Jump to content

I really need some help! Everything wont work :(


vvind

Recommended Posts

Hi,

 

 

I am new here and thanks in advance for taking a look at whats wrong with my computer.

 

 

I have downloaded a few programs already.  Combofix, Junkware removal tool, roguekiller, Rkill, ESET and Malwarebytes.

 

The other day, my Malwarebytes was still working.  It detected 2 viruses. 

 

- trojan.agent  - the item was a svhost.exe

- trojan.agent.gen - the item was my computer name -wchelper.dll

 

Are these really bad?  Malwarebytes found them and then i deleted it.  I restart computer and it keeps coming back.

 

Right now i am having more problems today.  I am really worried and frustrated right now.

 

I cannot open Malwarebytes anymore.  I get a Start Menu error:
"The item referred to by this shortcut canot be accessed.  You may not have the appropriate permissions."

 

I tried to uninstall Malwarebytes, but it wont let me.  It says Access is denied.  I wanted to  reinstall Malwarebytes but it says it already exists and wont work.  My malwarebytes completely not working.

 

I tried scanning with ESET Smart security, and it detects nothing.

 

I tried downloading other programs from the internet and there are errors now.

 

Also many my programs freeze when i try to open them example Skype.

 

 

Please tell me what can i do right now!  This is really stressing me right now and hope i can get help to fix all these problems.

 

 

Thank you again!

 

 

 

 

 

 

Link to post
Share on other sites

Hello and post-32477-1261866970.gif

 

P2P/Piracy Warning:

 

   

If you're using Peer 2 Peer software such as uTorrent, BitTorrent or similar you must either fully uninstall them or completely disable them from running while being assisted here.

Failure to remove or disable such software will result in your topic being closed and no further assistance being provided.

If you have illegal/cracked software, cracks, keygens etc. on the system, please remove or uninstall them now and read the policy on Piracy.

 

Download Farbar Recovery Scan Tool and save it to your desktop.

 

Note: You need to run the version compatible with your system (32 bit or 64 bit). If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

  • Double-click to run it. When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.

 

Kevin

Link to post
Share on other sites

Thank you for response!

Attached (Addition.txt) file

 

Here is the: (FRST.txt)

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 18-12-2013 05
Ran by vvind (administrator) on VVIND-PC on 18-12-2013 19:19:36
Running from C:\Users\vvind\Desktop
Windows 7 Ultimate Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 11
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
(Dropbox, Inc.) C:\Users\vvind\AppData\Roaming\Dropbox\bin\Dropbox.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\cvtres.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Tencent) C:\Program Files (x86)\Tencent\QQIntl\Bin\QQ.exe
(Tencent) C:\Program Files (x86)\Tencent\QQIntl\Bin\TXPlatform.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [egui] - C:\Program Files\ESET\ESET Smart Security\egui.exe [5618456 2013-09-12] (ESET)
HKCU\...\Run: [DAEMON Tools Lite] - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3672640 2013-03-14] (Disc Soft Ltd)
HKCU\...\Run: [QQIntl] - C:\Program Files (x86)\Tencent\QQIntl\Bin\QQ.exe [97976 2013-12-13] (Tencent)
HKCU\...\Run: [QQ2009] - C:\Program Files (x86)\Tencent\QQIntl\Bin\QQ.exe [97976 2013-12-13] (Tencent)
HKCU\...\CurrentVersion\Windows: [Load] C:\ProgramData\{$1284-9213-2940-1289$}\msconfig.exe <===== ATTENTION
HKLM-x32\...\Run: [GrooveMonitor] - C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [ATKOSD2] - C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [322208 2012-06-25] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [ATKMEDIA] - C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [174752 2012-06-19] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [HControlUser] - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUS)
Startup: C:\Users\vvind\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\vvind\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\vvind\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\explorer.ini.url ()

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254 75.153.176.9

FireFox:
========
FF ProfilePath: C:\Users\vvind\AppData\Roaming\Mozilla\Firefox\Profiles\e1oedp5m.default
FF Homepage: www.google.com
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf - C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll No File
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @qq.com/npchrome - C:\Program Files (x86)\Common Files\Tencent\Npchrome\npchrome.dll (Tencent)
FF Plugin-x32: @qq.com/npqscall - C:\Program Files (x86)\Common Files\Tencent\NPQSCALL\npqscall.dll (Tencent)
FF Plugin-x32: @qq.com/TXSSO - C:\Program Files (x86)\Common Files\Tencent\TXSSO\1.2.2.1\Bin\npSSOAxCtrlForPTLogin.dll (Tencent)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.6 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Extension: FireGestures - C:\Users\vvind\AppData\Roaming\Mozilla\Firefox\Profiles\e1oedp5m.default\Extensions\firegestures@xuldev.org.xpi
FF Extension: Adblock Plus - C:\Users\vvind\AppData\Roaming\Mozilla\Firefox\Profiles\e1oedp5m.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird

Chrome:
=======
CHR DefaultSearchKeyword: google.ca
CHR DefaultSearchProvider: Google
CHR DefaultSearchURL: {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\PepperFlash\pepflashplayer.dll No File
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\pdf.dll No File
CHR Plugin: (QQ2011) - C:\Program Files (x86)\Common Files\Tencent\NPQSCALL\npqscall.dll (Tencent)
CHR Plugin: (NPTXSSO Dynamic Link Library) - C:\Program Files (x86)\Common Files\Tencent\TXSSO\1.2.1.38\Bin\npSSOAxCtrlForPTLogin.dll No File
CHR Plugin: (Foxit Reader Plugin for Mozilla) - C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll No File
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll No File
CHR Plugin: (VLC Web Plugin) - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll No File
CHR Extension: (Docs) - C:\Users\vvind\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.0.0.6_0
CHR Extension: (Google Drive) - C:\Users\vvind\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.2_0
CHR Extension: (YouTube) - C:\Users\vvind\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0
CHR Extension: (Adblock Plus) - C:\Users\vvind\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.4_0
CHR Extension: (Google Search) - C:\Users\vvind\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0
CHR Extension: (Gmail) - C:\Users\vvind\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0

==================== Services (Whitelisted) =================

R2 ekrn; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [1337752 2013-09-12] (ESET)

