Forums
New posts
Search forums
News
Security News
Technology News
Giveaways
Giveaways, Promotions and Contests
Discounts & Deals
Reviews
Users Reviews
Video Reviews
Support
Windows Malware Removal Help & Support
Mac Malware Removal Help & Support
Mobile Malware Removal Help & Support
Blog
Log in
Register
What's new
Search
Search titles only
By:
Search titles only
By:
Reply to thread
Menu
Install the app
Install
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Forums
Support
Windows Malware Removal Help & Support
Unable to boot. System blanks out after windows logo
Message
<blockquote data-quote="kar.online" data-source="post: 124375" data-attributes="member: 5835"><p>Hi </p><p></p><p>Please find below the log.</p><p></p><p>Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-06-2013</p><p>Ran by SYSTEM on 10-06-2013 23:40:40</p><p>Running from H:\</p><p>Windows Vista (TM) Home Premium Service Pack 1 (X64) OS Language: English(US)</p><p>Internet Explorer Version 9</p><p>Boot Mode: Recovery</p><p></p><p>The current controlset is ControlSet003</p><p><strong>ATTENTION!:=====> FRST is updated to run from normal or Safe mode to produce a full FRST.txt log and an extra Addition.txt log.</strong></p><p></p><p>==================== Registry (Whitelisted) ==================</p><p></p><p>HKLM\...\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide [1584184 2008-01-20] (Microsoft Corporation)</p><p>HKLM\...\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1573160 2008-08-13] (Synaptics, Inc.)</p><p>HKLM\...\Run: [RtHDVCpl] RAVCpl64.exe [x]</p><p>HKLM\...\Run: [Skytel] Skytel.exe [x]</p><p>HKLM\...\Run: [TPwrMain] %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE [431968 2008-02-06] (TOSHIBA Corporation)</p><p>HKLM\...\Run: [Windows Mobile-based device management] %windir%\WindowsMobile\wmdSync.exe [225792 2008-01-20] (Microsoft Corporation)</p><p>HKLM-x32\...\Winlogon: [Userinit] C:\Windows\SysWOW64\userinit.exe, [25088 2008-01-20] (Microsoft Corporation)</p><p>HKLM-x32\...\Run: [NDSTray.exe] NDSTray.exe [x]</p><p>HKLM-x32\...\Run: [cfFncEnabler.exe] cfFncEnabler.exe [x]</p><p>HKLM-x32\...\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [31016 2006-10-27] (Microsoft Corporation)</p><p>HKLM-x32\...\Run: [ccApp] "C:\Program Files (x86)\Common Files\Symantec Shared\ccApp.exe" [107112 2006-12-07] (Symantec Corporation)</p><p>HKLM-x32\...\Run: [vptray] C:\PROGRA~2\SYMANT~1\VPTray.exe [134808 2006-12-13] (Symantec Corporation)</p><p>HKLM-x32\...\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [59720 2013-01-27] (Apple Inc.)</p><p>HKLM-x32\...\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime [421888 2012-10-24] (Apple Inc.)</p><p>HKLM-x32\...\Run: [iTunesHelper] "C:\Program Files (x86)\Games-Karthik\iTunesHelper.exe" [152392 2013-02-19] (Apple Inc.)</p><p>HKLM-x32\...\Run: [SDTray] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe" [3825176 2012-11-13] (Safer-Networking Ltd.)</p><p>HKU\Default\...\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter [2438656 2009-04-10] (Microsoft Corporation)</p><p>HKU\Default\...\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe [432640 2008-05-19] (TOSHIBA)</p><p>HKU\Default User\...\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter [2438656 2009-04-10] (Microsoft Corporation)</p><p>HKU\Default User\...\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe [432640 2008-05-19] (TOSHIBA)</p><p>HKU\Hikya\...\Run: [Google Update] "C:\Users\Hikya\AppData\Local\Google\Update\GoogleUpdate.exe" /c [133104 2008-11-15] (Google Inc.)</p><p>HKU\Hikya\...\Run: [FileHippo.com] "C:\Program Files (x86)\Games-Karthik\FileHippo.com\UpdateChecker.exe" /background [307712 2012-11-23] (FileHippo.com)</p><p>HKU\Hikya\...\Run: [KiesPDLR] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [19872 2011-04-14] ()</p><p>HKU\Hikya\...\Command Processor: "C:\Users\Hikya\AppData\Local\bppclnpvrM.exe" <===== ATTENTION!</p><p>SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\System32\webcheck.dll (Microsoft Corporation)</p><p>BootExecute: autocheck autochk * sdnclean64.exe</p><p></p><p>==================== Services (Whitelisted) =================</p><p></p><p>S2 Basics Service; C:\Program Files (x86)\Seagate\Basics\Service\SyncServicesBasics.exe [124280 2007-10-09] (Seagate Technology LLC)</p><p>S2 ccEvtMgr; C:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe [107624 2006-12-07] (Symantec Corporation)</p><p>S2 ccSetMgr; C:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe [107624 2006-12-07] (Symantec Corporation)</p><p>S2 Crypkey License; C:\Windows\SysWow64\crypserv.exe [69632 2006-02-28] (CrypKey (Canada) Ltd.)</p><p>S3 Cwbrxd; C:\Windows\CWBRXD.EXE [65585 2005-06-07] (IBM Corporation)</p><p>S2 DefWatch; C:\Program Files (x86)\Symantec AntiVirus\DefWatch.exe [30872 2006-12-13] (Symantec Corporation)</p><p>S2 gupdate1c9ae3ba4898830; C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [133104 2009-03-26] (Google Inc.)</p><p>S3 LiveUpdate; C:\PROGRA~2\Symantec\LIVEUP~1\LUCOMS~1.EXE [2541248 2006-10-31] (Symantec Corporation)</p><p>S2 MySQL; C:\Program Files (x86)\MySQL\MySQL Server 5.5\my.ini [8919 2012-07-05] ()</p><p>S2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1103392 2012-11-13] (Safer-Networking Ltd.)</p><p>S2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [1369624 2012-11-13] (Safer-Networking Ltd.)</p><p>S2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [168384 2012-11-13] (Safer-Networking Ltd.)</p><p>S3 ServiceLayer; C:\Program Files (x86)\Common Files\PCSuite\Services\ServiceLayer.exe [174080 2006-06-05] (Nokia.)</p><p>S2 StarWindServiceAE; C:\Program Files (x86)\Games-Karthik\Alcohol 120\StarWind\StarWindServiceAE.exe [275968 2007-05-28] (Rocket Division Software)</p><p>S2 Symantec AntiVirus; C:\Program Files (x86)\Symantec AntiVirus\Rtvscan.exe [1962136 2006-12-13] (Symantec Corporation)</p><p>S2 TNaviSrv; C:\Program Files (x86)\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe [83312 2008-07-18] (TOSHIBA Corporation)</p><p>S3 msiserver; %systemroot%\system32\msiexec /V [x]</p><p>S2 Nero BackItUp Scheduler 4.0; C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe [x]</p><p>S2 vvdsvc; C:\Windows\system32\nagasoft\vjocx.dll [x]</p><p></p><p>==================== Drivers (Whitelisted) ====================</p><p></p><p>S1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484512 2012-07-31] (Symantec Corporation)</p><p>S1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484512 2012-07-31] (Symantec Corporation)</p><p>S3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [138912 2012-07-31] (Symantec Corporation)</p><p>S3 hitmanpro36; C:\Windows\system32\drivers\hitmanpro36.sys [30496 2012-12-06] ()</p><p>S3 hwusbdev; C:\Windows\System32\DRIVERS\ewusbdev.sys [114304 2009-10-12] (Huawei Technologies Co., Ltd.)</p><p>S3 NAVENG; C:\PROGRA~3\Symantec\DEFINI~1\VIRUSD~1\20130607.005\ENG64.SYS [126040 2013-04-26] (Symantec Corporation)</p><p>S3 NAVENG; C:\PROGRA~3\Symantec\DEFINI~1\VIRUSD~1\20130607.005\ENG64.SYS [126040 2013-04-26] (Symantec Corporation)</p><p>S3 NAVEX15; C:\PROGRA~3\Symantec\DEFINI~1\VIRUSD~1\20130607.005\EX64.SYS [2098776 2013-04-26] (Symantec Corporation)</p><p>S3 NAVEX15; C:\PROGRA~3\Symantec\DEFINI~1\VIRUSD~1\20130607.005\EX64.SYS [2098776 2013-04-26] (Symantec Corporation)</p><p>S1 NetworkX; C:\Windows\system32\ckldrv.sys [28664 2008-03-17] ()</p><p>S1 NetworkX; C:\Windows\SysWow64\ckldrv.sys [31846 2006-01-09] ()</p><p>S3 Nokia USB Generic; C:\Windows\System32\drivers\nmwcdcx64.sys [12288 2006-05-28] (Nokia)</p><p>S3 Nokia USB Modem; C:\Windows\System32\drivers\nmwcdcmx64.sys [17408 2006-05-28] (Nokia)</p><p>S3 Nokia USB Phone Parent; C:\Windows\System32\drivers\nmwcdx64.sys [162304 2006-05-28] (Nokia)</p><p>S3 Nokia USB Port; C:\Windows\System32\drivers\nmwcdcjx64.sys [17408 2006-05-28] (Nokia)</p><p>S0 sptd; C:\Windows\System32\Drivers\sptd.sys [871408 2009-10-02] (Duplex Secure Ltd.)</p><p>S1 SRTSP; C:\Windows\System32\Drivers\SRTSP64.SYS [394600 2006-11-22] (Symantec Corporation)</p><p>S1 SRTSP; C:\Windows\SysWow64\Drivers\SRTSP64.SYS [394600 2006-11-22] (Symantec Corporation)</p><p>S3 SRTSPL; C:\Windows\System32\Drivers\SRTSPL64.SYS [426392 2006-11-22] (Symantec Corporation)</p><p>S3 SRTSPL; C:\Windows\SysWow64\Drivers\SRTSPL64.SYS [426392 2006-11-22] (Symantec Corporation)</p><p>S1 SRTSPX; C:\Windows\System32\Drivers\SRTSPX64.SYS [30104 2006-11-22] (Symantec Corporation)</p><p>S1 SRTSPX; C:\Windows\SysWow64\Drivers\SRTSPX64.SYS [30104 2006-11-22] (Symantec Corporation)</p><p>S3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [156008 2009-09-21] (Symantec Corporation)</p><p>S3 u302bus; C:\Windows\System32\DRIVERS\u302bus.sys [154696 2010-07-29] (MCCI Corporation)</p><p>S3 u302mdfl; C:\Windows\System32\DRIVERS\u302mdfl.sys [19016 2010-07-29] (MCCI Corporation)</p><p>S3 u302mdm; C:\Windows\System32\DRIVERS\u302mdm.sys [175688 2010-07-29] (MCCI Corporation)</p><p>S3 u302mgmt; C:\Windows\System32\DRIVERS\u302mgmt.sys [157256 2010-07-29] (MCCI Corporation)</p><p>S3 ztemtusbser; C:\Windows\System32\DRIVERS\CT_ZTEMT_U_USBSER.sys [119040 2008-12-30] (ZTEMT Incorporated)</p><p>S3 IpInIp; system32\DRIVERS\ipinip.sys [x]</p><p>S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [x]</p><p>S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [x]</p><p></p><p>==================== NetSvcs (Whitelisted) ===================</p><p></p><p></p><p>==================== One Month Created Files and Folders ========</p><p></p><p>2013-06-10 23:40 - 2013-06-10 23:40 - 00000000 ____D C:\FRST</p><p>2013-06-03 19:43 - 2013-06-10 16:10 - 00002852 ____A C:\Windows\error.log</p><p>2013-06-03 19:41 - 2013-06-10 16:09 - 00000644 ____A C:\Windows\errord.log</p><p>2013-05-16 21:03 - 2013-05-17 17:16 - 00000000 ____D C:\Users\Hikya\Desktop\Samikshaa 1st Bday</p><p>2013-05-14 22:14 - 2013-05-15 18:14 - 17613192 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe</p><p>2013-05-14 21:06 - 2013-04-04 17:08 - 02312704 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll</p><p>2013-05-14 21:06 - 2013-04-04 17:01 - 01346560 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll</p><p>2013-05-14 21:06 - 2013-04-04 17:00 - 01392128 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll</p><p>2013-05-14 21:06 - 2013-04-04 16:59 - 01494528 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl</p><p>2013-05-14 21:06 - 2013-04-04 16:58 - 00237056 ____A (Microsoft Corporation) C:\Windows\System32\url.dll</p><p>2013-05-14 21:06 - 2013-04-04 16:57 - 00085504 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll</p><p>2013-05-14 21:06 - 2013-04-04 16:56 - 00173056 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe</p><p>2013-05-14 21:06 - 2013-04-04 16:55 - 00816640 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll</p><p>2013-05-14 21:06 - 2013-04-04 16:55 - 00599040 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll</p><p>2013-05-14 21:06 - 2013-04-04 16:54 - 02147840 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll</p><p>2013-05-14 21:06 - 2013-04-04 16:54 - 00729088 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll</p><p>2013-05-14 21:06 - 2013-04-04 16:51 - 00096768 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll</p><p>2013-05-14 21:06 - 2013-04-04 16:46 - 00248320 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll</p><p>2013-05-14 21:06 - 2013-04-04 14:11 - 01800704 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll</p><p>2013-05-14 21:06 - 2013-04-04 14:02 - 01427968 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl</p><p>2013-05-14 21:06 - 2013-04-04 14:02 - 01129472 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll</p><p>2013-05-14 21:06 - 2013-04-04 14:02 - 01104384 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll</p><p>2013-05-14 21:06 - 2013-04-04 14:01 - 00231936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll</p><p>2013-05-14 21:06 - 2013-04-04 13:59 - 00065024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll</p><p>2013-05-14 21:06 - 2013-04-04 13:58 - 00717824 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll</p><p>2013-05-14 21:06 - 2013-04-04 13:58 - 00142848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe</p><p>2013-05-14 21:06 - 2013-04-04 13:57 - 00420864 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll</p><p>2013-05-14 21:06 - 2013-04-04 13:56 - 00607744 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll</p><p>2013-05-14 21:06 - 2013-04-04 13:55 - 01796096 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll</p><p>2013-05-14 21:06 - 2013-04-04 13:54 - 00073216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll</p><p>2013-05-14 21:06 - 2013-04-04 13:50 - 00176640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll</p><p>2013-05-14 21:05 - 2013-04-04 17:19 - 10926080 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll</p><p>2013-05-14 21:05 - 2013-04-04 14:09 - 09738752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll</p><p>2013-05-14 20:45 - 2013-05-05 13:36 - 17818624 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll</p><p>2013-05-14 20:45 - 2013-05-05 13:16 - 02382848 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb</p><p>2013-05-14 20:45 - 2013-05-05 11:25 - 12324864 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll</p><p>2013-05-14 20:45 - 2013-05-05 11:12 - 02382848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb</p><p>2013-05-14 13:28 - 2013-04-15 06:17 - 00901496 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\dxgkrnl.sys</p><p>2013-05-14 13:28 - 2013-04-12 19:34 - 00047104 ____A (Microsoft Corporation) C:\Windows\System32\cdd.dll</p><p>2013-05-14 13:28 - 2013-04-08 17:55 - 02774016 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys</p><p>2013-05-13 20:38 - 2013-05-13 20:38 - 00000112 ____A C:\Users\Hikya\Desktop\Songs to be loaded.txt</p><p></p><p>==================== One Month Modified Files and Folders =======</p><p></p><p>2013-06-10 23:40 - 2013-06-10 23:40 - 00000000 ____D C:\FRST</p><p>2013-06-10 16:10 - 2013-06-03 19:43 - 00002852 ____A C:\Windows\error.log</p><p>2013-06-10 16:09 - 2013-06-03 19:41 - 00000644 ____A C:\Windows\errord.log</p><p>2013-06-08 22:16 - 2013-03-10 07:18 - 00000632 ____A C:\Windows\Tasks\Check for updates (Spybot - Search & Destroy).job</p><p>2013-06-08 22:15 - 2009-08-07 05:17 - 00000894 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job</p><p>2013-06-08 22:15 - 2006-11-02 07:42 - 00000006 ___AH C:\Windows\Tasks\SA.DAT</p><p>2013-06-08 22:15 - 2006-11-02 07:22 - 00003616 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0</p><p>2013-06-08 22:15 - 2006-11-02 07:22 - 00003616 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0</p><p>2013-06-08 15:11 - 2013-02-10 15:31 - 01536432 ____A C:\Windows\WindowsUpdate.log</p><p>2013-06-08 15:11 - 2006-11-02 07:42 - 00032608 ____A C:\Windows\Tasks\SCHEDLGU.TXT</p><p>2013-06-08 15:00 - 2009-08-29 06:38 - 00000466 ____A C:\Windows\Tasks\ParetoLogic Registration.job</p><p>2013-06-08 14:20 - 2009-08-16 18:47 - 00000908 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-78491554-1894749589-2703256951-1000UA.job</p><p>2013-06-08 14:19 - 2009-08-07 05:17 - 00000898 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job</p><p>2013-06-08 14:14 - 2013-03-15 19:53 - 00000830 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job</p><p>2013-06-07 20:27 - 2009-08-16 18:47 - 00000856 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-78491554-1894749589-2703256951-1000Core.job</p><p>2013-06-07 12:21 - 2010-02-17 05:25 - 00000000 ____D C:\Users\Hikya\Application Data\Mozilla</p><p>2013-06-07 12:21 - 2010-02-17 05:25 - 00000000 ____D C:\Users\Hikya\AppData\Roaming\Mozilla</p><p>2013-06-04 21:46 - 2013-03-10 07:18 - 00000628 ____A C:\Windows\Tasks\Refresh immunization (Spybot - Search & Destroy).job</p><p>2013-06-01 18:40 - 2008-11-29 10:36 - 00000000 ____D C:\Users\Hikya\Application Data\Skype</p><p>2013-06-01 18:40 - 2008-11-29 10:36 - 00000000 ____D C:\Users\Hikya\AppData\Roaming\Skype</p><p>2013-05-31 18:33 - 2006-11-02 04:46 - 00703516 ____A C:\Windows\System32\PerfStringBackup.INI</p><p>2013-05-31 18:11 - 2009-08-21 03:53 - 00001187 ____A C:\Users\Hikya\Desktop\Notepad.txt</p><p>2013-05-31 18:08 - 2009-06-12 19:40 - 00000000 ____D C:\Users\Hikya\Application Data\vlc</p><p>2013-05-31 18:08 - 2009-06-12 19:40 - 00000000 ____D C:\Users\Hikya\AppData\Roaming\vlc</p><p>2013-05-28 19:37 - 2013-01-29 12:50 - 00000000 ___RD C:\Program Files (x86)\Skype</p><p>2013-05-26 07:16 - 2013-02-24 12:45 - 00021372 ____A C:\Users\Hikya\Desktop\Dallas.xlsx</p><p>2013-05-17 17:16 - 2013-05-16 21:03 - 00000000 ____D C:\Users\Hikya\Desktop\Samikshaa 1st Bday</p><p>2013-05-15 18:14 - 2013-05-14 22:14 - 17613192 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe</p><p>2013-05-15 18:14 - 2012-10-14 05:53 - 00692104 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe</p><p>2013-05-15 18:14 - 2012-10-14 05:53 - 00071048 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl</p><p>2013-05-14 21:18 - 2006-11-02 07:21 - 00413016 ____A C:\Windows\System32\FNTCACHE.DAT</p><p>2013-05-14 20:56 - 2006-11-02 04:35 - 75016696 ____A (Microsoft Corporation) C:\Windows\System32\mrt.exe</p><p>2013-05-13 20:38 - 2013-05-13 20:38 - 00000112 ____A C:\Users\Hikya\Desktop\Songs to be loaded.txt</p><p></p><p>Files to move or delete:</p><p>====================</p><p>C:\ProgramData\0tbpw.pad</p><p></p><p>==================== Known DLLs (Whitelisted) ================</p><p></p><p></p><p>==================== Bamital & volsnap Check =================</p><p></p><p>C:\Windows\System32\winlogon.exe => MD5 is legit</p><p>C:\Windows\System32\wininit.exe => MD5 is legit</p><p>C:\Windows\SysWOW64\wininit.exe => MD5 is legit</p><p>C:\Windows\explorer.exe => MD5 is legit</p><p>C:\Windows\SysWOW64\explorer.exe => MD5 is legit</p><p>C:\Windows\System32\svchost.exe => MD5 is legit</p><p>C:\Windows\SysWOW64\svchost.exe => MD5 is legit</p><p>C:\Windows\System32\services.exe => MD5 is legit</p><p>C:\Windows\System32\User32.dll => MD5 is legit</p><p>C:\Windows\SysWOW64\User32.dll => MD5 is legit</p><p>C:\Windows\System32\userinit.exe => MD5 is legit</p><p>C:\Windows\SysWOW64\userinit.exe => MD5 is legit</p><p>C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit</p><p></p><p>==================== EXE ASSOCIATION =====================</p><p></p><p>HKLM\...\.exe: exefile => OK</p><p>HKLM\...\exefile\DefaultIcon: %1 => OK</p><p>HKLM\...\exefile\open\command: "%1" %* => OK</p><p></p><p>==================== Restore Points =========================</p><p></p><p></p><p>==================== Memory info =========================== </p><p></p><p>Percentage of memory in use: 14%</p><p>Total physical RAM: 3963.07 MB</p><p>Available physical RAM: 3393.6 MB</p><p>Total Pagefile: 3714.57 MB</p><p>Available Pagefile: 3357.04 MB</p><p>Total Virtual: 8192 MB</p><p>Available Virtual: 8191.89 MB</p><p></p><p>==================== Drives ================================</p><p></p><p>Drive c: (S3A6747D002) (Fixed) (Total:281.54 GB) (Free:19.32 GB) NTFS (Disk=0 Partition=2) ==>[Drive with boot components (obtained from BCD)]</p><p>Drive d: () (Fixed) (Total:7.59 GB) (Free:6.4 GB) NTFS (Disk=0 Partition=3)</p><p>Drive f: (TOSHIBA SYSTEM VOLUME) (Fixed) (Total:1.46 GB) (Free:1.11 GB) NTFS (Disk=0 Partition=1)</p><p>Drive h: () (Removable) (Total:30.46 GB) (Free:30.25 GB) FAT32 (Disk=2 Partition=1)</p><p>Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS</p><p></p><p>==================== MBR & Partition Table ==================</p><p></p><p>========================================================</p><p>Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 298 GB) (Disk ID: 2EDFC607)</p><p>Partition 1: (Not Active) - (Size=1 GB) - (Type=27)</p><p>Partition 2: (Active) - (Size=282 GB) - (Type=07 NTFS)</p><p>Partition 3: (Not Active) - (Size=8 GB) - (Type=07 NTFS)</p><p>Partition 4: (Not Active) - (Size=7 GB) - (Type=17)</p><p></p><p>========================================================</p><p>Disk: 2 (Size: 30 GB) (Disk ID: 02D5AEE3)</p><p>Partition 1: (Active) - (Size=30 GB) - (Type=0C)</p><p></p><p></p><p>LastRegBack: 2013-06-10 16:15</p><p></p><p>==================== End Of Log==========================</p><p></p><p>Thanks</p><p>KarthikG</p></blockquote><p></p>
[QUOTE="kar.online, post: 124375, member: 5835"] Hi Please find below the log. Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-06-2013 Ran by SYSTEM on 10-06-2013 23:40:40 Running from H:\ Windows Vista (TM) Home Premium Service Pack 1 (X64) OS Language: English(US) Internet Explorer Version 9 Boot Mode: Recovery The current controlset is ControlSet003 [b]ATTENTION!:=====> FRST is updated to run from normal or Safe mode to produce a full FRST.txt log and an extra Addition.txt log.[/b] ==================== Registry (Whitelisted) ================== HKLM\...\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide [1584184 2008-01-20] (Microsoft Corporation) HKLM\...\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1573160 2008-08-13] (Synaptics, Inc.) HKLM\...\Run: [RtHDVCpl] RAVCpl64.exe [x] HKLM\...\Run: [Skytel] Skytel.exe [x] HKLM\...\Run: [TPwrMain] %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE [431968 2008-02-06] (TOSHIBA Corporation) HKLM\...\Run: [Windows Mobile-based device management] %windir%\WindowsMobile\wmdSync.exe [225792 2008-01-20] (Microsoft Corporation) HKLM-x32\...\Winlogon: [Userinit] C:\Windows\SysWOW64\userinit.exe, [25088 2008-01-20] (Microsoft Corporation) HKLM-x32\...\Run: [NDSTray.exe] NDSTray.exe [x] HKLM-x32\...\Run: [cfFncEnabler.exe] cfFncEnabler.exe [x] HKLM-x32\...\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [31016 2006-10-27] (Microsoft Corporation) HKLM-x32\...\Run: [ccApp] "C:\Program Files (x86)\Common Files\Symantec Shared\ccApp.exe" [107112 2006-12-07] (Symantec Corporation) HKLM-x32\...\Run: [vptray] C:\PROGRA~2\SYMANT~1\VPTray.exe [134808 2006-12-13] (Symantec Corporation) HKLM-x32\...\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [59720 2013-01-27] (Apple Inc.) HKLM-x32\...\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime [421888 2012-10-24] (Apple Inc.) HKLM-x32\...\Run: [iTunesHelper] "C:\Program Files (x86)\Games-Karthik\iTunesHelper.exe" [152392 2013-02-19] (Apple Inc.) HKLM-x32\...\Run: [SDTray] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe" [3825176 2012-11-13] (Safer-Networking Ltd.) HKU\Default\...\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter [2438656 2009-04-10] (Microsoft Corporation) HKU\Default\...\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe [432640 2008-05-19] (TOSHIBA) HKU\Default User\...\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter [2438656 2009-04-10] (Microsoft Corporation) HKU\Default User\...\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe [432640 2008-05-19] (TOSHIBA) HKU\Hikya\...\Run: [Google Update] "C:\Users\Hikya\AppData\Local\Google\Update\GoogleUpdate.exe" /c [133104 2008-11-15] (Google Inc.) HKU\Hikya\...\Run: [FileHippo.com] "C:\Program Files (x86)\Games-Karthik\FileHippo.com\UpdateChecker.exe" /background [307712 2012-11-23] (FileHippo.com) HKU\Hikya\...\Run: [KiesPDLR] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [19872 2011-04-14] () HKU\Hikya\...\Command Processor: "C:\Users\Hikya\AppData\Local\bppclnpvrM.exe" <===== ATTENTION! SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\System32\webcheck.dll (Microsoft Corporation) BootExecute: autocheck autochk * sdnclean64.exe ==================== Services (Whitelisted) ================= S2 Basics Service; C:\Program Files (x86)\Seagate\Basics\Service\SyncServicesBasics.exe [124280 2007-10-09] (Seagate Technology LLC) S2 ccEvtMgr; C:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe [107624 2006-12-07] (Symantec Corporation) S2 ccSetMgr; C:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe [107624 2006-12-07] (Symantec Corporation) S2 Crypkey License; C:\Windows\SysWow64\crypserv.exe [69632 2006-02-28] (CrypKey (Canada) Ltd.) S3 Cwbrxd; C:\Windows\CWBRXD.EXE [65585 2005-06-07] (IBM Corporation) S2 DefWatch; C:\Program Files (x86)\Symantec AntiVirus\DefWatch.exe [30872 2006-12-13] (Symantec Corporation) S2 gupdate1c9ae3ba4898830; C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [133104 2009-03-26] (Google Inc.) S3 LiveUpdate; C:\PROGRA~2\Symantec\LIVEUP~1\LUCOMS~1.EXE [2541248 2006-10-31] (Symantec Corporation) S2 MySQL; C:\Program Files (x86)\MySQL\MySQL Server 5.5\my.ini [8919 2012-07-05] () S2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1103392 2012-11-13] (Safer-Networking Ltd.) S2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [1369624 2012-11-13] (Safer-Networking Ltd.) S2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [168384 2012-11-13] (Safer-Networking Ltd.) S3 ServiceLayer; C:\Program Files (x86)\Common Files\PCSuite\Services\ServiceLayer.exe [174080 2006-06-05] (Nokia.) S2 StarWindServiceAE; C:\Program Files (x86)\Games-Karthik\Alcohol 120\StarWind\StarWindServiceAE.exe [275968 2007-05-28] (Rocket Division Software) S2 Symantec AntiVirus; C:\Program Files (x86)\Symantec AntiVirus\Rtvscan.exe [1962136 2006-12-13] (Symantec Corporation) S2 TNaviSrv; C:\Program Files (x86)\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe [83312 2008-07-18] (TOSHIBA Corporation) S3 msiserver; %systemroot%\system32\msiexec /V [x] S2 Nero BackItUp Scheduler 4.0; C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe [x] S2 vvdsvc; C:\Windows\system32\nagasoft\vjocx.dll [x] ==================== Drivers (Whitelisted) ==================== S1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484512 2012-07-31] (Symantec Corporation) S1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484512 2012-07-31] (Symantec Corporation) S3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [138912 2012-07-31] (Symantec Corporation) S3 hitmanpro36; C:\Windows\system32\drivers\hitmanpro36.sys [30496 2012-12-06] () S3 hwusbdev; C:\Windows\System32\DRIVERS\ewusbdev.sys [114304 2009-10-12] (Huawei Technologies Co., Ltd.) S3 NAVENG; C:\PROGRA~3\Symantec\DEFINI~1\VIRUSD~1\20130607.005\ENG64.SYS [126040 2013-04-26] (Symantec Corporation) S3 NAVENG; C:\PROGRA~3\Symantec\DEFINI~1\VIRUSD~1\20130607.005\ENG64.SYS [126040 2013-04-26] (Symantec Corporation) S3 NAVEX15; C:\PROGRA~3\Symantec\DEFINI~1\VIRUSD~1\20130607.005\EX64.SYS [2098776 2013-04-26] (Symantec Corporation) S3 NAVEX15; C:\PROGRA~3\Symantec\DEFINI~1\VIRUSD~1\20130607.005\EX64.SYS [2098776 2013-04-26] (Symantec Corporation) S1 NetworkX; C:\Windows\system32\ckldrv.sys [28664 2008-03-17] () S1 NetworkX; C:\Windows\SysWow64\ckldrv.sys [31846 2006-01-09] () S3 Nokia USB Generic; C:\Windows\System32\drivers\nmwcdcx64.sys [12288 2006-05-28] (Nokia) S3 Nokia USB Modem; C:\Windows\System32\drivers\nmwcdcmx64.sys [17408 2006-05-28] (Nokia) S3 Nokia USB Phone Parent; C:\Windows\System32\drivers\nmwcdx64.sys [162304 2006-05-28] (Nokia) S3 Nokia USB Port; C:\Windows\System32\drivers\nmwcdcjx64.sys [17408 2006-05-28] (Nokia) S0 sptd; C:\Windows\System32\Drivers\sptd.sys [871408 2009-10-02] (Duplex Secure Ltd.) S1 SRTSP; C:\Windows\System32\Drivers\SRTSP64.SYS [394600 2006-11-22] (Symantec Corporation) S1 SRTSP; C:\Windows\SysWow64\Drivers\SRTSP64.SYS [394600 2006-11-22] (Symantec Corporation) S3 SRTSPL; C:\Windows\System32\Drivers\SRTSPL64.SYS [426392 2006-11-22] (Symantec Corporation) S3 SRTSPL; C:\Windows\SysWow64\Drivers\SRTSPL64.SYS [426392 2006-11-22] (Symantec Corporation) S1 SRTSPX; C:\Windows\System32\Drivers\SRTSPX64.SYS [30104 2006-11-22] (Symantec Corporation) S1 SRTSPX; C:\Windows\SysWow64\Drivers\SRTSPX64.SYS [30104 2006-11-22] (Symantec Corporation) S3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [156008 2009-09-21] (Symantec Corporation) S3 u302bus; C:\Windows\System32\DRIVERS\u302bus.sys [154696 2010-07-29] (MCCI Corporation) S3 u302mdfl; C:\Windows\System32\DRIVERS\u302mdfl.sys [19016 2010-07-29] (MCCI Corporation) S3 u302mdm; C:\Windows\System32\DRIVERS\u302mdm.sys [175688 2010-07-29] (MCCI Corporation) S3 u302mgmt; C:\Windows\System32\DRIVERS\u302mgmt.sys [157256 2010-07-29] (MCCI Corporation) S3 ztemtusbser; C:\Windows\System32\DRIVERS\CT_ZTEMT_U_USBSER.sys [119040 2008-12-30] (ZTEMT Incorporated) S3 IpInIp; system32\DRIVERS\ipinip.sys [x] S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [x] S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [x] ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2013-06-10 23:40 - 2013-06-10 23:40 - 00000000 ____D C:\FRST 2013-06-03 19:43 - 2013-06-10 16:10 - 00002852 ____A C:\Windows\error.log 2013-06-03 19:41 - 2013-06-10 16:09 - 00000644 ____A C:\Windows\errord.log 2013-05-16 21:03 - 2013-05-17 17:16 - 00000000 ____D C:\Users\Hikya\Desktop\Samikshaa 1st Bday 2013-05-14 22:14 - 2013-05-15 18:14 - 17613192 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe 2013-05-14 21:06 - 2013-04-04 17:08 - 02312704 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll 2013-05-14 21:06 - 2013-04-04 17:01 - 01346560 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll 2013-05-14 21:06 - 2013-04-04 17:00 - 01392128 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll 2013-05-14 21:06 - 2013-04-04 16:59 - 01494528 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl 2013-05-14 21:06 - 2013-04-04 16:58 - 00237056 ____A (Microsoft Corporation) C:\Windows\System32\url.dll 2013-05-14 21:06 - 2013-04-04 16:57 - 00085504 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll 2013-05-14 21:06 - 2013-04-04 16:56 - 00173056 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe 2013-05-14 21:06 - 2013-04-04 16:55 - 00816640 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll 2013-05-14 21:06 - 2013-04-04 16:55 - 00599040 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll 2013-05-14 21:06 - 2013-04-04 16:54 - 02147840 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll 2013-05-14 21:06 - 2013-04-04 16:54 - 00729088 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll 2013-05-14 21:06 - 2013-04-04 16:51 - 00096768 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll 2013-05-14 21:06 - 2013-04-04 16:46 - 00248320 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll 2013-05-14 21:06 - 2013-04-04 14:11 - 01800704 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2013-05-14 21:06 - 2013-04-04 14:02 - 01427968 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2013-05-14 21:06 - 2013-04-04 14:02 - 01129472 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2013-05-14 21:06 - 2013-04-04 14:02 - 01104384 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2013-05-14 21:06 - 2013-04-04 14:01 - 00231936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll 2013-05-14 21:06 - 2013-04-04 13:59 - 00065024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2013-05-14 21:06 - 2013-04-04 13:58 - 00717824 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2013-05-14 21:06 - 2013-04-04 13:58 - 00142848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2013-05-14 21:06 - 2013-04-04 13:57 - 00420864 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2013-05-14 21:06 - 2013-04-04 13:56 - 00607744 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2013-05-14 21:06 - 2013-04-04 13:55 - 01796096 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2013-05-14 21:06 - 2013-04-04 13:54 - 00073216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2013-05-14 21:06 - 2013-04-04 13:50 - 00176640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2013-05-14 21:05 - 2013-04-04 17:19 - 10926080 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll 2013-05-14 21:05 - 2013-04-04 14:09 - 09738752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2013-05-14 20:45 - 2013-05-05 13:36 - 17818624 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll 2013-05-14 20:45 - 2013-05-05 13:16 - 02382848 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb 2013-05-14 20:45 - 2013-05-05 11:25 - 12324864 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2013-05-14 20:45 - 2013-05-05 11:12 - 02382848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2013-05-14 13:28 - 2013-04-15 06:17 - 00901496 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\dxgkrnl.sys 2013-05-14 13:28 - 2013-04-12 19:34 - 00047104 ____A (Microsoft Corporation) C:\Windows\System32\cdd.dll 2013-05-14 13:28 - 2013-04-08 17:55 - 02774016 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys 2013-05-13 20:38 - 2013-05-13 20:38 - 00000112 ____A C:\Users\Hikya\Desktop\Songs to be loaded.txt ==================== One Month Modified Files and Folders ======= 2013-06-10 23:40 - 2013-06-10 23:40 - 00000000 ____D C:\FRST 2013-06-10 16:10 - 2013-06-03 19:43 - 00002852 ____A C:\Windows\error.log 2013-06-10 16:09 - 2013-06-03 19:41 - 00000644 ____A C:\Windows\errord.log 2013-06-08 22:16 - 2013-03-10 07:18 - 00000632 ____A C:\Windows\Tasks\Check for updates (Spybot - Search & Destroy).job 2013-06-08 22:15 - 2009-08-07 05:17 - 00000894 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2013-06-08 22:15 - 2006-11-02 07:42 - 00000006 ___AH C:\Windows\Tasks\SA.DAT 2013-06-08 22:15 - 2006-11-02 07:22 - 00003616 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 2013-06-08 22:15 - 2006-11-02 07:22 - 00003616 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 2013-06-08 15:11 - 2013-02-10 15:31 - 01536432 ____A C:\Windows\WindowsUpdate.log 2013-06-08 15:11 - 2006-11-02 07:42 - 00032608 ____A C:\Windows\Tasks\SCHEDLGU.TXT 2013-06-08 15:00 - 2009-08-29 06:38 - 00000466 ____A C:\Windows\Tasks\ParetoLogic Registration.job 2013-06-08 14:20 - 2009-08-16 18:47 - 00000908 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-78491554-1894749589-2703256951-1000UA.job 2013-06-08 14:19 - 2009-08-07 05:17 - 00000898 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2013-06-08 14:14 - 2013-03-15 19:53 - 00000830 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job 2013-06-07 20:27 - 2009-08-16 18:47 - 00000856 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-78491554-1894749589-2703256951-1000Core.job 2013-06-07 12:21 - 2010-02-17 05:25 - 00000000 ____D C:\Users\Hikya\Application Data\Mozilla 2013-06-07 12:21 - 2010-02-17 05:25 - 00000000 ____D C:\Users\Hikya\AppData\Roaming\Mozilla 2013-06-04 21:46 - 2013-03-10 07:18 - 00000628 ____A C:\Windows\Tasks\Refresh immunization (Spybot - Search & Destroy).job 2013-06-01 18:40 - 2008-11-29 10:36 - 00000000 ____D C:\Users\Hikya\Application Data\Skype 2013-06-01 18:40 - 2008-11-29 10:36 - 00000000 ____D C:\Users\Hikya\AppData\Roaming\Skype 2013-05-31 18:33 - 2006-11-02 04:46 - 00703516 ____A C:\Windows\System32\PerfStringBackup.INI 2013-05-31 18:11 - 2009-08-21 03:53 - 00001187 ____A C:\Users\Hikya\Desktop\Notepad.txt 2013-05-31 18:08 - 2009-06-12 19:40 - 00000000 ____D C:\Users\Hikya\Application Data\vlc 2013-05-31 18:08 - 2009-06-12 19:40 - 00000000 ____D C:\Users\Hikya\AppData\Roaming\vlc 2013-05-28 19:37 - 2013-01-29 12:50 - 00000000 ___RD C:\Program Files (x86)\Skype 2013-05-26 07:16 - 2013-02-24 12:45 - 00021372 ____A C:\Users\Hikya\Desktop\Dallas.xlsx 2013-05-17 17:16 - 2013-05-16 21:03 - 00000000 ____D C:\Users\Hikya\Desktop\Samikshaa 1st Bday 2013-05-15 18:14 - 2013-05-14 22:14 - 17613192 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe 2013-05-15 18:14 - 2012-10-14 05:53 - 00692104 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2013-05-15 18:14 - 2012-10-14 05:53 - 00071048 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2013-05-14 21:18 - 2006-11-02 07:21 - 00413016 ____A C:\Windows\System32\FNTCACHE.DAT 2013-05-14 20:56 - 2006-11-02 04:35 - 75016696 ____A (Microsoft Corporation) C:\Windows\System32\mrt.exe 2013-05-13 20:38 - 2013-05-13 20:38 - 00000112 ____A C:\Users\Hikya\Desktop\Songs to be loaded.txt Files to move or delete: ==================== C:\ProgramData\0tbpw.pad ==================== Known DLLs (Whitelisted) ================ ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\SysWOW64\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit ==================== EXE ASSOCIATION ===================== HKLM\...\.exe: exefile => OK HKLM\...\exefile\DefaultIcon: %1 => OK HKLM\...\exefile\open\command: "%1" %* => OK ==================== Restore Points ========================= ==================== Memory info =========================== Percentage of memory in use: 14% Total physical RAM: 3963.07 MB Available physical RAM: 3393.6 MB Total Pagefile: 3714.57 MB Available Pagefile: 3357.04 MB Total Virtual: 8192 MB Available Virtual: 8191.89 MB ==================== Drives ================================ Drive c: (S3A6747D002) (Fixed) (Total:281.54 GB) (Free:19.32 GB) NTFS (Disk=0 Partition=2) ==>[Drive with boot components (obtained from BCD)] Drive d: () (Fixed) (Total:7.59 GB) (Free:6.4 GB) NTFS (Disk=0 Partition=3) Drive f: (TOSHIBA SYSTEM VOLUME) (Fixed) (Total:1.46 GB) (Free:1.11 GB) NTFS (Disk=0 Partition=1) Drive h: () (Removable) (Total:30.46 GB) (Free:30.25 GB) FAT32 (Disk=2 Partition=1) Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 298 GB) (Disk ID: 2EDFC607) Partition 1: (Not Active) - (Size=1 GB) - (Type=27) Partition 2: (Active) - (Size=282 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=8 GB) - (Type=07 NTFS) Partition 4: (Not Active) - (Size=7 GB) - (Type=17) ======================================================== Disk: 2 (Size: 30 GB) (Disk ID: 02D5AEE3) Partition 1: (Active) - (Size=30 GB) - (Type=0C) LastRegBack: 2013-06-10 16:15 ==================== End Of Log========================== Thanks KarthikG [/QUOTE]
Insert quotes…
Verification
Post reply
Top