Results 1 to 10 of 80

Thread: Win32.Load Money and Yandex removal advice please

Threaded View

Previous Post Previous Post   Next Post Next Post
  1. 2014-03-30, 00:11 #1
    wendyseana
    wendyseana is offline
    Member
    Join Date
    Feb 2013
    Posts
    48

    Default Win32.Load Money and Yandex removal advice please

    It is with great relief - I suspect and hope - that I have found the Malware Removal community and forums hosted by Spybot. This is my first post and although I have read up on the general before you post 'To do's and don'ts' it may yet happen that I make a mistake for which I ask your patient indulgence - I will try to do my best to learn and evolve.

    So my problems are 2 :

    The first is the high level threat of the title Win.32 Load Money which Spybot identifies but can only temporarily remove.

    The second is the hijacking browser Yandex which, was I believe, behind a crashing of my computer about a week ago. Spybot however did not identify Yandex probably because I created a 'whitelist' after receiving my computer back from one of our town's computer service technicians with the expectation that Yandex had been removed though, as I subsequently discovered he had not, or not thoroughly enough.

    As per your general instructions in 'Before you post ' I attach the DDS and aswMBR logs.

    I await your response with new confidence that I have finally found the IT equivalent of an ie., a resource for my computer ailments that will not only suggest the right fix but really help me learn more about this brave new world of IT.

    Yours faithfully, Wendy

    DDS (Ver_2012-11-20.01) - NTFS_x86
    Internet Explorer: 11.0.9600.16521
    Run by gokarna at 23:48:48 on 2014-03-29
    Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1033.18.3062.1911 [GMT 2:00]
    .
    AV: Spybot - Search and Destroy *Enabled/Updated* {20A26C15-1AF0-7CA3-9380-FAB824A7EE0D}
    SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    SP: Spybot - Search and Destroy *Enabled/Updated* {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
    .
    ============== Running Processes ================
    .
    C:\Windows\system32\wininit.exe
    C:\Windows\system32\lsm.exe
    C:\Windows\system32\nvvsvc.exe
    C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
    C:\Windows\system32\nvvsvc.exe
    C:\Windows\System32\spoolsv.exe
    C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    C:\Windows\system32\taskhost.exe
    C:\Program Files\Bluetooth Suite\adminservice.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
    C:\Program Files\Winamp\winampa.exe
    C:\Windows\PLFSetI.exe
    C:\Program Files\Bluetooth Suite\BtvStack.exe
    C:\Program Files\Bluetooth Suite\AthBtTray.exe
    C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
    C:\Program Files\McAfee Security Scan\3.8.141\SSScheduler.exe
    C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
    C:\Program Files\Bluetooth Suite\Ath_CoexAgent.exe
    C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
    C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe
    C:\Windows\system32\SearchIndexer.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
    C:\Windows\system32\taskeng.exe
    C:\Windows\System32\WUDFHost.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\Mozilla Firefox\plugin-container.exe
    C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_12_0_0_77.exe
    C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_12_0_0_77.exe
    C:\Windows\system32\DllHost.exe
    C:\Windows\system32\SearchProtocolHost.exe
    C:\Windows\system32\SearchFilterHost.exe
    C:\Windows\system32\conhost.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Windows\system32\svchost.exe -k DcomLaunch
    C:\Windows\system32\svchost.exe -k RPCSS
    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    C:\Windows\system32\svchost.exe -k LocalService
    C:\Windows\system32\svchost.exe -k netsvcs
    C:\Windows\system32\svchost.exe -k NetworkService
    C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
    C:\Windows\System32\svchost.exe -k secsvcs
    C:\Windows\system32\svchost.exe -k bthsvcs
    C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
    .
    ============== Pseudo HJT Report ===============
    .
    uDefault_Page_URL = about:blank
    mSearch Page = hxxp://www.sweet-page.com/web/?type=ds&ts=1394956558&from=cor&uid=ST9500325AS_5VEJD9L0XXXX5VEJD9L0&q={searchTerms}
    mDefault_Search_URL = hxxp://www.sweet-page.com/web/?type=ds&ts=1394956558&from=cor&uid=ST9500325AS_5VEJD9L0XXXX5VEJD9L0&q={searchTerms}
    BHO: MSS+ Identifier: {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - c:\program files\mcafee security scan\3.8.141\McAfeeMSS_IE.dll
    BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
    BHO: {8984B388-A5BB-4DF7-B274-77B879E179DB} - <orphaned>
    BHO: CIESpeechBHO Class: {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - c:\program files\bluetooth suite\IEPlugIn.dll
    BHO: {D5FEC983-01DB-414a-9456-AF95AC9ED7B5} - <orphaned>
    uRun: [Spybot-S&D Cleaning] "c:\program files\spybot - search & destroy 2\SDCleaner.exe" /autoclean
    mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe"
    mRun: [WinampAgent] "c:\program files\winamp\winampa.exe"
    mRun: [LGODDFU] "c:\program files\lg_fwupdate\fwupdate.exe" blrun
    mRun: [PLFSetI] c:\windows\PLFSetI.exe
    mRun: [AtherosBtStack] "c:\program files\bluetooth suite\btvstack.exe"
    mRun: [AthBtTray] "c:\program files\bluetooth suite\athbttray.exe"
    mRun: [SDTray] "c:\program files\spybot - search & destroy 2\SDTray.exe"
    mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
    mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
    mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
    dRunOnce: [SPReview] "c:\windows\system32\spreview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601
    StartupFolder: c:\users\gokarna\appdata\roaming\micros~1\windows\startm~1\programs\startup\erunta~1.lnk - c:\program files\erunt\AUTOBACK.EXE
    StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\adobeg~1.lnk - c:\program files\common files\adobe\calibration\Adobe Gamma Loader.exe
    StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\mcafee~1.lnk - c:\program files\mcafee security scan\3.8.141\SSScheduler.exe
    mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
    mPolicies-System: ConsentPromptBehaviorUser = dword:3
    mPolicies-System: EnableLUA = dword:0
    mPolicies-System: EnableUIADesktopToggle = dword:0
    mPolicies-System: PromptOnSecureDesktop = dword:0
    IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
    IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0015-0000-0003-ABCDEFFEDCBC} - c:\program files\java\jre1.5.0_03\bin\npjpi150_03.dll
    IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office12\ONBttnIE.dll
    IE: {7815BE26-237D-41A8-A98F-F7BD75F71086} - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - c:\program files\bluetooth suite\IEPlugIn.dll
    IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
    .
    INFO: HKCU has more than 50 listed domains.
    If you wish to scan all of them, select the 'Force scan all domains' option.
    .
    .
    INFO: HKLM has more than 50 listed domains.
    If you wish to scan all of them, select the 'Force scan all domains' option.
    .
    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_03-windows-i586.cab
    DPF: {CAFEEFAC-0015-0000-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_03-windows-i586.cab
    TCP: NameServer = 192.168.1.1
    TCP: Interfaces\{733E2F48-96DF-4D1F-8B3A-CF5DC96FDA40} : DHCPNameServer = 192.168.1.1
    TCP: Interfaces\{733E2F48-96DF-4D1F-8B3A-CF5DC96FDA40}\14A5A554 : DHCPNameServer = 195.175.39.40 195.175.39.39 192.168.2.10
    TCP: Interfaces\{733E2F48-96DF-4D1F-8B3A-CF5DC96FDA40}\742716E646028416C696360284F64756C6 : DHCPNameServer = 10.11.128.1
    Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll
    Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll
    Notify: SDWinLogon - SDWinLogon.dll
    SSODL: WebCheck - <orphaned>
    SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
    Hosts: 127.0.0.1 www.spywareinfo.com
    .
    ================= FIREFOX ===================
    .
    FF - ProfilePath - c:\users\gokarna\appdata\roaming\mozilla\firefox\profiles\hullhm7j.default\
    FF - prefs.js: browser.search.selectedEngine - Google
    FF - plugin: c:\program files\adobe\reader 11.0\reader\air\nppdf32.dll
    FF - plugin: c:\program files\divx\divx browser plug-in\npdivx32.dll
    FF - plugin: c:\program files\mcafee security scan\3.8.141\npMcAfeeMSS.dll
    FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_12_0_0_77.dll
    .
    ============= SERVICES / DRIVERS ===============
    .
    R0 iaStorA;iaStorA;c:\windows\system32\drivers\iaStorA.sys [2014-3-21 541680]
    R0 iaStorF;iaStorF;c:\windows\system32\drivers\iaStorF.sys [2014-3-21 26608]
    R0 iusb3hcs;Intel(R) USB 3.0 Host Controller Switch Driver;c:\windows\system32\drivers\iusb3hcs.sys [2014-3-21 16880]
    R1 SDHookDriver;Hook Test Driver;c:\program files\spybot - search & destroy 2\SDHookDrv32.sys [2014-3-15 46248]
    R2 AtherosSvc;AtherosSvc;c:\program files\bluetooth suite\AdminService.exe [2012-5-30 97920]
    R2 SDScannerService;Spybot-S&D 2 Scanner Service;c:\program files\spybot - search & destroy 2\SDFSSvc.exe [2014-3-15 3921880]
    R2 SDUpdateService;Spybot-S&D 2 Updating Service;c:\program files\spybot - search & destroy 2\SDUpdSvc.exe [2014-3-15 1042272]
    R2 SDWSCService;Spybot-S&D 2 Security Center Service;c:\program files\spybot - search & destroy 2\SDWSCSvc.exe [2014-3-15 171416]
    R2 ZAtheros Bt&Wlan Coex Agent;ZAtheros Bt&Wlan Coex Agent;c:\program files\bluetooth suite\Ath_CoexAgent.exe [2012-5-30 327296]
    R3 AthBTPort;Atheros Virtual Bluetooth Class;c:\windows\system32\drivers\btath_flt.sys [2012-5-30 35968]
    R3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys [2014-3-21 302920]
    R3 btath_avdt;Qualcomm Atheros Bluetooth AVDT Service;c:\windows\system32\drivers\btath_avdt.sys [2014-3-21 101192]
    R3 BTATH_BUS;Qualcomm Atheros Bluetooth Bus;c:\windows\system32\drivers\btath_bus.sys [2014-3-21 27976]
    R3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\system32\drivers\btath_hcrp.sys [2014-3-21 158688]
    R3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\drivers\btath_lwflt.sys [2014-3-21 66448]
    R3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\drivers\btath_rcp.sys [2014-3-21 119624]
    R3 BtFilter;BtFilter;c:\windows\system32\drivers\btfilter.sys [2014-3-21 496456]
    R3 MEI;Intel(R) Management Engine Interface ;c:\windows\system32\drivers\TeeDriver.sys [2014-3-21 85976]
    R3 RSPCIESTOR;Realtek PCIE CardReader Driver;c:\windows\system32\drivers\RtsPStor.sys [2014-3-21 258704]
    R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\drivers\Rt86win7.sys [2014-3-21 643656]
    R3 SFEP;Sony Firmware Extension Parser;c:\windows\system32\drivers\SFEP.sys [2007-8-3 9344]
    S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
    S2 Update Mega Browse;Update Mega Browse;"c:\program files\mega browse\updatemegabrowse.exe" --> c:\program files\mega browse\updateMegaBrowse.exe [?]
    S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-14 229888]
    S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\ieetwcollector.exe [2014-3-22 108032]
    S3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\mcafee security scan\3.8.141\McCHSvc.exe [2014-1-16 235696]
    S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2014-3-13 15872]
    S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2014-3-19 52224]
    S3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\wat\WatAdminSvc.exe [2014-3-15 1343400]
    S3 ZTEusbvoice;ZTE VoUSB Port;c:\windows\system32\drivers\ZTEusbvoice.sys [2014-3-4 107776]
    .
    =============== Created Last 30 ================
    .
    2014-03-29 14:13:08 -------- d-----w- c:\users\gokarna\appdata\roaming\uTorrent
    2014-03-28 20:04:42 62576 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{f0354568-d455-4741-96a9-201fa625da5f}\offreg.dll
    2014-03-27 06:56:05 -------- d-sh--w- C:\$RECYCLE.BIN
    2014-03-26 15:45:44 7969936 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{f0354568-d455-4741-96a9-201fa625da5f}\mpengine.dll
    2014-03-23 01:00:36 454656 ----a-w- c:\windows\system32\vbscript.dll
    2014-03-21 14:47:36 16880 ----a-w- c:\windows\system32\drivers\iusb3hcs.sys
    2014-03-21 14:46:47 3109888 ----a-w- c:\windows\system32\drivers\athr.sys
    2014-03-21 14:45:37 634144 ----a-w- c:\windows\system32\nvvsvc.exe
    2014-03-21 14:45:37 62752 ----a-w- c:\windows\system32\nvshext.dll
    2014-03-21 14:45:37 4119328 ----a-w- c:\windows\system32\nvcpl.dll
    2014-03-21 14:45:37 3014432 ----a-w- c:\windows\system32\nvsvc.dll
    2014-03-21 14:45:37 2555168 ----a-w- c:\windows\system32\nvsvcr.dll
    2014-03-21 14:45:37 223008 ----a-w- c:\windows\system32\nvmctray.dll
    2014-03-21 14:45:11 53024 ----a-w- c:\windows\system32\OpenCL.dll
    2014-03-21 14:44:33 -------- d-----w- c:\programdata\NVIDIA Corporation
    2014-03-21 14:44:28 -------- d-----w- c:\program files\NVIDIA Corporation
    2014-03-21 14:44:03 8952608 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys
    2014-03-21 14:43:59 13088000 ----a-w- c:\windows\system32\nvwgf2um.dll
    2014-03-21 14:43:58 6271872 ----a-w- c:\windows\system32\nvopencl.dll
    2014-03-21 14:43:54 20542752 ----a-w- c:\windows\system32\nvoglv32.dll
    2014-03-21 14:43:49 2728736 ----a-w- c:\windows\system32\nvcuvid.dll
    2014-03-21 14:43:49 15042928 ----a-w- c:\windows\system32\nvd3dum.dll
    2014-03-21 14:43:46 1995552 ----a-w- c:\windows\system32\nvcuvenc.dll
    2014-03-21 14:43:45 7959000 ----a-w- c:\windows\system32\nvcuda.dll
    2014-03-21 14:43:42 17560352 ----a-w- c:\windows\system32\nvcompiler.dll
    2014-03-21 14:43:39 2539128 ----a-w- c:\windows\system32\nvapi.dll
    2014-03-21 14:43:25 892704 ----a-w- c:\windows\system32\nvdispgenco3231422.dll
    2014-03-21 14:43:25 1012512 ----a-w- c:\windows\system32\nvdispco3231422.dll
    2014-03-21 14:42:40 -------- d-----w- c:\program files\CONEXANT
    2014-03-21 14:42:28 1293440 ----a-w- c:\windows\system32\drivers\CHDRT32.sys
    2014-03-21 14:42:26 352256 ----a-w- c:\windows\system32\UCI32A80.dll
    2014-03-21 14:42:24 90752 ----a-w- c:\windows\system32\FMPropPageExt.dll
    2014-03-21 14:42:20 1475200 ----a-w- c:\windows\system32\CX32AP51.dll
    2014-03-21 14:40:10 892704 ----a-w- c:\windows\system32\nvhdagenco3220103.dll
    2014-03-21 14:40:10 28448 ----a-w- c:\windows\system32\nvhdap32.dll
    2014-03-21 14:40:10 154400 ----a-w- c:\windows\system32\drivers\nvhda32v.sys
    2014-03-21 14:39:47 541680 ----a-w- c:\windows\system32\drivers\iaStorA.sys
    2014-03-21 14:39:47 26608 ----a-w- c:\windows\system32\drivers\iaStorF.sys
    2014-03-21 14:39:06 643656 ----a-w- c:\windows\system32\drivers\Rt86win7.sys
    2014-03-21 14:39:03 85064 ----a-w- c:\windows\system32\RtNicProp32.dll
    2014-03-21 14:36:38 85976 ----a-w- c:\windows\system32\drivers\TeeDriver.sys
    2014-03-21 14:36:38 1629040 ----a-w- c:\windows\system32\WdfCoInstaller01011.dll
    2014-03-21 14:36:12 258704 ----a-w- c:\windows\system32\drivers\RtsPStor.sys
    2014-03-21 14:36:10 9888400 ----a-w- c:\windows\system32\RtsPStorIcon.dll
    2014-03-21 14:34:04 158688 ----a-w- c:\windows\system32\drivers\btath_hcrp.sys
    2014-03-21 14:32:48 27976 ----a-w- c:\windows\system32\drivers\btath_bus.sys
    2014-03-21 14:31:24 496456 ----a-w- c:\windows\system32\drivers\btfilter.sys
    2014-03-21 14:27:24 66448 ----a-w- c:\windows\system32\drivers\btath_lwflt.sys
    2014-03-21 14:27:16 302920 ----a-w- c:\windows\system32\drivers\btath_a2dp.sys
    2014-03-21 14:27:16 119624 ----a-w- c:\windows\system32\drivers\btath_rcp.sys
    2014-03-21 14:27:16 101192 ----a-w- c:\windows\system32\drivers\btath_avdt.sys
    2014-03-21 09:51:51 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin5.dll
    2014-03-21 09:51:51 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin4.dll
    2014-03-21 09:51:51 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin3.dll
    2014-03-21 09:51:51 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin2.dll
    2014-03-21 09:51:51 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin.dll
    2014-03-21 07:48:21 417792 ----a-w- c:\windows\system32\WMPhoto.dll
    2014-03-21 07:48:17 317440 ----a-w- c:\windows\system32\spoolsv.exe
    2014-03-21 07:48:13 1230336 ----a-w- c:\windows\system32\WindowsCodecs.dll
    2014-03-21 07:48:09 2616320 ----a-w- c:\windows\explorer.exe
    2014-03-21 07:48:08 3419136 ----a-w- c:\windows\system32\d2d1.dll
    2014-03-21 07:48:08 1987584 ----a-w- c:\windows\system32\d3d10warp.dll
    2014-03-21 01:21:06 -------- d-----w- c:\windows\Migration
    2014-03-21 01:10:58 12625408 ----a-w- c:\windows\system32\wmploc.DLL
    2014-03-21 01:10:57 164864 ----a-w- c:\program files\windows media player\wmplayer.exe
    2014-03-21 01:02:14 1505280 ----a-w- c:\windows\system32\d3d11.dll
    2014-03-20 08:31:56 369848 ----a-w- c:\windows\system32\drivers\cng.sys
    2014-03-20 08:30:58 1620992 ----a-w- c:\windows\system32\WMVDECOD.DLL
    2014-03-20 08:25:20 918528 ----a-w- c:\windows\system32\rdpcorets.dll
    2014-03-20 08:25:20 31232 ----a-w- c:\windows\system32\drivers\tssecsrv.sys
    2014-03-20 08:25:04 101720 ----a-w- c:\windows\system32\consent.exe
    2014-03-20 08:25:03 47104 ----a-w- c:\windows\system32\appinfo.dll
    2014-03-20 01:02:57 -------- d-----w- c:\windows\system32\SPReview
    2014-03-20 01:02:32 -------- d-----w- c:\windows\system32\EventProviders
    2014-03-20 01:00:39 -------- d-----w- c:\windows\system32\MRT
    2014-03-19 14:16:08 1130824 ----a-w- c:\windows\system32\dfshim.dll
    2014-03-19 14:16:05 53760 ----a-w- c:\windows\system32\LSCSHostPolicy.dll
    2014-03-19 14:16:05 52224 ----a-w- c:\windows\system32\drivers\TsUsbFlt.sys
    2014-03-19 14:16:05 11776 ----a-w- c:\windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
    2014-03-19 14:16:02 954752 ----a-w- c:\windows\system32\mfc40.dll
    2014-03-19 14:16:02 954288 ----a-w- c:\windows\system32\mfc40u.dll
    2014-03-19 14:16:02 80896 ----a-w- c:\windows\system32\RDVGHelper.exe
    2014-03-19 14:16:02 120320 ----a-w- c:\windows\system32\tssrvlic.dll
    2014-03-19 14:16:01 1159168 ----a-w- c:\windows\system32\sysmain.dll
    2014-03-19 14:14:59 9728 ----a-w- c:\windows\system32\sscore.dll
    2014-03-19 13:17:54 -------- d-----w- c:\program files\McAfee Security Scan
    2014-03-16 08:04:39 -------- d-----w- c:\windows\system32\appmgmt
    2014-03-16 07:58:25 -------- d-----w- c:\users\gokarna\appdata\roaming\AnySend
    2014-03-16 07:58:12 -------- d-----w- c:\programdata\AnySend
    2014-03-16 07:56:10 -------- d-----w- c:\users\gokarna\appdata\roaming\sweet-page
    2014-03-16 07:55:39 -------- d-----w- c:\users\gokarna\appdata\roaming\systweak
    2014-03-16 07:48:41 128000 ----a-w- c:\program files\uninstall information\97\4258\uninstall.exe
    2014-03-16 07:35:56 -------- d-----w- c:\programdata\Guard.Mail.Ru
    2014-03-16 07:34:48 -------- d-----w- c:\users\gokarna\appdata\local\Yandex
    2014-03-16 07:34:45 -------- d-----w- c:\users\gokarna\appdata\roaming\Opera Software
    2014-03-16 07:34:45 -------- d-----w- c:\users\gokarna\appdata\local\Opera
    2014-03-16 07:34:41 -------- d-----w- c:\users\gokarna\appdata\local\Chromium
    2014-03-16 07:34:38 -------- d-----w- c:\users\gokarna\appdata\roaming\Yandex
    2014-03-16 07:33:53 -------- d-----w- c:\users\gokarna\appdata\roaming\PerformerSoft
    2014-03-16 07:33:51 -------- d-----w- c:\users\gokarna\appdata\roaming\freegames111
    2014-03-16 07:31:22 -------- d-----w- c:\users\gokarna\appdata\roaming\DRPSu
    2014-03-16 07:30:39 -------- d-----w- c:\program files\Mail.Ru
    2014-03-16 07:30:20 101448 ----a-w- c:\windows\system32\RTNUninst32.dll
    2014-03-16 07:17:08 -------- d-----w- c:\windows\system32\wbem\framework\root\OpenHardwareMonitor
    2014-03-16 07:17:08 -------- d-----w- c:\windows\system32\wbem\framework\root
    2014-03-16 07:17:08 -------- d-----w- c:\windows\system32\wbem\Framework
    2014-03-16 07:15:06 -------- d-----w- c:\users\gokarna\appdata\roaming\OpenCandy
    2014-03-16 00:48:28 1699328 ----a-w- c:\windows\system32\esent.dll
    2014-03-16 00:48:28 143744 ----a-w- c:\windows\system32\drivers\nvstor.sys
    2014-03-16 00:48:27 80256 ----a-w- c:\windows\system32\drivers\amdsata.sys
    2014-03-16 00:48:27 74240 ----a-w- c:\windows\system32\fsutil.exe
    2014-03-16 00:48:27 332160 ----a-w- c:\windows\system32\drivers\iaStorV.sys
    2014-03-16 00:48:27 22400 ----a-w- c:\windows\system32\drivers\amdxata.sys
    2014-03-16 00:48:27 148864 ----a-w- c:\windows\system32\drivers\storport.sys
    2014-03-16 00:48:27 117120 ----a-w- c:\windows\system32\drivers\nvraid.sys
    2014-03-16 00:48:23 60416 ----a-w- c:\windows\system32\drivers\BTHUSB.SYS
    2014-03-16 00:48:23 393728 ----a-w- c:\windows\system32\drivers\bthport.sys
    2014-03-16 00:48:23 219648 ----a-w- c:\windows\system32\fsquirt.exe
    2014-03-15 21:36:30 -------- d-----w- c:\users\gokarna\appdata\local\Macromedia
    2014-03-15 21:29:26 -------- d-----w- c:\programdata\McAfee Security Scan
    2014-03-15 21:28:58 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
    2014-03-15 21:28:58 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe
    2014-03-15 21:24:26 -------- d-----w- c:\programdata\188F1432-103A-4ffb-80F1-36B633C5C9E1
    2014-03-15 12:38:01 -------- d-sh--w- c:\windows\system32\%APPDATA%
    2014-03-15 12:23:05 -------- d-----w- c:\users\gokarna\appdata\local\Apple Computer
    2014-03-15 12:22:51 26840 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys
    2014-03-15 12:22:04 -------- d-----w- c:\program files\iPod
    2014-03-15 12:22:03 -------- d-----w- c:\program files\iTunes
    2014-03-15 12:02:59 -------- d-----w- c:\users\gokarna\appdata\local\Apple
    2014-03-15 12:02:25 -------- d-----w- c:\program files\Bonjour
    2014-03-15 11:08:15 18968 ----a-w- c:\windows\system32\sdnclean.exe
    2014-03-15 11:08:14 -------- d-----w- c:\programdata\Spybot - Search & Destroy
    2014-03-15 11:06:43 -------- d-----w- c:\program files\Spybot - Search & Destroy 2
    2014-03-15 11:06:16 -------- d-----w- c:\users\gokarna\appdata\local\Programs
    2014-03-15 08:17:53 -------- d-----w- c:\users\gokarna\appdata\local\ElevatedDiagnostics
    2014-03-15 07:43:38 -------- d-----w- c:\users\gokarna\appdata\local\Diagnostics
    2014-03-15 07:30:05 -------- d-----w- c:\windows\system32\Wat
    2014-03-15 05:35:41 9728 ----a-w- c:\windows\system32\Wdfres.dll
    2014-03-15 05:35:41 47720 ----a-w- c:\windows\system32\drivers\WdfLdr.sys
    2014-03-15 05:35:01 66560 ----a-w- c:\windows\system32\drivers\WUDFPf.sys
    2014-03-15 05:35:01 155136 ----a-w- c:\windows\system32\drivers\WUDFRd.sys
    2014-03-15 05:35:00 73216 ----a-w- c:\windows\system32\WUDFSvc.dll
    2014-03-15 05:35:00 613888 ----a-w- c:\windows\system32\WUDFx.dll
    2014-03-15 05:35:00 38912 ----a-w- c:\windows\system32\WUDFCoinstaller.dll
    2014-03-15 05:35:00 196608 ----a-w- c:\windows\system32\WUDFHost.exe
    2014-03-15 05:35:00 172032 ----a-w- c:\windows\system32\WUDFPlatform.dll
    2014-03-15 05:33:56 5120 ----a-w- c:\windows\system32\wmi.dll
    2014-03-15 05:33:56 19824 ----a-w- c:\windows\system32\drivers\fs_rec.sys
    2014-03-13 07:05:11 1211752 ----a-w- c:\windows\system32\drivers\ntfs.sys
    2014-03-13 07:05:08 626688 ----a-w- c:\windows\system32\usp10.dll
    2014-03-13 07:05:07 311808 ----a-w- c:\windows\system32\drivers\srv.sys
    2014-03-13 07:05:07 310272 ----a-w- c:\windows\system32\drivers\srv2.sys
    2014-03-13 07:05:07 114688 ----a-w- c:\windows\system32\drivers\srvnet.sys
    2014-03-13 07:05:03 15872 ----a-w- c:\windows\system32\drivers\usb8023.sys
    2014-03-13 07:04:43 376832 ----a-w- c:\windows\system32\dpnet.dll
    2014-03-13 07:04:43 31232 ----a-w- c:\windows\system32\prevhost.exe
    2014-03-13 07:04:43 2560 ----a-w- c:\windows\system32\dpnaddr.dll
    2014-03-13 07:04:09 196328 ----a-w- c:\windows\system32\drivers\fvevol.sys
    2014-03-13 07:04:07 708608 ----a-w- c:\program files\common files\system\wab32.dll
    2014-03-13 07:04:07 28672 ----a-w- c:\windows\system32\dnscacheugc.exe
    2014-03-13 07:04:07 132608 ----a-w- c:\windows\system32\dnsrslvr.dll
    2014-03-13 07:04:05 69632 ----a-w- c:\windows\system32\smss.exe
    2014-03-13 07:04:05 38912 ----a-w- c:\windows\system32\csrsrv.dll
    2014-03-13 07:03:10 478720 ----a-w- c:\windows\system32\timedate.cpl
    2014-03-13 07:03:09 75776 ----a-w- c:\windows\system32\psisrndr.ax
    2014-03-13 07:03:09 72704 ----a-w- c:\windows\system32\Mpeg2Data.ax
    2014-03-13 07:03:09 59904 ----a-w- c:\windows\system32\MSDvbNP.ax
    2014-03-13 07:03:09 465408 ----a-w- c:\windows\system32\psisdecd.dll
    2014-03-13 07:03:09 204288 ----a-w- c:\windows\system32\MSNP.ax
    2014-03-13 07:03:08 183808 ----a-w- c:\windows\system32\drivers\rdpwd.sys
    2014-03-13 07:03:08 15872 ----a-w- c:\windows\system32\drivers\rdpvideominiport.sys
    2014-03-13 07:03:08 134656 ----a-w- c:\windows\system32\rdpudd.dll
    2014-03-13 07:03:01 293376 ----a-w- c:\windows\system32\umpnpmgr.dll
    2014-03-13 07:03:01 145920 ----a-w- c:\windows\system32\cfgmgr32.dll
    2014-03-13 07:02:40 96768 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys
    2014-03-13 07:02:40 223744 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
    2014-03-13 07:02:40 123904 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
    2014-03-13 07:02:39 571904 ----a-w- c:\windows\system32\oleaut32.dll
    2014-03-13 07:02:39 233472 ----a-w- c:\windows\system32\oleacc.dll
    2014-03-13 07:02:28 1785344 ----a-w- c:\program files\windows journal\Journal.exe
    2014-03-13 07:02:25 36864 ----a-w- c:\windows\system32\tsgqec.dll
    2014-03-13 07:02:25 3217408 ----a-w- c:\windows\system32\mstscax.dll
    2014-03-13 07:02:25 131584 ----a-w- c:\windows\system32\aaclient.dll
    2014-03-13 07:02:11 1389568 ----a-w- c:\windows\system32\msxml6.dll
    2014-03-13 07:02:10 741376 ----a-w- c:\windows\system32\inetcomm.dll
    2014-03-13 07:01:12 187752 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
    2014-03-13 07:01:10 67072 ----a-w- c:\windows\system32\packager.dll
    2014-03-13 06:59:42 642048 ----a-w- c:\windows\system32\CPFilters.dll
    2014-03-13 06:58:52 314880 ----a-w- c:\windows\system32\webio.dll
    2014-03-13 06:57:55 1137664 ----a-w- c:\windows\system32\mfc42.dll
    2014-03-13 06:57:54 1164288 ----a-w- c:\windows\system32\mfc42u.dll
    2014-03-13 06:57:50 69632 ----a-w- c:\windows\system32\drivers\bowser.sys
    2014-03-13 06:57:43 123904 ----a-w- c:\windows\system32\poqexec.exe
    2014-03-13 06:57:42 27008 ----a-w- c:\windows\system32\drivers\Diskdump.sys
    2014-03-13 06:56:15 107520 ----a-w- c:\windows\system32\cdd.dll
    2014-03-13 06:19:56 7969936 ----a-w- c:\programdata\microsoft\windows defender\definition updates\backup\mpengine.dll
    2014-03-13 06:15:08 826880 ----a-w- c:\windows\system32\rdpcore.dll
    2014-03-13 06:15:08 24576 ----a-w- c:\windows\system32\drivers\tdtcp.sys
    2014-03-13 06:15:08 18432 ----a-w- c:\windows\system32\drivers\tdpipe.sys
    2014-03-10 08:50:31 2422272 ----a-w- c:\windows\system32\wucltux.dll
    2014-03-10 08:50:25 88576 ----a-w- c:\windows\system32\wudriver.dll
    2014-03-10 08:50:20 33792 ----a-w- c:\windows\system32\wuapp.exe
    2014-03-10 08:50:20 171904 ----a-w- c:\windows\system32\wuwebv.dll
    2014-03-09 18:54:15 -------- d-----w- c:\users\gokarna\appdata\local\CrashDumps
    2014-03-08 08:09:52 -------- d-----w- c:\users\gokarna\appdata\local\Microsoft Games
    2014-03-07 18:50:13 231584 ------w- c:\windows\system32\MpSigStub.exe
    2014-03-07 14:08:09 -------- d-----w- c:\program files\Mozilla Maintenance Service
    2014-03-04 20:42:41 -------- d-----w- c:\windows\Panther
    2014-03-04 11:40:25 -------- d-----r- c:\program files\Skype
    2014-03-04 11:28:40 -------- d-----w- c:\users\gokarna\appdata\local\BMExplorer
    2014-03-04 11:28:35 -------- d-----w- c:\programdata\Atheros
    2014-03-04 11:25:16 -------- d-----w- c:\users\gokarna\appdata\roaming\Atheros
    2014-03-04 11:24:55 -------- d-----w- c:\program files\common files\Atheros
    2014-03-04 11:24:49 -------- d-----w- c:\program files\Bluetooth Suite
    2014-03-04 11:20:57 2231808 ----a-w- c:\windows\system32\athr.sys
    2014-03-04 11:20:56 -------- d-----w- c:\program files\Qualcomm Atheros WiFi Driver Installation
    2014-03-04 11:20:29 -------- d-----w- c:\programdata\Qualcomm Atheros
    2014-03-04 11:15:05 6416928 ----a-w- c:\windows\system\DriveIcon.dll
    2014-03-04 11:15:05 62976 ----a-w- c:\windows\system32\drivers\RTSTOR.sys
    2014-03-04 11:14:22 -------- d-----w- c:\program files\Broadcom
    2014-03-04 11:12:41 485920 ----a-w- c:\windows\system32\NVUNINST.EXE
    2014-03-04 11:09:29 13312 ------w- c:\windows\system32\agrscoin.dll
    2014-03-04 11:09:21 -------- d-----w- c:\windows\Options
    2014-03-04 10:59:26 6318 ----a-w- c:\windows\Suyin.reg
    2014-03-04 10:59:26 626688 ----a-w- c:\windows\Image.dll
    2014-03-04 10:59:26 20480 ----a-w- c:\windows\USB_VIDEO_REG.exe
    2014-03-04 10:59:26 200704 ----a-w- c:\windows\PLFSetI.exe
    2014-03-04 10:59:26 1380352 ----a-w- c:\windows\Acer Crystal Eye webcam.EXE
    2014-03-04 10:57:50 106496 ----a-w- c:\windows\FixUVC.exe
    2014-03-04 10:57:50 -------- d-----w- c:\program files\Acer
    2014-03-04 09:55:23 107776 ----a-w- c:\windows\system32\drivers\ZTEusbvoice.sys
    2014-03-04 09:55:23 107776 ----a-w- c:\windows\system32\drivers\ZTEusbser6k.sys
    2014-03-04 09:55:23 107776 ----a-w- c:\windows\system32\drivers\ZTEusbnmea.sys
    2014-03-04 09:55:23 107776 ----a-w- c:\windows\system32\drivers\ZTEusbmdm6k.sys
    2014-03-04 09:55:16 -------- d-----w- c:\windows\system32\SupportAppXL
    2014-03-04 09:55:14 -------- d-----w- c:\program files\Beetel Connection Manager
    2014-03-04 09:37:33 55656 ----a-w- c:\windows\system32\drivers\avgntflt.sys
    2014-03-04 09:30:46 -------- d-----w- C:\Intel
    2014-03-04 09:18:59 -------- d-----w- c:\users\gokarna\appdata\local\Adobe
    2014-03-04 09:17:32 59904 ----a-w- c:\windows\system32\wbemdisp.tlb
    2014-03-04 09:17:32 16384 ----a-w- c:\windows\system32\lgfwunis.exe
    2014-03-04 09:17:32 115016 ----a-w- c:\windows\system32\MSINET.OCX
    2014-03-04 09:17:32 102912 ----a-w- c:\windows\system32\Vb6stkit.dll
    2014-03-04 09:17:32 102160 ----a-w- c:\windows\system32\VB6KO.DLL
    2014-03-04 09:17:31 -------- d-----w- c:\program files\lg_fwupdate
    2014-03-04 09:17:27 77824 ----a-w- c:\program files\common files\installshield\engine\6\intel 32\ctor.dll
    2014-03-04 09:17:27 32768 ------w- c:\program files\common files\installshield\engine\6\intel 32\objectps.dll
    2014-03-04 09:17:27 225280 ------w- c:\program files\common files\installshield\iscript\iscript.dll
    2014-03-04 09:17:27 176128 ------w- c:\program files\common files\installshield\engine\6\intel 32\iuser.dll
    2014-03-04 09:00:29 175616 ----a-w- c:\windows\system32\unrar.dll
    2014-03-04 09:00:28 839680 ----a-w- c:\windows\system32\lameACM.acm
    2014-03-04 09:00:28 650752 ----a-w- c:\windows\system32\xvidcore.dll
    2014-03-04 09:00:28 243200 ----a-w- c:\windows\system32\xvidvfw.dll
    2014-03-04 09:00:28 151552 ----a-w- c:\windows\system32\ac3acm.acm
    2014-03-04 09:00:27 79360 ----a-w- c:\windows\system32\ff_vfw.dll
    2014-03-04 09:00:26 -------- d-----w- c:\program files\K-Lite Codec Pack
    2014-03-04 08:59:19 -------- d-----w- c:\program files\Winamp Detect
    2014-03-04 08:59:16 -------- d-----w- c:\program files\common files\PX Storage Engine
    2014-03-04 08:39:20 -------- d-----w- c:\program files\DivX
    2014-03-04 08:37:32 -------- d-----w- c:\users\gokarna\appdata\local\Mozilla
    2014-03-04 08:32:51 306688 ----a-w- c:\windows\IsUninst.exe
    2014-03-04 08:31:13 -------- d-----w- c:\program files\VideoLAN
    2014-03-04 08:28:33 -------- d-----w- c:\users\gokarna\appdata\local\Google
    2014-03-04 08:23:00 49265 ----a-w- c:\windows\system32\jpicpl32.cpl
    2014-03-04 08:20:55 -------- d-----w- c:\users\gokarna\appdata\local\{32A3A4F2-B792-11D6-A78A-00B0D0150030}
    2014-03-04 07:49:33 33104 ----a-w- c:\windows\system32\spool\prtprocs\w32x86\msonpppr.dll
    2014-03-04 07:49:32 32592 ----a-w- c:\windows\system32\msonpmon.dll
    2014-03-04 07:48:38 -------- d-----w- c:\windows\PCHEALTH
    2014-03-04 07:47:38 -------- d-----w- c:\program files\Microsoft Visual Studio 8
    2014-03-04 07:47:06 -------- d-----w- c:\users\gokarna\appdata\local\Microsoft Help
    2014-03-04 07:44:17 -------- d-sh--w- c:\windows\Installer
    2014-03-04 07:25:54 -------- d-----w- c:\windows\system32\wbem\Performance
    2014-03-04 07:19:00 -------- d-sh--w- C:\Recovery
    .
    ==================== Find3M ====================
    .
    2014-03-21 01:03:49 49152 ----a-w- c:\windows\system32\taskhost.exe
    2014-03-20 01:07:41 152576 ----a-w- c:\windows\system32\msclmd.dll
    2014-03-04 11:25:17 246804 ----a-w- c:\windows\system32\drivers\AtherosBt.bin
    2014-03-01 04:11:20 2724864 ----a-w- c:\windows\system32\mshtml.tlb
    2014-03-01 04:10:48 4096 ----a-w- c:\windows\system32\ieetwcollectorres.dll
    2014-03-01 03:52:43 61952 ----a-w- c:\windows\system32\iesetup.dll
    2014-03-01 03:51:53 51200 ----a-w- c:\windows\system32\ieetwproxystub.dll
    2014-03-01 03:38:26 112128 ----a-w- c:\windows\system32\ieUnatt.exe
    2014-03-01 03:38:23 108032 ----a-w- c:\windows\system32\ieetwcollector.exe
    2014-03-01 03:37:35 553472 ----a-w- c:\windows\system32\jscript9diag.dll
    2014-03-01 03:31:30 646144 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe
    2014-03-01 03:14:15 4244480 ----a-w- c:\windows\system32\jscript9.dll
    2014-03-01 03:00:08 1964032 ----a-w- c:\windows\system32\inetcpl.cpl
    2014-03-01 02:32:16 1820160 ----a-w- c:\windows\system32\wininet.dll
    2014-02-07 01:07:56 2349056 ----a-w- c:\windows\system32\win32k.sys
    2014-02-04 02:04:11 509440 ----a-w- c:\windows\system32\qedit.dll
    2014-01-29 02:06:47 381440 ----a-w- c:\windows\system32\wer.dll
    2014-01-28 02:07:07 185344 ----a-w- c:\windows\system32\wwansvc.dll
    2014-01-17 14:24:12 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx
    2014-01-17 14:24:12 69632 ----a-w- c:\windows\system32\QuickTime.qts
    .
    ============= FINISH: 23:59:06.62 ===============

    aswMBR version 0.9.9.1771 Copyright(c) 2011 AVAST Software
    Run date: 2014-03-29 23:51:54
    -----------------------------
    23:51:54.915 OS Version: Windows 6.1.7601 Service Pack 1
    23:51:54.915 Number of processors: 4 586 0x2A07
    23:51:54.917 ComputerName: GOKARNA-PC UserName: gokarna
    23:51:57.590 Initialize success
    23:54:56.627 AVAST engine defs: 14032902
    00:04:44.551 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\00000069
    00:04:44.551 Disk 0 Vendor: ATA_____ SDM2 Size: 476940MB BusType: 11
    00:04:44.691 Disk 0 MBR read successfully
    00:04:44.691 Disk 0 MBR scan
    00:04:44.707 Disk 0 Windows 7 default MBR code
    00:04:44.722 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
    00:04:44.722 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 279896 MB offset 206848
    00:04:44.738 Disk 0 Partition - 00 0F Extended LBA 196941 MB offset 573435904
    00:04:44.769 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 196940 MB offset 573437952
    00:04:44.769 Disk 0 scanning sectors +976771072
    00:04:44.941 Disk 0 scanning C:\Windows\system32\drivers
    00:04:58.263 Service scanning
    00:05:25.828 Modules scanning
    00:05:33.956 Disk 0 trace - called modules:
    00:05:33.971 ntkrnlpa.exe CLASSPNP.SYS disk.sys iaStorF.sys storport.sys halmacpi.dll iaStorA.sys
    00:05:33.987 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x88278288]
    00:05:33.987 3 CLASSPNP.SYS[8bbb259e] -> nt!IofCallDriver -> [0x882787e0]
    00:05:33.987 5 iaStorF.sys[8bdd5850] -> nt!IofCallDriver -> \Device\00000069[0x87131030]
    00:05:35.516 AVAST engine scan C:\Windows
    00:05:38.948 AVAST engine scan C:\Windows\system32
    00:08:33.046 AVAST engine scan C:\Windows\system32\drivers
    00:08:50.191 AVAST engine scan C:\Users\gokarna
    00:15:40.176 File: C:\Users\gokarna\Downloads\FreeCodecPackSetup.exe **INFECTED** Win32:Malware-gen
    00:15:59.444 AVAST engine scan C:\ProgramData
    00:16:20.738 Scan finished successfully
    00:28:09.366 Disk 0 MBR has been saved successfully to "C:\Users\gokarna\Documents\Spybot Docs\MBR.dat"
    00:28:09.366 The log file has been saved successfully to "C:\Users\gokarna\Documents\Spybot Docs\aswMBR.txt"
    Attached Files Attached Files
    Last edited by tashi; 2014-03-30 at 01:55. Reason: Copy pasted two logs into topic
« Previous Thread | Next Thread »

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Forum Rules