==================== Drivers (Whitelisted) ====================

R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2013-05-27] (DT Soft Ltd)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [239320 2013-09-17] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [168256 2013-09-17] (ESET)
R2 epfw; C:\Windows\System32\DRIVERS\epfw.sys [220232 2013-09-17] (ESET)
R1 EpfwLWF; C:\Windows\System32\DRIVERS\EpfwLWF.sys [44120 2013-09-17] (ESET)
R0 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [62136 2013-09-17] (ESET)
U5 edevmon; C:\Windows\System32\Drivers\edevmon.sys [239296 2013-09-17] (ESET)
S3 VGPU; System32\drivers\rdvgkmd.sys [x]
S3 X6va012; \??\C:\Windows\SysWOW64\Drivers\X6va012 [x]
S3 X6va013; \??\C:\Windows\SysWOW64\Drivers\X6va013 [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-12-18 19:19 - 2013-12-18 19:19 - 00010132 _____ C:\Users\vvind\Desktop\FRST.txt
2013-12-18 19:19 - 2013-12-18 19:19 - 00000000 ____D C:\FRST
2013-12-18 19:17 - 2013-12-18 19:17 - 02192805 _____ (Farbar) C:\Users\vvind\Desktop\FRST64.exe
2013-12-18 06:55 - 2013-12-18 07:02 - 00000000 ____D C:\ProgramData\MFAData
2013-12-18 06:55 - 2013-12-18 06:55 - 04435768 _____ (AVG Technologies) C:\Users\vvind\Downloads\avg_avct_stb_all_2014_4259_cm10(2).exe
2013-12-18 06:55 - 2013-12-18 06:55 - 00000000 ____D C:\Users\vvind\AppData\Local\MFAData
2013-12-18 06:55 - 2013-12-18 06:55 - 00000000 ____D C:\Users\vvind\AppData\Local\Avg2014
2013-12-18 06:42 - 2013-12-18 06:54 - 00891200 _____ C:\Users\vvind\Downloads\SecurityCheck.exe
2013-12-18 06:41 - 2013-12-18 06:41 - 00000000 _____ C:\Users\vvind\Downloads\esetsmartinstaller_enu(1).exe
2013-12-18 06:40 - 2013-12-18 06:40 - 00000000 _____ C:\Users\vvind\Downloads\esetsmartinstaller_enu.exe
2013-12-18 06:34 - 2013-12-18 06:34 - 00000000 _____ C:\Users\vvind\Downloads\avg_avct_stb_all_2014_4259_cm10.exe
2013-12-18 06:34 - 2013-12-18 06:34 - 00000000 _____ C:\Users\vvind\Downloads\avg_avct_stb_all_2014_4259_cm10(1).exe
2013-12-18 06:24 - 2013-12-18 06:24 - 00019674 _____ C:\ComboFix.txt
2013-12-18 06:15 - 2011-06-25 22:45 - 00256000 _____ C:\Windows\PEV.exe
2013-12-18 06:15 - 2010-11-07 09:20 - 00208896 _____ C:\Windows\MBR.exe
2013-12-18 06:15 - 2009-04-19 20:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2013-12-18 06:15 - 2000-08-30 16:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2013-12-18 06:15 - 2000-08-30 16:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2013-12-18 06:15 - 2000-08-30 16:00 - 00098816 _____ C:\Windows\sed.exe
2013-12-18 06:15 - 2000-08-30 16:00 - 00080412 _____ C:\Windows\grep.exe
2013-12-18 06:15 - 2000-08-30 16:00 - 00068096 _____ C:\Windows\zip.exe
2013-12-18 06:14 - 2013-12-18 06:24 - 00000000 ____D C:\Qoobox
2013-12-18 06:14 - 2013-12-18 06:22 - 00000000 ____D C:\Windows\erdnt
2013-12-18 05:59 - 2013-12-18 06:01 - 219322176 _____ (Kaspersky Lab) C:\Users\vvind\Downloads\kav14.0.0.4651abcEN_5485.exe
2013-12-18 05:51 - 2013-12-18 05:51 - 00000000 _____ C:\Users\vvind\AppData\Roaming\system.ini
2013-12-18 04:47 - 2013-12-18 04:47 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\vvind\Downloads\mbam-setup-1.75.0.1300(1).exe
2013-12-18 03:23 - 2013-12-18 03:51 - 00000000 ____D C:\Users\vvind\Downloads\Chloe Lamb
2013-12-17 21:09 - 2013-12-17 21:09 - 00000000 ____D C:\Users\vvind\AppData\Local\CrashDumps
2013-12-17 16:44 - 2013-12-17 17:43 - 00000059 _____ C:\Users\vvind\AppData\Roaming\vvindv3.4.2.2.txt
2013-12-16 15:35 - 2013-12-16 15:40 - 00000000 ____D C:\Users\vvind\Desktop\New folder (3)
2013-12-14 10:20 - 2013-12-17 10:25 - 00000000 ____D C:\Users\vvind\Desktop\balmain
2013-12-14 09:46 - 2013-12-17 09:28 - 00000000 ____D C:\Users\vvind\Desktop\balenciaga
2013-12-13 04:42 - 2013-12-13 04:42 - 00002053 _____ C:\Users\Public\Desktop\Tencent QQ.lnk
2013-12-13 04:20 - 2013-12-13 04:20 - 00000000 ____D C:\Windows\ERUNT
2013-12-13 03:58 - 2013-12-13 03:58 - 05154339 ____R (Swearware) C:\Users\vvind\Desktop\ComboFix.exe
2013-12-13 03:57 - 2013-12-13 03:57 - 01034531 _____ (Thisisu) C:\Users\vvind\Desktop\JRT.exe
2013-12-13 03:32 - 2013-12-13 03:32 - 00000000 ____D C:\Program Files (x86)\Tencent
2013-12-13 03:31 - 2013-12-13 05:07 - 00000000 ____D C:\Users\vvind\AppData\Roaming\Tencent
2013-12-13 03:11 - 2013-03-18 18:17 - 00773968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr100.dll
2013-12-13 03:11 - 2013-03-18 18:17 - 00421200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp100.dll
2013-12-13 03:08 - 2013-12-13 03:09 - 50491064 _____ (Tencent) C:\Users\vvind\Downloads\QQIntl2.1.exe
2013-12-13 02:53 - 2013-12-18 04:54 - 00000000 ____D C:\AdwCleaner
2013-12-13 02:34 - 2013-12-13 02:34 - 04166144 _____ C:\Users\vvind\Desktop\RogueKillerX64.exe
2013-12-13 02:34 - 2013-12-13 02:34 - 01226802 _____ C:\Users\vvind\Desktop\adwcleaner.exe
2013-12-13 02:14 - 2013-12-13 02:14 - 01937144 _____ (Bleeping Computer, LLC) C:\Users\vvind\Desktop\rkill.com
2013-12-12 13:04 - 2013-12-12 13:04 - 00000000 ____D C:\Users\vvind\AppData\Roaming\ESET
2013-12-12 13:03 - 2013-12-12 13:03 - 00000000 ____D C:\ProgramData\ESET
2013-12-12 13:03 - 2013-12-12 13:03 - 00000000 ____D C:\Program Files\ESET
2013-12-12 12:51 - 2013-12-12 12:51 - 01581896 _____ (ESET) C:\Users\vvind\Downloads\eset_smart_security_live_installer.exe
2013-12-12 12:28 - 2013-12-12 12:28 - 00000095 _____ C:\Users\vvind\AppData\Roaming\mbam.context.scan
2013-12-12 03:03 - 2013-05-09 21:56 - 14631424 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2013-12-12 03:03 - 2013-05-09 21:56 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2013-12-12 03:03 - 2013-05-09 20:56 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2013-12-12 03:03 - 2013-05-09 20:56 - 11410432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2013-12-12 03:02 - 2013-12-15 08:49 - 00000000 ____D C:\Users\vvind\Desktop\hermes buckle
2013-12-12 03:01 - 2013-11-26 03:54 - 23183360 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-12-12 03:01 - 2013-11-26 02:19 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-12-12 03:01 - 2013-11-26 02:18 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2013-12-12 03:01 - 2013-11-26 02:11 - 17112576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-12-12 03:01 - 2013-11-26 01:48 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-12-12 03:01 - 2013-11-26 01:46 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2013-12-12 03:01 - 2013-11-26 01:41 - 02764288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-12-12 03:01 - 2013-11-26 01:29 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-12-12 03:01 - 2013-11-26 01:27 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-12-12 03:01 - 2013-11-26 01:23 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-12-12 03:01 - 2013-11-26 01:21 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-12-12 03:01 - 2013-11-26 01:18 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-12-12 03:01 - 2013-11-26 01:18 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2013-12-12 03:01 - 2013-11-26 01:16 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2013-12-12 03:01 - 2013-11-26 00:57 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-12-12 03:01 - 2013-11-26 00:38 - 02166784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-12-12 03:01 - 2013-11-26 00:38 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-12-12 03:01 - 2013-11-26 00:35 - 05769216 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-12-12 03:01 - 2013-11-26 00:32 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-12-12 03:01 - 2013-11-26 00:28 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2013-12-12 03:01 - 2013-11-26 00:16 - 04243968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-12-12 03:01 - 2013-11-26 00:02 - 01995264 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-12-12 03:01 - 2013-11-25 23:48 - 12996608 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-12-12 03:01 - 2013-11-25 23:32 - 01928192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-12-12 03:01 - 2013-11-25 23:26 - 11221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-12-12 03:01 - 2013-11-25 23:07 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-12-12 03:01 - 2013-11-25 22:40 - 01395200 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-12-12 03:01 - 2013-11-25 22:34 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-12-12 03:01 - 2013-11-25 22:34 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-12-12 03:01 - 2013-11-25 22:33 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-12-12 03:01 - 2013-11-25 22:27 - 01157632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-12-12 00:20 - 2013-12-18 06:37 - 00000000 __SHD C:\ProgramData\{$1284-9213-2940-1289$}
2013-12-11 22:29 - 2013-11-23 10:26 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2013-12-11 22:29 - 2013-11-23 09:47 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2013-12-11 22:29 - 2013-10-29 18:32 - 00335360 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll
2013-12-11 22:29 - 2013-10-29 18:19 - 00301568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msieftp.dll
2013-12-11 22:29 - 2013-10-29 17:24 - 03155968 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-12-11 22:28 - 2013-11-11 18:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2013-12-11 22:28 - 2013-11-11 18:07 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2013-12-11 22:28 - 2013-10-18 18:18 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2013-12-11 22:28 - 2013-10-18 17:36 - 00159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll
2013-12-11 22:28 - 2013-10-11 18:32 - 00150016 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2013-12-11 22:28 - 2013-10-11 18:31 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2013-12-11 22:28 - 2013-10-11 18:04 - 00121856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshom.ocx
2013-12-11 22:28 - 2013-10-11 18:03 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll
2013-12-11 22:28 - 2013-10-11 17:33 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
2013-12-11 22:28 - 2013-10-11 17:33 - 00156160 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2013-12-11 22:28 - 2013-10-11 17:15 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscript.exe
2013-12-11 22:28 - 2013-10-11 17:15 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe
2013-12-11 22:28 - 2013-10-03 18:16 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2013-12-11 22:28 - 2013-10-03 17:36 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2013-12-11 09:18 - 2013-12-12 10:44 - 00000000 ____D C:\Users\vvind\Desktop\cartier
2013-12-10 22:16 - 2013-12-17 15:13 - 02795520 _____ C:\Users\vvind\Desktop\Anderson 12.10 NEW.xlt
2013-12-10 02:17 - 2013-12-12 23:16 - 00000000 ____D C:\Users\vvind\AppData\Roaming\install
2013-12-10 00:06 - 2013-12-10 03:03 - 02647552 _____ C:\Users\vvind\Desktop\anderson 12.10.xlt
2013-12-08 02:13 - 2013-12-08 02:28 - 142829767 _____ C:\Users\vvind\Downloads\sassyfraz_2013-10-03.mp4
2013-12-06 03:42 - 2013-12-09 04:22 - 00000000 ____D C:\Users\vvind\Desktop\december belts chanel
2013-12-03 03:03 - 2013-10-14 18:00 - 00028368 _____ (Microsoft Corporation) C:\Windows\system32\IEUDINIT.EXE
2013-12-03 03:00 - 2013-12-03 03:03 - 00007276 _____ C:\Windows\IE11_main.log
2013-12-03 03:00 - 2013-12-03 03:00 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2013-12-03 03:00 - 2013-12-03 03:00 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2013-12-03 03:00 - 2013-12-03 03:00 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2013-12-03 03:00 - 2013-12-03 03:00 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2013-12-03 03:00 - 2013-12-03 03:00 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-12-03 03:00 - 2013-12-03 03:00 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2013-12-03 03:00 - 2013-12-03 03:00 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-12-03 03:00 - 2013-12-03 03:00 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-12-03 03:00 - 2013-12-03 03:00 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2013-12-03 03:00 - 2013-12-03 03:00 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-12-03 03:00 - 2013-12-03 03:00 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-12-03 03:00 - 2013-12-03 03:00 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-12-03 03:00 - 2013-12-03 03:00 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-12-03 03:00 - 2013-12-03 03:00 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2013-12-03 03:00 - 2013-12-03 03:00 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2013-12-03 03:00 - 2013-12-03 03:00 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-12-03 03:00 - 2013-12-03 03:00 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-12-03 03:00 - 2013-12-03 03:00 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2013-12-03 03:00 - 2013-12-03 03:00 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2013-12-03 03:00 - 2013-12-03 03:00 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2013-12-03 03:00 - 2013-12-03 03:00 - 00244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-12-03 03:00 - 2013-12-03 03:00 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2013-12-03 03:00 - 2013-12-03 03:00 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-12-03 03:00 - 2013-12-03 03:00 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-12-03 03:00 - 2013-12-03 03:00 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2013-12-03 03:00 - 2013-12-03 03:00 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-12-03 03:00 - 2013-12-03 03:00 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-12-03 03:00 - 2013-12-03 03:00 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2013-12-03 03:00 - 2013-12-03 03:00 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2013-12-03 03:00 - 2013-12-03 03:00 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-12-03 03:00 - 2013-12-03 03:00 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2013-12-03 03:00 - 2013-12-03 03:00 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-12-03 03:00 - 2013-12-03 03:00 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-12-03 03:00 - 2013-12-03 03:00 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2013-12-03 03:00 - 2013-12-03 03:00 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2013-12-03 03:00 - 2013-12-03 03:00 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-12-03 03:00 - 2013-12-03 03:00 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2013-12-03 03:00 - 2013-12-03 03:00 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2013-12-03 03:00 - 2013-12-03 03:00 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-12-03 03:00 - 2013-12-03 03:00 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-12-03 03:00 - 2013-12-03 03:00 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-12-03 03:00 - 2013-12-03 03:00 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-12-03 03:00 - 2013-12-03 03:00 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-12-03 03:00 - 2013-12-03 03:00 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2013-12-03 03:00 - 2013-12-03 03:00 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2013-12-03 03:00 - 2013-12-03 03:00 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-12-03 03:00 - 2013-12-03 03:00 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-12-03 03:00 - 2013-12-03 03:00 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-12-03 03:00 - 2013-12-03 03:00 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2013-12-03 03:00 - 2013-12-03 03:00 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-12-03 03:00 - 2013-12-03 03:00 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2013-12-03 03:00 - 2013-12-03 03:00 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2013-12-03 03:00 - 2013-12-03 03:00 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-12-03 03:00 - 2013-12-03 03:00 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-12-03 03:00 - 2013-12-03 03:00 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-12-03 03:00 - 2013-12-03 03:00 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-12-03 03:00 - 2013-12-03 03:00 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-12-03 03:00 - 2013-12-03 03:00 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2013-12-03 03:00 - 2013-12-03 03:00 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2013-12-03 03:00 - 2013-12-03 03:00 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-12-03 03:00 - 2013-12-03 03:00 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-12-03 03:00 - 2013-12-03 03:00 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2013-12-03 03:00 - 2013-12-03 03:00 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2013-12-03 03:00 - 2013-12-03 03:00 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-12-03 03:00 - 2013-12-03 03:00 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2013-12-03 03:00 - 2013-12-03 03:00 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2013-12-03 03:00 - 2013-12-03 03:00 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-12-03 03:00 - 2013-12-03 03:00 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2013-12-03 03:00 - 2013-12-03 03:00 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-12-03 03:00 - 2013-12-03 03:00 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2013-12-03 03:00 - 2013-12-03 03:00 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-12-03 03:00 - 2013-12-03 03:00 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2013-12-03 03:00 - 2013-12-03 03:00 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-12-03 03:00 - 2013-12-03 03:00 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2013-12-03 03:00 - 2013-12-03 03:00 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-12-03 03:00 - 2013-12-03 03:00 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2013-12-03 03:00 - 2013-12-03 03:00 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-12-02 02:16 - 2013-12-02 03:56 - 00000000 ____D C:\Users\vvind\Desktop\sanarykiss
2013-12-01 23:46 - 2013-12-01 23:47 - 00000000 ____D C:\Users\vvind\Desktop\mm
2013-11-30 10:48 - 2013-12-17 13:46 - 00000000 ____D C:\Users\vvind\Desktop\raquel kailena
2013-11-29 07:02 - 2013-11-29 07:03 - 00000000 ____D C:\Users\vvind\Desktop\mimi
2013-11-28 09:59 - 2013-11-28 10:01 - 00000000 ____D C:\Users\vvind\Downloads\AdorkableRawr
2013-11-27 07:20 - 2013-11-27 08:56 - 00000000 ____D C:\Users\vvind\Desktop\helena chan
2013-11-24 19:13 - 2013-11-29 05:17 - 02466304 _____ C:\Users\vvind\Desktop\anderson 11.25.xlt
2013-11-24 00:37 - 2013-11-24 00:54 - 69380578 _____ C:\Users\vvind\Downloads\Lovesushi_02.avi
2013-11-23 22:34 - 2013-11-23 22:35 - 29839431 _____ C:\Users\vvind\Downloads\jennmoonbunny1.mp4
2013-11-23 22:32 - 2013-11-23 23:02 - 128952990 _____ C:\Users\vvind\Downloads\Lovesushi_03.avi
2013-11-23 03:10 - 2013-11-23 03:11 - 00000000 ____D C:\Users\vvind\Desktop\ORDERS
2013-11-23 00:56 - 2013-11-23 00:56 - 00000000 ____D C:\Users\vvind\Desktop\New folder
2013-11-20 21:54 - 2013-11-20 22:27 - 00000000 ____D C:\Users\vvind\Desktop\New folder (2)
2013-11-20 05:35 - 2013-11-20 05:39 - 83903058 _____ C:\Users\vvind\Downloads\BombshellSexy02.avi
2013-11-20 04:29 - 2013-11-26 00:39 - 00000000 ____D C:\Users\vvind\Desktop\CHANEL CAVIAR CAVIAR
2013-11-19 01:46 - 2013-11-19 01:46 - 00277216 _____ C:\Windows\Minidump\111913-8704-01.dmp

