yukukuhi
2013-06-03, 16:45
I think my pc is infected with malware. please help
DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 9.0.8112.16483 BrowserJavaVersion: 10.21.2
Run by Sai SGK at 18:55:19 on 2013-06-03
Microsoft Windows 7 Home Premium 6.1.7600.0.1252.91.1033.18.3255.2156 [GMT 5.5:30]
.
AV: AVG AntiVirus Free Edition 2013 *Enabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: AVG AntiVirus Free Edition 2013 *Enabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
.
============== Running Processes ================
.
C:\PROGRA~1\AVG\AVG2013\avgrsx.exe
C:\Program Files\AVG\AVG2013\avgcsrvx.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files\Common Files\AVerMedia\Service\AVerRemote.exe
C:\Program Files\Common Files\AVerMedia\Service\AVerScheduleService.exe
C:\Program Files\AVG\AVG2013\avgidsagent.exe
C:\Program Files\AVG\AVG2013\avgwdsvc.exe
c:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Program Files\Hewlett-Packard\HP MAINSTREAM KEYBOARD\ModLEDKey.exe
C:\Program Files\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe
C:\Program Files\Hewlett-Packard\HP Odometer\hpsysdrv.exe
C:\Program Files\Hewlett-Packard\HP MAINSTREAM KEYBOARD\BATINDICATOR.exe
C:\Program Files\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe
C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
C:\Program Files\hp\HP Software Update\hpwuschd2.exe
C:\Program Files\AVG\AVG2013\avgui.exe
C:\Windows\System32\StikyNot.exe
C:\Program Files\Common Files\AVerMedia\AVerQuick\AVerQuick.exe
C:\Program Files\AVG\AVG2013\avgnsx.exe
C:\Program Files\AVG\AVG2013\avgemcx.exe
C:\Windows\system32\conhost.exe
C:\Users\Sai SGK\AppData\Roaming\Adobe\Flash Player\SpeedCache\mpchc64.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\WUDFHost.exe
C:\Program Files\Hewlett-Packard\HP MAINSTREAM KEYBOARD\CNYHKEY.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\taskeng.exe
c:\Program Files\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
C:\Program Files\Hewlett-Packard\HP Support Framework\hpsa_service.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wuauclt.exe
C:\Users\Sai SGK\AppData\Roaming\uTorrent\uTorrent.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Program Files\Free Download Manager\fdm.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://tuvaro.com/ws/?source=536c75e7&tbp=homepage&toolbarid=base&u=64d260000000000000006c626d4939de
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - <orphaned>
BHO: Search Helper: {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - c:\program files\microsoft\search enhancement pack\search helper\SearchHelper.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
BHO: {7825CFB6-490A-436B-9F26-4A7B5CFC01A9} - <orphaned>
BHO: Windows Live Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Free Download Manager: {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - c:\program files\free download manager\iefdm2.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
BHO: Windows Live Toolbar Helper: {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - c:\program files\windows live\toolbar\wltcore.dll
BHO: HP Network Check Helper: {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - c:\program files\hewlett-packard\hp support framework\resources\hpnetworkcheck\HPNetworkCheckPlugin.dll
TB: &Windows Live Toolbar: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - c:\program files\windows live\toolbar\wltcore.dll
TB: &Windows Live Toolbar: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - c:\program files\windows live\toolbar\wltcore.dll
uRun: [RESTART_STICKY_NOTES] c:\windows\system32\StikyNot.exe
uRun: [SpeedUpSystem] wscript "c:\users\sai sgk\appdata\roaming\adobe\flash player\speedcache\afile.vbs" "c:\users\sai sgk\appdata\roaming\adobe\flash player\speedcache\aso.bat"
mRun: [hpsysdrv] c:\program files\hewlett-packard\hp odometer\hpsysdrv.exe
mRun: [BATINDICATOR] c:\program files\hewlett-packard\hp mainstream keyboard\BATINDICATOR.exe
mRun: [LaunchHPOSIAPP] c:\program files\hewlett-packard\hp mainstream keyboard\LaunchApp.exe
mRun: [HP Remote Solution] c:\program files\hewlett-packard\hp remote solution\HP_Remote_Solution.exe
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [SmartMenu] c:\program files\hewlett-packard\hp mediasmart\SmartMenu.exe /background
mRun: [PC-Doctor for Windows localizer] c:\program files\pc-doctor for windows\localizer.exe
mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
mRun: [AVG_UI] "c:\program files\avg\avg2013\avgui.exe" /TRAYONLY
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\averhi~1.lnk - c:\program files\common files\avermedia\averquick\AVerHIDReceiver.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\averqu~1.lnk - c:\program files\common files\avermedia\averquick\AVerQuick.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: Download all with Free Download Manager - c:\program files\free download manager\dlall.htm
IE: Download selected with Free Download Manager - c:\program files\free download manager\dlselected.htm
IE: Download video with Free Download Manager - c:\program files\free download manager\dlfvideo.htm
IE: Download with Free Download Manager - c:\program files\free download manager\dllink.htm
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
IE: {25510184-5A38-4A99-B273-DCA8EEF6CD08} - c:\program files\hewlett-packard\hp support framework\resources\hpnetworkcheck\NCLauncherFromIE.exe
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{65761BBB-314C-497C-B341-7373BFF88A84} : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{95278B9B-CEB4-41F9-8410-767709D61073} : DHCPNameServer = 192.168.1.1
SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\sai sgk\appdata\roaming\mozilla\firefox\profiles\vc9kd8ly.default\
FF - prefs.js: browser.startup.homepage - about:home
FF - plugin: c:\program files\java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll
FF - plugin: c:\programdata\visan\plugins\npRLSecurePluginLayer.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_7_700_202.dll
FF - plugin: c:\windows\system32\npDeployJava1.dll
FF - plugin: c:\windows\system32\npmproxy.dll
FF - ExtSQL: 2013-05-18 16:51; {b9db16a4-6edc-47ec-a1f4-b86292ed211d}; c:\users\sai sgk\appdata\roaming\mozilla\firefox\profiles\vc9kd8ly.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
FF - ExtSQL: 2013-06-01 09:53; {19503e42-ca3c-4c27-b1e2-9cdb2170ee34}; c:\users\sai sgk\appdata\roaming\mozilla\firefox\profiles\vc9kd8ly.default\extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}.xpi
FF - ExtSQL: 2013-06-03 17:26; fdm_ffext@freedownloadmanager.org; c:\program files\free download manager\firefox\Extension
.
---- FIREFOX POLICIES ----
FF - user.js: extensions.delta.tlbrSrchUrl -
FF - user.js: extensions.delta.id - 64d260000000000000006c626d4939de
FF - user.js: extensions.delta.appId - {C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
FF - user.js: extensions.delta.instlDay - 15843
FF - user.js: extensions.delta.vrsn - 1.8.21.0
FF - user.js: extensions.delta.vrsni - 1.8.21.0
FF - user.js: extensions.delta.vrsnTs - 1.8.21.018:05:38
FF - user.js: extensions.delta.prtnrId - delta
FF - user.js: extensions.delta.prdct - delta
FF - user.js: extensions.delta.aflt - babsst
FF - user.js: extensions.delta.smplGrp - none
FF - user.js: extensions.delta.tlbrId - base
FF - user.js: extensions.delta.instlRef - sst
FF - user.js: extensions.delta.dfltLng - en
FF - user.js: extensions.delta.excTlbr - false
FF - user.js: extensions.delta.ffxUnstlRst - true
FF - user.js: extensions.delta.admin - false
FF - user.js: extensions.delta_i.babTrack - affID=119816&tt=gc_170513_18210
FF - user.js: extensions.delta_i.babExt -
FF - user.js: extensions.delta_i.srcExt - ss
FF - user.js: extensions.delta.autoRvrt - false
FF - user.js: extensions.delta.rvrt - false
FF - user.js: extensions.delta.newTab - false
FF - user.js: extensions.tuvaro.hpOld0 -
FF - user.js: extensions.tuvaro.tlbrSrchUrl - hxxp://tuvaro.com/ws/?source=536c75e7&tbp=main&toolbarid=base&u=64d260000000000000006c626d4939de&q=
FF - user.js: extensions.tuvaro.id - 64d260000000000000006c626d4939de
FF - user.js: extensions.tuvaro.appId - {2768469C-717B-401F-8532-C6D88BAE0339}
FF - user.js: extensions.tuvaro.instlDay - 15847
FF - user.js: extensions.tuvaro.vrsn - 1.8.17.3
FF - user.js: extensions.tuvaro.vrsni - 1.8.17.3
FF - user.js: extensions.tuvaro.vrsnTs - 1.8.17.39:48:06
FF - user.js: extensions.tuvaro.prtnrId - tuvaro
FF - user.js: extensions.tuvaro.prdct - tuvaro
FF - user.js: extensions.tuvaro.aflt - orgnl
FF - user.js: extensions.tuvaro.smplGrp - none
FF - user.js: extensions.tuvaro.tlbrId - base
FF - user.js: extensions.tuvaro.instlRef - 536c75e7
FF - user.js: extensions.tuvaro.dfltLng -
FF - user.js: extensions.tuvaro.excTlbr - false
FF - user.js: extensions.tuvaro.ffxUnstlRst - false
FF - user.js: extensions.tuvaro.admin - false
FF - user.js: extensions.tuvaro.cam -
FF - user.js: extensions.tuvaro.autoRvrt - false
FF - user.js: extensions.tuvaro.rvrt - false
FF - user.js: extensions.tuvaro.hmpg - true
FF - user.js: extensions.tuvaro.hmpgUrl - hxxp://tuvaro.com/ws/?source=536c75e7&tbp=homepage&toolbarid=base&u=64d260000000000000006c626d4939de
FF - user.js: extensions.tuvaro.dfltSrch - true
FF - user.js: extensions.tuvaro.srchPrvdr - Tuvaro
FF - user.js: extensions.tuvaro.kw_url - hxxp://tuvaro.com/ws/?source=536c75e7&tbp=url&toolbarid=base&u=64d260000000000000006c626d4939de&q=
FF - user.js: extensions.tuvaro.dnsErr - true
FF - user.js: extensions.tuvaro.newTab - true
FF - user.js: extensions.tuvaro.newTabUrl - chrome://tuvaro/content/new browser tab.html?source=536c75e7&tbp=tab&u=64d260000000000000006c626d4939de
.
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSHX;AVGIDSHX;c:\windows\system32\drivers\avgidshx.sys [2013-2-8 60216]
R0 Avglogx;AVG Logging Driver;c:\windows\system32\drivers\avglogx.sys [2013-2-8 245048]
R0 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2013-2-8 96568]
R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2013-2-8 39224]
R1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\avgidsdriverx.sys [2013-3-29 208184]
R1 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\avgidsshimx.sys [2013-3-1 22328]
R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2013-2-8 170808]
R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2013-3-21 182072]
R2 AVerRemote;AVerRemote;c:\program files\common files\avermedia\service\AVerRemote.exe [2013-5-11 348160]
R2 AVerScheduleService;AVerScheduleService;c:\program files\common files\avermedia\service\AVerScheduleService.exe [2013-5-11 389120]
R2 AVGIDSAgent;AVGIDSAgent;c:\program files\avg\avg2013\avgidsagent.exe [2013-5-14 4937264]
R2 avgwd;AVG WatchDog;c:\program files\avg\avg2013\avgwdsvc.exe [2013-4-18 283136]
R2 HP Support Assistant Service;HP Support Assistant Service;c:\program files\hewlett-packard\hp support framework\HPSA_Service.exe [2012-9-27 86528]
R3 AVER_H193;AVerMedia H193 Video Capture;c:\windows\system32\drivers\AVer888RC.sys [2009-8-21 461952]
R3 AVerPola;AVerMedia USB Polaris Series Capture Service;c:\windows\system32\drivers\AVerPola.sys [2013-5-11 314752]
R3 AVPolCIR;AVerMedia USB Polaris Series Custom IR Service;c:\windows\system32\drivers\AVPolCIR.sys [2013-5-11 32896]
R3 CXCIR;AVerMedia Consumer Infrared Receiver;c:\windows\system32\drivers\AVer888RCIR.sys [2009-8-21 33280]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\drivers\Rt86win7.sys [2009-8-21 189440]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-14 229888]
S3 netr28;Ralink 802.11n Extensible Wireless Driver;c:\windows\system32\drivers\netr28.sys [2009-5-20 599040]
S3 PCDSRVC{4F253FFC-7957E8FC-06000000}_0;PCDSRVC{4F253FFC-7957E8FC-06000000}_0 - PCDR Kernel Mode Service Helper Driver;c:\program files\pc-doctor for windows\pcdsrvc.pkms [2009-9-17 20848]
.
=============== Created Last 30 ================
.
2013-06-03 11:56:04 -------- d-----w- c:\users\sai sgk\appdata\roaming\Free Download Manager
2013-06-03 09:15:23 -------- d-----w- c:\users\sai sgk\appdata\roaming\Malwarebytes
2013-06-03 09:15:11 -------- d-----w- c:\programdata\Malwarebytes
2013-06-03 09:15:10 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-06-03 09:15:10 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2013-06-01 04:12:30 -------- d-----w- c:\programdata\IDM
2013-06-01 04:12:29 -------- d-----w- c:\users\sai sgk\appdata\roaming\DMCache
2013-05-30 11:16:37 -------- d-----w- c:\users\sai sgk\appdata\roaming\FlashgetSetup
2013-05-30 11:16:37 -------- d-----w- c:\users\sai sgk\appdata\roaming\BITS
2013-05-30 11:16:29 -------- d-----w- c:\program files\FlashGet Network
2013-05-30 11:11:29 -------- d-----w- C:\Downloads
2013-05-30 11:10:26 -------- d-----w- c:\program files\Free Download Manager
2013-05-26 11:49:39 -------- d-----w- C:\Recorded Videos
2013-05-24 13:43:19 34304 ----a-w- c:\windows\system32\atmlib.dll
2013-05-24 13:43:19 295424 ----a-w- c:\windows\system32\atmfd.dll
2013-05-24 13:38:01 99176 ----a-w- c:\windows\system32\PresentationHostProxy.dll
2013-05-24 13:38:01 49472 ----a-w- c:\windows\system32\netfxperf.dll
2013-05-24 13:38:01 297808 ----a-w- c:\windows\system32\mscoree.dll
2013-05-24 13:38:01 295264 ----a-w- c:\windows\system32\PresentationHost.exe
2013-05-24 13:38:01 1130824 ----a-w- c:\windows\system32\dfshim.dll
2013-05-24 13:26:06 5120 ----a-w- c:\windows\system32\wmi.dll
2013-05-24 13:26:06 19312 ----a-w- c:\windows\system32\drivers\fs_rec.sys
2013-05-24 13:26:06 158720 ----a-w- c:\windows\system32\imagehlp.dll
2013-05-24 13:20:09 801792 ----a-w- c:\windows\system32\FntCache.dll
2013-05-24 13:20:09 283648 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2013-05-24 13:20:09 1619456 ----a-w- c:\windows\system32\WMVDECOD.DLL
2013-05-24 13:20:09 1495040 ----a-w- c:\windows\system32\ExplorerFrame.dll
2013-05-24 13:20:09 135168 ----a-w- c:\windows\system32\XpsRasterService.dll
2013-05-24 13:20:08 728448 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
2013-05-24 13:20:08 442880 ----a-w- c:\windows\system32\XpsPrint.dll
2013-05-24 13:20:08 3181568 ----a-w- c:\windows\system32\mf.dll
2013-05-24 13:20:08 219008 ----a-w- c:\windows\system32\drivers\dxgmms1.sys
2013-05-24 13:20:08 196608 ----a-w- c:\windows\system32\mfreadwrite.dll
2013-05-24 13:20:08 107520 ----a-w- c:\windows\system32\cdd.dll
2013-05-24 13:12:46 -------- d-----w- c:\program files\MSXML 4.0
2013-05-24 12:55:10 123904 ----a-w- c:\windows\system32\poqexec.exe
2013-05-24 12:54:54 690688 ----a-w- c:\windows\system32\msvcrt.dll
2013-05-24 12:54:52 285696 ----a-w- c:\windows\system32\winlogon.exe
2013-05-24 12:54:52 2614272 ----a-w- c:\windows\explorer.exe
2013-05-24 12:53:37 36864 ----a-w- c:\windows\system32\tsgqec.dll
2013-05-24 12:53:37 2691072 ----a-w- c:\windows\system32\mstscax.dll
2013-05-24 12:53:37 131072 ----a-w- c:\windows\system32\aaclient.dll
2013-05-24 12:52:52 826368 ----a-w- c:\windows\system32\rdpcore.dll
2013-05-24 12:52:52 24064 ----a-w- c:\windows\system32\drivers\tdtcp.sys
2013-05-24 12:52:50 2048 ----a-w- c:\windows\system32\tzres.dll
2013-05-24 12:51:49 1034240 ----a-w- c:\windows\system32\mstsc.exe
2013-05-24 12:50:58 954752 ----a-w- c:\windows\system32\mfc40.dll
2013-05-24 12:50:58 954288 ----a-w- c:\windows\system32\mfc40u.dll
2013-05-24 12:49:49 338944 ----a-w- c:\windows\system32\drivers\afd.sys
2013-05-24 12:49:36 316928 ----a-w- c:\windows\system32\spoolsv.exe
2013-05-24 12:49:16 69632 ----a-w- c:\windows\system32\drivers\bowser.sys
2013-05-24 12:47:36 294912 ----a-w- c:\windows\system32\umpnpmgr.dll
2013-05-24 12:46:38 376832 ----a-w- c:\windows\system32\dpnet.dll
2013-05-24 12:46:37 67584 ----a-w- c:\windows\system32\asycfilt.dll
2013-05-24 12:46:36 768512 ----a-w- c:\windows\system32\localspl.dll
2013-05-24 12:46:36 1236992 ----a-w- c:\windows\system32\msxml3.dll
2013-05-24 12:46:35 172544 ----a-w- c:\windows\system32\wintrust.dll
2013-05-24 12:46:32 530432 ----a-w- c:\windows\system32\comctl32.dll
2013-05-24 12:46:31 4247040 ----a-w- c:\program files\windows nt\accessories\wordpad.exe
2013-05-24 12:46:31 1413632 ----a-w- c:\windows\system32\ole32.dll
2013-05-24 12:46:30 516096 ----a-w- c:\program files\windows mail\wab.exe
2013-05-24 12:46:30 132608 ----a-w- c:\windows\system32\cabview.dll
2013-05-24 12:46:30 109056 ----a-w- c:\windows\system32\t2embed.dll
2013-05-24 12:46:29 82944 ----a-w- c:\windows\system32\iccvid.dll
2013-05-24 12:46:29 197632 ----a-w- c:\windows\system32\ir32_32.dll
2013-05-24 12:44:41 292864 ----a-w- c:\windows\system32\apphelp.dll
2013-05-24 12:42:34 850432 ----a-w- c:\windows\system32\sbe.dll
2013-05-24 12:42:34 642048 ----a-w- c:\windows\system32\CPFilters.dll
2013-05-24 12:42:34 199680 ----a-w- c:\windows\system32\mpg2splt.ax
2013-05-24 12:42:04 187240 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
2013-05-24 12:42:04 1287528 ----a-w- c:\windows\system32\drivers\tcpip.sys
2013-05-24 12:41:52 541184 ----a-w- c:\windows\system32\kerberos.dll
2013-05-24 12:41:36 41472 ----a-w- c:\windows\system32\browcli.dll
2013-05-24 12:41:36 102912 ----a-w- c:\windows\system32\browser.dll
2013-05-24 12:41:35 8192 ----a-w- c:\windows\system32\rdrmemptylst.exe
2013-05-24 12:41:35 57856 ----a-w- c:\windows\system32\rdpwsx.dll
2013-05-24 12:41:35 363520 ----a-w- c:\windows\system32\StructuredQuery.dll
2013-05-24 12:41:35 129536 ----a-w- c:\windows\system32\rdpcorekmts.dll
2013-05-24 12:41:34 70656 ----a-w- c:\windows\system32\fontsub.dll
2013-05-24 12:41:34 67072 ----a-w- c:\windows\system32\packager.dll
2013-05-24 12:41:33 245616 ----a-w- c:\windows\system32\drivers\volsnap.sys
2013-05-24 12:41:32 738816 ----a-w- c:\windows\system32\wmpmde.dll
2013-05-24 12:39:54 56688 ----a-w- c:\windows\system32\drivers\partmgr.sys
2013-05-23 12:56:56 -------- d-----w- c:\users\sai sgk\appdata\roaming\Auslogics
2013-05-23 12:56:55 -------- d-----w- c:\program files\Auslogics
2013-05-23 04:25:29 -------- d-----w- c:\users\sai sgk\appdata\roaming\BitTorrent
2013-05-22 04:21:24 -------- d-----w- c:\users\sai sgk\appdata\roaming\uTorrent
2013-05-22 04:18:13 -------- d-----w- c:\users\sai sgk\appdata\local\CRE
2013-05-22 04:18:03 -------- d-----w- c:\program files\Conduit
2013-05-22 04:18:02 -------- d-----w- c:\users\sai sgk\appdata\local\Conduit
2013-05-22 04:15:10 -------- d-----w- c:\users\sai sgk\appdata\local\Google
2013-05-22 04:03:58 -------- d-----w- c:\users\sai sgk\appdata\local\sabnzbd
2013-05-21 13:21:41 -------- d-----w- c:\users\sai sgk\appdata\roaming\.BitTornado
2013-05-21 13:21:09 -------- d-----w- c:\program files\BitTornado
2013-05-20 13:15:41 -------- d-----w- c:\program files\MPC-HC
2013-05-20 05:21:13 -------- d-----w- c:\users\sai sgk\appdata\roaming\Visan
2013-05-20 05:18:08 -------- d-----w- c:\programdata\Visan
2013-05-20 04:50:48 -------- d-----w- c:\programdata\HP Photo Creations
2013-05-20 04:50:48 -------- d-----w- c:\program files\HP Photo Creations
2013-05-20 04:50:45 -------- d-----w- c:\program files\Coupons
2013-05-20 04:50:19 273256 ------w- c:\windows\system32\HPDiscoPM9311.dll
2013-05-20 04:48:51 -------- d-----w- c:\users\sai sgk\appdata\local\HP
2013-05-19 13:00:34 -------- d-----w- c:\users\sai sgk\appdata\local\Macromedia
2013-05-19 12:48:31 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-05-19 12:48:31 692104 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-05-18 12:37:00 -------- d-----w- c:\users\sai sgk\appdata\local\Bundled software uninstaller
2013-05-18 12:34:47 -------- d-----w- c:\users\sai sgk\appdata\roaming\Babylon
2013-05-18 12:34:47 -------- d-----w- c:\programdata\Babylon
2013-05-18 11:26:47 -------- d-----w- c:\program files\VirtualDub
2013-05-17 11:29:02 -------- d-----w- c:\users\sai sgk\appdata\roaming\foobar2000
2013-05-17 11:28:57 -------- d-----w- c:\program files\foobar2000
2013-05-15 12:31:35 -------- d-----w- c:\users\sai sgk\appdata\roaming\VideoReDo-TVSuite4
2013-05-15 12:31:35 -------- d-----w- c:\program files\VideoReDoTVSuite4
2013-05-15 12:28:53 -------- d-----w- c:\users\sai sgk\appdata\roaming\AccurateRip
2013-05-15 12:27:57 4779592 ----a-w- c:\windows\system32\SpoonUninstall.exe
2013-05-15 12:27:46 -------- d-----w- c:\program files\Illustrate
2013-05-14 13:24:44 866720 ----a-w- c:\windows\system32\npDeployJava1.dll
2013-05-14 13:24:44 788896 ----a-w- c:\windows\system32\deployJava1.dll
2013-05-14 13:24:43 94112 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2013-05-14 13:13:09 -------- d-----w- c:\program files\aMule
2013-05-14 12:59:05 -------- d-----w- c:\users\sai sgk\appdata\roaming\aMule
2013-05-14 03:55:18 -------- d-----w- c:\program files\AvsP
2013-05-14 03:54:35 -------- d-----w- c:\program files\AviSynth 2.5
2013-05-13 13:44:43 -------- d-----w- c:\users\sai sgk\appdata\roaming\AVG2013
2013-05-13 13:44:07 -------- d-----w- c:\users\sai sgk\appdata\roaming\TuneUp Software
2013-05-13 13:43:55 -------- d--h--w- C:\$AVG
2013-05-13 13:43:55 -------- d-----w- c:\programdata\AVG2013
2013-05-13 13:43:36 -------- d-----w- c:\program files\AVG
2013-05-13 13:35:15 -------- d--h--w- c:\programdata\Common Files
2013-05-13 13:35:15 -------- d-----w- c:\users\sai sgk\appdata\local\MFAData
2013-05-13 13:35:15 -------- d-----w- c:\users\sai sgk\appdata\local\Avg2013
2013-05-13 13:35:15 -------- d-----w- c:\programdata\MFAData
2013-05-13 13:34:33 -------- d-----w- c:\program files\VideoLAN
2013-05-13 13:33:09 178688 ----a-w- c:\windows\system32\unrar.dll
2013-05-13 12:26:26 2422272 ----a-w- c:\windows\system32\wucltux.dll
2013-05-13 12:26:20 88576 ----a-w- c:\windows\system32\wudriver.dll
2013-05-13 12:26:13 33792 ----a-w- c:\windows\system32\wuapp.exe
2013-05-13 12:26:13 171904 ----a-w- c:\windows\system32\wuwebv.dll
2013-05-12 10:55:31 -------- d-----w- c:\users\sai sgk\appdata\local\Microsoft Games
2013-05-12 10:20:48 -------- d-----w- c:\users\sai sgk\appdata\local\Programs
2013-05-12 06:01:37 22944 ----a-w- c:\windows\system32\drivers\cpqdfw.sys
2013-05-12 06:00:41 -------- d-----w- c:\programdata\{9BF4D58B-C6D6-467B-BC5A-FD0C1278F4AF}
2013-05-12 06:00:29 -------- d-----w- c:\users\sai sgk\appdata\roaming\hpqLog
2013-05-12 06:00:16 -------- d-----w- C:\swsetup
2013-05-12 05:42:46 -------- d-----w- c:\users\sai sgk\appdata\roaming\HP Support Assistant
2013-05-12 05:42:45 -------- d-----w- c:\users\sai sgk\appdata\roaming\HpUpdate
2013-05-12 05:36:33 -------- d-----w- c:\users\sai sgk\appdata\local\Adobe
2013-05-12 05:35:07 -------- d-----w- c:\program files\common files\Adobe Systems Shared
2013-05-11 10:44:12 -------- d-----w- c:\programdata\AVerTV
2013-05-11 10:44:05 -------- d-----w- c:\users\sai sgk\appdata\local\AVerMedia
2013-05-11 04:34:24 -------- d-----w- c:\users\sai sgk\appdata\local\CyberLink
2013-05-11 04:34:23 -------- d-----w- c:\users\sai sgk\appdata\local\PowerCinema
2013-05-11 04:28:13 -------- d-----w- C:\New Folder
2013-05-11 04:05:01 -------- d-----w- c:\program files\PowerISO
2013-05-11 00:22:55 1320960 ----a-w- c:\windows\system32\CertEnroll.dll
2013-05-11 00:22:54 507568 ----a-w- c:\windows\system32\winload.exe
2013-05-11 00:22:54 442920 ----a-w- c:\windows\system32\winresume.exe
2013-05-11 00:22:37 257024 ----a-w- c:\windows\system32\msv1_0.dll
2013-05-11 00:22:32 34816 ----a-w- c:\windows\system32\msasn1.dll
2013-05-11 00:22:13 -------- d--h--w- C:\hp
2013-05-11 00:22:12 -------- d-----w- c:\windows\system32\OEM
2013-05-11 00:22:12 -------- d-----w- c:\windows\Panther
2013-05-10 13:28:30 24576 ----a-w- c:\windows\system32\cxtvrate.dll
2013-05-10 13:28:30 18432 ----a-w- c:\windows\system32\cpnotify.ax
2013-05-10 13:28:30 -------- d-----w- c:\windows\Driver Cache
2013-05-10 13:17:10 6906960 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{606a50d8-1396-4aef-bf21-01baf06e2c2c}\mpengine.dll
2013-05-10 13:17:07 238872 ------w- c:\windows\system32\MpSigStub.exe
2013-05-10 13:15:31 -------- d-----w- c:\users\sai sgk\appdata\local\Mozilla
2013-05-10 13:15:27 -------- d-----w- c:\program files\Mozilla Maintenance Service
2013-05-10 12:56:19 -------- d-----w- c:\users\sai sgk\appdata\local\Hewlett-Packard
2013-05-10 11:32:38 -------- d-----w- c:\programdata\Norton
2013-05-10 11:32:19 -------- d-----w- c:\programdata\NortonInstaller
2013-05-10 11:31:03 3426072 ----a-w- c:\windows\system32\d3dx9_32.dll
2013-05-10 11:31:01 -------- d-----w- c:\program files\Microsoft SQL Server Compact Edition
2013-05-10 11:30:25 -------- d-----w- c:\program files\Microsoft
2013-05-10 11:30:10 -------- d-----w- c:\program files\Windows Live SkyDrive
2013-05-10 11:29:45 -------- d-----w- c:\windows\PCHEALTH
2013-05-10 11:29:32 74520 ----a-w- c:\program files\common files\windows live\.cache\a49832d51ce4d71\DSETUP.dll
2013-05-10 11:29:32 484632 ----a-w- c:\program files\common files\windows live\.cache\a49832d51ce4d71\DXSETUP.exe
2013-05-10 11:29:32 1670936 ----a-w- c:\program files\common files\windows live\.cache\a49832d51ce4d71\dsetup32.dll
2013-05-10 11:29:16 141402440 ----a-w- c:\program files\common files\windows live\.cache\wlc16AB.tmp
2013-05-10 11:29:10 -------- d-----w- c:\program files\common files\Windows Live
2013-05-10 11:28:46 537248 ----a-w- c:\program files\online services\omnifone\MusicStation.exe
2013-05-10 11:26:14 -------- d-----w- c:\programdata\WildTangent
2013-05-10 11:26:14 -------- d-----w- c:\program files\HP Games
2013-05-10 11:26:13 -------- d-----r- c:\program files\Online Services
2013-05-10 11:21:57 753664 ----a-w- c:\program files\common files\installshield\professional\runtime\11\00\intel32\iKernel.dll
2013-05-10 11:21:57 69714 ----a-w- c:\program files\common files\installshield\professional\runtime\11\00\intel32\ctor.dll
2013-05-10 11:21:57 5632 ----a-w- c:\program files\common files\installshield\professional\runtime\11\00\intel32\DotNetInstaller.exe
2013-05-10 11:21:57 331908 ----a-w- c:\program files\common files\installshield\professional\runtime\11\00\intel32\setup.dll
2013-05-10 11:21:57 274432 ----a-w- c:\program files\common files\installshield\professional\runtime\11\00\intel32\iscript.dll
2013-05-10 11:21:57 200836 ----a-w- c:\program files\common files\installshield\professional\runtime\11\00\intel32\iGdi.dll
2013-05-10 11:21:57 184320 ----a-w- c:\program files\common files\installshield\professional\runtime\11\00\intel32\iuser.dll
2013-05-10 11:16:59 -------- d-----w- c:\programdata\PC-Doctor for Windows
2013-05-10 11:16:47 -------- d-----w- c:\program files\PC-Doctor for Windows
2013-05-10 11:14:51 -------- d---a-w- c:\program files\common files\LS Getting Started
2013-05-10 11:08:01 -------- d-----w- c:\program files\PlayReady
2013-05-10 11:06:40 831488 ----a-w- c:\windows\RtlExUpd.dll
2013-05-10 11:06:40 757760 ----a-w- c:\program files\common files\installshield\professional\runtime\11\50\intel32\iKernel.dll
2013-05-10 11:06:40 69715 ----a-w- c:\program files\common files\installshield\professional\runtime\11\50\intel32\ctor.dll
2013-05-10 11:06:40 5632 ----a-w- c:\program files\common files\installshield\professional\runtime\11\50\intel32\DotNetInstaller.exe
2013-05-10 11:06:40 32768 ----a-w- c:\program files\common files\installshield\professional\runtime\Objectps.dll
2013-05-10 11:06:40 274432 ----a-w- c:\program files\common files\installshield\professional\runtime\11\50\intel32\iscript.dll
2013-05-10 11:06:40 204800 ----a-w- c:\program files\common files\installshield\professional\runtime\11\50\intel32\iuser.dll
2013-05-10 11:06:40 -------- d--h--w- c:\program files\Temp
2013-05-10 11:06:39 331908 ----a-w- c:\program files\common files\installshield\professional\runtime\11\50\intel32\setup.dll
2013-05-10 11:06:39 200836 ----a-w- c:\program files\common files\installshield\professional\runtime\11\50\intel32\iGdi.dll
2013-05-10 11:05:48 -------- d-----w- c:\windows\system32\wbem\Performance
2013-05-10 11:05:37 -------- d-----w- c:\windows\system32\AGEIA
2013-05-10 11:05:34 -------- d-----w- c:\program files\common files\Wise Installation Wizard
2013-05-10 11:04:14 -------- dc-h--w- c:\programdata\{D441869F-BEC4-446D-9888-C5CA29F160F9}
2013-05-10 11:02:36 -------- d-----w- c:\program files\hp
2013-05-10 11:01:38 253952 ----a-w- c:\windows\system32\cPC_DMIRD.dll
2013-05-10 10:59:58 -------- d-sh--w- c:\windows\Installer
2013-05-10 10:56:38 584296 ----a-w- c:\windows\system32\nvuninst.exe
2013-05-10 10:56:03 -------- d-----w- c:\program files\Realtek
2013-05-10 10:56:02 -------- d-----w- c:\windows\system32\RTCOM
.
==================== Find3M ====================
.
2013-04-25 15:00:16 5041848 ----a-w- c:\users\sai sgk\appdata\roaming\idman615f.exe
2013-04-12 13:58:11 1210728 ----a-w- c:\windows\system32\drivers\ntfs.sys
2013-03-28 21:23:48 208184 ----a-w- c:\windows\system32\drivers\avgidsdriverx.sys
2013-03-20 21:38:24 182072 ----a-w- c:\windows\system32\drivers\avgtdix.sys
2013-03-19 05:06:09 3958120 ----a-w- c:\windows\system32\ntkrnlpa.exe
2013-03-19 05:06:09 3902312 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-03-19 04:54:22 38912 ----a-w- c:\windows\system32\csrsrv.dll
2013-03-19 02:50:03 69632 ----a-w- c:\windows\system32\smss.exe
.
============= FINISH: 18:55:40.49 ===============
DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 9.0.8112.16483 BrowserJavaVersion: 10.21.2
Run by Sai SGK at 18:55:19 on 2013-06-03
Microsoft Windows 7 Home Premium 6.1.7600.0.1252.91.1033.18.3255.2156 [GMT 5.5:30]
.
AV: AVG AntiVirus Free Edition 2013 *Enabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: AVG AntiVirus Free Edition 2013 *Enabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
.
============== Running Processes ================
.
C:\PROGRA~1\AVG\AVG2013\avgrsx.exe
C:\Program Files\AVG\AVG2013\avgcsrvx.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files\Common Files\AVerMedia\Service\AVerRemote.exe
C:\Program Files\Common Files\AVerMedia\Service\AVerScheduleService.exe
C:\Program Files\AVG\AVG2013\avgidsagent.exe
C:\Program Files\AVG\AVG2013\avgwdsvc.exe
c:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Program Files\Hewlett-Packard\HP MAINSTREAM KEYBOARD\ModLEDKey.exe
C:\Program Files\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe
C:\Program Files\Hewlett-Packard\HP Odometer\hpsysdrv.exe
C:\Program Files\Hewlett-Packard\HP MAINSTREAM KEYBOARD\BATINDICATOR.exe
C:\Program Files\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe
C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
C:\Program Files\hp\HP Software Update\hpwuschd2.exe
C:\Program Files\AVG\AVG2013\avgui.exe
C:\Windows\System32\StikyNot.exe
C:\Program Files\Common Files\AVerMedia\AVerQuick\AVerQuick.exe
C:\Program Files\AVG\AVG2013\avgnsx.exe
C:\Program Files\AVG\AVG2013\avgemcx.exe
C:\Windows\system32\conhost.exe
C:\Users\Sai SGK\AppData\Roaming\Adobe\Flash Player\SpeedCache\mpchc64.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\WUDFHost.exe
C:\Program Files\Hewlett-Packard\HP MAINSTREAM KEYBOARD\CNYHKEY.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\taskeng.exe
c:\Program Files\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
C:\Program Files\Hewlett-Packard\HP Support Framework\hpsa_service.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wuauclt.exe
C:\Users\Sai SGK\AppData\Roaming\uTorrent\uTorrent.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Program Files\Free Download Manager\fdm.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://tuvaro.com/ws/?source=536c75e7&tbp=homepage&toolbarid=base&u=64d260000000000000006c626d4939de
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - <orphaned>
BHO: Search Helper: {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - c:\program files\microsoft\search enhancement pack\search helper\SearchHelper.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
BHO: {7825CFB6-490A-436B-9F26-4A7B5CFC01A9} - <orphaned>
BHO: Windows Live Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Free Download Manager: {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - c:\program files\free download manager\iefdm2.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
BHO: Windows Live Toolbar Helper: {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - c:\program files\windows live\toolbar\wltcore.dll
BHO: HP Network Check Helper: {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - c:\program files\hewlett-packard\hp support framework\resources\hpnetworkcheck\HPNetworkCheckPlugin.dll
TB: &Windows Live Toolbar: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - c:\program files\windows live\toolbar\wltcore.dll
TB: &Windows Live Toolbar: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - c:\program files\windows live\toolbar\wltcore.dll
uRun: [RESTART_STICKY_NOTES] c:\windows\system32\StikyNot.exe
uRun: [SpeedUpSystem] wscript "c:\users\sai sgk\appdata\roaming\adobe\flash player\speedcache\afile.vbs" "c:\users\sai sgk\appdata\roaming\adobe\flash player\speedcache\aso.bat"
mRun: [hpsysdrv] c:\program files\hewlett-packard\hp odometer\hpsysdrv.exe
mRun: [BATINDICATOR] c:\program files\hewlett-packard\hp mainstream keyboard\BATINDICATOR.exe
mRun: [LaunchHPOSIAPP] c:\program files\hewlett-packard\hp mainstream keyboard\LaunchApp.exe
mRun: [HP Remote Solution] c:\program files\hewlett-packard\hp remote solution\HP_Remote_Solution.exe
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [SmartMenu] c:\program files\hewlett-packard\hp mediasmart\SmartMenu.exe /background
mRun: [PC-Doctor for Windows localizer] c:\program files\pc-doctor for windows\localizer.exe
mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
mRun: [AVG_UI] "c:\program files\avg\avg2013\avgui.exe" /TRAYONLY
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\averhi~1.lnk - c:\program files\common files\avermedia\averquick\AVerHIDReceiver.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\averqu~1.lnk - c:\program files\common files\avermedia\averquick\AVerQuick.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: Download all with Free Download Manager - c:\program files\free download manager\dlall.htm
IE: Download selected with Free Download Manager - c:\program files\free download manager\dlselected.htm
IE: Download video with Free Download Manager - c:\program files\free download manager\dlfvideo.htm
IE: Download with Free Download Manager - c:\program files\free download manager\dllink.htm
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
IE: {25510184-5A38-4A99-B273-DCA8EEF6CD08} - c:\program files\hewlett-packard\hp support framework\resources\hpnetworkcheck\NCLauncherFromIE.exe
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{65761BBB-314C-497C-B341-7373BFF88A84} : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{95278B9B-CEB4-41F9-8410-767709D61073} : DHCPNameServer = 192.168.1.1
SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\sai sgk\appdata\roaming\mozilla\firefox\profiles\vc9kd8ly.default\
FF - prefs.js: browser.startup.homepage - about:home
FF - plugin: c:\program files\java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll
FF - plugin: c:\programdata\visan\plugins\npRLSecurePluginLayer.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_7_700_202.dll
FF - plugin: c:\windows\system32\npDeployJava1.dll
FF - plugin: c:\windows\system32\npmproxy.dll
FF - ExtSQL: 2013-05-18 16:51; {b9db16a4-6edc-47ec-a1f4-b86292ed211d}; c:\users\sai sgk\appdata\roaming\mozilla\firefox\profiles\vc9kd8ly.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
FF - ExtSQL: 2013-06-01 09:53; {19503e42-ca3c-4c27-b1e2-9cdb2170ee34}; c:\users\sai sgk\appdata\roaming\mozilla\firefox\profiles\vc9kd8ly.default\extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}.xpi
FF - ExtSQL: 2013-06-03 17:26; fdm_ffext@freedownloadmanager.org; c:\program files\free download manager\firefox\Extension
.
---- FIREFOX POLICIES ----
FF - user.js: extensions.delta.tlbrSrchUrl -
FF - user.js: extensions.delta.id - 64d260000000000000006c626d4939de
FF - user.js: extensions.delta.appId - {C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
FF - user.js: extensions.delta.instlDay - 15843
FF - user.js: extensions.delta.vrsn - 1.8.21.0
FF - user.js: extensions.delta.vrsni - 1.8.21.0
FF - user.js: extensions.delta.vrsnTs - 1.8.21.018:05:38
FF - user.js: extensions.delta.prtnrId - delta
FF - user.js: extensions.delta.prdct - delta
FF - user.js: extensions.delta.aflt - babsst
FF - user.js: extensions.delta.smplGrp - none
FF - user.js: extensions.delta.tlbrId - base
FF - user.js: extensions.delta.instlRef - sst
FF - user.js: extensions.delta.dfltLng - en
FF - user.js: extensions.delta.excTlbr - false
FF - user.js: extensions.delta.ffxUnstlRst - true
FF - user.js: extensions.delta.admin - false
FF - user.js: extensions.delta_i.babTrack - affID=119816&tt=gc_170513_18210
FF - user.js: extensions.delta_i.babExt -
FF - user.js: extensions.delta_i.srcExt - ss
FF - user.js: extensions.delta.autoRvrt - false
FF - user.js: extensions.delta.rvrt - false
FF - user.js: extensions.delta.newTab - false
FF - user.js: extensions.tuvaro.hpOld0 -
FF - user.js: extensions.tuvaro.tlbrSrchUrl - hxxp://tuvaro.com/ws/?source=536c75e7&tbp=main&toolbarid=base&u=64d260000000000000006c626d4939de&q=
FF - user.js: extensions.tuvaro.id - 64d260000000000000006c626d4939de
FF - user.js: extensions.tuvaro.appId - {2768469C-717B-401F-8532-C6D88BAE0339}
FF - user.js: extensions.tuvaro.instlDay - 15847
FF - user.js: extensions.tuvaro.vrsn - 1.8.17.3
FF - user.js: extensions.tuvaro.vrsni - 1.8.17.3
FF - user.js: extensions.tuvaro.vrsnTs - 1.8.17.39:48:06
FF - user.js: extensions.tuvaro.prtnrId - tuvaro
FF - user.js: extensions.tuvaro.prdct - tuvaro
FF - user.js: extensions.tuvaro.aflt - orgnl
FF - user.js: extensions.tuvaro.smplGrp - none
FF - user.js: extensions.tuvaro.tlbrId - base
FF - user.js: extensions.tuvaro.instlRef - 536c75e7
FF - user.js: extensions.tuvaro.dfltLng -
FF - user.js: extensions.tuvaro.excTlbr - false
FF - user.js: extensions.tuvaro.ffxUnstlRst - false
FF - user.js: extensions.tuvaro.admin - false
FF - user.js: extensions.tuvaro.cam -
FF - user.js: extensions.tuvaro.autoRvrt - false
FF - user.js: extensions.tuvaro.rvrt - false
FF - user.js: extensions.tuvaro.hmpg - true
FF - user.js: extensions.tuvaro.hmpgUrl - hxxp://tuvaro.com/ws/?source=536c75e7&tbp=homepage&toolbarid=base&u=64d260000000000000006c626d4939de
FF - user.js: extensions.tuvaro.dfltSrch - true
FF - user.js: extensions.tuvaro.srchPrvdr - Tuvaro
FF - user.js: extensions.tuvaro.kw_url - hxxp://tuvaro.com/ws/?source=536c75e7&tbp=url&toolbarid=base&u=64d260000000000000006c626d4939de&q=
FF - user.js: extensions.tuvaro.dnsErr - true
FF - user.js: extensions.tuvaro.newTab - true
FF - user.js: extensions.tuvaro.newTabUrl - chrome://tuvaro/content/new browser tab.html?source=536c75e7&tbp=tab&u=64d260000000000000006c626d4939de
.
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSHX;AVGIDSHX;c:\windows\system32\drivers\avgidshx.sys [2013-2-8 60216]
R0 Avglogx;AVG Logging Driver;c:\windows\system32\drivers\avglogx.sys [2013-2-8 245048]
R0 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2013-2-8 96568]
R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2013-2-8 39224]
R1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\avgidsdriverx.sys [2013-3-29 208184]
R1 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\avgidsshimx.sys [2013-3-1 22328]
R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2013-2-8 170808]
R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2013-3-21 182072]
R2 AVerRemote;AVerRemote;c:\program files\common files\avermedia\service\AVerRemote.exe [2013-5-11 348160]
R2 AVerScheduleService;AVerScheduleService;c:\program files\common files\avermedia\service\AVerScheduleService.exe [2013-5-11 389120]
R2 AVGIDSAgent;AVGIDSAgent;c:\program files\avg\avg2013\avgidsagent.exe [2013-5-14 4937264]
R2 avgwd;AVG WatchDog;c:\program files\avg\avg2013\avgwdsvc.exe [2013-4-18 283136]
R2 HP Support Assistant Service;HP Support Assistant Service;c:\program files\hewlett-packard\hp support framework\HPSA_Service.exe [2012-9-27 86528]
R3 AVER_H193;AVerMedia H193 Video Capture;c:\windows\system32\drivers\AVer888RC.sys [2009-8-21 461952]
R3 AVerPola;AVerMedia USB Polaris Series Capture Service;c:\windows\system32\drivers\AVerPola.sys [2013-5-11 314752]
R3 AVPolCIR;AVerMedia USB Polaris Series Custom IR Service;c:\windows\system32\drivers\AVPolCIR.sys [2013-5-11 32896]
R3 CXCIR;AVerMedia Consumer Infrared Receiver;c:\windows\system32\drivers\AVer888RCIR.sys [2009-8-21 33280]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\drivers\Rt86win7.sys [2009-8-21 189440]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-14 229888]
S3 netr28;Ralink 802.11n Extensible Wireless Driver;c:\windows\system32\drivers\netr28.sys [2009-5-20 599040]
S3 PCDSRVC{4F253FFC-7957E8FC-06000000}_0;PCDSRVC{4F253FFC-7957E8FC-06000000}_0 - PCDR Kernel Mode Service Helper Driver;c:\program files\pc-doctor for windows\pcdsrvc.pkms [2009-9-17 20848]
.
=============== Created Last 30 ================
.
2013-06-03 11:56:04 -------- d-----w- c:\users\sai sgk\appdata\roaming\Free Download Manager
2013-06-03 09:15:23 -------- d-----w- c:\users\sai sgk\appdata\roaming\Malwarebytes
2013-06-03 09:15:11 -------- d-----w- c:\programdata\Malwarebytes
2013-06-03 09:15:10 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-06-03 09:15:10 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2013-06-01 04:12:30 -------- d-----w- c:\programdata\IDM
2013-06-01 04:12:29 -------- d-----w- c:\users\sai sgk\appdata\roaming\DMCache
2013-05-30 11:16:37 -------- d-----w- c:\users\sai sgk\appdata\roaming\FlashgetSetup
2013-05-30 11:16:37 -------- d-----w- c:\users\sai sgk\appdata\roaming\BITS
2013-05-30 11:16:29 -------- d-----w- c:\program files\FlashGet Network
2013-05-30 11:11:29 -------- d-----w- C:\Downloads
2013-05-30 11:10:26 -------- d-----w- c:\program files\Free Download Manager
2013-05-26 11:49:39 -------- d-----w- C:\Recorded Videos
2013-05-24 13:43:19 34304 ----a-w- c:\windows\system32\atmlib.dll
2013-05-24 13:43:19 295424 ----a-w- c:\windows\system32\atmfd.dll
2013-05-24 13:38:01 99176 ----a-w- c:\windows\system32\PresentationHostProxy.dll
2013-05-24 13:38:01 49472 ----a-w- c:\windows\system32\netfxperf.dll
2013-05-24 13:38:01 297808 ----a-w- c:\windows\system32\mscoree.dll
2013-05-24 13:38:01 295264 ----a-w- c:\windows\system32\PresentationHost.exe
2013-05-24 13:38:01 1130824 ----a-w- c:\windows\system32\dfshim.dll
2013-05-24 13:26:06 5120 ----a-w- c:\windows\system32\wmi.dll
2013-05-24 13:26:06 19312 ----a-w- c:\windows\system32\drivers\fs_rec.sys
2013-05-24 13:26:06 158720 ----a-w- c:\windows\system32\imagehlp.dll
2013-05-24 13:20:09 801792 ----a-w- c:\windows\system32\FntCache.dll
2013-05-24 13:20:09 283648 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2013-05-24 13:20:09 1619456 ----a-w- c:\windows\system32\WMVDECOD.DLL
2013-05-24 13:20:09 1495040 ----a-w- c:\windows\system32\ExplorerFrame.dll
2013-05-24 13:20:09 135168 ----a-w- c:\windows\system32\XpsRasterService.dll
2013-05-24 13:20:08 728448 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
2013-05-24 13:20:08 442880 ----a-w- c:\windows\system32\XpsPrint.dll
2013-05-24 13:20:08 3181568 ----a-w- c:\windows\system32\mf.dll
2013-05-24 13:20:08 219008 ----a-w- c:\windows\system32\drivers\dxgmms1.sys
2013-05-24 13:20:08 196608 ----a-w- c:\windows\system32\mfreadwrite.dll
2013-05-24 13:20:08 107520 ----a-w- c:\windows\system32\cdd.dll
2013-05-24 13:12:46 -------- d-----w- c:\program files\MSXML 4.0
2013-05-24 12:55:10 123904 ----a-w- c:\windows\system32\poqexec.exe
2013-05-24 12:54:54 690688 ----a-w- c:\windows\system32\msvcrt.dll
2013-05-24 12:54:52 285696 ----a-w- c:\windows\system32\winlogon.exe
2013-05-24 12:54:52 2614272 ----a-w- c:\windows\explorer.exe
2013-05-24 12:53:37 36864 ----a-w- c:\windows\system32\tsgqec.dll
2013-05-24 12:53:37 2691072 ----a-w- c:\windows\system32\mstscax.dll
2013-05-24 12:53:37 131072 ----a-w- c:\windows\system32\aaclient.dll
2013-05-24 12:52:52 826368 ----a-w- c:\windows\system32\rdpcore.dll
2013-05-24 12:52:52 24064 ----a-w- c:\windows\system32\drivers\tdtcp.sys
2013-05-24 12:52:50 2048 ----a-w- c:\windows\system32\tzres.dll
2013-05-24 12:51:49 1034240 ----a-w- c:\windows\system32\mstsc.exe
2013-05-24 12:50:58 954752 ----a-w- c:\windows\system32\mfc40.dll
2013-05-24 12:50:58 954288 ----a-w- c:\windows\system32\mfc40u.dll
2013-05-24 12:49:49 338944 ----a-w- c:\windows\system32\drivers\afd.sys
2013-05-24 12:49:36 316928 ----a-w- c:\windows\system32\spoolsv.exe
2013-05-24 12:49:16 69632 ----a-w- c:\windows\system32\drivers\bowser.sys
2013-05-24 12:47:36 294912 ----a-w- c:\windows\system32\umpnpmgr.dll
2013-05-24 12:46:38 376832 ----a-w- c:\windows\system32\dpnet.dll
2013-05-24 12:46:37 67584 ----a-w- c:\windows\system32\asycfilt.dll
2013-05-24 12:46:36 768512 ----a-w- c:\windows\system32\localspl.dll
2013-05-24 12:46:36 1236992 ----a-w- c:\windows\system32\msxml3.dll
2013-05-24 12:46:35 172544 ----a-w- c:\windows\system32\wintrust.dll
2013-05-24 12:46:32 530432 ----a-w- c:\windows\system32\comctl32.dll
2013-05-24 12:46:31 4247040 ----a-w- c:\program files\windows nt\accessories\wordpad.exe
2013-05-24 12:46:31 1413632 ----a-w- c:\windows\system32\ole32.dll
2013-05-24 12:46:30 516096 ----a-w- c:\program files\windows mail\wab.exe
2013-05-24 12:46:30 132608 ----a-w- c:\windows\system32\cabview.dll
2013-05-24 12:46:30 109056 ----a-w- c:\windows\system32\t2embed.dll
2013-05-24 12:46:29 82944 ----a-w- c:\windows\system32\iccvid.dll
2013-05-24 12:46:29 197632 ----a-w- c:\windows\system32\ir32_32.dll
2013-05-24 12:44:41 292864 ----a-w- c:\windows\system32\apphelp.dll
2013-05-24 12:42:34 850432 ----a-w- c:\windows\system32\sbe.dll
2013-05-24 12:42:34 642048 ----a-w- c:\windows\system32\CPFilters.dll
2013-05-24 12:42:34 199680 ----a-w- c:\windows\system32\mpg2splt.ax
2013-05-24 12:42:04 187240 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
2013-05-24 12:42:04 1287528 ----a-w- c:\windows\system32\drivers\tcpip.sys
2013-05-24 12:41:52 541184 ----a-w- c:\windows\system32\kerberos.dll
2013-05-24 12:41:36 41472 ----a-w- c:\windows\system32\browcli.dll
2013-05-24 12:41:36 102912 ----a-w- c:\windows\system32\browser.dll
2013-05-24 12:41:35 8192 ----a-w- c:\windows\system32\rdrmemptylst.exe
2013-05-24 12:41:35 57856 ----a-w- c:\windows\system32\rdpwsx.dll
2013-05-24 12:41:35 363520 ----a-w- c:\windows\system32\StructuredQuery.dll
2013-05-24 12:41:35 129536 ----a-w- c:\windows\system32\rdpcorekmts.dll
2013-05-24 12:41:34 70656 ----a-w- c:\windows\system32\fontsub.dll
2013-05-24 12:41:34 67072 ----a-w- c:\windows\system32\packager.dll
2013-05-24 12:41:33 245616 ----a-w- c:\windows\system32\drivers\volsnap.sys
2013-05-24 12:41:32 738816 ----a-w- c:\windows\system32\wmpmde.dll
2013-05-24 12:39:54 56688 ----a-w- c:\windows\system32\drivers\partmgr.sys
2013-05-23 12:56:56 -------- d-----w- c:\users\sai sgk\appdata\roaming\Auslogics
2013-05-23 12:56:55 -------- d-----w- c:\program files\Auslogics
2013-05-23 04:25:29 -------- d-----w- c:\users\sai sgk\appdata\roaming\BitTorrent
2013-05-22 04:21:24 -------- d-----w- c:\users\sai sgk\appdata\roaming\uTorrent
2013-05-22 04:18:13 -------- d-----w- c:\users\sai sgk\appdata\local\CRE
2013-05-22 04:18:03 -------- d-----w- c:\program files\Conduit
2013-05-22 04:18:02 -------- d-----w- c:\users\sai sgk\appdata\local\Conduit
2013-05-22 04:15:10 -------- d-----w- c:\users\sai sgk\appdata\local\Google
2013-05-22 04:03:58 -------- d-----w- c:\users\sai sgk\appdata\local\sabnzbd
2013-05-21 13:21:41 -------- d-----w- c:\users\sai sgk\appdata\roaming\.BitTornado
2013-05-21 13:21:09 -------- d-----w- c:\program files\BitTornado
2013-05-20 13:15:41 -------- d-----w- c:\program files\MPC-HC
2013-05-20 05:21:13 -------- d-----w- c:\users\sai sgk\appdata\roaming\Visan
2013-05-20 05:18:08 -------- d-----w- c:\programdata\Visan
2013-05-20 04:50:48 -------- d-----w- c:\programdata\HP Photo Creations
2013-05-20 04:50:48 -------- d-----w- c:\program files\HP Photo Creations
2013-05-20 04:50:45 -------- d-----w- c:\program files\Coupons
2013-05-20 04:50:19 273256 ------w- c:\windows\system32\HPDiscoPM9311.dll
2013-05-20 04:48:51 -------- d-----w- c:\users\sai sgk\appdata\local\HP
2013-05-19 13:00:34 -------- d-----w- c:\users\sai sgk\appdata\local\Macromedia
2013-05-19 12:48:31 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-05-19 12:48:31 692104 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-05-18 12:37:00 -------- d-----w- c:\users\sai sgk\appdata\local\Bundled software uninstaller
2013-05-18 12:34:47 -------- d-----w- c:\users\sai sgk\appdata\roaming\Babylon
2013-05-18 12:34:47 -------- d-----w- c:\programdata\Babylon
2013-05-18 11:26:47 -------- d-----w- c:\program files\VirtualDub
2013-05-17 11:29:02 -------- d-----w- c:\users\sai sgk\appdata\roaming\foobar2000
2013-05-17 11:28:57 -------- d-----w- c:\program files\foobar2000
2013-05-15 12:31:35 -------- d-----w- c:\users\sai sgk\appdata\roaming\VideoReDo-TVSuite4
2013-05-15 12:31:35 -------- d-----w- c:\program files\VideoReDoTVSuite4
2013-05-15 12:28:53 -------- d-----w- c:\users\sai sgk\appdata\roaming\AccurateRip
2013-05-15 12:27:57 4779592 ----a-w- c:\windows\system32\SpoonUninstall.exe
2013-05-15 12:27:46 -------- d-----w- c:\program files\Illustrate
2013-05-14 13:24:44 866720 ----a-w- c:\windows\system32\npDeployJava1.dll
2013-05-14 13:24:44 788896 ----a-w- c:\windows\system32\deployJava1.dll
2013-05-14 13:24:43 94112 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2013-05-14 13:13:09 -------- d-----w- c:\program files\aMule
2013-05-14 12:59:05 -------- d-----w- c:\users\sai sgk\appdata\roaming\aMule
2013-05-14 03:55:18 -------- d-----w- c:\program files\AvsP
2013-05-14 03:54:35 -------- d-----w- c:\program files\AviSynth 2.5
2013-05-13 13:44:43 -------- d-----w- c:\users\sai sgk\appdata\roaming\AVG2013
2013-05-13 13:44:07 -------- d-----w- c:\users\sai sgk\appdata\roaming\TuneUp Software
2013-05-13 13:43:55 -------- d--h--w- C:\$AVG
2013-05-13 13:43:55 -------- d-----w- c:\programdata\AVG2013
2013-05-13 13:43:36 -------- d-----w- c:\program files\AVG
2013-05-13 13:35:15 -------- d--h--w- c:\programdata\Common Files
2013-05-13 13:35:15 -------- d-----w- c:\users\sai sgk\appdata\local\MFAData
2013-05-13 13:35:15 -------- d-----w- c:\users\sai sgk\appdata\local\Avg2013
2013-05-13 13:35:15 -------- d-----w- c:\programdata\MFAData
2013-05-13 13:34:33 -------- d-----w- c:\program files\VideoLAN
2013-05-13 13:33:09 178688 ----a-w- c:\windows\system32\unrar.dll
2013-05-13 12:26:26 2422272 ----a-w- c:\windows\system32\wucltux.dll
2013-05-13 12:26:20 88576 ----a-w- c:\windows\system32\wudriver.dll
2013-05-13 12:26:13 33792 ----a-w- c:\windows\system32\wuapp.exe
2013-05-13 12:26:13 171904 ----a-w- c:\windows\system32\wuwebv.dll
2013-05-12 10:55:31 -------- d-----w- c:\users\sai sgk\appdata\local\Microsoft Games
2013-05-12 10:20:48 -------- d-----w- c:\users\sai sgk\appdata\local\Programs
2013-05-12 06:01:37 22944 ----a-w- c:\windows\system32\drivers\cpqdfw.sys
2013-05-12 06:00:41 -------- d-----w- c:\programdata\{9BF4D58B-C6D6-467B-BC5A-FD0C1278F4AF}
2013-05-12 06:00:29 -------- d-----w- c:\users\sai sgk\appdata\roaming\hpqLog
2013-05-12 06:00:16 -------- d-----w- C:\swsetup
2013-05-12 05:42:46 -------- d-----w- c:\users\sai sgk\appdata\roaming\HP Support Assistant
2013-05-12 05:42:45 -------- d-----w- c:\users\sai sgk\appdata\roaming\HpUpdate
2013-05-12 05:36:33 -------- d-----w- c:\users\sai sgk\appdata\local\Adobe
2013-05-12 05:35:07 -------- d-----w- c:\program files\common files\Adobe Systems Shared
2013-05-11 10:44:12 -------- d-----w- c:\programdata\AVerTV
2013-05-11 10:44:05 -------- d-----w- c:\users\sai sgk\appdata\local\AVerMedia
2013-05-11 04:34:24 -------- d-----w- c:\users\sai sgk\appdata\local\CyberLink
2013-05-11 04:34:23 -------- d-----w- c:\users\sai sgk\appdata\local\PowerCinema
2013-05-11 04:28:13 -------- d-----w- C:\New Folder
2013-05-11 04:05:01 -------- d-----w- c:\program files\PowerISO
2013-05-11 00:22:55 1320960 ----a-w- c:\windows\system32\CertEnroll.dll
2013-05-11 00:22:54 507568 ----a-w- c:\windows\system32\winload.exe
2013-05-11 00:22:54 442920 ----a-w- c:\windows\system32\winresume.exe
2013-05-11 00:22:37 257024 ----a-w- c:\windows\system32\msv1_0.dll
2013-05-11 00:22:32 34816 ----a-w- c:\windows\system32\msasn1.dll
2013-05-11 00:22:13 -------- d--h--w- C:\hp
2013-05-11 00:22:12 -------- d-----w- c:\windows\system32\OEM
2013-05-11 00:22:12 -------- d-----w- c:\windows\Panther
2013-05-10 13:28:30 24576 ----a-w- c:\windows\system32\cxtvrate.dll
2013-05-10 13:28:30 18432 ----a-w- c:\windows\system32\cpnotify.ax
2013-05-10 13:28:30 -------- d-----w- c:\windows\Driver Cache
2013-05-10 13:17:10 6906960 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{606a50d8-1396-4aef-bf21-01baf06e2c2c}\mpengine.dll
2013-05-10 13:17:07 238872 ------w- c:\windows\system32\MpSigStub.exe
2013-05-10 13:15:31 -------- d-----w- c:\users\sai sgk\appdata\local\Mozilla
2013-05-10 13:15:27 -------- d-----w- c:\program files\Mozilla Maintenance Service
2013-05-10 12:56:19 -------- d-----w- c:\users\sai sgk\appdata\local\Hewlett-Packard
2013-05-10 11:32:38 -------- d-----w- c:\programdata\Norton
2013-05-10 11:32:19 -------- d-----w- c:\programdata\NortonInstaller
2013-05-10 11:31:03 3426072 ----a-w- c:\windows\system32\d3dx9_32.dll
2013-05-10 11:31:01 -------- d-----w- c:\program files\Microsoft SQL Server Compact Edition
2013-05-10 11:30:25 -------- d-----w- c:\program files\Microsoft
2013-05-10 11:30:10 -------- d-----w- c:\program files\Windows Live SkyDrive
2013-05-10 11:29:45 -------- d-----w- c:\windows\PCHEALTH
2013-05-10 11:29:32 74520 ----a-w- c:\program files\common files\windows live\.cache\a49832d51ce4d71\DSETUP.dll
2013-05-10 11:29:32 484632 ----a-w- c:\program files\common files\windows live\.cache\a49832d51ce4d71\DXSETUP.exe
2013-05-10 11:29:32 1670936 ----a-w- c:\program files\common files\windows live\.cache\a49832d51ce4d71\dsetup32.dll
2013-05-10 11:29:16 141402440 ----a-w- c:\program files\common files\windows live\.cache\wlc16AB.tmp
2013-05-10 11:29:10 -------- d-----w- c:\program files\common files\Windows Live
2013-05-10 11:28:46 537248 ----a-w- c:\program files\online services\omnifone\MusicStation.exe
2013-05-10 11:26:14 -------- d-----w- c:\programdata\WildTangent
2013-05-10 11:26:14 -------- d-----w- c:\program files\HP Games
2013-05-10 11:26:13 -------- d-----r- c:\program files\Online Services
2013-05-10 11:21:57 753664 ----a-w- c:\program files\common files\installshield\professional\runtime\11\00\intel32\iKernel.dll
2013-05-10 11:21:57 69714 ----a-w- c:\program files\common files\installshield\professional\runtime\11\00\intel32\ctor.dll
2013-05-10 11:21:57 5632 ----a-w- c:\program files\common files\installshield\professional\runtime\11\00\intel32\DotNetInstaller.exe
2013-05-10 11:21:57 331908 ----a-w- c:\program files\common files\installshield\professional\runtime\11\00\intel32\setup.dll
2013-05-10 11:21:57 274432 ----a-w- c:\program files\common files\installshield\professional\runtime\11\00\intel32\iscript.dll
2013-05-10 11:21:57 200836 ----a-w- c:\program files\common files\installshield\professional\runtime\11\00\intel32\iGdi.dll
2013-05-10 11:21:57 184320 ----a-w- c:\program files\common files\installshield\professional\runtime\11\00\intel32\iuser.dll
2013-05-10 11:16:59 -------- d-----w- c:\programdata\PC-Doctor for Windows
2013-05-10 11:16:47 -------- d-----w- c:\program files\PC-Doctor for Windows
2013-05-10 11:14:51 -------- d---a-w- c:\program files\common files\LS Getting Started
2013-05-10 11:08:01 -------- d-----w- c:\program files\PlayReady
2013-05-10 11:06:40 831488 ----a-w- c:\windows\RtlExUpd.dll
2013-05-10 11:06:40 757760 ----a-w- c:\program files\common files\installshield\professional\runtime\11\50\intel32\iKernel.dll
2013-05-10 11:06:40 69715 ----a-w- c:\program files\common files\installshield\professional\runtime\11\50\intel32\ctor.dll
2013-05-10 11:06:40 5632 ----a-w- c:\program files\common files\installshield\professional\runtime\11\50\intel32\DotNetInstaller.exe
2013-05-10 11:06:40 32768 ----a-w- c:\program files\common files\installshield\professional\runtime\Objectps.dll
2013-05-10 11:06:40 274432 ----a-w- c:\program files\common files\installshield\professional\runtime\11\50\intel32\iscript.dll
2013-05-10 11:06:40 204800 ----a-w- c:\program files\common files\installshield\professional\runtime\11\50\intel32\iuser.dll
2013-05-10 11:06:40 -------- d--h--w- c:\program files\Temp
2013-05-10 11:06:39 331908 ----a-w- c:\program files\common files\installshield\professional\runtime\11\50\intel32\setup.dll
2013-05-10 11:06:39 200836 ----a-w- c:\program files\common files\installshield\professional\runtime\11\50\intel32\iGdi.dll
2013-05-10 11:05:48 -------- d-----w- c:\windows\system32\wbem\Performance
2013-05-10 11:05:37 -------- d-----w- c:\windows\system32\AGEIA
2013-05-10 11:05:34 -------- d-----w- c:\program files\common files\Wise Installation Wizard
2013-05-10 11:04:14 -------- dc-h--w- c:\programdata\{D441869F-BEC4-446D-9888-C5CA29F160F9}
2013-05-10 11:02:36 -------- d-----w- c:\program files\hp
2013-05-10 11:01:38 253952 ----a-w- c:\windows\system32\cPC_DMIRD.dll
2013-05-10 10:59:58 -------- d-sh--w- c:\windows\Installer
2013-05-10 10:56:38 584296 ----a-w- c:\windows\system32\nvuninst.exe
2013-05-10 10:56:03 -------- d-----w- c:\program files\Realtek
2013-05-10 10:56:02 -------- d-----w- c:\windows\system32\RTCOM
.
==================== Find3M ====================
.
2013-04-25 15:00:16 5041848 ----a-w- c:\users\sai sgk\appdata\roaming\idman615f.exe
2013-04-12 13:58:11 1210728 ----a-w- c:\windows\system32\drivers\ntfs.sys
2013-03-28 21:23:48 208184 ----a-w- c:\windows\system32\drivers\avgidsdriverx.sys
2013-03-20 21:38:24 182072 ----a-w- c:\windows\system32\drivers\avgtdix.sys
2013-03-19 05:06:09 3958120 ----a-w- c:\windows\system32\ntkrnlpa.exe
2013-03-19 05:06:09 3902312 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-03-19 04:54:22 38912 ----a-w- c:\windows\system32\csrsrv.dll
2013-03-19 02:50:03 69632 ----a-w- c:\windows\system32\smss.exe
.
============= FINISH: 18:55:40.49 ===============