OTL logfile created on: 23-06-2009 17:12:57 - Run 1 OTL by OldTimer - Version 3.0.5.1 Folder = G:\ Windows Vista Home Basic Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation Internet Explorer (Version = 7.0.6001.18000) Locale: 00004009 | Country: India | Language: ENN | Date Format: dd-MM-yyyy 1.99 Gb Total Physical Memory | 1.32 Gb Available Physical Memory | 66.54% Memory free 4.00 Gb Paging File | 3.40 Gb Available in Paging File | 84.96% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 19.53 Gb Total Space | 2.55 Gb Free Space | 13.07% Space Free | Partition Type: NTFS Drive D: | 43.08 Gb Total Space | 22.21 Gb Free Space | 51.55% Space Free | Partition Type: NTFS E: Drive not present or media not loaded F: Drive not present or media not loaded Drive G: | 967.72 Mb Total Space | 960.92 Mb Free Space | 99.30% Space Free | Partition Type: FAT H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: VIDYUT-LAPTOP Current User Name: vidyut Logged in as Administrator. Current Boot Mode: Normal Scan Mode: Current user Company Name Whitelist: On Skip Microsoft Files: Off File Age = 30 Days Output = Minimal [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - C:\Windows\System32\WLTRYSVC.EXE () PRC - C:\Windows\System32\bcmwltry.exe (Broadcom Corporation) PRC - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe (ALWIL Software) PRC - C:\Program Files\Alwil Software\Avast4\ashServ.exe (ALWIL Software) PRC - C:\Windows\System32\agrsmsvc.exe (Agere Systems) PRC - C:\Program Files\Bonjour\mDNSResponder.exe (Apple Computer, Inc.) PRC - C:\Program Files\Lenovo\ShuttleCenter\Kernel\TV\CLCapSvc.exe () PRC - C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe (Microsoft Corporation) PRC - C:\Program Files\CyberLink\Shared Files\RichVideo.exe () PRC - C:\Program Files\Speed+\Client\ventc.exe (Venturi Wireless) PRC - C:\Windows\System32\WUDFHost.exe (Microsoft Corporation) PRC - C:\Program Files\Speed+\squid\ventcsquid.exe (SQUID Web Proxy Cache - http://www.squid-cache.org/) PRC - C:\Program Files\Speed+\squid\ventcdnsserver.exe (SQUID Web Proxy Cache - http://www.squid-cache.org/) PRC - C:\Program Files\Speed+\squid\ventcdnsserver.exe (SQUID Web Proxy Cache - http://www.squid-cache.org/) PRC - C:\Program Files\Speed+\squid\ventcdnsserver.exe (SQUID Web Proxy Cache - http://www.squid-cache.org/) PRC - C:\Program Files\Speed+\squid\ventcdnsserver.exe (SQUID Web Proxy Cache - http://www.squid-cache.org/) PRC - C:\Program Files\Lenovo\ShuttleCenter\Kernel\TV\CLSched.exe () PRC - C:\Program Files\Speed+\squid\ventcdnsserver.exe (SQUID Web Proxy Cache - http://www.squid-cache.org/) PRC - C:\Program Files\Speed+\squid\ventcdnsserver.exe (SQUID Web Proxy Cache - http://www.squid-cache.org/) PRC - C:\Program Files\Speed+\squid\ventcunlinkd.exe (SQUID Web Proxy Cache - http://www.squid-cache.org/) PRC - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe (ALWIL Software) PRC - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe (ALWIL Software) PRC - C:\Windows\Explorer.EXE (Microsoft Corporation) PRC - C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation) PRC - C:\Windows\System32\hkcmd.exe (Intel Corporation) PRC - C:\Windows\System32\igfxpers.exe (Intel Corporation) PRC - C:\Windows\RtHDVCpl.exe (Realtek Semiconductor) PRC - C:\Program Files\Apoint2K\Apoint.exe (Alps Electric Co., Ltd.) PRC - C:\Program Files\Lenovo\EnergyCut\utilty.exe (TODO: ) PRC - C:\Program Files\Lenovo\EnergyCut\EnergyCut.exe (??(??)????) PRC - C:\Program Files\EzButton\EzButton.EXE (Dritek System Inc.) PRC - C:\Program Files\Alwil Software\Avast4\ashDisp.exe (ALWIL Software) PRC - C:\Program Files\java\jre1.6.0_04\bin\jusched.exe (Sun Microsystems, Inc.) PRC - C:\Program Files\Speed+\Configurator\ventcfg.exe (Venturi Wireless) PRC - C:\Program Files\Adobe\Reader 8.0\Reader\Reader_SL.exe (Adobe Systems Incorporated) PRC - C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe () PRC - C:\Program Files\Common Files\Nikon\Monitor\NkMonitor.exe (Nikon Corporation) PRC - C:\Windows\System32\mobsync.exe (Microsoft Corporation) PRC - C:\Program Files\Apoint2K\ApMsgFwd.exe (Alps Electric Co., Ltd.) PRC - C:\Program Files\OpenOffice.org 2.4\program\soffice.exe (OpenOffice.org) PRC - C:\Program Files\Apoint2K\Apntex.exe (Alps Electric Co., Ltd.) PRC - C:\Program Files\OpenOffice.org 2.4\program\soffice.BIN (OpenOffice.org) PRC - G:\OTL.exe (OldTimer Tools) PRC - C:\Windows\System32\wbem\wmiprvse.exe (Microsoft Corporation) [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - (AgereModemAudio [Auto | Running]) -- C:\Windows\System32\agrsmsvc.exe (Agere Systems) SRV - (aswUpdSv [Auto | Running]) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe (ALWIL Software) SRV - (avast! Antivirus [Auto | Running]) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe (ALWIL Software) SRV - (avast! Mail Scanner [On_Demand | Running]) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe (ALWIL Software) SRV - (avast! Web Scanner [On_Demand | Running]) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe (ALWIL Software) SRV - (Bonjour Service [Auto | Running]) -- C:\Program Files\Bonjour\mDNSResponder.exe (Apple Computer, Inc.) SRV - (CLCapSvc [Auto | Running]) -- C:\Program Files\Lenovo\ShuttleCenter\Kernel\TV\CLCapSvc.exe () SRV - (clr_optimization_v2.0.50727_32 [On_Demand | Stopped]) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation) SRV - (CLSched [Auto | Running]) -- C:\Program Files\Lenovo\ShuttleCenter\Kernel\TV\CLSched.exe () SRV - (Eventlog [Auto | Running]) -- C:\Windows\System32\wevtsvc.dll (Microsoft Corporation) SRV - (FLEXnet Licensing Service [On_Demand | Stopped]) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Macrovision Europe Ltd.) SRV - (FontCache3.0.0.0 [On_Demand | Stopped]) -- C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe (Microsoft Corporation) SRV - (gusvc [On_Demand | Stopped]) -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe (Google) SRV - (IDriverT [On_Demand | Stopped]) -- C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe (Macrovision Corporation) SRV - (idsvc [Unknown | Stopped]) -- C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe (Microsoft Corporation) SRV - (Macromedia Licensing Service [On_Demand | Stopped]) -- C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe () SRV - (MDM [Auto | Running]) -- C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe (Microsoft Corporation) SRV - (NetTcpPortSharing [Disabled | Stopped]) -- C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe (Microsoft Corporation) SRV - (RichVideo [Auto | Running]) -- C:\Program Files\CyberLink\Shared Files\RichVideo.exe () SRV - (ServiceLayer [On_Demand | Stopped]) -- C:\Program Files\Nokia\PC Connectivity Solution\ServiceLayer.exe (Nokia.) SRV - (VenturiClient [Auto | Running]) -- C:\Program Files\Speed+\Client\ventc.exe (Venturi Wireless) SRV - (WinDefend [Auto | Running]) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation) SRV - (wltrysvc [Auto | Running]) -- C:\Windows\System32\WLTRYSVC.EXE () SRV - (WMPNetworkSvc [On_Demand | Stopped]) -- C:\Program Files\Windows Media Player\wmpnetwk.exe (Microsoft Corporation) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - (ACPIVPC [On_Demand | Running]) -- C:\Windows\System32\DRIVERS\AcpiVpc.sys (Lenovo Corporation) DRV - (adp94xx [Disabled | Stopped]) -- C:\Windows\system32\drivers\adp94xx.sys (Adaptec, Inc.) DRV - (adpahci [Disabled | Stopped]) -- C:\Windows\system32\drivers\adpahci.sys (Adaptec, Inc.) DRV - (adpu160m [Disabled | Stopped]) -- C:\Windows\system32\drivers\adpu160m.sys (Adaptec, Inc.) DRV - (adpu320 [Disabled | Stopped]) -- C:\Windows\system32\drivers\adpu320.sys (Adaptec, Inc.) DRV - (AgereSoftModem [On_Demand | Running]) -- C:\Windows\System32\DRIVERS\AGRSM.sys (Agere Systems) DRV - (aic78xx [Disabled | Stopped]) -- C:\Windows\system32\drivers\djsvs.sys (Adaptec, Inc.) DRV - (aliide [Disabled | Stopped]) -- C:\Windows\system32\drivers\aliide.sys (Acer Laboratories Inc.) DRV - (ApfiltrService [On_Demand | Running]) -- C:\Windows\System32\DRIVERS\Apfiltr.sys (Alps Electric Co., Ltd.) DRV - (arc [Disabled | Stopped]) -- C:\Windows\system32\drivers\arc.sys (Adaptec, Inc.) DRV - (arcsas [Disabled | Stopped]) -- C:\Windows\system32\drivers\arcsas.sys (Adaptec, Inc.) DRV - (aswFsBlk [Auto | Running]) -- C:\Windows\System32\DRIVERS\aswFsBlk.sys (ALWIL Software) DRV - (aswMonFlt [Auto | Running]) -- C:\Windows\System32\DRIVERS\aswMonFlt.sys (ALWIL Software) DRV - (aswRdr [System | Running]) -- C:\Windows\System32\drivers\aswRdr.sys (ALWIL Software) DRV - (aswSP [System | Running]) -- C:\Windows\System32\drivers\aswSP.sys (ALWIL Software) DRV - (aswTdi [System | Running]) -- C:\Windows\System32\drivers\aswTdi.sys (ALWIL Software) DRV - (BCM43XV [On_Demand | Stopped]) -- C:\Windows\System32\DRIVERS\bcmwl6.sys (Broadcom Corporation) DRV - (BCM43XX [On_Demand | Running]) -- C:\Windows\System32\DRIVERS\bcmwl6.sys (Broadcom Corporation) DRV - (bcm4sbxp [On_Demand | Stopped]) -- C:\Windows\System32\DRIVERS\bcm4sbxp.sys (Broadcom Corporation) DRV - (BrFiltLo [On_Demand | Stopped]) -- C:\Windows\system32\drivers\brfiltlo.sys (Brother Industries, Ltd.) DRV - (BrFiltUp [On_Demand | Stopped]) -- C:\Windows\system32\drivers\brfiltup.sys (Brother Industries, Ltd.) DRV - (Brserid [Disabled | Stopped]) -- C:\Windows\system32\drivers\brserid.sys (Brother Industries Ltd.) DRV - (BrSerWdm [Disabled | Stopped]) -- C:\Windows\system32\drivers\brserwdm.sys (Brother Industries Ltd.) DRV - (BrUsbMdm [Disabled | Stopped]) -- C:\Windows\system32\drivers\brusbmdm.sys (Brother Industries Ltd.) DRV - (BrUsbSer [On_Demand | Stopped]) -- C:\Windows\system32\drivers\brusbser.sys (Brother Industries Ltd.) DRV - (CapFilt [On_Demand | Stopped]) -- C:\Windows\System32\drivers\CapFilt.sys (ensurebit) DRV - (cmdide [Disabled | Stopped]) -- C:\Windows\system32\drivers\cmdide.sys (CMD Technology, Inc.) DRV - (DKbFltr [On_Demand | Running]) -- C:\Windows\System32\DRIVERS\DKbFltr.sys (Dritek System Inc.) DRV - (DNE [On_Demand | Running]) -- C:\Windows\System32\DRIVERS\dne2000.sys (Deterministic Networks, Inc.) DRV - (DritekPortIO [System | Running]) -- C:\Program Files\EzButton\DPortIO.sys (Dritek System Inc.) DRV - (E1G60 [On_Demand | Stopped]) -- C:\Windows\System32\DRIVERS\E1G60I32.sys (Intel Corporation) DRV - (elxstor [Disabled | Stopped]) -- C:\Windows\system32\drivers\elxstor.sys (Emulex) DRV - (HpCISSs [Disabled | Stopped]) -- C:\Windows\system32\drivers\hpcisss.sys (Hewlett-Packard Company) DRV - (ialm [On_Demand | Stopped]) -- C:\Windows\System32\DRIVERS\igdkmd32.sys (Intel Corporation) DRV - (iaStorV [Disabled | Stopped]) -- C:\Windows\system32\drivers\iastorv.sys (Intel Corporation) DRV - (igfx [On_Demand | Running]) -- C:\Windows\System32\DRIVERS\igdkmd32.sys (Intel Corporation) DRV - (iirsp [Disabled | Stopped]) -- C:\Windows\system32\drivers\iirsp.sys (Intel Corp./ICP vortex GmbH) DRV - (IntcAzAudAddService [On_Demand | Running]) -- C:\Windows\System32\drivers\RTKVHDA.sys (Realtek Semiconductor Corp.) DRV - (iteatapi [Disabled | Stopped]) -- C:\Windows\system32\drivers\iteatapi.sys (Integrated Technology Express, Inc.) DRV - (iteraid [Disabled | Stopped]) -- C:\Windows\system32\drivers\iteraid.sys (Integrated Technology Express, Inc.) DRV - (LSI_FC [Disabled | Stopped]) -- C:\Windows\system32\drivers\lsi_fc.sys (LSI Logic) DRV - (LSI_SAS [Disabled | Stopped]) -- C:\Windows\system32\drivers\lsi_sas.sys (LSI Logic) DRV - (LSI_SCSI [Disabled | Stopped]) -- C:\Windows\system32\drivers\lsi_scsi.sys (LSI Logic) DRV - (megasas [Disabled | Stopped]) -- C:\Windows\system32\drivers\megasas.sys (LSI Logic Corporation) DRV - (Mraid35x [Disabled | Stopped]) -- C:\Windows\system32\drivers\mraid35x.sys (LSI Logic Corporation) DRV - (nfrd960 [Disabled | Stopped]) -- C:\Windows\system32\drivers\nfrd960.sys (IBM Corporation) DRV - (nmwcd [On_Demand | Stopped]) -- C:\Windows\System32\drivers\ccdcmb.sys (Nokia) DRV - (nmwcdc [On_Demand | Stopped]) -- C:\Windows\System32\drivers\ccdcmbo.sys (Nokia) DRV - (ntrigdigi [Disabled | Stopped]) -- C:\Windows\system32\drivers\ntrigdigi.sys (N-trig Innovative Technologies) DRV - (nvraid [Disabled | Stopped]) -- C:\Windows\system32\drivers\nvraid.sys (NVIDIA Corporation) DRV - (nvstor [Disabled | Stopped]) -- C:\Windows\system32\drivers\nvstor.sys (NVIDIA Corporation) DRV - (pccsmcfd [On_Demand | Stopped]) -- C:\Windows\System32\DRIVERS\pccsmcfd.sys (Nokia) DRV - (ql2300 [Disabled | Stopped]) -- C:\Windows\system32\drivers\ql2300.sys (QLogic Corporation) DRV - (ql40xx [Disabled | Stopped]) -- C:\Windows\system32\drivers\ql40xx.sys (QLogic Corporation) DRV - (R300 [On_Demand | Stopped]) -- C:\Windows\System32\DRIVERS\atikmdag.sys (ATI Technologies Inc.) DRV - (rimmptsk [Auto | Running]) -- C:\Windows\System32\DRIVERS\rimmptsk.sys (REDC) DRV - (rimsptsk [Auto | Running]) -- C:\Windows\System32\DRIVERS\rimsptsk.sys (REDC) DRV - (rismxdp [Auto | Running]) -- C:\Windows\System32\DRIVERS\rixdptsk.sys (REDC) DRV - (RTL8023xp [On_Demand | Stopped]) -- C:\Windows\System32\DRIVERS\Rtnicxp.sys (Realtek Semiconductor Corporation ) DRV - (s116bus [On_Demand | Stopped]) -- C:\Windows\System32\DRIVERS\s116bus.sys (MCCI Corporation) DRV - (s116mdfl [On_Demand | Stopped]) -- C:\Windows\System32\DRIVERS\s116mdfl.sys (MCCI Corporation) DRV - (s116mdm [On_Demand | Stopped]) -- C:\Windows\System32\DRIVERS\s116mdm.sys (MCCI Corporation) DRV - (s116mgmt [On_Demand | Stopped]) -- C:\Windows\System32\DRIVERS\s116mgmt.sys (MCCI Corporation) DRV - (s116nd5 [On_Demand | Stopped]) -- C:\Windows\System32\DRIVERS\s116nd5.sys (MCCI Corporation) DRV - (s116obex [On_Demand | Stopped]) -- C:\Windows\System32\DRIVERS\s116obex.sys (MCCI Corporation) DRV - (s116unic [On_Demand | Stopped]) -- C:\Windows\System32\DRIVERS\s116unic.sys (MCCI Corporation) DRV - (secdrv [Auto | Running]) -- C:\Windows\System32\drivers\secdrv.sys (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) DRV - (SiSRaid2 [Disabled | Stopped]) -- C:\Windows\system32\drivers\sisraid2.sys (Silicon Integrated Systems Corp.) DRV - (SiSRaid4 [Disabled | Stopped]) -- C:\Windows\system32\drivers\sisraid4.sys (Silicon Integrated Systems) DRV - (sit_bus [On_Demand | Running]) -- C:\Windows\System32\Drivers\sit_bus.sys (SUNGIL) DRV - (sit_flt [On_Demand | Running]) -- C:\Windows\System32\DRIVERS\sit_flt.sys (SUNGIL Corporation) DRV - (sit_mdm [On_Demand | Running]) -- C:\Windows\System32\Drivers\sit_mdm.sys (SUNGIL) DRV - (sit_prt [On_Demand | Running]) -- C:\Windows\System32\Drivers\sit_prt.sys (SUNGIL) DRV - (Symc8xx [Disabled | Stopped]) -- C:\Windows\system32\drivers\symc8xx.sys (LSI Logic) DRV - (Sym_hi [Disabled | Stopped]) -- C:\Windows\system32\drivers\sym_hi.sys (LSI Logic) DRV - (Sym_u3 [Disabled | Stopped]) -- C:\Windows\system32\drivers\sym_u3.sys (LSI Logic) DRV - (uliahci [Disabled | Stopped]) -- C:\Windows\system32\drivers\uliahci.sys (ULi Electronics Inc.) DRV - (UlSata [Disabled | Stopped]) -- C:\Windows\system32\drivers\ulsata.sys (Promise Technology, Inc.) DRV - (ulsata2 [Disabled | Stopped]) -- C:\Windows\system32\drivers\ulsata2.sys (Promise Technology, Inc.) DRV - (upperdev [On_Demand | Stopped]) -- C:\Windows\System32\DRIVERS\usbser_lowerflt.sys (Windows (R) Codename Longhorn DDK provider) DRV - (usbser [On_Demand | Stopped]) -- C:\Windows\System32\drivers\usbser.sys (Microsoft Corporation) DRV - (UsbserFilt [On_Demand | Stopped]) -- C:\Windows\System32\DRIVERS\usbser_lowerfltj.sys (Windows (R) Codename Longhorn DDK provider) DRV - (viaide [Disabled | Stopped]) -- C:\Windows\system32\drivers\viaide.sys (VIA Technologies, Inc.) DRV - (vsmraid [Disabled | Stopped]) -- C:\Windows\system32\drivers\vsmraid.sys (VIA Technologies Inc.,Ltd) DRV - (vwinter [On_Demand | Running]) -- C:\Windows\System32\drivers\vwinter.sys (Venturi Wireless, Inc.) DRV - (vwredir [On_Demand | Running]) -- C:\Windows\System32\drivers\vwredir.sys (Venturi Wireless, Inc.) DRV - (W700bus [On_Demand | Stopped]) -- C:\Windows\System32\DRIVERS\W700bus.sys (MCCI) DRV - (W700mdfl [On_Demand | Stopped]) -- C:\Windows\System32\DRIVERS\W700mdfl.sys (MCCI) DRV - (W700mdm [On_Demand | Stopped]) -- C:\Windows\System32\DRIVERS\W700mdm.sys (MCCI) DRV - (W700mgmt [On_Demand | Stopped]) -- C:\Windows\System32\DRIVERS\W700mgmt.sys (MCCI) DRV - (W700obex [On_Demand | Stopped]) -- C:\Windows\System32\DRIVERS\W700obex.sys (MCCI) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.lenovo.com IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.lenovo.com IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Page_Transitions = 1 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.lenovo.com IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.search.defaultenginename: "Google" FF - prefs.js..browser.search.defaulturl: "http://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=" FF - prefs.js..browser.search.selectedEngine: "Google" FF - prefs.js..browser.startup.homepage: "http://en-us.start.mozilla.com/firefox?client=firefox-a&rls=org.mozilla:en-US:official" FF - HKLM\software\mozilla\Mozilla Firefox 2.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2009-03-08 11:24:24 | 00,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 2.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2009-03-08 11:24:24 | 00,000,000 | ---D | M] [2009-06-22 23:01:01 | 00,000,000 | ---D | M] -- C:\Users\vidyut\AppData\Roaming\mozilla\Firefox\Profiles\4bv1olvo.default\extensions [2009-01-11 12:10:34 | 00,000,000 | ---D | M] -- C:\Users\vidyut\AppData\Roaming\mozilla\Firefox\Profiles\4bv1olvo.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c} [2008-08-06 12:21:48 | 00,000,000 | ---D | M] -- C:\Users\vidyut\AppData\Roaming\mozilla\Firefox\Profiles\4bv1olvo.default\extensions\{AE93811A-5C9A-4d34-8462-F7B864FC4696} [2008-11-07 11:07:20 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions [2007-08-09 12:03:36 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{3112ca9c-de6d-4884-a869-9855de68056c} [2007-08-09 12:03:14 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [2008-01-29 23:49:54 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} [2008-11-07 11:07:20 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA} [2007-08-09 12:03:17 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\talkback@mozilla.org [2006-10-11 13:34:58 | 00,061,036 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\jar50.dll [2006-10-11 13:34:59 | 00,048,742 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\jsd3250.dll [2006-10-11 13:35:03 | 00,029,313 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\myspell.dll [2006-10-11 13:35:03 | 00,041,082 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\spellchk.dll [2006-10-11 13:34:58 | 00,166,510 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\xpinstal.dll [2008-01-23 11:50:30 | 00,491,520 | ---- | M] (BitComet) -- C:\Program Files\mozilla firefox\plugins\npBitCometAgent.dll [2006-10-11 13:34:59 | 00,017,030 | ---- | M] (mozilla.org) -- C:\Program Files\mozilla firefox\plugins\npnul32.dll [2007-05-10 22:52:34 | 00,095,864 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2007-10-25 20:25:38 | 00,144,720 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\mozilla firefox\plugins\nppl3260.dll [2009-01-24 12:39:22 | 00,131,072 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin.dll [2009-01-24 12:39:22 | 00,131,072 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll [2009-01-24 12:39:22 | 00,131,072 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll [2009-01-24 12:39:22 | 00,131,072 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll [2009-01-24 12:39:28 | 00,131,072 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll [2009-01-24 12:39:28 | 00,131,072 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin6.dll [2009-01-24 12:39:28 | 00,131,072 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin7.dll [2007-10-25 20:25:52 | 00,024,576 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\mozilla firefox\plugins\nprjplug.dll [2007-10-25 20:25:35 | 00,081,920 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\mozilla firefox\plugins\nprpjplug.dll [2006-10-11 13:35:04 | 00,001,514 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom.xml [2006-10-11 13:35:04 | 00,002,193 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\answers.xml [2006-10-11 13:35:04 | 00,001,038 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\creativecommons.xml [2006-10-11 13:35:04 | 00,001,046 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay.xml [2006-10-11 13:35:04 | 00,002,320 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\google.xml [2006-10-11 13:35:04 | 00,000,792 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo.xml O1 HOSTS File: (761 bytes) - C:\Windows\System32\drivers\etc\Hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) O2 - BHO: (StumbleUpon Launcher) - {145B29F4-A56B-4b90-BBAC-45784EBEBBB7} - C:\Program Files\StumbleUpon\StumbleUponIEBar.dll (stumbleupon.com) O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll (Sun Microsystems, Inc.) O3 - HKLM\..\Toolbar: (StumbleUpon Toolbar) - {5093EB4C-3E93-40AB-9266-B607BA87BDC8} - C:\Program Files\StumbleUpon\StumbleUponIEBar.dll (stumbleupon.com) O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe (Alps Electric Co., Ltd.) O4 - HKLM..\Run: [avast!] C:\Program Files\Alwil Software\Avast4\ashDisp.exe (ALWIL Software) O4 - HKLM..\Run: [EnergyCut] C:\Program Files\Lenovo\EnergyCut\EnergyCut.exe (??(??)????) O4 - HKLM..\Run: [EnergyUtility] C:\Program Files\Lenovo\EnergyCut\utilty.exe (TODO: ) O4 - HKLM..\Run: [EzButton] C:\Program Files\EzButton\EzButton.EXE (Dritek System Inc.) O4 - HKLM..\Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe (Intel Corporation) O4 - HKLM..\Run: [IgfxTray] C:\Windows\System32\igfxtray.exe (Intel Corporation) O4 - HKLM..\Run: [NokiaMServer] C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe () O4 - HKLM..\Run: [Persistence] C:\Windows\System32\igfxpers.exe (Intel Corporation) O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime\QTTask.exe (Apple Inc.) O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor) O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.6.0_04\bin\jusched.exe (Sun Microsystems, Inc.) O4 - HKLM..\Run: [Unattend0000000001{EE21E35E-9B9F-4CC2-8A4D-686A5CF1C0CC}] C:\Windows\test.bat File not found O4 - HKLM..\Run: [Venturi Configurator] C:\Program Files\Speed+\Configurator\ventcfg.exe (Venturi Wireless) O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation) O4 - Startup: C:\Users\vidyut\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 2.4.lnk = C:\Program Files\OpenOffice.org 2.4\program\quickstart.exe () O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 2 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption = O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext = O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17 O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.) O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office10\EXCEL.EXE (Microsoft Corporation) O8 - Extra context menu item: StumbleUpon PhotoBlog It! - .cache [2009-05-15 14:14:24 | 00,000,000 | ---D | M] O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll (Sun Microsystems, Inc.) O9 - Extra Button: Password Administration Box - {A26ABCF0-1C8F-46e7-A67C-0489DC21B9CC} - C:\Program Files\Lenovo\VeriFace\OpenWnd.exe (Lenovo) O9 - Extra 'Tools' menuitem : Password Administration Box - {A26ABCF0-1C8F-46e7-A67C-0489DC21B9CC} - C:\Program Files\Lenovo\VeriFace\OpenWnd.exe (Lenovo) O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\System32\NLAapi.dll (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\System32\napinsp.dll (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\System32\pnrpnsp.dll (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\System32\pnrpnsp.dll (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Computer, Inc.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\System32\wshbth.dll (Microsoft Corporation) O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_04-windows-i586.cab (Java Plug-in 1.6.0_04) O16 - DPF: {A3256902-51FA-45A0-8A97-FC1143C169D9} http://support.microsoft.com/mats/DiagWebControl.cab (Diagnostics ActiveX WebControl) O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab (Java Plug-in 1.6.0_03) O16 - DPF: {CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_04-windows-i586.cab (Java Plug-in 1.6.0_04) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_04-windows-i586.cab (Java Plug-in 1.6.0_04) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O18 - Protocol\Handler\cdo {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Program Files\Common Files\Microsoft Shared\Web Folders\PKMCDO.DLL (Microsoft Corporation) O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\msdaipp - No CLSID value found O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\MSITSS.DLL (Microsoft Corporation) O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files\Common Files\microsoft shared\Web Components\10\OWC10.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\Windows\System32\igfxdev.dll (Intel Corporation) O31 - SafeBoot: AlternateShell - cmd.exe O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006-09-19 03:13:36 | 00,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O33 - MountPoints2\{70361d13-24dc-11dd-b911-00023fec0eb9}\Shell\Open \command - "" = H:\MicrosoftPowerPoint.exe -- File not found O33 - MountPoints2\{9ff051c8-e4a7-11dd-984b-00023fec0eb9}\Shell\AutoRun\command - "" = .cache -- [2009-05-15 14:14:24 | 00,000,000 | ---D | M] O33 - MountPoints2\{9ff051c8-e4a7-11dd-984b-00023fec0eb9}\Shell\open\command - "" = .cache -- [2009-05-15 14:14:24 | 00,000,000 | ---D | M] O33 - MountPoints2\{dc08e58e-b548-11dd-8589-00023fec0eb9}\Shell\AutoRun\command - "" = F:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\services.exe -- File not found O33 - MountPoints2\{dc08e58e-b548-11dd-8589-00023fec0eb9}\Shell\open\command - "" = F:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\services.exe -- File not found O33 - MountPoints2\{f39c3498-6382-11dd-835a-00023fec0eb9}\Shell\AutoRun\command - "" = .cache -- [2009-05-15 14:14:24 | 00,000,000 | ---D | M] O33 - MountPoints2\{f39c3498-6382-11dd-835a-00023fec0eb9}\Shell\explore\Command - "" = .cache -- [2009-05-15 14:14:24 | 00,000,000 | ---D | M] O33 - MountPoints2\{f39c3498-6382-11dd-835a-00023fec0eb9}\Shell\open\Command - "" = .cache -- [2009-05-15 14:14:24 | 00,000,000 | ---D | M] O34 - HKLM BootExecute: (autocheck) - File not found O34 - HKLM BootExecute: (autochk) - C:\Windows\System32\autochk.exe (Microsoft Corporation) O34 - HKLM BootExecute: (*) - File not found [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2009-06-23 17:10:09 | 00,000,000 | ---D | C] -- C:\Rooter$ [2009-06-23 13:27:35 | 00,000,000 | ---D | C] -- C:\Windows\ERDNT [2009-06-23 11:40:12 | 00,000,000 | ---D | C] -- C:\Users\vidyut\AppData\Roaming\Malwarebytes [2009-06-23 11:40:08 | 00,038,160 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys [2009-06-23 11:40:06 | 00,019,096 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys [2009-06-23 11:40:06 | 00,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2009-06-23 11:40:05 | 00,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware [2009-06-23 11:38:09 | 00,000,000 | ---D | C] -- C:\Program Files\ERUNT [2009-06-22 23:23:49 | 06,291,456 | -H-- | C] () -- C:\Users\vidyut\AppData\Local\IconCache.db [2009-06-22 23:20:41 | 00,003,448 | ---- | C] () -- C:\Users\vidyut\Desktop\see.reg [2009-06-22 23:14:55 | 00,000,609 | ---- | C] () -- C:\Users\vidyut\Desktop\cdrom.reg [2009-06-22 23:05:06 | 00,006,892 | ---- | C] () -- C:\Users\vidyut\Desktop\XP_CD-DVD-Fix.zip [2009-06-22 22:39:18 | 00,000,000 | ---D | C] -- C:\Users\vidyut\AppData\Local\ElevatedDiagnostics [2009-06-22 22:37:15 | 00,000,000 | ---D | C] -- C:\Windows\System32\WindowsPowerShell [2009-06-22 22:35:52 | 01,507,328 | ---- | C] () -- C:\Windows\ocsetup_install_MicrosoftWindowsPowerShell.etl [2009-06-22 22:35:52 | 00,131,072 | ---- | C] () -- C:\Windows\ocsetup_cbs_install_MicrosoftWindowsPowerShell.perf [2009-06-22 22:35:52 | 00,065,536 | ---- | C] () -- C:\Windows\ocsetup_cbs_install_MicrosoftWindowsPowerShell.dpx [2009-06-22 22:23:04 | 00,000,000 | ---D | C] -- C:\Program Files\Microsoft ATS [2009-06-22 20:56:47 | 00,000,230 | ---- | C] () -- C:\Users\vidyut\Documents\backup.reg [2009-06-22 16:14:14 | 00,565,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\emdmgmt.dll [2009-06-22 16:14:13 | 00,625,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\dxgkrnl.sys [2009-06-22 16:14:13 | 00,148,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\nwifi.sys [2009-06-22 16:14:13 | 00,045,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dataclen.dll [2009-06-22 16:14:12 | 00,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cdd.dll [2009-06-22 15:44:21 | 00,000,000 | ---D | C] -- C:\Users\vidyut\Desktop\New Folder [2009-06-21 23:02:45 | 00,512,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript.dll [2009-06-21 23:02:45 | 00,430,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vbscript.dll [2009-06-21 23:02:45 | 00,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wshom.ocx [2009-06-21 23:02:45 | 00,090,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wshext.dll [2009-06-21 23:02:44 | 00,180,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scrobj.dll [2009-06-21 23:02:44 | 00,172,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scrrun.dll [2009-06-21 23:02:44 | 00,155,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wscript.exe [2009-06-21 23:02:44 | 00,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cscript.exe [2009-06-21 22:59:12 | 00,891,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\tcpip.sys [2009-06-21 22:59:12 | 00,072,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\pacer.sys [2009-06-21 22:59:12 | 00,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pacerprf.dll [2009-06-21 22:58:43 | 00,147,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Faultrep.dll [2009-06-21 22:58:43 | 00,125,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wersvc.dll [2009-06-21 22:47:48 | 00,001,984 | ---- | C] () -- C:\Users\Public\Desktop\Nokia Map Loader.lnk [2009-06-20 21:23:37 | 00,024,908 | ---- | C] () -- C:\Users\vidyut\AppData\Roaming\Comma Separated Values (Windows).ADR [2009-06-20 20:35:27 | 00,000,000 | ---D | C] -- C:\Users\vidyut\AppData\Roaming\Nseries [2009-06-20 20:31:25 | 00,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_PCCSWpdDriver_01_05_00.Wdf [2009-06-20 20:30:58 | 00,000,000 | ---D | C] -- C:\Users\vidyut\AppData\Local\Nokia [2009-06-20 20:30:57 | 00,000,000 | ---D | C] -- C:\ProgramData\PC Suite [2009-06-20 20:30:56 | 00,000,000 | ---D | C] -- C:\Users\vidyut\AppData\Roaming\PC Suite [2009-06-20 20:29:41 | 00,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_ccdcmb_01005.Wdf [2009-06-20 20:27:07 | 00,000,000 | ---D | C] -- C:\Users\vidyut\AppData\Roaming\Nokia [2009-06-20 20:24:26 | 00,002,041 | ---- | C] () -- C:\Users\Public\Desktop\Nokia Software Updater.lnk [2009-06-20 20:22:47 | 00,002,072 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Nokia Ovi Suite.lnk [2009-06-20 20:22:47 | 00,002,004 | ---- | C] () -- C:\Users\Public\Desktop\Nokia Ovi Suite.lnk [2009-06-20 20:22:39 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Nokia [2009-06-20 20:20:42 | 00,000,000 | ---D | C] -- C:\Program Files\DIFX [2009-06-20 20:20:40 | 00,021,632 | ---- | C] (Nokia) -- C:\Windows\System32\drivers\pccsmcfd.sys [2009-06-20 20:19:57 | 00,000,000 | ---D | C] -- C:\Windows\System32\DRVSTORE [2009-06-20 20:17:56 | 00,000,000 | ---D | C] -- C:\Program Files\Nokia [2009-06-20 19:55:28 | 00,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_00_00.Wdf [2009-06-20 19:51:07 | 00,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_00_00.Wdf [2009-06-20 18:01:09 | 00,000,000 | ---D | C] -- C:\PerfLogs [2009-06-20 15:19:55 | 00,000,000 | ---D | C] -- C:\Users\vidyut\Documents\contacts [2009-06-18 12:36:30 | 00,000,000 | ---D | C] -- C:\Users\vidyut\Desktop\WALL [2009-06-15 18:48:33 | 00,784,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rpcrt4.dll [2009-06-15 18:48:18 | 03,581,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.dll [2009-06-15 18:48:16 | 00,389,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec [2009-06-15 18:48:13 | 06,069,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieframe.dll [2009-06-15 18:48:12 | 01,166,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\urlmon.dll [2009-06-15 18:48:11 | 00,458,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll [2009-06-15 18:48:11 | 00,389,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll [2009-06-15 18:48:10 | 00,827,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wininet.dll [2009-06-15 18:48:10 | 00,270,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iertutil.dll [2009-06-15 18:48:09 | 00,230,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll [2009-06-15 18:48:09 | 00,102,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\occache.dll [2009-06-15 18:48:08 | 00,078,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieencode.dll [2009-06-15 18:48:08 | 00,026,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe [2009-06-15 18:48:07 | 00,671,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll [2009-06-15 18:48:06 | 00,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll [2009-06-15 18:48:05 | 01,383,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb [2009-06-15 18:47:55 | 02,033,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys [2009-06-15 18:47:47 | 00,636,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\localspl.dll [2007-10-25 20:54:40 | 00,765,952 | ---- | C] () -- C:\Windows\System32\xvidcore.dll [2007-10-25 20:54:40 | 00,180,224 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll [2007-08-10 15:29:37 | 00,000,376 | ---- | C] () -- C:\Windows\ODBC.INI [2007-03-30 10:10:31 | 00,057,344 | ---- | C] () -- C:\Windows\AsfHelper.dll [2007-03-30 10:10:31 | 00,022,528 | ---- | C] () -- C:\Windows\ScrSav.dll [2007-03-30 10:09:49 | 01,314,816 | ---- | C] () -- C:\Windows\System32\ImageReog.dll [2007-03-30 10:09:49 | 00,589,824 | ---- | C] () -- C:\Windows\System32\PicNotify.dll [2007-03-30 10:09:49 | 00,491,520 | ---- | C] () -- C:\Windows\System32\picn.dll [2007-03-30 10:09:49 | 00,491,520 | ---- | C] () -- C:\Windows\System32\MainOp.dll [2007-03-30 10:09:49 | 00,208,896 | ---- | C] () -- C:\Windows\System32\Image.dll [2007-03-30 10:09:49 | 00,086,016 | ---- | C] () -- C:\Windows\System32\VideoOp.dll [2007-03-30 10:09:49 | 00,061,440 | ---- | C] () -- C:\Windows\System32\Momo.dll [2007-03-30 10:09:49 | 00,049,152 | ---- | C] () -- C:\Windows\System32\DevFilt.dll [2007-03-30 10:09:49 | 00,045,056 | ---- | C] () -- C:\Windows\System32\ApBlend.dll [2007-03-30 09:57:49 | 00,065,536 | ---- | C] () -- C:\Windows\System32\bcmwlrmt.dll [2007-01-26 12:32:23 | 00,016,480 | ---- | C] () -- C:\Windows\System32\rixdicon.dll [2006-12-01 10:05:47 | 00,053,248 | ---- | C] () -- C:\Windows\System32\oemdspif.dll [2006-12-01 10:05:46 | 00,204,800 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1132.dll [2006-12-01 10:05:41 | 00,077,824 | ---- | C] () -- C:\Windows\System32\hccutils.dll [2006-11-02 15:55:44 | 00,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll [2006-11-02 15:55:21 | 00,061,440 | ---- | C] () -- C:\Windows\System32\igfxTMM.dll [2006-11-02 15:53:31 | 00,000,240 | ---- | C] () -- C:\Windows\win.ini [2006-11-02 15:53:31 | 00,000,219 | ---- | C] () -- C:\Windows\system.ini [2006-11-02 13:10:29 | 00,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2009-06-23 17:12:44 | 00,690,960 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI [2009-06-23 17:12:44 | 00,600,378 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2009-06-23 17:12:44 | 00,105,852 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2009-06-23 17:08:57 | 00,003,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2009-06-23 17:08:53 | 00,003,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2009-06-23 17:08:17 | 00,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT [2009-06-23 17:08:05 | 00,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2009-06-23 17:06:49 | 00,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat [2009-06-23 17:01:22 | 06,291,456 | -H-- | M] () -- C:\Users\vidyut\AppData\Local\IconCache.db [2009-06-22 23:20:41 | 00,003,448 | ---- | M] () -- C:\Users\vidyut\Desktop\see.reg [2009-06-22 23:14:50 | 00,000,609 | ---- | M] () -- C:\Users\vidyut\Desktop\cdrom.reg [2009-06-22 23:05:06 | 00,006,892 | ---- | M] () -- C:\Users\vidyut\Desktop\XP_CD-DVD-Fix.zip [2009-06-22 22:36:04 | 01,507,328 | ---- | M] () -- C:\Windows\ocsetup_install_MicrosoftWindowsPowerShell.etl [2009-06-22 22:36:04 | 00,131,072 | ---- | M] () -- C:\Windows\ocsetup_cbs_install_MicrosoftWindowsPowerShell.perf [2009-06-22 22:36:04 | 00,065,536 | ---- | M] () -- C:\Windows\ocsetup_cbs_install_MicrosoftWindowsPowerShell.dpx [2009-06-22 20:56:47 | 00,000,230 | ---- | M] () -- C:\Users\vidyut\Documents\backup.reg [2009-06-21 22:47:48 | 00,001,984 | ---- | M] () -- C:\Users\Public\Desktop\Nokia Map Loader.lnk [2009-06-20 21:29:43 | 00,024,908 | ---- | M] () -- C:\Users\vidyut\AppData\Roaming\Comma Separated Values (Windows).ADR [2009-06-20 21:14:42 | 00,012,288 | ---- | M] () -- C:\Users\vidyut\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2009-06-20 20:31:25 | 00,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_PCCSWpdDriver_01_05_00.Wdf [2009-06-20 20:29:41 | 00,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_ccdcmb_01005.Wdf [2009-06-20 20:24:26 | 00,002,041 | ---- | M] () -- C:\Users\Public\Desktop\Nokia Software Updater.lnk [2009-06-20 20:22:47 | 00,002,072 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Nokia Ovi Suite.lnk [2009-06-20 20:22:47 | 00,002,004 | ---- | M] () -- C:\Users\Public\Desktop\Nokia Ovi Suite.lnk [2009-06-20 19:55:28 | 00,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_00_00.Wdf [2009-06-20 19:51:07 | 00,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_00_00.Wdf [2009-06-20 18:30:54 | 00,000,749 | RH-- | M] () -- C:\Windows\WindowsShell.Manifest [2009-06-20 18:10:58 | 00,288,200 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2009-06-20 15:49:20 | 00,101,888 | ---- | M] (Infineon Technologies AG) -- C:\Windows\System32\ifxcardm.dll [2009-06-20 15:49:19 | 00,082,432 | ---- | M] (Gemalto, Inc.) -- C:\Windows\System32\axaltocm.dll [2009-06-17 11:27:56 | 00,038,160 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys [2009-06-17 11:27:44 | 00,019,096 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys < End of report >