==================== One Month Modified Files and Folders =======

2013-12-18 19:19 - 2013-12-18 19:19 - 00010132 _____ C:\Users\vvind\Desktop\FRST.txt
2013-12-18 19:19 - 2013-12-18 19:19 - 00000000 ____D C:\FRST
2013-12-18 19:17 - 2013-12-18 19:17 - 02192805 _____ (Farbar) C:\Users\vvind\Desktop\FRST64.exe
2013-12-18 19:15 - 2009-07-13 20:45 - 00026768 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-12-18 19:15 - 2009-07-13 20:45 - 00026768 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-12-18 15:05 - 2013-05-28 01:14 - 00000000 ____D C:\Users\vvind\Documents\Tencent Files
2013-12-18 07:02 - 2013-12-18 06:55 - 00000000 ____D C:\ProgramData\MFAData
2013-12-18 06:55 - 2013-12-18 06:55 - 04435768 _____ (AVG Technologies) C:\Users\vvind\Downloads\avg_avct_stb_all_2014_4259_cm10(2).exe
2013-12-18 06:55 - 2013-12-18 06:55 - 00000000 ____D C:\Users\vvind\AppData\Local\MFAData
2013-12-18 06:55 - 2013-12-18 06:55 - 00000000 ____D C:\Users\vvind\AppData\Local\Avg2014
2013-12-18 06:54 - 2013-12-18 06:42 - 00891200 _____ C:\Users\vvind\Downloads\SecurityCheck.exe
2013-12-18 06:41 - 2013-12-18 06:41 - 00000000 _____ C:\Users\vvind\Downloads\esetsmartinstaller_enu(1).exe
2013-12-18 06:41 - 2009-07-13 21:13 - 00778834 _____ C:\Windows\system32\PerfStringBackup.INI
2013-12-18 06:40 - 2013-12-18 06:40 - 00000000 _____ C:\Users\vvind\Downloads\esetsmartinstaller_enu.exe
2013-12-18 06:37 - 2013-12-12 00:20 - 00000000 __SHD C:\ProgramData\{$1284-9213-2940-1289$}
2013-12-18 06:37 - 2013-10-31 04:01 - 00013576 _____ C:\Windows\setupact.log
2013-12-18 06:37 - 2013-09-01 01:06 - 00000000 ___RD C:\Users\vvind\Dropbox
2013-12-18 06:37 - 2013-09-01 01:04 - 00000000 ____D C:\Users\vvind\AppData\Roaming\Dropbox
2013-12-18 06:37 - 2013-05-27 20:14 - 00000000 ___RD C:\Users\vvind\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-12-18 06:35 - 2013-10-31 04:00 - 00050014 _____ C:\Windows\PFRO.log
2013-12-18 06:34 - 2013-12-18 06:34 - 00000000 _____ C:\Users\vvind\Downloads\avg_avct_stb_all_2014_4259_cm10.exe
2013-12-18 06:34 - 2013-12-18 06:34 - 00000000 _____ C:\Users\vvind\Downloads\avg_avct_stb_all_2014_4259_cm10(1).exe
2013-12-18 06:34 - 2013-05-27 20:15 - 02084371 _____ C:\Windows\WindowsUpdate.log
2013-12-18 06:24 - 2013-12-18 06:24 - 00019674 _____ C:\ComboFix.txt
2013-12-18 06:24 - 2013-12-18 06:14 - 00000000 ____D C:\Qoobox
2013-12-18 06:24 - 2009-07-13 19:20 - 00000000 __RHD C:\Users\Default
2013-12-18 06:22 - 2013-12-18 06:14 - 00000000 ____D C:\Windows\erdnt
2013-12-18 06:22 - 2009-07-13 18:34 - 00000215 _____ C:\Windows\system.ini
2013-12-18 06:01 - 2013-12-18 05:59 - 219322176 _____ (Kaspersky Lab) C:\Users\vvind\Downloads\kav14.0.0.4651abcEN_5485.exe
2013-12-18 05:51 - 2013-12-18 05:51 - 00000000 _____ C:\Users\vvind\AppData\Roaming\system.ini
2013-12-18 05:25 - 2013-05-27 20:44 - 00000000 ____D C:\Users\vvind\AppData\Roaming\Skype
2013-12-18 05:01 - 2013-05-27 20:26 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-12-18 05:01 - 2013-05-27 20:26 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-12-18 04:55 - 2013-05-27 20:28 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-12-18 04:54 - 2013-12-13 02:53 - 00000000 ____D C:\AdwCleaner
2013-12-18 04:47 - 2013-12-18 04:47 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\vvind\Downloads\mbam-setup-1.75.0.1300(1).exe
2013-12-18 03:51 - 2013-12-18 03:23 - 00000000 ____D C:\Users\vvind\Downloads\Chloe Lamb
2013-12-18 03:40 - 2013-05-27 20:26 - 00000000 ____D C:\Users\vvind\AppData\Roaming\uTorrent
2013-12-17 21:09 - 2013-12-17 21:09 - 00000000 ____D C:\Users\vvind\AppData\Local\CrashDumps
2013-12-17 17:43 - 2013-12-17 16:44 - 00000059 _____ C:\Users\vvind\AppData\Roaming\vvindv3.4.2.2.txt
2013-12-17 15:13 - 2013-12-10 22:16 - 02795520 _____ C:\Users\vvind\Desktop\Anderson 12.10 NEW.xlt
2013-12-17 13:46 - 2013-11-30 10:48 - 00000000 ____D C:\Users\vvind\Desktop\raquel kailena
2013-12-17 10:25 - 2013-12-14 10:20 - 00000000 ____D C:\Users\vvind\Desktop\balmain
2013-12-17 10:19 - 2013-11-05 18:53 - 00000000 ____D C:\Users\vvind\Desktop\new
2013-12-17 09:28 - 2013-12-14 09:46 - 00000000 ____D C:\Users\vvind\Desktop\balenciaga
2013-12-16 15:40 - 2013-12-16 15:35 - 00000000 ____D C:\Users\vvind\Desktop\New folder (3)
2013-12-15 08:49 - 2013-12-12 03:02 - 00000000 ____D C:\Users\vvind\Desktop\hermes buckle
2013-12-14 14:55 - 2013-05-28 00:55 - 00000000 ____D C:\Users\vvind\Desktop\microphones
2013-12-13 05:07 - 2013-12-13 03:31 - 00000000 ____D C:\Users\vvind\AppData\Roaming\Tencent
2013-12-13 04:42 - 2013-12-13 04:42 - 00002053 _____ C:\Users\Public\Desktop\Tencent QQ.lnk
2013-12-13 04:27 - 2013-08-03 13:26 - 00000866 _____ C:\Users\Public\Desktop\CCleaner.lnk
2013-12-13 04:20 - 2013-12-13 04:20 - 00000000 ____D C:\Windows\ERUNT
2013-12-13 04:18 - 2009-07-13 21:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD
2013-12-13 04:17 - 2009-07-13 21:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-12-13 03:58 - 2013-12-13 03:58 - 05154339 ____R (Swearware) C:\Users\vvind\Desktop\ComboFix.exe
2013-12-13 03:57 - 2013-12-13 03:57 - 01034531 _____ (Thisisu) C:\Users\vvind\Desktop\JRT.exe
2013-12-13 03:32 - 2013-12-13 03:32 - 00000000 ____D C:\Program Files (x86)\Tencent
2013-12-13 03:12 - 2013-05-28 01:15 - 00000000 ____D C:\Users\Public\Documents\Tencent
2013-12-13 03:09 - 2013-12-13 03:08 - 50491064 _____ (Tencent) C:\Users\vvind\Downloads\QQIntl2.1.exe
2013-12-13 02:34 - 2013-12-13 02:34 - 04166144 _____ C:\Users\vvind\Desktop\RogueKillerX64.exe
2013-12-13 02:34 - 2013-12-13 02:34 - 01226802 _____ C:\Users\vvind\Desktop\adwcleaner.exe
2013-12-13 02:14 - 2013-12-13 02:14 - 01937144 _____ (Bleeping Computer, LLC) C:\Users\vvind\Desktop\rkill.com
2013-12-12 23:46 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\rescache
2013-12-12 23:16 - 2013-12-10 02:17 - 00000000 ____D C:\Users\vvind\AppData\Roaming\install
2013-12-12 13:04 - 2013-12-12 13:04 - 00000000 ____D C:\Users\vvind\AppData\Roaming\ESET
2013-12-12 13:04 - 2013-08-05 21:50 - 00000000 ____D C:\Users\vvind\AppData\Local\ESET
2013-12-12 13:03 - 2013-12-12 13:03 - 00000000 ____D C:\ProgramData\ESET
2013-12-12 13:03 - 2013-12-12 13:03 - 00000000 ____D C:\Program Files\ESET
2013-12-12 12:51 - 2013-12-12 12:51 - 01581896 _____ (ESET) C:\Users\vvind\Downloads\eset_smart_security_live_installer.exe
2013-12-12 12:34 - 2013-05-28 01:05 - 00000000 ____D C:\Users\vvind\Desktop\PIANO
2013-12-12 12:30 - 2009-07-13 20:45 - 00413344 _____ C:\Windows\system32\FNTCACHE.DAT
2013-12-12 12:29 - 2005-04-07 18:16 - 00126098 ____H C:\Users\vvind\AppData\Roaming\vvindlog.dat
