Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

vprot.exe - Bad Image (AVG DLL error)

Started by Krishnaa , Feb 22 2013 03:02 AM

  • Please log in to reply

#61
Krishnaa
Posted 18 April 2013 - 05:47 PM

Krishnaa

    Member

  • Topic Starter
  • Member
  • PipPip
  • 47 posts
Alright. Low voltage problem again, I'll do it as soon as I can switch on the PC.
  • 0

Advertisements

#62
Krishnaa
Posted 19 April 2013 - 11:20 PM

Krishnaa

    Member

  • Topic Starter
  • Member
  • PipPip
  • 47 posts
I installed SP1, and when it rebooted, I got the blue screen error again, so I had to use System Restore again. But when I go to the minidump folder, only the one that was already there before is there. There isn't any new minidump entry.

The hotplug error still exists.
  • 0

#63
Jintan
Posted 20 April 2013 - 05:25 PM

Jintan

    Trusted Helper

  • Malware Removal
  • 904 posts
I have to ask about this low voltage problem. Is this normal for where you live?

Why did you have to do a Restore after the BSOD? The system wouldn't reboot to Windows? I admit restores just complicate things.

Do you have the means of creating a boot CD, so we can scan before Windows loads?
  • 0

#64
Krishnaa
Posted 20 April 2013 - 09:34 PM

Krishnaa

    Member

  • Topic Starter
  • Member
  • PipPip
  • 47 posts
Yeah, it's pretty normal here in the summer.

The BSOD appeared while booting up. It kept coming after the Loading Windows screen, before going to the Welcome screen it would reboot and the options for Startup Repair and Start Windows Normally would appear. When I select start normally, the same thing just repeats. And when I went to Startup Repair, it said the system had to be restored to an earlier working setting. If I clicked cancel, the same thing would repeat again.

I do have a writable CD drive in my laptop, is that what you mean?
  • 0

#65
Jintan
Posted 21 April 2013 - 05:14 PM

Jintan

    Trusted Helper

  • Malware Removal
  • 904 posts
Hold on that cd boot disk. I took a look at that dump file you sent. Although I almost always ignore what the files "strings" show near the end of the file:

\Device\HarddiskVolume2\Windows\System32\drivers\bthport.sys
bthport.sys
\REGISTR
BTHPORT.SYS
dows\System32\drivers\
6E-E325-11CE-BFC1-08002BE103
BTHPORT.SYS
CHINE\SYSTEM\Con
\REGISTRY\MACHIN
\Windows\System32\drivers\bthport.sys
INE\SYSTEM\ControlSet0
ystemRoot\System32\Drivers\bthport.sys
}ses
USBSTOR\Disk&Ven_SanDisk&Prod_Cruzer_Blade&Rev_1.20\2006087723162BB2080F&0
USBSTOR\Disk&Ven_PNY&Prod_USB_2.0_FD&Rev_8192\AAB6168400000677&0


BTHport.sys, and a Registry listing for a CD-Rom drive. And at least two usb drives recognized. Can you please list, detailed as possible, what all you have connected to this computer? Not the monitor etc., but external drives and any other devices?
  • 0

#66
Krishnaa
Posted 22 April 2013 - 11:24 PM

Krishnaa

    Member

  • Topic Starter
  • Member
  • PipPip
  • 47 posts
Currently I haven't got any external memory devices connected to the computer. There is a slight chance that my iPod could have been connected the last time I tried installing SP1, but I don't really remember. But the second time I tried SP1, I'm positive I had nothing connected to the PC externally other than the usual USB mouse, keyboard, etc.
  • 0

#67
Krishnaa
Posted 27 April 2013 - 10:55 PM

Krishnaa

    Member

  • Topic Starter
  • Member
  • PipPip
  • 47 posts
Do you want me to try again and take a photo of the BSOD I get again?
  • 0

#68
Jintan
Posted 28 April 2013 - 03:16 PM

Jintan

    Trusted Helper

  • Malware Removal
  • 904 posts
Go here and run the readiness tool (Windows 7 32-bit (x86)), reboot and try the update again. If you get a BSOD, yes, take a picture, but also on reboot try to access Safe Mode, without a need to restore. At startup tap the F8 key about once per half-second, then select Safe Mode with Networking from the menu that will appear.

If you are able to do that, see if you can grab the new minidump file for me to check.
  • 0

#69
Krishnaa
Posted 01 May 2013 - 01:45 AM

Krishnaa

    Member

  • Topic Starter
  • Member
  • PipPip
  • 47 posts
I downloaded the readiness tool and installed the HotFix (KB947821). Then I ran the SP1 installer. Halfway through, the computer switched off due to the voltage problem. Now when I try to install SP1 again, it says an error occurred. When I try the readiness tool again it says "Installing HotFix for Windows (KB947821) (update 1 of 1)...failed!" and the HotFix doesn't get installed.

I tried Microsoft's Fixit to reset the Update components but it still doesn't work.

Is the only option now to reinstall Windows completely? I really don't want to waste your time by keeping this going for so long!
  • 0

#70
Jintan
Posted 01 May 2013 - 04:58 PM

Jintan

    Trusted Helper

  • Malware Removal
  • 904 posts
I went back to that bluetooth device problem. This link (3/4 of the way down):

This hardware ID above is for a Bluetooth Sync Service on a Nokia phone connected to your PC with a Cambridge Silicon Radio Bluetooth dongle.


I see you have a Samsung Mobile Modem program installed. What do you use this for?
  • 0

Advertisements

#71
Krishnaa
Posted 01 May 2013 - 10:44 PM

Krishnaa

    Member

  • Topic Starter
  • Member
  • PipPip
  • 47 posts
It must have got installed when I connected my friend's Samsung mobile once. I don't need it now. Can I uninstall it?

Also, all of the folders in my external hard drives/pen drives become hidden and their shortcuts appear in their place. Even after using command prompt to unhide the files and deleting the shortcuts, they keep coming back. If it's a virus, I suspect it's from one of the laptops from my college. What do I do for this?

Edited by Krishnaa, 01 May 2013 - 10:46 PM.

  • 0

#72
Jintan
Posted 02 May 2013 - 05:08 PM

Jintan

    Trusted Helper

  • Malware Removal
  • 904 posts
Uninstall these, then reboot.

Samsung CLP-310 Series
Samsung Kies
SAMSUNG USB Driver for Mobile Phones

---------

Insert any suspect usb drives, and leave them installed until we finish here.

Download RSIT (random's system information tool) from here to your desktop. Then click on the RSIT.exe to open the RSIT display, and click the Continue button.

If RSIT downloads/installs HijackThis be sure to agree to the install of that.

Once the scan completes a textbox will open - copy/paste those contents here for review please. The log can also be found at C:\rsit\log.txt.

RSIT will also create a second log, info.txt, which will be minimized to your taskbar. Post that here as well please (it will also be stored at C:\rsit\info.txt).

You can break logs into parts and use separate posts here when replying and posting the log files, if needed.

---------

And with all usb drives installed, run Eset again (even if we scanned them already).

Disable your antivirus program and click here and download the esetsmartinstaller_enu.exe Eset installer. Then click that file to run the scanner.

If you accept the Terms of Use, check the box and click Start. It will take a couple minutes for the scanner to get ready. When the Computer scan settings display shows, check the following boxes:

Remove found threats
Scan unwanted applications

Next to "Current scan targets: Operating memory, Local drives", click the "Change" word. Make sure you place a check next to all disk drives, including any external drives that are attached (no need to check off the floppy or DVD/CD-Rom drives).

Then click the Advanced option, the place a check next to the following (if it is not already checked):

Enable Anti-Stealth technology

Click Start. This scan may take a while, so please be patient.

If infection is found, at the end of the scan click "List of found threats".

In that display, at the bottom, select the option to save the results as a text file, and save that to your desktop. Post that back here please.

