2013-08-11 14:30 - 2013-02-20 14:27 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2013-08-10 22:19 - 2013-08-10 21:55 - 23003252 _____ C:\Users\Kishore Reddy\Downloads\vlc-2.0.8-win32.exe
2013-08-10 21:47 - 2013-08-10 21:45 - 19828840 _____ (Mozilla) C:\Users\Kishore Reddy\Downloads\Thunderbird Setup 17.0.8.exe
2013-08-08 21:26 - 2012-09-13 17:45 - 00000000 ____D C:\Users\Kishore Reddy\.gimp-2.8
2013-08-08 18:51 - 2013-01-12 13:42 - 00000000 ____D C:\Users\Kishore Reddy\AppData\Roaming\Notepad++
 
==================== Bamital & volsnap Check =================
 
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
 
 
LastRegBack: 2013-09-02 13:10
 
==================== End Of Log ============================
Link to post
Share on other sites

continues......

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 07-09-2013 03
Ran by Kishore Reddy at 2013-09-07 21:05:22
Running from C:\Users\Kishore Reddy\Desktop
Boot Mode: Normal
==========================================================
 
 
==================== Installed Programs =======================
 
   
7-Zip 9.22beta (x32)
Acer Backup Manager (x32 Version: 2.0.0.68)
Acer Crystal Eye webcam (x32 Version: 1.0.4.5)
Acer ePower Management (x32 Version: 5.00.3005)
Acer eRecovery Management (x32 Version: 4.05.3013)
Acer GameZone Console (x32 Version: 6.1.0.40435)
Acer Registration (x32 Version: 1.03.3003)
Acer ScreenSaver (x32 Version: 1.1.0707.2010)
Acer Updater (x32 Version: 1.02.3001)
Acrobat.com (x32 Version: 1.6.65)
Adobe Community Help (x32 Version: 3.5.23)
Adobe Flash Player 11 ActiveX (x32 Version: 11.8.800.94)
Adobe Flash Player 11 Plugin (x32 Version: 11.8.800.94)
Adobe Reader XI (11.0.03) (x32 Version: 11.0.03)
Advanced Renamer (x32 Version: 3.53)
Advanced SystemCare 6 (x32 Version: 6.1)
Aegisub 3.0.4 (Version: 3.0.4)
AeroWallpaperChanger (x32 Version: 1.1.0.2)
Aircel (x32 Version: 23.009.05.01.850)
Any Video Converter 3.5.5 (x32)
Ashampoo Burning Studio 2012 v.10.0.15 (x32 Version: 10.0.15)
Astroburn Lite (x32 Version: 1.8.0.0182)
Audacity 2.0.3 (x32 Version: 2.0.3)
AVG 2012 (Version: 12.0.1901)
AVG 2012 (Version: 12.0.1913)
AVG 2012 (Version: 12.0.2178)
AVG 2012 (Version: 12.0.2180)
AVG 2012 (Version: 12.0.2193)
AVG 2012 (Version: 12.0.2195)
AVG 2012 (Version: 12.0.2197)
Avidemux 2.6 (x32 Version: 2.6.1.8321)
AviSynth 2.5 (x32)
AxCrypt 1.7.2931.0 (Version: 1.7.2931.0)
Backup Manager Basic (x32 Version: 2.0.0.68)
Belarc Advisor 8.3 (x32 Version: 8.3.0.0)
Bing Desktop (x32 Version: 1.2.126.0)
BitMeter (x32)
Broadcom Gigabit NetLink Controller (Version: 14.0.2.3)
Browser Hijack Retaliator 4.5.0 Build 471 (x32)
calibre (x32 Version: 0.9.33)
CCleaner (Version: 4.05)
Cheat Engine 6.2 (x32)
CyberLink PowerDVD 9 (x32 Version: 9.0.3814.50)
DAEMON Tools Lite (x32 Version: 4.47.1.0333)
Daum PotPlayer 1.5.39007 x64 Edition
dows Driver Package - Nokia pccsmcfd LegacyDriver  (05/31/2012 7.1.2.0) (Version: 05/31/2012 7.1.2.0)
Dropbox (HKCU Version: 2.2.9)
DVD Decrypter (Remove Only) (x32)
DVD Shrink 3.2 (x32)
Eraser 6.0.10.2620 (Version: 6.0.2620)
ESET Online Scanner v3 (x32)
eSobi v2 (x32 Version: 2.0.4.000274)
ETDWare PS/2-x64 7.0.6.5_WHQL (Version: 7.0.6.5)
FormatFactory 3.00 (x32 Version: 3.00)
Free Download Manager 3.9.2 (x32)
Free Studio version 5.7.6.1015 (x32 Version: 5.7.6.1015)
FreeOCR v4.2 (x32)
GIMP 2.8.4 (Version: 2.8.4)
GnuCash 2.4.13 (x32)
Google Chrome (x32 Version: 29.0.1547.66)
Google Earth (x32 Version: 7.1.1.1888)
Google Update Helper (x32 Version: 1.3.21.153)
Gpg4win (2.1.1) (x32 Version: 2.1.1)
GPL Ghostscript (Version: 9.07)
HandBrake 0.9.8 (x32 Version: 0.9.8)
Identity Card (x32 Version: 1.00.3003)
ImgBurn (x32 Version: 2.5.8.0)
Inkscape 0.48.4 (x32 Version: 0.48.4)
Intel® Control Center (x32 Version: 1.2.1.1007)
Intel® Graphics Media Accelerator Driver (x32 Version: 8.15.10.2182)
Intel® Management Engine Components (x32 Version: 6.0.0.1179)
Intel® Rapid Storage Technology (x32 Version: 9.6.2.1001)
Intel® Turbo Boost Technology Monitor (Version: 1.0.186.6)
Internet Explorer (Enable DEP)
Junk Mail filter update (x32 Version: 14.0.8117.416)
KC Softwares SUMo (x32)
KeyScrambler (x32 Version: 3.1.0.0)
K-Lite Mega Codec Pack 9.9.4 (x32 Version: 9.9.4)
LADSPA_plugins-win-0.4.15 (x32)
LastPass(uninstall only) (x32)
Launch Manager (x32 Version: 4.0.14)
Lernout & Hauspie TruVoice American English TTS Engine (x32)
LibreOffice 4.0 Help Pack (English) (x32 Version: 4.0.4.2)
LibreOffice 4.0.4.2 (x32 Version: 4.0.4.2)
MailWasher (x32 Version: 7.1.5)
Malwarebytes Anti-Malware version 1.75.0.1300 (x32 Version: 1.75.0.1300)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Choice Guard (x32 Version: 2.0.48.0)
Microsoft Office 2010 (x32 Version: 14.0.4763.1000)
Microsoft Office Click-to-Run 2010 (Version: 14.0.4763.1000)
Microsoft Office Click-to-Run 2010 (x32 Version: 14.0.4763.1000)
Microsoft Office Starter 2010 - English (x32 Version: 14.0.4763.1000)
Microsoft Security Client (Version: 4.3.0215.0)
Microsoft Security Essentials (Version: 4.3.215.0)
Microsoft Silverlight (Version: 5.1.20513.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000)
Microsoft Text-to-Speech Engine 4.0 (English) (x32)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (x32 Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (x32 Version: 10.0.30319)
Microsoft_VC80_ATL_x86 (x32 Version: 8.0.50727.4053)
Microsoft_VC80_ATL_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053)
Microsoft_VC80_CRT_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86 (x32 Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86 (x32 Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86_x64 (Version: 80.50727.4053)
Microsoft_VC90_ATL_x86 (x32 Version: 1.00.0000)
Microsoft_VC90_ATL_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000)
Microsoft_VC90_CRT_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_MFC_x86 (x32 Version: 1.00.0000)
Microsoft_VC90_MFC_x86_x64 (Version: 1.00.0000)
Mozilla Firefox 23.0.1 (x86 en-US) (x32 Version: 23.0.1)
Mozilla Maintenance Service (x32 Version: 23.0.1)
Mozilla Thunderbird 17.0.8 (x86 en-US) (x32 Version: 17.0.8)
MP3 Rocket (x32)
MSVC90_x64 (Version: 1.0.1.2)
MSVC90_x86 (x32 Version: 1.0.1.2)
MSVCRT (x32 Version: 14.0.1468.721)
MusicBee 2.1 (x32 Version: 2.1)
Nokia Connectivity Cable Driver (x32 Version: 7.1.78.0)
Nokia PC Suite (x32 Version: 7.1.180.94)
Notepad++ (x32 Version: 6.2.2)
Paint.NET v3.5.10 (Version: 3.60.0)
Panda USB Vaccine 1.0.1.16 (x32)
PC Connectivity Solution (x32 Version: 12.0.27.0)
PDFCreator (x32 Version: 1.5.0)
PDFill PDF Editor with FREE Writer and FREE Tools (Version: 10.0)
PDF-Viewer (Version: 2.5.208.0)
PDF-XChange Viewer (Version: 2.5.206.0)
PhotoScape (x32)
Python 2.7.5 (x32 Version: 2.7.5150)
RapidTyping (x32 Version: 4.6.5)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6141)
Realtek USB 2.0 Card Reader (x32 Version: 6.1.7600.30122)
Recuva (Version: 1.46)
Revo Uninstaller 1.94 (x32 Version: 1.94)
Samsung ML-2010 Series (x32)
Sandboxie 3.76 (64-bit) (Version: 3.76)
Secunia PSI (2.0.0.4003) (x32 Version: 2.0.0.4003)
SecurityKISS Tunnel v0.3.0
Sizer 3.34 (x32 Version: 3.3.4.0)
Speakonia (x32 Version: 1.0.3.5)
Speccy (Version: 1.20)
Spybot - Search & Destroy (x32 Version: 2.0.12)
SUPERAntiSpyware (Version: 5.6.1020)
ThreatFire (x32)
TrueCrypt (x32 Version: 7.1a)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (x32 Version: 1)
Valkyrie Uploader 1.0 (x32)
Visual Studio 2008 x64 Redistributables (x32 Version: 10.0.0.2)
VLC media player 2.0.8 (x32 Version: 2.0.8)
VobSub v2.23 (Remove Only) (x32)
WebSite Downloader 1.1 (x32 Version: 1.1)
Welcome Center (x32 Version: 1.02.3004)
WIDCOMM Bluetooth Software (Version: 6.3.0.6000)
Windows Driver Package - Nokia Modem  (02/25/2011 4.7) (Version: 02/25/2011 4.7)
Windows Driver Package - Nokia Modem  (02/25/2011 7.01.0.9) (Version: 02/25/2011 7.01.0.9)
Windows Live Call (x32 Version: 14.0.8117.0416)
Windows Live Communications Platform (x32 Version: 14.0.8117.416)
Windows Live Essentials (x32 Version: 14.0.8117.0416)
Windows Live Essentials (x32 Version: 14.0.8117.416)
Windows Live Mail (x32 Version: 14.0.8117.0416)
Windows Live Messenger (x32 Version: 14.0.8117.0416)
Windows Live Movie Maker (x32 Version: 14.0.8117.0416)
Windows Live Photo Gallery (x32 Version: 14.0.8117.416)
Windows Live Sign-in Assistant (x32 Version: 5.000.818.5)
Windows Live Sync (x32 Version: 14.0.8117.416)
Windows Live Upload Tool (x32 Version: 14.0.8014.1029)
Windows Live Writer (x32 Version: 14.0.8117.0416)
Wise Registry Cleaner 7.52 (x32)
XBMC (HKCU)
yEd Graph Editor 3.10.2 (x32 Version: 3.10.2)
 
==================== Restore Points  =========================
 
24-08-2013 15:29:22 OTL Restore Point - 8/24/2013 8:59:22 PM
25-08-2013 14:24:20 Windows Backup
26-08-2013 10:30:19 Windows Update
28-08-2013 14:44:42 ComboFix created restore point
30-08-2013 13:52:29 Windows Update
31-08-2013 17:39:12 Restore Operation
31-08-2013 18:04:54 31/8/2013(before deleting2delta folders)
01-09-2013 08:34:07 Windows Update
01-09-2013 13:30:11 Windows Backup
02-09-2013 08:00:34 02/09/2013
03-09-2013 05:42:59 03/09/2013
04-09-2013 15:02:53 Windows Update
05-09-2013 13:52:09 05/09/2013
 
==================== Hosts content: ==========================
 
2009-07-14 08:04 - 2013-08-26 21:52 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost
 
==================== Scheduled Tasks (whitelisted) =============
 
Task: {044A6734-E90E-4F8F-B357-B2DC8AB3B5EC} - System32\Tasks\Microsoft\Windows\Time Synchronization\SynchronizeTime => Sc.exe start w32time task_started
Task: {16284DAB-B425-4E49-8164-7BD3F2C303F0} - System32\Tasks\{52D0BE30-3B47-428F-A21A-6DDA772BEBDB} => C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Resources\airappinstaller.exe
Task: {2038FF92-5BBD-4AE3-9787-06265FB59ED3} - System32\Tasks\{F5A804BD-93CF-4E93-BBAC-00A00DF0A2B8} => C:\Users\Kishore Reddy\Downloads\new prog\AdobeFlashPlayer_11.7.700.224_ActiveX_SPS.exe
Task: {2551A1B4-465D-4622-B4E8-52AC6D74EEF2} - System32\Tasks\{B064DBA5-0EF4-4A7A-9F51-C2D37BD4423D} => C:\Windows\System32\msiexec.exe [2010-11-20] (Microsoft Corporation)
Task: {325A5BAF-FD0B-4680-9412-C54ED5BFBF9E} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {44C81A7F-D7BE-401D-A89F-97E3245473C0} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-07-20] (Adobe Systems Incorporated)
Task: {4D8184AA-5176-469D-8BEE-9CD9D8859EB9} - System32\Tasks\{8928C854-7EA1-4C7E-85F8-9CBB55D4C94F} => C:\Users\Kishore Reddy\Downloads\UnlockAero\aeropatch1.4.exe
Task: {576B2300-CFE6-457F-8905-038DEF6E85FE} - System32\Tasks\{228D4A0F-AC58-4EA7-9A8E-DCCF59C96AD0} => F:\AutoRun.exe [2011-03-15] ()
Task: {5C8AC9AF-9548-441D-A852-2C75FDDDF8BB} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-12-13] (Google Inc.)
Task: {6119CF5D-4429-48B8-82EF-A7DDEE3AFFF7} - System32\Tasks\PandaUSBVaccine => C:\Program Files (x86)\Panda USB Vaccine\RunInteractiveWin.exe [2010-06-01] ()
Task: {68541726-589F-4D09-A81C-15A29FD5EA60} - System32\Tasks\{3D14A63B-47B2-4784-BD3F-B2D655D0D272} => C:\Program Files\Reliance Netconnect+\bin\App.exe
Task: {719B2D22-894E-44A5-A605-6F7B1F3018E8} - System32\Tasks\NoAutorun => C:\Users\KISHOR~1\AppData\Local\Temp\7zO87ADE30B\NoAutorun.exe
Task: {7FB2C484-B56D-47E4-A0FC-23F14AFF0A0B} - System32\Tasks\{8585F68E-04A8-4CC5-9686-78B0F4880911} => F:\AutoRun.exe [2011-03-15] ()
Task: {95ABB15D-52A9-4A78-9CBD-6876A23ACE08} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => C:\Windows\System32\sdengin2.dll [2010-11-20] (Microsoft Corporation)
Task: {98641702-7D3C-4BA3-8C05-67ACB9D28479} - System32\Tasks\Microsoft\Windows\WindowsBackup\Windows Backup Monitor => C:\Windows\system32\sdclt.exe [2010-11-20] (Microsoft Corporation)
Task: {9BD1F373-79A5-44B9-AF93-87180199B8BD} - System32\Tasks\{63A9A2BE-7251-4530-AF6A-00C5A920FA40} => C:\Windows\System32\msiexec.exe [2010-11-20] (Microsoft Corporation)
Task: {B5B7F634-34CD-45A6-8F36-95C60B5EF268} - System32\Tasks\WindowsFirewallNotifierTask => C:\Users\Kishore Reddy\Downloads\new prog\WFN\Notifier.exe [2013-06-06] (Wokhan)
Task: {BCA8AA50-F41D-475C-8734-CD166D16C570} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => c:\Program Files\Microsoft Security Client\MpCmdRun.exe [2013-06-20] (Microsoft Corporation)
Task: {BDC30456-623D-43B3-B0A1-13C00FE398D7} - System32\Tasks\{FC133F4F-43A3-4019-85DA-AF5F62D695A9} => C:\Program Files (x86)\Calibre2\calibre.exe [2013-05-30] ()
Task: {C0D70E82-EA87-4C3A-94EC-D1E08B992F48} - System32\Tasks\AVG\PC Tuneup 2011\Integrator\Start On Kishore Reddy Logon => C:\Program Files (x86)\AVG\AVG PC Tuneup 2011\BoostSpeed.exe
Task: {C3E4616A-00DF-4540-BB62-F28095C51405} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe
Task: {C4C76DC8-9B73-4DB3-AE66-F8395CC863F2} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe
Task: {C54D1BA4-AF45-4349-AF43-49C1609DB84F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-12-13] (Google Inc.)
Task: {C6651D05-BACA-47D6-97EE-F858CD9D16D3} - System32\Tasks\AdobeAAMUpdater-1.0-KishoreReddy-PC-Kishore Reddy => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-03-06] (Adobe Systems Incorporated)
Task: {D0D7A84C-90F7-4917-B8B1-B5A18DDA4A1E} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe
Task: {ED409FD1-EE54-4431-8044-D85CB0AD4CB2} - System32\Tasks\{48CA0A54-A7BC-43C4-AD82-A049F89655A9} => C:\Users\Kishore Reddy\Downloads\new prog\AdobeFlashPlayer_11.7.700.224_ActiveX_SPS.exe
Task: {F7CE9D0B-9A1F-43A1-B949-C3F4A66D6E3B} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-08-21] (Piriform Ltd)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
 
==================== Loaded Modules (whitelisted) =============
 
2009-07-14 05:21 - 2011-08-09 20:30 - 00041472 _____ () C:\Windows\system32\slc.dll
2013-04-05 03:42 - 2013-04-05 03:42 - 00164016 _____ (Dropbox, Inc.) C:\Users\Kishore Reddy\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
2009-07-14 05:52 - 2009-07-14 07:08 - 00081408 _____ (Fraunhofer Institut Integrierte Schaltungen IIS) C:\Windows\System32\l3codeca.acm
2012-01-10 21:18 - 2012-01-10 21:18 - 00285696 _____ (Intel Corporation) C:\Windows\system32\igfxrENU.lrc
2012-06-26 13:11 - 2012-06-26 13:11 - 00900184 _____ (Nokia) C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PhoneBrowser64.dll
2012-06-26 11:58 - 2012-06-26 11:58 - 01262592 _____ (Nokia) C:\Program Files (x86)\Nokia\Nokia PC Suite 7\NGSCM64.DLL
2012-06-26 13:08 - 2012-06-26 13:08 - 00026112 _____ (Nokia) C:\Program Files (x86)\Nokia\Nokia PC Suite 7\Lang\PhoneBrowser_eng.nlr
2012-06-26 13:08 - 2012-06-26 13:08 - 00572928 _____ (Nokia) C:\Program Files (x86)\Nokia\Nokia PC Suite 7\Resource\PhoneBrowser_Nokia.ngr
2013-05-08 04:07 - 2013-05-08 04:07 - 00213232 _____ (SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCTXMN64.DLL
2012-05-22 08:12 - 2012-05-22 08:12 - 00252344 _____ (The Eraser Project) C:\Program Files\Eraser\Eraser.Shell.dll
2012-07-20 15:03 - 2012-07-20 15:03 - 00269800 _____ (Axantum Software AB) C:\Program Files\Axantum\AxCrypt\ShellExt.dll
2012-06-18 20:54 - 2012-06-18 20:54 - 00222720 _____ () C:\Program Files (x86)\Notepad++\NppShell_05.dll
2013-04-05 22:09 - 2013-01-15 18:59 - 00161088 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCExtMenu_64.dll
2013-03-29 17:08 - 2013-03-29 17:08 - 00467736 _____ (Piriform Ltd) C:\Program Files\Recuva\RecuvaShell64.dll
2012-12-16 16:55 - 2012-12-16 16:55 - 00439056 _____ (SANDBOXIE L.T.D) C:\Program Files\Sandboxie\SbieDll.dll
2010-08-31 14:20 - 2010-08-10 14:09 - 00460368 _____ (Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDUtl.dll
2013-03-27 03:15 - 2013-03-27 03:15 - 01245840 _____ (QFX Software Corporation) C:\Program Files (x86)\KeyScrambler\x64\KeyScramblerIE.DLL
2013-08-15 11:08 - 2013-07-09 10:23 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2013-01-09 23:05 - 2012-11-30 10:23 - 01114112 _____ (Microsoft Corporation) C:\Windows\syswow64\kernel32.dll
2013-01-09 23:05 - 2012-11-30 10:23 - 00274944 _____ (Microsoft Corporation) C:\Windows\syswow64\KERNELBASE.dll
2013-04-05 22:09 - 2013-01-15 18:48 - 01101632 _____ (Embarcadero Technologies, Inc.) C:\Program Files (x86)\IObit\Advanced SystemCare 6\rtl120.bpl
2011-10-12 12:13 - 2011-08-27 09:56 - 00571904 _____ (Microsoft Corporation) C:\Windows\syswow64\oleaut32.dll
2011-09-02 18:36 - 2010-11-20 17:50 - 01414144 _____ (Microsoft Corporation) C:\Windows\syswow64\ole32.dll
2012-02-15 19:18 - 2011-12-16 13:22 - 00690688 _____ (Microsoft Corporation) C:\Windows\syswow64\msvcrt.dll
2011-09-02 18:35 - 2010-11-20 17:38 - 00311296 _____ (Microsoft Corporation) C:\Windows\syswow64\GDI32.dll
2011-09-02 18:35 - 2010-11-20 17:38 - 00833024 _____ (Microsoft Corporation) C:\Windows\syswow64\USER32.dll
2011-09-02 18:35 - 2010-11-20 17:48 - 00640512 _____ (Microsoft Corporation) C:\Windows\syswow64\ADVAPI32.dll
2009-07-14 04:41 - 2009-07-14 06:46 - 00092160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sechost.dll
2013-08-15 08:48 - 2013-07-09 10:22 - 00663552 _____ (Microsoft Corporation) C:\Windows\syswow64\RPCRT4.dll
2012-10-24 15:05 - 2012-08-24 22:23 - 00096768 _____ (Microsoft Corporation) C:\Windows\syswow64\SspiCli.dll
2009-07-14 04:42 - 2009-07-14 06:45 - 00036864 _____ (Microsoft Corporation) C:\Windows\syswow64\CRYPTBASE.dll
2009-07-14 04:55 - 2009-07-14 06:41 - 00025600 _____ (Microsoft Corporation) C:\Windows\syswow64\LPK.dll
2013-01-09 22:59 - 2012-11-22 10:15 - 00626688 _____ (Microsoft Corporation) C:\Windows\syswow64\USP10.dll
2012-04-11 16:45 - 2012-03-01 11:03 - 00159232 _____ (Microsoft Corporation) C:\Windows\syswow64\IMAGEHLP.DLL
2011-09-02 18:35 - 2010-11-20 17:51 - 00206848 _____ (Microsoft Corporation) C:\Windows\syswow64\WS2_32.dll
2009-07-14 04:42 - 2009-07-14 06:46 - 00008704 _____ (Microsoft Corporation) C:\Windows\syswow64\NSI.dll
2013-04-05 22:09 - 2013-01-15 18:48 - 02002240 _____ (Embarcadero Technologies, Inc.) C:\Program Files (x86)\IObit\Advanced SystemCare 6\vcl120.bpl
2013-05-15 14:34 - 2013-02-27 10:25 - 12872704 _____ (Microsoft Corporation) C:\Windows\syswow64\shell32.dll
2011-09-02 18:35 - 2010-11-20 17:51 - 00350208 _____ (Microsoft Corporation) C:\Windows\syswow64\SHLWAPI.dll
2011-09-02 18:35 - 2010-11-20 17:48 - 00485888 _____ (Microsoft Corporation) C:\Windows\syswow64\comdlg32.dll
2009-07-14 04:58 - 2009-07-14 06:45 - 00828928 _____ (Microsoft Corporation) C:\Windows\syswow64\MSCTF.dll
2011-09-02 18:35 - 2010-11-20 17:51 - 01667584 _____ (Microsoft Corporation) C:\Windows\syswow64\SETUPAPI.dll
2011-08-31 16:30 - 2011-05-24 16:09 - 00145920 _____ (Microsoft Corporation) C:\Windows\syswow64\CFGMGR32.dll
2011-08-31 16:30 - 2011-05-24 16:10 - 00064512 _____ (Microsoft Corporation) C:\Windows\syswow64\DEVOBJ.dll
2009-07-14 05:14 - 2009-07-14 06:45 - 00522240 _____ (Microsoft Corporation) C:\Windows\syswow64\CLBCatQ.DLL
2012-11-16 15:11 - 2010-01-14 16:08 - 00460048 _____ (PC Tools) C:\Program Files (x86)\ThreatFire\TFWAH.dll
2013-05-15 14:34 - 2013-02-27 10:25 - 12872704 _____ (Microsoft Corporation) C:\Windows\syswow64\SHELL32.dll
2011-10-12 12:13 - 2011-08-27 09:56 - 00571904 _____ (Microsoft Corporation) C:\Windows\syswow64\OLEAUT32.dll
2013-08-15 08:51 - 2013-07-09 10:16 - 01166848 _____ (Microsoft Corporation) C:\Windows\syswow64\CRYPT32.dll
2011-09-02 18:35 - 2010-11-20 17:49 - 00034304 _____ (Microsoft Corporation) C:\Windows\syswow64\MSASN1.dll
2013-08-15 08:51 - 2013-07-09 10:22 - 00175104 _____ (Microsoft Corporation) C:\Windows\syswow64\WINTRUST.dll
2011-09-02 18:35 - 2010-11-20 17:51 - 00269824 _____ (Microsoft Corporation) C:\Windows\syswow64\WLDAP32.dll
2009-07-14 04:45 - 2009-07-14 06:46 - 00006144 _____ (Microsoft Corporation) C:\Windows\syswow64\PSAPI.DLL
2013-08-15 16:39 - 2013-07-26 08:43 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2009-07-14 04:45 - 2009-07-14 06:39 - 00002048 _____ (Microsoft Corporation) C:\Windows\syswow64\normaliz.DLL
2013-08-15 16:39 - 2013-07-26 08:42 - 02048512 _____ (Microsoft Corporation) C:\Windows\syswow64\iertutil.dll
2013-08-15 16:39 - 2013-07-26 08:43 - 01767936 _____ (Microsoft Corporation) C:\Windows\syswow64\WININET.dll
2013-03-30 13:24 - 2013-03-30 13:16 - 00011362 _____ () C:\ProgramData\Aircel\OnlineUpdate\mingwm10.dll
2013-05-15 14:34 - 2013-02-27 10:25 - 12872704 _____ (Microsoft Corporation) C:\Windows\syswow64\SHELL32.DLL
2013-03-30 13:24 - 2013-03-30 13:16 - 00043008 _____ () C:\ProgramData\Aircel\OnlineUpdate\libgcc_s_dw2-1.dll
2013-03-30 13:24 - 2010-07-23 10:28 - 02415104 _____ () C:\ProgramData\Aircel\OnlineUpdate\QtCore4.dll
2011-09-02 18:36 - 2010-11-20 17:50 - 01414144 _____ (Microsoft Corporation) C:\Windows\syswow64\OLE32.dll
2011-09-02 18:35 - 2010-11-20 17:51 - 00206848 _____ (Microsoft Corporation) C:\Windows\syswow64\WS2_32.DLL
2013-03-30 13:24 - 2013-03-30 13:16 - 01148416 _____ () C:\ProgramData\Aircel\OnlineUpdate\QtNetwork4.dll
2013-03-30 13:24 - 2012-06-28 08:04 - 00843264 _____ () C:\ProgramData\Aircel\OnlineUpdate\QueryStrategy.dll
2013-03-30 13:24 - 2013-03-30 13:16 - 00398336 _____ () C:\ProgramData\Aircel\OnlineUpdate\QtXml4.dll
2013-05-28 22:14 - 2013-05-28 22:14 - 00221184 _____ () C:\Program Files (x86)\GNU\GnuPG\libksba-8.dll
2013-05-28 22:12 - 2013-05-28 22:12 - 00037888 _____ () C:\Program Files (x86)\GNU\GnuPG\libgpg-error-0.dll
2013-05-28 22:11 - 2013-05-28 22:11 - 00050176 _____ () C:\Program Files (x86)\GNU\GnuPG\libw32pth-0.dll
2013-05-28 22:14 - 2013-05-28 22:14 - 00069632 _____ () C:\Program Files (x86)\GNU\GnuPG\libassuan-0.dll
2013-05-28 22:15 - 2013-05-28 22:15 - 00627712 _____ () C:\Program Files (x86)\GNU\GnuPG\libgcrypt-11.dll
2011-09-02 18:35 - 2010-11-20 17:38 - 00833024 _____ (Microsoft Corporation) C:\Windows\syswow64\user32.DLL
2011-09-02 18:35 - 2010-11-20 17:51 - 00350208 _____ (Microsoft Corporation) C:\Windows\syswow64\shlwapi.DLL
2012-11-16 15:11 - 2010-01-14 16:07 - 00044816 _____ (PC Tools) C:\Program Files (x86)\ThreatFire\TFAPI.dll
2012-04-11 16:45 - 2012-03-01 11:03 - 00159232 _____ (Microsoft Corporation) C:\Windows\syswow64\imagehlp.dll
2010-06-29 03:43 - 2010-06-29 03:43 - 00049920 _____ (NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\Pehook.DLL
2010-06-29 03:43 - 2010-06-29 03:43 - 00408320 _____ (NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\ISchedule.DLL
2010-06-29 03:43 - 2010-06-29 03:43 - 00360192 _____ (NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\SyncDll.DLL
2010-06-29 03:50 - 2010-06-29 03:50 - 00465576 _____ () C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\sqlite3.dll
2010-06-29 03:42 - 2010-06-29 03:42 - 00049920 _____ (NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\agent_stub.dll
2010-06-29 03:42 - 2010-06-29 03:42 - 01081600 _____ () C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\ACE.dll
2010-06-29 03:43 - 2010-06-29 03:43 - 00063744 _____ (NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\VssAgent.dll
2010-06-29 03:43 - 2010-06-29 03:43 - 00333056 _____ (NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IShadowS3.dll
2012-12-30 14:34 - 2012-08-23 09:45 - 02169224 _____ (Embarcadero Technologies, Inc.) C:\Program Files (x86)\Spybot - Search & Destroy 2\rtl150.bpl
2012-12-30 14:34 - 2012-08-23 09:45 - 02477736 _____ (Embarcadero Technologies, Inc.) C:\Program Files (x86)\Spybot - Search & Destroy 2\vcl150.bpl
2013-08-15 16:39 - 2013-07-26 08:43 - 01767936 _____ (Microsoft Corporation) C:\Windows\syswow64\wininet.dll
2012-12-30 14:34 - 2012-11-13 14:06 - 03643352 _____ (Project JEDI) C:\Program Files (x86)\Spybot - Search & Destroy 2\Jcl150.bpl
2012-12-30 14:34 - 2012-11-13 14:06 - 00108960 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2012-12-30 14:34 - 2012-11-13 14:06 - 00416160 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2013-08-15 08:51 - 2013-07-09 10:16 - 01166848 _____ (Microsoft Corporation) C:\Windows\syswow64\crypt32.dll
2012-12-30 14:34 - 2012-11-13 14:06 - 00158624 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2012-12-30 14:34 - 2012-08-23 09:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2012-12-30 14:34 - 2012-11-13 14:06 - 00528288 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\JSDialogPack150.bpl
2012-12-30 14:34 - 2012-08-23 09:45 - 00243112 _____ (Embarcadero Technologies, Inc.) C:\Program Files (x86)\Spybot - Search & Destroy 2\vclx150.bpl
2012-12-30 14:34 - 2012-09-05 11:43 - 00715720 _____ (Embarcadero Technologies, Inc.) C:\Program Files (x86)\Spybot - Search & Destroy 2\vclie150.bpl
2013-08-15 16:39 - 2013-07-26 08:43 - 01141248 _____ (Microsoft Corporation) C:\Windows\syswow64\URLMON.DLL
2013-08-15 08:51 - 2013-07-09 10:22 - 00175104 _____ (Microsoft Corporation) C:\Windows\syswow64\wintrust.dll
2009-07-14 04:45 - 2009-07-14 06:46 - 00006144 _____ (Microsoft Corporation) C:\Windows\syswow64\psapi.dll
2009-07-14 05:03 - 2009-07-14 06:47 - 00249680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcryptprimitives.dll
2011-09-02 18:35 - 2010-11-20 17:48 - 00485888 _____ (Microsoft Corporation) C:\Windows\syswow64\COMDLG32.dll
2013-08-15 16:39 - 2013-07-26 08:42 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWow64\jscript.dll
2013-08-15 16:39 - 2013-07-26 08:43 - 01141248 _____ (Microsoft Corporation) C:\Windows\syswow64\urlmon.dll
2012-10-24 15:05 - 2012-08-24 22:27 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2011-09-02 18:35 - 2010-11-20 17:51 - 00560128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2011-09-02 18:34 - 2010-11-20 17:48 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Cabinet.dll
2011-09-02 18:34 - 2010-11-20 17:51 - 00027648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2011-09-02 18:35 - 2010-11-20 17:48 - 00640512 _____ (Microsoft Corporation) C:\Windows\syswow64\ADVAPI32.DLL
2011-09-02 18:36 - 2010-11-20 17:50 - 01414144 _____ (Microsoft Corporation) C:\Windows\syswow64\OLE32.DLL
2011-10-12 12:13 - 2011-08-27 09:56 - 00571904 _____ (Microsoft Corporation) C:\Windows\syswow64\OLEAUT32.DLL
2013-08-15 16:39 - 2013-07-26 08:43 - 01767936 _____ (Microsoft Corporation) C:\Windows\syswow64\WININET.DLL
2012-11-16 15:11 - 2010-01-14 16:08 - 00058640 _____ (PC Tools) C:\Program Files (x86)\ThreatFire\TFServer.dll
2012-11-16 15:11 - 2010-01-14 16:07 - 00873744 _____ (PC Tools) C:\Program Files (x86)\ThreatFire\TFE.dll
2012-11-16 15:11 - 2010-01-14 16:08 - 00045840 _____ (PC Tools) C:\Program Files (x86)\ThreatFire\TFMon.dll
2012-11-16 15:11 - 2010-01-14 16:08 - 00107792 _____ (PC Tools) C:\Program Files (x86)\ThreatFire\TFRK.dll
2012-11-16 15:11 - 2010-01-14 16:08 - 00028944 _____ (PC Tools) C:\Program Files (x86)\ThreatFire\TFMisc.dll
2012-11-16 15:11 - 2010-01-14 16:08 - 00062736 _____ (PC Tools) C:\Program Files (x86)\ThreatFire\TFLog.dll
2012-11-16 15:11 - 2010-01-14 16:08 - 00058640 _____ (PC Tools) C:\Program Files (x86)\ThreatFire\TFUndo.dll
2012-11-16 15:11 - 2010-01-14 16:08 - 00423184 _____ (PC Tools) C:\Program Files (x86)\ThreatFire\TFSF.dll
2012-11-16 15:11 - 2010-01-14 16:08 - 00353552 _____ (PC Tools) C:\Program Files (x86)\ThreatFire\TFQT.dll
2012-11-16 15:11 - 2010-01-14 16:08 - 00161040 _____ (PC Tools) C:\Program Files (x86)\ThreatFire\TFScan.dll
2012-11-16 15:11 - 2010-01-14 16:07 - 00066832 _____ (PC Tools) C:\Program Files (x86)\ThreatFire\TFDBM.dll
2012-11-16 15:11 - 2010-01-14 16:08 - 00402704 _____ (PC Tools) C:\Program Files (x86)\ThreatFire\TFTM.dll
2013-08-15 08:51 - 2013-07-09 10:22 - 00175104 _____ (Microsoft Corporation) C:\Windows\syswow64\WinTrust.dll
2012-11-16 15:11 - 2010-01-14 16:08 - 00032528 _____ (PC Tools) C:\Program Files (x86)\ThreatFire\TFO.dll
2012-11-16 15:11 - 2010-01-14 16:07 - 00099600 _____ (PC Tools) C:\Program Files (x86)\ThreatFire\TFCR.dll
2012-11-16 15:11 - 2010-01-14 16:08 - 00144656 _____ (PC Tools) C:\Program Files (x86)\ThreatFire\TFPA.dll
2011-09-02 18:35 - 2010-11-20 17:49 - 00257024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.DLL
2012-10-24 15:05 - 2012-08-24 22:23 - 00096768 _____ (Microsoft Corporation) C:\Windows\syswow64\SSPICLI.DLL
2011-09-02 18:34 - 2010-11-20 17:38 - 00119808 _____ (Microsoft Corporation) C:\Windows\syswow64\IMM32.dll
2009-07-14 04:59 - 2009-07-14 06:46 - 00021504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qmgrprxy.dll
2013-03-27 03:15 - 2013-03-27 03:15 - 00924816 _____ (QFX Software Corporation) C:\Program Files (x86)\KeyScrambler\KeyScramblerIE.DLL
2010-08-31 14:20 - 2009-07-20 12:42 - 00137736 _____ (Dritek System Inc.) C:\Program Files (x86)\Launch Manager\ComFnUtl.dll
2010-08-31 14:20 - 2009-07-14 12:23 - 00128008 _____ (Dritek System Inc.) C:\Program Files (x86)\Launch Manager\CDRomUtl.dll
2010-08-31 14:20 - 2009-07-27 10:12 - 00062472 _____ (Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MixerUtl.dll
2010-08-31 14:20 - 2009-07-27 10:17 - 00068104 _____ (Dritek System Inc.) C:\Program Files (x86)\Launch Manager\Wnd2File.dll
2010-08-31 14:20 - 2009-07-27 16:13 - 00068104 _____ (Dritek System Inc.) C:\Program Files (x86)\Launch Manager\PowerUtl.dll
2010-08-31 14:20 - 2009-12-30 14:43 - 00326736 _____ (Dritek System Inc.) C:\Program Files (x86)\Launch Manager\OSDUtl2.dll
2010-08-31 14:20 - 2009-07-27 10:08 - 00088584 _____ (Dritek System Inc.) C:\Program Files (x86)\Launch Manager\SzUPFUtl.dll
2010-08-31 14:20 - 2010-06-22 12:02 - 00399440 _____ (Dritek System Inc.) C:\Program Files (x86)\Launch Manager\RadioWndUtl.dll
2012-11-16 15:11 - 2010-01-14 16:08 - 00460048 _____ (PC Tools) C:\Program Files (x86)\ThreatFire\TfWah.dll
2010-08-31 14:20 - 2010-08-10 14:36 - 00366160 _____ (Dritek System Inc.) C:\Program Files (x86)\Launch Manager\aipflib.dll
2010-08-31 14:20 - 2010-02-10 07:19 - 00082000 _____ (Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LmSmbKel.dll
2010-08-31 14:20 - 2009-07-03 13:59 - 00147464 _____ (Dritek System Inc.) C:\Program Files (x86)\Launch Manager\VistaVol.DLL
2010-08-31 14:20 - 2009-05-20 11:32 - 00072200 _____ () C:\Program Files (x86)\Launch Manager\CdDirIo.dll
2013-01-09 23:05 - 2012-11-30 10:23 - 01114112 _____ (Microsoft Corporation) C:\Windows\syswow64\KERNEL32.dll
2013-08-15 15:44 - 2013-08-15 15:44 - 00452608 _____ (Intel Corporation) C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\a813594aee7ca5ff5608765993abc02e\IAStorUtil.ni.dll
2012-12-30 14:34 - 2012-08-23 09:45 - 00329120 _____ (Embarcadero Technologies, Inc.) C:\Program Files (x86)\Spybot - Search & Destroy 2\vclimg150.bpl
2012-12-30 14:34 - 2012-11-13 14:06 - 00554400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\VirtualTreesDXE150.bpl
2010-08-31 14:20 - 2010-02-03 10:01 - 00071248 _____ (Dritek System Inc.) C:\Program Files (x86)\Launch Manager\NTKCUtl.dll
2013-08-15 15:43 - 2013-08-15 15:43 - 00019968 _____ (Intel Corporation) C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorDataMgrSvc\c0f692a4db9d2fd24ff08f77f1ca375c\IAStorDataMgrSvc.ni.exe
2013-08-15 15:44 - 2013-08-15 15:44 - 00176640 _____ (Intel Corporation) C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorDataMgr\cf755a845ccf977a04718b1da87c881f\IAStorDataMgr.ni.dll
2013-08-15 15:44 - 2013-08-15 15:44 - 00170496 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\6e997fe0be532817a01fc1928df6bd62\IsdiInterop.ni.dll
2010-08-31 13:36 - 2010-04-13 22:22 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IsdiInterop.dll
2010-08-31 13:41 - 2010-03-03 12:07 - 01892352 _____ (Apache Software Foundation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\xerces-c_2_7.dll
2010-06-29 03:50 - 2010-06-29 03:50 - 00465576 _____ () C:\PROGRAM FILES (X86)\NEWTECH INFOSYSTEMS\ACER BACKUP MANAGER\sqlite3.dll
2010-06-29 03:44 - 2010-06-29 03:44 - 00015104 _____ (NewTech Infosystems, Inc.) C:\PROGRAM FILES (X86)\NEWTECH INFOSYSTEMS\ACER BACKUP MANAGER\MUI\0409\lang.dll
2013-08-03 13:33 - 2012-10-26 12:23 - 00523776 _____ () C:\Program Files (x86)\Aircel\core.dll
2013-08-03 13:33 - 2012-10-25 16:18 - 00286720 _____ () C:\Program Files (x86)\Aircel\sdk.dll
2013-08-03 13:33 - 2009-01-10 16:02 - 00011362 _____ () C:\Program Files (x86)\Aircel\mingwm10.dll
2013-08-03 13:33 - 2009-06-23 00:12 - 00043008 _____ () C:\Program Files (x86)\Aircel\libgcc_s_dw2-1.dll
2013-08-03 13:33 - 2010-07-23 10:28 - 02415104 _____ () C:\Program Files (x86)\Aircel\QtCore4.dll
2013-08-03 13:33 - 2010-02-10 20:13 - 09515520 _____ () C:\Program Files (x86)\Aircel\QtGui4.dll
2011-09-02 18:35 - 2010-11-20 17:48 - 00485888 _____ (Microsoft Corporation) C:\Windows\syswow64\COMDLG32.DLL
2011-09-02 18:34 - 2010-11-20 17:38 - 00119808 _____ (Microsoft Corporation) C:\Windows\syswow64\IMM32.DLL
2013-08-03 13:33 - 2010-02-11 01:41 - 15675904 _____ () C:\Program Files (x86)\Aircel\QtWebKit4.DLL
2013-08-03 13:33 - 2010-02-10 19:40 - 01148416 _____ () C:\Program Files (x86)\Aircel\QtNetwork4.dll
2013-08-03 13:33 - 2010-02-10 23:14 - 03962880 _____ () C:\Program Files (x86)\Aircel\QtXmlPatterns4.dll
2013-08-03 13:33 - 2010-02-10 23:16 - 00306176 _____ () C:\Program Files (x86)\Aircel\phonon4.dll
2013-08-03 13:33 - 2012-08-06 12:35 - 00405504 _____ () C:\Program Files (x86)\Aircel\Proxy.DLL
2013-08-03 13:33 - 2012-08-06 12:34 - 00628224 _____ () C:\Program Files (x86)\Aircel\Common.dll
2013-08-03 13:33 - 2012-10-30 11:52 - 00158208 _____ () C:\Program Files (x86)\Aircel\Trace.dll
2013-08-03 13:33 - 2012-08-06 12:35 - 00583168 _____ () C:\Program Files (x86)\Aircel\PluginContainer.dll
2013-08-03 13:33 - 2012-08-06 12:35 - 00646144 _____ () C:\Program Files (x86)\Aircel\AtCodec.dll
2013-08-03 13:33 - 2012-08-06 12:35 - 00729088 _____ () C:\Program Files (x86)\Aircel\DeviceSrvPlugin.dll
2013-08-03 13:33 - 2012-08-06 12:35 - 00195584 _____ () C:\Program Files (x86)\Aircel\XCodec.dll
2013-08-03 13:33 - 2012-08-06 12:35 - 00241152 _____ () C:\Program Files (x86)\Aircel\NetSrvPlugin.dll
2013-08-03 13:33 - 2012-08-06 12:35 - 00164864 _____ () C:\Program Files (x86)\Aircel\OSDialup.dll
2013-08-03 13:33 - 2012-08-06 12:35 - 00155136 _____ () C:\Program Files (x86)\Aircel\DataServicePlugin.dll
2013-08-03 13:33 - 2012-08-06 12:35 - 00177152 _____ () C:\Program Files (x86)\Aircel\CallSrvPlugin.dll
2013-08-03 13:33 - 2012-08-06 12:35 - 00672768 _____ () C:\Program Files (x86)\Aircel\AddrBookSrvPlugin.dll
2013-08-03 13:33 - 2012-08-06 12:35 - 00219648 _____ () C:\Program Files (x86)\Aircel\SmsSrvPlugin.dll
2013-08-03 13:33 - 2012-08-06 12:35 - 00142336 _____ () C:\Program Files (x86)\Aircel\USSDSrvPlugin.dll
2013-08-03 13:33 - 2012-08-06 12:35 - 00730624 _____ () C:\Program Files (x86)\Aircel\DeviceAppPlugin.dll
2013-08-03 13:33 - 2012-08-06 12:34 - 00065536 _____ () C:\Program Files (x86)\Aircel\OSPowerMgr.dll
2013-08-03 13:33 - 2012-06-06 06:52 - 00155648 _____ () C:\Program Files (x86)\Aircel\Win7Support.dll
2013-08-03 13:33 - 2012-08-06 12:35 - 01124352 _____ () C:\Program Files (x86)\Aircel\AddrBookPlugin.dll
2013-08-03 13:33 - 2012-08-06 12:35 - 00704000 _____ () C:\Program Files (x86)\Aircel\SmsAppPlugin.dll
2013-08-03 13:33 - 2012-08-06 12:35 - 00187392 _____ () C:\Program Files (x86)\Aircel\CallAppPlugin.dll
2013-08-03 13:33 - 2012-08-06 12:35 - 00569344 _____ () C:\Program Files (x86)\Aircel\CallLogSrvPlugin.dll
2013-08-03 13:33 - 2012-08-06 12:35 - 00158720 _____ () C:\Program Files (x86)\Aircel\NetConnectSrvPlugin.dll
2013-08-03 13:33 - 2012-08-06 12:35 - 00236032 _____ () C:\Program Files (x86)\Aircel\DialUpPlugin.dll
2013-08-03 13:33 - 2012-08-06 12:34 - 00102400 _____ () C:\Program Files (x86)\Aircel\OSAdapt.dll
2013-08-03 13:33 - 2012-08-06 12:35 - 00201216 _____ () C:\Program Files (x86)\Aircel\NDISPlugin.dll
2013-08-03 13:33 - 2012-08-06 12:35 - 00131584 _____ () C:\Program Files (x86)\Aircel\OSNDIS.dll
2013-08-03 13:33 - 2012-07-27 12:23 - 01114112 _____ () C:\Program Files (x86)\Aircel\NDISAPI.dll
2013-08-03 13:33 - 2012-08-06 12:35 - 00702464 _____ () C:\Program Files (x86)\Aircel\NetInfoSrvPlugin.dll
2013-08-03 13:33 - 2012-08-06 12:35 - 00062976 _____ () C:\Program Files (x86)\Aircel\OSCall.dll
2013-08-03 13:33 - 2012-06-06 06:52 - 00224256 _____ () C:\Program Files (x86)\Aircel\tdpcvoice.dll
2013-08-03 13:33 - 2012-10-25 16:27 - 00583168 _____ () C:\Program Files (x86)\Aircel\DeviceMgrUIPlugin.dll
2013-08-03 13:33 - 2010-02-10 19:36 - 00398336 _____ () C:\Program Files (x86)\Aircel\QtXml4.dll
2013-08-03 13:33 - 2012-10-26 12:24 - 00316928 _____ () C:\Program Files (x86)\Aircel\XFramePlugin.dll
2013-08-03 13:33 - 2012-08-06 12:35 - 00168960 _____ () C:\Program Files (x86)\Aircel\ATR2SMgr.dll
2013-08-03 13:33 - 2012-10-25 16:54 - 00717312 _____ () C:\Program Files (x86)\Aircel\CallUIPlugin.dll
2013-08-03 13:33 - 2012-10-25 16:24 - 00097792 _____ () C:\Program Files (x86)\Aircel\NotifyServicePlugin.dll
2013-08-03 13:33 - 2012-10-25 16:28 - 00334848 _____ () C:\Program Files (x86)\Aircel\StatusBarMgrPlugin.dll
2013-08-03 13:33 - 2012-10-30 11:30 - 00362496 _____ () C:\Program Files (x86)\Aircel\NetConnectPlugin.dll
2013-08-03 13:33 - 2012-10-25 16:20 - 00654848 _____ () C:\Program Files (x86)\Aircel\DialupUIPlugin.dll
2013-08-03 13:33 - 2012-10-25 16:30 - 00117760 _____ () C:\Program Files (x86)\Aircel\LayoutPlugin.dll
2013-08-03 13:33 - 2012-10-25 16:57 - 00148480 _____ () C:\Program Files (x86)\Aircel\HomePlugin.dll
2013-08-03 13:33 - 2012-10-25 16:30 - 00140288 _____ () C:\Program Files (x86)\Aircel\EntertainmentUIPlugin.dll
2013-08-03 13:33 - 2012-10-31 17:47 - 00313344 _____ () C:\Program Files (x86)\Aircel\DiagnosisPlugin.dll
2013-08-03 13:33 - 2012-08-06 12:38 - 00119296 _____ () C:\Program Files (x86)\Aircel\ConnectMgrUIPlugin.dll
2013-08-03 13:33 - 2012-10-25 16:33 - 00332288 _____ () C:\Program Files (x86)\Aircel\MenuMgrPlugin.dll
2013-08-03 13:33 - 2012-10-25 16:52 - 00502272 _____ () C:\Program Files (x86)\Aircel\USSDUIPlugin.dll
2013-08-03 13:33 - 2012-06-06 06:52 - 00176128 _____ (TODO: <Company name>) C:\Program Files (x86)\Aircel\mcciwin32.dll
2013-08-03 13:33 - 2012-10-26 12:24 - 00417792 _____ () C:\Program Files (x86)\Aircel\CallLogUIPlugin.dll
2013-08-03 13:33 - 2012-10-30 11:29 - 00878080 _____ () C:\Program Files (x86)\Aircel\SMSUIPlugin.dll
2013-08-03 13:33 - 2012-10-25 16:25 - 00819712 _____ () C:\Program Files (x86)\Aircel\AddrBookUIPlugin.dll
2013-08-03 13:33 - 2012-10-25 16:31 - 00157696 _____ () C:\Program Files (x86)\Aircel\SettingUIPlugin.dll
2013-08-03 13:33 - 2012-10-25 16:33 - 00237568 _____ () C:\Program Files (x86)\Aircel\ToolBarMgrPlugin.dll
2013-08-03 13:33 - 2012-06-28 08:04 - 00694272 _____ () C:\Program Files (x86)\Aircel\LiveUpdateInterface.DLL
2013-08-03 13:33 - 2012-06-06 06:51 - 00082944 _____ () C:\Program Files (x86)\Aircel\plugins\imageformats\qgif4.dll
2013-08-03 13:33 - 2012-06-06 06:51 - 00081920 _____ () C:\Program Files (x86)\Aircel\plugins\imageformats\qico4.dll
2013-08-03 13:33 - 2012-06-06 06:51 - 00192000 _____ () C:\Program Files (x86)\Aircel\plugins\imageformats\qjpeg4.dll
2013-08-03 13:33 - 2012-06-06 06:51 - 00350720 _____ () C:\Program Files (x86)\Aircel\plugins\imageformats\qmng4.dll
2013-08-03 13:33 - 2012-06-06 06:51 - 00370176 _____ () C:\Program Files (x86)\Aircel\plugins\imageformats\qtiff4.dll
2013-08-03 13:33 - 2012-10-25 16:57 - 00095232 _____ () C:\Program Files (x86)\Aircel\PINSettingUIPlugin.dll
 
==================== Alternate Data Streams (whitelisted) ==========
 
 
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (09/07/2013 01:54:31 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
 
Error: (09/07/2013 00:27:03 PM) (Source: CVHSVC) (User: )
Description: Information only.
(Patch task for {90140011-0066-0409-0000-0000000FF1CE}): DownloadLatest Failed: There are currently no active network connections. Background Intelligent Transfer Service (BITS) will try again when an adapter is connected.
 
Error: (09/06/2013 10:51:57 PM) (Source: CVHSVC) (User: )
Description: Information only.
(Patch task for {90140011-0066-0409-0000-0000000FF1CE}): DownloadLatest Failed: There are currently no active network connections. Background Intelligent Transfer Service (BITS) will try again when an adapter is connected.
 
Error: (09/06/2013 02:09:03 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
 
Error: (09/06/2013 11:48:48 AM) (Source: CVHSVC) (User: )
Description: Information only.
(Patch task for {90140011-0066-0409-0000-0000000FF1CE}): DownloadLatest Failed: There are currently no active network connections. Background Intelligent Transfer Service (BITS) will try again when an adapter is connected.
 
Error: (09/05/2013 08:31:03 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
 
Error: (09/04/2013 02:02:33 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
 
Error: (09/04/2013 11:31:25 AM) (Source: Windows Search Service) (User: )
Description: The index cannot be initialized.
 
 
Details:
The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)
 
Error: (09/04/2013 11:31:25 AM) (Source: Windows Search Service) (User: )
Description: The application cannot be initialized.
 
Context: Windows Application
 
 
Details:
The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)
 
Error: (09/04/2013 11:31:25 AM) (Source: Windows Search Service) (User: )
Description: The gatherer object cannot be initialized.
 
Context: Windows Application, SystemIndex Catalog
 
 
Details:
The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)
 
 
System errors:
=============
Error: (09/07/2013 00:16:24 PM) (Source: Service Control Manager) (User: )
Description: The DgiVecp service failed to start due to the following error: 
%%20
 
Error: (09/07/2013 00:16:23 PM) (Source: Service Control Manager) (User: )
Description: The Aircel. OUC service failed to start due to the following error: 
%%1053
 
Error: (09/07/2013 00:16:23 PM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Aircel. OUC service to connect.
 
Error: (09/06/2013 10:41:21 PM) (Source: Service Control Manager) (User: )
Description: The DgiVecp service failed to start due to the following error: 
%%20
 
Error: (09/06/2013 10:41:20 PM) (Source: Service Control Manager) (User: )
Description: The Aircel. OUC service failed to start due to the following error: 
%%1053
 
Error: (09/06/2013 10:41:20 PM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Aircel. OUC service to connect.
 
Error: (09/06/2013 09:28:18 PM) (Source: Service Control Manager) (User: )
Description: The DgiVecp service failed to start due to the following error: 
%%20
 
Error: (09/06/2013 09:28:17 PM) (Source: Service Control Manager) (User: )
Description: The Aircel. OUC service failed to start due to the following error: 
%%1053
 
Error: (09/06/2013 09:28:17 PM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Aircel. OUC service to connect.
 
Error: (09/06/2013 04:48:24 PM) (Source: Service Control Manager) (User: )
Description: The DgiVecp service failed to start due to the following error: 
%%20
 
 
Microsoft Office Sessions:
=========================
Error: (09/07/2013 01:54:31 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Kishore Reddy\Downloads\esetsmartinstaller_enu.exe
 
Error: (09/07/2013 00:27:03 PM) (Source: CVHSVC)(User: )
Description: (Patch task for {90140011-0066-0409-0000-0000000FF1CE}): DownloadLatest Failed: There are currently no active network connections. Background Intelligent Transfer Service (BITS) will try again when an adapter is connected.
 
Error: (09/06/2013 10:51:57 PM) (Source: CVHSVC)(User: )
Description: (Patch task for {90140011-0066-0409-0000-0000000FF1CE}): DownloadLatest Failed: There are currently no active network connections. Background Intelligent Transfer Service (BITS) will try again when an adapter is connected.
 
Error: (09/06/2013 02:09:03 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe
 
Error: (09/06/2013 11:48:48 AM) (Source: CVHSVC)(User: )
Description: (Patch task for {90140011-0066-0409-0000-0000000FF1CE}): DownloadLatest Failed: There are currently no active network connections. Background Intelligent Transfer Service (BITS) will try again when an adapter is connected.
 
Error: (09/05/2013 08:31:03 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe
 
Error: (09/04/2013 02:02:33 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe
 
Error: (09/04/2013 11:31:25 AM) (Source: Windows Search Service)(User: )
Description: 
Details:
The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)
 
Error: (09/04/2013 11:31:25 AM) (Source: Windows Search Service)(User: )
Description: Context: Windows Application
 
 
Details:
The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)
 
Error: (09/04/2013 11:31:25 AM) (Source: Windows Search Service)(User: )
Description: Context: Windows Application, SystemIndex Catalog
 
 
Details:
The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)
 
 
CodeIntegrity Errors:
===================================
  Date: 2013-08-26 12:00:17.671
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2013-08-26 12:00:17.546
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
 
==================== Memory info =========================== 
 
Percentage of memory in use: 48%
Total physical RAM: 2806.71 MB
Available physical RAM: 1453.49 MB
Total Pagefile: 5611.61 MB
Available Pagefile: 3606.06 MB
Total Virtual: 8192 MB
Available Virtual: 8191.81 MB
 
==================== Drives ================================
 
Drive c: (Acer) (Fixed) (Total:452.66 GB) (Free:392.25 GB) NTFS
Drive f: (Aircel) (CDROM) (Total:0.07 GB) (Free:0 GB) CDFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: ACC65072)
Partition 1: (Not Active) - (Size=13 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=453 GB) - (Type=07 NTFS)
 
==================== End Of Log ============================
Link to post
Share on other sites

Open Notepad (Start => All Programs => Accessories => Notepad). Please copy the entire contents of the code box below. (To do this highlight the contents of the box, right click on it and select copy. Right-click in the open Notepad and select Paste). Save it on the same directory as FRST.exe and save it as fixlist.txt

 

CHR Extension: (Ghostery) - C:\Users\KISHOR~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij\4.1.2_0

c:\users\kishore reddy\appdata\roaming\delta

NOTICE: This script was written specifically for this user, for use on this particular machine. Running this on another machine may cause damage to your operating system

Run FRST (or FRST64 if you have the 64bit version) and press the Fix button just once and wait.

The tool will make a log (Fixlog.txt) please post it to your reply.

Reboot Normally.

Link to post
Share on other sites

Hello,

i have followed your instructions and completed the fix. here is the fixlog, please take a look.

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 07-09-2013 03

Ran by Kishore Reddy at 2013-09-08 19:45:42 Run:1

Running from C:\Users\Kishore Reddy\Desktop

Boot Mode: Normal

==============================================

Content of fixlist:

*****************

CHR Extension: (Ghostery) - C:\Users\KISHOR~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij\4.1.2_0

c:\users\kishore reddy\appdata\roaming\delta

*****************

C:\Users\KISHOR~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij => Moved successfully.

"c:\users\kishore reddy\appdata\roaming\delta" => File/Directory not found.

==== End of Fixlog ====

Link to post
Share on other sites

Sorry, i forgot to tell you that earlier we have disabled chrome extension ghostery and i have enabled it again.now we are disabling chrome extension ghostery for the second time. thankyou .

Link to post
Share on other sites

Hello Mr.Borislav, still the MBAM scan continues to detect the 2 threats.the scan log is attached for your further analysis. thankyou.

 

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org
 
Database version: v2013.09.06.07
 
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16660
Kishore Reddy :: KISHOREREDDY-PC [administrator]
 
09-09-2013 21:45:34
mbam-log-2013-09-09 (21-45-34).txt
 
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P
Scan options disabled: 
Objects scanned: 228350
Time elapsed: 10 minute(s), 30 second(s)
 
Memory Processes Detected: 0
(No malicious items detected)
 
Memory Modules Detected: 0
(No malicious items detected)
 
Registry Keys Detected: 0
(No malicious items detected)
 
Registry Values Detected: 0
(No malicious items detected)
 
Registry Data Items Detected: 0
(No malicious items detected)
 
Folders Detected: 1
c:\users\kishore reddy\appdata\roaming\delta (PUP.Optional.Delta) -> Quarantined and deleted successfully.
 
Files Detected: 1
c:\users\kishore reddy\appdata\roaming\delta\sqlite3.dll (PUP.Optional.Delta) -> Delete on reboot.
 
(end)
Link to post
Share on other sites

Hello, I've been asked to review your system and see if we can get this issue corrected.

Are you using TrueCrypt for file encryption or disk encryption?   We do not support disk encryption if using for partition or disk encryption.
 

STEP 01
Please unintall the following sofware.  Once we are done here if you wish to reinstall any of them then that's up to you but for now please uninstall them.

Advanced SystemCare 6

The company behind this product was found to be stealing our database.  It's also not very good at detection and removal anyways...
Personally I would not trust installing any software from a company that resorts to stealing someone's technology to sell their product.
Please see the following links and make up your own mind if you want to keep this on your system. If needed I can help you remove it.
 

 

Spybot - Search & Destroy good product but for now please uninstall it so we know that it is not part of the issue.

 

AVG antivirus
Please use Control Panel, Add/Remove Programs and uninstall AVG antivirus
Then download and run the following tool to help remove any left over elements of AVG  avg_remover_stf_x64_2012_2125.exe


Browser Hijack Retaliator
Panda USB Vaccine
Sandboxie
SUPERAntiSpyware
PC Tuneup 2011



Wise Registry Cleaner

Registry Cleaners are Snake Oil and can cause damage to the Registry that are difficult if not impossible to fix.  Please uninstall this and do not use one.

Do I need a Windows Registry Cleaner?
 

STEP 02
What is this software?  XBMC (HKCU)



STEP 03

Once you have uninstalled all of the listed software above please restart the computer one more time.

 

STEP 04

Delete all the files and program for the FRST tool.  Then create a new folder on your Desktop called REPAIR and download a new fresh copy of FRST and save it in that new folder and run it again and post back the 2 new logs.

 

Please download Farbar Recovery Scan Tool and save it to your desktop.

Note: You need to run the version compatibale with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

  • Double-click to run it. When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.

 

 

Link to post
Share on other sites

Hello, i am thankful to all of you for your continuous help in trying to resolve this issue.

 

1) I do not use Truecrypt for partition or disk encryption.

2) Please help me get rid of Advanced system care 6.

3) I will Uninstall Spybot-Search&Destroy.

4) I will Uninstall Browser hijack Retaliator.

5) I will Uninstall Panda USB Vaccine.

6) I request you to let me keep Sandboxie, as Uninstalling the program may create some major problems in my Registry.

7) I will Uninstall SuperAntiSpyware.

8) I will Uninstall PC Tuneup 2011.

9) I will Uninstall Wise Registry Cleaner.

10) I will Uninstall XBMC(HKCU). I have installed this program long back but never used it.

 

I have already uninstalled AVG from my control panel long back and now do you want me to download the tool to remove the left over elements.

Please let me know if i can Uninstall these programs using Revo Uninstaller or simply Uninstall from my Control Panel.I need to tell you one more thing this issue only surfaced after 8th of AUG, i did a full scan with MBAM on 8th of AUG and it did not show any threats. And the last thing do you want me to Delete FRST.EXE and the 2 related folders from my Desktop and once again download a fresh copy to scan my machine. thank you.

Link to post
Share on other sites

Archived

This topic is now archived and is closed to further replies.

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    No registered users viewing this page.


Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.