Each instruction seemed to execute flawlessly. Here's the FRST log:
Scan result of Farbar Recovery Scan Tool Version: 25-07-2012 01
Ran by SYSTEM at 03-08-2012 18:56:07
Running from H:\
Windows 7 Ultimate (X64) OS Language: English(US)
The current controlset is ControlSet001
========================== Registry (Whitelisted) =============
HKLM\...\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe /launchGaming [1680976 2010-10-28] (Logitech, Inc.)
HKLM\...\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice [4081008 2012-03-07] (ESET)
HKLM-x32\...\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [49208 2011-05-09] (Hewlett-Packard)
HKLM-x32\...\Run: [] [x]
HKLM-x32\...\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [252296 2012-01-17] (Sun Microsystems, Inc.)
HKU\Harry\...\Run: [Adobe Reader Synchronizer] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AdobeCollabSync.exe" [1243040 2012-01-03] (Adobe Systems Incorporated)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
Tcpip\Parameters: [DhcpNameServer] 75.75.76.76 75.75.75.75
Tcpip\..\Interfaces\{DD420E92-4EA0-47DD-B718-C5AD7728ED95}: [NameServer]8.8.8.8,8.8.4.4
Startup: C:\Users\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
==================== Services (Whitelisted) ======
2 Akamai; C:\program files (x86)\common files\akamai/netsession_win_4f7fccd.dll [4419392 2012-07-17] (Akamai Technologies, Inc)
2 Diskeeper; "C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe" [2644816 2011-05-17] (Diskeeper Corporation)
2 ekrn; "C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe" [913144 2012-03-07] (ESET)
2 FileOpenManagerSvc; C:\ProgramData\FileOpen\Services\FileOpenManagerSvc64.exe [331648 2011-03-09] (FileOpen Systems Inc.)
3 ufad-ws60; "C:\Program Files (x86)\VMware\VMware Player\vmware-ufad.exe" -d "C:\Program Files (x86)\VMware\VMware Player\\" -s ufad-p2v.xml [x]
========================== Drivers (Whitelisted) =============
3 DKRtWrt; C:\Windows\System32\Drivers\DKRtWrt.sys [44624 2011-02-13] (Diskeeper Corporation)
3 E100B; C:\Windows\System32\DRIVERS\efe5b32e.sys [192256 2009-06-10] (Intel Corporation)
1 eamonm; C:\Windows\System32\Drivers\eamonm.sys [209768 2012-03-14] (ESET)
1 ehdrv; C:\Windows\System32\Drivers\ehdrv.sys [148528 2012-03-14] (ESET)
2 epfw; C:\Windows\System32\Drivers\epfw.sys [187632 2012-03-14] (ESET)
1 EpfwLWF; C:\Windows\System32\Drivers\EpfwLWF.sys [38288 2012-03-14] (ESET)
0 epfwwfp; C:\Windows\System32\Drivers\epfwwfp.sys [62496 2012-03-14] (ESET)
3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [8192 2005-03-28] ()
2 VMparport; C:\Windows\System32\Drivers\VMparport.sys [30832 2010-11-11] (VMware, Inc.)
2 vstor2-ws60; \??\C:\Program Files (x86)\VMware\VMware Player\vstor2-ws60.sys [32816 2010-08-19] (VMware, Inc.)
1 A2DDA; \??\C:\Users\Harry\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\56BW3TS4\EmsisoftEmergencyKit\Run\a2ddax64.sys [x]
3 efavdrv; \??\C:\Windows\system32\drivers\efavdrv.sys [x]
3 Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys [x]
3 tsusbhub; C:\Windows\System32\drivers\tsusbhub.sys [x]
3 VGPU; C:\Windows\System32\drivers\rdvgkmd.sys [x]
========================== NetSvcs (Whitelisted) ===========
============ One Month Created Files and Folders ==============
2012-07-31 07:31 - 2012-07-31 07:31 - 00022473 ____A C:\Users\Harry\Documents\Document2_95.htm
2012-07-31 07:31 - 2012-07-31 07:31 - 00000000 ____D C:\Users\Harry\Documents\Document2_95_files
2012-07-31 07:30 - 2012-07-31 07:30 - 00024806 ____A C:\Users\Harry\Documents\Document2_94.htm
2012-07-31 07:30 - 2012-07-31 07:30 - 00000000 ____D C:\Users\Harry\Documents\Document2_94_files
2012-07-31 07:28 - 2012-07-31 07:28 - 00024806 ____A C:\Users\Harry\Documents\Document1_27.htm
2012-07-31 07:28 - 2012-07-31 07:28 - 00000000 ____D C:\Users\Harry\Documents\Document1_27_files
2012-07-30 15:50 - 2012-07-30 15:50 - 00000924 ____A C:\Users\Harry\Desktop\NTREGOPT.lnk
2012-07-30 15:50 - 2012-07-30 15:50 - 00000905 ____A C:\Users\Harry\Desktop\ERUNT.lnk
2012-07-30 15:50 - 2012-07-30 15:50 - 00000000 ____D C:\Program Files (x86)\ERUNT
2012-07-30 15:47 - 2012-07-30 15:47 - 00000148 ____A C:\Users\Harry\Desktop\fix.bat
2012-07-30 15:46 - 2012-07-30 15:46 - 00791393 ____A (Lars Hederer ) C:\Users\Harry\Desktop\erunt_setup.exe
2012-07-29 14:07 - 2012-07-29 14:07 - 00000220 ____A C:\Users\Harry\Desktop\fix.txt
2012-07-26 17:29 - 2012-07-26 17:29 - 00072438 ____A C:\Users\Harry\Desktop\Extras.Txt
2012-07-26 17:28 - 2012-07-30 16:00 - 00076248 ____A C:\Users\Harry\Desktop\OTL.Txt
2012-07-26 17:20 - 2012-07-26 17:21 - 00597504 ____A (OldTimer Tools) C:\Users\Harry\Desktop\OTL.exe
2012-07-26 17:06 - 2012-07-26 17:06 - 00448512 ____A (OldTimer Tools) C:\Users\Harry\Desktop\TFC.exe
2012-07-25 09:04 - 2012-07-25 09:04 - 00000000 ____D C:\_OTL
2012-07-23 13:57 - 2012-07-23 13:57 - 00016643 ____A C:\ComboFix.txt
2012-07-23 13:25 - 2012-07-30 15:50 - 00000000 ____D C:\Windows\erdnt
2012-07-23 13:25 - 2012-07-23 13:58 - 00000000 ____D C:\Qoobox
2012-07-22 17:23 - 2012-07-22 17:23 - 00001625 ____A C:\Users\Harry\Desktop\aswMBR.txt
2012-07-22 17:23 - 2012-07-22 17:23 - 00000512 ____A C:\Users\Harry\Desktop\MBR.dat
2012-07-21 12:21 - 2012-07-21 12:21 - 00074958 ____A C:\Users\Harry\Downloads\Extras.Txt
2012-07-21 12:20 - 2012-07-21 12:20 - 00077112 ____A C:\Users\Harry\Downloads\OTL.Txt
2012-07-20 18:54 - 2012-07-20 18:54 - 00000000 ____D C:\Users\Harry\DoctorWeb
2012-07-20 08:23 - 2012-07-20 08:23 - 00000000 ____D C:\TDSSKiller_Quarantine
2012-07-18 18:53 - 2012-07-18 18:53 - 00000000 ____D C:\Users\All Users\Kaspersky Lab
2012-07-18 18:53 - 2012-07-18 18:53 - 00000000 ____D C:\Program Files (x86)\Kaspersky Lab
2012-07-18 18:46 - 2012-07-18 18:46 - 00000000 ____D C:\Users\All Users\Symantec
2012-07-18 18:43 - 2012-07-18 18:43 - 00000000 ____D C:\Users\Harry\AppData\Local\Chromium
2012-07-18 18:42 - 2012-07-26 05:37 - 00000000 ____D C:\Program Files (x86)\Norton PC Checkup 3.0
2012-07-18 18:42 - 2012-07-18 18:43 - 00000000 ____D C:\Users\All Users\Norton
2012-07-18 11:30 - 2009-07-13 17:14 - 00020480 ____A (Microsoft Corporation) C:\Windows\svchost.exe
2012-07-17 19:27 - 2012-07-18 16:20 - 00000000 ____D C:\Program Files (x86)\Oracle
2012-07-17 19:26 - 2012-07-17 19:26 - 00174064 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2012-07-17 19:26 - 2012-07-17 19:26 - 00174064 ____A (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2012-07-17 19:26 - 2012-07-05 18:06 - 00772544 ____A (Oracle Corporation) C:\Windows\SysWOW64\npDeployJava1.dll
2012-07-17 19:26 - 2012-07-05 18:06 - 00227760 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2012-07-17 19:10 - 2012-06-11 19:08 - 03148800 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys
2012-07-17 19:07 - 2012-07-17 19:07 - 00000129 ____A C:\Windows\System32\MRT.INI
2012-07-17 19:03 - 2012-06-02 04:49 - 17807360 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2012-07-17 19:03 - 2012-06-02 04:17 - 10924032 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2012-07-17 19:03 - 2012-06-02 04:12 - 02311680 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2012-07-17 19:03 - 2012-06-02 04:05 - 01392128 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2012-07-17 19:03 - 2012-06-02 04:05 - 01346048 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2012-07-17 19:03 - 2012-06-02 04:04 - 01494528 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2012-07-17 19:03 - 2012-06-02 04:04 - 00237056 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2012-07-17 19:03 - 2012-06-02 04:03 - 00085504 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2012-07-17 19:03 - 2012-06-02 04:01 - 00173056 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2012-07-17 19:03 - 2012-06-02 04:00 - 00818688 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2012-07-17 19:03 - 2012-06-02 03:59 - 02144768 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2012-07-17 19:03 - 2012-06-02 03:57 - 02382848 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2012-07-17 19:03 - 2012-06-02 03:57 - 00096768 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2012-07-17 19:03 - 2012-06-02 03:54 - 00248320 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2012-07-17 19:03 - 2012-06-02 01:07 - 12314624 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2012-07-17 19:03 - 2012-06-02 00:43 - 09737728 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2012-07-17 19:03 - 2012-06-02 00:33 - 01800192 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2012-07-17 19:03 - 2012-06-02 00:26 - 01103872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2012-07-17 19:03 - 2012-06-02 00:25 - 01427968 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2012-07-17 19:03 - 2012-06-02 00:25 - 01129472 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2012-07-17 19:03 - 2012-06-02 00:23 - 00231936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2012-07-17 19:03 - 2012-06-02 00:21 - 00065024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2012-07-17 19:03 - 2012-06-02 00:20 - 00142848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2012-07-17 19:03 - 2012-06-02 00:19 - 01793024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2012-07-17 19:03 - 2012-06-02 00:19 - 00716800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2012-07-17 19:03 - 2012-06-02 00:17 - 00073216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2012-07-17 19:03 - 2012-06-02 00:16 - 02382848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2012-07-17 19:03 - 2012-06-02 00:14 - 00176640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2012-07-17 16:45 - 2012-06-08 21:43 - 14172672 ____A (Microsoft Corporation) C:\Windows\System32\shell32.dll
2012-07-17 16:45 - 2012-06-08 20:41 - 12873728 ____A (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2012-07-17 16:45 - 2012-06-05 22:06 - 02004480 ____A (Microsoft Corporation) C:\Windows\System32\msxml6.dll
2012-07-17 16:45 - 2012-06-05 22:06 - 01881600 ____A (Microsoft Corporation) C:\Windows\System32\msxml3.dll
2012-07-17 16:45 - 2012-06-05 21:05 - 01390080 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2012-07-17 16:45 - 2012-06-05 21:05 - 01236992 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2012-07-17 16:45 - 2012-06-01 21:50 - 00458704 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\cng.sys
2012-07-17 16:45 - 2012-06-01 21:48 - 00151920 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ksecpkg.sys
2012-07-17 16:45 - 2012-06-01 21:48 - 00095600 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ksecdd.sys
2012-07-17 16:45 - 2012-06-01 21:45 - 00340992 ____A (Microsoft Corporation) C:\Windows\System32\schannel.dll
2012-07-17 16:45 - 2012-06-01 21:44 - 00307200 ____A (Microsoft Corporation) C:\Windows\System32\ncrypt.dll
2012-07-17 16:45 - 2012-06-01 20:40 - 00225280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2012-07-17 16:45 - 2012-06-01 20:40 - 00022016 ____A (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2012-07-17 16:45 - 2012-06-01 20:39 - 00219136 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2012-07-17 16:45 - 2012-06-01 20:34 - 00096768 ____A (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2012-07-17 16:45 - 2010-06-25 19:55 - 00002048 ____A (Microsoft Corporation) C:\Windows\System32\msxml3r.dll
2012-07-17 16:45 - 2010-06-25 19:24 - 00002048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2012-07-17 16:44 - 2012-06-05 22:02 - 01133568 ____A (Microsoft Corporation) C:\Windows\System32\cdosys.dll
2012-07-17 16:44 - 2012-06-05 21:03 - 00805376 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cdosys.dll
2012-07-16 15:36 - 2012-07-17 16:38 - 00000000 ____D C:\Program Files\NetWorx
2012-07-16 15:36 - 2012-07-16 15:36 - 00000000 ____D C:\Users\All Users\SoftPerfect
2012-07-15 14:34 - 2012-07-15 14:34 - 00153251 ____A C:\Users\Harry\Downloads\search (9)
2012-07-09 15:17 - 2012-07-09 15:17 - 00040377 ____A C:\Users\Harry\Desktop\sfcdetails.txt
2012-07-09 07:53 - 2012-07-31 06:33 - 00000000 ____D C:\Users\Harry\AEP_Diesel_Fire_Pumps
2012-07-08 15:15 - 2012-07-08 15:59 - 00009528 ____A C:\Users\Harry\Documents\Departed_Souls.xlsx
============ 3 Months Modified Files ========================
2012-08-03 14:52 - 2011-01-31 16:08 - 01680105 ____A C:\Windows\WindowsUpdate.log
2012-08-03 14:48 - 2009-07-13 21:13 - 00783414 ____A C:\Windows\System32\PerfStringBackup.INI
2012-08-03 14:33 - 2012-06-02 07:32 - 00007448 ____A C:\Windows\setupact.log
2012-08-03 05:01 - 2011-01-07 10:44 - 00970752 ____A C:\Users\Harry\Documents\BDTracker.accdb
2012-08-02 17:49 - 2009-07-13 20:45 - 00013440 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2012-08-02 17:49 - 2009-07-13 20:45 - 00013440 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2012-08-02 17:41 - 2009-07-13 21:08 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2012-07-31 07:31 - 2012-07-31 07:31 - 00022473 ____A C:\Users\Harry\Documents\Document2_95.htm
2012-07-31 07:30 - 2012-07-31 07:30 - 00024806 ____A C:\Users\Harry\Documents\Document2_94.htm
2012-07-31 07:28 - 2012-07-31 07:28 - 00024806 ____A C:\Users\Harry\Documents\Document1_27.htm
2012-07-30 16:00 - 2012-07-26 17:28 - 00076248 ____A C:\Users\Harry\Desktop\OTL.Txt
2012-07-30 15:50 - 2012-07-30 15:50 - 00000924 ____A C:\Users\Harry\Desktop\NTREGOPT.lnk
2012-07-30 15:50 - 2012-07-30 15:50 - 00000905 ____A C:\Users\Harry\Desktop\ERUNT.lnk
2012-07-30 15:47 - 2012-07-30 15:47 - 00000148 ____A C:\Users\Harry\Desktop\fix.bat
2012-07-30 15:46 - 2012-07-30 15:46 - 00791393 ____A (Lars Hederer ) C:\Users\Harry\Desktop\erunt_setup.exe
2012-07-29 14:07 - 2012-07-29 14:07 - 00000220 ____A C:\Users\Harry\Desktop\fix.txt
2012-07-26 17:29 - 2012-07-26 17:29 - 00072438 ____A C:\Users\Harry\Desktop\Extras.Txt
2012-07-26 17:21 - 2012-07-26 17:20 - 00597504 ____A (OldTimer Tools) C:\Users\Harry\Desktop\OTL.exe
2012-07-26 17:06 - 2012-07-26 17:06 - 00448512 ____A (OldTimer Tools) C:\Users\Harry\Desktop\TFC.exe
2012-07-26 08:53 - 2011-01-31 17:06 - 00141592 ____A C:\Users\Harry\AppData\Local\GDIPFONTCACHEV1.DAT
2012-07-23 13:57 - 2012-07-23 13:57 - 00016643 ____A C:\ComboFix.txt
2012-07-22 17:23 - 2012-07-22 17:23 - 00001625 ____A C:\Users\Harry\Desktop\aswMBR.txt
2012-07-22 17:23 - 2012-07-22 17:23 - 00000512 ____A C:\Users\Harry\Desktop\MBR.dat
2012-07-21 12:21 - 2012-07-21 12:21 - 00074958 ____A C:\Users\Harry\Downloads\Extras.Txt
2012-07-21 12:20 - 2012-07-21 12:20 - 00077112 ____A C:\Users\Harry\Downloads\OTL.Txt
2012-07-18 18:37 - 2012-05-15 15:42 - 00889372 ____A C:\Users\Harry\AppData\Local\census.cache
2012-07-18 18:37 - 2012-05-15 15:42 - 00107883 ____A C:\Users\Harry\AppData\Local\ars.cache
2012-07-18 11:04 - 2011-08-26 14:47 - 00000896 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2012-07-18 11:04 - 2011-08-26 14:47 - 00000892 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2012-07-17 19:26 - 2012-07-17 19:26 - 00174064 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2012-07-17 19:26 - 2012-07-17 19:26 - 00174064 ____A (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2012-07-17 19:13 - 2009-07-13 20:45 - 00569600 ____A C:\Windows\System32\FNTCACHE.DAT
2012-07-17 19:09 - 2009-07-13 18:34 - 00000513 ____A C:\Windows\win.ini
2012-07-17 19:07 - 2012-07-17 19:07 - 00000129 ____A C:\Windows\System32\MRT.INI
2012-07-17 19:05 - 2011-02-01 11:51 - 59701280 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe
2012-07-15 14:34 - 2012-07-15 14:34 - 00153251 ____A C:\Users\Harry\Downloads\search (9)
2012-07-09 15:17 - 2012-07-09 15:17 - 00040377 ____A C:\Users\Harry\Desktop\sfcdetails.txt
2012-07-08 15:59 - 2012-07-08 15:15 - 00009528 ____A C:\Users\Harry\Documents\Departed_Souls.xlsx
2012-07-05 18:06 - 2012-07-17 19:26 - 00772544 ____A (Oracle Corporation) C:\Windows\SysWOW64\npDeployJava1.dll
2012-07-05 18:06 - 2012-07-17 19:26 - 00227760 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2012-06-30 17:02 - 2012-04-13 04:39 - 00426184 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2012-06-30 17:02 - 2011-05-23 05:36 - 00070344 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2012-06-30 17:00 - 2012-06-08 16:09 - 00001586 ____A C:\Windows\PFRO.log
2012-06-22 10:04 - 2012-06-22 10:04 - 00001899 ____A C:\Users\Harry\Desktop\
[email protected]
2012-06-22 10:04 - 2012-06-22 10:04 - 00001892 ____A C:\Users\Harry\Desktop\
[email protected]
2012-06-22 10:03 - 2012-06-22 10:04 - 00720896 ____A (Indigo Rose Corporation) C:\Windows\iun6002.exe
2012-06-18 13:16 - 2012-06-18 13:16 - 00306180 ____A C:\Users\Harry\Desktop\LimitSwitch.tif
2012-06-17 18:17 - 2012-06-17 18:16 - 00049970 ____A C:\Users\Harry\Downloads\MC900122963.WMF
2012-06-17 18:16 - 2012-06-17 18:16 - 00043754 ____A C:\Users\Harry\Downloads\MC900122879.WMF
2012-06-17 18:15 - 2012-06-17 18:15 - 00064872 ____A C:\Users\Harry\Downloads\MC900122855.WMF
2012-06-17 18:15 - 2012-06-17 18:15 - 00031556 ____A C:\Users\Harry\Downloads\MC900123279.WMF
2012-06-17 18:15 - 2012-06-17 18:15 - 00031008 ____A C:\Users\Harry\Downloads\MC900331945.WMF
2012-06-17 18:15 - 2012-06-17 18:15 - 00014288 ____A C:\Users\Harry\Downloads\MC900123299.WMF
2012-06-17 18:14 - 2012-06-17 18:14 - 00013434 ____A C:\Users\Harry\Downloads\MC900437473.WMF
2012-06-17 18:14 - 2012-06-17 18:14 - 00010468 ____A C:\Users\Harry\Downloads\MC900437483.WMF
2012-06-17 18:14 - 2012-06-17 18:14 - 00009394 ____A C:\Users\Harry\Downloads\MC900437475.WMF
2012-06-17 18:13 - 2012-06-17 18:13 - 00007392 ____A C:\Users\Harry\Downloads\MC900437655.WMF
2012-06-17 18:13 - 2012-06-17 18:13 - 00005688 ____A C:\Users\Harry\Downloads\MC900437443.WMF
2012-06-17 18:12 - 2012-06-17 18:12 - 00009240 ____A C:\Users\Harry\Downloads\MC900384212 (1).WMF
2012-06-17 18:12 - 2012-06-17 18:12 - 00006272 ____A C:\Users\Harry\Downloads\MC900391216.WMF
2012-06-17 18:12 - 2012-06-17 18:12 - 00006268 ____A C:\Users\Harry\Downloads\MC900435075.WMF
2012-06-17 18:11 - 2012-06-17 18:11 - 00009240 ____A C:\Users\Harry\Downloads\MC900384212.WMF
2012-06-17 18:10 - 2012-06-17 18:10 - 00015030 ____A C:\Users\Harry\Downloads\MC900435576.WMF
2012-06-17 18:10 - 2012-06-17 18:10 - 00005384 ____A C:\Users\Harry\Downloads\MC900435574.WMF
2012-06-15 15:56 - 2012-06-15 15:55 - 00020010 ____A C:\Users\Harry\Desktop\HiJackFree.log
2012-06-15 15:48 - 2012-06-15 15:48 - 00000098 ____A C:\index.ini
2012-06-15 15:38 - 2012-06-15 15:38 - 00003024 ____A C:\Users\Harry\Desktop\a2scan_120615-174305.txt
2012-06-13 23:26 - 2011-11-28 12:13 - 00000908 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-736737125-3206749467-127025134-1001UA.job
2012-06-13 23:26 - 2011-11-28 12:13 - 00000856 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-736737125-3206749467-127025134-1001Core.job
2012-06-12 17:47 - 2012-06-12 17:47 - 00008710 ____A C:\Users\Harry\Documents\cc_20120612_214715.reg
2012-06-12 05:10 - 2011-11-28 12:14 - 00002396 ____A C:\Users\Harry\Desktop\Google Chrome.lnk
2012-06-11 19:08 - 2012-07-17 19:10 - 03148800 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys
2012-06-08 21:43 - 2012-07-17 16:45 - 14172672 ____A (Microsoft Corporation) C:\Windows\System32\shell32.dll
2012-06-08 20:41 - 2012-07-17 16:45 - 12873728 ____A (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2012-06-05 22:06 - 2012-07-17 16:45 - 02004480 ____A (Microsoft Corporation) C:\Windows\System32\msxml6.dll
2012-06-05 22:06 - 2012-07-17 16:45 - 01881600 ____A (Microsoft Corporation) C:\Windows\System32\msxml3.dll
2012-06-05 22:02 - 2012-07-17 16:44 - 01133568 ____A (Microsoft Corporation) C:\Windows\System32\cdosys.dll
2012-06-05 21:05 - 2012-07-17 16:45 - 01390080 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2012-06-05 21:05 - 2012-07-17 16:45 - 01236992 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2012-06-05 21:03 - 2012-07-17 16:44 - 00805376 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cdosys.dll
2012-06-02 14:19 - 2012-06-23 08:09 - 02428952 ____A (Microsoft Corporation) C:\Windows\System32\wuaueng.dll
2012-06-02 14:19 - 2012-06-23 08:09 - 00701976 ____A (Microsoft Corporation) C:\Windows\System32\wuapi.dll
2012-06-02 14:19 - 2012-06-23 08:09 - 00057880 ____A (Microsoft Corporation) C:\Windows\System32\wuauclt.exe
2012-06-02 14:19 - 2012-06-23 08:09 - 00044056 ____A (Microsoft Corporation) C:\Windows\System32\wups2.dll
2012-06-02 14:19 - 2012-06-23 08:09 - 00038424 ____A (Microsoft Corporation) C:\Windows\System32\wups.dll
2012-06-02 14:15 - 2012-06-23 08:09 - 02622464 ____A (Microsoft Corporation) C:\Windows\System32\wucltux.dll
2012-06-02 14:15 - 2012-06-23 08:09 - 00099840 ____A (Microsoft Corporation) C:\Windows\System32\wudriver.dll
2012-06-02 11:19 - 2012-06-23 08:09 - 00186752 ____A (Microsoft Corporation) C:\Windows\System32\wuwebv.dll
2012-06-02 11:15 - 2012-06-23 08:09 - 00036864 ____A (Microsoft Corporation) C:\Windows\System32\wuapp.exe
2012-06-02 07:32 - 2012-06-02 07:32 - 00000000 ____A C:\Windows\setuperr.log
2012-06-02 04:49 - 2012-07-17 19:03 - 17807360 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2012-06-02 04:17 - 2012-07-17 19:03 - 10924032 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2012-06-02 04:12 - 2012-07-17 19:03 - 02311680 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2012-06-02 04:05 - 2012-07-17 19:03 - 01392128 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2012-06-02 04:05 - 2012-07-17 19:03 - 01346048 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2012-06-02 04:04 - 2012-07-17 19:03 - 01494528 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2012-06-02 04:04 - 2012-07-17 19:03 - 00237056 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2012-06-02 04:03 - 2012-07-17 19:03 - 00085504 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2012-06-02 04:01 - 2012-07-17 19:03 - 00173056 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2012-06-02 04:00 - 2012-07-17 19:03 - 00818688 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2012-06-02 03:59 - 2012-07-17 19:03 - 02144768 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2012-06-02 03:57 - 2012-07-17 19:03 - 02382848 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2012-06-02 03:57 - 2012-07-17 19:03 - 00096768 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2012-06-02 03:54 - 2012-07-17 19:03 - 00248320 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2012-06-02 01:07 - 2012-07-17 19:03 - 12314624 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2012-06-02 00:43 - 2012-07-17 19:03 - 09737728 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2012-06-02 00:33 - 2012-07-17 19:03 - 01800192 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2012-06-02 00:26 - 2012-07-17 19:03 - 01103872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2012-06-02 00:25 - 2012-07-17 19:03 - 01427968 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2012-06-02 00:25 - 2012-07-17 19:03 - 01129472 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2012-06-02 00:23 - 2012-07-17 19:03 - 00231936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2012-06-02 00:21 - 2012-07-17 19:03 - 00065024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2012-06-02 00:20 - 2012-07-17 19:03 - 00142848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2012-06-02 00:19 - 2012-07-17 19:03 - 01793024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2012-06-02 00:19 - 2012-07-17 19:03 - 00716800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2012-06-02 00:17 - 2012-07-17 19:03 - 00073216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2012-06-02 00:16 - 2012-07-17 19:03 - 02382848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2012-06-02 00:14 - 2012-07-17 19:03 - 00176640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2012-06-01 21:50 - 2012-07-17 16:45 - 00458704 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\cng.sys
2012-06-01 21:48 - 2012-07-17 16:45 - 00151920 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ksecpkg.sys
2012-06-01 21:48 - 2012-07-17 16:45 - 00095600 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ksecdd.sys
2012-06-01 21:45 - 2012-07-17 16:45 - 00340992 ____A (Microsoft Corporation) C:\Windows\System32\schannel.dll
2012-06-01 21:44 - 2012-07-17 16:45 - 00307200 ____A (Microsoft Corporation) C:\Windows\System32\ncrypt.dll
2012-06-01 20:40 - 2012-07-17 16:45 - 00225280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2012-06-01 20:40 - 2012-07-17 16:45 - 00022016 ____A (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2012-06-01 20:39 - 2012-07-17 16:45 - 00219136 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2012-06-01 20:34 - 2012-07-17 16:45 - 00096768 ____A (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2012-06-01 18:09 - 2012-04-22 15:54 - 00000822 ____A C:\Users\Public\Desktop\CCleaner.lnk
2012-06-01 18:03 - 2012-06-01 18:03 - 00013116 ____A C:\Users\Harry\Documents\cc_20120601_220349.reg
2012-05-26 11:29 - 2012-05-26 11:29 - 00152787 ____A C:\Users\Harry\Downloads\search (8)
2012-05-15 15:34 - 2012-05-15 15:34 - 00000036 ____A C:\Users\Harry\AppData\Local\housecall.guid.cache
Possible partition infection:
C:\Windows\svchost.exe
========================= Known DLLs (Whitelisted) ============
========================= Bamital & volsnap Check ============
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
==================== EXE ASSOCIATION =====================
HKLM\...\.exe: exefile => OK
HKLM\...\exefile\DefaultIcon: %1 => OK
HKLM\...\exefile\open\command: "%1" %* => OK
========================= Memory info ======================
Percentage of memory in use: 9%
Total physical RAM: 8190.49 MB
Available physical RAM: 7428.86 MB
Total Pagefile: 8188.64 MB
Available Pagefile: 7420.36 MB
Total Virtual: 8192 MB
Available Virtual: 8191.89 MB
======================= Partitions =========================
2 Drive c: () (Fixed) (Total:279.46 GB) (Free:126.53 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
3 Drive d: (New Volume) (Fixed) (Total:232.88 GB) (Free:40.76 GB) NTFS
4 Drive e: (GR0747_OM1) (CDROM) (Total:0.59 GB) (Free:0 GB) CDFS
7 Drive h: (PATRIOT) (Removable) (Total:3.72 GB) (Free:1.84 GB) FAT32
8 Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
Disk ### Status Size Free Dyn Gpt
-------- ------------- ------- ------- --- ---
Disk 0 Online 279 GB 1024 KB
Disk 1 Online 232 GB 0 B
Disk 2 No Media 0 B 0 B
Disk 3 Online 3820 MB 0 B
Partitions of Disk 0:
===============
Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Primary 279 GB 1024 KB
==================================================================================
Disk: 0
Partition 1
Type : 07
Hidden: No
Active: Yes
Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 2 C NTFS Partition 279 GB Healthy
==================================================================================
Partitions of Disk 1:
===============
Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Primary 232 GB 1024 KB
==================================================================================
Disk: 1
Partition 1
Type : 07
Hidden: No
Active: No
Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 3 D New Volume NTFS Partition 232 GB Healthy
==================================================================================
Partitions of Disk 3:
===============
Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Primary 3816 MB 4032 KB
==================================================================================
Disk: 3
Partition 1
Type : 0C
Hidden: No
Active: No
Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 5 H PATRIOT FAT32 Removable 3816 MB Healthy
==================================================================================
==========================================================
Last Boot: 2012-07-28 09:30
======================= End Of Log ==========================