Post that log and the RSIT logs please.
  • 0

#73
Krishnaa
Posted 03 May 2013 - 01:14 AM

Krishnaa

    Member

  • Topic Starter
  • Member
  • PipPip
  • 47 posts
RSIT's log.txt:

Logfile of random's system information tool 1.09 (written by random/random)
Run by Krishnaa at 2013-05-03 12:42:16
Microsoft Windows 7 Professional
System drive C: has 150 GB (73%) free of 205 GB
Total RAM: 3253 MB (52% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:42:24 PM, on 3/5/2013
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
C:\Windows\system32\taskeng.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Sony\PlayMemories Home\PMBVolumeWatcher.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Box Sync\BoxSyncHelper.exe
C:\Program Files\TK8 StickyNotes\TK8StickyNotes.exe
C:\Program Files\Sony\Sony PC Companion\PCCompanion.exe
C:\Program Files\Internet Download Manager\IDMan.exe
C:\Users\Krishnaa\AppData\Roaming\uTorrent\uTorrent.exe
C:\Program Files\Sony\Sony PC Companion\PCCompanionInfo.exe
C:\Windows\System32\WScript.exe
C:\Windows\system32\rundll32.exe
C:\Windows\System32\dinotify.exe
C:\Program Files\Internet Download Manager\IEMonitor.exe
C:\Program Files\Box Sync\BoxSync.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Users\Krishnaa\Desktop\RSIT.exe
C:\Program Files\trend micro\Krishnaa.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.babylo...0003860777ba906
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: Shell=
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GR469A~1.DLL
O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: (no name) - {ae07101b-46d4-4a98-af68-0333ea26e113} - (no file)
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [Everything] "C:\Program Files\Everything\Everything.exe" -startup
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [NSU_agent] "C:\Program Files\Nokia\Nokia Software Updater\nsu3ui_agent.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [PMBVolumeWatcher] C:\Program Files\Sony\PlayMemories Home\PMBVolumeWatcher.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [BoxSyncHelper] "C:\Program Files\Box Sync\BoxSyncHelper.exe"
O4 - HKCU\..\Run: [TK8 StickyNotes] "C:\Program Files\TK8 StickyNotes\TK8StickyNotes.exe"
O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_4146831668FEA1F68C3484BF16391934] "C:\Program Files\Google\Chrome\Application\chrome.exe" --no-startup-window
O4 - HKCU\..\Run: [Sony PC Companion] "C:\Program Files\Sony\Sony PC Companion\PCCompanion.exe" /Background
O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot
O4 - HKCU\..\Run: [uTorrent] "C:\Users\Krishnaa\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED
O4 - HKCU\..\Run: [897] C:\Users\Krishnaa\AppData\Roaming\9f6\897.js
O4 - Global Startup: Box Sync.lnk = C:\Program Files\Box Sync\BoxSync.exe
O8 - Extra context menu item: Download all links with IDM - C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: Download with IDM - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Free YouTube Download - C:\Users\Krishnaa\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Krishnaa\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GRA32A~1.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: PACE License Services (PaceLicenseDServices) - PACE Anti-Piracy, Inc. - C:\Program Files\Common Files\PACE\Services\LicenseServices\LDSvc.exe
O23 - Service: PMBDeviceInfoProvider - Sony Corporation - C:\Program Files\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: Sony PC Companion - Avanquest Software - C:\Program Files\Sony\Sony PC Companion\PCCService.exe

--
End of file - 8855 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

=========Mozilla firefox=========

ProfilePath - C:\Users\Krishnaa\AppData\Roaming\Mozilla\Firefox\Profiles\tz9gxuo2.default

prefs.js - "browser.search.useDBForOrder" - true

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.7.700.169 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_11_7_700_169.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Apple.com/iTunes,version=]
"Description"=iTunes Detector Plug-in
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Apple.com/iTunes,version=1.0]
"Description"=
"Path"=C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0]
"Description"=DivX Web Player
"Path"=C:\Program Files\DivX\DivX Web Player\npdivx32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0]
"Description"=DivX® Player Plugin for VOD Content
"Path"=C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.21.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@playstation.com/PsndlCheck,version=1.00]
"Description"=Plug-in to check PlayStation®Network Downloader.
"Path"=C:\Program Files\Sony\PLAYSTATION Network Downloader\nppsndl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@SonyCreativeSoftware.com/Media Go,version=1.0]
"Description"=
"Path"=C:\Program Files\Sony\Media Go\npmediago.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll

C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
nsIBitCometAgent.xpt
nsIQTScriptablePlugin.xpt

C:\Program Files\Mozilla Firefox\plugins\
npBitCometAgent.dll
nppdf32.dll
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
npqtplugin6.dll
npqtplugin7.dll
QuickTimePlugin.class

C:\Program Files\Mozilla Firefox\searchplugins\
amazondotcom.xml
babylon.xml
bing.xml
eBay.xml
google.xml
twitter.xml
wikipedia.xml
yahoo.xml

C:\Users\Krishnaa\AppData\Roaming\Mozilla\Firefox\Profiles\tz9gxuo2.default\searchplugins\
claro.xml
sweetim.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0055C089-8582-441B-A0BF-17B458C2A3A8}]
IDM integration (IDMIEHlprObj Class) - C:\Program Files\Internet Download Manager\IDMIECC.dll [2013-01-29 361280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23 60568]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office12\GR469A~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java™ Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2013-04-04 462752]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 441216]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java™ Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-04-04 171424]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{ae07101b-46d4-4a98-af68-0333ea26e113}

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2010-06-02 136216]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2010-06-02 171032]
"Persistence"=C:\Windows\system32\igfxpers.exe [2010-06-02 170008]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2010-05-07 9210400]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2006-10-27 31016]
"APSDaemon"=C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [2012-11-28 59280]
"Everything"=C:\Program Files\Everything\Everything.exe [2009-03-13 602624]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2010-08-10 421888]
"NSU_agent"=C:\Program Files\Nokia\Nokia Software Updater\nsu3ui_agent.exe [2012-02-28 190768]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-12-03 946352]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2012-09-09 421776]
"PMBVolumeWatcher"=C:\Program Files\Sony\PlayMemories Home\PMBVolumeWatcher.exe [2012-11-27 739936]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2013-03-12 253816]
"BoxSyncHelper"=C:\Program Files\Box Sync\BoxSyncHelper.exe [2013-02-21 393216]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"TK8 StickyNotes"=C:\Program Files\TK8 StickyNotes\TK8StickyNotes.exe [2011-01-05 9212720]
"GoogleChromeAutoLaunch_4146831668FEA1F68C3484BF16391934"=C:\Program Files\Google\Chrome\Application\chrome.exe [2013-04-09 1312720]
"Sony PC Companion"=C:\Program Files\Sony\Sony PC Companion\PCCompanion.exe [2013-03-18 448736]
"IDMan"=C:\Program Files\Internet Download Manager\IDMan.exe [2013-02-09 3565432]
"uTorrent"=C:\Users\Krishnaa\AppData\Roaming\uTorrent\uTorrent.exe [2013-04-17 802136]
"897"=C:\Users\Krishnaa\AppData\Roaming\9f6\897.js [2013-05-03 47255]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Box Sync.lnk - C:\Program Files\Box Sync\BoxSync.exe

C:\Users\Krishnaa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
de.js

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2010-06-02 228864]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office12\GR469A~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
"NoDriveTypeAutoRun"=255
"NoAutorun"=1
"HonorAutorunSetting"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"vidc.DIVX"=DivX.dll
"vidc.yv12"=DivX.dll
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"VIDC.FFDS"=ff_vfw.dll
"vidc.tscc"=C:\PROGRA~1\MpcStar\Codecs\tscc\tsccvid.dll
"msacm.vorbis"=vorbis.acm

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 month======

2013-05-03 12:42:16 ----D---- C:\rsit
2013-05-03 12:42:16 ----D---- C:\Program Files\trend micro
2013-05-02 13:09:30 ----D---- C:\ProgramData\ClubSanDisk
2013-05-01 13:34:40 ----A---- C:\Windows\system32\drivers\mbamchameleon.sys
2013-05-01 13:30:33 ----A---- C:\Windows\system32\drivers\mbamswissarmy.sys
2013-05-01 13:09:36 ----D---- C:\Windows\system32\catroot2
2013-05-01 13:06:37 ----D---- C:\Windows\SoftwareDistribution
2013-05-01 12:59:01 ----D---- C:\WUAGENT
2013-05-01 12:21:14 ----SHD---- C:\Users\Krishnaa\AppData\Roaming\9f6
2013-05-01 12:21:12 ----SHD---- C:\9e
2013-04-30 18:26:13 ----D---- C:\19a7205dfeeef8841d69
2013-04-30 18:20:35 ----D---- C:\Windows\CheckSur
2013-04-20 10:17:51 ----D---- C:\Windows\system32\SPReview
2013-04-20 09:58:08 ----D---- C:\0ff07cf1cca355d095b1f76bb2bb07b2
2013-04-18 11:09:54 ----D---- C:\Program Files\Common Files\Java
2013-04-18 11:09:45 ----A---- C:\Windows\system32\WindowsAccessBridge.dll
2013-04-18 11:09:45 ----A---- C:\Windows\system32\javaw.exe
2013-04-18 11:09:45 ----A---- C:\Windows\system32\java.exe
2013-04-18 10:57:46 ----D---- C:\EbuDllTmpDir
2013-04-17 16:39:58 ----D---- C:\Program Files\Sony Media Go Install
2013-04-14 06:27:55 ----D---- C:\Program Files\CPUID
2013-04-13 12:11:11 ----D---- C:\Program Files\GetColor!
2013-04-11 11:24:55 ----D---- C:\Users\Krishnaa\AppData\Roaming\Skype
2013-04-11 11:24:50 ----RD---- C:\Program Files\Skype
2013-04-11 11:24:50 ----D---- C:\Program Files\Common Files\Skype
2013-04-11 11:24:46 ----D---- C:\ProgramData\Skype

======List of files/folders modified in the last 1 month======

2013-05-03 12:42:21 ----D---- C:\Windows\Temp
2013-05-03 12:42:16 ----RD---- C:\Program Files
2013-05-03 12:40:54 ----D---- C:\Users\Krishnaa\AppData\Roaming\Box Sync
2013-05-03 12:40:50 ----D---- C:\Windows\system32\config
2013-05-03 12:40:31 ----D---- C:\Users\Krishnaa\AppData\Roaming\uTorrent
2013-05-03 12:39:02 ----D---- C:\Users\Krishnaa\AppData\Roaming\DMCache
2013-05-03 12:38:49 ----D---- C:\Program Files\Samsung
2013-05-03 12:38:43 ----D---- C:\Windows
2013-05-03 12:38:36 ----D---- C:\Windows\system32\DriverStore
2013-05-03 12:38:36 ----D---- C:\Windows\system32\catroot
2013-05-03 12:38:35 ----D---- C:\Windows\inf
2013-05-03 12:37:32 ----SHD---- C:\Windows\Installer
2013-05-03 12:37:32 ----D---- C:\Windows\System32
2013-05-03 12:37:32 ----D---- C:\ProgramData\Samsung
2013-05-03 12:37:31 ----D---- C:\Config.Msi
2013-05-03 12:36:55 ----SHD---- C:\System Volume Information
2013-05-03 12:36:31 ----RSD---- C:\Windows\assembly
2013-05-03 12:35:24 ----D---- C:\Windows\system32\drivers
2013-05-03 12:35:15 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-05-02 13:09:30 ----D---- C:\ProgramData
2013-05-01 12:52:01 ----D---- C:\Windows\system32\catroot2.old
2013-05-01 12:50:33 ----D---- C:\Windows\winsxs
2013-05-01 12:40:02 ----D---- C:\ProgramData\Sony Ericsson
2013-05-01 12:39:37 ----D---- C:\Program Files\Sony Ericsson
2013-05-01 12:19:53 ----D---- C:\ProgramData\boost_interprocess
2013-04-23 14:26:24 ----D---- C:\Windows\Microsoft.NET
2013-04-23 13:39:22 ----D---- C:\Program Files\Everything
2013-04-23 11:09:38 ----D---- C:\Program Files\Box Sync
2013-04-21 11:58:35 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2013-04-21 11:56:09 ----D---- C:\ProgramData\Adobe
2013-04-21 00:09:33 ----D---- C:\Program Files\Windows Portable Devices
2013-04-21 00:06:43 ----D---- C:\Program Files\Internet Explorer
2013-04-21 00:03:46 ----RSD---- C:\Windows\Fonts
2013-04-21 00:03:46 ----D---- C:\Windows\system32\wfp
2013-04-21 00:03:46 ----D---- C:\Windows\system32\wbem
2013-04-21 00:03:46 ----D---- C:\Windows\system32\sysprep
2013-04-21 00:03:46 ----D---- C:\Windows\system32\sppui
2013-04-21 00:03:46 ----D---- C:\Windows\system32\Setup
2013-04-21 00:03:46 ----D---- C:\Windows\system32\ras
2013-04-21 00:03:46 ----D---- C:\Windows\system32\oobe
2013-04-21 00:03:46 ----D---- C:\Windows\system32\migwiz
2013-04-21 00:03:46 ----D---- C:\Windows\system32\migration
2013-04-21 00:03:46 ----D---- C:\Windows\system32\manifeststore
2013-04-21 00:03:46 ----D---- C:\Windows\system32\ias
2013-04-21 00:03:46 ----D---- C:\Windows\system32\en-US
2013-04-21 00:03:46 ----D---- C:\Windows\system32\Dism
2013-04-21 00:03:46 ----D---- C:\Windows\system32\CodeIntegrity
2013-04-21 00:03:46 ----D---- C:\Windows\system32\Boot
2013-04-21 00:03:46 ----D---- C:\Windows\system32\AdvancedInstallers
2013-04-21 00:03:46 ----D---- C:\Windows\ShellNew
2013-04-21 00:03:46 ----D---- C:\Windows\IME
2013-04-21 00:03:46 ----D---- C:\Windows\ehome
2013-04-21 00:03:46 ----D---- C:\Windows\AppPatch
2013-04-21 00:03:46 ----D---- C:\Program Files\Windows Sidebar
2013-04-21 00:03:46 ----D---- C:\Program Files\Windows Photo Viewer
2013-04-21 00:03:46 ----D---- C:\Program Files\Windows Media Player
2013-04-21 00:03:46 ----D---- C:\Program Files\Windows Mail
2013-04-21 00:03:46 ----D---- C:\Program Files\Windows Journal
2013-04-21 00:03:46 ----D---- C:\Program Files\Windows Defender
2013-04-21 00:03:46 ----D---- C:\Program Files\DVD Maker
2013-04-21 00:03:46 ----D---- C:\Program Files\Common Files\System
2013-04-21 00:03:46 ----D---- C:\Program Files\Common Files\Services
2013-04-21 00:03:44 ----RSD---- C:\Windows\Media
2013-04-21 00:03:44 ----D---- C:\Windows\system32\zh-TW
2013-04-21 00:03:44 ----D---- C:\Windows\system32\zh-HK
2013-04-21 00:03:44 ----D---- C:\Windows\system32\zh-CN
2013-04-21 00:03:44 ----D---- C:\Windows\system32\uk-UA
2013-04-21 00:03:44 ----D---- C:\Windows\system32\tr-TR
2013-04-21 00:03:44 ----D---- C:\Windows\system32\th-TH
2013-04-21 00:03:44 ----D---- C:\Windows\system32\sv-SE
2013-04-21 00:03:44 ----D---- C:\Windows\system32\sr-Latn-CS
2013-04-21 00:03:44 ----D---- C:\Windows\system32\sl-SI
2013-04-21 00:03:44 ----D---- C:\Windows\system32\sk-SK
2013-04-21 00:03:44 ----D---- C:\Windows\system32\ru-RU
2013-04-21 00:03:44 ----D---- C:\Windows\system32\ro-RO
2013-04-21 00:03:44 ----D---- C:\Windows\system32\pt-PT
2013-04-21 00:03:44 ----D---- C:\Windows\system32\pt-BR
2013-04-21 00:03:44 ----D---- C:\Windows\system32\pl-PL
2013-04-21 00:03:44 ----D---- C:\Windows\system32\nl-NL
2013-04-21 00:03:44 ----D---- C:\Windows\system32\nb-NO
2013-04-21 00:03:44 ----D---- C:\Windows\system32\lv-LV
2013-04-21 00:03:44 ----D---- C:\Windows\system32\lt-LT
2013-04-21 00:03:44 ----D---- C:\Windows\system32\ko-KR
2013-04-21 00:03:44 ----D---- C:\Windows\system32\ja-JP
2013-04-21 00:03:44 ----D---- C:\Windows\system32\it-IT
2013-04-21 00:03:44 ----D---- C:\Windows\system32\hu-HU
2013-04-21 00:03:44 ----D---- C:\Windows\system32\hr-HR
2013-04-21 00:03:44 ----D---- C:\Windows\system32\he-IL
2013-04-21 00:03:44 ----D---- C:\Windows\system32\fr-FR
2013-04-21 00:03:44 ----D---- C:\Windows\system32\fi-FI
2013-04-21 00:03:44 ----D---- C:\Windows\system32\et-EE
2013-04-21 00:03:44 ----D---- C:\Windows\system32\es-ES
2013-04-21 00:03:44 ----D---- C:\Windows\system32\en
2013-04-21 00:03:44 ----D---- C:\Windows\system32\el-GR
2013-04-21 00:03:44 ----D---- C:\Windows\system32\drivers\en-US
2013-04-21 00:03:44 ----D---- C:\Windows\system32\de-DE
2013-04-21 00:03:44 ----D---- C:\Windows\system32\da-DK
2013-04-21 00:03:44 ----D---- C:\Windows\system32\cs-CZ
2013-04-21 00:03:44 ----D---- C:\Windows\system32\bg-BG
2013-04-21 00:03:44 ----D---- C:\Windows\system32\ar-SA
2013-04-21 00:03:44 ----D---- C:\Windows\system
2013-04-21 00:03:44 ----D---- C:\Windows\servicing
2013-04-21 00:03:44 ----D---- C:\Windows\PolicyDefinitions
2013-04-21 00:03:44 ----D---- C:\Windows\L2Schemas
2013-04-21 00:03:33 ----D---- C:\Windows\Tasks
2013-04-21 00:03:33 ----D---- C:\Windows\system32\spp
2013-04-21 00:03:33 ----D---- C:\Windows\system32\Speech
2013-04-21 00:03:32 ----D---- C:\Windows\system32\MUI
2013-04-21 00:03:30 ----D---- C:\Windows\system32\drivers\UMDF
2013-04-21 00:02:34 ----D---- C:\Windows\registration
2013-04-20 10:47:04 ----HD---- C:\Program Files\InstallShield Installation Information
2013-04-18 11:09:54 ----D---- C:\Program Files\Common Files
2013-04-18 11:09:45 ----D---- C:\Program Files\Java
2013-04-18 10:57:45 ----D---- C:\Program Files\Common Files\InstallShield
2013-04-17 16:49:39 ----D---- C:\Users\Krishnaa\AppData\Roaming\Sony
2013-04-17 16:45:04 ----D---- C:\Program Files\Common Files\Sony Shared
2013-04-14 10:27:39 ----D---- C:\Windows\system32\NDF
2013-04-12 12:12:53 ----D---- C:\Users\Krishnaa\AppData\Roaming\Audacity
2013-04-11 11:11:22 ----D---- C:\Windows\Minidump
2013-04-04 09:04:21 ----D---- C:\Windows\Prefetch

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12368]
R0 PxHelp20;PxHelp20; C:\Windows\System32\Drivers\PxHelp20.sys [2005-03-12 20640]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 173648]
R0 SMR311;Symantec SMR Utility Service 3.1.1; C:\Windows\System32\drivers\SMR311.SYS [2012-09-27 97440]
R0 TPkd;TPkd; C:\Windows\system32\drivers\TPkd.sys [2010-11-03 93304]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2009-07-14 387584]
R2 DgiVecp;DgiVecp; \??\C:\Windows\system32\Drivers\DgiVecp.sys [2007-08-13 41984]
R2 IDMWFP;IDMWFP; C:\Windows\system32\DRIVERS\idmwfp.sys [2012-11-22 100216]
R2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
R3 BthEnum;Bluetooth Enumerator Service; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-07-14 34816]
R3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 93696]
R3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2009-07-14 58880]
R3 e1kexpress;Intel® PRO/1000 PCI Express Network Connection Driver K; C:\Windows\system32\DRIVERS\e1k6232.sys [2010-04-05 224424]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 26840]
R3 HECI;Intel® Management Engine Interface; C:\Windows\system32\DRIVERS\HECI.sys [2009-09-17 41088]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2010-06-02 8758272]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2010-05-07 3092704]
R3 IntcDAud;Intel® Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2010-02-03 232960]
R3 P16X;Sound Blaster 5.1; C:\Windows\system32\drivers\P16X.sys [2005-07-22 1275776]
R3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2009-07-14 133120]
R3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 129536]
S2 SSPORT;SSPORT; \??\C:\Windows\system32\Drivers\SSPORT.sys []
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\DRIVERS\amdagp.sys [2009-07-14 53312]
S3 Apowersoft_AudioDevice;Apowersoft_AudioDevice; C:\Windows\system32\drivers\Apowersoft_AudioDevice.sys [2010-12-30 16640]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 78336]
S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2009-07-14 392704]
S3 catchme;catchme; \??\C:\Users\Krishnaa\AppData\Local\Temp\catchme.sys []
S3 ggflt;SEMC USB Flash Driver Filter; C:\Windows\system32\DRIVERS\ggflt.sys [2012-10-24 12400]
S3 ggsemc;SEMC USB Flash Driver; C:\Windows\system32\DRIVERS\ggsemc.sys [2012-10-24 25200]
S3 mbamchameleon;mbamchameleon; \??\C:\Windows\system32\drivers\mbamchameleon.sys [2013-05-01 31560]
S3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\Windows\system32\drivers\mbamswissarmy.sys [2013-05-01 40776]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmb.sys [2012-01-09 18176]
S3 nmwcdc;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbo.sys [2012-01-09 23168]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 s3cap;s3cap; C:\Windows\system32\DRIVERS\vms3cap.sys [2009-07-14 5632]
S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\DRIVERS\sisagp.sys [2009-07-14 52304]
S3 storvsc;storvsc; C:\Windows\system32\DRIVERS\storvsc.sys [2010-11-20 28032]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerflt.sys [2012-01-09 8192]
S3 USBAAPL;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl.sys [2012-09-28 44544]
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2009-07-14 27648]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltj.sys [2012-01-09 8192]
S3 VClone;VClone; C:\Windows\system32\DRIVERS\VClone.sys [2011-01-15 30208]
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\DRIVERS\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\DRIVERS\vmbus.sys [2010-11-20 175360]
S3 VMBusHID;VMBusHID; C:\Windows\system32\DRIVERS\VMBusHID.sys [2009-07-14 17920]
S3 WinRing0_1_2_0;WinRing0_1_2_0; \??\C:\Program Files\Razer\Razer Game Booster\Driver\WinRing0.sys []
S3 WinUsb;Sony so0101 ADB Interface; C:\Windows\system32\DRIVERS\WinUsb.sys [2009-07-14 34944]
S3 WsAudio_DeviceS(1);WsAudio_DeviceS(1); C:\Windows\system32\drivers\WsAudio_DeviceS(1).sys [2011-12-09 25704]
S3 WsAudio_DeviceS(2);WsAudio_DeviceS(2); C:\Windows\system32\drivers\WsAudio_DeviceS(2).sys [2011-12-09 25704]
S3 WsAudio_DeviceS(3);WsAudio_DeviceS(3); C:\Windows\system32\drivers\WsAudio_DeviceS(3).sys [2011-12-09 25704]
S3 WsAudio_DeviceS(4);WsAudio_DeviceS(4); C:\Windows\system32\drivers\WsAudio_DeviceS(4).sys [2011-12-09 25704]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-12-19 65192]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2012-08-11 55184]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 390504]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 PaceLicenseDServices;PACE License Services; C:\Program Files\Common Files\PACE\Services\LicenseServices\LDSvc.exe [2010-12-24 2678784]
R2 PMBDeviceInfoProvider;PMBDeviceInfoProvider; C:\Program Files\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [2012-11-27 479840]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2011-03-28 1713536]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2012-09-09 821648]
R3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate;Google Update Service (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2012-02-05 136176]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2013-02-28 161384]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-04-21 256904]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 gupdatem;Google Update Service (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2012-02-05 136176]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-27 65824]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2013-03-22 115608]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2012-01-04 718888]
S3 Sony PC Companion;Sony PC Companion; C:\Program Files\Sony\Sony PC Companion\PCCService.exe [2013-02-04 155824]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

-----------------EOF-----------------
  • 0

#74
Krishnaa
Posted 03 May 2013 - 01:14 AM

Krishnaa

    Member

  • Topic Starter
  • Member
  • PipPip
  • 47 posts
RSIT's info.txt:

info.txt logfile of random's system information tool 1.09 2013-05-03 12:42:26

======Uninstall list======

-->C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
-->C:\Program Files\Sony Ericsson\Update Engine\uninst.exe
-->MsiExec.exe /I{403EF592-953B-4794-BCEF-ECAB835C2095}
-->MsiExec.exe /I{A8D40741-490C-4190-82F2-62909891414B}
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{107254A0-0ADF-11D4-9397-00D0B7020B38}\setup.exe"
µTorrent-->"C:\Users\Krishnaa\AppData\Roaming\uTorrent\uTorrent.exe" /UNINSTALL
Acrobat.com-->MsiExec.exe /X{287ECFA4-719A-2143-A09B-D6A12DE54E40}
Adobe AIR-->C:\Program Files\Common Files\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstall
Adobe AIR-->MsiExec.exe /I{A2BCA9F1-566C-4805-97D1-7FDC93386723}
Adobe Digital Editions 2.0-->"C:\Program Files\Adobe\Adobe Digital Editions 2.0\uninstall.exe"
Adobe Flash Player 11 ActiveX-->C:\Windows\system32\Macromed\Flash\FlashUtil32_11_6_602_180_ActiveX.exe -maintain activex
Adobe Flash Player 11 Plugin-->C:\Windows\system32\Macromed\Flash\FlashUtil32_11_7_700_169_Plugin.exe -maintain plugin
Adobe Reader XI (11.0.02)-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-AB0000000001}
Antares Auto-Tune 7 VST-->MsiExec.exe /X{5AF6EE47-C991-43E9-8621-20756557BEA4}
Antares Autotune VST v5.09-->"C:\Program Files\Antares Audio Technologies\Uninstall\unins000.exe"
Any Video Converter 3.5.7-->"C:\Program Files\AnvSoft\Any Video Converter\unins000.exe"
Any Video Converter 5 5.0.3-->"C:\Program Files\AnvSoft\Any Video Converter 5\unins000.exe"
A-PDF Split-->"C:\Program Files\A-PDF Split\unins000.exe"
Apple Application Support-->MsiExec.exe /I{CCE825DB-347A-4004-A186-5F4A6FDD8547}
Apple Mobile Device Support-->MsiExec.exe /I{459699C3-9430-4381-964B-4248D87B49F9}
Apple Software Update-->MsiExec.exe /I{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}
ASIO4ALL-->C:\Program Files\ASIO4ALL v2\uninstall.exe
Audacity 1.3.9 (Unicode)-->"C:\Program Files\Audacity 1.3 Beta (Unicode)\unins000.exe"
Audacity 2.0.3-->"C:\Program Files\Audacity\unins000.exe"
Bonjour-->MsiExec.exe /X{79155F2B-9895-49D7-8612-D92580E0DE5B}
Box Sync-->MsiExec.exe /X{8290085B-15BB-4E5A-BA47-535E5B1B1336}
CCleaner-->"C:\Program Files\CCleaner\uninst.exe"
CPUID CPU-Z 1.63.0-->"C:\Program Files\CPUID\CPU-Z\unins000.exe"
D3DX10-->MsiExec.exe /X{E09C4DB7-630C-4F06-A631-8EA7239923AF}
DivX Codec-->C:\Program Files\DivX\DivXCodecUninstall.exe /CODEC
DivX Converter-->C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
DivX Player-->C:\Program Files\DivX\DivXPlayerUninstall.exe /PLAYER
DivX Plus DirectShow Filters-->C:\Program Files\DivX\DivXDSFiltersUninstall.exe /DSFILTERS
DivX Web Player-->C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN
ESET Online Scanner v3-->C:\Program Files\ESET\ESET Online Scanner\OnlineScannerUninstaller.exe
Everything 1.2.1.371-->C:\Program Files\Everything\Uninstall.exe
EZdrummer-->MsiExec.exe /I{43E8D9E7-AFC9-4BA3-8106-B95E02B87AB7}
EZXDfh-->MsiExec.exe /I{DB1299AF-9EE0-422B-959E-F4171B2AE0F7}
FL Studio 9-->C:\Program Files\Image-Line\FL Studio 9\uninstall.exe
Flowcode V4 for AVRs-->MsiExec.exe /I{DB261EC9-3989-4982-ADCD-387DF3DF1E7D}
FlyteDownloadManager version 1.2.4.0-->"C:\Program Files\FlyteDownloadManager\unins000.exe"
Free YouTube Download version 3.1.37.918-->C:\Program Files\Common Files\DVDVideoSoft\Uninstall.exe
Free YouTube to MP3 Converter version 3.11.32.918-->C:\Program Files\Common Files\DVDVideoSoft\Uninstall.exe
FreeUndelete 2.1.36867.1-->MsiExec.exe /X{0F5ADA2F-C0B2-4AD6-8FF7-7DFA9D6B4CBA}
Google Chrome-->"C:\Program Files\Google\Chrome\Application\26.0.1410.64\Installer\setup.exe" --uninstall --multi-install --chrome --system-level
Google Tamil Input-->C:\Program Files\Google\Google Tamil Input\GoogleInputUninstaller.exe
Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
Hardcore-->C:\Program Files\Image-Line\Hardcore\uninstall.exe
High-Definition Video Playback-->MsiExec.exe /X{237CCB62-8454-43E3-B158-3ACD0134852E}
Hotfix for Microsoft .NET Framework 4 Client Profile (KB2461678)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {99A120B0-F930-3427-A833-FAD753B85527} /parameterfolder Client
IL Download Manager-->C:\Program Files\Image-Line\Downloader\uninstall.exe
Intel® Control Center-->C:\Program Files\Intel\Intel Control Center\uninstaller\SetupICC.exe -uninstall -force -confirm
Intel® Graphics Media Accelerator Driver-->C:\Program Files\Intel\Intel® Graphics Media Accelerator Driver\Uninstall\setup.exe -uninstall
Intel® Network Connections 15.3.68.0-->MsiExec.exe /i{D5558268-0050-4B95-AD5E-426960E1EFE1} ARPREMOVE=1
Intel® Network Connections 15.3.68.0-->MsiExec.exe /i{D5558268-0050-4B95-AD5E-426960E1EFE1} ARPREMOVE=1
Interlok driver setup x32-->MsiExec.exe /X{25613C10-27D2-410B-942B-D922D5C3A7BE}
Internet Download Manager-->C:\Program Files\Internet Download Manager\Uninstall.exe
iTunes-->MsiExec.exe /I{0F6F6876-6334-4977-B5DD-CFC12E193420}
Java 7 Update 21-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83217017FF}
Java SE Development Kit 7 Update 9-->MsiExec.exe /I{32A3A4F4-B792-11D6-A78A-00B0D0170090}
LAME v3.98.2 for Audacity-->"C:\Program Files\Lame for Audacity\unins000.exe"
Magic ISO Maker v5.5 (build 0276)-->C:\PROGRA~1\MagicISO\UNWISE.EXE C:\PROGRA~1\MagicISO\INSTALL.LOG
Malwarebytes Anti-Malware version 1.70.0.1100-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
MATLAB R2010b-->C:\Program Files\MATLAB\R2010b\uninstall\bin\win32\uninstall.exe C:\Program Files\MATLAB\R2010b
Media Go Video Playback Engine 1.116.103.02020-->MsiExec.exe /X{54215B8A-6212-8DB8-39B4-98EE2BB98BD1}
Media Go-->MsiExec.exe /X{362AB21A-E2C4-40CE-81C2-8C4D62B0635A}
Microsoft .NET Framework 4 Client Profile-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\Setup.exe /repair /x86 /parameterfolder Client
Microsoft .NET Framework 4 Client Profile-->MsiExec.exe /X{3C3901C5-3455-3E0A-A214-0B093A5070A6}
Microsoft .NET Framework 4 Extended-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Extended\Setup.exe /repair /x86 /parameterfolder Extended
Microsoft .NET Framework 4 Extended-->MsiExec.exe /X{0A0CADCF-78DA-33C4-A350-CD51849B9702}
Microsoft Games for Windows - LIVE Redistributable-->MsiExec.exe /X{F2508213-9989-4E85-A078-72BE483917EF}
Microsoft Games for Windows Marketplace-->MsiExec.exe /X{4CB0307C-565E-4441-86BE-0DF2E4FB828C}
Microsoft Office Access MUI (English) 2007-->MsiExec.exe /X{90120000-0015-0409-0000-0000000FF1CE}
Microsoft Office Access Setup Metadata MUI (English) 2007-->MsiExec.exe /X{90120000-0117-0409-0000-0000000FF1CE}
Microsoft Office Enterprise 2007-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall ENTERPRISE /dll OSETUP.DLL
Microsoft Office Enterprise 2007-->MsiExec.exe /X{90120000-0030-0000-0000-0000000FF1CE}
Microsoft Office Excel MUI (English) 2007-->MsiExec.exe /X{90120000-0016-0409-0000-0000000FF1CE}
Microsoft Office Groove MUI (English) 2007-->MsiExec.exe /X{90120000-00BA-0409-0000-0000000FF1CE}
Microsoft Office Groove Setup Metadata MUI (English) 2007-->MsiExec.exe /X{90120000-0114-0409-0000-0000000FF1CE}
Microsoft Office InfoPath MUI (English) 2007-->MsiExec.exe /X{90120000-0044-0409-0000-0000000FF1CE}
Microsoft Office OneNote MUI (English) 2007-->MsiExec.exe /X{90120000-00A1-0409-0000-0000000FF1CE}
Microsoft Office Outlook MUI (English) 2007-->MsiExec.exe /X{90120000-001A-0409-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (English) 2007-->MsiExec.exe /X{90120000-0018-0409-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}
Microsoft Office Proofing (English) 2007-->MsiExec.exe /X{90120000-002C-0409-0000-0000000FF1CE}
Microsoft Office Publisher MUI (English) 2007-->MsiExec.exe /X{90120000-0019-0409-0000-0000000FF1CE}
Microsoft Office Shared MUI (English) 2007-->MsiExec.exe /X{90120000-006E-0409-0000-0000000FF1CE}
Microsoft Office Shared Setup Metadata MUI (English) 2007-->MsiExec.exe /X{90120000-0115-0409-0000-0000000FF1CE}
Microsoft Office Word MUI (English) 2007-->MsiExec.exe /X{90120000-001B-0409-0000-0000000FF1CE}
Microsoft Save as PDF or XPS Add-in for 2007 Microsoft Office programs-->MsiExec.exe /X{90120000-00B2-0409-0000-0000000FF1CE}
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218-->MsiExec.exe /X{E503B4BF-F7BB-3D5F-8BC8-F694B1CFF942}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148-->MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161-->MsiExec.exe /X{9BE518E6-ECC6-35A9-88E4-87755C07200F}
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219-->MsiExec.exe /X{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}
Mozilla Firefox 19.0.2 (x86 en-US)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
Mozilla Maintenance Service-->"C:\Program Files\Mozilla Maintenance Service\uninstall.exe"
MpcStar 5.4-->C:\Program Files\MpcStar\uninst.exe
MSVC80_x86_v2-->MsiExec.exe /I{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}
MSVCRT-->MsiExec.exe /I{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}
MSXML 4.0 SP2 Parser and SDK-->MsiExec.exe /I{716E0306-8318-4364-8B8F-0CC4E9376BAC}
MSXML 4.0 SP3 Parser-->MsiExec.exe /I{196467F1-C11F-4F76-858B-5812ADC83B94}
Nero BackItUp 10 Help (CHM)-->MsiExec.exe /X{08C8666B-C502-4AB3-B4CB-D74AC42D14FE}
Nero BurnRights 10 Help (CHM)-->MsiExec.exe /X{555868C6-49FB-484F-BB43-8980651A1B00}
Nero Control Center 10-->MsiExec.exe /X{6DFB899F-17A2-48F0-A533-ED8D6866CF38}
Nero ControlCenter 10 Help (CHM)-->MsiExec.exe /X{523B2B1B-D8DB-4B41-90FF-C4D799E2758A}
Nero Core Components 10-->MsiExec.exe /X{2436F2A8-4B7E-4B6C-AE4E-604C84AA6A4F}
Nero CoverDesigner 10 Help (CHM)-->MsiExec.exe /X{C3273C55-E1E4-41FF-8D69-0158090DB8D8}
Nero DiscCopyGadget 10 Help (CHM)-->MsiExec.exe /X{5F548A02-80BC-404D-BAE6-F05F9BF6B449}
Nero DiscSpeed 10 Help (CHM)-->MsiExec.exe /X{C18A0418-442A-4186-AF98-D08F5054A2FC}
Nero Express 10 Help (CHM)-->MsiExec.exe /X{33643918-7957-4839-92C7-EA96CB621A98}
Nero Express 10-->MsiExec.exe /X{70550193-1C22-445C-8FA4-564E155DB1A7}
Nero InfoTool 10 Help (CHM)-->MsiExec.exe /X{66049135-9659-4AAD-9169-9CCA269EBB3E}
Nero Multimedia Suite 10 Essentials-->MsiExec.exe /I{89590A73-9AC3-48ED-B83E-6489900DED5A}
Nero StartSmart 10 Help (CHM)-->MsiExec.exe /X{F6117F9C-ADB5-4590-9BE4-12C7BEC28702}
Nero StartSmart 10-->MsiExec.exe /X{F61D489E-6C44-49AC-AD02-7DA8ACA73A65}
Nokia Connectivity Cable Driver-->MsiExec.exe /I{A57025CC-5F2E-4D01-B387-06DB10500D43}
Nokia PC Suite-->C:\ProgramData\Installations\{F38FD0E4-B991-462B-873D-F2115EADD093}\Nokia_PC_Suite_eng_web.exe
Nokia PC Suite-->MsiExec.exe /I{F38FD0E4-B991-462B-873D-F2115EADD093}
Nokia Software Updater-->MsiExec.exe /X{7130468A-F53F-4698-8C09-A339EA3B05E6}
PC Connectivity Solution-->MsiExec.exe /I{A2AA4204-C05A-4013-888A-AD153139297F}
PDFCreator-->C:\Program Files\PDFCreator\unins000.exe
Pixillion Image Converter-->"C:\Program Files\NCH Software\Pixillion\pixillion.exe" -uninstall
PlayMemories Home-->MsiExec.exe /X{1E5C7043-09C5-4974-A69F-A5271FD82BBC}
PlayStation®Network Downloader-->MsiExec.exe /X{B6659DD8-00A7-4A24-BBFB-C1F6982E5D66}
PlayStation®Store-->MsiExec.exe /X{0E532C84-4275-41B3-9D81-D4A1A20D8EE7}
PoiZone-->C:\Program Files\Image-Line\PoiZone\uninstall.exe
PSP ISO Compressor-->MsiExec.exe /X{D47087E7-AA15-4D1D-8C0A-60F7E446D597}
QuickTime-->MsiExec.exe /I{EB900AF8-CC61-4E15-871B-98D1EA3E8025}
Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\Setup.exe" -removeonly
Sawer-->C:\Program Files\Image-Line\Sawer\uninstall.exe
Skype™ 6.3-->MsiExec.exe /X{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}
Sony Ericsson Update Engine-->C:\Program Files\Sony Ericsson\Update Engine\uninst.exe
Sony PC Companion 2.10.155-->"C:\Program Files\InstallShield Installation Information\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}\setup.exe" -runfromtemp -l0x0409 -removeonly
StageLight version 1.0 (Build 3344)-->C:\Program Files\StageLight\uninst.exe
TK8 StickyNotes 3.4-->"C:\Program Files\TK8 StickyNotes\unins000.exe"
Toxic Biohazard-->C:\Program Files\Image-Line\Toxic Biohazard\uninstall.exe
TSST OEM Content-->MsiExec.exe /X{885AFEC2-0809-47CE-8B3F-00AEC19DDD5F}
VC80CRTRedist - 8.0.50727.762-->MsiExec.exe /I{767CC44C-9BBC-438D-BAD3-FD4595DD148B}
VLC media player 1.1.6-->C:\Program Files\VideoLAN\VLC\uninstall.exe
Windows Driver Package - Nokia Modem (06/09/2010 7.01.0.8)-->C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\Windows\System32\DriverStore\FileRepository\nokbtmdm.inf_x86_neutral_68b2fb14204f3667\nokbtmdm.inf
Windows Driver Package - Nokia Modem (10/07/2010 4.6)-->C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\Windows\System32\DriverStore\FileRepository\nokia_bluetooth.inf_x86_neutral_875547a32190c11c\nokia_bluetooth.inf
Windows Driver Package - Nokia pccsmcfd (08/22/2008 7.0.0.0)-->C:\PROGRA~1\DIFX\B4723E9A0713E5B1\dpinst.exe /u C:\Windows\system32\DRVSTORE\pccsmcfd_A3B3916E5D8138F59EE218321B27B044D3B18294\pccsmcfd.inf
Windows Live Communications Platform-->MsiExec.exe /I{D45240D3-B6B3-4FF9-B243-54ECE3E10066}
Windows Live Essentials-->C:\Program Files\Windows Live\Installer\wlarp.exe
Windows Live Essentials-->MsiExec.exe /I{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}
Windows Live ID Sign-in Assistant-->MsiExec.exe /I{C6150D8A-86ED-41D3-87BB-F3BB51B0B77F}
Windows Live Installer-->MsiExec.exe /I{0B0F231F-CE6A-483D-AA23-77B364F75917}
Windows Live Movie Maker-->MsiExec.exe /X{19BA08F7-C728-469C-8A35-BFBD3633BE08}
Windows Live Movie Maker-->MsiExec.exe /X{92EA4134-10D1-418A-91E1-5A0453131A38}
Windows Live Photo Common-->MsiExec.exe /X{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}
Windows Live Photo Common-->MsiExec.exe /X{D436F577-1695-4D2F-8B44-AC76C99E0002}
Windows Live Photo Gallery-->MsiExec.exe /X{3336F667-9049-4D46-98B6-4C743EEBC5B1}
Windows Live Photo Gallery-->MsiExec.exe /X{34F4D9A4-42C2-4348-BEF4-E553C84549E7}
Windows Live PIMT Platform-->MsiExec.exe /I{83C292B7-38A5-440B-A731-07070E81A64F}
Windows Live SOXE Definitions-->MsiExec.exe /I{200FEC62-3C34-4D60-9CE8-EC372E01C08F}
Windows Live SOXE-->MsiExec.exe /I{682B3E4F-696A-42DE-A41C-4C07EA1678B4}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}
Windows Live UX Platform-->MsiExec.exe /I{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}
WinRAR archiver-->C:\Program Files\WinRAR\uninstall.exe

======System event log======

Computer Name: Krishnaa-PC
Event Code: 6008
Message: The previous system shutdown at 12:01:33 PM on ‎12/‎17/‎2012 was unexpected.
Record Number: 140026
Source Name: EventLog
Time Written: 20121218033124.000000-000
Event Type: Error
User:

Computer Name: Krishnaa-PC
Event Code: 7000
Message: The SSPORT service failed to start due to the following error:
The system cannot find the file specified.
Record Number: 139984
Source Name: Service Control Manager
Time Written: 20121217063036.957646-000
Event Type: Error
User:

Computer Name: Krishnaa-PC
Event Code: 41
Message: The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.
Record Number: 139936
Source Name: Microsoft-Windows-Kernel-Power
Time Written: 20121217063021.045618-000
Event Type: Critical
User: NT AUTHORITY\SYSTEM

Computer Name: Krishnaa-PC
Event Code: 6008
Message: The previous system shutdown at 11:56:52 AM on ‎12/‎17/‎2012 was unexpected.
Record Number: 139931
Source Name: EventLog
Time Written: 20121217063033.000000-000
Event Type: Error
User:

Computer Name: Krishnaa-PC
Event Code: 7000
Message: The SSPORT service failed to start due to the following error:
The system cannot find the file specified.
Record Number: 139889
Source Name: Service Control Manager
Time Written: 20121217062556.675247-000
Event Type: Error
User:

=====Application event log=====

Computer Name: Krishnaa-PC
Event Code: 1530
Message: Windows detected your registry file is still in use by other applications or services. The file will be unloaded now. The applications or services that hold your registry file may not function properly afterwards.

DETAIL -
1 user registry handles leaked from \Registry\User\S-1-5-21-3205674275-2737826845-53548374-1000:
Process 3460 (\Device\HarddiskVolume2\Program Files\PC Connectivity Solution\ServiceLayer.exe) has opened key \REGISTRY\USER\S-1-5-21-3205674275-2737826845-53548374-1000

Record Number: 20645
Source Name: Microsoft-Windows-User Profiles Service
Time Written: 20120801165323.414663-000
Event Type: Warning
User: NT AUTHORITY\SYSTEM

Computer Name: Krishnaa-PC
Event Code: 1530
Message: Windows detected your registry file is still in use by other applications or services. The file will be unloaded now. The applications or services that hold your registry file may not function properly afterwards.

DETAIL -
1 user registry handles leaked from \Registry\User\S-1-5-21-3205674275-2737826845-53548374-1000:
Process 3520 (\Device\HarddiskVolume2\Program Files\PC Connectivity Solution\ServiceLayer.exe) has opened key \REGISTRY\USER\S-1-5-21-3205674275-2737826845-53548374-1000

Record Number: 20612
Source Name: Microsoft-Windows-User Profiles Service
Time Written: 20120801144101.189341-000
Event Type: Warning
User: NT AUTHORITY\SYSTEM

Computer Name: Krishnaa-PC
Event Code: 100
Message: Task Scheduling Error: m->NextScheduledSPRetry 3151
Record Number: 20610
Source Name: Bonjour Service
Time Written: 20120801144014.000000-000
Event Type: Error
User:

Computer Name: Krishnaa-PC
Event Code: 100
Message: Task Scheduling Error: m->NextScheduledEvent 3151
Record Number: 20609
Source Name: Bonjour Service
Time Written: 20120801144014.000000-000
Event Type: Error
User:

Computer Name: Krishnaa-PC
Event Code: 100
Message: Task Scheduling Error: Continuously busy for more than a second
Record Number: 20608
Source Name: Bonjour Service
Time Written: 20120801144014.000000-000
Event Type: Error
User:

=====Security event log=====

Computer Name: Krishnaa-PC
Event Code: 4624
Message: An account was successfully logged on.

Subject:
Security ID: S-1-5-18
Account Name: KRISHNAA-PC$
Account Domain: WORKGROUP
Logon ID: 0x3e7

Logon Type: 2

New Logon:
Security ID: S-1-5-21-3205674275-2737826845-53548374-1000
Account Name: Krishnaa
Account Domain: Krishnaa-PC
Logon ID: 0x19989
Logon GUID: {00000000-0000-0000-0000-000000000000}

Process Information:
Process ID: 0x258
Process Name: C:\Windows\System32\winlogon.exe

Network Information:
Workstation Name: KRISHNAA-PC
Source Network Address: 127.0.0.1
Source Port: 0

Detailed Authentication Information:
Logon Process: User32
Authentication Package: Negotiate
Transited Services: -
Package Name (NTLM only): -
Key Length: 0

This event is generated when a logon session is created. It is generated on the computer that was accessed.

The subject fields indicate the account on the local system which requested the logon. This is most commonly a service such as the Server service, or a local process such as Winlogon.exe or Services.exe.

The logon type field indicates the kind of logon that occurred. The most common types are 2 (interactive) and 3 (network).

The New Logon fields indicate the account for whom the new logon was created, i.e. the account that was logged on.

The network fields indicate where a remote logon request originated. Workstation name is not always available and may be left blank in some cases.

The authentication information fields provide detailed information about this specific logon request.
- Logon GUID is a unique identifier that can be used to correlate this event with a KDC event.
- Transited services indicate which intermediate services have participated in this logon request.
- Package name indicates which sub-protocol was used among the NTLM protocols.
- Key length indicates the length of the generated session key. This will be 0 if no session key was requested.
Record Number: 10342
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20120517114451.884441-000
Event Type: Audit Success
User:

Computer Name: Krishnaa-PC
Event Code: 4624
Message: An account was successfully logged on.

Subject:
Security ID: S-1-5-18
Account Name: KRISHNAA-PC$
Account Domain: WORKGROUP
Logon ID: 0x3e7

Logon Type: 2

New Logon:
Security ID: S-1-5-21-3205674275-2737826845-53548374-1000
Account Name: Krishnaa
Account Domain: Krishnaa-PC
Logon ID: 0x19963
Logon GUID: {00000000-0000-0000-0000-000000000000}

Process Information:
Process ID: 0x258
Process Name: C:\Windows\System32\winlogon.exe

Network Information:
Workstation Name: KRISHNAA-PC
Source Network Address: 127.0.0.1
Source Port: 0

Detailed Authentication Information:
Logon Process: User32
Authentication Package: Negotiate
Transited Services: -
Package Name (NTLM only): -
Key Length: 0

This event is generated when a logon session is created. It is generated on the computer that was accessed.

The subject fields indicate the account on the local system which requested the logon. This is most commonly a service such as the Server service, or a local process such as Winlogon.exe or Services.exe.

The logon type field indicates the kind of logon that occurred. The most common types are 2 (interactive) and 3 (network).

The New Logon fields indicate the account for whom the new logon was created, i.e. the account that was logged on.

The network fields indicate where a remote logon request originated. Workstation name is not always available and may be left blank in some cases.

The authentication information fields provide detailed information about this specific logon request.
- Logon GUID is a unique identifier that can be used to correlate this event with a KDC event.
- Transited services indicate which intermediate services have participated in this logon request.
- Package name indicates which sub-protocol was used among the NTLM protocols.
- Key length indicates the length of the generated session key. This will be 0 if no session key was requested.
Record Number: 10341
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20120517114451.884441-000
Event Type: Audit Success
User:

Computer Name: Krishnaa-PC
Event Code: 4648
Message: A logon was attempted using explicit credentials.

Subject:
Security ID: S-1-5-18
Account Name: KRISHNAA-PC$
Account Domain: WORKGROUP
Logon ID: 0x3e7
Logon GUID: {00000000-0000-0000-0000-000000000000}

Account Whose Credentials Were Used:
Account Name: Krishnaa
Account Domain: Krishnaa-PC
Logon GUID: {00000000-0000-0000-0000-000000000000}

Target Server:
Target Server Name: localhost
Additional Information: localhost

Process Information:
Process ID: 0x258
Process Name: C:\Windows\System32\winlogon.exe

Network Information:
Network Address: 127.0.0.1
Port: 0

This event is generated when a process attempts to log on an account by explicitly specifying that account’s credentials. This most commonly occurs in batch-type configurations such as scheduled tasks, or when using the RUNAS command.
Record Number: 10340
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20120517114451.884441-000
Event Type: Audit Success
User:

Computer Name: Krishnaa-PC
Event Code: 4672
Message: Special privileges assigned to new logon.

Subject:
Security ID: S-1-5-18
Account Name: SYSTEM
Account Domain: NT AUTHORITY
Logon ID: 0x3e7

Privileges: SeAssignPrimaryTokenPrivilege
SeTcbPrivilege
SeSecurityPrivilege
SeTakeOwnershipPrivilege
SeLoadDriverPrivilege
SeBackupPrivilege
SeRestorePrivilege
SeDebugPrivilege
SeAuditPrivilege
SeSystemEnvironmentPrivilege
SeImpersonatePrivilege
Record Number: 10339
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20120517114451.260440-000
Event Type: Audit Success
User:

Computer Name: Krishnaa-PC
Event Code: 4624
Message: An account was successfully logged on.

Subject:
Security ID: S-1-5-18
Account Name: KRISHNAA-PC$
Account Domain: WORKGROUP
Logon ID: 0x3e7

Logon Type: 5

New Logon:
Security ID: S-1-5-18
Account Name: SYSTEM
Account Domain: NT AUTHORITY
Logon ID: 0x3e7
Logon GUID: {00000000-0000-0000-0000-000000000000}

Process Information:
Process ID: 0x230
Process Name: C:\Windows\System32\services.exe

Network Information:
Workstation Name:
Source Network Address: -
Source Port: -

Detailed Authentication Information:
Logon Process: Advapi
Authentication Package: Negotiate
Transited Services: -
Package Name (NTLM only): -
Key Length: 0

This event is generated when a logon session is created. It is generated on the computer that was accessed.

The subject fields indicate the account on the local system which requested the logon. This is most commonly a service such as the Server service, or a local process such as Winlogon.exe or Services.exe.

The logon type field indicates the kind of logon that occurred. The most common types are 2 (interactive) and 3 (network).

The New Logon fields indicate the account for whom the new logon was created, i.e. the account that was logged on.

The network fields indicate where a remote logon request originated. Workstation name is not always available and may be left blank in some cases.

The authentication information fields provide detailed information about this specific logon request.
- Logon GUID is a unique identifier that can be used to correlate this event with a KDC event.
- Transited services indicate which intermediate services have participated in this logon request.
- Package name indicates which sub-protocol was used among the NTLM protocols.
- Key length indicates the length of the generated session key. This will be 0 if no session key was requested.
Record Number: 10338
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20120517114451.260440-000
Event Type: Audit Success
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=C:\Windows\system32;C:\Windows;C:\Windows\system32\wbem;C:\Program Files\PC Connectivity Solution;C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Windows\System32\WindowsPowerShell\v1.0;C:\Program Files\Intel\DMIX;C:\Program Files\Common Files\DivX Shared;C:\Program Files\Windows Live\Shared;C:\Program Files\QuickTime\QTSystem;C:\Program Files\MATLAB\R2010b\runtime\win32;C:\Program Files\MATLAB\R2010b\bin;C:\Users\Krishnaa\AppData\Local\Smartbar\Application
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=x86
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PSModulePath"=%SystemRoot%\system32\WindowsPowerShell\v1.0\Modules\
"NUMBER_OF_PROCESSORS"=4
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 37 Stepping 5, GenuineIntel
"PROCESSOR_REVISION"=2505
"EICDDrive"=D:\
"asl.log"=Destination=file
"CLASSPATH"=.;C:\Program Files\QuickTime\QTSystem\QTJava.zip
"QTJAVA"=C:\Program Files\QuickTime\QTSystem\QTJava.zip

-----------------EOF-----------------
  • 0

#75
Krishnaa
Posted 03 May 2013 - 01:34 AM

Krishnaa

    Member

  • Topic Starter
  • Member
  • PipPip
  • 47 posts
When I double-click the ESET installer the window opens up then closes by itself again byt the time I click on Start. Sometimes it stays long enough for me to click on Start, but the window closes again anyway.

Similar thing happened when I tried to open Malwarebytes' Anti-Malware, the window never opened.
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP