Police Central e-crime Unit virus

Hi.

My brother was on his new computer playing on a game when a message randomly popped up on his screen saying that it was the Police Central e-crime Unit and his computer had been locked on the grounds that he'd broke some laws (some of which ridiculous) and needed to pay money to have the computer released, pretty obvious it's a scam/virus.

First thought was to try a system restore and roll back to a few days ago, however after restarting and logging on for the restore to take place I got an error saying that the system restore did not complete successfully, followed by the pop-up screen coming back on and locking the computer again.

Even though it seems to have locked the computer, it only appears to have done it on the one account so by using ctrl+alt+del you can still get into the guest or other administrator account and use it with out any problems, and it only comes on on the one account a few moments after logging in. I have pictures of the pop-up which locks the screen if needed.

I have access to the Windows Install Disc. Would be very grateful if someone could help me out.

Results of the DDS scan:

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 9.0.8112.16457 BrowserJavaVersion: 10.10.2
Run by Bradley at 9:52:47 on 2013-01-15
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.44.1033.18.8174.6040 [GMT 0:00]
.
AV: AVG Anti-Virus Free Edition 2013 *Enabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: AVG Anti-Virus Free Edition 2013 *Enabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
.
============== Running Processes ===============
.
C:\PROGRA~2\AVG\AVG2013\avgrsa.exe
C:\Program Files (x86)\AVG\AVG2013\avgcsrva.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe
C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Program Files (x86)\NETGEAR\WNDA3100v2\WifiSvc.exe
C:\Program Files (x86)\AVG\AVG2013\avgnsa.exe
C:\Program Files (x86)\AVG\AVG2013\avgemca.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\sppsvc.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\atieclxx.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files (x86)\McAfee Security Scan\3.0.285\SSScheduler.exe
C:\Program Files (x86)\NETGEAR\WNDA3100v2\WNDA3100v2.exe
C:\Program Files (x86)\AVG\AVG2013\avgui.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Ask.com\Updater\Updater.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Windows\system32\wuauclt.exe
C:\Windows\System32\WUDFHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\svchost.exe -k swprv
C:\Windows\SysWOW64\NOTEPAD.EXE
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
mWinlogon: Userinit = userinit.exe
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Ask Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
TB: Ask Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
mRun: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLY
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [ApnUpdater] "C:\Program Files (x86)\Ask.com\Updater\Updater.exe"
mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\MCAFEE~1.LNK - C:\Program Files (x86)\McAfee Security Scan\3.0.285\SSScheduler.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\NETGEA~1.LNK - C:\Program Files (x86)\NETGEAR\WNDA3100v2\WNDA3100v2.exe
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
TCP: NameServer = 192.168.1.254 192.168.1.254
TCP: Interfaces\{F2CE1336-E7D6-460A-BCED-878B94F7AA61} : DHCPNameServer = 192.168.1.254 192.168.1.254
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\24.0.1312.52\Installer\setup.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Bradley\AppData\Roaming\Mozilla\Firefox\Profiles\atg2t78n.default\
FF - prefs.js: browser.search.selectedEngine - Ask.com
FF - prefs.js: keyword.URL - hxxp://websearch.ask.com/redirect?client=ff&src=kw&tb=ORJ&o=100000027&locale=en_UK&apn_uid=9EBB0393-4F6C-498A-A538-878E2A6FAB6F&apn_ptnrs=%5EU3&apn_sauid=4EC73A7C-BD12-4C87-9825-3D8B6706491D&apn_dtid=%5EOSJ000%5EYY%5EGB&&q=
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_146.dll
FF - plugin: C:\Windows\SysWOW64\npDeployJava1.dll
FF - plugin: C:\Windows\SysWOW64\npmproxy.dll
.
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSHA;AVGIDSHA;C:\Windows\System32\drivers\avgidsha.sys [2012-10-15 63328]
R0 Avgloga;AVG Logging Driver;C:\Windows\System32\drivers\avgloga.sys [2012-9-21 225120]
R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\System32\drivers\avgmfx64.sys [2012-11-15 111968]
R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\System32\drivers\avgrkx64.sys [2012-9-14 40800]
R0 SCMNdisP;General NDIS Protocol Driver;C:\Windows\System32\drivers\SCMNdisP.sys [2012-12-24 25056]
R1 AppleCharger;AppleCharger;C:\Windows\System32\drivers\AppleCharger.sys [2012-12-22 21616]
R1 AVGIDSDriver;AVGIDSDriver;C:\Windows\System32\drivers\avgidsdrivera.sys [2012-10-22 154464]
R1 Avgldx64;AVG AVI Loader Driver;C:\Windows\System32\drivers\avgldx64.sys [2012-10-2 185696]
R1 Avgtdia;AVG TDI Driver;C:\Windows\System32\drivers\avgtdia.sys [2012-9-21 200032]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2012-9-28 239616]
R2 AMD FUEL Service;AMD FUEL Service;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2012-9-28 361984]
R2 AODDriver4.2;AODDriver4.2;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys [2012-4-9 57472]
R2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe [2012-11-15 5814904]
R2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe [2012-10-22 196664]
R2 WSWNDA3100v2;WSWNDA3100v2;C:\Program Files (x86)\NETGEAR\WNDA3100v2\WifiSvc.exe [2012-12-24 303360]
R3 amdiox64;AMD IO Driver;C:\Windows\System32\drivers\amdiox64.sys [2012-12-22 46136]
R3 BCMH43XX;Broadcom 802.11 USB Network Adapter Driver;C:\Windows\System32\drivers\bcmwlhigh664.sys [2012-12-24 1256192]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;C:\Windows\System32\drivers\L1C62x64.sys [2012-12-22 104560]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-11-9 160944]
S3 AppleChargerSrv;AppleChargerSrv;system32\AppleChargerSrv.exe --> system32\AppleChargerSrv.exe [?]
S3 McComponentHostService;McAfee Security Scan Component Host Service;C:\Program Files (x86)\McAfee Security Scan\3.0.285\McCHSvc.exe [2012-9-5 234776]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2012-12-25 1255736]
.
=============== Created Last 30 ================
.
2013-01-15 09:44:47 -------- d-----w- C:\Users\Bradley\AppData\Local\Mozilla
2013-01-14 22:13:58 82568 ----a-w- C:\ProgramData\ifgxpers.exe
2013-01-14 14:14:23 -------- d-----w- C:\Windows\PCHEALTH
2013-01-13 14:17:54 -------- d-----w- C:\Crash
2013-01-13 14:14:30 -------- d--h--w- C:\Windows\msdownld.tmp
2013-01-13 14:14:29 -------- d-----w- C:\Windows\SysWow64\directx
2013-01-13 10:50:26 -------- d-----w- C:\Program Files (x86)\Microsoft XNA
2013-01-11 18:06:20 2162 ----a-w- C:\Windows\SysWow64\ealregsnapshot1.reg
2013-01-11 17:49:14 -------- d-----w- C:\Program Files (x86)\LEGO Media
2013-01-11 17:48:59 306688 ----a-w- C:\Windows\IsUninst.exe
2013-01-11 17:38:55 -------- d-----w- C:\Program Files (x86)\EA GAMES
2013-01-10 15:31:28 -------- d-----w- C:\Program Files\Lexmark
2013-01-09 15:08:58 68608 ----a-w- C:\Windows\System32\taskhost.exe
2013-01-09 15:08:58 3149824 ----a-w- C:\Windows\System32\win32k.sys
2013-01-05 08:58:31 -------- d-----w- C:\Program Files (x86)\AMD AVT
2013-01-05 08:58:28 -------- d-----w- C:\Program Files (x86)\AMD APP
2013-01-05 08:54:46 -------- d-----w- C:\AMD
2012-12-29 09:24:47 -------- d-----w- C:\Program Files (x86)\Ask.com
2012-12-29 09:14:38 -------- d-----w- C:\ProgramData\Ask
2012-12-29 09:14:20 859072 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll
2012-12-29 09:14:20 779704 ----a-w- C:\Windows\SysWow64\deployJava1.dll
2012-12-29 09:14:11 95184 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2012-12-27 18:55:35 281288 ----a-w- C:\Windows\SysWow64\PnkBstrB.xtr
2012-12-27 02:23:48 281872 ----a-w- C:\Windows\SysWow64\PnkBstrB.ex0
2012-12-27 02:23:48 281288 ----a-w- C:\Windows\SysWow64\PnkBstrB.exe
2012-12-27 02:23:47 76888 ----a-w- C:\Windows\SysWow64\PnkBstrA.exe
2012-12-27 02:23:40 78680 ----a-w- C:\Windows\System32\XAPOFX1_4.dll
2012-12-27 02:23:40 74072 ----a-w- C:\Windows\SysWow64\XAPOFX1_4.dll
2012-12-27 02:23:40 530776 ----a-w- C:\Windows\System32\XAudio2_6.dll
2012-12-27 02:23:40 528216 ----a-w- C:\Windows\SysWow64\XAudio2_6.dll
2012-12-27 02:23:40 24920 ----a-w- C:\Windows\System32\X3DAudio1_7.dll
2012-12-27 02:23:40 238936 ----a-w- C:\Windows\SysWow64\xactengine3_6.dll
2012-12-27 02:23:40 22360 ----a-w- C:\Windows\SysWow64\X3DAudio1_7.dll
2012-12-27 02:23:40 176984 ----a-w- C:\Windows\System32\xactengine3_6.dll
2012-12-27 02:21:57 -------- d-----w- C:\Program Files (x86)\NVIDIA Corporation
2012-12-27 02:21:52 -------- d-----w- C:\Program Files (x86)\Common Files\Wise Installation Wizard
2012-12-26 12:10:20 902656 ----a-w- C:\Windows\System32\d2d1.dll
2012-12-26 12:10:20 739840 ----a-w- C:\Windows\SysWow64\d2d1.dll
2012-12-26 12:10:20 1139200 ----a-w- C:\Windows\System32\FntCache.dll
2012-12-25 21:36:27 9125352 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{29D4A10B-0247-4AFE-A7FB-688AE99F663E}\mpengine.dll
2012-12-25 20:23:56 -------- d-----w- C:\Program Files (x86)\Dotjosh Studios
2012-12-25 16:37:36 -------- d-----r- C:\Program Files (x86)\Skype
2012-12-25 16:24:56 4178264 ----a-w- C:\Windows\SysWow64\D3DX9_41.dll
2012-12-25 16:24:55 453456 ----a-w- C:\Windows\SysWow64\d3dx10_42.dll
2012-12-25 16:24:55 235344 ----a-w- C:\Windows\SysWow64\d3dx11_42.dll
2012-12-25 16:24:53 1974616 ----a-w- C:\Windows\SysWow64\D3DCompiler_42.dll
2012-12-25 16:24:53 1892184 ----a-w- C:\Windows\SysWow64\D3DX9_42.dll
2012-12-25 16:24:52 3495784 ----a-w- C:\Windows\SysWow64\d3dx9_33.dll
2012-12-25 16:09:47 9728 ----a-w- C:\Windows\System32\Wdfres.dll
2012-12-25 16:09:47 785512 ----a-w- C:\Windows\System32\drivers\Wdf01000.sys
2012-12-25 16:09:47 54376 ----a-w- C:\Windows\System32\drivers\WdfLdr.sys
2012-12-25 16:09:47 2560 ----a-w- C:\Windows\System32\drivers\en-US\wdf01000.sys.mui
2012-12-25 15:59:26 -------- d-----w- C:\Windows\SysWow64\URTTEMP
2012-12-25 15:58:26 -------- d-----w- C:\ProgramData\Turbine
2012-12-25 15:58:19 -------- d-----w- C:\ProgramData\HappyCloud
2012-12-25 15:58:12 294912 ----a-w- C:\Windows\System32\browserchoice.exe
2012-12-25 15:53:11 70656 ----a-w- C:\Windows\SysWow64\fontsub.dll
2012-12-25 15:53:11 46080 ----a-w- C:\Windows\System32\atmlib.dll
2012-12-25 15:53:11 367616 ----a-w- C:\Windows\System32\atmfd.dll
2012-12-25 15:53:11 34304 ----a-w- C:\Windows\SysWow64\atmlib.dll
2012-12-25 15:53:11 295424 ----a-w- C:\Windows\SysWow64\atmfd.dll
2012-12-25 15:53:11 100864 ----a-w- C:\Windows\System32\fontsub.dll
2012-12-25 15:52:52 87040 ----a-w- C:\Windows\System32\drivers\WUDFPf.sys
2012-12-25 15:52:52 84992 ----a-w- C:\Windows\System32\WUDFSvc.dll
2012-12-25 15:52:52 744448 ----a-w- C:\Windows\System32\WUDFx.dll
2012-12-25 15:52:52 45056 ----a-w- C:\Windows\System32\WUDFCoinstaller.dll
2012-12-25 15:52:52 229888 ----a-w- C:\Windows\System32\WUDFHost.exe
2012-12-25 15:52:52 198656 ----a-w- C:\Windows\System32\drivers\WUDFRd.sys
2012-12-25 15:52:52 194048 ----a-w- C:\Windows\System32\WUDFPlatform.dll
2012-12-25 15:51:24 81408 ----a-w- C:\Windows\System32\imagehlp.dll
2012-12-25 15:51:24 5120 ----a-w- C:\Windows\SysWow64\wmi.dll
2012-12-25 15:51:24 5120 ----a-w- C:\Windows\System32\wmi.dll
2012-12-25 15:51:24 23408 ----a-w- C:\Windows\System32\drivers\fs_rec.sys
2012-12-25 15:51:24 159232 ----a-w- C:\Windows\SysWow64\imagehlp.dll
2012-12-25 15:34:17 -------- d-----w- C:\ProgramData\McAfee Security Scan
2012-12-25 15:34:16 -------- d-----w- C:\Program Files (x86)\McAfee Security Scan
2012-12-25 13:13:16 -------- d-----w- C:\Program Files\Bohemia Interactive
2012-12-25 11:05:27 74248 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2012-12-25 11:05:27 697864 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2012-12-25 09:04:14 -------- d-----w- C:\Windows\SysWow64\Wat
2012-12-25 09:04:14 -------- d-----w- C:\Windows\System32\Wat
2012-12-24 20:50:10 -------- d-----w- C:\Program Files (x86)\Common Files\Steam
2012-12-24 20:50:09 -------- d-----w- C:\Program Files (x86)\Steam
2012-12-24 20:36:36 -------- d--h--w- C:\$AVG
2012-12-24 20:36:36 -------- d-----w- C:\ProgramData\AVG2013
2012-12-24 20:35:29 -------- d-----w- C:\Program Files (x86)\AVG
2012-12-24 20:23:39 -------- d--h--w- C:\ProgramData\Common Files
2012-12-24 20:23:39 -------- d-----w- C:\ProgramData\MFAData
2012-12-24 20:12:59 574464 ----a-w- C:\Windows\System32\d3d10level9.dll
2012-12-24 20:11:58 956928 ----a-w- C:\Windows\System32\localspl.dll
2012-12-24 20:09:51 96224 ----a-w- C:\Program Files (x86)\Mozilla Firefox\webapprt-stub.exe
2012-12-24 20:07:01 9125352 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll
2012-12-24 20:04:51 826880 ----a-w- C:\Windows\SysWow64\rdpcore.dll
2012-12-24 20:04:51 23552 ----a-w- C:\Windows\System32\drivers\tdtcp.sys
2012-12-24 20:04:51 1031680 ----a-w- C:\Windows\System32\rdpcore.dll
2012-12-24 20:01:37 2622464 ----a-w- C:\Windows\System32\wucltux.dll
2012-12-24 20:01:33 99840 ----a-w- C:\Windows\System32\wudriver.dll
2012-12-24 20:01:25 36864 ----a-w- C:\Windows\System32\wuapp.exe
2012-12-24 20:01:25 186752 ----a-w- C:\Windows\System32\wuwebv.dll
2012-12-24 19:55:27 95544 ----a-w- C:\Windows\System32\bcmwlcoi.dll
2012-12-24 19:55:27 3566592 ----a-w- C:\Windows\System32\bcmihvui64.dll
2012-12-24 19:55:27 1256192 ----a-w- C:\Windows\System32\drivers\bcmwlhigh664.sys
2012-12-24 19:55:26 3900928 ----a-w- C:\Windows\System32\bcmihvsrv64.dll
2012-12-24 19:55:26 1721576 ----a-w- C:\Windows\System32\WdfCoInstaller01009.dll
2012-12-24 19:55:23 96784 ----a-w- C:\Windows\SysWow64\Packet.dll
2012-12-24 19:55:23 53299 ----a-w- C:\Windows\SysWow64\pthreadVC.dll
2012-12-24 19:55:23 47632 ----a-w- C:\Windows\System32\drivers\npf.sys
2012-12-24 19:55:23 281104 ----a-w- C:\Windows\SysWow64\wpcap.dll
2012-12-24 19:55:23 25056 ----a-w- C:\Windows\System32\drivers\SCMNdisP.sys
2012-12-24 19:55:20 -------- d-----w- C:\Program Files (x86)\NETGEAR
2012-12-22 08:34:19 -------- d-----w- C:\Windows\Panther
2012-12-22 01:35:10 0 ----a-w- C:\Windows\ativpsrm.bin
2012-12-22 01:18:59 -------- d-----w- C:\Program Files\Common Files\ATI Technologies
2012-12-22 01:18:59 -------- d-----w- C:\Program Files (x86)\Common Files\ATI Technologies
2012-12-22 01:18:30 -------- d-----w- C:\ProgramData\AMD
2012-12-22 01:18:29 46136 ----a-w- C:\Windows\System32\drivers\amdiox64.sys
2012-12-22 01:18:19 442368 ----a-w- C:\Windows\System32\ATIDEMGX.dll
2012-12-22 01:17:54 -------- d-----w- C:\Program Files (x86)\ATI Technologies
2012-12-22 01:17:43 -------- d-sh--w- C:\Windows\Installer
2012-12-22 01:17:05 -------- d-----w- C:\Program Files\ATI Technologies
2012-12-22 01:17:04 -------- d-----w- C:\Program Files\ATI
2012-12-22 01:11:18 104560 ----a-w- C:\Windows\System32\drivers\L1C62x64.sys
2012-12-22 01:08:44 -------- d-----w- C:\Windows\SysWow64\RTCOM
2012-12-22 00:56:33 -------- d-sh--w- C:\Recovery
.
==================== Find3M ====================
.
2012-12-07 13:20:16 441856 ----a-w- C:\Windows\System32\Wpc.dll
2012-12-07 13:15:31 2746368 ----a-w- C:\Windows\System32\gameux.dll
2012-12-07 12:26:17 308736 ----a-w- C:\Windows\SysWow64\Wpc.dll
2012-12-07 12:20:43 2576384 ----a-w- C:\Windows\SysWow64\gameux.dll
2012-12-07 11:20:04 30720 ----a-w- C:\Windows\System32\usk.rs
2012-12-07 11:20:03 43520 ----a-w- C:\Windows\System32\csrr.rs
2012-12-07 11:20:03 23552 ----a-w- C:\Windows\System32\oflc.rs
2012-12-07 11:20:01 45568 ----a-w- C:\Windows\System32\oflc-nz.rs
2012-12-07 11:20:01 44544 ----a-w- C:\Windows\System32\pegibbfc.rs
2012-12-07 11:20:01 20480 ----a-w- C:\Windows\System32\pegi-fi.rs
2012-12-07 11:20:00 20480 ----a-w- C:\Windows\System32\pegi-pt.rs
2012-12-07 11:19:59 20480 ----a-w- C:\Windows\System32\pegi.rs
2012-12-07 11:19:58 46592 ----a-w- C:\Windows\System32\fpb.rs
2012-12-07 11:19:57 40960 ----a-w- C:\Windows\System32\cob-au.rs
2012-12-07 11:19:57 21504 ----a-w- C:\Windows\System32\grb.rs
2012-12-07 11:19:57 15360 ----a-w- C:\Windows\System32\djctq.rs
2012-12-07 11:19:56 55296 ----a-w- C:\Windows\System32\cero.rs
2012-12-07 11:19:55 51712 ----a-w- C:\Windows\System32\esrb.rs
2012-11-30 05:45:35 362496 ----a-w- C:\Windows\System32\wow64win.dll
2012-11-30 05:45:35 243200 ----a-w- C:\Windows\System32\wow64.dll
2012-11-30 05:45:35 13312 ----a-w- C:\Windows\System32\wow64cpu.dll
2012-11-30 05:45:14 215040 ----a-w- C:\Windows\System32\winsrv.dll
2012-11-30 05:43:12 16384 ----a-w- C:\Windows\System32\ntvdm64.dll
2012-11-30 05:41:07 424448 ----a-w- C:\Windows\System32\KernelBase.dll
2012-11-30 04:54:00 5120 ----a-w- C:\Windows\SysWow64\wow32.dll
2012-11-30 04:53:59 274944 ----a-w- C:\Windows\SysWow64\KernelBase.dll
2012-11-30 03:23:48 338432 ----a-w- C:\Windows\System32\conhost.exe
2012-11-30 02:44:06 25600 ----a-w- C:\Windows\SysWow64\setup16.exe
2012-11-30 02:44:04 7680 ----a-w- C:\Windows\SysWow64\instnm.exe
2012-11-30 02:44:04 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll
2012-11-30 02:44:03 2048 ----a-w- C:\Windows\SysWow64\user.exe
2012-11-30 02:38:59 6144 ---ha-w- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
2012-11-30 02:38:59 4608 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
2012-11-30 02:38:59 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
2012-11-30 02:38:59 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
2012-11-22 05:44:23 800768 ----a-w- C:\Windows\System32\usp10.dll
2012-11-22 04:45:03 626688 ----a-w- C:\Windows\SysWow64\usp10.dll
2012-11-20 05:48:49 307200 ----a-w- C:\Windows\System32\ncrypt.dll
2012-11-20 04:51:09 220160 ----a-w- C:\Windows\SysWow64\ncrypt.dll
2012-11-15 23:33:24 111968 ----a-w- C:\Windows\System32\drivers\avgmfx64.sys
2012-11-09 05:45:32 750592 ----a-w- C:\Windows\System32\win32spl.dll
2012-11-09 05:45:09 2048 ----a-w- C:\Windows\System32\tzres.dll
2012-11-09 04:43:04 492032 ----a-w- C:\Windows\SysWow64\win32spl.dll
2012-11-09 04:42:49 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2012-11-02 05:59:11 478208 ----a-w- C:\Windows\System32\dpnet.dll
2012-11-02 05:11:31 376832 ----a-w- C:\Windows\SysWow64\dpnet.dll
2012-11-01 05:43:42 2002432 ----a-w- C:\Windows\System32\msxml6.dll
2012-11-01 05:43:42 1882624 ----a-w- C:\Windows\System32\msxml3.dll
2012-11-01 04:47:54 1389568 ----a-w- C:\Windows\SysWow64\msxml6.dll
2012-11-01 04:47:54 1236992 ----a-w- C:\Windows\SysWow64\msxml3.dll
2012-10-22 13:02:44 154464 ----a-w- C:\Windows\System32\drivers\avgidsdrivera.sys
.
============= FINISH: 9:52:56.68 ===============

Attached Files

attach.zip (4.4 KB)