Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

My computer is bleeding

Started by piuse1 , Jun 23 2013 10:37 PM

  • Please log in to reply

#1
piuse1
Posted 23 June 2013 - 10:37 PM

piuse1

    New Member

  • Member
  • Pip
  • 1 posts
hi there i have many problems with my laptop performence please read this log and say that im infection or not

greetings







OTL logfile created on: 2013-06-24 06:18:32 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\x10\Desktop
Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

2,99 Gb Total Physical Memory | 2,22 Gb Available Physical Memory | 74,28% Memory free
5,99 Gb Paging File | 5,26 Gb Available in Paging File | 87,84% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 48,93 Gb Total Space | 28,31 Gb Free Space | 57,86% Space Free | Partition Type: NTFS
Drive D: | 249,07 Gb Total Space | 238,53 Gb Free Space | 95,77% Space Free | Partition Type: NTFS

Computer Name: X10-KOMPUTER | User Name: x10 | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013-06-24 06:17:32 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\x10\Desktop\o.exe
PRC - [2013-06-19 05:27:37 | 000,814,472 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\Macromed\Flash\FlashUtil32_11_7_700_224_ActiveX.exe
PRC - [2013-05-12 21:58:09 | 000,875,296 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
PRC - [2011-02-25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2010-12-17 09:33:10 | 000,439,632 | ---- | M] (Trend Micro Inc.) -- C:\Program Files\Trend Micro\RUBotted\RUBotSrv.exe
PRC - [2010-11-20 04:17:48 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2009-07-14 03:14:24 | 000,157,184 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Windows Defender\MpCmdRun.exe


========== Modules (No Company Name) ==========


========== Services (SafeList) ==========

SRV - [2013-06-19 05:27:38 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013-06-07 00:06:24 | 000,543,656 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2010-12-17 09:33:10 | 000,439,632 | ---- | M] (Trend Micro Inc.) [Auto | Running] -- C:\Program Files\Trend Micro\RUBotted\RUBotSrv.exe -- (RUBotSrv)
SRV - [2009-10-20 20:19:48 | 000,117,264 | ---- | M] (CACE Technologies, Inc.) [On_Demand | Stopped] -- C:\Program Files\WinPcap\rpcapd.exe -- (rpcapd)
SRV - [2009-07-14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009-07-14 03:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009-07-14 03:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\rdvgkmd.sys -- (VGPU)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\tsusbhub.sys -- (tsusbhub)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\synth3dvsc.sys -- (Synth3dVsc)
DRV - File not found [Kernel | On_Demand | Unknown] -- C:\Users\x10\AppData\Local\Temp\mbr.sys -- (mbr)
DRV - File not found [Kernel | On_Demand | Running] -- system32\DRIVERS\Apfiltr.sys -- (ApfiltrService)
DRV - [2013-06-20 04:52:59 | 009,053,984 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2013-06-02 22:20:10 | 000,319,264 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\yk62x86.sys -- (yukonw7)
DRV - [2013-05-29 20:31:40 | 000,466,008 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\sptd.sys -- (sptd)
DRV - [2010-11-20 12:21:14 | 000,015,872 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV - [2010-11-20 04:30:16 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus)
DRV - [2010-11-20 04:30:16 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
DRV - [2010-11-20 04:30:16 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc)
DRV - [2010-11-20 02:24:42 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010-11-20 01:59:46 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2010-11-20 01:14:46 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2010-11-20 01:14:42 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap)
DRV - [2009-11-12 06:14:28 | 000,066,664 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvhda32v.sys -- (NVHDA)
DRV - [2009-10-20 20:19:44 | 000,050,704 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\npf.sys -- (NPF)
DRV - [2009-07-14 00:13:48 | 001,035,776 | ---- | M] (LSI Corp) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2009-07-14 00:02:46 | 001,096,704 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-1441044267-2727542032-2458088072-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.gamedesire.com/
IE - HKU\S-1-5-21-1441044267-2727542032-2458088072-1001\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-1441044267-2727542032-2458088072-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


========== FireFox ==========

FF - HKLM\Software\MozillaPlugins\@ganymede/GanymedeNetPlugin,version=1.0: C:\Program Files\Ganymede\Plugins\npganymedenet.dll ( )
FF - HKLM\Software\MozillaPlugins\@ganymede/NAVY,version=1.0: C:\Program Files\Ganymede\Plugins\NAVY\NPNAVY.dll (Ganymede Technologies)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.21.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.21.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)


[2013-05-30 12:22:31 | 000,000,000 | ---D | M] (No name found) -- C:\Users\x10\AppData\Roaming\mozilla\Extensions

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter}
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\27.0.1453.116\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\27.0.1453.116\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\27.0.1453.116\pdf.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32_11_7_700_202.dll
CHR - Extension: Dokumenty Google = C:\Users\x10\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Dysk Google = C:\Users\x10\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\x10\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Szukaj w Google = C:\Users\x10\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Gmail = C:\Users\x10\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2013-06-03 11:17:11 | 000,000,841 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (no name) - {9F3209E2-334B-41E9-B09C-703F398742E7} - No CLSID value found.
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (TMIEGBHO Class) - {F1AD4A42-BA52-47BC-89DF-3F68F24C017F} - C:\Program Files\Trend Micro\Browser Guard\TMAMS.dll (Trend Micro Inc.)
O3 - HKLM\..\Toolbar: (TMBGBAR TOOLBAR) - {C8137A8D-415D-450C-A1B1-D0C519D45296} - C:\Program Files\Trend Micro\Browser Guard\tmieg.dll (Trend Micro Inc.)
O4 - HKLM..\Run: [Trend Micro Browser Guard] C:\Program Files\Trend Micro\Browser Guard\BGUI.EXE (Trend Micro Inc.)
O4 - HKLM..\Run: [Trend Micro RUBotted V2.0 Beta] C:\Program Files\Trend Micro\RUBotted\RUBottedGUI.exe (Trend Micro Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1441044267-2727542032-2458088072-1001\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1441044267-2727542032-2458088072-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{24A01832-ABC4-4DB8-B572-BB9C3958A7D8}: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9A56B537-9D99-40E4-B3F0-6DCB2A9BBD5B}: DhcpNameServer = 192.168.1.254
O20 - AppInit_DLLs: ({DLL_Str}) - File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009-06-10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2013-06-24 06:17:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Trend Micro
[2013-06-24 06:17:32 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\x10\Desktop\o.exe
[2013-06-24 06:12:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Trend Micro Browser Guard
[2013-06-24 06:12:42 | 000,000,000 | ---D | C] -- C:\Users\x10\AppData\Local\Browser Guard
[2013-06-24 06:12:26 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Browser Guard
[2013-06-24 06:09:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinPcap
[2013-06-24 06:09:13 | 000,000,000 | ---D | C] -- C:\Program Files\WinPcap
[2013-06-24 06:08:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Trend Micro RUBotted
[2013-06-24 06:08:55 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2013-06-24 04:57:55 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA
[2013-06-24 04:42:59 | 000,000,000 | ---D | C] -- C:\Program Files\Driver Fusion
[2013-06-22 04:06:11 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2013-06-22 02:24:30 | 000,000,000 | ---D | C] -- C:\Users\x10\Documents\GameDesire
[2013-06-21 17:22:22 | 000,000,000 | ---D | C] -- C:\Program Files\HDD Regenerator
[2013-06-21 17:21:57 | 000,000,000 | ---D | C] -- C:\Users\x10\AppData\Local\Downloaded Installations
[2013-06-21 17:21:49 | 000,000,000 | ---D | C] -- C:\Users\x10\HDD Regenerator2012
[2013-06-20 05:12:43 | 000,000,000 | ---D | C] -- C:\Users\x10\Nowy folder
[2013-06-20 04:53:24 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation
[2013-06-20 03:59:13 | 000,000,000 | ---D | C] -- C:\Users\x10\AppData\Roaming\WinRAR
[2013-06-20 03:59:13 | 000,000,000 | ---D | C] -- C:\Users\x10\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
[2013-06-20 03:59:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
[2013-06-20 03:59:11 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR
[2013-06-19 14:16:55 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\PX Storage Engine
[2013-06-19 14:16:50 | 000,000,000 | ---D | C] -- C:\Users\x10\AppData\Roaming\Winamp
[2013-06-19 14:16:50 | 000,000,000 | ---D | C] -- C:\Program Files\Winamp
[2013-06-18 20:16:09 | 000,000,000 | ---D | C] -- C:\Users\x10\Ringo steryu
[2013-06-17 11:51:10 | 000,000,000 | ---D | C] -- C:\Users\x10\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
[2013-06-17 11:25:11 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Steam
[2013-06-17 11:25:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
[2013-06-15 00:54:45 | 000,000,000 | ---D | C] -- C:\Users\x10\AppData\Roaming\PhotoFiltre 7
[2013-06-15 00:54:31 | 000,000,000 | ---D | C] -- C:\Users\x10\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PhotoFiltre 7
[2013-06-15 00:54:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PhotoFiltre 7
[2013-06-15 00:54:29 | 000,000,000 | ---D | C] -- C:\Program Files\PhotoFiltre 7
[2013-06-12 13:35:26 | 000,000,000 | ---D | C] -- C:\Users\x10\AppData\Local\Adobe
[2013-06-12 13:35:14 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2013-06-12 13:35:14 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe
[2013-06-11 23:24:53 | 000,000,000 | ---D | C] -- C:\ProgramData\GG
[2013-06-03 10:27:15 | 000,000,000 | ---D | C] -- C:\Users\x10\AppData\Local\CrashDumps
[2013-06-03 10:26:46 | 000,000,000 | ---D | C] -- C:\Users\x10\kp
[2013-06-03 10:25:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2013-06-03 10:25:11 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2013-06-03 10:24:41 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2013-06-03 10:18:30 | 000,000,000 | ---D | C] -- C:\ProgramData\HitmanPro
[2013-06-03 09:30:32 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2013-06-03 09:30:12 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2013-06-03 09:18:31 | 000,057,344 | ---- | C] (Windows ® Codename Longhorn DDK provider) -- C:\Windows\System32\nvapo32v.dll
[2013-06-03 09:17:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
[2013-06-03 09:17:54 | 000,000,000 | ---D | C] -- C:\Program Files\AGEIA Technologies
[2013-06-03 09:17:54 | 000,000,000 | ---D | C] -- C:\Windows\System32\AGEIA
[2013-06-03 09:17:49 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Wise Installation Wizard
[2013-06-03 08:55:15 | 000,000,000 | ---D | C] -- C:\Users\x10\My Documents
[2013-06-03 08:54:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VDrift
[2013-06-02 22:20:19 | 000,000,000 | ---D | C] -- C:\Windows\System32\RTCOM
[2013-06-02 22:19:44 | 001,822,488 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\WavesGUILib.dll
[2013-06-02 22:19:44 | 001,783,056 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\WavesLib.dll
[2013-06-02 22:19:44 | 000,699,680 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\slcnt32.dll
[2013-06-02 22:19:44 | 000,547,104 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\sltech32.dll
[2013-06-02 22:19:44 | 000,345,328 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSTSXT.dll
[2013-06-02 22:19:44 | 000,336,672 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\sl3apo32.dll
[2013-06-02 22:19:44 | 000,185,584 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSTSHD.dll
[2013-06-02 22:19:44 | 000,184,608 | ---- | C] (TODO: <Company name>) -- C:\Windows\System32\slprp32.dll
[2013-06-02 22:19:44 | 000,173,296 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSHP360.dll
[2013-06-02 22:19:44 | 000,140,528 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSWOW.dll
[2013-06-02 22:19:43 | 007,162,128 | ---- | C] (Dolby Laboratories) -- C:\Windows\System32\R4EEP32A.dll
[2013-06-02 22:19:43 | 004,335,384 | ---- | C] (A-volute) -- C:\Windows\System32\RTKSMlfx.dll
[2013-06-02 22:19:43 | 000,852,824 | ---- | C] (A-Volute) -- C:\Windows\System32\RTKSMSettingsIPC.dll
[2013-06-02 22:19:43 | 000,359,768 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEEP32A.dll
[2013-06-02 22:19:43 | 000,352,016 | ---- | C] (Dolby Laboratories) -- C:\Windows\System32\R4EED32A.dll
[2013-06-02 22:19:43 | 000,295,768 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RP3DHT32.dll
[2013-06-02 22:19:43 | 000,295,768 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RP3DAA32.dll
[2013-06-02 22:19:43 | 000,214,368 | ---- | C] (Synopsys, Inc.) -- C:\Windows\System32\SFNHK.dll
[2013-06-02 22:19:43 | 000,170,840 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEED32A.dll
[2013-06-02 22:19:43 | 000,106,768 | ---- | C] (Dolby Laboratories) -- C:\Windows\System32\R4EEL32A.dll
[2013-06-02 22:19:43 | 000,091,920 | ---- | C] (Dolby Laboratories) -- C:\Windows\System32\R4EEA32A.dll
[2013-06-02 22:19:43 | 000,078,680 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEEL32A.dll
[2013-06-02 22:19:43 | 000,074,080 | ---- | C] (Synopsys, Inc.) -- C:\Windows\System32\SFCOM.dll
[2013-06-02 22:19:43 | 000,068,960 | ---- | C] (Synopsys, Inc.) -- C:\Windows\System32\SFAPO.dll
[2013-06-02 22:19:43 | 000,064,856 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEEG32A.dll
[2013-06-02 22:19:43 | 000,062,224 | ---- | C] (Dolby Laboratories) -- C:\Windows\System32\R4EEG32A.dll
[2013-06-02 22:19:42 | 013,769,496 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioRealtek.dll
[2013-06-02 22:19:42 | 008,872,216 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioVnA.dll
[2013-06-02 22:19:42 | 002,386,464 | ---- | C] (Fortemedia Corporation) -- C:\Windows\System32\FMAPO.dll
[2013-06-02 22:19:42 | 001,931,032 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioEQ.dll
[2013-06-02 22:19:42 | 001,656,600 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioRealtek2.dll
[2013-06-02 22:19:42 | 001,509,480 | ---- | C] (DTS) -- C:\Windows\System32\DTSS2SpeakerDLL.dll
[2013-06-02 22:19:42 | 000,776,984 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioAPOShell.dll
[2013-06-02 22:19:42 | 000,639,256 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioAPO50.dll
[2013-06-02 22:19:42 | 000,631,400 | ---- | C] (DTS) -- C:\Windows\System32\DTSSymmetryDLL.dll
[2013-06-02 22:19:42 | 000,601,704 | ---- | C] (DTS) -- C:\Windows\System32\DTSVoiceClarityDLL.dll
[2013-06-02 22:19:42 | 000,549,240 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioAPO40.dll
[2013-06-02 22:19:42 | 000,426,952 | ---- | C] (DTS) -- C:\Windows\System32\DTSU2PLFX32.dll
[2013-06-02 22:19:42 | 000,402,888 | ---- | C] (DTS) -- C:\Windows\System32\DTSU2PGFX32.dll
[2013-06-02 22:19:42 | 000,357,712 | ---- | C] (Knowles Acoustics ) -- C:\Windows\System32\KAAPORT.dll
[2013-06-02 22:19:42 | 000,350,664 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioAPO30.dll
[2013-06-02 22:19:42 | 000,349,048 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxVolumeSDAPO.dll
[2013-06-02 22:19:42 | 000,346,056 | ---- | C] (DTS) -- C:\Windows\System32\DTSU2PREC32.dll
[2013-06-02 22:19:42 | 000,232,792 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioAPO20.dll
[2013-06-02 22:19:42 | 000,132,368 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioAPO.dll
[2013-06-02 22:19:41 | 001,292,904 | ---- | C] (DTS) -- C:\Windows\System32\DTSS2HeadphoneDLL.dll
[2013-06-02 22:19:41 | 001,220,200 | ---- | C] (DTS) -- C:\Windows\System32\DTSBoostDLL.dll
[2013-06-02 22:19:41 | 000,654,952 | ---- | C] (DTS) -- C:\Windows\System32\DTSBassEnhancementDLL.dll
[2013-06-02 22:19:41 | 000,458,344 | ---- | C] (DTS) -- C:\Windows\System32\DTSNeoPCDLL.dll
[2013-06-02 22:19:41 | 000,389,736 | ---- | C] (DTS) -- C:\Windows\System32\DTSGainCompensatorDLL.dll
[2013-06-02 22:19:41 | 000,375,400 | ---- | C] (DTS) -- C:\Windows\System32\DTSLimiterDLL.dll
[2013-06-02 22:19:41 | 000,218,728 | ---- | C] (DTS) -- C:\Windows\System32\DTSGFXAPONS.dll
[2013-06-02 22:19:41 | 000,218,728 | ---- | C] (DTS) -- C:\Windows\System32\DTSGFXAPO.dll
[2013-06-02 22:19:41 | 000,218,216 | ---- | C] (DTS) -- C:\Windows\System32\DTSLFXAPO.dll
[2013-06-02 22:19:41 | 000,090,624 | ---- | C] (Real Sound Lab SIA) -- C:\Windows\System32\CONEQMSAPOGUILibrary.dll
[2013-06-02 22:19:41 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek
[2013-06-02 22:19:41 | 000,000,000 | ---D | C] -- C:\Program Files\InstallShield Installation Information
[2013-06-02 22:19:21 | 000,000,000 | ---D | C] -- C:\Program Files\Temp
[2013-06-02 22:19:14 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\InstallShield
[2013-06-02 22:17:20 | 000,053,248 | ---- | C] (Windows XP Bundled build C-Centric Single User) -- C:\Windows\System32\CSVer.dll
[2013-06-02 22:17:20 | 000,000,000 | ---D | C] -- C:\Program Files\Intel
[2013-06-02 22:17:07 | 000,000,000 | ---D | C] -- C:\Intel
[2013-06-02 21:50:09 | 000,000,000 | ---D | C] -- C:\ProgramData\DriverGenius
[2013-06-01 06:01:03 | 000,000,000 | ---D | C] -- C:\Users\x10\AppData\Local\Diagnostics
[2013-05-31 16:44:19 | 000,000,000 | ---D | C] -- C:\Users\x10\AppData\Roaming\GanymedeNet
[2013-05-31 16:29:45 | 000,000,000 | ---D | C] -- C:\Plugins
[2013-05-31 16:29:40 | 000,000,000 | ---D | C] -- C:\Program Files\Ganymede
[2013-05-30 18:26:52 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2013-05-30 18:26:52 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2013-05-30 18:26:52 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2013-05-30 18:26:45 | 000,000,000 | ---D | C] -- C:\Qoobox
[2013-05-30 18:26:35 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2013-05-30 14:56:58 | 000,000,000 | ---D | C] -- C:\Program Files\mir
[2013-05-30 14:18:17 | 000,000,000 | ---D | C] -- C:\Users\x10\Mir
[2013-05-30 12:39:07 | 000,000,000 | --SD | C] -- C:\Users\x10\GG dysk
[2013-05-30 12:22:31 | 000,000,000 | ---D | C] -- C:\Users\x10\AppData\Roaming\Mozilla
[2013-05-30 12:21:50 | 000,000,000 | ---D | C] -- C:\Users\x10\AppData\Roaming\GG
[2013-05-30 12:21:49 | 000,000,000 | ---D | C] -- C:\Users\x10\AppData\Local\GG
[2013-05-30 01:21:50 | 000,000,000 | ---D | C] -- C:\Windows\pss
[2013-05-29 23:52:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2013-05-29 23:51:09 | 000,000,000 | ---D | C] -- C:\Program Files\Google
[2013-05-29 23:51:03 | 000,000,000 | ---D | C] -- C:\Users\x10\AppData\Local\Google
[2013-05-29 22:33:28 | 000,000,000 | ---D | C] -- C:\Users\x10\AppData\Roaming\Tlen.pl
[2013-05-29 22:33:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Tlen.pl
[2013-05-29 22:32:48 | 000,000,000 | ---D | C] -- C:\Users\x10\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Tlen.pl
[2013-05-29 22:32:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tlen.pl
[2013-05-29 22:32:45 | 000,000,000 | ---D | C] -- C:\Program Files\Tlen.pl
[2013-05-29 22:30:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe
[2013-05-29 21:11:49 | 000,000,000 | ---D | C] -- C:\Windows\System32\SPReview
[2013-05-29 20:42:44 | 000,093,696 | ---- | C] (Windows ® Codename Longhorn DDK provider) -- C:\Windows\System32\fms.dll
[2013-05-29 20:39:16 | 000,000,000 | ---D | C] -- C:\Windows\System32\EventProviders
[2013-05-29 20:31:40 | 000,466,008 | ---- | C] (Duplex Secure Ltd.) -- C:\Windows\System32\drivers\sptd.sys
[2013-05-29 20:31:29 | 000,000,000 | ---D | C] -- C:\Users\x10\AppData\Roaming\DAEMON Tools Lite
[2013-05-29 20:30:45 | 000,000,000 | ---D | C] -- C:\ProgramData\DAEMON Tools Lite
[2013-05-29 19:19:52 | 000,000,000 | ---D | C] -- C:\Users\x10\AppData\Roaming\Macromedia
[2013-05-29 19:19:52 | 000,000,000 | ---D | C] -- C:\Users\x10\AppData\Roaming\Adobe
[2013-05-29 19:16:24 | 000,000,000 | ---D | C] -- C:\Windows\System32\Macromed
[2013-05-29 18:51:42 | 000,000,000 | ---D | C] -- C:\Users\x10\AppData\Local\NVIDIA
[2013-05-29 18:38:44 | 000,000,000 | ---D | C] -- C:\Users\x10\AppData\Local\ElevatedDiagnostics
[2013-05-29 18:32:14 | 000,000,000 | ---D | C] -- C:\Windows\System32\directx
[2013-05-29 18:26:42 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation
[2013-05-29 18:26:17 | 000,000,000 | ---D | C] -- C:\nv
[2013-05-29 18:15:18 | 000,000,000 | ---D | C] -- C:\Users\x10\AppData\Roaming\Opera
[2013-05-29 18:15:18 | 000,000,000 | ---D | C] -- C:\Users\x10\AppData\Local\Opera
[2013-05-29 18:15:02 | 000,000,000 | ---D | C] -- C:\Program Files\Opera
[2013-05-29 18:07:22 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET
[2013-05-29 18:07:09 | 000,000,000 | -HSD | C] -- C:\Windows\Installer
[2013-05-29 17:54:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Norton
[2013-05-29 17:53:34 | 000,000,000 | ---D | C] -- C:\ProgramData\NortonInstaller
[2013-05-29 16:57:59 | 000,000,000 | ---D | C] -- C:\Windows\Panther
[2013-05-29 16:57:44 | 000,000,000 | ---D | C] -- C:\Boot
[2013-05-29 16:07:00 | 000,000,000 | R--D | C] -- C:\Users\x10\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2013-05-29 16:07:00 | 000,000,000 | R--D | C] -- C:\Users\x10\Searches
[2013-05-29 16:07:00 | 000,000,000 | R--D | C] -- C:\Users\x10\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2013-05-29 16:06:43 | 000,000,000 | ---D | C] -- C:\Users\x10\AppData\Roaming\Identities
[2013-05-29 16:06:37 | 000,000,000 | R--D | C] -- C:\Users\x10\Contacts
[2013-05-29 16:06:21 | 000,000,000 | ---D | C] -- C:\Users\x10\AppData\Local\VirtualStore
[2013-05-29 16:06:18 | 000,000,000 | --SD | C] -- C:\Users\x10\AppData\Roaming\Microsoft
[2013-05-29 16:06:18 | 000,000,000 | R--D | C] -- C:\Users\x10\Videos
[2013-05-29 16:06:18 | 000,000,000 | R--D | C] -- C:\Users\x10\Saved Games
[2013-05-29 16:06:18 | 000,000,000 | R--D | C] -- C:\Users\x10\Pictures
[2013-05-29 16:06:18 | 000,000,000 | R--D | C] -- C:\Users\x10\Music
[2013-05-29 16:06:18 | 000,000,000 | R--D | C] -- C:\Users\x10\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2013-05-29 16:06:18 | 000,000,000 | R--D | C] -- C:\Users\x10\Links
[2013-05-29 16:06:18 | 000,000,000 | R--D | C] -- C:\Users\x10\Favorites
[2013-05-29 16:06:18 | 000,000,000 | R--D | C] -- C:\Users\x10\Downloads
[2013-05-29 16:06:18 | 000,000,000 | R--D | C] -- C:\Users\x10\Documents
[2013-05-29 16:06:18 | 000,000,000 | R--D | C] -- C:\Users\x10\Desktop
[2013-05-29 16:06:18 | 000,000,000 | R--D | C] -- C:\Users\x10\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2013-05-29 16:06:18 | 000,000,000 | -HSD | C] -- C:\Users\x10\Ustawienia lokalne
[2013-05-29 16:06:18 | 000,000,000 | -HSD | C] -- C:\Users\x10\AppData\Local\Temporary Internet Files
[2013-05-29 16:06:18 | 000,000,000 | -HSD | C] -- C:\Users\x10\Szablony
[2013-05-29 16:06:18 | 000,000,000 | -HSD | C] -- C:\Users\x10\SendTo
[2013-05-29 16:06:18 | 000,000,000 | -HSD | C] -- C:\Users\x10\Recent
[2013-05-29 16:06:18 | 000,000,000 | -HSD | C] -- C:\Users\x10\PrintHood
[2013-05-29 16:06:18 | 000,000,000 | -HSD | C] -- C:\Users\x10\NetHood
[2013-05-29 16:06:18 | 000,000,000 | -HSD | C] -- C:\Users\x10\Moje dokumenty
[2013-05-29 16:06:18 | 000,000,000 | -HSD | C] -- C:\Users\x10\Menu Start
[2013-05-29 16:06:18 | 000,000,000 | -HSD | C] -- C:\Users\x10\AppData\Local\Historia
[2013-05-29 16:06:18 | 000,000,000 | -HSD | C] -- C:\Users\x10\Dane aplikacji
[2013-05-29 16:06:18 | 000,000,000 | -HSD | C] -- C:\Users\x10\AppData\Local\Dane aplikacji
[2013-05-29 16:06:18 | 000,000,000 | -HSD | C] -- C:\Users\x10\Cookies
[2013-05-29 16:06:18 | 000,000,000 | ---D | C] -- C:\Users\x10\AppData\Local\Temp
[2013-05-29 16:06:18 | 000,000,000 | ---D | C] -- C:\Users\x10\AppData\Local\Microsoft
[2013-05-29 16:06:18 | 000,000,000 | ---D | C] -- C:\Users\x10\AppData\Roaming\Media Center Programs
[2013-05-29 16:06:18 | 000,000,000 | ---D | C] -- C:\Users\x10\AppData
[2013-05-29 16:05:58 | 000,000,000 | -HSD | C] -- C:\ProgramData\Ulubione
[2013-05-29 16:05:58 | 000,000,000 | -HSD | C] -- C:\ProgramData\Szablony
[2013-05-29 16:05:58 | 000,000,000 | -HSD | C] -- C:\ProgramData\Pulpit
[2013-05-29 16:05:58 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Moje wideo
[2013-05-29 16:05:58 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Moje obrazy
[2013-05-29 16:05:58 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Moja muzyka
[2013-05-29 16:05:58 | 000,000,000 | -HSD | C] -- C:\ProgramData\Menu Start
[2013-05-29 16:05:58 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dokumenty
[2013-05-29 16:05:58 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dane aplikacji
[2013-05-29 16:05:58 | 000,000,000 | ---D | C] -- C:\Recovery
[2013-05-29 16:01:24 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2013-05-29 15:58:55 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch
[2013-05-29 15:58:33 | 000,000,000 | -HSD | C] -- C:\System Volume Information

========== Files - Modified Within 30 Days ==========

[2013-06-24 06:17:32 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\x10\Desktop\o.exe
[2013-06-24 06:12:42 | 000,001,058 | ---- | M] () -- C:\Users\Public\Desktop\Trend Micro Browser Guard v3.0 Beta.lnk
[2013-06-24 06:00:01 | 000,009,904 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013-06-24 06:00:01 | 000,009,904 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013-06-24 05:56:00 | 000,001,030 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013-06-24 05:33:00 | 000,000,930 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013-06-24 04:59:26 | 000,001,026 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013-06-24 04:57:51 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013-06-24 04:57:45 | 2411,679,744 | -HS- | M] () -- C:\hiberfil.sys
[2013-06-22 04:06:08 | 150,899,776 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2013-06-20 04:52:58 | 000,015,885 | ---- | M] () -- C:\Windows\System32\nvinfo.pb
[2013-06-20 04:49:07 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_Apfiltr_01007.Wdf
[2013-06-19 14:17:03 | 000,000,941 | ---- | M] () -- C:\Users\Public\Desktop\Winamp.lnk
[2013-06-18 22:39:15 | 000,737,480 | ---- | M] () -- C:\Windows\System32\perfh015.dat
[2013-06-18 22:39:15 | 000,651,648 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013-06-18 22:39:15 | 000,154,136 | ---- | M] () -- C:\Windows\System32\perfc015.dat
[2013-06-18 22:39:15 | 000,120,580 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2013-06-17 11:25:13 | 000,000,567 | ---- | M] () -- C:\Users\Public\Desktop\Steam.lnk
[2013-06-15 00:54:32 | 000,001,024 | ---- | M] () -- C:\Users\x10\Desktop\PhotoFiltre 7.lnk
[2013-06-14 13:15:24 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2013-06-05 14:28:00 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2013-05-29 21:21:02 | 000,267,880 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2013-05-29 17:13:05 | 000,000,017 | ---- | M] () -- C:\Users\x10\AppData\Local\resmon.resmoncfg
[2013-05-29 16:57:46 | 000,008,192 | R-S- | M] () -- C:\BOOTSECT.BAK
[2013-05-29 16:39:41 | 000,072,822 | ---- | M] () -- C:\Windows\System32\ieuinit.inf
[2013-05-29 16:02:00 | 000,067,908 | ---- | M] () -- C:\Windows\System32\license.rtf

========== Files Created - No Company Name ==========

[2013-06-24 06:12:42 | 000,001,058 | ---- | C] () -- C:\Users\Public\Desktop\Trend Micro Browser Guard v3.0 Beta.lnk
[2013-06-22 04:06:08 | 150,899,776 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2013-06-20 04:49:07 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_Apfiltr_01007.Wdf
[2013-06-19 14:17:03 | 000,000,941 | ---- | C] () -- C:\Users\Public\Desktop\Winamp.lnk
[2013-06-17 11:25:13 | 000,000,567 | ---- | C] () -- C:\Users\Public\Desktop\Steam.lnk
[2013-06-15 00:54:32 | 000,001,024 | ---- | C] () -- C:\Users\x10\Desktop\PhotoFiltre 7.lnk
[2013-06-14 13:15:24 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2013-06-14 11:40:02 | 000,000,930 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013-06-12 13:35:17 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader 9.lnk
[2013-06-05 14:28:00 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2013-06-03 09:07:50 | 000,015,885 | ---- | C] () -- C:\Windows\System32\nvinfo.pb
[2013-06-02 22:19:43 | 003,180,264 | ---- | C] () -- C:\Windows\System32\drivers\rtvienna.dat
[2013-06-02 22:19:43 | 000,449,481 | ---- | C] () -- C:\Windows\System32\drivers\RTAIODAT.DAT
[2013-05-30 18:26:52 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2013-05-30 18:26:52 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2013-05-30 18:26:52 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2013-05-30 18:26:52 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2013-05-30 18:26:52 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2013-05-30 12:21:50 | 000,001,147 | ---- | C] () -- C:\Users\x10\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GG.lnk
[2013-05-29 23:51:12 | 000,001,030 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013-05-29 23:51:12 | 000,001,026 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013-05-29 20:42:41 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
[2013-05-29 20:42:35 | 000,146,852 | ---- | C] () -- C:\Windows\System32\systemsf.ebd
[2013-05-29 20:42:32 | 000,080,896 | ---- | C] () -- C:\Windows\System32\RDVGHelper.exe
[2013-05-29 20:42:22 | 000,105,559 | ---- | C] () -- C:\Windows\System32\RacRules.xml
[2013-05-29 20:42:22 | 000,010,429 | ---- | C] () -- C:\Windows\System32\ScavengeSpace.xml
[2013-05-29 17:13:05 | 000,000,017 | ---- | C] () -- C:\Users\x10\AppData\Local\resmon.resmoncfg
[2013-05-29 16:57:46 | 000,008,192 | R-S- | C] () -- C:\BOOTSECT.BAK
[2013-05-29 16:57:44 | 000,383,786 | R-S- | C] () -- C:\bootmgr
[2013-05-29 16:43:11 | 000,000,003 | ---- | C] () -- C:\Windows\System32\drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
[2013-05-29 16:42:17 | 000,000,003 | ---- | C] () -- C:\Windows\System32\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
[2013-05-29 16:39:41 | 000,072,822 | ---- | C] () -- C:\Windows\System32\ieuinit.inf
[2013-05-29 16:07:01 | 000,001,425 | ---- | C] () -- C:\Users\x10\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2013-05-29 16:01:51 | 000,001,345 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
[2013-05-29 16:01:41 | 000,001,326 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
[2013-05-29 15:58:33 | 2411,679,744 | -HS- | C] () -- C:\hiberfil.sys

