Javascript Disabled Detected

You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

somethings is eating up the space on my hd [Closed]

Started by Sarvesh Govenkar , May 29 2014 12:04 PM

This topic is locked

#1
Sarvesh Govenkar

Posted 29 May 2014 - 12:04 PM

Member

Member
18 posts

hey

i have an old pc that i use for browsing and storage, its an old machine i run xp on it it has 700 mb of ram and 80 gb hard disk divided in two equal parts

i have two windows folder coz i didn't install xp properly but the machine was running smoothly and i din't have patience to go through the whole ordeal again

the trouble began when my sister plugged in a infested usb from her college since then i have been facing lots of problem, shockwave flash started to crash,chrome takes long time to boot and load,machine overall is running slow.....but the main problem is the missing space on my disk i have uninstalled all the programmes from my c drive including Microsoft office but it still is eating chunks from hard drive without any reason.

please help me i know it no due to my incompetence in installing xp because i did that in sept last year and trouble started couple of weeks ago when my sister plugged in the pendrive i don't want to install xp again or format my drive coz i have valuable data on this machine

please help thankyou

#2
emeraldnzl

Posted 29 May 2014 - 07:12 PM

GeekU Instructor

GeekU Moderator
20,051 posts

Hello Sarvesh Govenkar,

Welcome to the Malware Forum.

Please download Farbar Recovery Scan Tool from here and save it to your desktop.

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

Right click to run as administrator. When the tool opens click Yes to disclaimer.
Press Scan button.
It will produce a log called (FRST.txt) in the same directory the tool is run from.
Please copy and paste log back here.
The first time the tool is run, it makes also another log (Addition.txt). Please also paste that into your reply.

#3
Sarvesh Govenkar

Posted 30 May 2014 - 05:16 AM

Member

Topic Starter
Member
18 posts

here are the results

FRST.TXT

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:30-05-2014

Ran by sirgovernor (administrator) on COMPUTER_1 on 30-05-2014 04:08:45

Running from C:\Documents and Settings\sirgovernor\My Documents\Downloads

Platform: Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: English(US)

Internet Explorer Version 6

Boot Mode: Normal

The only official download link for FRST:

Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/

Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/

Download link from any site other than Bleeping Computer is unpermitted or outdated.

See tutorial for FRST: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(Microsoft Corporation) C:\WINDOWS.0\system32\smss.exe

(Microsoft Corporation) C:\WINDOWS.0\system32\csrss.exe

(Microsoft Corporation) C:\WINDOWS.0\system32\winlogon.exe

(Microsoft Corporation) C:\WINDOWS.0\system32\services.exe

(Microsoft Corporation) C:\WINDOWS.0\system32\lsass.exe

(Microsoft Corporation) C:\WINDOWS.0\system32\svchost.exe

(Microsoft Corporation) C:\WINDOWS.0\explorer.exe

(Microsoft Corporation) C:\WINDOWS.0\system32\spoolsv.exe

(S3 Graphics, Inc.) C:\WINDOWS.0\system32\VTTimer.exe

(Microsoft Corporation) C:\WINDOWS.0\system32\ctfmon.exe

(eLitecore Technologies Ltd.) C:\Program Files\eLitecore\Cyberoam Client for 24Online\CyberoamClient.exe

(Microsoft Corporation) C:\WINDOWS.0\system32\svchost.exe

(Microsoft Corporation) C:\WINDOWS.0\system32\alg.exe

(Microsoft Corporation) C:\WINDOWS.0\system32\wscntfy.exe

(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe

(Microsoft Corporation) C:\Program Files\Windows Media Player\wmplayer.exe

(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe

(Microsoft Corporation) C:\WINDOWS.0\system32\wbem\wmiprvse.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [SMSERIAL] => sm56hlpr.exe

HKLM\...\Run: [VTTimer] => C:\WINDOWS.0\system32\VTTimer.exe [53248 2006-09-14] (S3 Graphics, Inc.)

HKLM\...\Run: [VTTrayp] => C:\WINDOWS.0\system32\VTtrayp.exe [176128 2007-04-25] (S3 Graphics Co., Ltd.)

HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [499608 2011-03-15] (Adobe Systems Incorporated)

HKLM\...\Run: [SwitchBoard] => C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)

HKLM\...\Run: [AdobeCS5.5ServiceManager] => C:\Program Files\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe [1523360 2011-01-12] (Adobe Systems Incorporated)

HKLM\...\Run: [Adobe Reader Speed Launcher] => C:\Documents and Settings\sirgovernor\Application Data\service838.exe [0 ] ()

HKLM\...\Run: [avgnt] => D:\software\New Folder\Avira\AntiVir PersonalEdition Classic\avgnt.exe [266497 2008-06-12] (Avira GmbH)

HKLM\...\Winlogon: [Userinit] C:\WINDOWS.0\system32\userinit.exe,

Winlogon\Notify\crypt32chain: C:\WINDOWS.0\system32\crypt32.dll (Microsoft Corporation)

Winlogon\Notify\cryptnet: C:\WINDOWS.0\system32\cryptnet.dll (Microsoft Corporation)

Winlogon\Notify\cscdll: C:\WINDOWS.0\system32\cscdll.dll (Microsoft Corporation)

Winlogon\Notify\dimsntfy: C:\WINDOWS.0\System32\dimsntfy.dll (Microsoft Corporation)

Winlogon\Notify\ScCertProp: C:\WINDOWS.0\system32\wlnotify.dll (Microsoft Corporation)

Winlogon\Notify\Schedule: C:\WINDOWS.0\system32\wlnotify.dll (Microsoft Corporation)

Winlogon\Notify\sclgntfy: C:\WINDOWS.0\system32\sclgntfy.dll (Microsoft Corporation)

Winlogon\Notify\SensLogn: C:\WINDOWS.0\system32\WlNotify.dll (Microsoft Corporation)

Winlogon\Notify\termsrv: C:\WINDOWS.0\system32\wlnotify.dll (Microsoft Corporation)

Winlogon\Notify\wlballoon: C:\WINDOWS.0\system32\wlnotify.dll (Microsoft Corporation)

HKU\S-1-5-21-854245398-651377827-1417001333-1003\...\Run: [DriverUpdate] => C:\Program Files\DriverUpdate\DriverUpdate.exe [34220352 2013-06-22] (SlimWare Utilities, Inc.)

HKU\S-1-5-21-854245398-651377827-1417001333-1003\...\Run: [Nokia.PCSync] => "C:\Program Files\Nokia\Nokia PC Suite 7\PcSync2.exe" /NoDialog

HKU\S-1-5-21-854245398-651377827-1417001333-1003\...\Run: [MSMSGS] => C:\Program Files\Messenger\msmsgs.exe [1695232 2008-04-14] (Microsoft Corporation)

HKU\S-1-5-21-854245398-651377827-1417001333-1003\...\Run: [uTorrent] => C:\Program Files\uTorrent\uTorrent.exe [1051984 2013-02-15] (BitTorrent Inc.)

HKU\S-1-5-21-854245398-651377827-1417001333-1003\...\Run: [SpeedUpMyComputer] => C:\Program Files\SmartTweak\SpeedUpMyComputer\SpeedUpMyComputer.exe /ot /as /ss

HKU\S-1-5-21-854245398-651377827-1417001333-1003\...\Run: [FixMyRegistry] => C:\Program Files\SmartTweak\FixMyRegistry\FixMyRegistry.exe /ot /as /ss

HKU\S-1-5-21-854245398-651377827-1417001333-1003\...\Run: [AdobeBridge] => [X]

HKU\S-1-5-21-854245398-651377827-1417001333-1003\...\Run: [ctfmon.exe] => C:\WINDOWS.0\system32\ctfmon.exe [15360 2013-09-19] (Microsoft Corporation)

HKU\S-1-5-21-854245398-651377827-1417001333-1003\...\Run: [DownloadAccelerator] => C:\Program Files\DAP\DAP.EXE [3865232 2014-03-30] (Speedbit Ltd.)

HKU\S-1-5-21-854245398-651377827-1417001333-1003\...\MountPoints2: {5af27ac5-b33a-11e3-b498-0019db4826db} - E:\AdobeReader\DSCI5271.jpg

HKU\S-1-5-21-854245398-651377827-1417001333-1003\...\MountPoints2: {5af27ac6-b33a-11e3-b498-0019db4826db} - E:\AdobeReader\DSCI5271.jpg

HKU\S-1-5-21-854245398-651377827-1417001333-1003\...\MountPoints2: {bef55d3c-28cc-11e3-b2a2-0019db4826db} - G:\AdobeReader\DSCI5271.jpg

HKU\S-1-5-21-854245398-651377827-1417001333-1003\...\MountPoints2: {c69fd042-2261-11e3-8800-806d6172696f} - E:\setup.exe

Startup: C:\Documents and Settings\All Users.WINDOWS.0\Start Menu\Programs\Startup\24Online Client.lnk

ShortcutTarget: 24Online Client.lnk -> C:\Program Files\eLitecore\Cyberoam Client for 24Online\CyberoamClient.exe (eLitecore Technologies Ltd.)

Startup: C:\Documents and Settings\All Users.WINDOWS.0\Start Menu\Programs\Startup\24Online Client.lnk

ShortcutTarget: 24Online Client.lnk -> C:\Program Files\eLitecore\Cyberoam Client for 24Online\CyberoamClient.exe (eLitecore Technologies Ltd.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS.0\system32\blank.htm

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.mysearc...r=173075283&ir=

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...=ie&ar=iesearch

HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm

HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft...er=6&ar=msnhome

HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft...=ie&ar=iesearch

HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...=ie&ar=iesearch

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.mysearc...r=173075283&ir=

SearchScopes: HKLM - DefaultScope {77AA745B-F4F8-45DA-9B14-61D2D95054C8} URL = http://start.mysearc...r=173075283&ir=

SearchScopes: HKLM - {77AA745B-F4F8-45DA-9B14-61D2D95054C8} URL = http://start.mysearc...r=173075283&ir=

SearchScopes: HKCU - DefaultScope {77AA745B-F4F8-45DA-9B14-61D2D95054C8} URL = http://start.mysearc...r=173075283&ir=

SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = http://mixidj.delta-...121136&tsp=5013

SearchScopes: HKCU - {171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} URL =

SearchScopes: HKCU - {77AA745B-F4F8-45DA-9B14-61D2D95054C8} URL = http://start.mysearc...r=173075283&ir=

BHO: VVaudix - {98898815-4934-26AA-AB4A-D423D3942377} - C:\Program Files\VVaudix\Q14pE.dll ()

BHO: DealPly Shopping - {ae48ed75-5a56-4c5f-bbce-6f1ac3875f66} - C:\Program Files\DealPly\DealPlyIE.dll (DealPly)

BHO: SpeedBit Link Verification Helper - {D5974A72-C81C-4DC3-BE77-A8A7BBC8864E} - C:\Program Files\DAP\LinkVerifier.dll (Speedbit Ltd.)

BHO: mysearchdial Helper Object - {EF5625A3-37AB-4BDB-9875-2A3D91CD0DFD} - C:\Program Files\Mysearchdial\1.8.21.0\bh\mysearchdial.dll (MySearchDial)

Toolbar: HKLM - mysearchdial Toolbar - {3004627E-F8E9-4E8B-909D-316753CBA923} - C:\Program Files\Mysearchdial\1.8.21.0\mysearchdialTlbr.dll (MySearchDial)

Toolbar: HKCU - &Address - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS.0\system32\browseui.dll (Microsoft Corporation)

Toolbar: HKCU - &Links - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS.0\system32\SHELL32.dll (Microsoft Corporation)

Toolbar: HKCU - No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} - No File

Handler: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS.0\system32\urlmon.dll (Microsoft Corporation)

Handler: sysimage - {76E67A63-06E9-11D2-A840-006008059382} - C:\WINDOWS.0\system32\mshtml.dll (Microsoft Corporation)

Handler: wia - {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} - C:\WINDOWS.0\system32\wiascr.dll (Microsoft Corporation)

Filter: Class Install Handler - {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} - C:\WINDOWS.0\system32\urlmon.dll (Microsoft Corporation)

Filter: lzdhtml - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS.0\system32\urlmon.dll (Microsoft Corporation)

Filter: text/webviewhtml - {733AC4CB-F1A4-11d0-B951-00A0C90312E1} - C:\WINDOWS.0\system32\SHELL32.dll (Microsoft Corporation)

ShellExecuteHooks: URL Exec Hook - {AEB6717E-7E19-11d0-97EE-00C04FD91972} - C:\WINDOWS.0\system32\shell32.dll [8461312 2013-09-19] (Microsoft Corporation)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt

Tcpip\..\Interfaces\{EA8D39BD-BEAE-413C-92DB-02D30F03F612}: [NameServer]202.88.130.15,202.88.130.67

FireFox:

========

FF ProfilePath: C:\Documents and Settings\sirgovernor\Application Data\Mozilla\Firefox\Profiles\b24issf2.default