2013-12-12 12:28 - 2013-12-12 12:28 - 00000095 _____ C:\Users\vvind\AppData\Roaming\mbam.context.scan
2013-12-12 10:44 - 2013-12-11 09:18 - 00000000 ____D C:\Users\vvind\Desktop\cartier
2013-12-12 03:02 - 2013-05-27 20:47 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-12-11 05:55 - 2013-05-27 20:28 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-12-11 05:55 - 2013-05-27 20:28 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-12-11 05:55 - 2013-05-27 20:28 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-12-10 03:03 - 2013-12-10 00:06 - 02647552 _____ C:\Users\vvind\Desktop\anderson 12.10.xlt
2013-12-09 06:50 - 2013-05-28 01:04 - 00000000 ____D C:\Users\vvind\Desktop\speedy neverfull keepall
2013-12-09 05:22 - 2013-05-28 01:05 - 01874896 _____ C:\Users\vvind\Desktop\1 LV BAGS1.xlsx
2013-12-09 04:22 - 2013-12-06 03:42 - 00000000 ____D C:\Users\vvind\Desktop\december belts chanel
2013-12-08 02:28 - 2013-12-08 02:13 - 142829767 _____ C:\Users\vvind\Downloads\sassyfraz_2013-10-03.mp4
2013-12-03 16:04 - 2013-05-27 20:14 - 00001413 _____ C:\Users\vvind\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-12-03 11:24 - 2013-05-27 20:20 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-12-03 11:23 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2013-12-03 03:03 - 2013-12-03 03:00 - 00007276 _____ C:\Windows\IE11_main.log
2013-12-03 03:00 - 2013-12-03 03:00 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2013-12-03 03:00 - 2013-12-03 03:00 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2013-12-03 03:00 - 2013-12-03 03:00 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2013-12-03 03:00 - 2013-12-03 03:00 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2013-12-03 03:00 - 2013-12-03 03:00 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-12-03 03:00 - 2013-12-03 03:00 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2013-12-03 03:00 - 2013-12-03 03:00 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-12-03 03:00 - 2013-12-03 03:00 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-12-03 03:00 - 2013-12-03 03:00 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2013-12-03 03:00 - 2013-12-03 03:00 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-12-03 03:00 - 2013-12-03 03:00 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-12-03 03:00 - 2013-12-03 03:00 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-12-03 03:00 - 2013-12-03 03:00 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-12-03 03:00 - 2013-12-03 03:00 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2013-12-03 03:00 - 2013-12-03 03:00 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2013-12-03 03:00 - 2013-12-03 03:00 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-12-03 03:00 - 2013-12-03 03:00 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-12-03 03:00 - 2013-12-03 03:00 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2013-12-03 03:00 - 2013-12-03 03:00 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2013-12-03 03:00 - 2013-12-03 03:00 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2013-12-03 03:00 - 2013-12-03 03:00 - 00244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-12-03 03:00 - 2013-12-03 03:00 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2013-12-03 03:00 - 2013-12-03 03:00 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-12-03 03:00 - 2013-12-03 03:00 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-12-03 03:00 - 2013-12-03 03:00 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2013-12-03 03:00 - 2013-12-03 03:00 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-12-03 03:00 - 2013-12-03 03:00 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-12-03 03:00 - 2013-12-03 03:00 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2013-12-03 03:00 - 2013-12-03 03:00 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2013-12-03 03:00 - 2013-12-03 03:00 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-12-03 03:00 - 2013-12-03 03:00 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2013-12-03 03:00 - 2013-12-03 03:00 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-12-03 03:00 - 2013-12-03 03:00 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-12-03 03:00 - 2013-12-03 03:00 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2013-12-03 03:00 - 2013-12-03 03:00 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2013-12-03 03:00 - 2013-12-03 03:00 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-12-03 03:00 - 2013-12-03 03:00 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2013-12-03 03:00 - 2013-12-03 03:00 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2013-12-03 03:00 - 2013-12-03 03:00 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-12-03 03:00 - 2013-12-03 03:00 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-12-03 03:00 - 2013-12-03 03:00 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-12-03 03:00 - 2013-12-03 03:00 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-12-03 03:00 - 2013-12-03 03:00 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-12-03 03:00 - 2013-12-03 03:00 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2013-12-03 03:00 - 2013-12-03 03:00 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2013-12-03 03:00 - 2013-12-03 03:00 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-12-03 03:00 - 2013-12-03 03:00 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-12-03 03:00 - 2013-12-03 03:00 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-12-03 03:00 - 2013-12-03 03:00 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2013-12-03 03:00 - 2013-12-03 03:00 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-12-03 03:00 - 2013-12-03 03:00 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2013-12-03 03:00 - 2013-12-03 03:00 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2013-12-03 03:00 - 2013-12-03 03:00 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-12-03 03:00 - 2013-12-03 03:00 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-12-03 03:00 - 2013-12-03 03:00 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-12-03 03:00 - 2013-12-03 03:00 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-12-03 03:00 - 2013-12-03 03:00 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-12-03 03:00 - 2013-12-03 03:00 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2013-12-03 03:00 - 2013-12-03 03:00 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2013-12-03 03:00 - 2013-12-03 03:00 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-12-03 03:00 - 2013-12-03 03:00 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-12-03 03:00 - 2013-12-03 03:00 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2013-12-03 03:00 - 2013-12-03 03:00 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2013-12-03 03:00 - 2013-12-03 03:00 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-12-03 03:00 - 2013-12-03 03:00 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2013-12-03 03:00 - 2013-12-03 03:00 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2013-12-03 03:00 - 2013-12-03 03:00 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-12-03 03:00 - 2013-12-03 03:00 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2013-12-03 03:00 - 2013-12-03 03:00 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-12-03 03:00 - 2013-12-03 03:00 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2013-12-03 03:00 - 2013-12-03 03:00 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-12-03 03:00 - 2013-12-03 03:00 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2013-12-03 03:00 - 2013-12-03 03:00 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-12-03 03:00 - 2013-12-03 03:00 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2013-12-03 03:00 - 2013-12-03 03:00 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-12-03 03:00 - 2013-12-03 03:00 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2013-12-03 03:00 - 2013-12-03 03:00 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-12-02 14:09 - 2013-05-28 01:05 - 00015576 _____ C:\Users\vvind\Desktop\2.20 order.txt
2013-12-02 03:56 - 2013-12-02 02:16 - 00000000 ____D C:\Users\vvind\Desktop\sanarykiss
2013-12-01 23:47 - 2013-12-01 23:46 - 00000000 ____D C:\Users\vvind\Desktop\mm
2013-11-29 07:03 - 2013-11-29 07:02 - 00000000 ____D C:\Users\vvind\Desktop\mimi
2013-11-29 05:17 - 2013-11-24 19:13 - 02466304 _____ C:\Users\vvind\Desktop\anderson 11.25.xlt
2013-11-28 10:24 - 2013-05-28 01:02 - 00000000 ____D C:\Users\vvind\AppData\Roaming\vlc
2013-11-28 10:01 - 2013-11-28 09:59 - 00000000 ____D C:\Users\vvind\Downloads\AdorkableRawr
2013-11-28 01:53 - 2013-06-17 05:55 - 00000000 ____D C:\Users\vvind\Desktop\buy
2013-11-27 08:56 - 2013-11-27 07:20 - 00000000 ____D C:\Users\vvind\Desktop\helena chan
2013-11-27 04:56 - 2013-05-27 20:26 - 00003894 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2013-11-27 04:56 - 2013-05-27 20:26 - 00003642 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2013-11-26 03:54 - 2013-12-12 03:01 - 23183360 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-11-26 02:19 - 2013-12-12 03:01 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-11-26 02:18 - 2013-12-12 03:01 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2013-11-26 02:11 - 2013-12-12 03:01 - 17112576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-11-26 01:48 - 2013-12-12 03:01 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-11-26 01:46 - 2013-12-12 03:01 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2013-11-26 01:41 - 2013-12-12 03:01 - 02764288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-11-26 01:29 - 2013-12-12 03:01 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-11-26 01:27 - 2013-12-12 03:01 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-11-26 01:23 - 2013-12-12 03:01 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-11-26 01:21 - 2013-12-12 03:01 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-11-26 01:18 - 2013-12-12 03:01 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-11-26 01:18 - 2013-12-12 03:01 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2013-11-26 01:16 - 2013-12-12 03:01 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2013-11-26 00:57 - 2013-12-12 03:01 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-11-26 00:39 - 2013-11-20 04:29 - 00000000 ____D C:\Users\vvind\Desktop\CHANEL CAVIAR CAVIAR
2013-11-26 00:38 - 2013-12-12 03:01 - 02166784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-11-26 00:38 - 2013-12-12 03:01 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-11-26 00:35 - 2013-12-12 03:01 - 05769216 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-11-26 00:32 - 2013-12-12 03:01 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-11-26 00:28 - 2013-12-12 03:01 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2013-11-26 00:16 - 2013-12-12 03:01 - 04243968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-11-26 00:02 - 2013-12-12 03:01 - 01995264 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-11-25 23:48 - 2013-12-12 03:01 - 12996608 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-11-25 23:32 - 2013-12-12 03:01 - 01928192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-11-25 23:26 - 2013-12-12 03:01 - 11221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-11-25 23:07 - 2013-12-12 03:01 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-11-25 22:40 - 2013-12-12 03:01 - 01395200 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-11-25 22:34 - 2013-12-12 03:01 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-11-25 22:34 - 2013-12-12 03:01 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-11-25 22:33 - 2013-12-12 03:01 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-11-25 22:27 - 2013-12-12 03:01 - 01157632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-11-24 00:54 - 2013-11-24 00:37 - 69380578 _____ C:\Users\vvind\Downloads\Lovesushi_02.avi
2013-11-23 23:02 - 2013-11-23 22:32 - 128952990 _____ C:\Users\vvind\Downloads\Lovesushi_03.avi
2013-11-23 22:35 - 2013-11-23 22:34 - 29839431 _____ C:\Users\vvind\Downloads\jennmoonbunny1.mp4
2013-11-23 10:26 - 2013-12-11 22:29 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2013-11-23 09:47 - 2013-12-11 22:29 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2013-11-23 06:15 - 2013-11-13 22:01 - 00000000 ____D C:\Users\vvind\Desktop\kali
2013-11-23 03:11 - 2013-11-23 03:10 - 00000000 ____D C:\Users\vvind\Desktop\ORDERS
2013-11-23 00:56 - 2013-11-23 00:56 - 00000000 ____D C:\Users\vvind\Desktop\New folder
2013-11-20 22:27 - 2013-11-20 21:54 - 00000000 ____D C:\Users\vvind\Desktop\New folder (2)
2013-11-20 05:39 - 2013-11-20 05:35 - 83903058 _____ C:\Users\vvind\Downloads\BombshellSexy02.avi
2013-11-19 03:33 - 2010-11-20 19:27 - 00267936 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2013-11-19 01:46 - 2013-11-19 01:46 - 00277216 _____ C:\Windows\Minidump\111913-8704-01.dmp
2013-11-19 01:46 - 2013-11-11 04:02 - 367127583 _____ C:\Windows\MEMORY.DMP
2013-11-19 01:46 - 2013-10-18 04:59 - 00000000 ____D C:\Windows\Minidump