========== ZeroAccess Check ==========

[2009-07-14 06:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012-06-09 06:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010-11-20 04:19:04 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009-07-14 03:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2013-05-29 21:39:04 | 000,000,000 | ---D | M] -- C:\Users\x10\AppData\Roaming\DAEMON Tools Lite
[2013-06-23 15:10:54 | 000,000,000 | ---D | M] -- C:\Users\x10\AppData\Roaming\GanymedeNet
[2013-06-21 10:25:55 | 000,000,000 | ---D | M] -- C:\Users\x10\AppData\Roaming\GG
[2013-05-30 18:15:40 | 000,000,000 | ---D | M] -- C:\Users\x10\AppData\Roaming\Opera
[2013-06-15 01:09:22 | 000,000,000 | ---D | M] -- C:\Users\x10\AppData\Roaming\PhotoFiltre 7
[2013-05-29 22:34:43 | 000,000,000 | ---D | M] -- C:\Users\x10\AppData\Roaming\Tlen.pl

========== Purity Check ==========



========== Custom Scans ==========

< %SYSTEMDRIVE%\*.exe >

< MD5 for: EXPLORER.EXE >
[2011-02-26 07:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_54149f9ef14031fc\explorer.exe
[2009-07-14 03:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_518afd35db100430\explorer.exe
[2011-02-26 07:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_525b5180f3f95373\explorer.exe
[2009-10-31 07:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_51a66d6ddafc2ed1\explorer.exe
[2011-02-26 07:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_51a3a583dafd0cef\explorer.exe
[2010-11-20 04:17:10 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_53bc10fdd7fe87ca\explorer.exe
[2011-02-25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\erdnt\cache\explorer.exe
[2011-02-25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\explorer.exe
[2011-02-25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_5389023fd8245f84\explorer.exe
[2009-08-03 07:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_526619d4f3f142e6\explorer.exe
[2009-08-03 07:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_51e07e31dad00878\explorer.exe
[2009-10-31 08:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_52283b2af41f3691\explorer.exe

< MD5 for: QMGR.DLL >
[2009-07-14 03:16:12 | 000,589,312 | ---- | M] (Microsoft Corporation) MD5=53F476476F55A27F580661BDE09C4EC4 -- C:\Windows\winsxs\x86_microsoft-windows-bits-client_31bf3856ad364e35_6.1.7600.16385_none_23671b105ac5a0fd\qmgr.dll
[2010-11-20 04:21:00 | 000,585,728 | ---- | M] (Microsoft Corporation) MD5=E585445D5021971FAE10393F0F1C3961 -- C:\Windows\erdnt\cache\qmgr.dll
[2010-11-20 04:21:00 | 000,585,728 | ---- | M] (Microsoft Corporation) MD5=E585445D5021971FAE10393F0F1C3961 -- C:\Windows\System32\qmgr.dll
[2010-11-20 04:21:00 | 000,585,728 | ---- | M] (Microsoft Corporation) MD5=E585445D5021971FAE10393F0F1C3961 -- C:\Windows\winsxs\x86_microsoft-windows-bits-client_31bf3856ad364e35_6.1.7601.17514_none_25982ed857b42497\qmgr.dll

< MD5 for: SERVICES >
[2009-06-10 23:39:37 | 000,017,463 | ---- | M] () MD5=D9E1A01B480D961B7CF0509D597A92D6 -- C:\Windows\System32\drivers\etc\services
[2009-06-10 23:39:37 | 000,017,463 | ---- | M] () MD5=D9E1A01B480D961B7CF0509D597A92D6 -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-other_31bf3856ad364e35_6.1.7600.16385_none_045b589158ae90da\services

< MD5 for: SERVICES.EXE >
[2009-07-14 03:14:36 | 000,259,072 | ---- | M] (Microsoft Corporation) MD5=5F1B6A9C35D3D5CA72D6D6FDEF9747D6 -- C:\Windows\erdnt\cache\services.exe
[2009-07-14 03:14:36 | 000,259,072 | ---- | M] (Microsoft Corporation) MD5=5F1B6A9C35D3D5CA72D6D6FDEF9747D6 -- C:\Windows\System32\services.exe
[2009-07-14 03:14:36 | 000,259,072 | ---- | M] (Microsoft Corporation) MD5=5F1B6A9C35D3D5CA72D6D6FDEF9747D6 -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_cf36168b2e9c967b\services.exe

< MD5 for: SERVICES.EXE.MUI >
[2009-07-14 10:07:21 | 000,018,432 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\pl-PL\services.exe.mui
[2009-07-14 10:07:21 | 000,018,432 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\winsxs\x86_microsoft-windows-s..ontroller.resources_31bf3856ad364e35_6.1.7600.16385_pl-pl_691be91af5732ced\services.exe.mui

< MD5 for: SERVICES.LNK >
[2009-07-14 06:41:45 | 000,001,288 | ---- | M] () MD5=021B1B178776500E54560EDCFFE0EE21 -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk
[2009-07-14 06:41:45 | 000,001,288 | ---- | M] () MD5=021B1B178776500E54560EDCFFE0EE21 -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk

< MD5 for: SERVICES.MOF >
[2009-06-10 23:26:14 | 000,002,866 | ---- | M] () MD5=26A11C895A7F0B6D32105EBE127D8500 -- C:\Windows\System32\wbem\services.mof
[2009-06-10 23:26:14 | 000,002,866 | ---- | M] () MD5=26A11C895A7F0B6D32105EBE127D8500 -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_cf36168b2e9c967b\services.mof

< MD5 for: SERVICES.MSC >
[2009-06-10 23:21:09 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\System32\services.msc
[2009-06-10 23:21:09 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\winsxs\x86_microsoft-windows-servicessnapin_31bf3856ad364e35_6.1.7600.16385_none_cf3a38c7a70e7a54\services.msc
[2009-07-14 10:07:18 | 000,092,756 | ---- | M] () MD5=C32B37F3C50BF058FC4860267DB4CD56 -- C:\Windows\System32\pl-PL\services.msc
[2009-07-14 10:07:18 | 000,092,756 | ---- | M] () MD5=C32B37F3C50BF058FC4860267DB4CD56 -- C:\Windows\winsxs\x86_microsoft-windows-s..cessnapin.resources_31bf3856ad364e35_6.1.7600.16385_pl-pl_a35db906cbdcc6e0\services.msc

< MD5 for: SERVICES.PTXML >
[2009-07-13 22:20:01 | 000,001,061 | ---- | M] () MD5=640D7DD61B1CFA6C96F80F68F78CDFA7 -- C:\Windows\System32\wdi\perftrack\Services.ptxml
[2009-07-13 22:20:01 | 000,001,061 | ---- | M] () MD5=640D7DD61B1CFA6C96F80F68F78CDFA7 -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_cf36168b2e9c967b\Services.ptxml

< MD5 for: SVCHOST.EXE >
[2009-07-14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\erdnt\cache\svchost.exe
[2009-07-14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\System32\svchost.exe
[2009-07-14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe

< MD5 for: USERINIT.EXE >
[2010-11-20 04:17:50 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\erdnt\cache\userinit.exe
[2010-11-20 04:17:50 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\System32\userinit.exe
[2010-11-20 04:17:50 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009-07-14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe

< MD5 for: WINLOGON.EXE >
[2009-10-28 08:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_6fc699643622d177\winlogon.exe
[2009-10-28 07:52:08 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=3BABE6767C78FBF5FB8435FEED187F30 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_703394514f56f7c2\winlogon.exe
[2010-11-20 04:17:56 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\erdnt\cache\winlogon.exe
[2010-11-20 04:17:56 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\System32\winlogon.exe
[2010-11-20 04:17:56 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_71ca6b0233339500\winlogon.exe
[2009-07-14 03:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_6f99573a36451166\winlogon.exe

< HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\servic​es\BITS /s >

< HKEY_CLASSES_ROOT\CLSID\{F3130CDB-AA52-4C3A-AB32-8​5FFC23AF9C1}\InprocServer32 /s >

< HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic​es\BITS\Enum /s >

< End of report >
  • 0

Advertisements

#2
RKinner
Posted 24 June 2013 - 08:01 AM

RKinner

    Malware Expert

  • Expert
  • 24,625 posts
  • MVP
I don't see any obvious signs of a virus in the log. Let's run some other checks and see if we find anything.

Use IE and go to http://eset.com/onlinescan and click on ESET online Scanner. Accept the terms then press Start (If you get a warning from your browser tell it you want to run it).

# Check Scan Archives
# Push the Start button.
# ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
# When the scan completes, push LIST OF THREATS FOUND
# Push EXPORT TO TEXT FILE , and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
# Push the BACK button.
# Push Finish
# Once the scan is completed, you may close the window.
# Use Notepad to open the logfile located at C:\Program Files\EsetOnlineScanner\log.txt
# Copy and paste that log as a reply.


Let's also try the bitdefender quickscan.

http://quickscan.bitdefender.com/

When it finishes there is a View Report option at the bottom. Click on it and copy and paste the report (even if it says nothing found).



Right click on (My) Computer and select Manage (Continue) Then click on the arrow in front of Event Viewer. Next Click on the arrow in front of Windows Logs Right click on System and Clear Log, Clear. Repeat for Application.

Reboot.

Start, All Programs, Accessories then right click on Command Prompt and Run as Administrator. Then type (with an Enter after each line).
sfc  /scannow

(This will check your critical system files. Does it finish without complaining?)


1. Please download the Event Viewer Tool by Vino Rosso
http://images.malwar...om/vino/VEW.exe
and save it to your Desktop:
2. Right-click VEW.exe and Run AS Administrator
3. Under 'Select log to query', select:

* System
4. Under 'Select type to list', select:
* Error
* Warning


Then use the 'Number of events' as follows:


1. Click the radio button for 'Number of events'
Type 20 in the 1 to 20 box
Then click the Run button.
Notepad will open with the output log.


Please post the Output log in your next reply then repeat but select Application.

Get Process Explorer

http://live.sysinter...com/procexp.exe
Save it to your desktop then run it (Vista or Win7 - right click and Run As Administrator).

View, Select Column, check Verified Signer, OK
Options, Verify Image Signatures


Click twice on the CPU column header to sort things by CPU usage with the big hitters at the top.

Wait a minute then:

File, Save As, Save. Open the file Procexp.txt on your desktop and copy and paste the text to a reply.

Get the free version of Speccy:

http://www.filehippo...download_speccy (Look in the upper right for the Download
Latest Version button) Download, Save and Install it. Run Speccy. When it finishes (the little icon in the bottom left will stop moving), File, Save as Text File, (to your desktop) note the name it gives. OK. Open the file in notepad and delete the line that gives the serial number of your Operating System. (It will be near the top about 10 lines down.) Attach the file to your next post.



Ron
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP