WHUFC11
Posts: 7 +0
I'm having the same problems as jrexha. I have AVG and active and it still seems to have picked up this virus. I have run malwarebytes and its not detecting anything. Every time I open an application the AVG threat comes up, my music player will not work, there is no volume when I try to view something of an interview page. Its driving me mad,
I have windows 8.
I ran those two programs suggested and the following has come up:
I'm hoping someone can help!
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 8 Pro
Boot Device: \Device\HarddiskVolume1
Install Date: 02/12/2012 15:59:47
System Uptime: 02/02/2013 21:23:56 (1 hours ago)
.
Motherboard: ASUSTeK COMPUTER INC. | | P8H61-M LX R2.0
Processor: Intel(R) Core(TM) i5-2320 CPU @ 3.00GHz | LGA1155 | 1600/100mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 931 GiB total, 363.762 GiB free.
D: is Removable
E: is Removable
F: is Removable
G: is Removable
H: is CDROM ()
I: is FIXED (NTFS) - 932 GiB total, 11.884 GiB free.
K: is FIXED (NTFS) - 233 GiB total, 48.307 GiB free.
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP21: 01/02/2013 19:17:40 - Scheduled Checkpoint
.
==== Installed Programs ======================
.
64 Bit HP CIO Components Installer
7500_7600_7700_Help1
Apple Application Support
Apple Software Update
AVG 8.5
Bing Bar
BitTorrent
BitTorrentControl_v12 Toolbar
bpd_scan_Carrier
BPDSoftware
BPDSoftware_Ini
BufferChm
Claro Chrome Toolbar
Claro LTD toolbar
ComicRack v0.9.156
Destinations
DeviceDiscovery
DocProc
Dragon NaturallySpeaking 11
Dropbox
Fax
File Splitter and Joiner (FFSJ v3.3)
FinalBurner Free v2.13.0.164
FirstRowSportApp
Free Easy Burner V 5.1
GPBaseService2
HP Customer Participation Program 14.0
HP Imaging Device Functions 14.0
HP OfficeJet L7300/L7500/7600/7700
HP Solution Center 14.0
HP Update
HPProductAssistant
HPSSupply
Intel(R) Processor Graphics
L7500
Malwarebytes Anti-Malware version 1.70.0.1100
MarketResearch
MediaMonkey 3.0
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office Office 64-bit Components 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared 64-bit MUI (English) 2007
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
MPM
Nero 7 Demo
Network64
OCR Software by I.R.I.S. 14.0
Picasa 3
PIXresizer 2.0.4
ProductContext
QuickTime
Republic: The Revolution
Scan
Shop for HP Supplies
SolutionCenter
Status
SUPERAntiSpyware
SweetIM for Messenger 3.7
SweetPacks bundle uninstaller
Toolbox
TrayApp
Update Manager for SweetPacks 1.1
Visual C++ 8.0 Runtime Setup Package (x64)
Visual C++ 9.0 Runtime for Dragon NaturallySpeaking 64bit (x64)
Visual Studio 2010 x64 Redistributables
VLC media player 2.0.0
WebReg
Yontoo 1.10.03
.
==== Event Viewer Messages From Past Week ========
.
30/01/2013 17:10:35, Error: Ntfs [55] - A corruption was discovered in the file system structure on volume C:. The Master File Table (MFT) contains a corrupted file record. The file reference number is 0x300000001cbe7. The name of the file is "\Users\Jaimin Nish\AppData\Local\Microsoft\Windows\UsrClass.dat.LOG1".
30/01/2013 17:09:31, Error: Microsoft-Windows-DistributedCOM [10016] - The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID {7022A3B3-D004-4F52-AF11-E9E987FEE25F} and APPID {ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D} to the user Owner\Jaimin Nish SID (S-1-5-21-2207316919-3133285856-867259410-1002) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
30/01/2013 16:23:35, Error: Microsoft-Windows-DistributedCOM [10016] - The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID {7022A3B3-D004-4F52-AF11-E9E987FEE25F} and APPID {ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D} to the user Owner\Nyah Nish SID (S-1-5-21-2207316919-3133285856-867259410-1003) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
30/01/2013 16:22:10, Error: Ntfs [55] - A corruption was discovered in the file system structure on volume C:. The Master File Table (MFT) contains a corrupted file record. The file reference number is 0x200000001d2df. The name of the file is "\Users\Nyah Nish\AppData\Local\Microsoft\Windows\UsrClass.dat.LOG1".
26/01/2013 00:07:27, Error: volsnap [36] - The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.
02/02/2013 21:37:00, Error: Ntfs [55] - A corruption was discovered in the file system structure on volume C:. The Master File Table (MFT) contains a corrupted file record. The file reference number is 0x1000000008712. The name of the file is "\Windows\AppCompat\Programs\Amcache.hve.LOG1".
02/02/2013 21:36:49, Error: Microsoft-Windows-DistributedCOM [10016] - The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID {7022A3B3-D004-4F52-AF11-E9E987FEE25F} and APPID {ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D} to the user Owner\User SID (S-1-5-21-2207316919-3133285856-867259410-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
02/02/2013 21:25:17, Error: Ntfs [55] - A corruption was discovered in the file system structure on volume C:. The Master File Table (MFT) contains a corrupted file record. The file reference number is 0x3000000013d0e. The name of the file is "\ProgramData\avg8\Log\avgui.log".
02/02/2013 21:24:34, Error: Ntfs [55] - A corruption was discovered in the file system structure on volume C:. The Master File Table (MFT) contains a corrupted file record. The file reference number is 0xbc00000001687c. The name of the file is "\ProgramData\avg8\Log\commonpriv.log".
02/02/2013 21:24:34, Error: Ntfs [55] - A corruption was discovered in the file system structure on volume C:. The Master File Table (MFT) contains a corrupted file record. The file reference number is 0x100000000caab. The name of the file is "\Windows\System32\LogFiles\WMI\RtBackup\EtwRTDiagLog.etl".
02/02/2013 21:24:16, Error: Service Control Manager [7000] - The Browser Manager service failed to start due to the following error: The system cannot find the file specified.
02/02/2013 16:44:32, Error: Ntfs [55] - A corruption was discovered in the file system structure on volume C:. The Master File Table (MFT) contains a corrupted file record. The file reference number is 0xd00000002ca33. The name of the file is "\Users\Nyah Nish\AppData\Local\Microsoft\Internet Explorer\Recovery\Active\RecoveryStore.{8E8D97D5-5E66-11E2-BE92-10BF487F6D7E}.dat".
02/02/2013 16:44:32, Error: Ntfs [55] - A corruption was discovered in the file system structure on volume C:. The Master File Table (MFT) contains a corrupted file record. The file reference number is 0x700000002ca0f. The name of the file is "\Users\Nyah Nish\AppData\Local\Microsoft\Internet Explorer\Recovery\Active\RecoveryStore.{8E8DBEE5-5E66-11E2-BE92-10BF487F6D7E}.dat".
02/02/2013 16:44:32, Error: Ntfs [55] - A corruption was discovered in the file system structure on volume C:. The Master File Table (MFT) contains a corrupted file record. The file reference number is 0x400000002cac9. The name of the file is "\Users\Nyah Nish\AppData\Local\Microsoft\Internet Explorer\Recovery\Active\RecoveryStore.{8E8D70C5-5E66-11E2-BE92-10BF487F6D7E}.dat".
02/02/2013 16:44:32, Error: Ntfs [55] - A corruption was discovered in the file system structure on volume C:. The Master File Table (MFT) contains a corrupted file record. The file reference number is 0x400000002cac0. The name of the file is "\Users\Nyah Nish\AppData\Local\Microsoft\Internet Explorer\Recovery\Active\RecoveryStore.{8E8DE5F5-5E66-11E2-BE92-10BF487F6D7E}.dat".
02/02/2013 16:44:32, Error: Ntfs [55] - A corruption was discovered in the file system structure on volume C:. The Master File Table (MFT) contains a corrupted file record. The file reference number is 0x1400000002ca17. The name of the file is "\Users\Nyah Nish\AppData\Local\Microsoft\Internet Explorer\Recovery\Active\RecoveryStore.{8E8E0D05-5E66-11E2-BE92-10BF487F6D7E}.dat".
02/02/2013 12:12:55, Error: Microsoft-Windows-Kernel-Power [137] - The system firmware has changed the processor's memory type range registers (MTRRs) across a sleep state transition (S4). This can result in reduced resume performance.
01/02/2013 19:18:15, Error: Ntfs [55] - A corruption was discovered in the file system structure on volume ??. The Master File Table (MFT) contains a corrupted file record. The file reference number is 0x1000000008712. The name of the file is "\Windows\AppCompat\Programs\Amcache.hve.LOG1".
.
==== End Of File ===========================
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 10.0.9200.16453
Run by User at 22:02:50 on 2013-02-02
Microsoft Windows 8 Pro 6.2.9200.0.1252.44.2057.18.7887.6136 [GMT 0:00]
.
AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: AVG Internet Security *Enabled/Updated* {0C939084-9E57-CBDB-EA61-0B0C7F62AF82}
SP: AVG Internet Security *Enabled/Updated* {B7F27160-B86D-C455-D0D1-307E04E5E53F}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: AVG Firewall *Enabled* {34A811A1-D438-CA83-C13E-A23981B1E8F9}
.
============== Running Processes ===============
.
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
C:\PROGRA~2\AVG\AVG8\avgwdsvc.exe
C:\PROGRA~2\AVG\AVG8\avgfws8.exe
C:\Program Files (x86)\Common Files\Nuance\dgnsvc.exe
C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\PROGRA~2\AVG\AVG8\avgam.exe
C:\PROGRA~2\AVG\AVG8\avgrsa.exe
C:\PROGRA~2\AVG\AVG8\avgnsa.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k HPService
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\System32\WUDFHost.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\dwm.exe
C:\Windows\system32\taskhostex.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\SeaPort.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Windows\System32\igfxtray.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe
C:\Users\User\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\AVG\AVG8\avgtray.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Users\User\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\V5J1QVGB\SparkTrust PC Cleaner Plus Setup.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.bbc.co.uk/news/
uSearch Bar = hxxp://www.google.com/ie
uSearch Page = hxxp://www.google.com
uDefault_Search_URL = hxxp://www.google.com/ie
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
uURLSearchHooks: BitTorrentControl_v12 Toolbar: {b6ac5e3c-5ceb-4e72-b451-f0e1ba983c14} - C:\Program Files (x86)\BitTorrentControl_v12\prxtbBitT.dll
mWinlogon: Userinit = userinit.exe
BHO: Claro LTD Helper Object: {000F18F2-09EB-4A59-82B2-5AE4184C39C3} - C:\Program Files (x86)\Claro LTD\claro\1.8.3.10\bh\claro.dll
BHO: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG8\avgssie.dll
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
BHO: BitTorrentControl_v12 Toolbar: {b6ac5e3c-5ceb-4e72-b451-f0e1ba983c14} - C:\Program Files (x86)\BitTorrentControl_v12\prxtbBitT.dll
BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\BingExt.dll
TB: BitTorrentControl_v12 Toolbar: {B6AC5E3C-5CEB-4E72-B451-F0E1BA983C14} - C:\Program Files (x86)\BitTorrentControl_v12\prxtbBitT.dll
TB: Claro LTD Toolbar: {9E131A93-EED7-4BEB-B015-A0ADB30B5646} - C:\Program Files (x86)\Claro LTD\claro\1.8.3.10\claroTlbr.dll
TB: BitTorrentControl_v12 Toolbar: {b6ac5e3c-5ceb-4e72-b451-f0e1ba983c14} - C:\Program Files (x86)\BitTorrentControl_v12\prxtbBitT.dll
TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} -
uRun: [ISUSPM] C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe -scheduler
uRun: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
mRun: [SweetIM] C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe
mRun: [Sweetpacks Communicator] C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
mRun: [NeroFilterCheck] C:\Windows\SysWOW64\NeroCheck.exe
mRun: [AVG8_TRAY] C:\PROGRA~2\AVG\AVG8\avgtray.exe
mRun: [DNS7reminder] "C:\Program Files (x86)\Nuance\NaturallySpeaking11\Ereg\Ereg.exe" -r "C:\ProgramData\Nuance\NaturallySpeaking11\Ereg.ini
mRun: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
StartupFolder: C:\Users\User\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\User\AppData\Roaming\Dropbox\bin\Dropbox.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\StartUp\HPDIGI~1.LNK - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
IE: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
DPF: {1ABA5FAC-1417-422B-BA82-45C35E2C908B} - hxxp://kitchenplanner.ikea.com/gb/Core/Player/2020PlayerAX_IKEA_Win32.cab
DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} - hxxps://eversheds.webex.com/client/WBXclient-T27L10NSP32EP5-14362/webex/ieatgpc.cab
TCP: NameServer = 194.168.4.100 194.168.8.100
TCP: Interfaces\{3948E1EF-EFA6-4B62-B1C2-AB6F3DDA463B} : DHCPNameServer = 194.168.4.100 194.168.8.100
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG8\avgpp.dll
SSODL: WebCheck - <orphaned>
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
x64-Run: [IgfxTray] C:\Windows\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe
x64-Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - <orphaned>
x64-Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
.
============= SERVICES / DRIVERS ===============
.
R0 AvgRkx64;avgrkx64.sys;C:\Windows\System32\Drivers\avgrkx64.sys [2013-1-1 14856]
R1 Avgfwfd;AVG network filter service;C:\Windows\System32\Drivers\avgfwd6a.sys [2013-1-1 29464]
R1 AvgLdx64;AVG AVI Loader Driver x64;C:\Windows\System32\Drivers\avgldx64.sys [2013-1-1 427016]
R1 AvgMfx64;AVG On-access Scanner Minifilter Driver x64;C:\Windows\System32\Drivers\avgmfx64.sys [2013-1-1 33416]
R1 AvgTdiA;AVG8 Network Redirector x64;C:\Windows\System32\Drivers\avgtdia.sys [2013-1-1 133640]
R1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2011-7-22 14928]
R1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2011-7-12 12368]
R2 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCore64.exe [2012-7-11 140672]
R2 avg8wd;AVG8 WatchDog;C:\PROGRA~2\AVG\AVG8\avgwdsvc.exe [2013-1-1 297752]
R2 avgfws8;AVG8 Firewall;C:\PROGRA~2\AVG\AVG8\avgfws8.exe [2013-1-1 1370488]
R2 DragonSvc;Dragon Service;C:\Program Files (x86)\Common Files\Nuance\dgnsvc.exe [2010-7-23 296808]
R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-12-25 398184]
R3 BBUpdate;BBUpdate;C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\SeaPort.EXE [2012-1-25 240408]
R3 MBAMProtector;MBAMProtector;C:\Windows\System32\Drivers\mbam.sys [2012-12-25 24176]
R3 RTL8168;Realtek 8168 NT Driver;C:\Windows\System32\Drivers\Rt630x64.sys [2012-6-2 589824]
R3 WUDFWpdMtp;WUDFWpdMtp;C:\Windows\System32\Drivers\WUDFRd.sys [2012-7-26 198656]
S2 BBSvc;BingBar Service;C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\BBSvc.EXE [2012-1-25 192792]
S2 Browser Manager;Browser Manager;C:\ProgramData\Browser Manager\2.5.976.107\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\mngr.exe --> C:\ProgramData\Browser Manager\2.5.976.107\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\mngr.exe [?]
S2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-12-25 682344]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);C:\Windows\System32\Drivers\ssudbus.sys [2012-9-19 102368]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);C:\Windows\System32\Drivers\ssudmdm.sys [2012-9-19 203104]
S3 vmbusr;Virtual Machine Bus Provider;C:\Windows\System32\Drivers\vmbusr.sys [2012-7-26 117248]
S3 WDC_SAM;WD SCSI Pass Thru driver;C:\Windows\System32\Drivers\wdcsam64.sys [2008-5-6 14464]
.
=============== Created Last 30 ================
.
2013-02-02 19:48:17 -------- d-----w- C:\ProgramData\Doctor Web
2013-02-02 19:10:48 -------- d-----w- C:\Users\User\AppData\Roaming\SUPERAntiSpyware.com
2013-02-02 19:10:30 -------- d-----w- C:\ProgramData\SUPERAntiSpyware.com
2013-02-02 19:10:30 -------- d-----w- C:\Program Files\SUPERAntiSpyware
2013-01-29 22:22:59 210624 ----a-w- C:\ProgramData\Microsoft\Windows\Sqm\Manifest\Sqm10191.bin
2013-01-20 23:20:27 -------- d-----w- C:\ProgramData\WEBREG
2013-01-20 23:16:06 -------- d-----w- C:\Users\User\AppData\Local\HP
2013-01-20 23:15:02 224768 ----a-w- C:\Windows\System32\Spool\prtprocs\x64\hpzpp58a.dll
2013-01-20 23:15:00 -------- d-----w- C:\Windows\LastGood.Tmp
2013-01-20 23:12:04 -------- d-----w- C:\Program Files (x86)\Microsoft
2013-01-20 23:11:46 -------- d-----w- C:\Users\User\AppData\Roaming\HpUpdate
2013-01-20 23:10:29 -------- d-----w- C:\Windows\SysWow64\spool
2013-01-20 23:09:24 -------- d-----w- C:\Program Files (x86)\Common Files\HP
2013-01-20 23:09:23 -------- d-----w- C:\Program Files (x86)\Common Files\Hewlett-Packard
2013-01-20 23:08:09 131072 ----a-w- C:\Windows\System32\hpz3l58a.dll
2013-01-20 23:07:59 -------- d-----w- C:\Program Files (x86)\HP
2013-01-20 23:04:45 861184 ----a-w- C:\Windows\System32\hpwwiax2.dll
2013-01-20 23:04:45 540672 ----a-w- C:\Windows\System32\hppldcoi.dll
2013-01-20 23:04:45 488960 ----a-w- C:\Windows\System32\hpovst11.dll
2013-01-20 23:04:45 338944 ----a-w- C:\Windows\System32\hpzids40.dll
2013-01-20 23:04:45 1424896 ----a-w- C:\Windows\System32\hpwtiop2.dll
2013-01-16 16:13:39 -------- d-sh--w- C:\found.001
2013-01-15 16:21:38 80728 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2013-01-15 16:21:38 695640 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2013-01-14 21:54:59 955904 ----a-w- C:\Windows\System32\WebcamUi.dll
2013-01-14 21:53:16 2367528 ----a-w- C:\Windows\System32\WSService.dll
2013-01-14 21:53:15 13640704 ----a-w- C:\Windows\System32\Windows.UI.Xaml.dll
2013-01-14 21:53:09 3265256 ----a-w- C:\Windows\System32\drivers\evbda.sys
2013-01-14 21:53:06 10791936 ----a-w- C:\Windows\SysWow64\Windows.UI.Xaml.dll
2013-01-14 21:53:04 2397184 ----a-w- C:\Windows\System32\WpcMon.exe
2013-01-14 21:53:02 3847168 ----a-w- C:\Windows\System32\d2d1.dll
2013-01-14 21:53:01 3964416 ----a-w- C:\Windows\System32\WinSAT.exe
2013-01-14 21:51:44 76288 ----a-w- C:\Windows\System32\newdev.exe
2013-01-14 21:51:44 75264 ----a-w- C:\Windows\System32\ndadmin.exe
2013-01-14 21:51:44 74240 ----a-w- C:\Windows\SysWow64\newdev.exe
2013-01-14 21:51:44 73728 ----a-w- C:\Windows\SysWow64\ndadmin.exe
2013-01-14 21:51:44 301568 ----a-w- C:\Windows\System32\newdev.dll
2013-01-14 21:51:44 275968 ----a-w- C:\Windows\SysWow64\newdev.dll
2013-01-14 21:51:42 68608 ----a-w- C:\Windows\System32\wwanprotdim.dll
2013-01-14 21:51:42 446976 ----a-w- C:\Windows\System32\wwansvc.dll
2013-01-13 19:06:09 -------- d-----w- C:\Users\User\AppData\Roaming\FLEXnet
2013-01-13 19:06:08 -------- d-----w- C:\Users\User\AppData\Roaming\Nuance
2013-01-13 19:02:59 -------- d-----w- C:\Program Files (x86)\Common Files\IVA
2013-01-13 19:02:53 -------- d-----w- C:\Program Files (x86)\Common Files\Nuance
2013-01-13 19:02:03 -------- d-----w- C:\ProgramData\Nuance
2013-01-13 19:02:03 -------- d-----w- C:\Program Files (x86)\Nuance
2013-01-12 15:15:14 -------- d-----w- C:\Program Files (x86)\Gophoto.it
2013-01-12 15:14:58 -------- d-----w- C:\Program Files (x86)\FirstRowSportApp.com
.
==================== Find3M ====================
.
2013-01-01 17:44:53 427016 ----a-w- C:\Windows\System32\drivers\avgldx64.sys
2013-01-01 17:43:10 14856 ----a-w- C:\Windows\System32\drivers\avgrkx64.sys
2013-01-01 17:43:10 12464 ----a-w- C:\Windows\System32\avgrssta.dll
2013-01-01 17:43:09 133640 ----a-w- C:\Windows\System32\drivers\avgtdia.sys
2013-01-01 17:43:08 33416 ----a-w- C:\Windows\System32\drivers\avgmfx64.sys
2013-01-01 17:43:01 29464 ----a-w- C:\Windows\System32\drivers\avgfwd6a.sys
2013-01-01 12:16:57 794906 ----a-w- C:\Windows\unins000.exe
2012-12-16 08:28:20 46080 ----a-w- C:\Windows\System32\atmlib.dll
2012-12-16 08:20:01 35328 ----a-w- C:\Windows\SysWow64\atmlib.dll
2012-12-16 08:08:33 362496 ----a-w- C:\Windows\System32\atmfd.dll
2012-12-16 07:57:09 300032 ----a-w- C:\Windows\SysWow64\atmfd.dll
2012-12-14 16:49:28 24176 ----a-w- C:\Windows\System32\drivers\mbam.sys
2012-12-06 04:23:00 170496 ----a-w- C:\Windows\System32\TimeBrokerServer.dll
2012-12-06 04:22:59 178176 ----a-w- C:\Windows\System32\SystemEventsBrokerServer.dll
2012-12-04 04:21:42 368640 ----a-w- C:\Windows\System32\sppwinob.dll
2012-12-04 03:59:08 4055552 ----a-w- C:\Windows\System32\win32k.sys
2012-11-29 05:05:57 707584 ----a-w- C:\Windows\System32\AppXDeploymentExtensions.dll
2012-11-29 05:05:57 1131520 ----a-w- C:\Windows\System32\AppXDeploymentServer.dll
2012-11-28 04:21:17 44032 ----a-w- C:\Windows\SysWow64\UXInit.dll
2012-11-28 04:20:59 53760 ----a-w- C:\Windows\System32\UXInit.dll
2012-11-27 07:00:32 194280 ----a-w- C:\Windows\System32\drivers\sdbus.sys
2012-11-27 07:00:29 124648 ----a-w- C:\Windows\System32\drivers\dumpsd.sys
2012-11-27 06:59:13 329960 ----a-w- C:\Windows\System32\drivers\storport.sys
2012-11-27 06:39:46 1122768 ----a-w- C:\Windows\System32\Taskmgr.exe
2012-11-27 04:49:20 1027152 ----a-w- C:\Windows\SysWow64\Taskmgr.exe
2012-11-27 04:20:50 1048064 ----a-w- C:\Windows\SysWow64\mstsc.exe
2012-11-27 04:20:42 179200 ----a-w- C:\Windows\SysWow64\wpnapps.dll
2012-11-27 04:20:35 891904 ----a-w- C:\Windows\SysWow64\winmde.dll
2012-11-27 04:20:31 798208 ----a-w- C:\Windows\SysWow64\WebcamUi.dll
2012-11-27 04:20:29 46592 ----a-w- C:\Windows\SysWow64\vds_ps.dll
2012-11-27 04:20:28 560128 ----a-w- C:\Windows\SysWow64\UserLanguagesCpl.dll
2012-11-27 04:20:23 1217536 ----a-w- C:\Windows\SysWow64\storagewmi.dll
2012-11-27 04:20:15 680960 ----a-w- C:\Windows\System32\vds.exe
2012-11-27 04:20:07 702464 ----a-w- C:\Windows\SysWow64\nshwfp.dll
2012-11-27 04:20:07 1123840 ----a-w- C:\Windows\System32\mstsc.exe
2012-11-27 04:19:52 5088256 ----a-w- C:\Windows\SysWow64\mstscax.dll
2012-11-27 04:19:51 256000 ----a-w- C:\Windows\System32\WSDMon.dll
2012-11-27 04:19:50 244736 ----a-w- C:\Windows\System32\wpnapps.dll
2012-11-27 04:19:48 1096704 ----a-w- C:\Windows\System32\wmpmde.dll
2012-11-27 04:19:42 1145856 ----a-w- C:\Windows\System32\winmde.dll
2012-11-27 04:19:33 631808 ----a-w- C:\Windows\System32\UserLanguagesCpl.dll
2012-11-27 04:19:32 245248 ----a-w- C:\Windows\System32\usbmon.dll
2012-11-27 04:19:25 173568 ----a-w- C:\Windows\System32\storewuauth.dll
2012-11-27 04:19:25 1536512 ----a-w- C:\Windows\System32\storagewmi.dll
2012-11-27 04:19:22 245248 ----a-w- C:\Windows\SysWow64\FWPUCLNT.DLL
2012-11-27 04:19:09 3245568 ----a-w- C:\Windows\System32\rdpcorets.dll
2012-11-27 04:19:02 2033664 ----a-w- C:\Windows\SysWow64\authui.dll
2012-11-27 04:18:59 888832 ----a-w- C:\Windows\System32\nshwfp.dll
2012-11-27 04:18:39 5974528 ----a-w- C:\Windows\System32\mstscax.dll
2012-11-27 04:18:13 1071104 ----a-w- C:\Windows\System32\IKEEXT.DLL
2012-11-27 04:18:06 378880 ----a-w- C:\Windows\System32\FWPUCLNT.DLL
2012-11-27 04:17:32 718848 ----a-w- C:\Windows\System32\BFE.DLL
2012-11-27 04:17:31 2302464 ----a-w- C:\Windows\System32\authui.dll
2012-11-27 03:57:32 18432 ----a-w- C:\Windows\System32\drivers\BtaMPM.sys
2012-11-27 03:56:29 31104 ----a-w- C:\Windows\System32\drivers\BthAvrcpTg.sys
2012-11-27 03:55:44 29952 ----a-w- C:\Windows\System32\drivers\BthhfHid.sys
2012-11-26 04:21:18 71168 ----a-w- C:\Windows\SysWow64\ncryptsslp.dll
2012-11-26 04:20:09 86016 ----a-w- C:\Windows\System32\ncryptsslp.dll
2012-11-20 08:00:23 6971624 ----a-w- C:\Windows\System32\ntoskrnl.exe
2012-11-20 05:24:19 1164800 ----a-w- C:\Windows\SysWow64\Display.dll
2012-11-20 05:24:17 36352 ----a-w- C:\Windows\SysWow64\DevDispItemProvider.dll
2012-11-20 05:17:23 1184256 ----a-w- C:\Windows\System32\Display.dll
2012-11-20 05:17:20 49152 ----a-w- C:\Windows\System32\DevDispItemProvider.dll
2012-11-20 05:02:46 6656 ----a-w- C:\Windows\SysWow64\KBDKURD.DLL
2012-11-20 04:59:26 7168 ----a-w- C:\Windows\System32\KBDKURD.DLL
2012-11-20 04:56:27 27136 ----a-w- C:\Windows\System32\drivers\usbohci.sys
2012-11-20 04:56:11 83456 ----a-w- C:\Windows\System32\drivers\hidclass.sys
2012-11-20 04:54:31 39936 ----a-w- C:\Windows\System32\drivers\hidi2c.sys
2012-11-15 06:08:41 2706432 ----a-w- C:\Windows\System32\mshtml.tlb
2012-11-15 06:06:34 2706432 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2012-11-13 04:20:30 1120768 ----a-w- C:\Windows\System32\msctf.dll
2012-11-13 04:19:23 890880 ----a-w- C:\Windows\SysWow64\msctf.dll
2012-11-10 04:23:25 132608 ----a-w- C:\Windows\SysWow64\poqexec.exe
2012-11-10 04:23:18 148480 ----a-w- C:\Windows\System32\poqexec.exe
2012-11-10 04:22:40 122880 ----a-w- C:\Windows\System32\VmHostAI.dll
2012-11-10 04:22:35 144384 ----a-w- C:\Windows\System32\tssdisai.dll
2012-11-10 04:22:14 126976 ----a-w- C:\Windows\System32\RDWebAI.dll
2012-11-10 04:20:20 135680 ----a-w- C:\Windows\System32\appserverai.dll
2012-11-09 04:49:51 2048 ----a-w- C:\Windows\System32\tzres.dll
2012-11-09 04:03:48 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2012-11-08 04:25:36 523776 ----a-w- C:\Windows\SysWow64\WSShared.dll
2012-11-08 04:25:36 143872 ----a-w- C:\Windows\SysWow64\Windows.ApplicationModel.Store.dll
2012-11-08 04:25:36 124928 ----a-w- C:\Windows\SysWow64\Windows.ApplicationModel.Store.TestingFramework.dll
2012-11-08 04:25:35 1775104 ----a-w- C:\Windows\SysWow64\wininet.dll
2012-11-08 04:24:27 2881536 ----a-w- C:\Windows\SysWow64\jscript9.dll
2012-11-08 04:24:22 61440 ----a-w- C:\Windows\SysWow64\iesetup.dll
2012-11-08 04:24:22 109056 ----a-w- C:\Windows\SysWow64\iesysprep.dll
2012-11-08 04:24:19 75776 ----a-w- C:\Windows\SysWow64\fontsub.dll
2012-11-08 04:24:06 10752 ----a-w- C:\Windows\SysWow64\dciman32.dll
2012-11-08 04:22:21 641536 ----a-w- C:\Windows\System32\WSShared.dll
2012-11-08 04:22:20 198656 ----a-w- C:\Windows\System32\Windows.ApplicationModel.Store.dll
2012-11-08 04:22:20 163840 ----a-w- C:\Windows\System32\Windows.ApplicationModel.Store.TestingFramework.dll
2012-11-08 04:22:19 2246656 ----a-w- C:\Windows\System32\wininet.dll
2012-11-08 04:22:12 907776 ----a-w- C:\Windows\System32\uxtheme.dll
2012-11-08 04:21:00 3966464 ----a-w- C:\Windows\System32\jscript9.dll
2012-11-08 04:20:56 67072 ----a-w- C:\Windows\System32\iesetup.dll
2012-11-08 04:20:56 136704 ----a-w- C:\Windows\System32\iesysprep.dll
2012-11-08 04:20:50 96256 ----a-w- C:\Windows\System32\fontsub.dll
2012-11-08 04:20:37 14336 ----a-w- C:\Windows\System32\dciman32.dll
2012-11-08 04:02:16 3072 ----a-w- C:\Windows\System32\lpk.dll
.
============= FINISH: 22:03:18.95 ===============
jn
I have windows 8.
I ran those two programs suggested and the following has come up:
I'm hoping someone can help!
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 8 Pro
Boot Device: \Device\HarddiskVolume1
Install Date: 02/12/2012 15:59:47
System Uptime: 02/02/2013 21:23:56 (1 hours ago)
.
Motherboard: ASUSTeK COMPUTER INC. | | P8H61-M LX R2.0
Processor: Intel(R) Core(TM) i5-2320 CPU @ 3.00GHz | LGA1155 | 1600/100mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 931 GiB total, 363.762 GiB free.
D: is Removable
E: is Removable
F: is Removable
G: is Removable
H: is CDROM ()
I: is FIXED (NTFS) - 932 GiB total, 11.884 GiB free.
K: is FIXED (NTFS) - 233 GiB total, 48.307 GiB free.
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP21: 01/02/2013 19:17:40 - Scheduled Checkpoint
.
==== Installed Programs ======================
.
64 Bit HP CIO Components Installer
7500_7600_7700_Help1
Apple Application Support
Apple Software Update
AVG 8.5
Bing Bar
BitTorrent
BitTorrentControl_v12 Toolbar
bpd_scan_Carrier
BPDSoftware
BPDSoftware_Ini
BufferChm
Claro Chrome Toolbar
Claro LTD toolbar
ComicRack v0.9.156
Destinations
DeviceDiscovery
DocProc
Dragon NaturallySpeaking 11
Dropbox
Fax
File Splitter and Joiner (FFSJ v3.3)
FinalBurner Free v2.13.0.164
FirstRowSportApp
Free Easy Burner V 5.1
GPBaseService2
HP Customer Participation Program 14.0
HP Imaging Device Functions 14.0
HP OfficeJet L7300/L7500/7600/7700
HP Solution Center 14.0
HP Update
HPProductAssistant
HPSSupply
Intel(R) Processor Graphics
L7500
Malwarebytes Anti-Malware version 1.70.0.1100
MarketResearch
MediaMonkey 3.0
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office Office 64-bit Components 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared 64-bit MUI (English) 2007
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
MPM
Nero 7 Demo
Network64
OCR Software by I.R.I.S. 14.0
Picasa 3
PIXresizer 2.0.4
ProductContext
QuickTime
Republic: The Revolution
Scan
Shop for HP Supplies
SolutionCenter
Status
SUPERAntiSpyware
SweetIM for Messenger 3.7
SweetPacks bundle uninstaller
Toolbox
TrayApp
Update Manager for SweetPacks 1.1
Visual C++ 8.0 Runtime Setup Package (x64)
Visual C++ 9.0 Runtime for Dragon NaturallySpeaking 64bit (x64)
Visual Studio 2010 x64 Redistributables
VLC media player 2.0.0
WebReg
Yontoo 1.10.03
.
==== Event Viewer Messages From Past Week ========
.
30/01/2013 17:10:35, Error: Ntfs [55] - A corruption was discovered in the file system structure on volume C:. The Master File Table (MFT) contains a corrupted file record. The file reference number is 0x300000001cbe7. The name of the file is "\Users\Jaimin Nish\AppData\Local\Microsoft\Windows\UsrClass.dat.LOG1".
30/01/2013 17:09:31, Error: Microsoft-Windows-DistributedCOM [10016] - The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID {7022A3B3-D004-4F52-AF11-E9E987FEE25F} and APPID {ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D} to the user Owner\Jaimin Nish SID (S-1-5-21-2207316919-3133285856-867259410-1002) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
30/01/2013 16:23:35, Error: Microsoft-Windows-DistributedCOM [10016] - The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID {7022A3B3-D004-4F52-AF11-E9E987FEE25F} and APPID {ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D} to the user Owner\Nyah Nish SID (S-1-5-21-2207316919-3133285856-867259410-1003) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
30/01/2013 16:22:10, Error: Ntfs [55] - A corruption was discovered in the file system structure on volume C:. The Master File Table (MFT) contains a corrupted file record. The file reference number is 0x200000001d2df. The name of the file is "\Users\Nyah Nish\AppData\Local\Microsoft\Windows\UsrClass.dat.LOG1".
26/01/2013 00:07:27, Error: volsnap [36] - The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.
02/02/2013 21:37:00, Error: Ntfs [55] - A corruption was discovered in the file system structure on volume C:. The Master File Table (MFT) contains a corrupted file record. The file reference number is 0x1000000008712. The name of the file is "\Windows\AppCompat\Programs\Amcache.hve.LOG1".
02/02/2013 21:36:49, Error: Microsoft-Windows-DistributedCOM [10016] - The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID {7022A3B3-D004-4F52-AF11-E9E987FEE25F} and APPID {ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D} to the user Owner\User SID (S-1-5-21-2207316919-3133285856-867259410-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
02/02/2013 21:25:17, Error: Ntfs [55] - A corruption was discovered in the file system structure on volume C:. The Master File Table (MFT) contains a corrupted file record. The file reference number is 0x3000000013d0e. The name of the file is "\ProgramData\avg8\Log\avgui.log".
02/02/2013 21:24:34, Error: Ntfs [55] - A corruption was discovered in the file system structure on volume C:. The Master File Table (MFT) contains a corrupted file record. The file reference number is 0xbc00000001687c. The name of the file is "\ProgramData\avg8\Log\commonpriv.log".
02/02/2013 21:24:34, Error: Ntfs [55] - A corruption was discovered in the file system structure on volume C:. The Master File Table (MFT) contains a corrupted file record. The file reference number is 0x100000000caab. The name of the file is "\Windows\System32\LogFiles\WMI\RtBackup\EtwRTDiagLog.etl".
02/02/2013 21:24:16, Error: Service Control Manager [7000] - The Browser Manager service failed to start due to the following error: The system cannot find the file specified.
02/02/2013 16:44:32, Error: Ntfs [55] - A corruption was discovered in the file system structure on volume C:. The Master File Table (MFT) contains a corrupted file record. The file reference number is 0xd00000002ca33. The name of the file is "\Users\Nyah Nish\AppData\Local\Microsoft\Internet Explorer\Recovery\Active\RecoveryStore.{8E8D97D5-5E66-11E2-BE92-10BF487F6D7E}.dat".
02/02/2013 16:44:32, Error: Ntfs [55] - A corruption was discovered in the file system structure on volume C:. The Master File Table (MFT) contains a corrupted file record. The file reference number is 0x700000002ca0f. The name of the file is "\Users\Nyah Nish\AppData\Local\Microsoft\Internet Explorer\Recovery\Active\RecoveryStore.{8E8DBEE5-5E66-11E2-BE92-10BF487F6D7E}.dat".
02/02/2013 16:44:32, Error: Ntfs [55] - A corruption was discovered in the file system structure on volume C:. The Master File Table (MFT) contains a corrupted file record. The file reference number is 0x400000002cac9. The name of the file is "\Users\Nyah Nish\AppData\Local\Microsoft\Internet Explorer\Recovery\Active\RecoveryStore.{8E8D70C5-5E66-11E2-BE92-10BF487F6D7E}.dat".
02/02/2013 16:44:32, Error: Ntfs [55] - A corruption was discovered in the file system structure on volume C:. The Master File Table (MFT) contains a corrupted file record. The file reference number is 0x400000002cac0. The name of the file is "\Users\Nyah Nish\AppData\Local\Microsoft\Internet Explorer\Recovery\Active\RecoveryStore.{8E8DE5F5-5E66-11E2-BE92-10BF487F6D7E}.dat".
02/02/2013 16:44:32, Error: Ntfs [55] - A corruption was discovered in the file system structure on volume C:. The Master File Table (MFT) contains a corrupted file record. The file reference number is 0x1400000002ca17. The name of the file is "\Users\Nyah Nish\AppData\Local\Microsoft\Internet Explorer\Recovery\Active\RecoveryStore.{8E8E0D05-5E66-11E2-BE92-10BF487F6D7E}.dat".
02/02/2013 12:12:55, Error: Microsoft-Windows-Kernel-Power [137] - The system firmware has changed the processor's memory type range registers (MTRRs) across a sleep state transition (S4). This can result in reduced resume performance.
01/02/2013 19:18:15, Error: Ntfs [55] - A corruption was discovered in the file system structure on volume ??. The Master File Table (MFT) contains a corrupted file record. The file reference number is 0x1000000008712. The name of the file is "\Windows\AppCompat\Programs\Amcache.hve.LOG1".
.
==== End Of File ===========================
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 10.0.9200.16453
Run by User at 22:02:50 on 2013-02-02
Microsoft Windows 8 Pro 6.2.9200.0.1252.44.2057.18.7887.6136 [GMT 0:00]
.
AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: AVG Internet Security *Enabled/Updated* {0C939084-9E57-CBDB-EA61-0B0C7F62AF82}
SP: AVG Internet Security *Enabled/Updated* {B7F27160-B86D-C455-D0D1-307E04E5E53F}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: AVG Firewall *Enabled* {34A811A1-D438-CA83-C13E-A23981B1E8F9}
.
============== Running Processes ===============
.
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
C:\PROGRA~2\AVG\AVG8\avgwdsvc.exe
C:\PROGRA~2\AVG\AVG8\avgfws8.exe
C:\Program Files (x86)\Common Files\Nuance\dgnsvc.exe
C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\PROGRA~2\AVG\AVG8\avgam.exe
C:\PROGRA~2\AVG\AVG8\avgrsa.exe
C:\PROGRA~2\AVG\AVG8\avgnsa.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k HPService
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\System32\WUDFHost.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\dwm.exe
C:\Windows\system32\taskhostex.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\SeaPort.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Windows\System32\igfxtray.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe
C:\Users\User\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\AVG\AVG8\avgtray.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Users\User\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\V5J1QVGB\SparkTrust PC Cleaner Plus Setup.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.bbc.co.uk/news/
uSearch Bar = hxxp://www.google.com/ie
uSearch Page = hxxp://www.google.com
uDefault_Search_URL = hxxp://www.google.com/ie
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
uURLSearchHooks: BitTorrentControl_v12 Toolbar: {b6ac5e3c-5ceb-4e72-b451-f0e1ba983c14} - C:\Program Files (x86)\BitTorrentControl_v12\prxtbBitT.dll
mWinlogon: Userinit = userinit.exe
BHO: Claro LTD Helper Object: {000F18F2-09EB-4A59-82B2-5AE4184C39C3} - C:\Program Files (x86)\Claro LTD\claro\1.8.3.10\bh\claro.dll
BHO: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG8\avgssie.dll
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
BHO: BitTorrentControl_v12 Toolbar: {b6ac5e3c-5ceb-4e72-b451-f0e1ba983c14} - C:\Program Files (x86)\BitTorrentControl_v12\prxtbBitT.dll
BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\BingExt.dll
TB: BitTorrentControl_v12 Toolbar: {B6AC5E3C-5CEB-4E72-B451-F0E1BA983C14} - C:\Program Files (x86)\BitTorrentControl_v12\prxtbBitT.dll
TB: Claro LTD Toolbar: {9E131A93-EED7-4BEB-B015-A0ADB30B5646} - C:\Program Files (x86)\Claro LTD\claro\1.8.3.10\claroTlbr.dll
TB: BitTorrentControl_v12 Toolbar: {b6ac5e3c-5ceb-4e72-b451-f0e1ba983c14} - C:\Program Files (x86)\BitTorrentControl_v12\prxtbBitT.dll
TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} -
uRun: [ISUSPM] C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe -scheduler
uRun: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
mRun: [SweetIM] C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe
mRun: [Sweetpacks Communicator] C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
mRun: [NeroFilterCheck] C:\Windows\SysWOW64\NeroCheck.exe
mRun: [AVG8_TRAY] C:\PROGRA~2\AVG\AVG8\avgtray.exe
mRun: [DNS7reminder] "C:\Program Files (x86)\Nuance\NaturallySpeaking11\Ereg\Ereg.exe" -r "C:\ProgramData\Nuance\NaturallySpeaking11\Ereg.ini
mRun: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
StartupFolder: C:\Users\User\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\User\AppData\Roaming\Dropbox\bin\Dropbox.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\StartUp\HPDIGI~1.LNK - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
IE: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
DPF: {1ABA5FAC-1417-422B-BA82-45C35E2C908B} - hxxp://kitchenplanner.ikea.com/gb/Core/Player/2020PlayerAX_IKEA_Win32.cab
DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} - hxxps://eversheds.webex.com/client/WBXclient-T27L10NSP32EP5-14362/webex/ieatgpc.cab
TCP: NameServer = 194.168.4.100 194.168.8.100
TCP: Interfaces\{3948E1EF-EFA6-4B62-B1C2-AB6F3DDA463B} : DHCPNameServer = 194.168.4.100 194.168.8.100
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG8\avgpp.dll
SSODL: WebCheck - <orphaned>
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
x64-Run: [IgfxTray] C:\Windows\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe
x64-Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - <orphaned>
x64-Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
.
============= SERVICES / DRIVERS ===============
.
R0 AvgRkx64;avgrkx64.sys;C:\Windows\System32\Drivers\avgrkx64.sys [2013-1-1 14856]
R1 Avgfwfd;AVG network filter service;C:\Windows\System32\Drivers\avgfwd6a.sys [2013-1-1 29464]
R1 AvgLdx64;AVG AVI Loader Driver x64;C:\Windows\System32\Drivers\avgldx64.sys [2013-1-1 427016]
R1 AvgMfx64;AVG On-access Scanner Minifilter Driver x64;C:\Windows\System32\Drivers\avgmfx64.sys [2013-1-1 33416]
R1 AvgTdiA;AVG8 Network Redirector x64;C:\Windows\System32\Drivers\avgtdia.sys [2013-1-1 133640]
R1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2011-7-22 14928]
R1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2011-7-12 12368]
R2 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCore64.exe [2012-7-11 140672]
R2 avg8wd;AVG8 WatchDog;C:\PROGRA~2\AVG\AVG8\avgwdsvc.exe [2013-1-1 297752]
R2 avgfws8;AVG8 Firewall;C:\PROGRA~2\AVG\AVG8\avgfws8.exe [2013-1-1 1370488]
R2 DragonSvc;Dragon Service;C:\Program Files (x86)\Common Files\Nuance\dgnsvc.exe [2010-7-23 296808]
R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-12-25 398184]
R3 BBUpdate;BBUpdate;C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\SeaPort.EXE [2012-1-25 240408]
R3 MBAMProtector;MBAMProtector;C:\Windows\System32\Drivers\mbam.sys [2012-12-25 24176]
R3 RTL8168;Realtek 8168 NT Driver;C:\Windows\System32\Drivers\Rt630x64.sys [2012-6-2 589824]
R3 WUDFWpdMtp;WUDFWpdMtp;C:\Windows\System32\Drivers\WUDFRd.sys [2012-7-26 198656]
S2 BBSvc;BingBar Service;C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\BBSvc.EXE [2012-1-25 192792]
S2 Browser Manager;Browser Manager;C:\ProgramData\Browser Manager\2.5.976.107\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\mngr.exe --> C:\ProgramData\Browser Manager\2.5.976.107\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\mngr.exe [?]
S2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-12-25 682344]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);C:\Windows\System32\Drivers\ssudbus.sys [2012-9-19 102368]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);C:\Windows\System32\Drivers\ssudmdm.sys [2012-9-19 203104]
S3 vmbusr;Virtual Machine Bus Provider;C:\Windows\System32\Drivers\vmbusr.sys [2012-7-26 117248]
S3 WDC_SAM;WD SCSI Pass Thru driver;C:\Windows\System32\Drivers\wdcsam64.sys [2008-5-6 14464]
.
=============== Created Last 30 ================
.
2013-02-02 19:48:17 -------- d-----w- C:\ProgramData\Doctor Web
2013-02-02 19:10:48 -------- d-----w- C:\Users\User\AppData\Roaming\SUPERAntiSpyware.com
2013-02-02 19:10:30 -------- d-----w- C:\ProgramData\SUPERAntiSpyware.com
2013-02-02 19:10:30 -------- d-----w- C:\Program Files\SUPERAntiSpyware
2013-01-29 22:22:59 210624 ----a-w- C:\ProgramData\Microsoft\Windows\Sqm\Manifest\Sqm10191.bin
2013-01-20 23:20:27 -------- d-----w- C:\ProgramData\WEBREG
2013-01-20 23:16:06 -------- d-----w- C:\Users\User\AppData\Local\HP
2013-01-20 23:15:02 224768 ----a-w- C:\Windows\System32\Spool\prtprocs\x64\hpzpp58a.dll
2013-01-20 23:15:00 -------- d-----w- C:\Windows\LastGood.Tmp
2013-01-20 23:12:04 -------- d-----w- C:\Program Files (x86)\Microsoft
2013-01-20 23:11:46 -------- d-----w- C:\Users\User\AppData\Roaming\HpUpdate
2013-01-20 23:10:29 -------- d-----w- C:\Windows\SysWow64\spool
2013-01-20 23:09:24 -------- d-----w- C:\Program Files (x86)\Common Files\HP
2013-01-20 23:09:23 -------- d-----w- C:\Program Files (x86)\Common Files\Hewlett-Packard
2013-01-20 23:08:09 131072 ----a-w- C:\Windows\System32\hpz3l58a.dll
2013-01-20 23:07:59 -------- d-----w- C:\Program Files (x86)\HP
2013-01-20 23:04:45 861184 ----a-w- C:\Windows\System32\hpwwiax2.dll
2013-01-20 23:04:45 540672 ----a-w- C:\Windows\System32\hppldcoi.dll
2013-01-20 23:04:45 488960 ----a-w- C:\Windows\System32\hpovst11.dll
2013-01-20 23:04:45 338944 ----a-w- C:\Windows\System32\hpzids40.dll
2013-01-20 23:04:45 1424896 ----a-w- C:\Windows\System32\hpwtiop2.dll
2013-01-16 16:13:39 -------- d-sh--w- C:\found.001
2013-01-15 16:21:38 80728 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2013-01-15 16:21:38 695640 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2013-01-14 21:54:59 955904 ----a-w- C:\Windows\System32\WebcamUi.dll
2013-01-14 21:53:16 2367528 ----a-w- C:\Windows\System32\WSService.dll
2013-01-14 21:53:15 13640704 ----a-w- C:\Windows\System32\Windows.UI.Xaml.dll
2013-01-14 21:53:09 3265256 ----a-w- C:\Windows\System32\drivers\evbda.sys
2013-01-14 21:53:06 10791936 ----a-w- C:\Windows\SysWow64\Windows.UI.Xaml.dll
2013-01-14 21:53:04 2397184 ----a-w- C:\Windows\System32\WpcMon.exe
2013-01-14 21:53:02 3847168 ----a-w- C:\Windows\System32\d2d1.dll
2013-01-14 21:53:01 3964416 ----a-w- C:\Windows\System32\WinSAT.exe
2013-01-14 21:51:44 76288 ----a-w- C:\Windows\System32\newdev.exe
2013-01-14 21:51:44 75264 ----a-w- C:\Windows\System32\ndadmin.exe
2013-01-14 21:51:44 74240 ----a-w- C:\Windows\SysWow64\newdev.exe
2013-01-14 21:51:44 73728 ----a-w- C:\Windows\SysWow64\ndadmin.exe
2013-01-14 21:51:44 301568 ----a-w- C:\Windows\System32\newdev.dll
2013-01-14 21:51:44 275968 ----a-w- C:\Windows\SysWow64\newdev.dll
2013-01-14 21:51:42 68608 ----a-w- C:\Windows\System32\wwanprotdim.dll
2013-01-14 21:51:42 446976 ----a-w- C:\Windows\System32\wwansvc.dll
2013-01-13 19:06:09 -------- d-----w- C:\Users\User\AppData\Roaming\FLEXnet
2013-01-13 19:06:08 -------- d-----w- C:\Users\User\AppData\Roaming\Nuance
2013-01-13 19:02:59 -------- d-----w- C:\Program Files (x86)\Common Files\IVA
2013-01-13 19:02:53 -------- d-----w- C:\Program Files (x86)\Common Files\Nuance
2013-01-13 19:02:03 -------- d-----w- C:\ProgramData\Nuance
2013-01-13 19:02:03 -------- d-----w- C:\Program Files (x86)\Nuance
2013-01-12 15:15:14 -------- d-----w- C:\Program Files (x86)\Gophoto.it
2013-01-12 15:14:58 -------- d-----w- C:\Program Files (x86)\FirstRowSportApp.com
.
==================== Find3M ====================
.
2013-01-01 17:44:53 427016 ----a-w- C:\Windows\System32\drivers\avgldx64.sys
2013-01-01 17:43:10 14856 ----a-w- C:\Windows\System32\drivers\avgrkx64.sys
2013-01-01 17:43:10 12464 ----a-w- C:\Windows\System32\avgrssta.dll
2013-01-01 17:43:09 133640 ----a-w- C:\Windows\System32\drivers\avgtdia.sys
2013-01-01 17:43:08 33416 ----a-w- C:\Windows\System32\drivers\avgmfx64.sys
2013-01-01 17:43:01 29464 ----a-w- C:\Windows\System32\drivers\avgfwd6a.sys
2013-01-01 12:16:57 794906 ----a-w- C:\Windows\unins000.exe
2012-12-16 08:28:20 46080 ----a-w- C:\Windows\System32\atmlib.dll
2012-12-16 08:20:01 35328 ----a-w- C:\Windows\SysWow64\atmlib.dll
2012-12-16 08:08:33 362496 ----a-w- C:\Windows\System32\atmfd.dll
2012-12-16 07:57:09 300032 ----a-w- C:\Windows\SysWow64\atmfd.dll
2012-12-14 16:49:28 24176 ----a-w- C:\Windows\System32\drivers\mbam.sys
2012-12-06 04:23:00 170496 ----a-w- C:\Windows\System32\TimeBrokerServer.dll
2012-12-06 04:22:59 178176 ----a-w- C:\Windows\System32\SystemEventsBrokerServer.dll
2012-12-04 04:21:42 368640 ----a-w- C:\Windows\System32\sppwinob.dll
2012-12-04 03:59:08 4055552 ----a-w- C:\Windows\System32\win32k.sys
2012-11-29 05:05:57 707584 ----a-w- C:\Windows\System32\AppXDeploymentExtensions.dll
2012-11-29 05:05:57 1131520 ----a-w- C:\Windows\System32\AppXDeploymentServer.dll
2012-11-28 04:21:17 44032 ----a-w- C:\Windows\SysWow64\UXInit.dll
2012-11-28 04:20:59 53760 ----a-w- C:\Windows\System32\UXInit.dll
2012-11-27 07:00:32 194280 ----a-w- C:\Windows\System32\drivers\sdbus.sys
2012-11-27 07:00:29 124648 ----a-w- C:\Windows\System32\drivers\dumpsd.sys
2012-11-27 06:59:13 329960 ----a-w- C:\Windows\System32\drivers\storport.sys
2012-11-27 06:39:46 1122768 ----a-w- C:\Windows\System32\Taskmgr.exe
2012-11-27 04:49:20 1027152 ----a-w- C:\Windows\SysWow64\Taskmgr.exe
2012-11-27 04:20:50 1048064 ----a-w- C:\Windows\SysWow64\mstsc.exe
2012-11-27 04:20:42 179200 ----a-w- C:\Windows\SysWow64\wpnapps.dll
2012-11-27 04:20:35 891904 ----a-w- C:\Windows\SysWow64\winmde.dll
2012-11-27 04:20:31 798208 ----a-w- C:\Windows\SysWow64\WebcamUi.dll
2012-11-27 04:20:29 46592 ----a-w- C:\Windows\SysWow64\vds_ps.dll
2012-11-27 04:20:28 560128 ----a-w- C:\Windows\SysWow64\UserLanguagesCpl.dll
2012-11-27 04:20:23 1217536 ----a-w- C:\Windows\SysWow64\storagewmi.dll
2012-11-27 04:20:15 680960 ----a-w- C:\Windows\System32\vds.exe
2012-11-27 04:20:07 702464 ----a-w- C:\Windows\SysWow64\nshwfp.dll
2012-11-27 04:20:07 1123840 ----a-w- C:\Windows\System32\mstsc.exe
2012-11-27 04:19:52 5088256 ----a-w- C:\Windows\SysWow64\mstscax.dll
2012-11-27 04:19:51 256000 ----a-w- C:\Windows\System32\WSDMon.dll
2012-11-27 04:19:50 244736 ----a-w- C:\Windows\System32\wpnapps.dll
2012-11-27 04:19:48 1096704 ----a-w- C:\Windows\System32\wmpmde.dll
2012-11-27 04:19:42 1145856 ----a-w- C:\Windows\System32\winmde.dll
2012-11-27 04:19:33 631808 ----a-w- C:\Windows\System32\UserLanguagesCpl.dll
2012-11-27 04:19:32 245248 ----a-w- C:\Windows\System32\usbmon.dll
2012-11-27 04:19:25 173568 ----a-w- C:\Windows\System32\storewuauth.dll
2012-11-27 04:19:25 1536512 ----a-w- C:\Windows\System32\storagewmi.dll
2012-11-27 04:19:22 245248 ----a-w- C:\Windows\SysWow64\FWPUCLNT.DLL
2012-11-27 04:19:09 3245568 ----a-w- C:\Windows\System32\rdpcorets.dll
2012-11-27 04:19:02 2033664 ----a-w- C:\Windows\SysWow64\authui.dll
2012-11-27 04:18:59 888832 ----a-w- C:\Windows\System32\nshwfp.dll
2012-11-27 04:18:39 5974528 ----a-w- C:\Windows\System32\mstscax.dll
2012-11-27 04:18:13 1071104 ----a-w- C:\Windows\System32\IKEEXT.DLL
2012-11-27 04:18:06 378880 ----a-w- C:\Windows\System32\FWPUCLNT.DLL
2012-11-27 04:17:32 718848 ----a-w- C:\Windows\System32\BFE.DLL
2012-11-27 04:17:31 2302464 ----a-w- C:\Windows\System32\authui.dll
2012-11-27 03:57:32 18432 ----a-w- C:\Windows\System32\drivers\BtaMPM.sys
2012-11-27 03:56:29 31104 ----a-w- C:\Windows\System32\drivers\BthAvrcpTg.sys
2012-11-27 03:55:44 29952 ----a-w- C:\Windows\System32\drivers\BthhfHid.sys
2012-11-26 04:21:18 71168 ----a-w- C:\Windows\SysWow64\ncryptsslp.dll
2012-11-26 04:20:09 86016 ----a-w- C:\Windows\System32\ncryptsslp.dll
2012-11-20 08:00:23 6971624 ----a-w- C:\Windows\System32\ntoskrnl.exe
2012-11-20 05:24:19 1164800 ----a-w- C:\Windows\SysWow64\Display.dll
2012-11-20 05:24:17 36352 ----a-w- C:\Windows\SysWow64\DevDispItemProvider.dll
2012-11-20 05:17:23 1184256 ----a-w- C:\Windows\System32\Display.dll
2012-11-20 05:17:20 49152 ----a-w- C:\Windows\System32\DevDispItemProvider.dll
2012-11-20 05:02:46 6656 ----a-w- C:\Windows\SysWow64\KBDKURD.DLL
2012-11-20 04:59:26 7168 ----a-w- C:\Windows\System32\KBDKURD.DLL
2012-11-20 04:56:27 27136 ----a-w- C:\Windows\System32\drivers\usbohci.sys
2012-11-20 04:56:11 83456 ----a-w- C:\Windows\System32\drivers\hidclass.sys
2012-11-20 04:54:31 39936 ----a-w- C:\Windows\System32\drivers\hidi2c.sys
2012-11-15 06:08:41 2706432 ----a-w- C:\Windows\System32\mshtml.tlb
2012-11-15 06:06:34 2706432 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2012-11-13 04:20:30 1120768 ----a-w- C:\Windows\System32\msctf.dll
2012-11-13 04:19:23 890880 ----a-w- C:\Windows\SysWow64\msctf.dll
2012-11-10 04:23:25 132608 ----a-w- C:\Windows\SysWow64\poqexec.exe
2012-11-10 04:23:18 148480 ----a-w- C:\Windows\System32\poqexec.exe
2012-11-10 04:22:40 122880 ----a-w- C:\Windows\System32\VmHostAI.dll
2012-11-10 04:22:35 144384 ----a-w- C:\Windows\System32\tssdisai.dll
2012-11-10 04:22:14 126976 ----a-w- C:\Windows\System32\RDWebAI.dll
2012-11-10 04:20:20 135680 ----a-w- C:\Windows\System32\appserverai.dll
2012-11-09 04:49:51 2048 ----a-w- C:\Windows\System32\tzres.dll
2012-11-09 04:03:48 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2012-11-08 04:25:36 523776 ----a-w- C:\Windows\SysWow64\WSShared.dll
2012-11-08 04:25:36 143872 ----a-w- C:\Windows\SysWow64\Windows.ApplicationModel.Store.dll
2012-11-08 04:25:36 124928 ----a-w- C:\Windows\SysWow64\Windows.ApplicationModel.Store.TestingFramework.dll
2012-11-08 04:25:35 1775104 ----a-w- C:\Windows\SysWow64\wininet.dll
2012-11-08 04:24:27 2881536 ----a-w- C:\Windows\SysWow64\jscript9.dll
2012-11-08 04:24:22 61440 ----a-w- C:\Windows\SysWow64\iesetup.dll
2012-11-08 04:24:22 109056 ----a-w- C:\Windows\SysWow64\iesysprep.dll
2012-11-08 04:24:19 75776 ----a-w- C:\Windows\SysWow64\fontsub.dll
2012-11-08 04:24:06 10752 ----a-w- C:\Windows\SysWow64\dciman32.dll
2012-11-08 04:22:21 641536 ----a-w- C:\Windows\System32\WSShared.dll
2012-11-08 04:22:20 198656 ----a-w- C:\Windows\System32\Windows.ApplicationModel.Store.dll
2012-11-08 04:22:20 163840 ----a-w- C:\Windows\System32\Windows.ApplicationModel.Store.TestingFramework.dll
2012-11-08 04:22:19 2246656 ----a-w- C:\Windows\System32\wininet.dll
2012-11-08 04:22:12 907776 ----a-w- C:\Windows\System32\uxtheme.dll
2012-11-08 04:21:00 3966464 ----a-w- C:\Windows\System32\jscript9.dll
2012-11-08 04:20:56 67072 ----a-w- C:\Windows\System32\iesetup.dll
2012-11-08 04:20:56 136704 ----a-w- C:\Windows\System32\iesysprep.dll
2012-11-08 04:20:50 96256 ----a-w- C:\Windows\System32\fontsub.dll
2012-11-08 04:20:37 14336 ----a-w- C:\Windows\System32\dciman32.dll
2012-11-08 04:02:16 3072 ----a-w- C:\Windows\System32\lpk.dll
.
============= FINISH: 22:03:18.95 ===============
jn