Files to move or delete:
====================
C:\Users\vvind\AppData\Roaming\system.ini


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-12-12 14:16

==================== End Of Log ============================

Addition.txt

Link to post
Share on other sites

Download attached fixlist.txt file and save it to the Desktop, or the folder you saved FRST into.

NOTE. It's important that both FRST and fixlist.txt are in the same location or the fix will not work.

 

Run FRST and press the Fix button just once and wait.


The tool will make a log on the Desktop (Fixlog.txt). Please post it to your reply.

 

Next,

 

Run Malwarebytes,  Open > Settings Tab > Scanner Settings > Under action for PUP > Select: Show in Results List and Check for removal.

Please Update and run a Full scan

Make sure that everything is checked, and click Remove Selected on any found items.

 

Post the produced log

 

Next,

 

Download Zoek.zip from here http://www.hijackthis.nl/smeenk/220813/zoek.zip and save that zip file to your Desktop.

 

Double click zip file and extract to your  Desktop:

 

 

Zoekd.jpg

 

 

you will now have 3 versions of the tool on the Desktop:

 

 

Zoeke.jpg

 

Before running Zoek make sure all Browsers are closed and Security is turned OFF. Check at the following link: http://www.techsupportforum.com/forums/f50/how-to-disable-your-security-applications-490111.html[/url

 

Double click on each in turn until one version of Zoek will run (accept UAC) The following window will open:

 

 

Zoekb.jpg

 

 

Copy and paste the following script from the code box and paste into the field.

 

 

standardsearch;autoruns;autoclean;emptyclsid;emptyalltemp;  

 

 

Select the "Run Script" tab. The following window will open:

 

 

 

Zoekc.jpg

 

 

 

Please be patient and do not use the PC when the scan is in progress.

 

When complete you maybe asked to re-boot your PC, if so please do

 

Zoekf.jpg

 

Post the produced log in your next reply…..

 

fixlist.txt

Link to post
Share on other sites

Attached Fixlog,txt

 

 

Next step, starting Malwarebytes does not work.  I cannot run this program.  It gives me a error message that says:   " The item referred to by this shortcut cannot be accessed.  You may not have the appropriate permissions. "  My malwarebytes only started not working 2 days ago.  I also tried to uninstall Malwarebytes and it will not let me.  I tried reinstalling new version, also wont let me.  I am stuck here with malwarebytes how can i fix this part.  Attached picture of the error message.

 

 

Thank you for everything!!!

Fixlog.txt

post-152786-0-04849600-1387450932_thumb.

post-152786-0-37213300-1387450976_thumb.

Link to post
Share on other sites

Before running Zoek make sure all Browsers are closed and Security is turned OFF. Check at the following link: http://www.techsupportforum.com/forums/f50/how-to-disable-your-security-applications-490111.html[/url

Double click on Zoek to run (accept UAC) The following window will open:


Zoekb.jpg


Copy and paste the following script from the code box and paste into the field.

 

C:\PROGRA~2\COMMON~1\Tencent;fsC:\PROGRA~2\Tencent;fsC:\Users\vvind\AppData\Roaming\Tencent;fsC:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tencent Software;fsC:\Program Files (x86)\Tencent;fsC:\Users\vvind\Downloads\QQIntl2.1.exe;f[HKEY_USERS\S-1-5-21-2009450580-2934905059-176825126-1000\Software\Microsoft\Windows\CurrentVersion\Run]r;"QQIntl"=-;r[HKEY_USERS\S-1-5-21-2009450580-2934905059-176825126-1000\Software\Microsoft\Windows\CurrentVersion\Run]r;"QQ2009"=-;r[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]"QQIntl"=-;r[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]"QQ2009"=-;r

Select the "Run Script" tab. The following window will open:



Zoekc.jpg



Please be patient and do not use the PC when the scan is in progress.

When complete you maybe asked to re-boot your PC, if so please do

Zoekf.jpg

Post the produced log in your next reply…..

 

Next,

 

See if Malwarebytes can be re-installed....

 

Download and save mbam-clean.exe and save to your desktop from the following:

http://www.malwarebytes.org/mbam-clean.exe

Now do the following:
 



Extra Note:

If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediately.


 

Link to post
Share on other sites

Hi Kevin

 

This time you want me to do Zoek again?  and use the new script to run it?

 

Ok i will try to uninstall malwarebytes.  I tried before and it would not let me and gave me a error.  I dont think uninstalling will work, but i will try. 

 

Thanks i will update you soon!

Link to post
Share on other sites

  • Root Admin

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

  • 3 weeks later...

Thank you for reopening!

 

 

kevinf80:   I just want to let you know, my computer is freezing like crazy.  I finally figured it out and deleted mbam and reinstalled.  It freezes when i try to open certain programs.  Example when i open Malwarebytes, nothing shows up.  Need to wait 3-4 minutes then the scan will finally show up.  Example i open skype and its loading freeze for few minutes until it opens up properly.  I am not sure why its freezing like that, i guess its the viruses.

 

I have attached the ZOEK  results  and MBAM log.  Just want to let you know the last time i deleted the mbam viruses, after restarting computer, the viruses came back.  Not sure if the viruses are back right now.

 

 

Thanks!!

 

 

mbam-log-2014-01-09 (03-52-29).txt

zoek-results2.txt

Link to post
Share on other sites

After malwarebytes scan and deleting the viruses.  I restarted computer.  I notice i am still freezing so i am pretty sure i still have viruses. :(  

Example i am trying to open my QQ international messenger chat program.  The loading circle keeps spinning and freezing for 5 minutes+.  Finally it works after 5+ minutes of waiting.

 

thanks

Link to post
Share on other sites

Thanks for the reply, as it has been over 2 weeks since anything was done it is difficult to know what has changed. Run the following:

 

Delete any versions of Combofix that you may have on your Desktop, download a fresh copy from the following link :-

 

http://download.bleepingcomputer.com/sUBs/ComboFix.exe

 

  • Ensure that Combofix is saved directly to the Desktop <--- Very important
     
  • Disable all security programs as they will have a negative effect on Combofix, instructions available here  http://www.bleepingcomputer.com/forums/topic114351.html if required. Be aware the list may not have all programs listed, if you need more help please ask.
     
  • Close any open browsers and any other programs you might have running
     
  • Double click the combofix.gif icon to run the tool (Vista or Windows 7 users right click and select "Run as Administrator)
     
  • Instructions for running Combofix available here http://www.bleepingcomputer.com/combofix/how-to-use-combofix if required.
     
  • If you are using windows XP It might display a pop up saying that "Recovery console is not installed, do you want to install?" Please select yes & let it download the files it needs to do this. Once the recovery console is installed Combofix will then offer to scan for malware. Select continue or yes.
     
  • When finished, it will produce a report for you. Please post the "C:\ComboFix.txt" for further review

 

****Note: Do not mouseclick combofix's window while it's running. That may cause it to stall or freeze ****

 

Note: ComboFix may reset a number of Internet Explorer's settings, including making it the default browser.

Note: Combofix prevents autorun of ALL CDs, floppies and USB devices to assist with malware removal & increase security. If this is an issue or makes it difficult for you -- please tell us when you reply. Read here  http://thespykiller.co.uk/index.php?page=20 why  disabling autoruns is recommended.

 

*EXTRA NOTES*


    If Combofix detects any Rootkit/Bootkit activity on your system it will give a warning and prompt for a reboot, you must allow it to do so.
    If Combofix reboot's due to a rootkit, the screen may stay black for several minutes on reboot, this is normal
    If after running Combofix you receive any type of warning message about registry key's being listed for deletion when trying to open certain items, reboot the system and this will fix the issue (Those items will not be deleted)

 

Post the log in next reply please...

 

Kevin

Link to post
Share on other sites

1. Close any open browsers.

2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

3. Open notepad and copy/paste the text in the Codebox below into it:

ClearJavaCache::

 

Save this as CFScript.txt, and as Type: All Files (*.*) in the same location as ComboFix.exe

CF3.jpg

CFScriptB-4.gif

Refering to the picture above, drag CFScript into ComboFix.exe

When finished, it shall produce a log for you at C:\ComboFix.txt which I will require in your next reply.

 

Next,

 

We still need to run an online AV scan to ensure there are no remnants of any infection left on your system that we may have missed. This scan is very thorough and well worth running, it can take several hours please be patient and let it complete:

 

Run Eset Online Scanner

 

**Note** You will need to use Internet explorer for this scan - Vista and win 7 right click on IE shortcut and run as admin

 

Go to Eset web page http://www.eset.com/us/online-scanner/ to run an online scan from ESET.

 

  • Turn off the real time scanner of any existing antivirus program while performing the online scan
  • click on the Run ESET Online Scanner button
  • Tick the box next to YES, I accept the Terms of Use.
    Click Start
  • When asked, allow the add/on to be installed
    Click Start
  • Make sure that the option Remove found threats is unticked
  • Click on Advanced Settings, ensure the options
  • Scan for potentially unwanted applications, Scan for potentially unsafe applications, and Enable Anti-Stealth Technology are ticked.
    Click Scan
  • wait for the virus definitions to be downloaded
  • Wait for the scan to finish

 

When the scan is complete

 

  • If no threats were found
  • put a checkmark in "Uninstall application on close"
  • close program
  • report to me that nothing was found

 

If threats were found

 

  • click on "list of threats found"
  • click on "export to text file" and save it as ESET SCAN and save to the desktop
  • Click on back
  • put a checkmark in "Uninstall application on close"
  • click on finish

 

close program

 

copy and paste the report in next reply

 

Let me see those two logs, also give update on current issues/concerns. Do you still have same problem with freezing?

 

Kevin....

Link to post
Share on other sites

  • Root Admin

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

HI kevin

 

Sorry for the delay, i have been really busy away from home for work...

How long can i be inactive until post gets locked?  This time i will try to work with you fast as possible!

 

The last time you asked me to make a notepad and drag it to combo fix.  I did this and attached the combo fix file.

 

Next time you asked me to use internet explorer.  My internet explorer is not working.  It does not show anything on it.  I dont know what is the problem.  I tried to uninstall it but i cannot find it anywhere on system to uninstall.  I also tried reinstalling it and it said i already have the newest version.  Is it possible to use firefox to scan instead?  My internet explorer is completely blank and im not sure why.  Attached picture of what my internet explorer looks like.

 

 

Thank you again

 

 

ComboFix.txt

post-152786-0-52372600-1390194591_thumb.

Link to post
Share on other sites

Hi Kevin

 

I did what the link said.  I uninstallled IE11 update.  Now i go to the same place to search internet explorer.  It shows 'windows internet explorer 10'

 

Do i uninstall this IE 10 update as well???

 

I tried opening my internet explorer and its still blank :(

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.