FF SelectedSearchEngine: Google

FF Homepage: hxxp://www.google.com

FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS.0\system32\Macromed\Flash\NPSWF32_13_0_0_214.dll ()

FF Plugin: @tools.dpliveupdate.com/DealPlyLive Update;version=3 - C:\Program Files\DealPlyLive\Update\1.3.23.0\npGoogleUpdate3.dll (DealPly Technologies Ltd)

FF Plugin: @tools.dpliveupdate.com/DealPlyLive Update;version=9 - C:\Program Files\DealPlyLive\Update\1.3.23.0\npGoogleUpdate3.dll (DealPly Technologies Ltd)

FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)

FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)

FF SearchPlugin: C:\Documents and Settings\sirgovernor\Application Data\Mozilla\Firefox\Profiles\b24issf2.default\searchplugins\conduit-search.xml

FF SearchPlugin: C:\Documents and Settings\sirgovernor\Application Data\Mozilla\Firefox\Profiles\b24issf2.default\searchplugins\trovi-search.xml

FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazon-en-GB.xml

FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\chambers-en-GB.xml

FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-en-GB.xml

FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-en-GB.xml

FF Extension: Vauudix - C:\Documents and Settings\sirgovernor\Application Data\Mozilla\Firefox\Profiles\b24issf2.default\Extensions\[email protected] [2013-11-19]

FF Extension: EPUBReader - C:\Documents and Settings\sirgovernor\Application Data\Mozilla\Firefox\Profiles\b24issf2.default\Extensions\{5384767E-00D9-40E9-B72F-9CC39D655D6F} [2014-01-19]

FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files\DAP\daplinkchecker

FF Extension: DAP Link Checker - C:\Program Files\DAP\daplinkchecker [2014-03-30]

FF HKCU\...\Firefox\Extensions: [{F17C1572-C9EC-4e5c-A542-D05CBB5C5A08}] - C:\Program Files\DAP\DAPFireFox

FF Extension: Download Accelerator Plus (DAP) extension - C:\Program Files\DAP\DAPFireFox [2013-05-14]

Chrome:

=======

CHR HomePage: hxxp://www.google.com/

CHR StartupUrls: "hxxp://mixidj.delta-search.com/?babsrc=HP_ss&mntrId=2C4B0019DB4826DB&affID=121136&tsp=5013", "hxxp://www.google.com"

CHR DefaultSearchKeyword: google.co.in

CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\35.0.1916.114\PepperFlash\pepflashplayer.dll ()

CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer

CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\35.0.1916.114\ppGoogleNaClPluginChrome.dll ()

CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\35.0.1916.114\pdf.dll ()

CHR Plugin: (Microsoft DRM) - C:\Program Files\Windows Media Player\npdrmv2.dll (Microsoft Corporation)

CHR Plugin: (Windows Media Player Plug-in Dynamic Link Library) - C:\Program Files\Windows Media Player\npdsplay.dll (Microsoft Corporation (written by Digital Renaissance Inc.))

CHR Plugin: (Microsoft DRM) - C:\Program Files\Windows Media Player\npwmsdrm.dll (Microsoft Corporation)

CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.69\npGoogleUpdate3.dll No File

CHR Extension: (Google Docs) - C:\Documents and Settings\sirgovernor\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-09-21]

CHR Extension: (Google Drive) - C:\Documents and Settings\sirgovernor\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-09-21]

CHR Extension: (YouTube) - C:\Documents and Settings\sirgovernor\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-09-21]

CHR Extension: (Kingdom Rush) - C:\Documents and Settings\sirgovernor\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ckmfhhjalnddapegkbbohfaodgbnocim [2014-01-21]

CHR Extension: (Google Search) - C:\Documents and Settings\sirgovernor\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-09-21]

CHR Extension: (Download Accelerator Plus (DAP)) - C:\Documents and Settings\sirgovernor\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ffdcfjdljhbehggjdkdioajnknjcpbjb [2014-03-30]

CHR Extension: (Disable Image Auto-Resize) - C:\Documents and Settings\sirgovernor\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\moddnadogdmplfabcifkcmdhlkkijkak [2014-01-23]

CHR Extension: (Google Wallet) - C:\Documents and Settings\sirgovernor\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-21]

CHR Extension: (Marc Ecko) - C:\Documents and Settings\sirgovernor\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\opjonmehjfmkejjifhhknofdnacklmjk [2014-01-24]

CHR Extension: (Gmail) - C:\Documents and Settings\sirgovernor\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-09-21]

CHR HKLM\...\Chrome\Extension: [eiimolhnbbbdagljikeckdkldgemmmlj] - C:\Program Files\lucky leap\eiimolhnbbbdagljikeckdkldgemmmlj.crx [2013-08-29]

CHR HKLM\...\Chrome\Extension: [ffdcfjdljhbehggjdkdioajnknjcpbjb] - C:\Program Files\DAP\DAPChrome\DAPChrome6.crx [2014-03-30]

CHR HKLM\...\Chrome\Extension: [mphpbdjcljebbcnfopfngmfdackbbdgf] - C:\Program Files\DealPly\DealPly.crx [2013-09-24]

========================== Services (Whitelisted) =================

S3 AdobeFlashPlayerUpdateSvc; C:\WINDOWS.0\system32\Macromed\Flash\FlashPlayerUpdateService.exe [257712 2014-05-14] (Adobe Systems Incorporated)

S4 Alerter; C:\WINDOWS.0\system32\alrsvc.dll [17408 2013-09-19] (Microsoft Corporation)

R3 ALG; C:\WINDOWS.0\System32\alg.exe [44544 2013-09-19] (Microsoft Corporation)

S2 AntiVirScheduler; D:\software\New Folder\Avira\AntiVir PersonalEdition Classic\sched.exe [68865 2008-06-12] (Avira GmbH)

S2 AntiVirService; D:\software\New Folder\Avira\AntiVir PersonalEdition Classic\avguard.exe [149761 2008-08-07] (Avira GmbH)

S3 AppMgmt; C:\WINDOWS.0\System32\appmgmts.dll [167936 2013-09-19] (Microsoft Corporation)

R2 AudioSrv; C:\WINDOWS.0\System32\audiosrv.dll [42496 2013-09-19] (Microsoft Corporation)

R2 BITS; C:\WINDOWS.0\system32\qmgr.dll [409088 2013-09-19] (Microsoft Corporation)

R2 Browser; C:\WINDOWS.0\System32\browser.dll [77824 2013-09-19] (Microsoft Corporation)

S3 CiSvc; C:\WINDOWS.0\system32\cisvc.exe [5632 2013-09-19] (Microsoft Corporation)

S4 ClipSrv; C:\WINDOWS.0\system32\clipsrv.exe [33280 2013-09-19] (Microsoft Corporation)

S3 COMSysApp; C:\WINDOWS.0\system32\dllhost.exe [5120 2013-09-19] (Microsoft Corporation)

R2 CryptSvc; C:\WINDOWS.0\System32\cryptsvc.dll [62464 2013-09-19] (Microsoft Corporation)

R2 DcomLaunch; C:\WINDOWS.0\system32\rpcss.dll [399360 2013-09-19] (Microsoft Corporation)

S2 dealplylive; C:\Program Files\DealPlyLive\Update\DealPlyLive.exe [148000 2013-09-24] (DealPly Technologies Ltd)

S3 dealplylivem; C:\Program Files\DealPlyLive\Update\DealPlyLive.exe [148000 2013-09-24] (DealPly Technologies Ltd)

R2 Dhcp; C:\WINDOWS.0\System32\dhcpcsvc.dll [126976 2013-09-19] (Microsoft Corporation)

S3 dmadmin; C:\WINDOWS.0\System32\dmadmin.exe [224768 2013-09-19] (Microsoft Corp., Veritas Software)

R2 dmserver; C:\WINDOWS.0\System32\dmserver.dll [23552 2013-09-19] (Microsoft Corp.)

R2 Dnscache; C:\WINDOWS.0\System32\dnsrslvr.dll [45568 2013-09-19] (Microsoft Corporation)

S3 Dot3svc; C:\WINDOWS.0\System32\dot3svc.dll [132096 2013-09-19] (Microsoft Corporation)

S3 EapHost; C:\WINDOWS.0\System32\eapsvc.dll [33792 2013-09-19] (Microsoft Corporation)

R2 ERSvc; C:\WINDOWS.0\System32\ersvc.dll [23040 2013-09-19] (Microsoft Corporation)

R2 Eventlog; C:\WINDOWS.0\system32\services.exe [108544 2013-09-19] (Microsoft Corporation)

R3 EventSystem; C:\WINDOWS.0\system32\es.dll [246272 2013-09-19] (Microsoft Corporation)

R3 FastUserSwitchingCompatibility; C:\WINDOWS.0\System32\shsvcs.dll [135168 2013-09-19] (Microsoft Corporation)

R2 helpsvc; C:\WINDOWS.0\PCHealth\HelpCtr\Binaries\pchsvc.dll [38400 2013-09-19] (Microsoft Corporation)

S3 hkmsvc; C:\WINDOWS.0\System32\kmsvc.dll [61440 2013-09-19] (Microsoft Corporation)

S3 HTTPFilter; C:\WINDOWS.0\System32\w3ssl.dll [15872 2013-09-19] (Microsoft Corporation)

S3 ImapiService; C:\WINDOWS.0\system32\imapi.exe [150528 2013-09-19] (Microsoft Corporation)

R2 LanmanServer; C:\WINDOWS.0\System32\srvsvc.dll [96768 2013-09-19] (Microsoft Corporation)

R2 lanmanworkstation; C:\WINDOWS.0\System32\wkssvc.dll [132096 2013-09-19] (Microsoft Corporation)

R2 LmHosts; C:\WINDOWS.0\System32\lmhsvc.dll [13824 2013-09-19] (Microsoft Corporation)

S4 Messenger; C:\WINDOWS.0\System32\msgsvc.dll [33792 2013-09-19] (Microsoft Corporation)

S3 mnmsrvc; C:\WINDOWS.0\system32\mnmsrvc.exe [32768 2013-09-19] (Microsoft Corporation)

S3 MSDTC; C:\WINDOWS.0\system32\msdtc.exe [6144 2013-09-19] (Microsoft Corporation)

S3 MSIServer; C:\WINDOWS.0\System32\msiexec.exe [78848 2013-09-19] (Microsoft Corporation)

S3 napagent; C:\WINDOWS.0\System32\qagentrt.dll [291328 2013-09-19] (Microsoft Corporation)

S4 NetDDE; C:\WINDOWS.0\system32\netdde.exe [111104 2013-09-19] (Microsoft Corporation)

S4 NetDDEdsdm; C:\WINDOWS.0\system32\netdde.exe [111104 2013-09-19] (Microsoft Corporation)

S3 Netlogon; C:\WINDOWS.0\system32\lsass.exe [13312 2013-09-19] (Microsoft Corporation)

R3 Netman; C:\WINDOWS.0\System32\netman.dll [198144 2013-09-19] (Microsoft Corporation)

R3 Nla; C:\WINDOWS.0\System32\mswsock.dll [245248 2013-09-19] (Microsoft Corporation)

S3 NtLmSsp; C:\WINDOWS.0\system32\lsass.exe [13312 2013-09-19] (Microsoft Corporation)

S3 NtmsSvc; C:\WINDOWS.0\system32\ntmssvc.dll [435200 2013-09-19] (Microsoft Corporation)

R2 PlugPlay; C:\WINDOWS.0\system32\services.exe [108544 2013-09-19] (Microsoft Corporation)

R2 PolicyAgent; C:\WINDOWS.0\system32\lsass.exe [13312 2013-09-19] (Microsoft Corporation)

R2 ProtectedStorage; C:\WINDOWS.0\system32\lsass.exe [13312 2013-09-19] (Microsoft Corporation)

S3 RasAuto; C:\WINDOWS.0\System32\rasauto.dll [88576 2013-09-19] (Microsoft Corporation)

S3 RasMan; C:\WINDOWS.0\System32\rasmans.dll [186368 2013-09-19] (Microsoft Corporation)

S3 RDSessMgr; C:\WINDOWS.0\system32\sessmgr.exe [141312 2013-09-19] (Microsoft Corporation)

S4 RemoteAccess; C:\WINDOWS.0\System32\mprdim.dll [53248 2013-09-19] (Microsoft Corporation)

R2 RemoteRegistry; C:\WINDOWS.0\system32\regsvc.dll [59904 2013-09-19] (Microsoft Corporation)

S3 RpcLocator; C:\WINDOWS.0\system32\locator.exe [75264 2013-09-19] (Microsoft Corporation)

R2 RpcSs; C:\WINDOWS.0\system32\rpcss.dll [399360 2013-09-19] (Microsoft Corporation)

S3 RSVP; C:\WINDOWS.0\system32\rsvp.exe [132608 2013-09-19] (Microsoft Corporation)

R2 SamSs; C:\WINDOWS.0\system32\lsass.exe [13312 2013-09-19] (Microsoft Corporation)

S3 SCardSvr; C:\WINDOWS.0\System32\SCardSvr.exe [95744 2013-09-19] (Microsoft Corporation)

R2 Schedule; C:\WINDOWS.0\system32\schedsvc.dll [192512 2013-09-19] (Microsoft Corporation)

R2 seclogon; C:\WINDOWS.0\System32\seclogon.dll [18944 2013-09-19] (Microsoft Corporation)

R2 SENS; C:\WINDOWS.0\system32\sens.dll [39424 2013-09-19] (Microsoft Corporation)

R2 SharedAccess; C:\WINDOWS.0\System32\ipnathlp.dll [331264 2013-09-19] (Microsoft Corporation)

R2 ShellHWDetection; C:\WINDOWS.0\System32\shsvcs.dll [135168 2013-09-19] (Microsoft Corporation)

R2 Spooler; C:\WINDOWS.0\system32\spoolsv.exe [57856 2013-09-19] (Microsoft Corporation)

R2 srservice; C:\WINDOWS.0\system32\srsvc.dll [171008 2013-09-19] (Microsoft Corporation)

R3 SSDPSRV; C:\WINDOWS.0\System32\ssdpsrv.dll [71680 2013-09-19] (Microsoft Corporation)

R2 stisvc; C:\WINDOWS.0\system32\wiaservc.dll [333824 2013-09-19] (Microsoft Corporation)

S3 SwPrv; C:\WINDOWS.0\system32\dllhost.exe [5120 2013-09-19] (Microsoft Corporation)

S3 SysmonLog; C:\WINDOWS.0\system32\smlogsvc.exe [89600 2013-09-19] (Microsoft Corporation)

S3 TapiSrv; C:\WINDOWS.0\System32\tapisrv.dll [249856 2013-09-19] (Microsoft Corporation)

R3 TermService; C:\WINDOWS.0\System32\termsrv.dll [295424 2013-09-19] (Microsoft Corporation)

R2 Themes; C:\WINDOWS.0\System32\shsvcs.dll [135168 2013-09-19] (Microsoft Corporation)

S4 TlntSvr; C:\WINDOWS.0\system32\tlntsvr.exe [73216 2013-09-19] (Microsoft Corporation)

R2 TrkWks; C:\WINDOWS.0\system32\trkwks.dll [90112 2013-09-19] (Microsoft Corporation)

S3 upnphost; C:\WINDOWS.0\System32\upnphost.dll [185856 2013-09-19] (Microsoft Corporation)

S3 UPS; C:\WINDOWS.0\System32\ups.exe [18432 2013-09-19] (Microsoft Corporation)

S3 VSS; C:\WINDOWS.0\System32\vssvc.exe [289792 2013-09-19] (Microsoft Corporation)

R2 W32Time; C:\WINDOWS.0\system32\w32time.dll [175104 2013-09-19] (Microsoft Corporation)

R2 WebClient; C:\WINDOWS.0\System32\webclnt.dll [68096 2013-09-19] (Microsoft Corporation)

R2 winmgmt; C:\WINDOWS.0\system32\wbem\WMIsvc.dll [144896 2013-09-19] (Microsoft Corporation)

S3 WmdmPmSN; C:\WINDOWS.0\system32\mspmsnsv.dll [52224 2013-09-19] (Microsoft Corporation)

S3 Wmi; C:\WINDOWS.0\System32\advapi32.dll [617472 2013-09-19] (Microsoft Corporation)

S3 WmiApSrv; C:\WINDOWS.0\system32\wbem\wmiapsrv.exe [126464 2013-09-19] (Microsoft Corporation)

R2 wscsvc; C:\WINDOWS.0\system32\wscsvc.dll [80896 2013-09-19] (Microsoft Corporation)

R2 wuauserv; C:\WINDOWS.0\system32\wuauserv.dll [6656 2013-09-19] (Microsoft Corporation)

R2 WZCSVC; C:\WINDOWS.0\System32\wzcsvc.dll [483840 2013-09-19] (Microsoft Corporation)

S3 xmlprov; C:\WINDOWS.0\System32\xmlprov.dll [129024 2013-09-19] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

R0 ACPI; C:\WINDOWS.0\System32\DRIVERS\ACPI.sys [187776 2013-09-19] (Microsoft Corporation)

S4 ACPIEC; C:\WINDOWS.0\system32\Drivers\ACPIEC.sys [11648 2013-09-19] (Microsoft Corporation)

S3 aec; C:\WINDOWS.0\System32\drivers\aec.sys [142592 2008-04-13] (Microsoft Corporation)

R1 AFD; C:\WINDOWS.0\System32\drivers\afd.sys [138112 2013-09-19] (Microsoft Corporation)

S3 AsyncMac; C:\WINDOWS.0\System32\DRIVERS\asyncmac.sys [14336 2013-09-19] (Microsoft Corporation)

R0 atapi; C:\WINDOWS.0\System32\DRIVERS\atapi.sys [96512 2013-09-19] (Microsoft Corporation)

S3 Atmarpc; C:\WINDOWS.0\System32\DRIVERS\atmarpc.sys [59904 2013-09-19] (Microsoft Corporation)

R3 audstub; C:\WINDOWS.0\System32\DRIVERS\audstub.sys [3072 2001-08-17] (Microsoft Corporation)

R1 avgio; D:\software\New Folder\Avira\AntiVir PersonalEdition Classic\avgio.sys [11840 2007-02-27] (Avira GmbH)

S3 avgntflt; D:\software\New Folder\Avira\AntiVir PersonalEdition Classic\avgntflt.sys [52032 2008-05-20] (Avira GmbH)

R1 avipbb; C:\WINDOWS.0\System32\DRIVERS\avipbb.sys [75072 2008-06-27] (Avira GmbH)

R1 Beep; C:\WINDOWS.0\system32\Drivers\Beep.sys [4224 2013-09-19] (Microsoft Corporation)

S4 cbidf2k; C:\WINDOWS.0\system32\Drivers\cbidf2k.sys [13952 2013-09-19] (Microsoft Corporation)

S1 Cdaudio; C:\WINDOWS.0\system32\Drivers\Cdaudio.sys [18688 2013-09-19] (Microsoft Corporation)

S4 Cdfs; C:\WINDOWS.0\system32\Drivers\Cdfs.sys [63744 2013-09-19] (Microsoft Corporation)

S1 Cdrom; C:\WINDOWS.0\System32\DRIVERS\cdrom.sys [62976 2013-09-19] (Microsoft Corporation)

R0 Disk; C:\WINDOWS.0\System32\DRIVERS\disk.sys [36352 2013-09-19] (Microsoft Corporation)

S4 dmboot; C:\WINDOWS.0\System32\drivers\dmboot.sys [799744 2013-09-19] (Microsoft Corp., Veritas Software)

R0 dmio; C:\WINDOWS.0\System32\drivers\dmio.sys [153344 2013-09-19] (Microsoft Corp., Veritas Software)

R0 dmload; C:\WINDOWS.0\System32\drivers\dmload.sys [5888 2013-09-19] (Microsoft Corp., Veritas Software.)

S3 DMusic; C:\WINDOWS.0\System32\drivers\DMusic.sys [52864 2008-04-14] (Microsoft Corporation)

S3 drmkaud; C:\WINDOWS.0\System32\drivers\drmkaud.sys [2944 2008-04-14] (Microsoft Corporation)

R4 Fastfat; C:\WINDOWS.0\system32\Drivers\Fastfat.sys [143744 2013-09-19] (Microsoft Corporation)

R3 Fdc; C:\WINDOWS.0\System32\DRIVERS\fdc.sys [27392 2013-09-19] (Microsoft Corporation)

R3 FETNDIS; C:\WINDOWS.0\System32\DRIVERS\fetnd5.sys [27165 2001-08-17] (VIA Technologies, Inc. )

R1 Fips; C:\WINDOWS.0\system32\Drivers\Fips.sys [44544 2013-09-19] (Microsoft Corporation)

S1 Flpydisk; C:\WINDOWS.0\system32\Drivers\Flpydisk.sys [20480 2013-09-19] (Microsoft Corporation)

R0 FltMgr; C:\WINDOWS.0\System32\DRIVERS\fltMgr.sys [129792 2013-09-19] (Microsoft Corporation)

U1 Fs_Rec; C:\WINDOWS.0\system32\Drivers\Fs_Rec.sys [7936 2013-09-19] (Microsoft Corporation)

R0 Ftdisk; C:\WINDOWS.0\System32\DRIVERS\ftdisk.sys [125056 2013-09-19] (Microsoft Corporation)

R0 gagp30kx; C:\WINDOWS.0\System32\DRIVERS\gagp30kx.sys [46464 2008-04-13] (Microsoft Corporation)

R3 Gpc; C:\WINDOWS.0\System32\DRIVERS\msgpc.sys [35072 2013-09-19] (Microsoft Corporation)

R3 HTTP; C:\WINDOWS.0\System32\Drivers\HTTP.sys [264832 2013-09-19] (Microsoft Corporation)

R1 i8042prt; C:\WINDOWS.0\System32\DRIVERS\i8042prt.sys [52480 2013-09-19] (Microsoft Corporation)

S1 Imapi; C:\WINDOWS.0\System32\DRIVERS\imapi.sys [42112 2013-09-19] (Microsoft Corporation)

S3 Ip6Fw; C:\WINDOWS.0\System32\DRIVERS\Ip6Fw.sys [36608 2013-09-19] (Microsoft Corporation)

S3 IpFilterDriver; C:\WINDOWS.0\System32\DRIVERS\ipfltdrv.sys [32896 2013-09-19] (Microsoft Corporation)

S3 IpInIp; C:\WINDOWS.0\System32\DRIVERS\ipinip.sys [20864 2013-09-19] (Microsoft Corporation)

R3 IpNat; C:\WINDOWS.0\System32\DRIVERS\ipnat.sys [152832 2013-09-19] (Microsoft Corporation)

R1 IPSec; C:\WINDOWS.0\System32\DRIVERS\ipsec.sys [75264 2013-09-19] (Microsoft Corporation)

S3 IRENUM; C:\WINDOWS.0\System32\DRIVERS\irenum.sys [11264 2013-09-19] (Microsoft Corporation)

R0 isapnp; C:\WINDOWS.0\System32\DRIVERS\isapnp.sys [37248 2013-09-19] (Microsoft Corporation)

R1 Kbdclass; C:\WINDOWS.0\System32\DRIVERS\kbdclass.sys [24576 2013-09-19] (Microsoft Corporation)

R3 kmixer; C:\WINDOWS.0\System32\drivers\kmixer.sys [172416 2008-04-14] (Microsoft Corporation)

R0 KSecDD; C:\WINDOWS.0\system32\Drivers\KSecDD.sys [92288 2013-09-19] (Microsoft Corporation)

R1 mnmdd; C:\WINDOWS.0\system32\Drivers\mnmdd.sys [4224 2013-09-19] (Microsoft Corporation)

S3 Modem; C:\WINDOWS.0\system32\Drivers\Modem.sys [30080 2013-09-19] (Microsoft Corporation)

R1 Mouclass; C:\WINDOWS.0\System32\DRIVERS\mouclass.sys [23040 2013-09-19] (Microsoft Corporation)

R0 MountMgr; C:\WINDOWS.0\system32\Drivers\MountMgr.sys [42368 2013-09-19] (Microsoft Corporation)

R3 MRxDAV; C:\WINDOWS.0\System32\DRIVERS\mrxdav.sys [180608 2013-09-19] (Microsoft Corporation)

R1 MRxSmb; C:\WINDOWS.0\System32\DRIVERS\mrxsmb.sys [456576 2013-09-19] (Microsoft Corporation)

R1 Msfs; C:\WINDOWS.0\system32\Drivers\Msfs.sys [19072 2013-09-19] (Microsoft Corporation)

S3 MSKSSRV; C:\WINDOWS.0\System32\drivers\MSKSSRV.sys [7552 2008-04-14] (Microsoft Corporation)

S3 MSPCLOCK; C:\WINDOWS.0\System32\drivers\MSPCLOCK.sys [5376 2008-04-14] (Microsoft Corporation)

S3 MSPQM; C:\WINDOWS.0\System32\drivers\MSPQM.sys [4992 2008-04-14] (Microsoft Corporation)

R3 mssmbios; C:\WINDOWS.0\System32\DRIVERS\mssmbios.sys [15488 2013-09-19] (Microsoft Corporation)

R0 Mup; C:\WINDOWS.0\system32\Drivers\Mup.sys [105344 2013-09-19] (Microsoft Corporation)

R0 NDIS; C:\WINDOWS.0\system32\Drivers\NDIS.sys [182656 2013-09-19] (Microsoft Corporation)

R3 NdisTapi; C:\WINDOWS.0\System32\DRIVERS\ndistapi.sys [10112 2013-09-19] (Microsoft Corporation)

R3 Ndisuio; C:\WINDOWS.0\System32\DRIVERS\ndisuio.sys [14592 2013-09-19] (Microsoft Corporation)

R3 NdisWan; C:\WINDOWS.0\System32\DRIVERS\ndiswan.sys [91520 2013-09-19] (Microsoft Corporation)

R3 NDProxy; C:\WINDOWS.0\system32\Drivers\NDProxy.sys [40576 2013-09-19] (Microsoft Corporation)

R1 NetBIOS; C:\WINDOWS.0\System32\DRIVERS\netbios.sys [34688 2013-09-19] (Microsoft Corporation)

R1 NetBT; C:\WINDOWS.0\System32\DRIVERS\netbt.sys [162816 2013-09-19] (Microsoft Corporation)

R1 Npfs; C:\WINDOWS.0\system32\Drivers\Npfs.sys [30848 2013-09-19] (Microsoft Corporation)

R4 Ntfs; C:\WINDOWS.0\system32\Drivers\Ntfs.sys [574976 2013-09-19] (Microsoft Corporation)

R1 Null; C:\WINDOWS.0\system32\Drivers\Null.sys [2944 2013-09-19] (Microsoft Corporation)

S3 NwlnkFlt; C:\WINDOWS.0\System32\DRIVERS\nwlnkflt.sys [12416 2013-09-19] (Microsoft Corporation)

S3 NwlnkFwd; C:\WINDOWS.0\System32\DRIVERS\nwlnkfwd.sys [32512 2013-09-19] (Microsoft Corporation)

R3 Parport; C:\WINDOWS.0\System32\DRIVERS\parport.sys [80128 2013-09-19] (Microsoft Corporation)

R0 PartMgr; C:\WINDOWS.0\system32\Drivers\PartMgr.sys [19712 2013-09-19] (Microsoft Corporation)

R2 ParVdm; C:\WINDOWS.0\system32\Drivers\ParVdm.sys [6784 2013-09-19] (Microsoft Corporation)

S3 pccsmcfd; C:\WINDOWS.0\System32\DRIVERS\pccsmcfd.sys [19072 2012-06-11] (Nokia)

R0 PCI; C:\WINDOWS.0\System32\DRIVERS\pci.sys [68224 2013-09-19] (Microsoft Corporation)

R0 PCIIde; C:\WINDOWS.0\System32\DRIVERS\pciide.sys [3328 2013-09-19] (Microsoft Corporation)

S4 Pcmcia; C:\WINDOWS.0\system32\Drivers\Pcmcia.sys [120192 2013-09-19] (Microsoft Corporation)

R3 PptpMiniport; C:\WINDOWS.0\System32\DRIVERS\raspptp.sys [48384 2013-09-19] (Microsoft Corporation)

R1 Processor; C:\WINDOWS.0\System32\DRIVERS\processr.sys [35840 2013-09-19] (Microsoft Corporation)

R3 PSched; C:\WINDOWS.0\System32\DRIVERS\psched.sys [69120 2013-09-19] (Microsoft Corporation)

R3 Ptilink; C:\WINDOWS.0\System32\DRIVERS\ptilink.sys [17792 2013-09-19] (Parallel Technologies, Inc.)

R1 RasAcd; C:\WINDOWS.0\System32\DRIVERS\rasacd.sys [8832 2013-09-19] (Microsoft Corporation)

R3 Rasl2tp; C:\WINDOWS.0\System32\DRIVERS\rasl2tp.sys [51328 2013-09-19] (Microsoft Corporation)

R3 RasPppoe; C:\WINDOWS.0\System32\DRIVERS\raspppoe.sys [41472 2013-09-19] (Microsoft Corporation)

R3 Raspti; C:\WINDOWS.0\System32\DRIVERS\raspti.sys [16512 2013-09-19] (Microsoft Corporation)

R1 Rdbss; C:\WINDOWS.0\System32\DRIVERS\rdbss.sys [175744 2013-09-19] (Microsoft Corporation)

R1 RDPCDD; C:\WINDOWS.0\System32\DRIVERS\RDPCDD.sys [4224 2013-09-19] (Microsoft Corporation)

R3 rdpdr; C:\WINDOWS.0\System32\DRIVERS\rdpdr.sys [196224 2008-04-14] (Microsoft Corporation)

S3 RDPWD; C:\WINDOWS.0\system32\Drivers\RDPWD.sys [139656 2013-09-19] (Microsoft Corporation)

S1 redbook; C:\WINDOWS.0\System32\DRIVERS\redbook.sys [57600 2008-04-14] (Microsoft Corporation)

R2 Secdrv; C:\WINDOWS.0\System32\DRIVERS\secdrv.sys [20480 2013-09-19] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)

R3 serenum; C:\WINDOWS.0\System32\DRIVERS\serenum.sys [15744 2013-09-19] (Microsoft Corporation)

R1 Serial; C:\WINDOWS.0\System32\DRIVERS\serial.sys [64512 2013-09-19] (Microsoft Corporation)

S1 Sfloppy; C:\WINDOWS.0\system32\Drivers\Sfloppy.sys [11392 2013-09-19] (Microsoft Corporation)

S3 splitter; C:\WINDOWS.0\System32\drivers\splitter.sys [6272 2008-04-14] (Microsoft Corporation)

R0 sr; C:\WINDOWS.0\System32\DRIVERS\sr.sys [73472 2013-09-19] (Microsoft Corporation)

R3 Srv; C:\WINDOWS.0\System32\DRIVERS\srv.sys [334848 2013-09-19] (Microsoft Corporation)

R1 ssmdrv; C:\WINDOWS.0\System32\DRIVERS\ssmdrv.sys [28352 2007-03-01] (Avira GmbH)

R3 swenum; C:\WINDOWS.0\System32\DRIVERS\swenum.sys [4352 2013-09-19] (Microsoft Corporation)

S3 swmidi; C:\WINDOWS.0\System32\drivers\swmidi.sys [56576 2008-04-14] (Microsoft Corporation)

R3 sysaudio; C:\WINDOWS.0\System32\drivers\sysaudio.sys [60800 2008-04-14] (Microsoft Corporation)

R1 Tcpip; C:\WINDOWS.0\System32\DRIVERS\tcpip.sys [361344 2013-09-19] (Microsoft Corporation)

S3 TDPIPE; C:\WINDOWS.0\system32\Drivers\TDPIPE.sys [12040 2013-09-19] (Microsoft Corporation)

S3 TDTCP; C:\WINDOWS.0\system32\Drivers\TDTCP.sys [21896 2013-09-19] (Microsoft Corporation)

R1 TermDD; C:\WINDOWS.0\System32\DRIVERS\termdd.sys [40840 2008-04-14] (Microsoft Corporation)

S4 Udfs; C:\WINDOWS.0\system32\Drivers\Udfs.sys [66048 2013-09-19] (Microsoft Corporation)

R3 Update; C:\WINDOWS.0\System32\DRIVERS\update.sys [384768 2013-09-19] (Microsoft Corporation)

S3 usbccgp; C:\WINDOWS.0\System32\DRIVERS\usbccgp.sys [32128 2008-04-14] (Microsoft Corporation)

R3 usbehci; C:\WINDOWS.0\System32\DRIVERS\usbehci.sys [30208 2013-09-19] (Microsoft Corporation)

R3 usbhub; C:\WINDOWS.0\System32\DRIVERS\usbhub.sys [59520 2013-09-19] (Microsoft Corporation)

S3 usbscan; C:\WINDOWS.0\System32\DRIVERS\usbscan.sys [15104 2008-04-14] (Microsoft Corporation)

S3 usbser; C:\WINDOWS.0\System32\drivers\usbser.sys [26112 2008-04-14] (Microsoft Corporation)

S3 usbstor; C:\WINDOWS.0\System32\DRIVERS\USBSTOR.SYS [26368 2013-09-19] (Microsoft Corporation)

R3 usbuhci; C:\WINDOWS.0\System32\DRIVERS\usbuhci.sys [20608 2013-09-19] (Microsoft Corporation)

R1 VgaSave; C:\WINDOWS.0\System32\drivers\vga.sys [20992 2013-09-19] (Microsoft Corporation)

R0 ViaIde; C:\WINDOWS.0\System32\DRIVERS\viaide.sys [5376 2013-09-19] (Microsoft Corporation)

R3 VIAudio; C:\WINDOWS.0\System32\drivers\vinyl97.sys [207488 2007-06-27] (VIA Technologies, Inc.)

R0 VolSnap; C:\WINDOWS.0\system32\Drivers\VolSnap.sys [52352 2013-09-19] (Microsoft Corporation)

R3 Wanarp; C:\WINDOWS.0\System32\DRIVERS\wanarp.sys [34560 2013-09-19] (Microsoft Corporation)

S3 Wdf01000; C:\WINDOWS.0\System32\Drivers\wdf01000.sys [444136 2009-07-14] (Microsoft Corporation)

R3 wdmaud; C:\WINDOWS.0\System32\drivers\wdmaud.sys [83072 2008-04-14] (Microsoft Corporation)

S4 WS2IFSL; C:\WINDOWS.0\System32\drivers\ws2ifsl.sys [12032 2013-09-19] (Microsoft Corporation)

S3 cleanhlp; \??\C:\Program Files\Emsisoft Anti-Malware\cleanhlp32.sys [X]

S4 IntelIde; No ImagePath

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========

2014-05-30 04:08 - 2014-05-30 04:08 - 00000000 ____D () C:\FRST

2014-05-30 03:58 - 2014-05-30 03:58 - 00000000 ____D () C:\WINDOWS.0\LastGood

2014-05-29 05:08 - 2014-05-29 05:08 - 00001146 _____ () C:\Documents and Settings\sirgovernor\Desktop\Serial ddd.txt

2014-05-28 21:13 - 2014-05-28 21:13 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS.0\Start Menu\Programs\AntiVir PersonalEdition Classic

2014-05-28 21:12 - 2014-05-28 21:12 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS.0\Application Data\Avira

2014-05-28 21:12 - 2008-06-27 15:03 - 00075072 _____ (Avira GmbH) C:\WINDOWS.0\system32\Drivers\avipbb.sys

2014-05-28 21:12 - 2008-05-09 13:15 - 00045376 _____ (Avira GmbH) C:\WINDOWS.0\system32\Drivers\avgntdd.sys

2014-05-28 21:12 - 2008-01-21 18:11 - 00022336 _____ (Avira GmbH) C:\WINDOWS.0\system32\Drivers\avgntmgr.sys

2014-05-28 21:12 - 2007-03-01 10:34 - 00028352 _____ (Avira GmbH) C:\WINDOWS.0\system32\Drivers\ssmdrv.sys

2014-05-28 17:10 - 2014-05-28 20:30 - 00002291 _____ () C:\Documents and Settings\sirgovernor\Desktop\HiJackThis.lnk

2014-05-28 17:10 - 2014-05-28 17:10 - 00000000 ____D () C:\Documents and Settings\sirgovernor\Start Menu\Programs\HiJackThis

2014-05-28 16:45 - 2014-05-28 16:46 - 00000000 ____D () C:\Documents and Settings\sirgovernor\Application Data\Simply Super Software

2014-05-28 16:45 - 2014-05-28 16:45 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS.0\Application Data\Simply Super Software

2014-05-28 16:45 - 2012-06-15 16:39 - 00169744 _____ () C:\WINDOWS.0\system32\ztvunrar36.dll

2014-05-28 16:45 - 2012-06-15 16:35 - 00185616 _____ () C:\WINDOWS.0\system32\ztvunrar39.dll

2014-05-28 16:45 - 2012-06-15 16:33 - 00605968 _____ (Igor Pavlov) C:\WINDOWS.0\system32\ztv7z.dll

2014-05-28 16:45 - 2012-06-15 16:33 - 00077072 _____ (Microsoft Corporation) C:\WINDOWS.0\system32\ztvcabinet.dll

2014-05-28 16:45 - 2005-08-26 01:50 - 00077312 _____ () C:\WINDOWS.0\system32\ztvunace26.dll

2014-05-28 16:45 - 2003-02-02 20:06 - 00153088 _____ () C:\WINDOWS.0\system32\unrar3.dll

2014-05-28 16:45 - 2002-03-06 01:00 - 00075264 _____ () C:\WINDOWS.0\system32\unacev2.dll

2014-05-28 12:52 - 2014-05-28 12:52 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS.0\Application Data\Grisoft

2014-05-15 14:53 - 2014-05-15 14:53 - 00000000 ____D () C:\Program Files\AVG

2014-05-14 08:39 - 2014-05-14 08:39 - 17938608 _____ (Adobe Systems Incorporated) C:\WINDOWS.0\system32\FlashPlayerInstaller.exe

2014-05-01 23:22 - 2014-05-29 02:37 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS.0\Application Data\Package Cache

2014-05-01 23:22 - 2014-05-16 04:42 - 00000000 ____D () C:\OETemp

2014-05-01 22:43 - 2014-05-01 22:43 - 00000000 ____D () C:\Program Files\Common Files\Bitdefender

==================== One Month Modified Files and Folders =======

2014-05-30 04:09 - 2013-09-21 02:30 - 00000000 ____D () C:\Documents and Settings\sirgovernor\Local Settings\Temp

2014-05-30 04:08 - 2014-05-30 04:08 - 00000000 ____D () C:\FRST

2014-05-30 04:02 - 2013-09-24 02:57 - 00000904 _____ () C:\WINDOWS.0\Tasks\DealPlyLiveUpdateTaskMachineUA.job

2014-05-30 03:58 - 2014-05-30 03:58 - 00000000 ____D () C:\WINDOWS.0\LastGood

2014-05-30 03:58 - 2014-03-30 14:03 - 00000000 ____D () C:\Documents and Settings\sirgovernor\Application Data\EQATEC Analytics

2014-05-30 03:58 - 2014-03-21 16:24 - 00265666 _____ () C:\WINDOWS.0\setupapi.log

2014-05-30 03:58 - 2013-12-15 05:00 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS.0\Application Data\TEMP

2014-05-30 03:58 - 2013-12-15 04:39 - 00000000 ____D () C:\Documents and Settings\sirgovernor\Application Data\uTorrent

2014-05-30 03:58 - 2013-09-24 02:57 - 00000900 _____ () C:\WINDOWS.0\Tasks\DealPlyLiveUpdateTaskMachineCore.job

2014-05-30 03:58 - 2013-09-21 03:28 - 00000892 _____ () C:\WINDOWS.0\Tasks\GoogleUpdateTaskMachineCore.job

2014-05-30 03:58 - 2013-09-21 02:29 - 00000006 ____H () C:\WINDOWS.0\Tasks\SA.DAT

2014-05-30 03:58 - 2013-09-21 02:13 - 01936245 _____ () C:\WINDOWS.0\WindowsUpdate.log

2014-05-30 03:58 - 2013-09-20 19:09 - 00000159 _____ () C:\WINDOWS.0\wiadebug.log

2014-05-30 03:58 - 2013-09-20 19:09 - 00000049 _____ () C:\WINDOWS.0\wiaservc.log

2014-05-30 03:58 - 2013-09-20 19:03 - 00000000 ____D () C:\WINDOWS.0\Temp

2014-05-30 03:58 - 2013-09-20 19:03 - 00000000 ____D () C:\WINDOWS.0

2014-05-30 03:58 - 2013-09-19 02:51 - 00002206 _____ () C:\WINDOWS.0\system32\wpa.dbl

2014-05-29 22:41 - 2013-09-21 03:28 - 00000896 _____ () C:\WINDOWS.0\Tasks\GoogleUpdateTaskMachineUA.job

2014-05-29 22:29 - 2013-09-24 05:46 - 00000834 _____ () C:\WINDOWS.0\Tasks\Adobe Flash Player Updater.job

2014-05-29 22:26 - 2014-01-22 11:25 - 00000420 _____ () C:\WINDOWS.0\Tasks\At2.job

2014-05-29 21:57 - 2013-09-24 02:57 - 00000418 _____ () C:\WINDOWS.0\Tasks\At1.job

2014-05-29 14:40 - 2013-09-21 02:29 - 00032442 _____ () C:\WINDOWS.0\SchedLgU.Txt

2014-05-29 05:08 - 2014-05-29 05:08 - 00001146 _____ () C:\Documents and Settings\sirgovernor\Desktop\Serial ddd.txt

2014-05-29 03:47 - 2014-03-30 14:03 - 00117481 _____ () C:\Documents and Settings\All Users.bak

2014-05-29 03:46 - 2014-03-30 14:03 - 00001122 _____ () C:\Documents and Settings\sirgovernor\Desktop\My DAP Downloads.lnk

2014-05-29 03:45 - 2014-03-21 16:19 - 00000000 __HDC () C:\WINDOWS.0\$NtUninstallKB942288-v3$

2014-05-29 03:45 - 2014-03-21 16:14 - 00670174 _____ () C:\WINDOWS.0\KB942288-v3.log

2014-05-29 02:57 - 2014-01-22 11:25 - 00000000 ____D () C:\Documents and Settings\sirgovernor\Application Data\mysearchdial

2014-05-29 02:41 - 2013-09-22 00:26 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS.0\Start Menu\Programs\DriverUpdate

2014-05-29 02:37 - 2014-05-01 23:22 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS.0\Application Data\Package Cache

2014-05-29 02:37 - 2013-09-20 19:05 - 03565896 _____ () C:\WINDOWS.0\system32\FNTCACHE.DAT

2014-05-28 21:28 - 2013-09-22 00:06 - 00069496 _____ () C:\Documents and Settings\sirgovernor\Local Settings\Application Data\GDIPFONTCACHEV1.DAT

2014-05-28 21:28 - 2012-07-17 11:02 - 00000000 ____D () C:\Program Files\Common Files\DESIGNER

2014-05-28 21:28 - 2012-07-17 10:56 - 00000000 ____D () C:\Program Files\Microsoft Office

2014-05-28 21:28 - 2012-06-03 16:02 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared

2014-05-28 21:27 - 2014-01-31 00:22 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS.0\Application Data\Microsoft Help

2014-05-28 21:27 - 2012-07-17 11:02 - 00000000 ____D () C:\Program Files\MSBuild

2014-05-28 21:19 - 2013-09-20 19:05 - 00167713 _____ () C:\WINDOWS.0\setupact.log

2014-05-28 21:14 - 2013-09-21 02:30 - 00000178 ___SH () C:\Documents and Settings\sirgovernor\ntuser.ini

2014-05-28 21:13 - 2014-05-28 21:13 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS.0\Start Menu\Programs\AntiVir PersonalEdition Classic

2014-05-28 21:12 - 2014-05-28 21:12 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS.0\Application Data\Avira

2014-05-28 20:30 - 2014-05-28 17:10 - 00002291 _____ () C:\Documents and Settings\sirgovernor\Desktop\HiJackThis.lnk

2014-05-28 20:27 - 2014-01-19 13:24 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS.0\Application Data\Adobe

2014-05-28 17:10 - 2014-05-28 17:10 - 00000000 ____D () C:\Documents and Settings\sirgovernor\Start Menu\Programs\HiJackThis

2014-05-28 16:46 - 2014-05-28 16:45 - 00000000 ____D () C:\Documents and Settings\sirgovernor\Application Data\Simply Super Software

2014-05-28 16:45 - 2014-05-28 16:45 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS.0\Application Data\Simply Super Software

2014-05-28 15:46 - 2014-01-24 21:02 - 00000132 _____ () C:\Documents and Settings\sirgovernor\Application Data\Adobe PNG Format CS5 Prefs

2014-05-28 12:52 - 2014-05-28 12:52 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS.0\Application Data\Grisoft

2014-05-28 10:43 - 2013-10-15 05:50 - 00026302 _____ () C:\WINDOWS.0\DPINST.LOG

2014-05-28 10:43 - 2013-10-15 05:49 - 00000000 ____D () C:\Program Files\Nokia

2014-05-27 05:52 - 2013-09-21 02:11 - 00041729 _____ () C:\WINDOWS.0\wmsetup.log

2014-05-23 02:16 - 2013-09-21 03:49 - 00001813 _____ () C:\Documents and Settings\All Users.WINDOWS.0\Desktop\Google Chrome.lnk

2014-05-16 04:42 - 2014-05-01 23:22 - 00000000 ____D () C:\OETemp

2014-05-15 14:53 - 2014-05-15 14:53 - 00000000 ____D () C:\Program Files\AVG

2014-05-14 08:39 - 2014-05-14 08:39 - 17938608 _____ (Adobe Systems Incorporated) C:\WINDOWS.0\system32\FlashPlayerInstaller.exe

2014-05-14 08:39 - 2013-09-24 05:46 - 00692400 _____ (Adobe Systems Incorporated) C:\WINDOWS.0\system32\FlashPlayerApp.exe

2014-05-14 08:39 - 2013-09-24 05:46 - 00070832 _____ (Adobe Systems Incorporated) C:\WINDOWS.0\system32\FlashPlayerCPLApp.cpl

2014-05-10 06:46 - 2013-09-23 11:21 - 00068608 _____ () C:\Documents and Settings\sirgovernor\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

2014-05-01 22:50 - 2013-09-20 19:06 - 00095297 _____ () C:\WINDOWS.0\iis6.log

2014-05-01 22:50 - 2013-09-20 19:06 - 00058521 _____ () C:\WINDOWS.0\FaxSetup.log

2014-05-01 22:50 - 2013-09-20 19:06 - 00055367 _____ () C:\WINDOWS.0\ocgen.log

2014-05-01 22:50 - 2013-09-20 19:06 - 00041267 _____ () C:\WINDOWS.0\tsoc.log

2014-05-01 22:50 - 2013-09-20 19:06 - 00033103 _____ () C:\WINDOWS.0\comsetup.log

2014-05-01 22:50 - 2013-09-20 19:06 - 00023352 _____ () C:\WINDOWS.0\msmqinst.log

2014-05-01 22:50 - 2013-09-20 19:06 - 00020155 _____ () C:\WINDOWS.0\ntdtcsetup.log

2014-05-01 22:50 - 2013-09-20 19:06 - 00013425 _____ () C:\WINDOWS.0\netfxocm.log

2014-05-01 22:50 - 2013-09-20 19:06 - 00006226 _____ () C:\WINDOWS.0\MedCtrOC.log

2014-05-01 22:50 - 2013-09-20 19:06 - 00004054 _____ () C:\WINDOWS.0\msgsocm.log

2014-05-01 22:50 - 2013-09-20 19:06 - 00004041 _____ () C:\WINDOWS.0\ocmsn.log

2014-05-01 22:50 - 2013-09-20 19:06 - 00003429 _____ () C:\WINDOWS.0\tabletoc.log

2014-05-01 22:50 - 2013-09-20 19:06 - 00001891 _____ () C:\WINDOWS.0\imsins.log

2014-05-01 22:43 - 2014-05-01 22:43 - 00000000 ____D () C:\Program Files\Common Files\Bitdefender

Files to move or delete:

====================

C:\Documents and Settings\sirgovernor\TempWmicBatchFile.bat

C:\Windows\Tasks\At1.job

Some content of TEMP:

====================

C:\Documents and Settings\sir governor\Local Settings\Temp\31.199236649083474_Update.exe

C:\Documents and Settings\sir governor\Local Settings\Temp\7z920.exe

C:\Documents and Settings\sir governor\Local Settings\Temp\APNStub.exe

C:\Documents and Settings\sir governor\Local Settings\Temp\bi_cleaner.exe

C:\Documents and Settings\sir governor\Local Settings\Temp\bstrapInstall.exe

C:\Documents and Settings\sir governor\Local Settings\Temp\BundleSweetIMSetup.exe

C:\Documents and Settings\sir governor\Local Settings\Temp\cabex.dll

C:\Documents and Settings\sir governor\Local Settings\Temp\ChangeIcon.exe

C:\Documents and Settings\sir governor\Local Settings\Temp\chica_silent_2008.exe

C:\Documents and Settings\sir governor\Local Settings\Temp\DeltaTB.exe

C:\Documents and Settings\sir governor\Local Settings\Temp\drm_dialogs.dll

C:\Documents and Settings\sir governor\Local Settings\Temp\drm_dyndata_7330017.dll

C:\Documents and Settings\sir governor\Local Settings\Temp\EBU474.EXE

C:\Documents and Settings\sir governor\Local Settings\Temp\EBU475.DLL

C:\Documents and Settings\sir governor\Local Settings\Temp\Foxit Updater.exe

C:\Documents and Settings\sir governor\Local Settings\Temp\fp_pl_pfs_installer.exe

C:\Documents and Settings\sir governor\Local Settings\Temp\GenericUninstall.exe

C:\Documents and Settings\sir governor\Local Settings\Temp\GLF303.tmp.dll

C:\Documents and Settings\sir governor\Local Settings\Temp\KMP_3.2.0.0.exe

C:\Documents and Settings\sir governor\Local Settings\Temp\KMP_3.5.0.77.exe

C:\Documents and Settings\sir governor\Local Settings\Temp\mgsqlite3.dll

C:\Documents and Settings\sir governor\Local Settings\Temp\OptimizerPro.exe

C:\Documents and Settings\sir governor\Local Settings\Temp\ose00000.exe

C:\Documents and Settings\sir governor\Local Settings\Temp\ose00001.exe

C:\Documents and Settings\sir governor\Local Settings\Temp\PCPerformerSetup.exe

C:\Documents and Settings\sir governor\Local Settings\Temp\RunWizards.exe

C:\Documents and Settings\sir governor\Local Settings\Temp\setup_wm.exe

C:\Documents and Settings\sir governor\Local Settings\Temp\svd_ask.exe

C:\Documents and Settings\sir governor\Local Settings\Temp\tuvaro_1.8.12.0.exe

C:\Documents and Settings\sir governor\Local Settings\Temp\uninst1.exe

C:\Documents and Settings\sir governor\Local Settings\Temp\uninstaller.exe

C:\Documents and Settings\sir governor\Local Settings\Temp\UpdateCheckerSetup.exe

C:\Documents and Settings\sir governor\Local Settings\Temp\utt391.tmp.exe

C:\Documents and Settings\sir governor\Local Settings\Temp\wget.exe

C:\Documents and Settings\sir governor\Local Settings\Temp\WSSetup.exe

C:\Documents and Settings\sir governor\Local Settings\Temp\xmlUpdater.exe

C:\Documents and Settings\sirgovernor\Local Settings\Temp\017f1499-629e-401e-9bea-2b704a9d3404.exe

C:\Documents and Settings\sirgovernor\Local Settings\Temp\038b0a18-aaa9-4c38-aadf-56f6863bf02a.exe

C:\Documents and Settings\sirgovernor\Local Settings\Temp\04090e05-3dba-48f7-9f86-e80458aa99b9.exe

C:\Documents and Settings\sirgovernor\Local Settings\Temp\041ce743-dce1-4dfb-aa6d-a83fd821a42d.exe

C:\Documents and Settings\sirgovernor\Local Settings\Temp\07121a13-cb2f-45b8-a52e-76391a5b44c3.exe

C:\Documents and Settings\sirgovernor\Local Settings\Temp\08126ea7-dfd4-481f-82ff-3baeae884855.exe

C:\Documents and Settings\sirgovernor\Local Settings\Temp\0aa1dde4-f251-4dd5-9d39-3cee5acb6eec.exe

C:\Documents and Settings\sirgovernor\Local Settings\Temp\0ad92302-862a-496c-945b-e2c056d4a5f9.exe

C:\Documents and Settings\sirgovernor\Local Settings\Temp\0b4de2c9-9eea-44e8-9d7a-3f896e7473c9.exe

C:\Documents and Settings\sirgovernor\Local Settings\Temp\0e1d4077-8bf7-42c7-b1f5-7945d3843eb9.exe

C:\Documents and Settings\sirgovernor\Local Settings\Temp\0ee16669-c364-46b4-a5e1-adae1abe22df.exe

C:\Documents and Settings\sirgovernor\Local Settings\Temp\103ed8b2-34b0-451e-ae79-3ab9da7e9d0b.exe

C:\Documents and Settings\sirgovernor\Local Settings\Temp\1497cbef-6180-4700-be16-233bbdae9d11.exe

C:\Documents and Settings\sirgovernor\Local Settings\Temp\153d13e5-6528-41dd-bc02-6566094ea47d.exe

C:\Documents and Settings\sirgovernor\Local Settings\Temp\16cf56b9-4d3c-4bee-8982-b52d6d125ee8.exe

C:\Documents and Settings\sirgovernor\Local Settings\Temp\19d0a485-2cfa-421f-afa2-eac845cea2bf.exe

C:\Documents and Settings\sirgovernor\Local Settings\Temp\1b167d6c-6f70-4080-947a-e0e550b4d1d5.exe

C:\Documents and Settings\sirgovernor\Local Settings\Temp\217d508d-d4e7-47cd-bb9a-fc313f0edcc5.exe

C:\Documents and Settings\sirgovernor\Local Settings\Temp\24785928-b0e1-4693-87f9-c3362773a76f.exe

C:\Documents and Settings\sirgovernor\Local Settings\Temp\269007b1-c080-4e2a-96d5-f1e1e8ea3ff0.exe

C:\Documents and Settings\sirgovernor\Local Settings\Temp\27d895c7-c5b7-4447-bab4-11243e4cda46.exe

C:\Documents and Settings\sirgovernor\Local Settings\Temp\2882d91b-2f5b-4c0c-be4e-467375b77f69.exe

C:\Documents and Settings\sirgovernor\Local Settings\Temp\294b0401-dac3-4b1b-a6c9-0dbc277d138a.exe

C:\Documents and Settings\sirgovernor\Local Settings\Temp\29a24f6b-6641-4e26-9257-00b7f7d8b4af.exe

C:\Documents and Settings\sirgovernor\Local Settings\Temp\2a6e9f69-a142-4a49-b478-1074e31ab7e3.exe

C:\Documents and Settings\sirgovernor\Local Settings\Temp\31509f19-5703-4569-8d3b-2edd73245fff.exe

C:\Documents and Settings\sirgovernor\Local Settings\Temp\324b067f-2416-4d96-9974-8c8886b59021.exe

C:\Documents and Settings\sirgovernor\Local Settings\Temp\3304c347-c0c4-450c-84ed-aa1267cd0b13.exe

C:\Documents and Settings\sirgovernor\Local Settings\Temp\39ef3051-c6af-4d94-b25b-6a5a0024101f.exe

C:\Documents and Settings\sirgovernor\Local Settings\Temp\3ab0f09e-6384-4004-a05c-f3446438b738.exe

C:\Documents and Settings\sirgovernor\Local Settings\Temp\3b8458d9-3275-493c-81c4-6973e48fbdfc.exe

C:\Documents and Settings\sirgovernor\Local Settings\Temp\3f106324-c012-4a4a-9ecb-ea6ec0e34fc6.exe

C:\Documents and Settings\sirgovernor\Local Settings\Temp\3fda81ff-29a9-464c-b7ca-2a1738ebd15f.exe

C:\Documents and Settings\sirgovernor\Local Settings\Temp\40d0d3e7-0f37-4e88-8e49-2eb8e6783628.exe

C:\Documents and Settings\sirgovernor\Local Settings\Temp\422f59c1-337e-49db-b2b2-6225074dba89.exe

C:\Documents and Settings\sirgovernor\Local Settings\Temp\44a36c2c-3dad-4407-8ea5-0d1a439f2e48.exe

C:\Documents and Settings\sirgovernor\Local Settings\Temp\45d720a7-87c3-4344-863f-295b072b5337.exe

C:\Documents and Settings\sirgovernor\Local Settings\Temp\48f71566-e5df-42d2-ad02-c3f5a6918fe5.exe

C:\Documents and Settings\sirgovernor\Local Settings\Temp\4a56b153-073a-4f3f-95d7-e20d2618d627.exe

C:\Documents and Settings\sirgovernor\Local Settings\Temp\4c18c492-4756-4d72-b0c2-df093da18c81.exe

C:\Documents and Settings\sirgovernor\Local Settings\Temp\4c93da34-16ac-4559-af24-8c36d5c81fd8.exe

C:\Documents and Settings\sirgovernor\Local Settings\Temp\4d4a4c81-c840-47a5-9dc5-9d89a3cbc75e.exe

C:\Documents and Settings\sirgovernor\Local Settings\Temp\4e72c9fb-0e5e-49ce-98a4-33c495665410.exe

C:\Documents and Settings\sirgovernor\Local Settings\Temp\51c98f80-c2d4-4ee6-9434-68c3f53755e6.exe

C:\Documents and Settings\sirgovernor\Local Settings\Temp\51ec6b5d-ef9c-4ccb-ba70-79e0a80b1862.exe

C:\Documents and Settings\sirgovernor\Local Settings\Temp\5239d154-0e29-4d29-aba6-e4a951e4763c.exe

C:\Documents and Settings\sirgovernor\Local Settings\Temp\52a5702e-f497-47e0-9712-30fc685dcb01.exe

C:\Documents and Settings\sirgovernor\Local Settings\Temp\533148f3-8919-407e-9a15-1013d9ddbbd9.exe

C:\Documents and Settings\sirgovernor\Local Settings\Temp\538fce24-9526-4243-8a96-1837ff8d08e6.exe

C:\Documents and Settings\sirgovernor\Local Settings\Temp\53f27654-48ed-4a20-b73d-e5b56a5f1f00.exe

C:\Documents and Settings\sirgovernor\Local Settings\Temp\56805f5f-e981-42b0-960e-3db787a3f119.exe

C:\Documents and Settings\sirgovernor\Local Settings\Temp\58f4765e-bd94-44c9-a3e6-7d0212dc040c.exe

C:\Documents and Settings\sirgovernor\Local Settings\Temp\590a41a7-73a7-4d58-9244-d8b6e9cf9177.exe

C:\Documents and Settings\sirgovernor\Local Settings\Temp\5985d3c8-e7b4-4ece-8157-102c1ebc83c6.exe

C:\Documents and Settings\sirgovernor\Local Settings\Temp\5b81ceff-cecd-4041-ae33-5f5557aefb38.exe

C:\Documents and Settings\sirgovernor\Local Settings\Temp\5bafbc2a-9718-43bc-9abe-f5f38a7c280f.exe

C:\Documents and Settings\sirgovernor\Local Settings\Temp\5bd9de70-cf51-457b-a5be-dde75f4a53c5.exe

C:\Documents and Settings\sirgovernor\Local Settings\Temp\611321bf-6225-45c5-bcbf-5b82ee9b2323.exe

C:\Documents and Settings\sirgovernor\Local Settings\Temp\613457e8-4365-41dd-8d91-b35cfc2ea179.exe

C:\Documents and Settings\sirgovernor\Local Settings\Temp\62fd6653-a30a-4dcb-ad4d-8f5a509d415a.exe

C:\Documents and Settings\sirgovernor\Local Settings\Temp\67f64523-f1a3-4ba6-a7bf-f0ca9a3abb70.exe

C:\Documents and Settings\sirgovernor\Local Settings\Temp\68c0eef4-060f-44df-888f-6ef158df1ad6.exe

C:\Documents and Settings\sirgovernor\Local Settings\Temp\6986c830-4b6a-4913-96e1-515082bdd950.exe

C:\Documents and Settings\sirgovernor\Local Settings\Temp\6c4ac061-c5a5-424d-960c-1f71628b3831.exe

C:\Documents and Settings\sirgovernor\Local Settings\Temp\6c89f322-6fbe-45eb-b838-3b4fc7b29ebd.exe

C:\Documents and Settings\sirgovernor\Local Settings\Temp\6e31341f-2aca-42f9-b164-0325b5ea40d5.exe

C:\Documents and Settings\sirgovernor\Local Settings\Temp\6e6469b9-de53-4595-9417-eebb3cd26f69.exe

C:\Documents and Settings\sirgovernor\Local Settings\Temp\707c273b-03c5-4103-8299-533be9dd2a4a.exe

C:\Documents and Settings\sirgovernor\Local Settings\Temp\7132766c-98c8-40c0-9a51-78abbc00feaa.exe

C:\Documents and Settings\sirgovernor\Local Settings\Temp\72094efe-2483-4461-bb17-e96e103c48b7.exe

C:\Documents and Settings\sirgovernor\Local Settings\Temp\72d35719-ee43-424f-bb2e-b9548072c650.exe

C:\Documents and Settings\sirgovernor\Local Settings\Temp\7493f039-d537-4df4-acec-8ba3af87e8dc.exe

C:\Documents and Settings\sirgovernor\Local Settings\Temp\76a615a4-c800-4e44-9148-77e47a465f33.exe

C:\Documents and Settings\sirgovernor\Local Settings\Temp\79690aee-730d-488d-b42a-14da0eb1f231.exe

C:\Documents and Settings\sirgovernor\Local Settings\Temp\7ba1c4ca-58ad-4fc5-8e21-d0a9d30b5831.exe

C:\Documents and Settings\sirgovernor\Local Settings\Temp\7d0a72ca-47c9-4aa1-b2d4-b7b07f15e11d.exe

C:\Documents and Settings\sirgovernor\Local Settings\Temp\7fc7f0b4-6f94-4b62-b54b-c68f1123bc27.exe

C:\Documents and Settings\sirgovernor\Local Settings\Temp\8059e628-bb53-49bc-96fa-30fbd8ac024a.exe

C:\Documents and Settings\sirgovernor\Local Settings\Temp\814673d5-981f-4996-80c9-0323f3f53b26.exe

C:\Documents and Settings\sirgovernor\Local Settings\Temp\844d72b2-546e-4541-934c-62d2e337099b.exe

C:\Documents and Settings\sirgovernor\Local Settings\Temp\892ca3b4-fae2-4f2a-a0c6-3bb8c377ce91.exe

C:\Documents and Settings\sirgovernor\Local Settings\Temp\8c4818a5-4e1d-40d5-90f9-70962f8e6ea0.exe

C:\Documents and Settings\sirgovernor\Local Settings\Temp\8f3cad7b-cf7e-409f-add5-856b76f9d619.exe

C:\Documents and Settings\sirgovernor\Local Settings\Temp\8fa20ab9-ff6b-4999-82e1-cbfab7d70767.exe

C:\Documents and Settings\sirgovernor\Local Settings\Temp\90358aea-f2ca-41a8-8d1d-62bc1f33f515.exe

C:\Documents and Settings\sirgovernor\Local Settings\Temp\92617ea9-9e8d-4ac2-8180-3fe86bc05cbe.exe

