OTL logfile created on: 4/5/2012 12:38:29 PM - Run 2 OTL by OldTimer - Version 3.2.31.0 Folder = E:\Downloads\Windows Update Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 1.49 Gb Total Physical Memory | 1.01 Gb Available Physical Memory | 67.98% Memory free 3.34 Gb Paging File | 3.02 Gb Available in Paging File | 90.23% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 29.81 Gb Total Space | 3.07 Gb Free Space | 10.31% Space Free | Partition Type: NTFS Drive D: | 23.85 Gb Total Space | 10.39 Gb Free Space | 43.58% Space Free | Partition Type: NTFS Drive E: | 95.39 Gb Total Space | 29.79 Gb Free Space | 31.23% Space Free | Partition Type: NTFS Drive H: | 931.51 Gb Total Space | 806.69 Gb Free Space | 86.60% Space Free | Partition Type: NTFS Computer Name: HOME-2FEA83FCCB | User Name: Kanishka | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Quick Scan Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2012/03/10 14:51:44 | 001,049,072 | ---- | M] (Google Inc.) -- C:\Documents and Settings\Kanishka\Local Settings\Application Data\Google\Chrome\Application\chrome.exe PRC - [2012/01/19 23:09:16 | 000,584,192 | ---- | M] (OldTimer Tools) -- E:\Downloads\Windows Update\OTL.exe PRC - [2011/09/15 12:06:04 | 000,088,576 | ---- | M] () -- C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe PRC - [2008/09/30 12:48:28 | 000,935,208 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe PRC - [2008/04/14 17:30:00 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe [color=#E56717]========== Modules (No Company Name) ==========[/color] MOD - [2012/03/10 14:51:42 | 000,429,040 | ---- | M] () -- C:\Documents and Settings\Kanishka\Local Settings\Application Data\Google\Chrome\Application\17.0.963.79\ppgooglenaclpluginchrome.dll MOD - [2012/03/10 14:51:41 | 003,772,912 | ---- | M] () -- C:\Documents and Settings\Kanishka\Local Settings\Application Data\Google\Chrome\Application\17.0.963.79\pdf.dll MOD - [2012/03/10 14:50:17 | 000,122,880 | ---- | M] () -- C:\Documents and Settings\Kanishka\Local Settings\Application Data\Google\Chrome\Application\17.0.963.79\avutil-51.dll MOD - [2012/03/10 14:50:16 | 000,220,672 | ---- | M] () -- C:\Documents and Settings\Kanishka\Local Settings\Application Data\Google\Chrome\Application\17.0.963.79\avformat-53.dll MOD - [2012/03/10 14:50:15 | 001,747,456 | ---- | M] () -- C:\Documents and Settings\Kanishka\Local Settings\Application Data\Google\Chrome\Application\17.0.963.79\avcodec-53.dll MOD - [2012/03/10 11:26:11 | 008,593,056 | ---- | M] () -- C:\Documents and Settings\Kanishka\Local Settings\Application Data\Google\Chrome\Application\17.0.963.79\gcswf32.dll MOD - [2011/09/15 12:06:04 | 000,088,576 | ---- | M] () -- C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe MOD - [2010/03/24 21:17:36 | 008,794,464 | ---- | M] () -- C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll MOD - [2010/01/30 02:41:12 | 004,254,560 | ---- | M] () -- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - File not found [Disabled | Stopped] -- -- (HidServ) SRV - [2012/01/13 14:53:18 | 000,652,360 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService) SRV - [2011/09/15 12:06:04 | 000,088,576 | ---- | M] () [Auto | Running] -- C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe -- (PassThru Service) SRV - [2011/04/14 16:07:58 | 000,156,992 | ---- | M] (Panda Security, S.L.) [Auto | Stopped] -- C:\Program Files\Panda Security\Panda Internet Security 2012\TPSrv.exe -- (TPSrv) SRV - [2010/10/20 15:49:18 | 000,202,048 | ---- | M] (Panda Security, S.L.) [Auto | Stopped] -- C:\Program Files\Panda Security\Panda Internet Security 2012\PavFnSvr.exe -- (PAVFNSVR) SRV - [2010/08/16 14:54:46 | 000,028,992 | ---- | M] (Panda Security, S.L.) [Auto | Stopped] -- C:\Program Files\Panda Security\Panda Internet Security 2012\PskSvc.exe -- (PskSvcRetail) SRV - [2010/06/04 10:37:50 | 000,314,176 | ---- | M] (Panda Security, S.L.) [Auto | Stopped] -- C:\Program Files\Panda Security\Panda Internet Security 2012\pavsrvx86.exe -- (PAVSRV) SRV - [2010/04/14 11:28:44 | 000,073,728 | ---- | M] (Software602 a.s.) [On_Demand | Stopped] -- C:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe -- (602XML Updater) SRV - [2010/03/25 10:25:22 | 030,969,208 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE -- (Microsoft SharePoint Workspace Audit Service) SRV - [2009/12/22 11:52:44 | 000,185,640 | ---- | M] (SupportSoft, Inc.) [Auto | Stopped] -- C:\Program Files\Airtel NetXpert\bin\tgsrvc.exe -- (tgsrvc_netxpert) SupportSoft Repair Service (netxpert) SRV - [2009/12/22 11:52:42 | 000,206,120 | ---- | M] (SupportSoft, Inc.) [Auto | Stopped] -- C:\Program Files\Airtel NetXpert\bin\sprtsvc.exe -- (sprtsvc_netxpert) SupportSoft Sprocket Service (netxpert) SRV - [2009/11/26 17:03:56 | 000,226,560 | ---- | M] (Panda Security International) [Auto | Stopped] -- c:\program files\panda security\panda internet security 2012\firewall\PSHOST.EXE -- (PSHost) SRV - [2009/08/27 17:09:10 | 001,253,376 | ---- | M] (MAGIX AG) [Unknown | Stopped] -- C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe -- (Fabs) SRV - [2009/08/10 14:46:08 | 000,173,312 | ---- | M] (Panda Security, S.L.) [Auto | Stopped] -- C:\Program Files\Panda Security\Panda Internet Security 2012\PsCtrls.exe -- (Panda Software Controller) SRV - [2009/07/21 12:38:56 | 000,386,424 | ---- | M] (SupportSoft, Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\SupportSoft\bin\ssrc.exe -- (SupportSoft RemoteAssist) SRV - [2009/03/24 12:35:48 | 000,053,248 | ---- | M] (IBM Corp) [Auto | Stopped] -- C:\Program Files\lotus\notes\ntmulti.exe -- (Multi-user Cleanup Service) SRV - [2008/09/30 12:48:28 | 000,935,208 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe -- (Nero BackItUp Scheduler 4.0) SRV - [2008/08/07 11:10:02 | 003,276,800 | ---- | M] (MAGIX®) [On_Demand | Stopped] -- C:\Program Files\Common Files\MAGIX Services\Database\bin\fbserver.exe -- (FirebirdServerMAGIXInstance) SRV - [2008/06/19 12:59:50 | 000,108,288 | ---- | M] (Panda Security S.L.) [Auto | Stopped] -- C:\Program Files\Panda Security\Panda Internet Security 2012\PsImSvc.exe -- (PSIMSVC) SRV - [2008/02/04 17:26:48 | 000,062,768 | ---- | M] (Panda Security, S.L.) [Auto | Stopped] -- C:\Program Files\Common Files\Panda Security\PavShld\pavprsrv.exe -- (PavPrSrv) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - File not found [Kernel | On_Demand | Running] -- -- (PavTPK.sys) DRV - File not found [Kernel | On_Demand | Running] -- -- (PavSRK.sys) DRV - [2012/02/23 21:41:24 | 000,024,408 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswKbd.sys -- (aswKbd) DRV - [2011/12/21 20:31:06 | 000,023,456 | ---- | M] (Phoenix Technologies) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\DrvAgent32.sys -- (DrvAgent32) DRV - [2011/12/13 18:27:30 | 007,069,288 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM) DRV - [2011/12/12 20:12:52 | 000,130,432 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtnicxp.sys -- (RTL8023xp) DRV - [2011/12/10 15:24:06 | 000,020,464 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector) DRV - [2011/09/13 12:31:40 | 000,014,336 | ---- | M] (A4Tech Co.,Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Amps2prt.sys -- (Amps2prt) DRV - [2011/02/21 14:38:32 | 000,037,448 | ---- | M] (Panda Security, S.L.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ShlDrv51.sys -- (ShldDrv) DRV - [2011/01/31 16:41:28 | 000,083,528 | ---- | M] (Panda Security, S.L.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\APPFLT.SYS -- (APPFLT) DRV - [2011/01/06 17:06:22 | 000,005,632 | ---- | M] (Sysinternals) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\myfault.sys -- (MYFAULT) DRV - [2010/09/09 16:23:00 | 000,193,864 | ---- | M] (Panda Security, S.L.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\idsflt.sys -- (IDSFLT) DRV - [2010/09/01 11:09:14 | 000,201,032 | ---- | M] (Panda Security, S.L.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\neti1644.sys -- (NETIMFLT01060044) DRV - [2010/06/22 18:13:00 | 000,026,696 | ---- | M] (Panda Security, S.L.) [File_System | Boot | Running] -- C:\WINDOWS\system32\Drivers\pavboot.sys -- (pavboot) DRV - [2010/06/22 18:01:52 | 000,021,248 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\htcnprot.sys -- (htcnprot) DRV - [2010/05/21 13:50:26 | 000,059,080 | ---- | M] (Panda Security, S.L.) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\amm8651.sys -- (AmFSM) DRV - [2010/05/06 17:11:58 | 000,163,848 | ---- | M] (Panda Security, S.L.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\PavProc.sys -- (PavProc) DRV - [2009/12/18 11:58:52 | 000,011,336 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\SystemRequirementsLab\cpudrv.sys -- (cpudrv) DRV - [2009/11/18 07:17:00 | 001,395,800 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Monfilt.sys -- (Monfilt) DRV - [2009/11/18 07:16:00 | 001,691,480 | ---- | M] (Creative) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Ambfilt.sys -- (Ambfilt) DRV - [2009/09/25 14:54:08 | 000,046,856 | ---- | M] (Panda Security, S.L.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\wnmflt.sys -- (WNMFLT) DRV - [2009/09/25 14:54:06 | 000,159,112 | ---- | M] (Panda Security, S.L.) [TDI Layer] [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\NETFLTDI.SYS -- (NETFLTDI) DRV - [2009/09/25 14:54:04 | 000,022,024 | ---- | M] (Panda Security, S.L.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\fnetmon.sys -- (FNETMON) DRV - [2009/09/25 14:54:02 | 000,053,256 | ---- | M] (Panda Security, S.L.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\dsaflt.sys -- (DSAFLT) DRV - [2009/06/10 15:49:32 | 000,024,576 | ---- | M] (HTC, Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ANDROIDUSB.sys -- (HTCAND32) DRV - [2006/11/02 07:00:08 | 000,039,368 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\winusb.sys -- (WinUSB) DRV - [2002/04/08 10:57:40 | 000,899,700 | ---- | M] (Xirlink, Inc) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ucdnt.sys -- (XIRLINK) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=92.20.124.3:8080 [color=#E56717]========== FireFox ==========[/color] FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.3: C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.) FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.450: C:\Program Files\Real Alternative\browser\plugins\nppl3260.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.448: C:\Program Files\Real Alternative\browser\plugins\nprpjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.1: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/04/02 18:42:23 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/08/29 00:29:44 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Kanishka\Application Data\Mozilla\Extensions [2012/03/06 23:50:47 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Kanishka\Application Data\Mozilla\Firefox\Profiles\g8uzy6jg.default\extensions [2012/03/06 23:50:47 | 000,000,000 | ---D | M] ("ERail Plugin for Firefox") -- C:\Documents and Settings\Kanishka\Application Data\Mozilla\Firefox\Profiles\g8uzy6jg.default\extensions\firefoxplugin@erail [2012/04/02 18:42:28 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions [2011/09/29 13:31:26 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION [2012/04/02 18:42:22 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll [2012/02/26 12:46:02 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml [2012/02/26 12:46:02 | 000,002,040 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml O1 HOSTS File: ([2012/01/05 10:53:37 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O4 - HKLM..\Run: [APVXDWIN] C:\Program Files\Panda Security\Panda Internet Security 2012\APVXDWIN.EXE (Panda Security, S.L.) O4 - HKLM..\Run: [SCANINICIO] C:\Program Files\Panda Security\Panda Internet Security 2012\Inicio.exe (Panda Security, S.L.) O4 - HKLM..\Run: [USB Antivirus] C:\Program Files\USB Disk Security\USBGuard.exe (Zbshareware Lab) O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255 O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinstall-1_7_0_02-windows-i586.cab (Java Plug-in 1.7.0_02) O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Reg Error: Key error.) O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O16 - DPF: {CAFEEFAC-0017-0000-0002-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_02-windows-i586.cab (Java Plug-in 1.7.0_02) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.7.0_02) O16 - DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} http://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_intel_4.4.24.0.cab (SysInfo Class) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} https://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{62EE12C6-EC96-4C5D-AE83-AEFB62C4C290}: NameServer = 59.144.127.16,59.144.127.17 O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation) O20 - Winlogon\Notify\avldr: DllName - (avldr.dll) - C:\WINDOWS\System32\avldr.dll (On-Access Anti-Malware Scanner Sync) O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2011/08/28 19:54:17 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2012/04/05 11:01:27 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Kanishka\Recent [2012/04/03 22:28:25 | 000,000,000 | ---D | C] -- C:\Panda Software [2012/04/02 14:57:08 | 000,116,224 | ---- | C] (Xerox) -- C:\WINDOWS\System32\dllcache\xrxwiadr.dll [2012/04/02 14:57:05 | 000,023,040 | ---- | C] (Xerox Corporation) -- C:\WINDOWS\System32\dllcache\xrxwbtmp.dll [2012/04/02 14:56:30 | 000,099,865 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\xlog.exe [2012/04/02 14:56:26 | 000,016,970 | ---- | C] (US Robotics MCD (Megahertz)) -- C:\WINDOWS\System32\dllcache\xem336n5.sys [2012/04/02 14:56:04 | 000,154,624 | ---- | C] (Lucent Technologies) -- C:\WINDOWS\System32\dllcache\wlluc48.sys [2012/04/02 14:56:00 | 000,034,890 | ---- | C] (Raytheon Corp.) -- C:\WINDOWS\System32\dllcache\wlandrv2.sys [2012/04/02 14:55:51 | 000,771,581 | ---- | C] (Rockwell) -- C:\WINDOWS\System32\dllcache\winacisa.sys [2012/04/02 14:55:33 | 000,035,871 | ---- | C] (Winbond Electronics Corp.) -- C:\WINDOWS\System32\dllcache\wbfirdma.sys [2012/04/02 14:55:16 | 000,016,925 | ---- | C] (Winbond Electronics Corporation) -- C:\WINDOWS\System32\dllcache\w940nd.sys [2012/04/02 14:55:13 | 000,019,016 | ---- | C] (Winbond Electronics Corporation) -- C:\WINDOWS\System32\dllcache\w926nd.sys [2012/04/02 14:55:10 | 000,019,528 | ---- | C] (Winbond Electronics Corporation) -- C:\WINDOWS\System32\dllcache\w840nd.sys [2012/04/02 14:55:04 | 000,064,605 | ---- | C] (PCtel, Inc.) -- C:\WINDOWS\System32\dllcache\vvoice.sys [2012/04/02 14:55:00 | 000,397,502 | ---- | C] (PCtel, Inc.) -- C:\WINDOWS\System32\dllcache\vpctcom.sys [2012/04/02 14:54:56 | 000,604,253 | ---- | C] (PCTEL, INC.) -- C:\WINDOWS\System32\dllcache\vmodem.sys [2012/04/02 14:54:53 | 000,249,402 | ---- | C] (Xircom) -- C:\WINDOWS\System32\dllcache\vinwm.sys [2012/04/02 14:54:38 | 000,765,884 | ---- | C] (U.S. Robotics, Inc.) -- C:\WINDOWS\System32\dllcache\usrti.sys [2012/04/02 14:54:24 | 000,794,399 | ---- | C] (U.S. Robotics, Inc.) -- C:\WINDOWS\System32\dllcache\usr1806v.sys [2012/04/02 14:54:20 | 000,793,598 | ---- | C] (U.S. Robotics, Inc.) -- C:\WINDOWS\System32\dllcache\usr1806.sys [2012/04/02 14:54:17 | 000,794,654 | ---- | C] (U.S. Robotics, Inc.) -- C:\WINDOWS\System32\dllcache\usr1801.sys [2012/04/02 14:54:12 | 000,032,384 | ---- | C] (KLSI USA, Inc.) -- C:\WINDOWS\System32\dllcache\usb101et.sys [2012/04/02 14:53:53 | 000,050,688 | ---- | C] (UMAX DATA SYSTEMS INC.) -- C:\WINDOWS\System32\dllcache\umaxscan.dll [2012/04/02 14:53:40 | 000,211,968 | ---- | C] (UMAX Data Systems Inc.) -- C:\WINDOWS\System32\dllcache\um54scan.dll [2012/04/02 14:53:36 | 000,216,064 | ---- | C] (UMAX Data Systems Inc.) -- C:\WINDOWS\System32\dllcache\um34scan.dll [2012/04/02 14:53:23 | 000,166,784 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tridxpm.sys [2012/04/02 14:53:20 | 000,525,568 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tridxp.dll [2012/04/02 14:53:16 | 000,159,232 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tridkbm.sys [2012/04/02 14:53:13 | 000,440,576 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tridkb.dll [2012/04/02 14:53:10 | 000,222,336 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\trid3dm.sys [2012/04/02 14:53:07 | 000,315,520 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\trid3d.dll [2012/04/02 14:52:37 | 000,123,995 | ---- | C] (Tiger Jet Network) -- C:\WINDOWS\System32\dllcache\tjisdn.sys [2012/04/02 14:52:32 | 000,138,528 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tgiulnt5.sys [2012/04/02 14:52:29 | 000,081,408 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tgiul50.dll [2012/04/02 14:52:28 | 000,149,376 | ---- | C] (M-Systems) -- C:\WINDOWS\System32\dllcache\tffsport.sys [2012/04/02 14:52:24 | 000,017,129 | ---- | C] (TDK Corporation) -- C:\WINDOWS\System32\dllcache\tdkcd31.sys [2012/04/02 14:52:21 | 000,037,961 | ---- | C] (TDK Corporation) -- C:\WINDOWS\System32\dllcache\tdk100b.sys [2012/04/02 14:52:08 | 000,036,640 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\t2r4mini.sys [2012/04/02 14:52:05 | 000,172,768 | ---- | C] (Number Nine Visual Technology) -- C:\WINDOWS\System32\dllcache\t2r4disp.dll [2012/04/02 14:51:25 | 000,155,648 | ---- | C] (Stallion Technologies) -- C:\WINDOWS\System32\dllcache\stlnprop.dll [2012/04/02 14:51:22 | 000,053,248 | ---- | C] (Stallion Technologies) -- C:\WINDOWS\System32\dllcache\stlncoin.dll [2012/04/02 14:51:19 | 000,285,760 | ---- | C] (Stallion Technologies) -- C:\WINDOWS\System32\dllcache\stlnata.sys [2012/04/02 14:51:15 | 000,016,896 | ---- | C] (SCM Microsystems, Inc.) -- C:\WINDOWS\System32\dllcache\stcusb.sys [2012/04/02 14:51:09 | 000,048,736 | ---- | C] (3Com) -- C:\WINDOWS\System32\dllcache\srwlnd5.sys [2012/04/02 14:50:50 | 000,019,072 | ---- | C] (Adaptec, Inc.) -- C:\WINDOWS\System32\dllcache\sparrow.sys [2012/04/02 14:50:22 | 000,058,368 | ---- | C] (Silicon Motion Inc.) -- C:\WINDOWS\System32\dllcache\smiminib.sys [2012/04/02 14:50:19 | 000,147,200 | ---- | C] (Silicon Motion Inc.) -- C:\WINDOWS\System32\dllcache\smidispb.dll [2012/04/02 14:50:15 | 000,025,034 | ---- | C] (SMC Networks, Inc.) -- C:\WINDOWS\System32\dllcache\smcpwr2n.sys [2012/04/02 14:50:12 | 000,035,913 | ---- | C] (SMC) -- C:\WINDOWS\System32\dllcache\smcirda.sys [2012/04/02 14:50:09 | 000,024,576 | ---- | C] (SMC Networks, Inc.) -- C:\WINDOWS\System32\dllcache\smc8000n.sys [2012/04/02 14:49:44 | 000,063,547 | ---- | C] (Symbol Technologies) -- C:\WINDOWS\System32\dllcache\sla30nd5.sys [2012/04/02 14:49:41 | 000,091,294 | ---- | C] (SysKonnect, a business unit of Schneider & Koch & Co. Datensysteme GmbH.) -- C:\WINDOWS\System32\dllcache\skfpwin.sys [2012/04/02 14:49:38 | 000,094,698 | ---- | C] (SysKonnect GmbH.) -- C:\WINDOWS\System32\dllcache\sk98xwin.sys [2012/04/02 14:49:31 | 000,032,768 | ---- | C] (SiS Corporation) -- C:\WINDOWS\System32\dllcache\sisnic.sys [2012/04/02 14:49:04 | 000,161,568 | ---- | C] (Micro Systemation) -- C:\WINDOWS\System32\dllcache\sgsmusb.sys [2012/04/02 14:49:01 | 000,018,400 | ---- | C] (Micro Systemation) -- C:\WINDOWS\System32\dllcache\sgsmld.sys [2012/04/02 14:48:58 | 000,098,080 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\sgiulnt5.sys [2012/04/02 14:48:55 | 000,386,560 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\sgiul50.dll [2012/04/02 14:48:32 | 000,017,280 | ---- | C] (SCM Microsystems) -- C:\WINDOWS\System32\dllcache\scr111.sys [2012/04/02 14:48:26 | 000,023,936 | ---- | C] (OMNIKEY AG) -- C:\WINDOWS\System32\dllcache\sccmusbm.sys [2012/04/02 14:48:23 | 000,023,936 | ---- | C] (OMNIKEY AG) -- C:\WINDOWS\System32\dllcache\sccmn50m.sys [2012/04/02 14:48:09 | 000,077,824 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3sav4m.sys [2012/04/02 14:48:06 | 000,198,400 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3sav4.dll [2012/04/02 14:48:03 | 000,061,504 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3sav3dm.sys [2012/04/02 14:48:00 | 000,179,264 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3sav3d.dll [2012/04/02 14:47:57 | 000,210,496 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3mvirge.dll [2012/04/02 14:47:54 | 000,062,496 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3mtrio.dll [2012/04/02 14:47:52 | 000,041,216 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3mt3d.sys [2012/04/02 14:47:49 | 000,182,272 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3mt3d.dll [2012/04/02 14:47:46 | 000,166,720 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3m.sys [2012/04/02 14:47:39 | 000,082,432 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia450.dll [2012/04/02 14:47:36 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia430.dll [2012/04/02 14:47:34 | 000,029,696 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rw450ext.dll [2012/04/02 14:47:33 | 000,027,648 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rw430ext.dll [2012/04/02 14:47:21 | 000,009,216 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\rsmgrstr.dll [2012/04/02 14:47:15 | 000,079,104 | ---- | C] (Comtrol Corporation) -- C:\WINDOWS\System32\dllcache\rocket.sys [2012/04/02 14:47:12 | 000,037,563 | ---- | C] (RadioLAN) -- C:\WINDOWS\System32\dllcache\rlnet5.sys [2012/04/02 14:47:08 | 000,086,097 | ---- | C] (Xircom) -- C:\WINDOWS\System32\dllcache\reslog32.dll [2012/04/02 14:46:53 | 000,714,762 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\r2mdmkxx.sys [2012/04/02 14:46:50 | 000,899,146 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\r2mdkxga.sys [2012/04/02 14:46:22 | 000,130,942 | ---- | C] (PCTEL, INC.) -- C:\WINDOWS\System32\dllcache\ptserlv.sys [2012/04/02 14:46:19 | 000,112,574 | ---- | C] (PCTEL, INC.) -- C:\WINDOWS\System32\dllcache\ptserlp.sys [2012/04/02 14:46:16 | 000,128,286 | ---- | C] (PCTEL, INC.) -- C:\WINDOWS\System32\dllcache\ptserli.sys [2012/04/02 14:46:06 | 000,016,128 | ---- | C] (SCM Microsystems, Inc.) -- C:\WINDOWS\System32\dllcache\pscr.sys [2012/04/02 14:45:19 | 000,086,016 | ---- | C] (PCtel, Inc.) -- C:\WINDOWS\System32\dllcache\pctspk.exe [2012/04/02 14:45:08 | 000,026,153 | ---- | C] (Linksys) -- C:\WINDOWS\System32\dllcache\pcmlm56.sys [2012/04/02 14:45:07 | 000,029,502 | ---- | C] (Marconi Communications, Inc.) -- C:\WINDOWS\System32\dllcache\pca200e.sys [2012/04/02 14:45:04 | 000,030,495 | ---- | C] (Linksys) -- C:\WINDOWS\System32\dllcache\pc100nds.sys [2012/04/02 14:44:24 | 000,054,186 | ---- | C] (Ositech Communications, Inc.) -- C:\WINDOWS\System32\dllcache\otcsercb.sys [2012/04/02 14:44:21 | 000,043,689 | ---- | C] (Ositech Communications, Inc.) -- C:\WINDOWS\System32\dllcache\otceth5.sys [2012/04/02 14:44:19 | 000,027,209 | ---- | C] (Ositech Communications, Inc.) -- C:\WINDOWS\System32\dllcache\otc06x5.sys [2012/04/02 14:44:15 | 000,054,528 | ---- | C] (Yamaha Corp.) -- C:\WINDOWS\System32\dllcache\opl3sax.sys [2012/04/02 14:43:55 | 000,051,552 | ---- | C] (Kensington Technology Group) -- C:\WINDOWS\System32\dllcache\ntgrip.sys [2012/04/02 14:43:41 | 000,087,040 | ---- | C] (NeoMagic Corporation) -- C:\WINDOWS\System32\dllcache\nm6wdm.sys [2012/04/02 14:43:39 | 000,126,080 | ---- | C] (NeoMagic Corporation) -- C:\WINDOWS\System32\dllcache\nm5a2wdm.sys [2012/04/02 14:43:34 | 000,132,695 | ---- | C] (802.11b) -- C:\WINDOWS\System32\dllcache\netwlan5.sys [2012/04/02 14:43:24 | 000,039,264 | ---- | C] (NeoMagic Corporation) -- C:\WINDOWS\System32\dllcache\neo20xx.sys [2012/04/02 14:43:22 | 000,060,480 | ---- | C] (NeoMagic Corporation) -- C:\WINDOWS\System32\dllcache\neo20xx.dll [2012/04/02 14:43:14 | 000,091,488 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i3disp.dll [2012/04/02 14:43:11 | 000,027,936 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i3d.sys [2012/04/02 14:43:09 | 000,033,088 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i128v2.sys [2012/04/02 14:43:06 | 000,059,104 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i128v2.dll [2012/04/02 14:43:04 | 000,013,664 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i128.sys [2012/04/02 14:43:01 | 000,035,392 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i128.dll [2012/04/02 14:42:53 | 000,075,520 | ---- | C] (Moxa Technologies Co., Ltd.) -- C:\WINDOWS\System32\dllcache\mxport.sys [2012/04/02 14:42:50 | 000,007,168 | ---- | C] (Moxa Technologies Co., Ltd) -- C:\WINDOWS\System32\dllcache\mxport.dll [2012/04/02 14:42:48 | 000,019,968 | ---- | C] (Macronix International Co., Ltd. ) -- C:\WINDOWS\System32\dllcache\mxnic.sys [2012/04/02 14:42:45 | 000,019,968 | ---- | C] (Moxa Technologies Co., Ltd) -- C:\WINDOWS\System32\dllcache\mxicfg.dll [2012/04/02 14:42:42 | 000,021,888 | ---- | C] (Moxa Technologies Co., Ltd.) -- C:\WINDOWS\System32\dllcache\mxcard.sys [2012/04/02 14:41:53 | 000,017,280 | ---- | C] (American Megatrends Inc.) -- C:\WINDOWS\System32\dllcache\mraid35x.sys [2012/04/02 14:41:16 | 000,164,586 | ---- | C] (Madge Networks Ltd) -- C:\WINDOWS\System32\dllcache\mdgndis5.sys [2012/04/02 14:40:56 | 000,797,500 | ---- | C] (LT) -- C:\WINDOWS\System32\dllcache\ltsmt.sys [2012/04/02 14:40:54 | 000,802,683 | ---- | C] (Lucent Technologies) -- C:\WINDOWS\System32\dllcache\ltsm.sys [2012/04/02 14:40:53 | 000,420,992 | ---- | C] (LT) -- C:\WINDOWS\System32\dllcache\ltmdmntt.sys [2012/04/02 14:40:50 | 000,606,684 | ---- | C] (LT) -- C:\WINDOWS\System32\dllcache\ltmdmnt.sys [2012/04/02 14:40:50 | 000,576,746 | ---- | C] (LT) -- C:\WINDOWS\System32\dllcache\ltmdmntl.sys [2012/04/02 14:40:48 | 000,727,786 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\ltck000c.sys [2012/04/02 14:40:39 | 000,070,730 | ---- | C] (Linksys Group, Inc.) -- C:\WINDOWS\System32\dllcache\lne100tx.sys [2012/04/02 14:40:37 | 000,020,573 | ---- | C] (The Linksts Group ) -- C:\WINDOWS\System32\dllcache\lne100.sys [2012/04/02 14:40:35 | 000,025,065 | ---- | C] (D-Link) -- C:\WINDOWS\System32\dllcache\lmndis3.sys [2012/04/02 14:40:32 | 000,015,744 | ---- | C] (Litronic Industries) -- C:\WINDOWS\System32\dllcache\lit220p.sys [2012/04/02 14:40:28 | 000,026,442 | ---- | C] (SMSC) -- C:\WINDOWS\System32\dllcache\lanepic5.sys [2012/04/02 14:40:25 | 000,019,016 | ---- | C] (Kingston Technology Company ) -- C:\WINDOWS\System32\dllcache\ktc111.sys [2012/04/02 14:39:35 | 000,023,552 | ---- | C] (MKNet Corporation) -- C:\WINDOWS\System32\dllcache\irmk7.sys [2012/04/02 14:38:55 | 000,372,824 | ---- | C] (Xircom) -- C:\WINDOWS\System32\dllcache\iconf32.dll [2012/04/02 14:37:09 | 000,068,608 | ---- | C] (Avisioin) -- C:\WINDOWS\System32\dllcache\hpgt53tk.dll [2012/04/02 14:37:01 | 000,126,976 | ---- | C] (Hewlett Packard) -- C:\WINDOWS\System32\dllcache\hpgt34tk.dll [2012/04/02 14:36:32 | 000,028,288 | ---- | C] (Gemplus) -- C:\WINDOWS\System32\dllcache\grserial.sys [2012/04/02 14:36:30 | 000,082,304 | ---- | C] (Gemplus) -- C:\WINDOWS\System32\dllcache\grclass.sys [2012/04/02 14:36:28 | 000,017,408 | ---- | C] (Gemplus) -- C:\WINDOWS\System32\dllcache\gpr400.sys [2012/04/02 14:36:16 | 000,454,912 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fxusbase.sys [2012/04/02 14:36:05 | 000,455,296 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fusbbase.sys [2012/04/02 14:36:03 | 000,455,680 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fus2base.sys [2012/04/02 14:35:59 | 000,442,240 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fpnpbase.sys [2012/04/02 14:35:57 | 000,441,728 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fpcmbase.sys [2012/04/02 14:35:55 | 000,444,416 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fpcibase.sys [2012/04/02 14:35:54 | 000,034,173 | ---- | C] (Marconi Communications, Inc.) -- C:\WINDOWS\System32\dllcache\forehe.sys [2012/04/02 14:35:40 | 000,024,618 | ---- | C] (NETGEAR) -- C:\WINDOWS\System32\dllcache\fa410nd5.sys [2012/04/02 14:35:36 | 000,011,850 | ---- | C] (FUJITSU LIMITED) -- C:\WINDOWS\System32\dllcache\f3ab18xj.sys [2012/04/02 14:35:35 | 000,012,362 | ---- | C] (FUJITSU LIMITED) -- C:\WINDOWS\System32\dllcache\f3ab18xi.sys [2012/04/02 14:34:14 | 000,334,208 | ---- | C] (Yamaha Corp.) -- C:\WINDOWS\System32\dllcache\ds1wdm.sys [2012/04/02 14:34:08 | 000,028,062 | ---- | C] (National Semiconductor Coproration) -- C:\WINDOWS\System32\dllcache\dp83820.sys [2012/04/02 14:33:59 | 000,029,696 | ---- | C] (CNet Technology, Inc. ) -- C:\WINDOWS\System32\dllcache\dm9pci5.sys [2012/04/02 14:33:57 | 000,026,698 | ---- | C] (D-Link Corporation) -- C:\WINDOWS\System32\dllcache\dlh5xnd5.sys [2012/04/02 14:33:56 | 000,952,007 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\diwan.sys [2012/04/02 14:33:52 | 000,236,060 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\ditrace.exe [2012/04/02 14:33:51 | 000,038,985 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\disrvsu.dll [2012/04/02 14:33:50 | 000,031,305 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\disrvpp.dll [2012/04/02 14:33:49 | 000,006,729 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\disrvci.dll [2012/04/02 14:33:46 | 000,091,305 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\dimaint.sys [2012/04/02 14:33:28 | 000,024,649 | ---- | C] (D-Link) -- C:\WINDOWS\System32\dllcache\dfe650d.sys [2012/04/02 14:33:27 | 000,024,648 | ---- | C] (D-Link) -- C:\WINDOWS\System32\dllcache\dfe650.sys [2012/04/02 14:33:23 | 000,020,928 | ---- | C] (Digital Networks, LLC) -- C:\WINDOWS\System32\dllcache\defpa.sys [2012/04/02 14:33:02 | 000,048,640 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwrwdm.sys [2012/04/02 14:33:01 | 000,093,952 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwcwdm.sys [2012/04/02 14:33:00 | 000,111,872 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwcspud.sys [2012/04/02 14:32:59 | 000,003,584 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwcosnt5.sys [2012/04/02 14:32:58 | 000,072,832 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwbwdm.sys [2012/04/02 14:32:57 | 000,003,072 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwbmidi.sys [2012/04/02 14:32:56 | 000,003,072 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwbase.sys [2012/04/02 14:32:54 | 000,249,856 | ---- | C] (Comtrol® Corporation) -- C:\WINDOWS\System32\dllcache\ctmasetp.dll [2012/04/02 14:32:47 | 000,216,064 | ---- | C] (COMPAQ Inc.) -- C:\WINDOWS\System32\dllcache\cpscan.dll [2012/04/02 14:32:33 | 000,020,736 | ---- | C] (OMNIKEY AG) -- C:\WINDOWS\System32\dllcache\cmbp0wdm.sys [2012/04/02 14:32:26 | 000,980,034 | ---- | C] (Xircom) -- C:\WINDOWS\System32\dllcache\cicap.sys [2012/04/02 14:32:18 | 000,049,182 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cem56n5.sys [2012/04/02 14:32:17 | 000,022,044 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cem33n5.sys [2012/04/02 14:32:17 | 000,022,044 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cem28n5.sys [2012/04/02 14:32:16 | 000,027,164 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\ce3n5.sys [2012/04/02 14:32:16 | 000,021,530 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\ce2n5.sys [2012/04/02 14:32:13 | 000,714,698 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cbmdmkxx.sys [2012/04/02 14:32:12 | 000,046,108 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cben5.sys [2012/04/02 14:32:12 | 000,039,680 | ---- | C] (Silicom Ltd.) -- C:\WINDOWS\System32\dllcache\cb325.sys [2012/04/02 14:32:11 | 000,037,916 | ---- | C] (Fast Ethernet Controller Provider) -- C:\WINDOWS\System32\dllcache\cb102.sys [2012/04/02 14:32:10 | 000,032,256 | ---- | C] (Eicon Technology Corporation) -- C:\WINDOWS\System32\dllcache\diapi2NT.dll [2012/04/02 14:32:09 | 000,164,923 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\diapi2.sys [2012/04/02 14:31:37 | 000,031,529 | ---- | C] (BreezeCOM) -- C:\WINDOWS\System32\dllcache\brzwlan.sys [2012/04/02 14:31:37 | 000,010,368 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brusbscn.sys [2012/04/02 14:31:36 | 000,060,416 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brserwdm.sys [2012/04/02 14:31:36 | 000,011,008 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brusbmdm.sys [2012/04/02 14:31:35 | 000,009,728 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brserif.dll [2012/04/02 14:31:35 | 000,005,120 | ---- | C] (Brother Industries,Ltd.) -- C:\WINDOWS\System32\dllcache\brscnrsm.dll [2012/04/02 14:31:34 | 000,039,552 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brparwdm.sys [2012/04/02 14:31:33 | 000,003,168 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brparimg.sys [2012/04/02 14:31:32 | 000,041,472 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brmfusb.dll [2012/04/02 14:31:31 | 000,032,256 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brmfrsmg.exe [2012/04/02 14:31:31 | 000,029,696 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brmflpt.dll [2012/04/02 14:31:30 | 000,015,360 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brmfbidi.dll [2012/04/02 14:31:29 | 000,012,160 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brfiltlo.sys [2012/04/02 14:31:29 | 000,003,968 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brfiltup.sys [2012/04/02 14:31:28 | 000,012,800 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brevif.dll [2012/04/02 14:31:28 | 000,002,944 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brfilt.sys [2012/04/02 14:31:27 | 000,019,456 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brbidiif.dll [2012/04/02 14:31:27 | 000,009,728 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brcoinst.dll [2012/04/02 14:31:23 | 000,871,388 | ---- | C] (BCM) -- C:\WINDOWS\System32\dllcache\bcmdm.sys [2012/04/02 14:31:20 | 000,342,336 | ---- | C] (3Dfx Interactive, Inc.) -- C:\WINDOWS\System32\dllcache\banshee.dll [2012/04/02 14:31:20 | 000,036,128 | ---- | C] (3Dfx Interactive, Inc.) -- C:\WINDOWS\System32\dllcache\banshee.sys [2012/04/02 14:31:19 | 000,089,952 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\b1cbase.sys [2012/04/02 14:31:19 | 000,036,992 | ---- | C] (Aztech Systems Ltd) -- C:\WINDOWS\System32\dllcache\aztw2320.sys [2012/04/02 14:31:18 | 000,037,568 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\avmwan.sys [2012/04/02 14:31:17 | 000,144,384 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\avmenum.dll [2012/04/02 14:31:17 | 000,087,552 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\avmcoxp.dll [2012/04/02 14:28:59 | 000,097,354 | ---- | C] (Bay Networks, Inc.) -- C:\WINDOWS\System32\dllcache\aspndis3.sys [2012/04/02 14:28:53 | 000,016,969 | ---- | C] (AmbiCom, Inc.) -- C:\WINDOWS\System32\dllcache\amb8002.sys [2012/04/02 14:28:38 | 000,046,112 | ---- | C] (Adaptec, Inc ) -- C:\WINDOWS\System32\dllcache\adptsf50.sys [2012/04/02 14:28:37 | 000,010,880 | ---- | C] (Aureal, Inc.) -- C:\WINDOWS\System32\dllcache\admjoy.sys [2012/04/02 14:28:36 | 000,747,392 | ---- | C] (Aureal, Inc.) -- C:\WINDOWS\System32\dllcache\adm8830.sys [2012/04/02 14:28:35 | 000,584,448 | ---- | C] (Aureal, Inc.) -- C:\WINDOWS\System32\dllcache\adm8810.sys [2012/04/02 14:28:35 | 000,553,984 | ---- | C] (Aureal, Inc.) -- C:\WINDOWS\System32\dllcache\adm8820.sys [2012/04/02 14:28:33 | 000,061,440 | ---- | C] (Color Flatbed Scanner) -- C:\WINDOWS\System32\dllcache\acerscad.dll [2012/04/02 14:28:30 | 000,462,848 | ---- | C] (Aureal Inc.) -- C:\WINDOWS\System32\dllcache\a3dapi.dll [2012/04/02 14:28:30 | 000,098,304 | ---- | C] (Aureal Semiconductor) -- C:\WINDOWS\System32\dllcache\a3d.dll [2012/04/02 14:28:28 | 000,148,352 | ---- | C] (3dfx Interactive, Inc.) -- C:\WINDOWS\System32\dllcache\3dfxvsm.sys [2012/04/02 14:28:27 | 000,762,780 | ---- | C] (3Com, Inc.) -- C:\WINDOWS\System32\dllcache\3cwmcru.sys [2012/04/02 14:28:27 | 000,689,216 | ---- | C] (3dfx Interactive, Inc.) -- C:\WINDOWS\System32\dllcache\3dfxvs.dll [2012/04/01 09:43:29 | 000,000,000 | -H-D | C] -- C:\WINDOWS\ie8 [2012/03/30 22:44:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\AVG PC Tuneup 2011 [2012/03/30 21:08:39 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\All Users\Application Data\{32364CEA-7855-4A3C-B674-53D8E9B97936} [2012/03/30 19:59:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kanishka\Local Settings\Application Data\Panda Security [2012/03/30 19:57:45 | 000,193,864 | ---- | C] (Panda Security, S.L.) -- C:\WINDOWS\System32\drivers\idsflt.sys [2012/03/30 19:57:45 | 000,053,256 | ---- | C] (Panda Security, S.L.) -- C:\WINDOWS\System32\drivers\dsaflt.sys [2012/03/30 19:57:45 | 000,046,856 | ---- | C] (Panda Security, S.L.) -- C:\WINDOWS\System32\drivers\wnmflt.sys [2012/03/30 19:57:37 | 000,159,112 | ---- | C] (Panda Security, S.L.) -- C:\WINDOWS\System32\drivers\NETFLTDI.SYS [2012/03/30 19:57:37 | 000,083,528 | ---- | C] (Panda Security, S.L.) -- C:\WINDOWS\System32\drivers\APPFLT.SYS [2012/03/30 19:57:37 | 000,022,024 | ---- | C] (Panda Security, S.L.) -- C:\WINDOWS\System32\drivers\fnetmon.sys [2012/03/30 19:57:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Backup [2012/03/30 19:57:33 | 000,026,696 | ---- | C] (Panda Security, S.L.) -- C:\WINDOWS\System32\drivers\pavboot.sys [2012/03/30 19:57:19 | 000,054,832 | ---- | C] (Panda Software) -- C:\WINDOWS\System32\pavcpl.cpl [2012/03/30 19:57:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Panda Internet Security 2012 [2012/03/30 19:57:09 | 000,446,464 | ---- | C] (eHelp Corporation.) -- C:\WINDOWS\System32\HHActiveX.dll [2012/03/30 19:57:04 | 000,520,000 | ---- | C] (Panda Security, S.L.) -- C:\WINDOWS\System32\PavSHook.dll [2012/03/30 19:57:04 | 000,193,344 | ---- | C] (Panda Security, S.L.) -- C:\WINDOWS\System32\TpUtil.dll [2012/03/30 19:57:04 | 000,107,568 | ---- | C] (Panda Software) -- C:\WINDOWS\System32\SYSTOOLS.DLL [2012/03/30 19:57:04 | 000,087,360 | ---- | C] (Panda Security, S.L.) -- C:\WINDOWS\System32\PavLspHook.dll [2012/03/30 19:57:04 | 000,055,616 | ---- | C] (Panda Security, S.L.) -- C:\WINDOWS\System32\pavipc.dll [2012/03/30 19:57:02 | 000,201,032 | ---- | C] (Panda Security, S.L.) -- C:\WINDOWS\System32\drivers\neti1644.sys [2012/03/30 19:57:01 | 000,059,080 | ---- | C] (Panda Security, S.L.) -- C:\WINDOWS\System32\drivers\amm8651.sys [2012/03/30 19:57:01 | 000,055,552 | ---- | C] (On-Access Anti-Malware Scanner Sync) -- C:\WINDOWS\System32\avldr.dll [2012/03/30 19:57:01 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\PAV [2012/03/30 19:57:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kanishka\Application Data\Panda Security [2012/03/30 19:57:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Panda Security [2012/03/30 19:57:00 | 000,000,000 | ---D | C] -- C:\Program Files\Panda Security [2012/03/30 19:56:34 | 000,163,848 | ---- | C] (Panda Security, S.L.) -- C:\WINDOWS\System32\drivers\PavProc.sys [2012/03/30 19:56:34 | 000,037,448 | ---- | C] (Panda Security, S.L.) -- C:\WINDOWS\System32\drivers\ShlDrv51.sys [2012/03/30 19:56:34 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Panda Security [2012/03/30 19:39:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\TEMP [2012/03/30 19:26:42 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch [2012/03/30 19:17:00 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia330.dll [2012/03/30 19:16:59 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia001.dll [2012/03/30 19:16:59 | 000,029,184 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rw330ext.dll [2012/03/30 19:15:22 | 000,054,528 | ---- | C] (Philips Semiconductors GmbH) -- C:\WINDOWS\System32\dllcache\cap7146.sys [2012/03/30 18:37:51 | 000,000,000 | -HSD | C] -- C:\RECYCLER [2012/03/30 18:37:16 | 000,000,000 | --SD | C] -- C:\ComboFix [2012/03/30 18:35:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\temp [2012/03/30 14:43:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kanishka\Application Data\TuneUp Software [2012/03/30 14:42:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\TuneUp Software [2012/03/29 14:12:00 | 000,000,000 | ---D | C] -- C:\WINDOWS\ie8(2) [2012/03/25 11:24:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Kingsoft [2012/03/25 11:23:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kanishka\Application Data\Kingsoft [2012/03/22 21:20:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\VideoLAN [2012/03/20 21:33:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kanishka\Application Data\TrustPort [2012/03/19 21:25:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\SmartCapture [2012/03/19 21:25:07 | 000,000,000 | ---D | C] -- C:\Program Files\SmartCapture [2012/03/19 00:50:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\Transcend JetFlash Recovery Tool [2012/03/18 10:50:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Windows PowerShell 1.0 [2012/03/17 23:50:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kanishka\Start Menu\Programs\Google Chrome [2012/03/17 23:31:44 | 000,005,632 | ---- | C] (Sysinternals) -- C:\WINDOWS\System32\drivers\myfault.sys [2012/03/17 19:25:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AVG2012 [2012/03/17 19:11:15 | 000,000,000 | ---D | C] -- C:\SETUP [2012/03/16 21:31:37 | 000,000,000 | ---D | C] -- C:\Program Files\DIFX [2012/03/16 21:05:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\SxsCaPendDel [2012/03/16 09:55:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kanishka\Application Data\AVG2012 [2012/03/15 14:58:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kanishka\Application Data\Tific [2012/03/15 14:58:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kanishka\Local Settings\Application Data\tific [2012/03/13 14:09:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\USB Disk Security [2012/03/13 10:31:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kanishka\Application Data\AVG [2012/03/13 10:20:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\AVG 2012 [2012/03/13 10:17:56 | 000,000,000 | ---D | C] -- C:\Program Files\AVG [2012/03/13 09:59:59 | 000,000,000 | ---D | C] -- C:\$AVG [2012/03/13 09:54:37 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Application Data\Common Files [2012/03/12 15:10:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage [2012/03/12 14:12:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware [2012/03/12 14:12:13 | 000,020,464 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys [2012/03/12 10:02:32 | 000,024,408 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswKbd.sys [2012/03/12 10:00:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AVAST Software [2012/03/11 23:06:05 | 000,000,000 | ---D | C] -- C:\WINDOWS\RegInOut System Utilities [2012/03/11 19:56:30 | 000,000,000 | ---D | C] -- C:\Program Files\DellTPad [2012/03/11 15:04:21 | 000,000,000 | ---D | C] -- C:\Config.Msi [2012/03/11 15:02:11 | 000,000,000 | ---D | C] -- C:\Program Files\WhoCrashed [2012/03/10 19:43:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\F-Secure [2012/03/10 19:41:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\fssg [2012/03/08 19:08:01 | 000,000,000 | ---D | C] -- C:\temp [2012/03/08 18:57:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kanishka\Local Settings\Application Data\Trend Micro [2012/03/08 18:41:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kanishka\Local Settings\Application Data\K7 Computing [2011/08/29 11:21:31 | 000,099,840 | ---- | C] ( ) -- C:\WINDOWS\System32\Zipdll.dll [2011/08/29 11:21:31 | 000,094,208 | ---- | C] ( ) -- C:\WINDOWS\System32\Unzdll.dll [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2012/04/05 12:09:14 | 000,303,044 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\DsaFlt.rls.bck [2012/04/05 12:09:14 | 000,303,044 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\DsaFlt.rls [2012/04/05 12:09:14 | 000,001,132 | ---- | M] () -- C:\WINDOWS\System32\drivers\APPFLTR.CFG.bck [2012/04/05 12:09:14 | 000,001,132 | ---- | M] () -- C:\WINDOWS\System32\drivers\APPFLTR.CFG [2012/04/05 12:09:14 | 000,000,252 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\IdsFlt.cfg.bck [2012/04/05 12:09:14 | 000,000,252 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\IdsFlt.cfg [2012/04/05 12:09:14 | 000,000,068 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\NetLoc.wlt [2012/04/05 12:09:14 | 000,000,068 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\NetFlt.cfg.bck [2012/04/05 12:09:14 | 000,000,068 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\NetFlt.cfg [2012/04/05 12:09:14 | 000,000,056 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\WnmFlt.cfg.bck [2012/04/05 12:09:14 | 000,000,056 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\WnmFlt.cfg [2012/04/05 12:09:14 | 000,000,056 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\DsaFlt.cfg.bck [2012/04/05 12:09:14 | 000,000,056 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\DsaFlt.cfg [2012/04/05 12:07:15 | 000,000,072 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\NetAR.wlt.bck [2012/04/05 12:07:15 | 000,000,072 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\NetAR.wlt [2012/04/05 12:06:16 | 000,000,088 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\NetAdapt.cfg.bck [2012/04/05 12:06:16 | 000,000,088 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\NetAdapt.cfg [2012/04/05 12:05:16 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2012/04/05 10:30:07 | 000,000,068 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\NetLoc.wlt.bck [2012/04/05 09:54:38 | 000,000,208 | ---- | M] () -- C:\WINDOWS\POD.INI [2012/04/04 20:36:25 | 000,177,664 | ---- | M] () -- C:\Documents and Settings\Kanishka\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2012/04/04 19:51:29 | 000,136,812 | ---- | M] () -- C:\Documents and Settings\Kanishka\Desktop\1.36172785-20120401.pdf [2012/04/04 17:30:58 | 000,008,627 | ---- | M] () -- C:\WINDOWS\System32\PAV_FOG.OPC [2012/04/04 14:31:19 | 000,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb [2012/04/04 14:31:19 | 000,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb [2012/04/04 12:32:35 | 000,249,792 | ---- | M] () -- C:\WINDOWS\System32\drivers\APPFCONT.DAT.bck [2012/04/04 12:32:35 | 000,249,792 | ---- | M] () -- C:\WINDOWS\System32\drivers\APPFCONT.DAT [2012/04/04 12:29:11 | 000,500,970 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2012/04/04 12:29:10 | 000,087,652 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2012/04/04 12:28:48 | 000,000,800 | ---- | M] () -- C:\Documents and Settings\Kanishka\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk [2012/04/04 12:28:13 | 000,001,355 | ---- | M] () -- C:\WINDOWS\imsins.BAK [2012/04/04 12:25:43 | 000,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx [2012/04/04 11:13:29 | 000,401,528 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2012/04/03 21:25:46 | 000,171,516 | ---- | M] () -- C:\Documents and Settings\Kanishka\Desktop\Vedic_Time.jpg [2012/04/01 01:10:32 | 000,002,228 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2012/03/31 15:14:43 | 000,000,211 | -HS- | M] () -- C:\boot.ini [2012/03/30 19:57:52 | 000,001,784 | ---- | M] () -- C:\Documents and Settings\Kanishka\Application Data\Microsoft\Internet Explorer\Quick Launch\Panda Internet Security 2012.lnk [2012/03/30 19:57:52 | 000,000,262 | ---- | M] () -- C:\WINDOWS\System32\PavCPL.dat [2012/03/30 19:57:34 | 000,002,125 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Install remote access.lnk [2012/03/30 19:28:19 | 000,000,588 | RHS- | M] () -- C:\Documents and Settings\All Users\ntuser.pol [2012/03/30 19:19:27 | 000,000,288 | ---- | M] () -- C:\WINDOWS\System32\$winnt$.inf [2012/03/30 19:14:21 | 000,004,161 | ---- | M] () -- C:\WINDOWS\ODBCINST.INI [2012/03/30 19:12:03 | 000,022,764 | ---- | M] () -- C:\WINDOWS\System32\emptyregdb.dat [2012/03/30 19:10:13 | 000,004,444 | ---- | M] () -- C:\WINDOWS\System32\pid.PNF [2012/03/30 18:43:24 | 000,183,733 | ---- | M] () -- C:\WINDOWS\setupapi.old [2012/03/30 08:31:32 | 000,126,082 | ---- | M] () -- C:\Documents and Settings\Kanishka\Desktop\IRCTC Ltd,Booked Ticket Printing.pdf [2012/03/29 10:40:40 | 000,115,781 | ---- | M] () -- C:\Documents and Settings\Kanishka\My Documents\new driving license narendra.JPG [2012/03/29 09:14:30 | 000,281,029 | ---- | M] () -- C:\Documents and Settings\Kanishka\My Documents\Citibank’s EPay mar-12.pdf [2012/03/23 15:25:14 | 000,073,422 | ---- | M] () -- C:\Documents and Settings\Kanishka\Desktop\rajkot ahd.pdf [2012/03/22 01:19:09 | 011,361,612 | ---- | M] () -- C:\Documents and Settings\Kanishka\Desktop\Molecular_Orbitals_and_Organic_Chemical_Reactions_-_Student_Edition.pdf [2012/03/21 21:19:15 | 006,198,064 | ---- | M] () -- C:\Documents and Settings\Kanishka\Desktop\indica-vista-diesel-petrol.pdf [2012/03/20 09:21:42 | 000,002,309 | ---- | M] () -- C:\Documents and Settings\Kanishka\Desktop\Google Chrome.lnk [2012/03/18 18:29:37 | 000,431,384 | ---- | M] () -- C:\Documents and Settings\Kanishka\Desktop\Auto Fare.pdf [2012/03/17 23:51:05 | 000,002,287 | ---- | M] () -- C:\Documents and Settings\Kanishka\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk [2012/03/15 14:04:40 | 000,002,577 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT [2012/03/13 16:19:56 | 000,000,837 | ---- | M] () -- C:\Documents and Settings\Kanishka\Desktop\IEXPLORE.lnk [2012/03/12 15:17:58 | 000,001,919 | ---- | M] () -- C:\WINDOWS\epplauncher.mif [2012/03/12 14:12:22 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk [color=#E56717]========== Files Created - No Company Name ==========[/color] [2012/04/04 19:51:28 | 000,136,812 | ---- | C] () -- C:\Documents and Settings\Kanishka\Desktop\1.36172785-20120401.pdf [2012/04/04 14:30:52 | 000,002,528 | ---- | C] () -- C:\Documents and Settings\LocalService\Application Data\$_hpcst$.hpc [2012/04/03 21:21:11 | 000,171,516 | ---- | C] () -- C:\Documents and Settings\Kanishka\Desktop\Vedic_Time.jpg [2012/04/02 14:57:05 | 000,018,944 | ---- | C] () -- C:\WINDOWS\System32\dllcache\xrxscnui.dll [2012/04/02 14:57:01 | 000,027,648 | ---- | C] () -- C:\WINDOWS\System32\dllcache\xrxftplt.exe [2012/04/02 14:46:12 | 000,033,280 | ---- | C] () -- C:\WINDOWS\System32\dllcache\psisrndr.ax [2012/04/02 14:46:08 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\dllcache\psisdecd.dll [2012/04/02 14:42:01 | 000,056,832 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msdvbnp.ax [2012/04/02 14:37:07 | 000,165,888 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt53.dll [2012/04/02 14:37:03 | 000,093,696 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt42.dll [2012/04/02 14:36:59 | 000,101,376 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt34.dll [2012/04/02 14:36:55 | 000,089,088 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt33.dll [2012/04/02 14:36:50 | 000,083,968 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt21.dll [2012/04/02 14:33:55 | 000,029,768 | ---- | C] () -- C:\WINDOWS\System32\dllcache\divasu.dll [2012/04/02 14:33:54 | 000,037,962 | ---- | C] () -- C:\WINDOWS\System32\dllcache\divaprop.dll [2012/04/02 14:33:53 | 000,006,216 | ---- | C] () -- C:\WINDOWS\System32\dllcache\divaci.dll [2012/04/02 14:31:03 | 000,023,552 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atixbar.sys [2012/04/02 14:31:02 | 000,026,624 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ativxbar.sys [2012/04/02 14:31:01 | 000,019,456 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ativttxx.sys [2012/04/02 14:30:59 | 000,009,472 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ativmdcd.sys [2012/04/02 14:30:58 | 000,017,152 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atitvsnd.sys [2012/04/02 14:30:57 | 000,049,920 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atirtcap.sys [2012/04/02 14:30:57 | 000,026,880 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atirtsnd.sys [2012/04/02 14:30:57 | 000,017,152 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atitunep.sys [2012/04/02 14:29:20 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atipcxxx.sys [2012/04/02 14:29:10 | 000,046,464 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atibt829.sys [2012/03/30 20:13:30 | 000,008,627 | ---- | C] () -- C:\WINDOWS\System32\PAV_FOG.OPC [2012/03/30 19:57:52 | 000,001,784 | ---- | C] () -- C:\Documents and Settings\Kanishka\Application Data\Microsoft\Internet Explorer\Quick Launch\Panda Internet Security 2012.lnk [2012/03/30 19:57:52 | 000,000,262 | ---- | C] () -- C:\WINDOWS\System32\PavCPL.dat [2012/03/30 19:57:49 | 000,249,792 | ---- | C] () -- C:\WINDOWS\System32\drivers\APPFCONT.DAT.bck [2012/03/30 19:57:49 | 000,249,792 | ---- | C] () -- C:\WINDOWS\System32\drivers\APPFCONT.DAT [2012/03/30 19:57:49 | 000,001,132 | ---- | C] () -- C:\WINDOWS\System32\drivers\APPFLTR.CFG.bck [2012/03/30 19:57:49 | 000,001,132 | ---- | C] () -- C:\WINDOWS\System32\drivers\APPFLTR.CFG [2012/03/30 19:57:34 | 000,002,125 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Install remote access.lnk [2012/03/30 19:16:50 | 000,175,104 | ---- | C] () -- C:\WINDOWS\System32\dllcache\pintlcsa.dll [2012/03/30 19:16:22 | 001,158,818 | ---- | C] () -- C:\WINDOWS\System32\dllcache\korwbrkr.lex [2012/03/30 19:16:11 | 000,059,392 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imscinst.exe [2012/03/30 19:16:10 | 000,196,665 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imjpinst.exe [2012/03/30 19:16:07 | 000,134,339 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imekr.lex [2012/03/30 19:15:56 | 013,463,552 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hwxjpn.dll [2012/03/30 19:15:50 | 000,108,827 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hanja.lex [2012/03/30 19:15:44 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\dllcache\fpencode.dll [2012/03/30 19:15:25 | 000,173,568 | ---- | C] () -- C:\WINDOWS\System32\dllcache\chtskf.dll [2012/03/30 19:02:43 | 000,144,484 | ---- | C] () -- C:\WINDOWS\System32\dllcache\netfx.cat [2012/03/30 19:02:43 | 000,112,918 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tabletpc.cat [2012/03/30 19:02:43 | 000,037,484 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MW770.CAT [2012/03/30 19:02:43 | 000,034,747 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mediactr.cat [2012/03/30 19:02:43 | 000,034,063 | ---- | C] () -- C:\WINDOWS\System32\dllcache\FP4.CAT [2012/03/30 19:02:43 | 000,026,991 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msn7.cat [2012/03/30 19:02:43 | 000,016,535 | ---- | C] () -- C:\WINDOWS\System32\dllcache\IMS.CAT [2012/03/30 19:02:43 | 000,014,433 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msn9.cat [2012/03/30 19:02:43 | 000,013,472 | ---- | C] () -- C:\WINDOWS\System32\dllcache\HPCRDP.CAT [2012/03/30 19:02:43 | 000,012,363 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MSMSGS.CAT [2012/03/30 19:02:43 | 000,010,027 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MSTSWEB.CAT [2012/03/30 19:02:43 | 000,008,574 | ---- | C] () -- C:\WINDOWS\System32\dllcache\IASNT4.CAT [2012/03/30 19:02:43 | 000,007,382 | ---- | C] () -- C:\WINDOWS\System32\dllcache\OEMBIOS.CAT [2012/03/30 19:02:42 | 002,144,487 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5.CAT [2012/03/30 19:02:42 | 001,296,669 | ---- | C] () -- C:\WINDOWS\System32\dllcache\SP3.CAT [2012/03/30 19:02:42 | 000,797,189 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5IIS.CAT [2012/03/30 19:02:42 | 000,522,220 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5INF.CAT [2012/03/30 19:02:42 | 000,399,645 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MAPIMIG.CAT [2012/03/30 08:31:32 | 000,126,082 | ---- | C] () -- C:\Documents and Settings\Kanishka\Desktop\IRCTC Ltd,Booked Ticket Printing.pdf [2012/03/29 10:40:38 | 000,115,781 | ---- | C] () -- C:\Documents and Settings\Kanishka\My Documents\new driving license narendra.JPG [2012/03/29 09:14:30 | 000,281,029 | ---- | C] () -- C:\Documents and Settings\Kanishka\My Documents\Citibank’s EPay mar-12.pdf [2012/03/28 12:07:33 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll [2012/03/23 15:25:12 | 000,073,422 | ---- | C] () -- C:\Documents and Settings\Kanishka\Desktop\rajkot ahd.pdf [2012/03/22 01:18:08 | 011,361,612 | ---- | C] () -- C:\Documents and Settings\Kanishka\Desktop\Molecular_Orbitals_and_Organic_Chemical_Reactions_-_Student_Edition.pdf [2012/03/21 21:18:32 | 006,198,064 | ---- | C] () -- C:\Documents and Settings\Kanishka\Desktop\indica-vista-diesel-petrol.pdf [2012/03/18 18:29:36 | 000,431,384 | ---- | C] () -- C:\Documents and Settings\Kanishka\Desktop\Auto Fare.pdf [2012/03/17 23:51:05 | 000,002,287 | ---- | C] () -- C:\Documents and Settings\Kanishka\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk [2012/03/17 23:51:03 | 000,002,309 | ---- | C] () -- C:\Documents and Settings\Kanishka\Desktop\Google Chrome.lnk [2012/03/16 21:28:24 | 000,021,736 | ---- | C] () -- C:\WINDOWS\System32\drivers\RTAIODAT.DAT [2012/03/13 16:18:50 | 000,000,837 | ---- | C] () -- C:\Documents and Settings\Kanishka\Desktop\IEXPLORE.lnk [2012/03/12 15:11:25 | 000,001,919 | ---- | C] () -- C:\WINDOWS\epplauncher.mif [2012/03/12 14:12:22 | 000,000,784 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk [2012/03/05 16:02:15 | 000,017,408 | ---- | C] () -- C:\Documents and Settings\Kanishka\Local Settings\Application Data\WebpageIcons.db [2012/02/19 12:52:18 | 000,505,636 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-S-1-5-21-746137067-162531612-725345543-1003-0.dat [2012/02/19 12:52:18 | 000,405,386 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat [2011/12/26 15:12:14 | 000,097,040 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat [2011/12/22 15:44:44 | 000,000,003 | ---- | C] () -- C:\WINDOWS\System32\mnprxp1.bin [2011/12/15 22:48:39 | 000,000,848 | -HS- | C] () -- C:\WINDOWS\System32\KGyGaAvL.sys [2011/12/12 20:05:55 | 000,110,602 | ---- | C] () -- C:\WINDOWS\System32\xcdsfx32.bin [2011/12/05 16:19:34 | 000,023,624 | ---- | C] () -- C:\WINDOWS\System32\drivers\hitmanpro35.sys [2011/12/01 10:29:59 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\lame_enc.dll [2011/11/28 15:40:21 | 000,000,088 | RHS- | C] () -- C:\Documents and Settings\All Users\Application Data\0860460B11.sys [2011/11/27 11:22:09 | 000,002,528 | ---- | C] () -- C:\Documents and Settings\Kanishka\Application Data\$_hpcst$.hpc [2011/10/29 10:50:53 | 000,009,899 | ---- | C] () -- C:\Documents and Settings\Kanishka\Application Data\PassportPhotoStudio [2011/10/06 16:47:21 | 001,011,240 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat [2011/09/21 15:15:10 | 000,003,118 | ---- | C] () -- C:\Documents and Settings\Kanishka\Application Data\default.rss [2011/09/21 15:13:43 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini [2011/09/13 20:32:08 | 000,034,308 | ---- | C] () -- C:\WINDOWS\System32\bassmod.dll [2011/09/13 20:15:48 | 000,000,450 | ---- | C] () -- C:\WINDOWS\crackpdf.INI [2011/09/13 12:11:28 | 000,073,728 | ---- | C] () -- C:\WINDOWS\System32\RtNicProp32.dll [2011/08/31 10:25:19 | 000,000,208 | ---- | C] () -- C:\WINDOWS\POD.INI [2011/08/31 10:25:07 | 000,000,000 | ---- | C] () -- C:\WINDOWS\PROTOCOL.INI [2011/08/30 16:43:21 | 000,004,767 | ---- | C] () -- C:\WINDOWS\Irremote.ini [2011/08/30 12:27:13 | 000,129,024 | ---- | C] () -- C:\WINDOWS\System32\AVERM.dll [2011/08/30 12:27:12 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\AVEQT.dll [2011/08/30 08:53:37 | 000,000,083 | ---- | C] () -- C:\WINDOWS\winDecrypt.INI [2011/08/29 11:21:31 | 000,230,912 | ---- | C] () -- C:\WINDOWS\System32\Zipit.DLL [2011/08/29 11:21:30 | 000,314,880 | ---- | C] () -- C:\WINDOWS\System32\Tx32.dll [2011/08/29 10:43:23 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4926.dll [2011/08/29 01:14:04 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI [2011/08/29 01:12:46 | 000,401,528 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2011/08/29 00:29:30 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat [2011/08/28 23:40:32 | 000,177,664 | ---- | C] () -- C:\Documents and Settings\Kanishka\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011/08/28 22:11:03 | 000,175,616 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll [2011/08/28 22:08:46 | 000,000,552 | ---- | C] () -- C:\WINDOWS\System32\d3d8caps.dat [2011/08/28 19:56:48 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat [2011/08/28 19:50:41 | 000,022,764 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat [2010/09/27 19:16:22 | 000,577,335 | ---- | C] () -- C:\WINDOWS\System32\adb.exe [2008/04/14 17:30:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin [2008/04/14 17:30:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat [2008/04/14 17:30:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat [2008/04/14 17:30:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat [2008/04/14 17:30:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin [2008/04/14 17:30:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat [2008/04/14 17:30:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat [2008/04/14 17:30:00 | 000,004,463 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat [2008/04/14 17:30:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin [2007/04/27 09:43:58 | 000,120,200 | ---- | C] () -- C:\WINDOWS\System32\DLLDEV32i.dll [2004/08/04 06:37:00 | 000,500,970 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat [2004/08/04 06:37:00 | 000,087,652 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat [2004/08/04 06:37:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat [color=#E56717]========== LOP Check ==========[/color] [2012/03/12 14:08:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVAST Software [2012/03/30 18:44:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG2012 [2012/03/30 19:57:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Backup [2012/03/13 09:54:37 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Common Files [2011/09/10 13:06:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DriverCure [2012/03/10 19:41:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\fssg [2011/12/05 16:19:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Hitman Pro [2012/03/25 11:24:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Kingsoft [2011/12/16 14:03:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MAGIX [2011/12/31 16:03:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NCH Swift Sound [2012/03/30 19:57:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Panda Security [2011/09/13 15:00:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Drivers HeadQuarters [2012/01/25 10:20:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC1Data [2012/01/24 19:42:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\RiyazStudio [2011/09/22 12:57:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SupportSoft [2012/04/04 23:11:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP [2012/03/30 21:08:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TuneUp Software [2011/12/22 18:48:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WindSolutions [2011/08/28 22:15:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WinZip [2012/03/13 14:10:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Zbshareware Lab [2012/03/30 21:08:39 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Application Data\{32364CEA-7855-4A3C-B674-53D8E9B97936} [2011/12/22 21:07:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521} [2012/03/01 22:37:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kanishka\Application Data\602Installer [2012/02/28 20:22:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kanishka\Application Data\ArcaVirMicroScan [2011/11/07 18:22:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kanishka\Application Data\arcot [2012/01/03 14:37:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kanishka\Application Data\Audacity [2012/03/30 14:01:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kanishka\Application Data\AVG [2012/03/16 09:55:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kanishka\Application Data\AVG2012 [2011/09/13 14:35:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kanishka\Application Data\Blitware [2011/11/13 19:37:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kanishka\Application Data\Boilsoft [2012/02/19 10:50:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kanishka\Application Data\CX [2012/02/23 09:24:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kanishka\Application Data\DeskSoft [2011/10/07 23:13:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kanishka\Application Data\Digiarty [2011/09/10 12:57:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kanishka\Application Data\DriverCure [2011/09/30 12:37:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kanishka\Application Data\Easeware [2012/02/18 17:33:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kanishka\Application Data\ElevatedDiagnostics [2011/09/19 12:38:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kanishka\Application Data\HandBrake [2012/02/04 17:27:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kanishka\Application Data\HTC [2011/12/23 08:48:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kanishka\Application Data\HTC.388BC06ACDAB6261375BCE37FBA2E023C0D7EE34.1 [2011/10/29 10:41:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kanishka\Application Data\KC Softwares [2012/03/25 11:23:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kanishka\Application Data\Kingsoft [2011/12/22 15:22:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kanishka\Application Data\Leadertech [2011/12/16 14:03:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kanishka\Application Data\MAGIX [2011/12/01 10:52:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kanishka\Application Data\MakeitOne [2011/12/13 12:04:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kanishka\Application Data\Mipony [2011/11/01 12:23:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kanishka\Application Data\mkvtoolnix [2012/02/18 17:42:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kanishka\Application Data\MOBILedit [2011/08/30 14:37:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kanishka\Application Data\NCH Swift Sound [2011/10/03 12:27:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kanishka\Application Data\OOo-dev [2011/12/23 22:26:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kanishka\Application Data\Outlook [2012/03/30 19:57:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kanishka\Application Data\Panda Security [2011/10/29 10:56:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kanishka\Application Data\Passport Photo Studio [2012/01/25 10:20:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kanishka\Application Data\PC Cleaners [2012/01/25 10:28:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kanishka\Application Data\PCPro [2011/08/31 13:46:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kanishka\Application Data\Rovio [2012/02/24 10:47:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kanishka\Application Data\smkits [2011/08/30 14:36:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kanishka\Application Data\Softplicity [2011/10/10 07:47:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kanishka\Application Data\Software602 [2012/01/24 19:42:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kanishka\Application Data\SwftInc [2012/02/01 21:05:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kanishka\Application Data\SystemRequirementsLab [2011/12/04 13:23:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kanishka\Application Data\TeamViewer [2011/12/06 19:57:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kanishka\Application Data\Thinstall [2012/03/15 14:58:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kanishka\Application Data\Tific [2012/03/20 21:42:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kanishka\Application Data\TrustPort [2012/03/30 14:43:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kanishka\Application Data\TuneUp Software [2011/08/29 00:53:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kanishka\Application Data\VitySoft [2011/12/10 16:35:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kanishka\Application Data\VOS [2011/12/22 18:48:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kanishka\Application Data\WindSolutions [2011/09/13 20:32:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kanishka\Application Data\Xilisoft [2011/08/31 15:18:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kanishka\Application Data\xrecode2 [2011/11/16 19:08:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kanishka\Application Data\Zbshareware Lab [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Alternate Data Streams ==========[/color] @Alternate Data Stream - 289 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:0B4227B4 @Alternate Data Stream - 155 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:ECF54A0E < End of report >