C:\Documents and Settings\sirgovernor\Local Settings\Temp\956e7c97-031a-459c-82af-d60b67eb48ad.exe

C:\Documents and Settings\sirgovernor\Local Settings\Temp\961bab01-cfcc-4168-a813-4c9138d8b41c.exe

C:\Documents and Settings\sirgovernor\Local Settings\Temp\97b53923-97b3-478b-9ce5-d6f87f1c5ffc.exe

C:\Documents and Settings\sirgovernor\Local Settings\Temp\983d8f2e-2c79-4e1d-a06d-901b48c221d2.exe

C:\Documents and Settings\sirgovernor\Local Settings\Temp\98c81c26-9238-4618-82ee-a9c053343ccb.exe

C:\Documents and Settings\sirgovernor\Local Settings\Temp\99e99ade-9a0c-4400-a7d4-53248355f2f2.exe

C:\Documents and Settings\sirgovernor\Local Settings\Temp\9b2d7974-e073-4e4f-aedc-1d04297a5afe.exe

C:\Documents and Settings\sirgovernor\Local Settings\Temp\9da7907f-80c2-4a2a-82c5-0fea9af92ad8.exe

C:\Documents and Settings\sirgovernor\Local Settings\Temp\a2b2374a-b96e-4234-beee-13326905798a.exe

C:\Documents and Settings\sirgovernor\Local Settings\Temp\a3434abd-5528-4196-b089-737bb41896d7.exe

C:\Documents and Settings\sirgovernor\Local Settings\Temp\a47d73cc-526e-46a9-811b-364a17bcd8b0.exe

C:\Documents and Settings\sirgovernor\Local Settings\Temp\a8c9d805-2d66-4185-a616-aa152af08b48.exe

C:\Documents and Settings\sirgovernor\Local Settings\Temp\ab2f8566-5f32-4a9e-a8b4-c27b5ba5a3ae.exe

C:\Documents and Settings\sirgovernor\Local Settings\Temp\ab4e9398-e856-49c7-8dcc-28f90020729f.exe

C:\Documents and Settings\sirgovernor\Local Settings\Temp\ace9d788-7aa1-4a39-a596-da5993bf45c0.exe

C:\Documents and Settings\sirgovernor\Local Settings\Temp\adks_ar_qvo6.exe

C:\Documents and Settings\sirgovernor\Local Settings\Temp\ae91d3d1-d5d7-46c7-990b-e73a6a72f4ae.exe

C:\Documents and Settings\sirgovernor\Local Settings\Temp\b0ceec10-effd-4743-8ccd-f4c307b2f67e.exe

C:\Documents and Settings\sirgovernor\Local Settings\Temp\b25d5861-6892-4f91-a680-47974c36144b.exe

C:\Documents and Settings\sirgovernor\Local Settings\Temp\b3cfb780-a5cc-4448-9d3d-c6a77734d976.exe

C:\Documents and Settings\sirgovernor\Local Settings\Temp\b4c512b3-7f56-4cc3-88f0-77072104bf37.exe

C:\Documents and Settings\sirgovernor\Local Settings\Temp\b64cf6f5-0bd7-41e0-968a-4b4229b9c0be.exe

C:\Documents and Settings\sirgovernor\Local Settings\Temp\b8416bd9-10ef-4bb8-92cd-b45dc2e31d2d.exe

C:\Documents and Settings\sirgovernor\Local Settings\Temp\b9b1815d-5bb9-4f36-8a7b-69917222ec3f.exe

C:\Documents and Settings\sirgovernor\Local Settings\Temp\BlueStacks-SplitInstaller_native.exe

C:\Documents and Settings\sirgovernor\Local Settings\Temp\c3a9c924-edf7-4de7-b66d-b9a4d3909774.exe

C:\Documents and Settings\sirgovernor\Local Settings\Temp\c3cfdf0a-5c2b-494a-92b6-905ce1820324.exe

C:\Documents and Settings\sirgovernor\Local Settings\Temp\c94c7a0c-91e9-44e4-977d-e6ff03747127.exe

C:\Documents and Settings\sirgovernor\Local Settings\Temp\cab0e28d-b43c-416c-9a31-5feaf4661bea.exe

C:\Documents and Settings\sirgovernor\Local Settings\Temp\cabex.dll

C:\Documents and Settings\sirgovernor\Local Settings\Temp\cb22ff08-d69a-4ef5-a11a-4822a25a62a9.exe

C:\Documents and Settings\sirgovernor\Local Settings\Temp\cb5380e5-efbe-427b-bf4d-43d039788460.exe

C:\Documents and Settings\sirgovernor\Local Settings\Temp\cb6b2279-8e62-4f7c-9e40-347afb8a8852.exe

C:\Documents and Settings\sirgovernor\Local Settings\Temp\comver.dll

C:\Documents and Settings\sirgovernor\Local Settings\Temp\d3170345-6cae-499c-8f59-dad2945d78e1.exe

C:\Documents and Settings\sirgovernor\Local Settings\Temp\d7b4ffdd-4723-403f-ba8d-67e3729ec6a2.exe

C:\Documents and Settings\sirgovernor\Local Settings\Temp\d82728dc-7ec8-45fc-b1b3-d230c16aacd9.exe

C:\Documents and Settings\sirgovernor\Local Settings\Temp\dadcf28e-ea93-4b83-9f42-e6b381f61874.exe

C:\Documents and Settings\sirgovernor\Local Settings\Temp\ddd29e1a-6c2b-486a-ab37-ef1be5d22827.exe

C:\Documents and Settings\sirgovernor\Local Settings\Temp\down.1480.ext_setup.exe

C:\Documents and Settings\sirgovernor\Local Settings\Temp\down.840.assistant_v3.exe

C:\Documents and Settings\sirgovernor\Local Settings\Temp\dp_20130624_test.exe

C:\Documents and Settings\sirgovernor\Local Settings\Temp\e22050ee-9855-4ffc-9738-c1579695d776.exe

C:\Documents and Settings\sirgovernor\Local Settings\Temp\e450cc53-6586-4734-80a3-976978a47dfe.exe

C:\Documents and Settings\sirgovernor\Local Settings\Temp\e98e46c7-dfa4-40b6-8fcd-3b523c0436eb.exe

C:\Documents and Settings\sirgovernor\Local Settings\Temp\eba9f1f9-af88-49d9-9c68-283a12c64c54.exe

C:\Documents and Settings\sirgovernor\Local Settings\Temp\ecf47b1c-13c9-43b2-a403-13765ccb8e4e.exe

C:\Documents and Settings\sirgovernor\Local Settings\Temp\ed398977-8e14-48d3-ad14-3ca1f911017b.exe

C:\Documents and Settings\sirgovernor\Local Settings\Temp\f23a8a20-ceba-4efe-9a9c-e344c28bc241.exe

C:\Documents and Settings\sirgovernor\Local Settings\Temp\f4054b4a-6f8f-430b-99c4-5d0bca8a57d9.exe

C:\Documents and Settings\sirgovernor\Local Settings\Temp\f473acf5-d8d1-48c2-ab94-32f86dbbc5b7.exe

C:\Documents and Settings\sirgovernor\Local Settings\Temp\f72da527-6e42-41c0-9eec-376237a46335.exe

C:\Documents and Settings\sirgovernor\Local Settings\Temp\f9f79bc1-aadd-4697-a23c-7f9dd57d961e.exe

C:\Documents and Settings\sirgovernor\Local Settings\Temp\fd27f38b-bfa3-41d2-8b71-ce102ce8731a.exe

C:\Documents and Settings\sirgovernor\Local Settings\Temp\FixMyRegistry.exe

C:\Documents and Settings\sirgovernor\Local Settings\Temp\Foxit Updater.exe

C:\Documents and Settings\sirgovernor\Local Settings\Temp\fp_pl_pfs_installer.exe

C:\Documents and Settings\sirgovernor\Local Settings\Temp\ICReinstall_ZipSetup.exe

C:\Documents and Settings\sirgovernor\Local Settings\Temp\KMP_3.2.0.0.exe

C:\Documents and Settings\sirgovernor\Local Settings\Temp\MySearchDial.exe

C:\Documents and Settings\sirgovernor\Local Settings\Temp\nsa130C.exe

C:\Documents and Settings\sirgovernor\Local Settings\Temp\nsc14A0.exe

C:\Documents and Settings\sirgovernor\Local Settings\Temp\nsj1490.exe

C:\Documents and Settings\sirgovernor\Local Settings\Temp\nsj14A6.exe

C:\Documents and Settings\sirgovernor\Local Settings\Temp\nsj14C7.exe

C:\Documents and Settings\sirgovernor\Local Settings\Temp\nsm12F1.exe

C:\Documents and Settings\sirgovernor\Local Settings\Temp\nsm1303.exe

C:\Documents and Settings\sirgovernor\Local Settings\Temp\nsn12FD.exe

C:\Documents and Settings\sirgovernor\Local Settings\Temp\nsp1300.exe

C:\Documents and Settings\sirgovernor\Local Settings\Temp\nsr1493.exe

C:\Documents and Settings\sirgovernor\Local Settings\Temp\nsu1496.exe

C:\Documents and Settings\sirgovernor\Local Settings\Temp\nsv12F7.exe

C:\Documents and Settings\sirgovernor\Local Settings\Temp\nsw14A3.exe

C:\Documents and Settings\sirgovernor\Local Settings\Temp\nsy12F4.exe

C:\Documents and Settings\sirgovernor\Local Settings\Temp\ose00000.exe

C:\Documents and Settings\sirgovernor\Local Settings\Temp\PC-FixSetup_partner1001701_1.6.76Full.exe

C:\Documents and Settings\sirgovernor\Local Settings\Temp\RunWizards.exe

C:\Documents and Settings\sirgovernor\Local Settings\Temp\SaveSenseUpdateVer.exe

C:\Documents and Settings\sirgovernor\Local Settings\Temp\setup.exe

C:\Documents and Settings\sirgovernor\Local Settings\Temp\smt_nationzoom_20131128171426.exe

C:\Documents and Settings\sirgovernor\Local Settings\Temp\SpeedUpMyComputer.exe

C:\Documents and Settings\sirgovernor\Local Settings\Temp\Tsu2A9409A1.dll

C:\Documents and Settings\sirgovernor\Local Settings\Temp\Tsu66FC4A61.dll

C:\Documents and Settings\sirgovernor\Local Settings\Temp\tu17p84.exe

C:\Documents and Settings\sirgovernor\Local Settings\Temp\unelevate.exe

C:\Documents and Settings\sirgovernor\Local Settings\Temp\uninst1.exe

C:\Documents and Settings\sirgovernor\Local Settings\Temp\UpdateCheckerSetup.exe

C:\Documents and Settings\sirgovernor\Local Settings\Temp\VARemove.exe

C:\Documents and Settings\sirgovernor\Local Settings\Temp\vcredist_x86.exe

C:\Documents and Settings\sirgovernor\Local Settings\Temp\yta_bu12_setup.exe

C:\Documents and Settings\sirgovernor\Local Settings\Temp\{203CC18D-56CD-4C61-9F26-FBE4F8BC3574}-33.0.1750.149_chrome_installer.exe

C:\Documents and Settings\sirgovernor\Local Settings\Temp\{B3C7AAB0-C658-4002-8BDA-82B47CD8CCEE}-32.0.1700.72_chrome_installer.exe

==================== Bamital & volsnap Check =================

C:\WINDOWS.0\explorer.exe => MD5 is legit

C:\WINDOWS.0\system32\winlogon.exe => MD5 is legit

C:\WINDOWS.0\system32\svchost.exe => MD5 is legit

C:\WINDOWS.0\system32\services.exe => MD5 is legit

C:\WINDOWS.0\system32\User32.dll => MD5 is legit

C:\WINDOWS.0\system32\userinit.exe => MD5 is legit

C:\WINDOWS.0\system32\rpcss.dll => MD5 is legit

C:\WINDOWS.0\system32\Drivers\volsnap.sys => MD5 is legit

==================== End Of Log ============================

ADDITION.TXT

Additional scan result of Farbar Recovery Scan Tool (x86) Version:30-05-2014

Ran by sirgovernor at 2014-05-30 04:09:47

Running from C:\Documents and Settings\sirgovernor\My Documents\Downloads

Boot Mode: Normal

==========================================================

==================== Security Center ========================

==================== Installed Programs ======================

µTorrent (HKLM\...\uTorrent) (Version: 3.3.0.29126 - BitTorrent Inc.)

Adobe AIR (HKLM\...\Adobe AIR) (Version: 2.5.1.17730 - Adobe Systems Inc.)

Adobe AIR (Version: 2.5.1.17730 - Adobe Systems Inc.) Hidden

Adobe Community Help (HKLM\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.4.980 - Adobe Systems Incorporated.)

Adobe Community Help (Version: 3.4.980 - Adobe Systems Incorporated.) Hidden

Adobe Flash Player 13 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 13.0.0.214 - Adobe Systems Incorporated)

Adobe Photoshop CS5.1 (HKLM\...\{9158FF30-78D7-40EF-B83E-451AC5334640}) (Version: 12.1 - Adobe Systems Incorporated)

Cheat Engine 6.1 (HKLM\...\Cheat Engine 6.1_is1) (Version: - Dark Byte)

Cyberoam Client for 24Online (HKLM\...\Cyberoam Client for 24Online) (Version: - )

Download Accelerator Plus (DAP) (HKLM\...\Download Accelerator Plus (DAP)) (Version: 10053 (Build 2558) - Speedbit Ltd.)

DriverIdentifier 4.2.7 (HKLM\...\{40A3E5DB-5EF8-4F04-BF3E-7AB87C4AE85A}_is1) (Version: - DriverIdentifier)

DriverUpdate (HKLM\...\{C67F5282-3EB4-4FE2-A5C7-ABEE4BE42F6D}) (Version: 2.2.30452 - SlimWare Utilities, Inc.)

Google Chrome (HKLM\...\Google Chrome) (Version: 35.0.1916.114 - Google Inc.)

Google Update Helper (Version: 1.3.24.7 - Google Inc.) Hidden

HiJackThis (HKLM\...\{45A66726-69BC-466B-A7A4-12FCBA4883D7}) (Version: 1.0.0 - Trend Micro)

lucky leap 3.0.0 (HKLM\...\lucky leap) (Version: 3.0.0 - luckyleap)

Medal of Honor Allied Assault (HKLM\...\{0DEA94ED-915A-4834-A87E-388D012C8E02}) (Version: - )

Microsoft Kernel-Mode Driver Framework Feature Pack 1.9 (Version: - Microsoft Corporation) Hidden

Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)

Microsoft_VC80_ATL_x86 (Version: 8.0.50727.4053 - Adobe) Hidden

Microsoft_VC80_CRT_x86 (Version: 8.0.50727.4053 - Adobe) Hidden

Microsoft_VC80_MFC_x86 (Version: 8.0.50727.4053 - Adobe) Hidden

Microsoft_VC80_MFCLOC_x86 (Version: 8.0.50727.4053 - Adobe) Hidden

Microsoft_VC90_ATL_x86 (Version: 1.00.0000 - Adobe) Hidden

Microsoft_VC90_CRT_x86 (Version: 1.00.0000 - Adobe) Hidden

Microsoft_VC90_MFC_x86 (Version: 1.00.0000 - Adobe) Hidden

Microsoft_VC90_MFCLOC_x86 (Version: 1.00.0000 - Adobe) Hidden

Mozilla Firefox 28.0 (x86 en-GB) (HKLM\...\Mozilla Firefox 28.0 (x86 en-GB)) (Version: 28.0 - Mozilla)

Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 28.0 - Mozilla)

MSVC90_x86 (Version: 1.0.1.2 - Nokia) Hidden

NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: - )

PC Connectivity Solution (HKLM\...\{644F4910-E812-49AD-93EC-86828CB81A0D}) (Version: 12.0.27.0 - Nokia)

Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 5.10.0.5582 - Realtek Semiconductor Corp.)

The KMPlayer (remove only) (HKLM\...\The KMPlayer) (Version: - )

VIA/S3G Display Driver (HKLM\...\VIA/S3G Display Driver) (Version: - )

VVaudix (HKLM\...\{681002C6-5019-81A2-7871-A43754F71E56}) (Version: 2.3.0.1281 - Vaudix)

WebFldrs XP (Version: 9.50.7523 - Microsoft Corporation) Hidden

Windows Driver Package - Nokia pccsmcfd “LegacyDriver” (05/31/2012 7.1.2.0) (HKLM\...\17D063A0A9F5D5A225B76B1D9BCB5ADBE85C8382) (Version: 05/31/2012 7.1.2.0 - Nokia)

WinRAR 4.10 beta 1 (32-bit) (HKLM\...\WinRAR archiver) (Version: 4.10.1 - win.rar GmbH)

==================== Restore Points =========================

29-05-2014 04:49:56 System Checkpoint

30-05-2014 05:09:42 System Checkpoint

==================== Hosts content: ==========================

2013-09-19 02:22 - 2013-09-19 02:22 - 00000768 ____A C:\WINDOWS.0\system32\Drivers\etc\hosts

127.0.0.1 localhost

127.0.0.1 mpa.one.microsoft.com

==================== Scheduled Tasks (whitelisted) =============

Task: C:\WINDOWS.0\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS.0\system32\Macromed\Flash\FlashPlayerUpdateService.exe

Task: C:\WINDOWS.0\Tasks\At1.job => C:\DOCUME~1\SIRGOV~2\APPLIC~1\Dealply\UPDATE~1\UPDATE~1.EXE <==== ATTENTION

Task: C:\WINDOWS.0\Tasks\At2.job => C:\DOCUME~1\SIRGOV~2\APPLIC~1\SAVESE~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION

Task: C:\WINDOWS.0\Tasks\DealPlyLiveUpdateTaskMachineCore.job => C:\Program Files\DealPlyLive\Update\DealPlyLive.exe <==== ATTENTION

Task: C:\WINDOWS.0\Tasks\DealPlyLiveUpdateTaskMachineUA.job => C:\Program Files\DealPlyLive\Update\DealPlyLive.exe <==== ATTENTION

Task: C:\WINDOWS.0\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe

Task: C:\WINDOWS.0\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2012-10-18 22:00 - 2011-10-03 22:39 - 00166400 _____ () C:\Program Files\WinRAR\rarext.dll

2013-09-19 02:31 - 2013-09-19 02:31 - 00014336 _____ () C:\WINDOWS.0\system32\msdmo.dll

2013-09-19 02:17 - 2013-09-19 02:17 - 00059904 _____ () C:\WINDOWS.0\system32\devenum.dll

2014-05-23 02:16 - 2014-05-13 16:40 - 04217672 _____ () C:\Program Files\Google\Chrome\Application\35.0.1916.114\pdf.dll

2014-05-23 02:16 - 2014-05-13 16:40 - 00414536 _____ () C:\Program Files\Google\Chrome\Application\35.0.1916.114\ppGoogleNaClPluginChrome.dll

2014-05-23 02:16 - 2014-05-13 16:40 - 01732424 _____ () C:\Program Files\Google\Chrome\Application\35.0.1916.114\ffmpegsumo.dll

2013-09-19 02:38 - 2013-09-19 02:38 - 01288192 _____ () C:\WINDOWS.0\system32\quartz.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\Documents and Settings\All Users.WINDOWS.0\Application Data\TEMP:56E2E879

==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp => ""="Driver"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp.sys => ""="Driver"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp => ""="Driver"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp.sys => ""="Driver"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"

==================== EXE Association (whitelisted) =============

==================== Disabled items from MSCONFIG ==============

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:

==================

Error: (05/29/2014 02:58:02 AM) (Source: MsiInstaller) (EventID: 11713) (User: COMPUTER_1)

Description: Product: Microsoft Office Word MUI (English) 2007 -- Error 1713. Setup cannot install one of the required products for Microsoft Office Word MUI (English) 2007.

Error: (05/29/2014 02:57:50 AM) (Source: MsiInstaller) (EventID: 11713) (User: COMPUTER_1)

Description: Product: Microsoft Office Word MUI (English) 2007 -- Error 1713. Setup cannot install one of the required products for Microsoft Office Word MUI (English) 2007.

System errors:

=============

Error: (05/30/2014 03:58:35 AM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: The DealPly Live Service (dealplylive) service failed to start due to the following error:

%%1053

Error: (05/30/2014 03:58:35 AM) (Source: Service Control Manager) (EventID: 7009) (User: )

Description: Timeout (30000 milliseconds) waiting for the DealPly Live Service (dealplylive) service to connect.

Error: (05/30/2014 03:58:35 AM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: The Avira AntiVir Personal - Free Antivirus Guard service failed to start due to the following error:

%%1053

Error: (05/30/2014 03:58:35 AM) (Source: Service Control Manager) (EventID: 7009) (User: )

Description: Timeout (30000 milliseconds) waiting for the Avira AntiVir Personal - Free Antivirus Guard service to connect.

Error: (05/30/2014 03:58:35 AM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: The Avira AntiVir Personal - Free Antivirus Scheduler service failed to start due to the following error:

%%1053

Error: (05/30/2014 03:58:35 AM) (Source: Service Control Manager) (EventID: 7009) (User: )

Description: Timeout (30000 milliseconds) waiting for the Avira AntiVir Personal - Free Antivirus Scheduler service to connect.

Error: (05/29/2014 09:57:00 PM) (Source: Schedule) (EventID: 7901) (User: )

Description: The At1.job command failed to start due to the following error:

%%2147942402

Error: (05/29/2014 08:57:00 PM) (Source: Schedule) (EventID: 7901) (User: )

Description: The At1.job command failed to start due to the following error:

%%2147942402

Error: (05/29/2014 07:57:00 PM) (Source: Schedule) (EventID: 7901) (User: )

Description: The At1.job command failed to start due to the following error:

%%2147942402

Error: (05/29/2014 06:57:00 PM) (Source: Schedule) (EventID: 7901) (User: )

Description: The At1.job command failed to start due to the following error:

%%2147942402

Microsoft Office Sessions:

=========================

==================== Memory info ===========================

Percentage of memory in use: 64%

Total physical RAM: 735.48 MB

Available physical RAM: 257.93 MB

Total Pagefile: 1798.77 MB

Available Pagefile: 1282.58 MB

Total Virtual: 2047.88 MB

Available Virtual: 1973.86 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:37.25 GB) (Free:1.3 GB) NTFS ==>[Drive with boot components (Windows XP)]

Drive d: (THE CRAPS I) (Fixed) (Total:37.27 GB) (Free:12.25 GB) FAT32

==================== MBR & Partition Table ==================

========================================================

Disk: 0 (MBR Code: Windows XP) (Size: 75 GB) (Disk ID: ACD3ACD3)

Partition 1: (Active) - (Size=37 GB) - (Type=07 NTFS)

Partition 2: (Not Active) - (Size=37 GB) - (Type=OF Extended)

==================== End Of Log ============================

#4
emeraldnzl

Posted 30 May 2014 - 04:05 PM

GeekU Instructor

GeekU Moderator
20,051 posts

Hello Sarvesh Govenkar,

Firstly please uninstall:

lucky leap 3.0.0 for information about it see here

Next

Download the attached fixlist.txt file and save it to the Desktop.

NOTE. It's important that both files, FRST and fixlist.txt are in the same location or the fix will not work.

NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

Run FRST/FRST64 and press the Fix button just once and wait.
The tool will make a log on the Desktop (Fixlog.txt). Please post it to your reply.

After that

Download TFC.exe from here (Vista and above users right click and run as Administrator).

If you asked "Do you want to allow the following program..." click yes.

The "Temp file cleaner by Oldtimer" console will pop up. Click continue and allow it to do it's job.

You may be asked to reboot when it is finished. Please do so.

If you are not asked to reboot you may be confronted with two windows. One will be the Temp File Cleaner console with a report of what has been cleaned. The other will just be a window showing your libraries etc. They can both be closed.

You are finished.

Finally in this post

Please run Farbars Recovery Scan Tool again
Press Scan button.
It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.

So when you return please post

Fixlog.txt
FRST.txt

#5
Sarvesh Govenkar

Posted 01 June 2014 - 06:57 PM

Member

Topic Starter
Member
18 posts

FRST.TXT

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:01-06-2014 01

Ran by sirgovernor (administrator) on COMPUTER_1 on 01-06-2014 17:52:19

Running from C:\Documents and Settings\sirgovernor\My Documents\Downloads

Platform: Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: English(US)

Internet Explorer Version 6

Boot Mode: Normal

The only official download link for FRST:

Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/

Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/

Download link from any site other than Bleeping Computer is unpermitted or outdated.

See tutorial for FRST: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(Microsoft Corporation) C:\WINDOWS.0\system32\smss.exe

(Microsoft Corporation) C:\WINDOWS.0\system32\csrss.exe

(Microsoft Corporation) C:\WINDOWS.0\system32\winlogon.exe

(Microsoft Corporation) C:\WINDOWS.0\system32\services.exe

(Microsoft Corporation) C:\WINDOWS.0\system32\lsass.exe

(Microsoft Corporation) C:\WINDOWS.0\system32\svchost.exe

(Microsoft Corporation) C:\WINDOWS.0\explorer.exe

(Microsoft Corporation) C:\WINDOWS.0\system32\spoolsv.exe

(S3 Graphics, Inc.) C:\WINDOWS.0\system32\VTTimer.exe

(Microsoft Corporation) C:\WINDOWS.0\system32\ctfmon.exe

(eLitecore Technologies Ltd.) C:\Program Files\eLitecore\Cyberoam Client for 24Online\CyberoamClient.exe

(Microsoft Corporation) C:\WINDOWS.0\system32\svchost.exe

(Microsoft Corporation) C:\WINDOWS.0\system32\wuauclt.exe