Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

High Risk Cloaked Malware [Solved]

Started by Skag , Jan 03 2010 12:21 AM

  • This topic is locked This topic is locked

#16
Skag
Posted 08 January 2010 - 09:12 AM

Skag

    Member

  • Topic Starter
  • Member
  • PipPip
  • 15 posts
Here is the report:

--------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER 7.0: scan report
Friday, January 8, 2010
Operating system: Microsoft Windows Vista Home Premium Edition, 32-bit (build 6000)
Kaspersky Online Scanner version: 7.0.26.13
Last database update: Friday, January 08, 2010 11:50:47
Records in database: 3319094
--------------------------------------------------------------------------------

Scan settings:
scan using the following database: extended
Scan archives: yes
Scan e-mail databases: yes

Scan area - My Computer:
C:\
D:\
E:\
F:\

Scan statistics:
Objects scanned: 181502
Threats found: 3
Infected objects found: 5
Suspicious objects found: 0
Scan duration: 03:06:15


File name / Threat / Threats count
C:\Qoobox\Quarantine\C\Windows\System32\H8SRTjboqdesqim.dll.vir Infected: Packed.Win32.TDSS.aa 1
C:\Qoobox\Quarantine\C\Windows\System32\H8SRTwqyrgqqsvv.dll.vir Infected: Trojan.Win32.FraudPack.ajss 1
C:\Users\Sunil\Documents\My Received Files\swedish.rar Infected: HackTool.Win32.Kiser.l 3

Selected area has been scanned.
  • 0

Advertisements

#17
hammerman
Posted 08 January 2010 - 01:09 PM

hammerman

    Member 4k

  • Member
  • PipPipPipPipPipPipPip
  • 4,183 posts
Hi,

Please follow these steps and then let me know how your computer's running. Still having slow start-up's?

-- Step 1 --

Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following

    :Files
C:\Users\Sunil\Documents\My Received Files\swedish.rar

:Commands
[purity]
[emptytemp]
[start explorer]
[Reboot]
  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot when it is done
  • This fix will produce a report. Please add this to your reply.
-- Step 2 --

Download Security Check from here or here.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.
-- Step 3 --

Run OTL and select Minimal Output.
Select Use SafeList under Extra Registry
Use the Run Scan button to start a scan.
Please post the OTL.txt and Extras.txt in your reply.
  • 0

#18
Skag
Posted 08 January 2010 - 01:52 PM

Skag

    Member

  • Topic Starter
  • Member
  • PipPip
  • 15 posts
First OTL Report:

All processes killed
========== FILES ==========
C:\Users\Sunil\Documents\My Received Files\swedish.rar moved successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User

User: Public

User: Sunil
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 21626435 bytes
->Java cache emptied: 13818443 bytes
->FireFox cache emptied: 32907242 bytes
->Google Chrome cache emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
Windows Temp folder emptied: 333510 bytes
RecycleBin emptied: 2396 bytes

Total Files Cleaned = 66.00 mb


OTL by OldTimer - Version 3.1.20.2 log created on 01082010_192702

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...


Security Check report:

Results of screen317's Security Check version 0.99.1
Windows Vista (UAC is disabled!)
Out of date service pack!!
``````````````````````````````
Antivirus/Firewall Check:
Windows Security Center service is not running! This report may not be accurate!
Windows Firewall Disabled!
BitDefender Internet Security 2010
Antivirus out of date!
``````````````````````````````
Anti-malware/Other Utilities Check:
CCleaner
Java™ 6 Update 17
Java™ SE Development Kit 6 Update 17
Java DB 10.4.2.1
Adobe Flash Player 10
Adobe Reader 9.2
``````````````````````````````
Process Check:
objlist.exe by Laurent
Common Files BitDefender BitDefender Update Service livesrv.exe
Bit Defender NEW BitDefender 2010 vsserv.exe
Bit Defender NEW BitDefender 2010 bdagent.exe
Bit Defender NEW BitDefender 2010 seccenter.exe
``````````````````````````````
DNS Vulnerability Check:
GREAT! (Not vulnerable to DNS cache poisoning)

`````````End of Log```````````


Second OTL report:

OTL

OTL logfile created on: 08/01/2010 19:45:45 - Run 4
OTL by OldTimer - Version 3.1.20.2 Folder = C:\Users\Sunil\Desktop
Windows Vista Home Premium Edition (Version = 6.0.6000) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18865)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 55.00% Memory free
6.00 Gb Paging File | 5.00 Gb Available in Paging File | 77.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 149.04 Gb Total Space | 69.77 Gb Free Space | 46.81% Space Free | Partition Type: NTFS
Drive D: | 141.23 Gb Total Space | 50.41 Gb Free Space | 35.70% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: SUNILS--LAPTOP
Current User Name: Sunil
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal

========== Processes (SafeList) ==========

PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Users\Sunil\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Bit Defender NEW\BitDefender 2010\seccenter.exe (BitDefender S.R.L.)
PRC - C:\Program Files\Bit Defender NEW\BitDefender 2010\bdagent.exe (BitDefender S.R.L.)
PRC - C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe (BitDefender S.R.L.)
PRC - C:\Program Files\Common Files\BitDefender\BitDefender Update Service\upgrepl.exe (BitDefender S.R.L.)
PRC - D:\ITUNES!\iTunes.exe (Apple Inc.)
PRC - C:\Program Files\iPod\bin\iPodService.exe (Apple Inc.)
PRC - C:\Program Files\Bit Defender NEW\BitDefender 2010\vsserv.exe (BitDefender S.R.L.)
PRC - C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe (Motorola Inc.)
PRC - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (Apple Inc.)
PRC - C:\Windows\System32\PnkBstrA.exe ()
PRC - C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE (Microsoft Corporation)
PRC - C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE (Microsoft Corporation)
PRC - C:\Program Files\Last.fm\LastFM.exe (Last.fm)
PRC - C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc.)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Windows\ASScrPro.exe ()
PRC - C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
PRC - C:\Windows\System32\Ati2evxx.exe (ATI Technologies Inc.)
PRC - C:\Program Files\ATKGFNEX\GFNEXSrv.exe ()
PRC - C:\Program Files\ASUS\Splendid\ACMON.exe (ATK)
PRC - C:\Program Files\Common Files\LightScribe\LSSrvc.exe (Hewlett-Packard Company)
PRC - C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe ()
PRC - C:\Program Files\ATK Hotkey\HControl.exe (ATK0100)
PRC - C:\Program Files\ATK Hotkey\KBFiltr.exe ()
PRC - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics, Inc.)
PRC - C:\Program Files\ATK Hotkey\ASLDRSrv.exe ()
PRC - C:\Program Files\ATKOSD2\ATKOSD2.exe ()
PRC - C:\Program Files\Wireless Console 2\wcourier.exe ()
PRC - C:\Program Files\ATK Hotkey\ATKOSD.exe ()
PRC - C:\Windows\System32\mobsync.exe (Microsoft Corporation)
PRC - C:\Windows\System32\WUDFHost.exe (Microsoft Corporation)
PRC - C:\Windows\System32\wbem\unsecapp.exe (Microsoft Corporation)
PRC - C:\Windows\System32\ACEngSvr.exe (ASUSTeK)


========== Modules (SafeList) ==========

MOD - C:\Users\Sunil\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\Program Files\Bit Defender NEW\BitDefender 2010\Active Virus Control\midas32-v2_000\plugin_extra.m32 (BitDefender S.R.L. Bucharest, ROMANIA)
MOD - C:\Program Files\Bit Defender NEW\BitDefender 2010\Active Virus Control\midas32-v2_000\plugin_nt.m32 (BitDefender S.R.L. Bucharest, ROMANIA)
MOD - C:\Program Files\Bit Defender NEW\BitDefender 2010\Active Virus Control\midas32-v2_000\plugin_net.m32 (BitDefender S.R.L. Bucharest, ROMANIA)
MOD - C:\Program Files\Bit Defender NEW\BitDefender 2010\Active Virus Control\midas32-v2_000\plugin_fragments.m32 (BitDefender S.R.L. Bucharest, ROMANIA)
MOD - C:\Program Files\Bit Defender NEW\BitDefender 2010\Active Virus Control\midas32-v2_000\plugin_registry.m32 (BitDefender S.R.L. Bucharest, ROMANIA)
MOD - C:\Program Files\Bit Defender NEW\BitDefender 2010\Active Virus Control\midas32-v2_000\plugin_base.m32 (BitDefender S.R.L. Bucharest, ROMANIA)
MOD - C:\Program Files\Bit Defender NEW\BitDefender 2010\Active Virus Control\midas32-v2_000\midas32.dll (BitDefender S.R.L. Bucharest, ROMANIA)
MOD - C:\Windows\System32\sfc_os.dll (Microsoft Corporation)
MOD - C:\Windows\System32\sfc.dll (Microsoft Corporation)
MOD - C:\Windows\System32\msi.dll (Microsoft Corporation)
MOD - C:\Windows\System32\msiltcfg.dll (Microsoft Corporation)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll (Microsoft Corporation)


========== Win32 Services (SafeList) ==========

SRV - (LIVESRV) -- C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe (BitDefender S.R.L.)
SRV - (iPod Service) -- C:\Program Files\iPod\bin\iPodService.exe (Apple Inc.)
SRV - (VSSERV) -- C:\Program Files\Bit Defender NEW\BitDefender 2010\vsserv.exe (BitDefender S.R.L.)
SRV - (scan) -- C:\Program Files\Common Files\BitDefender\BitDefender Threat Scanner\scan.dll (S.C. BitDefender S.R.L)
SRV - (Arrakis3) -- C:\Program Files\Common Files\BitDefender\BitDefender Arrakis Server\bin\arrakis3.exe (BitDefender S.R.L. http://www.bitdefender.com)
SRV - (Steam Client Service) -- C:\Program Files\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (Apple Mobile Device) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (Apple Inc.)
SRV - (PnkBstrA) -- C:\Windows\System32\PnkBstrA.exe ()
SRV - (wlidsvc) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corporation)
SRV - (Bonjour Service) -- C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc.)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (Ati External Event Utility) -- C:\Windows\System32\Ati2evxx.exe (ATI Technologies Inc.)
SRV - (ATKGFNEXSrv) -- C:\Program Files\ATKGFNEX\GFNEXSrv.exe ()
SRV - (LightScribeService) -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe (Hewlett-Packard Company)
SRV - (NMIndexingService) -- C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe (Nero AG)
SRV - (ADSMService) -- C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe ()
SRV - (NBService) -- C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe (Nero AG)
SRV - (ASLDRService) -- C:\Program Files\ATK Hotkey\ASLDRSrv.exe ()
SRV - (ehstart) -- C:\Windows\ehome\ehstart.dll (Microsoft Corporation)
SRV - (ose) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)
SRV - (IDriverT) -- C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe (Macrovision Corporation)


========== Driver Services (SafeList) ==========

DRV - (BDFM) -- C:\Windows\System32\drivers\bdfm.sys (BitDefender S.R.L. Bucharest, ROMANIA)
DRV - (BDSelfPr) -- C:\Program Files\Bit Defender NEW\BitDefender 2010\bdselfpr.sys (BitDefender)
DRV - (smserial) -- C:\Windows\System32\drivers\smserial.sys (Motorola Inc.)
DRV - (BdfNdisf) -- C:\Windows\System32\drivers\BdfNdisf6.sys (BitDefender LLC)
DRV - (BDVEDISK) -- C:\Program Files\Bit Defender NEW\BitDefender 2010\bdvedisk.sys (BitDefender)
DRV - (athr) -- C:\Windows\System32\drivers\athr.sys (Atheros Communications, Inc.)
DRV - (bdftdif) -- C:\Program Files\Common Files\BitDefender\BitDefender Firewall\bdftdif.sys (BitDefender LLC)
DRV - (Profos) -- C:\Program Files\Common Files\BitDefender\BitDefender Threat Scanner\profos.sys (BitDefender S.R.L.)
DRV - (bdfsfltr) -- C:\Windows\system32\DRIVERS\bdfsfltr.sys (BitDefender S.R.L. Bucharest, ROMANIA)
DRV - (USBAAPL) -- C:\Windows\System32\drivers\usbaapl.sys (Apple, Inc.)
DRV - (GEARAspiWDM) -- C:\Windows\System32\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV - (Trufos) -- C:\Program Files\Common Files\BitDefender\BitDefender Threat Scanner\trufos.sys (BitDefender S.R.L.)
DRV - (ENTECH) -- C:\Windows\System32\drivers\Entech.sys (EnTech Taiwan)
DRV - (SiSGbeLH) -- C:\Windows\System32\drivers\SiSGB6.sys (Silicon Integrated Systems Corp.)
DRV - (PxHelp20) -- C:\Windows\System32\Drivers\PxHelp20.sys (Sonic Solutions)
DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\Windows\System32\drivers\RTKVHDA.sys (Realtek Semiconductor Corp.)
DRV - (atikmdag) -- C:\Windows\System32\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV - (RTSTOR) -- C:\Windows\System32\drivers\RTSTOR.sys (Realtek Semiconductor Corp.)
DRV - (FiltUSBET) -- C:\Windows\System32\drivers\etFilter.sys (eMPIA Technology Inc.)
DRV - (ScanUSBET) -- C:\Windows\System32\drivers\etScan.sys (eMPIA Technology, Inc.)
DRV - (DCamUSBET) -- C:\Windows\System32\drivers\etDevice.sys (eMPIA Technology, Inc.)
DRV - (AsDsm) -- C:\Windows\System32\drivers\AsDsm.sys (Windows ® Codename Longhorn DDK provider)
DRV - (ASMMAP) -- C:\Program Files\ATKGFNEX\ASMMAP.sys ()
DRV - (SynTP) -- C:\Windows\System32\drivers\SynTP.sys (Synaptics, Inc.)
DRV - (kbfiltr) -- C:\Windows\System32\drivers\kbfiltr.sys ( )
DRV - (MTsensor) -- C:\Windows\System32\drivers\ATKACPI.sys (ATK0100)
DRV - (ql2300) -- C:\Windows\system32\drivers\ql2300.sys (QLogic Corporation)
DRV - (adp94xx) -- C:\Windows\system32\drivers\adp94xx.sys (Adaptec, Inc.)
DRV - (elxstor) -- C:\Windows\system32\drivers\elxstor.sys (Emulex)
DRV - (adpahci) -- C:\Windows\system32\drivers\adpahci.sys (Adaptec, Inc.)
DRV - (uliahci) -- C:\Windows\system32\drivers\uliahci.sys (ULi Electronics Inc.)
DRV - (iaStorV) -- C:\Windows\system32\drivers\iastorv.sys (Intel Corporation)
DRV - (adpu320) -- C:\Windows\system32\drivers\adpu320.sys (Adaptec, Inc.)
DRV - (ulsata2) -- C:\Windows\system32\drivers\ulsata2.sys (Promise Technology, Inc.)
DRV - (vsmraid) -- C:\Windows\system32\drivers\vsmraid.sys (VIA Technologies Inc.,Ltd)
DRV - (ql40xx) -- C:\Windows\system32\drivers\ql40xx.sys (QLogic Corporation)
DRV - (UlSata) -- C:\Windows\system32\drivers\ulsata.sys (Promise Technology, Inc.)
DRV - (adpu160m) -- C:\Windows\system32\drivers\adpu160m.sys (Adaptec, Inc.)
DRV - (nvraid) -- C:\Windows\system32\drivers\nvraid.sys (NVIDIA Corporation)
DRV - (nfrd960) -- C:\Windows\system32\drivers\nfrd960.sys (IBM Corporation)
DRV - (iirsp) -- C:\Windows\system32\drivers\iirsp.sys (Intel Corp./ICP vortex GmbH)
DRV - (TPM) -- C:\Windows\System32\drivers\tpm.sys (Microsoft Corporation)
DRV - (SiSRaid4) -- C:\Windows\system32\drivers\sisraid4.sys (Silicon Integrated Systems)
DRV - (nvstor) -- C:\Windows\system32\drivers\nvstor.sys (NVIDIA Corporation)
DRV - (aic78xx) -- C:\Windows\system32\drivers\djsvs.sys (Adaptec, Inc.)
DRV - (arcsas) -- C:\Windows\system32\drivers\arcsas.sys (Adaptec, Inc.)
DRV - (LSI_SCSI) -- C:\Windows\system32\drivers\lsi_scsi.sys (LSI Logic)
DRV - (SiSRaid2) -- C:\Windows\system32\drivers\sisraid2.sys (Silicon Integrated Systems Corp.)
DRV - (HpCISSs) -- C:\Windows\system32\drivers\hpcisss.sys (Hewlett-Packard Company)
DRV - (arc) -- C:\Windows\system32\drivers\arc.sys (Adaptec, Inc.)
DRV - (iteraid) -- C:\Windows\system32\drivers\iteraid.sys (Integrated Technology Express, Inc.)
DRV - (iteatapi) -- C:\Windows\system32\drivers\iteatapi.sys (Integrated Technology Express, Inc.)
DRV - (LSI_SAS) -- C:\Windows\system32\drivers\lsi_sas.sys (LSI Logic)
DRV - (Symc8xx) -- C:\Windows\system32\drivers\symc8xx.sys (LSI Logic)
DRV - (LSI_FC) -- C:\Windows\system32\drivers\lsi_fc.sys (LSI Logic)
DRV - (Sym_u3) -- C:\Windows\system32\drivers\sym_u3.sys (LSI Logic)
DRV - (Mraid35x) -- C:\Windows\system32\drivers\mraid35x.sys (LSI Logic Corporation)
DRV - (Sym_hi) -- C:\Windows\system32\drivers\sym_hi.sys (LSI Logic)
DRV - (megasas) -- C:\Windows\system32\drivers\megasas.sys (LSI Logic Corporation)
DRV - (viaide) -- C:\Windows\system32\drivers\viaide.sys (VIA Technologies, Inc.)
DRV - (cmdide) -- C:\Windows\system32\drivers\cmdide.sys (CMD Technology, Inc.)
DRV - (aliide) -- C:\Windows\system32\drivers\aliide.sys (Acer Laboratories Inc.)
DRV - (MODEMCSA) -- C:\Windows\System32\drivers\MODEMCSA.sys (Microsoft Corporation)
DRV - (Brserid) Brother MFC Serial Port Interface Driver (WDM) -- C:\Windows\system32\drivers\brserid.sys (Brother Industries Ltd.)
DRV - (BrUsbSer) -- C:\Windows\system32\drivers\brusbser.sys (Brother Industries Ltd.)
DRV - (BrFiltUp) -- C:\Windows\system32\drivers\brfiltup.sys (Brother Industries, Ltd.)
DRV - (BrFiltLo) -- C:\Windows\system32\drivers\brfiltlo.sys (Brother Industries, Ltd.)
DRV - (BrSerWdm) -- C:\Windows\system32\drivers\brserwdm.sys (Brother Industries Ltd.)
DRV - (BrUsbMdm) -- C:\Windows\system32\drivers\brusbmdm.sys (Brother Industries Ltd.)
DRV - (ntrigdigi) -- C:\Windows\system32\drivers\ntrigdigi.sys (N-trig Innovative Technologies)
DRV - (RTL8169) -- C:\Windows\System32\drivers\Rtlh86.sys (Realtek Corporation)
DRV - (NETw3v32) Intel® -- C:\Windows\System32\drivers\NETw3v32.sys (Intel® Corporation)
DRV - (E1G60) Intel® -- C:\Windows\System32\drivers\E1G60I32.sys (Intel Corporation)
DRV - (secdrv) -- C:\Windows\System32\drivers\secdrv.sys (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)
DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========


IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.asus.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.selectedEngine: "IMDB"
FF - prefs.js..browser.startup.homepage: "http://www.google.co.uk"
FF - prefs.js..extensions.enabledItems: [email protected]:4.0.27.0
FF - prefs.js..extensions.enabledItems: [email protected]:2.0
FF - prefs.js..extensions.enabledItems: {0545b830-f0aa-4d7e-8820-50a4629a56fe}:4.1
FF - prefs.js..extensions.enabledItems: {89506680-e3f4-484c-a2c0-ed711d481eda}:0.9.5.1
FF - prefs.js..extensions.enabledItems: [email protected]:1.5
FF - prefs.js..extensions.enabledItems: {46551EC9-40F0-4e47-8E18-8E5CF550CFB8}:1.0.7
FF - prefs.js..extensions.enabledItems: Office2007Black@JBBS:1.4.6

FF - HKLM\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\Bit Defender NEW\BitDefender 2010\bdaphffext\ [2010/01/07 13:56:40 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.7\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/01/08 11:41:41 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.7\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/01/07 17:18:13 | 00,000,000 | ---D | M]

[2008/09/27 15:14:38 | 00,000,000 | ---D | M] -- C:\Users\Sunil\AppData\Roaming\Mozilla\Extensions
[2010/01/08 14:11:57 | 00,000,000 | ---D | M] -- C:\Users\Sunil\AppData\Roaming\Mozilla\Firefox\Profiles\4956bnvf.default\extensions
[2010/01/07 16:17:09 | 00,000,000 | ---D | M] (No name found) -- C:\Users\Sunil\AppData\Roaming\Mozilla\Firefox\Profiles\4956bnvf.default\extensions\{0545b830-f0aa-4d7e-8820-50a4629a56fe}
[2008/12/05 01:47:51 | 00,000,000 | ---D | M] (No name found) -- C:\Users\Sunil\AppData\Roaming\Mozilla\Firefox\Profiles\4956bnvf.default\extensions\{0545b830-f0aa-4d7e-8820-50a4629a56fe}(73)
[2010/01/07 16:25:24 | 00,000,000 | ---D | M] (Stylish) -- C:\Users\Sunil\AppData\Roaming\Mozilla\Firefox\Profiles\4956bnvf.default\extensions\{46551EC9-40F0-4e47-8E18-8E5CF550CFB8}
[2008/10/16 22:44:26 | 00,000,000 | ---D | M] (Aquatint Black Gloss) -- C:\Users\Sunil\AppData\Roaming\Mozilla\Firefox\Profiles\4956bnvf.default\extensions\{7694c49c-9fbd-11dc-8314-0800200c9a66}
[2009/10/01 15:50:46 | 00,000,000 | ---D | M] (Firefox Showcase) -- C:\Users\Sunil\AppData\Roaming\Mozilla\Firefox\Profiles\4956bnvf.default\extensions\{89506680-e3f4-484c-a2c0-ed711d481eda}
[2010/01/07 17:22:34 | 00,000,000 | ---D | M] (No name found) -- C:\Users\Sunil\AppData\Roaming\Mozilla\Firefox\Profiles\4956bnvf.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}
[2009/10/23 03:49:30 | 00,000,000 | ---D | M] -- C:\Users\Sunil\AppData\Roaming\Mozilla\Firefox\Profiles\4956bnvf.default\extensions\[email protected]
[2010/01/07 16:52:24 | 00,000,000 | ---D | M] -- C:\Users\Sunil\AppData\Roaming\Mozilla\Firefox\Profiles\4956bnvf.default\extensions\[email protected]
[2008/12/06 02:30:43 | 00,000,000 | ---D | M] -- C:\Users\Sunil\AppData\Roaming\Mozilla\Firefox\Profiles\4956bnvf.default\extensions\nasanightlaunch@example(72).com
[2010/01/07 16:49:16 | 00,000,000 | ---D | M] -- C:\Users\Sunil\AppData\Roaming\Mozilla\Firefox\Profiles\4956bnvf.default\extensions\Office2007Black@JBBS
[2010/01/07 16:59:58 | 00,000,000 | ---D | M] -- C:\Users\Sunil\AppData\Roaming\Mozilla\Firefox\Profiles\4956bnvf.default\extensions\[email protected]
[2008/10/16 15:59:22 | 00,001,146 | ---- | M] () -- C:\Users\Sunil\AppData\Roaming\Mozilla\Firefox\Profiles\4956bnvf.default\searchplugins\bbc-news.xml
[2008/10/16 15:59:31 | 00,001,504 | ---- | M] () -- C:\Users\Sunil\AppData\Roaming\Mozilla\Firefox\Profiles\4956bnvf.default\searchplugins\imdb.xml
[2010/01/08 11:51:58 | 00,004,868 | ---- | M] () -- C:\Users\Sunil\AppData\Roaming\Mozilla\Firefox\Profiles\4956bnvf.default\searchplugins\isohunt---bt-search.xml
[2009/02/24 02:28:15 | 00,002,298 | ---- | M] () -- C:\Users\Sunil\AppData\Roaming\Mozilla\Firefox\Profiles\4956bnvf.default\searchplugins\lastfm.xml
[2009/03/03 00:58:09 | 00,002,006 | ---- | M] () -- C:\Users\Sunil\AppData\Roaming\Mozilla\Firefox\Profiles\4956bnvf.default\searchplugins\urban-dictionary.xml
[2009/02/07 17:44:42 | 00,001,337 | ---- | M] () -- C:\Users\Sunil\AppData\Roaming\Mozilla\Firefox\Profiles\4956bnvf.default\searchplugins\whois-lookup.xml
[2008/10/16 15:59:51 | 00,001,032 | ---- | M] () -- C:\Users\Sunil\AppData\Roaming\Mozilla\Firefox\Profiles\4956bnvf.default\searchplugins\wikipedia-eng.xml
[2008/10/16 16:00:06 | 00,002,108 | ---- | M] () -- C:\Users\Sunil\AppData\Roaming\Mozilla\Firefox\Profiles\4956bnvf.default\searchplugins\youtube-video-search.xml
[2010/01/08 14:11:57 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2009/10/19 18:59:44 | 00,047,104 | ---- | M] (BitDefender S.R.L.) -- C:\Program Files\Mozilla Firefox\components\FFComm.dll
[2009/12/21 05:47:02 | 00,063,488 | ---- | M] (Nullsoft) -- C:\Program Files\Mozilla Firefox\plugins\npwachk.dll
[2010/01/07 16:05:20 | 00,001,538 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazon-en-GB.xml
[2010/01/07 16:05:20 | 00,000,947 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\chambers-en-GB.xml
[2010/01/07 16:05:20 | 00,000,769 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay-en-GB.xml
[2010/01/07 16:05:20 | 00,000,831 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-en-GB.xml

O1 HOSTS File: (27 bytes) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O3 - HKLM\..\Toolbar: (BitDefender Toolbar) - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\Bit Defender NEW\BitDefender 2010\ietoolbar.dll (BitDefender S.R.L.)
O4 - HKLM..\Run: [ASUS Screen Saver Protector] C:\Windows\ASScrPro.exe ()
O4 - HKLM..\Run: [BDAgent] C:\Program Files\Bit Defender NEW\BitDefender 2010\bdagent.exe (BitDefender S.R.L.)
O4 - HKLM..\Run: [BitDefender Antiphishing Helper] C:\Program Files\Bit Defender NEW\BitDefender 2010\IEShow.exe (BitDefender S.R.L.)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [SMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe (Motorola Inc.)
O4 - HKLM..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics, Inc.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra 'Tools' menuitem : Uninstall BitDefender Online Scanner - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKLM\..Trusted Domains: 48 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKCU\..Trusted Domains: 48 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} http://messenger.zon...kr.cab56986.cab (Checkers Class)
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} http://download.bitd...can8/oscan8.cab (BDSCANONLINE Control)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.micros...b?1242104793887 (WUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zon...nt.cab56907.cab (MessengerStatsClient Class)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} http://messenger.zon...er.cab56986.cab (Minesweeper Flags Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 21:43:36 | 00,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (aswBoot.exe /A:"*" /L:"English" /KBD:3) - File not found
O35 - comfile [open] -- "%1" %*
O35 - exefile [open] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010/01/08 14:31:19 | 00,000,000 | ---D | C] -- C:\Program Files\Orb Networks
[2010/01/08 14:24:43 | 24,569,416 | ---- | C] (Orb Networks) -- C:\Users\Sunil\Desktop\Orb20SetupUs.exe
[2010/01/08 13:44:14 | 00,000,000 | ---D | C] -- C:\Users\Sunil\Office Genuine Advantage
[2010/01/07 21:37:12 | 01,638,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2010/01/07 21:37:11 | 00,594,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2010/01/07 21:37:11 | 00,184,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2010/01/07 21:37:11 | 00,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2010/01/07 21:37:10 | 00,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2010/01/07 21:37:10 | 00,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2010/01/07 21:37:09 | 00,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2010/01/07 21:37:09 | 00,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2010/01/07 21:37:08 | 00,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2010/01/07 21:37:08 | 00,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2010/01/07 21:37:07 | 00,387,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2010/01/07 21:37:07 | 00,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2010/01/07 21:37:07 | 00,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2010/01/07 21:37:06 | 01,469,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2010/01/07 21:34:23 | 00,156,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll
[2010/01/07 21:34:23 | 00,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\admparse.dll
[2010/01/07 21:34:23 | 00,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtmler.dll
[2010/01/07 21:34:22 | 00,348,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll
[2010/01/07 21:34:22 | 00,216,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll
[2010/01/07 21:34:22 | 00,125,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakeng.dll
[2010/01/07 21:34:22 | 00,034,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imgutil.dll
[2010/01/07 21:34:22 | 00,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\corpol.dll
[2010/01/07 21:34:21 | 00,229,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll
[2010/01/07 21:34:21 | 00,193,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll
[2010/01/07 21:34:21 | 00,094,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inseng.dll
[2010/01/07 21:34:21 | 00,043,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[2010/01/07 21:34:20 | 00,611,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll
[2010/01/07 21:34:20 | 00,208,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WinFXDocObj.exe
[2010/01/07 21:34:20 | 00,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakui.dll
[2010/01/07 21:34:20 | 00,066,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wextract.exe
[2010/01/07 21:34:19 | 00,726,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript.dll
[2010/01/07 21:34:19 | 00,445,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2010/01/07 21:34:19 | 00,420,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vbscript.dll
[2010/01/07 21:34:19 | 00,128,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\advpack.dll
[2010/01/07 21:34:19 | 00,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pngfilt.dll
[2010/01/07 21:34:18 | 00,385,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2010/01/07 21:34:18 | 00,105,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2010/01/07 21:34:17 | 03,698,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat
[2010/01/07 21:34:17 | 00,169,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iexpress.exe
[2010/01/07 21:34:16 | 00,109,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PDMSetup.exe
[2010/01/07 21:34:16 | 00,107,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe
[2010/01/07 21:34:16 | 00,107,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SetIEInstalledDate.exe
[2010/01/07 17:18:26 | 00,000,000 | ---D | C] -- C:\ProgramData\Office Genuine Advantage
[2010/01/07 17:04:46 | 00,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[2010/01/07 17:01:36 | 00,024,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nshhttp.dll
[2010/01/07 17:01:32 | 00,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\httpapi.dll
[2010/01/07 16:56:10 | 01,233,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\lsasrv.dll
[2010/01/07 16:27:37 | 00,000,000 | ---D | C] -- C:\Program Files\Winamp Detect
[2010/01/07 16:21:24 | 00,297,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlansec.dll
[2010/01/07 16:21:24 | 00,290,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlanmsm.dll
[2010/01/07 16:21:24 | 00,123,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\L2SecHC.dll
[2010/01/07 16:21:24 | 00,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlanhlp.dll
[2010/01/07 16:21:24 | 00,047,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlanapi.dll
[2010/01/07 16:21:09 | 00,604,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMSPDMOD.DLL
[2010/01/07 16:20:50 | 00,311,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\unregmp2.exe
[2010/01/07 16:20:49 | 00,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spwmp.dll
[2010/01/07 16:20:49 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxmasf.dll
[2010/01/07 16:20:48 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdxm.ocx
[2010/01/07 16:20:47 | 08,147,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmploc.DLL
[2010/01/07 16:13:07 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2010/01/07 14:37:52 | 00,000,000 | ---D | C] -- C:\Program Files\Sun
[2010/01/07 13:56:25 | 00,000,000 | ---D | C] -- C:\Users\Sunil\AppData\Roaming\BitDefender
[2010/01/07 13:56:23 | 00,000,000 | ---D | C] -- C:\ProgramData\BitDefender
[2010/01/07 13:56:23 | 00,000,000 | ---D | C] -- C:\Program Files\Bit Defender NEW
[2010/01/07 13:53:54 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\BitDefender
[2010/01/06 19:47:56 | 00,157,696 | ---- | C] (The RaProducts Team: Paul McLain and Fred de Vries) -- C:\Users\Sunil\Desktop\JavaRa.exe
[2010/01/06 19:44:49 | 00,107,368 | ---- | C] (GEAR Software Inc.) -- C:\Windows\System32\GEARAspi.dll
[2010/01/06 19:44:49 | 00,026,600 | ---- | C] (GEAR Software Inc.) -- C:\Windows\System32\drivers\GEARAspiWDM.sys
[2010/01/06 19:44:01 | 00,000,000 | ---D | C] -- C:\Program Files\iPod
[2010/01/06 19:43:56 | 00,000,000 | ---D | C] -- C:\ProgramData\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2010/01/06 19:41:25 | 00,000,000 | ---D | C] -- C:\Program Files\QuickTime
[2010/01/06 19:22:55 | 00,000,000 | ---D | C] -- C:\Users\Sunil\AppData\Local\AA2DeployClient
[2010/01/06 19:22:55 | 00,000,000 | ---D | C] -- C:\ProgramData\AA2DeployClient
[2010/01/06 19:22:01 | 00,000,000 | ---D | C] -- C:\Users\Sunil\AppData\Local\Apps
[2010/01/06 19:22:00 | 00,000,000 | ---D | C] -- C:\Users\Sunil\AppData\Local\Deployment
[2010/01/06 16:50:11 | 00,213,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\netio.sys
[2010/01/06 16:50:11 | 00,103,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netiohlp.dll
[2010/01/06 16:50:10 | 00,167,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tcpipcfg.dll
[2010/01/06 16:50:09 | 00,027,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NETSTAT.EXE
[2010/01/06 16:50:09 | 00,022,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netiougc.exe
[2010/01/06 16:50:09 | 00,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ARP.EXE
[2010/01/06 16:50:09 | 00,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ROUTE.EXE
[2010/01/06 16:50:09 | 00,011,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MRINFO.EXE
[2010/01/06 16:50:09 | 00,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\finger.exe
[2010/01/06 16:50:09 | 00,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TCPSVCS.EXE
[2010/01/06 16:50:09 | 00,008,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\HOSTNAME.EXE
[2010/01/06 16:50:08 | 00,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netevent.dll
[2010/01/06 16:48:35 | 00,428,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EncDec.dll
[2010/01/06 16:48:35 | 00,292,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\psisdecd.dll
[2010/01/06 16:48:35 | 00,217,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\psisrndr.ax
[2010/01/06 16:48:32 | 01,244,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mcmde.dll
[2010/01/06 16:48:32 | 00,177,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mpg2splt.ax
[2010/01/06 16:48:31 | 00,080,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSNP.ax
[2010/01/06 16:48:31 | 00,068,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Mpeg2Data.ax
[2010/01/06 16:48:31 | 00,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSDvbNP.ax
[2010/01/06 16:48:24 | 00,713,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\timedate.cpl
[2010/01/06 16:48:21 | 02,032,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2010/01/06 16:48:16 | 02,855,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mf.dll
[2010/01/06 16:48:16 | 02,433,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVCORE.DLL
[2010/01/06 16:48:15 | 00,098,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfps.dll
[2010/01/06 16:48:15 | 00,052,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rrinstaller.exe
[2010/01/06 16:48:14 | 00,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfpmp.exe
[2010/01/06 16:48:14 | 00,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mferror.dll
[2010/01/06 16:47:57 | 00,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msxml6r.dll
[2010/01/06 16:47:57 | 00,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msxml3r.dll
[2010/01/06 16:47:51 | 01,686,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gameux.dll
[2010/01/06 16:47:51 | 00,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Apphlpdm.dll
[2010/01/06 16:47:50 | 04,247,552 | ---- | C] (Microsoft) -- C:\Windows\System32\GameUXLegacyGDFs.dll
[2010/01/06 16:47:25 | 00,116,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\aaclient.dll
[2010/01/06 16:47:25 | 00,036,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tsgqec.dll
[2010/01/06 16:47:13 | 00,654,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\printfilterpipelinesvc.exe
[2010/01/06 16:47:13 | 00,158,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sdohlp.dll
[2010/01/06 16:47:13 | 00,097,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasrecst.dll
[2010/01/06 16:47:13 | 00,053,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasads.dll
[2010/01/06 16:47:13 | 00,037,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasdatastore.dll
[2010/01/06 16:47:13 | 00,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\printfilterpipelineprxy.dll
[2010/01/06 16:47:04 | 00,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdxm.tlb
[2010/01/06 16:47:04 | 00,018,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\amcompat.tlb
[2010/01/06 16:46:58 | 00,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\amxread.dll
[2010/01/06 16:46:58 | 00,014,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\apilogen.dll
[2010/01/06 16:46:53 | 00,500,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdtcprx.dll
[2010/01/06 16:46:53 | 00,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xolehlp.dll
[2010/01/06 16:46:50 | 00,123,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msvfw32.dll
[2010/01/06 16:46:50 | 00,088,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\avifil32.dll
[2010/01/06 16:46:50 | 00,082,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mciavi32.dll
[2010/01/06 16:46:50 | 00,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\avicap32.dll
[2010/01/06 16:46:45 | 03,502,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2010/01/06 16:46:45 | 03,467,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2010/01/06 16:46:41 | 00,289,792 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll
[2010/01/06 16:46:41 | 00,156,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\t2embed.dll
[2010/01/06 16:46:41 | 00,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fontsub.dll
[2010/01/06 16:46:41 | 00,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll
[2010/01/06 16:46:41 | 00,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dciman32.dll
[2010/01/06 16:46:28 | 00,696,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\localspl.dll
[2010/01/06 16:43:16 | 00,000,000 | ---D | C] -- C:\Windows\BDOSCAN8
[2010/01/06 16:32:54 | 00,274,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\raschap.dll
[2010/01/06 16:32:54 | 00,232,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rastls.dll
[2010/01/06 16:32:46 | 00,321,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSDApi.dll
[2010/01/06 15:36:34 | 00,000,000 | ---D | C] -- C:\Users\Sunil\Desktop\Malware Protection Files
[2010/01/06 15:33:14 | 00,160,608 | ---- | C] (Microsoft Corporation) -- C:\Users\Sunil\Desktop\bitdefender_isecurity.exe
[2010/01/06 15:27:12 | 00,149,280 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe
[2010/01/06 15:27:12 | 00,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe
[2010/01/06 15:27:12 | 00,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe
[2010/01/06 14:40:48 | 00,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2010/01/06 12:34:28 | 00,000,000 | ---D | C] -- C:\Program Files\Alwil Software
[2010/01/06 12:07:10 | 00,000,000 | ---D | C] -- C:\_OTL
[2010/01/05 20:28:35 | 00,000,000 | ---D | C] -- C:\32788R22FWJFW
[2010/01/05 19:40:57 | 00,000,000 | ---D | C] -- C:\Users\Sunil\Desktop\SysProt
[2010/01/05 12:40:26 | 00,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2010/01/05 11:04:42 | 00,000,000 | ---D | C] -- C:\Windows\temp
[2010/01/05 11:04:42 | 00,000,000 | ---D | C] -- C:\Users\Sunil\AppData\Local\temp
[2010/01/05 10:35:35 | 00,000,000 | ---D | C] -- C:\Combo-Fix
[2010/01/05 07:29:05 | 00,212,480 | ---- | C] (SteelWerX) -- C:\Windows\SWXCACLS.exe
[2010/01/05 07:29:05 | 00,161,792 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2010/01/05 07:29:05 | 00,136,704 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2010/01/05 07:29:05 | 00,031,232 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2010/01/04 10:38:18 | 00,000,000 | ---D | C] -- C:\Qoobox
[2010/01/03 05:49:16 | 00,513,536 | ---- | C] (OldTimer Tools) -- C:\Users\Sunil\Desktop\OTL.exe
[2010/01/03 05:11:24 | 00,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010/01/03 05:11:21 | 00,019,160 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010/01/03 05:11:21 | 00,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010/01/03 05:09:35 | 00,000,000 | ---D | C] -- C:\Windows\ERDNT
[2010/01/03 05:08:38 | 00,000,000 | ---D | C] -- C:\Program Files\ERUNT
[2010/01/03 05:02:06 | 00,791,393 | ---- | C] (Lars Hederer ) -- C:\Users\Sunil\Desktop\erunt_setup.exe
[2010/01/03 05:01:56 | 00,021,504 | ---- | C] (Doug Knox) -- C:\Users\Sunil\Desktop\Sys-RestorePoint.exe
[2010/01/03 04:53:19 | 00,410,624 | ---- | C] (OldTimer Tools) -- C:\Users\Sunil\Desktop\TFC.exe
[2010/01/03 01:36:32 | 45,347,568 | ---- | C] (Trend Micro Inc.) -- C:\Users\Public\Desktop\TrendMicro_TIS_17.50_en-US_32-bit.exe
[2009/12/30 06:47:04 | 00,000,000 | ---D | C] -- C:\Users\Sunil\Downloads\Flash Forward Season 1
[2009/12/30 02:30:30 | 00,000,000 | ---D | C] -- C:\Program Files\mkv2vob
[2009/12/29 13:22:44 | 00,000,000 | ---D | C] -- C:\Users\Sunil\Downloads\Flash Forward HD s01e09
[2009/12/29 13:21:44 | 00,000,000 | ---D | C] -- C:\Users\Sunil\Downloads\Flash Forward HD s01e08
[2009/12/29 13:21:13 | 00,000,000 | ---D | C] -- C:\Users\Sunil\Downloads\Flash Forward HD s01e07
[2009/12/29 13:20:05 | 00,000,000 | ---D | C] -- C:\Users\Sunil\Downloads\Flash Forward HD s01e06
[2009/12/28 15:19:11 | 00,000,000 | ---D | C] -- C:\Users\Sunil\Desktop\originals
[2007/01/24 18:08:39 | 00,005,632 | ---- | C] ( ) -- C:\Windows\System32\drivers\kbfiltr.sys

========== Files - Modified Within 30 Days ==========

[2010/01/08 19:45:36 | 05,242,880 | -HS- | M] () -- C:\Users\Sunil\ntuser.dat
[2010/01/08 19:38:49 | 00,692,118 | ---- | M] () -- C:\Windows\System32\perfh013.dat
[2010/01/08 19:38:49 | 00,623,342 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010/01/08 19:38:49 | 00,126,808 | ---- | M] () -- C:\Windows\System32\perfc013.dat
[2010/01/08 19:38:49 | 00,108,526 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010/01/08 19:38:48 | 01,515,942 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2010/01/08 19:35:47 | 00,843,187 | ---- | M] () -- C:\Users\Sunil\Desktop\SecurityCheck.exe
[2010/01/08 19:32:20 | 00,045,056 | ---- | M] () -- C:\Windows\System32\acovcnt.exe
[2010/01/08 19:32:07 | 00,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010/01/08 19:32:06 | 00,003,072 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010/01/08 19:32:06 | 00,003,072 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010/01/08 19:32:00 | 00,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010/01/08 19:31:22 | 32,204,63616 | -HS- | M] () -- C:\hiberfil.sys
[2010/01/08 19:27:28 | 00,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2010/01/08 19:11:00 | 00,000,906 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2299308901-2864604730-1019191112-1000UA.job
[2010/01/08 16:47:12 | 00,000,000 | ---- | M] () -- C:\Windows\System32\wsbl.dat
[2010/01/08 16:47:12 | 00,000,000 | ---- | M] () -- C:\Windows\System32\ph_white.dat
[2010/01/08 16:47:12 | 00,000,000 | ---- | M] () -- C:\Windows\System32\ph_summ.dat
[2010/01/08 16:47:12 | 00,000,000 | ---- | M] () -- C:\Windows\System32\ph_spoof.sig
[2010/01/08 16:47:12 | 00,000,000 | ---- | M] () -- C:\Windows\System32\ph_sign.slf
[2010/01/08 16:47:12 | 00,000,000 | ---- | M] () -- C:\Windows\System32\ph_fuzzy.sig
[2010/01/08 16:47:12 | 00,000,000 | ---- | M] () -- C:\Windows\System32\ph_black.dat
[2010/01/08 16:47:12 | 00,000,000 | ---- | M] () -- C:\Windows\System32\pcwords2.dat
[2010/01/08 16:47:12 | 00,000,000 | ---- | M] () -- C:\Windows\System32\pcwords.dat
[2010/01/08 16:47:12 | 00,000,000 | ---- | M] () -- C:\Windows\System32\pc_sign.slf
[2010/01/08 16:47:12 | 00,000,000 | ---- | M] () -- C:\Windows\System32\ab_sbl.sig
[2010/01/08 16:36:22 | 00,000,258 | RHS- | M] () -- C:\ProgramData\ntuser.pol
[2010/01/08 14:31:32 | 00,001,026 | ---- | M] () -- C:\Users\Public\Desktop\Orb.lnk
[2010/01/08 14:26:58 | 24,569,416 | ---- | M] (Orb Networks) -- C:\Users\Sunil\Desktop\Orb20SetupUs.exe
[2010/01/08 14:19:03 | 00,000,069 | ---- | M] () -- C:\Windows\NeroDigital.ini
[2010/01/08 14:18:50 | 00,032,256 | ---- | M] () -- C:\Users\Sunil\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/01/08 02:29:47 | 02,652,213 | -H-- | M] () -- C:\Users\Sunil\AppData\Local\IconCache.db
[2010/01/08 01:27:14 | 00,189,392 | ---- | M] () -- C:\Windows\System32\PnkBstrB.xtr
[2010/01/07 23:57:08 | 00,138,016 | ---- | M] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2010/01/07 23:56:59 | 00,189,392 | ---- | M] () -- C:\Windows\System32\PnkBstrB.exe
[2010/01/07 21:33:09 | 00,280,680 | ---- | M] () -- C:\Users\Sunil\Desktop\AA2DeployInstaller.exe
[2010/01/07 21:09:28 | 00,002,127 | ---- | M] () -- C:\Users\Public\Desktop\SF A-Team Videos.lnk
[2010/01/07 21:09:28 | 00,001,976 | ---- | M] () -- C:\Users\Public\Desktop\America's Army.lnk
[2010/01/07 20:02:29 | 00,370,280 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2010/01/07 18:46:46 | 72,116,6492 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2010/01/07 17:15:59 | 00,000,385 | ---- | M] () -- C:\Windows\System32\user_gensett.xml
[2010/01/07 17:08:39 | 00,000,121 | ---- | M] () -- C:\Windows\bdagent.INI
[2010/01/07 16:13:34 | 00,001,894 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2010/01/07 14:31:56 | 77,125,400 | ---- | M] () -- C:\Users\Sunil\Desktop\jdk-6u17-windows-i586.exe
[2010/01/07 14:10:39 | 00,000,132 | ---- | M] () -- C:\Windows\System32\rezumatenoi.dat
[2010/01/07 14:07:13 | 00,000,016 | ---- | M] () -- C:\Windows\System32\asdict.dat
[2010/01/07 14:07:13 | 00,000,004 | ---- | M] () -- C:\Windows\System32\aspdict-en.dat
[2010/01/07 14:07:13 | 00,000,000 | ---- | M] () -- C:\Windows\System32\ab_bl.sig
[2010/01/07 13:58:13 | 00,002,051 | ---- | M] () -- C:\Users\Public\Desktop\BitDefender Internet Security 2010.lnk
[2010/01/06 19:44:53 | 00,001,804 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2010/01/06 19:26:09 | 00,071,798 | ---- | M] () -- C:\Users\Sunil\Desktop\JavaRa.zip
[2010/01/06 19:10:37 | 00,000,129 | ---- | M] () -- C:\Users\Sunil\Desktop\install_debug.reg
[2010/01/06 16:42:33 | 00,000,038 | ---- | M] () -- C:\BdUninstallTool2010.01.06-04.38.17.reg
[2010/01/06 16:38:12 | 00,031,656 | ---- | M] () -- C:\BdUninstallTool2010.01.06-04.37.04.reg
[2010/01/06 15:33:21 | 00,160,608 | ---- | M] (Microsoft Corporation) -- C:\Users\Sunil\Desktop\bitdefender_isecurity.exe
[2010/01/06 12:34:54 | 00,002,577 | ---- | M] () -- C:\Windows\System32\config.nt
[2010/01/06 12:04:27 | 00,102,660 | ---- | M] () -- C:\Users\Sunil\Desktop\SystemLook.exe
[2010/01/05 18:32:57 | 00,354,396 | ---- | M] () -- C:\Users\Sunil\Desktop\SysProt.zip
[2010/01/05 12:43:40 | 03,819,182 | ---- | M] () -- C:\Users\Sunil\Desktop\Combo-Fix.exe
[2010/01/05 11:04:56 | 00,000,215 | ---- | M] () -- C:\Windows\system.ini
[2010/01/05 08:31:49 | 00,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2010/01/03 05:49:17 | 00,513,536 | ---- | M] (OldTimer Tools) -- C:\Users\Sunil\Desktop\OTL.exe
[2010/01/03 05:15:17 | 00,284,915 | ---- | M] () -- C:\Users\Sunil\Desktop\gmer.zip
[2010/01/03 05:11:26 | 00,000,825 | ---- | M] () -- C:\Users\Public\Desktop\Mal warebytes' AntiMalware.lnk
[2010/01/03 05:08:38 | 00,000,740 | ---- | M] () -- C:\Users\Sunil\Desktop\NTREGOPT.lnk
[2010/01/03 05:08:38 | 00,000,721 | ---- | M] () -- C:\Users\Sunil\Desktop\ERUNT.lnk
[2010/01/03 05:02:07 | 00,791,393 | ---- | M] (Lars Hederer ) -- C:\Users\Sunil\Desktop\erunt_setup.exe
[2010/01/03 05:02:02 | 00,021,504 | ---- | M] (Doug Knox) -- C:\Users\Sunil\Desktop\Sys-RestorePoint.exe
[2010/01/03 04:53:21 | 00,410,624 | ---- | M] (OldTimer Tools) -- C:\Users\Sunil\Desktop\TFC.exe
[2010/01/03 04:41:30 | 00,000,050 | ---- | M] () -- C:\Windows\wininit.ini
[2010/01/03 04:10:15 | 00,000,854 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2299308901-2864604730-1019191112-1000Core.job
[2010/01/03 01:37:32 | 45,347,568 | ---- | M] (Trend Micro Inc.) -- C:\Users\Public\Desktop\TrendMicro_TIS_17.50_en-US_32-bit.exe
[2010/01/03 00:34:10 | 00,000,008 | ---- | M] () -- C:\ProgramData\sysReserve.ini
[2010/01/02 20:36:30 | 00,243,007 | ---- | M] () -- C:\Users\Sunil\Desktop\Shot01320.png
[2009/12/30 14:55:24 | 00,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2009/12/30 14:54:58 | 00,019,160 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2009/12/30 02:30:31 | 00,001,794 | ---- | M] () -- C:\Users\Sunil\Desktop\mkv2vob.lnk
[2009/12/28 15:24:11 | 00,033,376 | ---- | M] () -- C:\Users\Sunil\Desktop\ArmyOps.ini
[2009/12/15 11:24:48 | 00,293,376 | ---- | M] () -- C:\Users\Sunil\Desktop\gmer.exe
[2009/12/09 22:54:07 | 00,261,632 | ---- | M] () -- C:\Windows\PEV.exe

========== Files Created - No Company Name ==========

[2010/01/08 19:35:28 | 00,843,187 | ---- | C] () -- C:\Users\Sunil\Desktop\SecurityCheck.exe
[2010/01/08 16:47:12 | 00,000,000 | ---- | C] () -- C:\Windows\System32\wsbl.dat
[2010/01/08 16:47:12 | 00,000,000 | ---- | C] () -- C:\Windows\System32\ph_white.dat
[2010/01/08 16:47:12 | 00,000,000 | ---- | C] () -- C:\Windows\System32\ph_summ.dat
[2010/01/08 16:47:12 | 00,000,000 | ---- | C] () -- C:\Windows\System32\ph_spoof.sig
[2010/01/08 16:47:12 | 00,000,000 | ---- | C] () -- C:\Windows\System32\ph_sign.slf
[2010/01/08 16:47:12 | 00,000,000 | ---- | C] () -- C:\Windows\System32\ph_fuzzy.sig
[2010/01/08 16:47:12 | 00,000,000 | ---- | C] () -- C:\Windows\System32\ph_black.dat
[2010/01/08 16:47:12 | 00,000,000 | ---- | C] () -- C:\Windows\System32\pcwords2.dat
[2010/01/08 16:47:12 | 00,000,000 | ---- | C] () -- C:\Windows\System32\pcwords.dat
[2010/01/08 16:47:12 | 00,000,000 | ---- | C] () -- C:\Windows\System32\pc_sign.slf
[2010/01/08 16:47:12 | 00,000,000 | ---- | C] () -- C:\Windows\System32\ab_sbl.sig
[2010/01/08 14:31:32 | 00,001,026 | ---- | C] () -- C:\Users\Public\Desktop\Orb.lnk
[2010/01/07 21:37:08 | 00,057,667 | ---- | C] () -- C:\Windows\System32\ieuinit.inf
[2010/01/07 21:09:28 | 00,002,127 | ---- | C] () -- C:\Users\Public\Desktop\SF A-Team Videos.lnk
[2010/01/07 21:09:28 | 00,001,976 | ---- | C] () -- C:\Users\Public\Desktop\America's Army.lnk
[2010/01/07 18:45:10 | 72,116,6492 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2010/01/07 17:15:59 | 00,000,385 | ---- | C] () -- C:\Windows\System32\user_gensett.xml
[2010/01/07 16:21:24 | 01,657,350 | ---- | C] () -- C:\Windows\System32\wlan.tmf
[2010/01/07 16:13:34 | 00,001,894 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2010/01/07 15:36:38 | 00,000,121 | ---- | C] () -- C:\Windows\bdagent.INI
[2010/01/07 14:30:15 | 77,125,400 | ---- | C] () -- C:\Users\Sunil\Desktop\jdk-6u17-windows-i586.exe
[2010/01/07 14:10:39 | 00,000,132 | ---- | C] () -- C:\Windows\System32\rezumatenoi.dat
[2010/01/07 14:07:13 | 00,000,016 | ---- | C] () -- C:\Windows\System32\asdict.dat
[2010/01/07 14:07:13 | 00,000,004 | ---- | C] () -- C:\Windows\System32\aspdict-en.dat
[2010/01/07 14:07:13 | 00,000,000 | ---- | C] () -- C:\Windows\System32\ab_bl.sig
[2010/01/07 13:58:13 | 00,002,051 | ---- | C] () -- C:\Users\Public\Desktop\BitDefender Internet Security 2010.lnk
[2010/01/06 19:47:56 | 00,245,103 | ---- | C] () -- C:\Users\Sunil\Desktop\JavaRa.def
[2010/01/06 19:44:53 | 00,001,804 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2010/01/06 19:26:07 | 00,071,798 | ---- | C] () -- C:\Users\Sunil\Desktop\JavaRa.zip
[2010/01/06 19:21:55 | 00,280,680 | ---- | C] () -- C:\Users\Sunil\Desktop\AA2DeployInstaller.exe
[2010/01/06 19:10:35 | 00,000,129 | ---- | C] () -- C:\Users\Sunil\Desktop\install_debug.reg
[2010/01/06 16:38:17 | 00,000,038 | ---- | C] () -- C:\BdUninstallTool2010.01.06-04.38.17.reg
[2010/01/06 16:37:04 | 00,031,656 | ---- | C] () -- C:\BdUninstallTool2010.01.06-04.37.04.reg
[2010/01/06 12:04:21 | 00,102,660 | ---- | C] () -- C:\Users\Sunil\Desktop\SystemLook.exe
[2010/01/05 18:32:56 | 00,354,396 | ---- | C] () -- C:\Users\Sunil\Desktop\SysProt.zip
[2010/01/05 12:43:37 | 03,819,182 | ---- | C] () -- C:\Users\Sunil\Desktop\Combo-Fix.exe
[2010/01/05 12:36:24 | 32,204,63616 | -HS- | C] () -- C:\hiberfil.sys
[2010/01/05 07:29:05 | 00,261,632 | ---- | C] () -- C:\Windows\PEV.exe
[2010/01/05 07:29:05 | 00,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2010/01/05 07:29:05 | 00,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2010/01/05 07:29:05 | 00,077,312 | ---- | C] () -- C:\Windows\MBR.exe
[2010/01/05 07:29:05 | 00,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2010/01/03 05:15:24 | 00,293,376 | ---- | C] () -- C:\Users\Sunil\Desktop\gmer.exe
[2010/01/03 05:15:16 | 00,284,915 | ---- | C] () -- C:\Users\Sunil\Desktop\gmer.zip
[2010/01/03 05:11:26 | 00,000,825 | ---- | C] () -- C:\Users\Public\Desktop\Mal warebytes' AntiMalware.lnk
[2010/01/03 05:08:38 | 00,000,740 | ---- | C] () -- C:\Users\Sunil\Desktop\NTREGOPT.lnk
[2010/01/03 05:08:38 | 00,000,721 | ---- | C] () -- C:\Users\Sunil\Desktop\ERUNT.lnk
[2010/01/03 04:36:48 | 00,000,050 | ---- | C] () -- C:\Windows\wininit.ini
[2010/01/03 00:34:10 | 00,000,008 | ---- | C] () -- C:\ProgramData\sysReserve.ini
[2010/01/02 20:36:29 | 00,243,007 | ---- | C] () -- C:\Users\Sunil\Desktop\Shot01320.png
[2009/12/30 02:30:31 | 00,001,794 | ---- | C] () -- C:\Users\Sunil\Desktop\mkv2vob.lnk
[2009/12/20 21:51:00 | 00,033,376 | ---- | C] () -- C:\Users\Sunil\Desktop\ArmyOps.ini
[2009/08/03 15:07:42 | 00,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll
[2009/03/01 22:53:04 | 00,000,262 | ---- | C] () -- C:\Windows\{789289CA-F73A-4A16-A331-54D498CE069F}_WiseFW.ini
[2009/02/04 03:07:09 | 00,000,258 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2009/01/15 12:45:34 | 00,181,248 | ---- | C] () -- C:\Windows\System32\txmlutil.dll
[2009/01/05 15:44:10 | 00,000,453 | ---- | C] () -- C:\Windows\bdoscandellang.ini
[2008/12/24 17:21:58 | 00,000,680 | ---- | C] () -- C:\Users\Sunil\AppData\Local\d3d9caps.dat
[2008/11/28 18:01:01 | 00,138,056 | ---- | C] () -- C:\Users\Sunil\AppData\Roaming\PnkBstrK.sys
[2008/11/10 00:25:12 | 00,000,552 | ---- | C] () -- C:\Users\Sunil\AppData\Local\d3d8caps.dat
[2008/09/30 16:04:06 | 00,138,016 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2008/09/29 14:03:28 | 00,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2008/09/28 00:19:15 | 00,032,256 | ---- | C] () -- C:\Users\Sunil\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/09/26 17:36:42 | 00,000,376 | ---- | C] () -- C:\Windows\ODBC.INI
[2008/09/19 21:57:34 | 03,596,288 | ---- | C] () -- C:\Windows\System32\qt-dx331.dll
[2008/09/19 21:55:10 | 00,000,416 | ---- | C] () -- C:\Windows\System32\dtu100.dll.manifest
[2008/09/19 21:55:10 | 00,000,416 | ---- | C] () -- C:\Windows\System32\dpl100.dll.manifest
[2008/09/19 21:54:18 | 00,012,288 | ---- | C] () -- C:\Windows\System32\DivXWMPExtType.dll
[2008/05/14 07:38:35 | 00,012,288 | ---- | C] () -- C:\Windows\impborl.dll
[2007/12/20 14:02:19 | 00,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll
[2007/04/18 09:06:01 | 00,000,010 | ---- | C] () -- C:\Windows\System32\ABLKSR.ini
[2007/03/06 06:39:19 | 00,049,152 | ---- | C] () -- C:\Windows\revdevdll.dll
[2007/01/31 13:50:32 | 00,913,408 | ---- | C] () -- C:\Windows\System32\xreglib.dll
[2006/11/02 12:35:32 | 00,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 07:40:29 | 00,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/03/09 10:57:59 | 01,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
[2003/01/07 22:05:08 | 00,002,695 | ---- | C] () -- C:\Windows\System32\OUTLPERF.INI
< End of report >



Extras

OTL Extras logfile created on: 08/01/2010 19:45:45 - Run 4
OTL by OldTimer - Version 3.1.20.2 Folder = C:\Users\Sunil\Desktop
Windows Vista Home Premium Edition (Version = 6.0.6000) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18865)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 55.00% Memory free
6.00 Gb Paging File | 5.00 Gb Available in Paging File | 77.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 149.04 Gb Total Space | 69.77 Gb Free Space | 46.81% Space Free | Partition Type: NTFS
Drive D: | 141.23 Gb Total Space | 50.41 Gb Free Space | 35.70% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: SUNILS--LAPTOP
Current User Name: Sunil
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" /p %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{5760BD42-5005-45F4-94D8-E30A95F5F597}" = rport=137 | protocol=17 | dir=out | app=system |
"{613B6AB6-895D-42FA-B7D2-643265E84FA5}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{6D338166-CFCE-496A-BEC4-782B958B39B2}" = lport=137 | protocol=17 | dir=in | app=system |
"{7CE72F15-3F92-4502-8F0C-CCCE6C25D726}" = rport=138 | protocol=17 | dir=out | app=system |
"{A3D0EA85-286F-47F0-B4D0-F6DD5B2ED2F1}" = rport=445 | protocol=6 | dir=out | app=system |
"{A8BE2625-F4A3-4C21-A53D-69B61B7BDCF0}" = lport=2869 | protocol=6 | dir=in | app=system |
"{B4AB4C34-4DBF-49CC-B175-CC98AF148465}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{C0FC4478-AF4C-47EF-A872-F92C7C1ABF18}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | [email protected],-28539 |
"{D3FDAAB6-6D27-4427-8A38-19C63349648F}" = lport=2869 | protocol=6 | dir=in | app=system |
"{DBB7E189-CF1D-4D5C-B8C8-0312F6EDF6A0}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{E0653FAB-C5FA-4050-8125-8E4446778146}" = lport=138 | protocol=17 | dir=in | app=system |
"{EC74977A-BA7C-47CF-8545-812221AF67B0}" = lport=139 | protocol=6 | dir=in | app=system |
"{EF2B7C3B-865C-47F6-A17D-9FD4BE6EE4A2}" = rport=139 | protocol=6 | dir=out | app=system |
"{F05ED7DA-7A31-4C50-9DEB-807902547BB9}" = lport=445 | protocol=6 | dir=in | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00B17D17-734B-4B58-B21A-F7BCAD658387}" = protocol=17 | dir=in | app=d:\itunes.exe |
"{05CC44C4-91E8-4417-B21D-BC6B0EB01A95}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstra.exe |
"{07E42E8B-683A-47AE-8CB9-9A6E35403E91}" = dir=in | app=c:\program files\windows live\messenger\livecall.exe |
"{088C9189-2F1A-4865-951A-10EAE1CFA059}" = protocol=6 | dir=in | app=d:\itunes!\itunes.exe |
"{13DFEA9B-9097-4D4F-8E5A-2CBE42471010}" = protocol=17 | dir=in | app=c:\program files\kontiki\kservice.exe |
"{1AC18BD2-2B6A-42D2-BF54-8226681B307B}" = protocol=58 | dir=out | [email protected],-28546 |
"{1D69F916-829F-44A0-B89E-846ED6EA15D2}" = protocol=6 | dir=in | app=c:\program files\winamp remote\bin\orbtray.exe |
"{24482675-33C9-4137-8A96-6F1AFE0902D3}" = protocol=6 | dir=in | app=d:\itunes.exe |
"{27F5F137-1FB4-4683-87B5-FED9666E80E2}" = protocol=6 | dir=in | app=c:\program files\skype\plugin manager\skypepm.exe |
"{28B4697A-72B9-4188-A477-63845D4B55E1}" = protocol=17 | dir=in | app=c:\program files\orb networks\orb\bin\orbcontrolpanel.exe |
"{29DDBDFA-2C2C-4A06-9A70-7F19E2C17D22}" = protocol=6 | dir=in | app=c:\program files\orb networks\orb\bin\orblauncher.exe |
"{2F5FF6B1-EF93-4359-BD4D-A30D49525894}" = protocol=17 | dir=in | app=c:\program files\orb networks\orb\bin\orbsetupwizard.exe |
"{2FA9F4F6-31C4-4A49-B2F2-7C37B643DDF9}" = protocol=17 | dir=in | app=c:\program files\orb networks\orb\bin\orblauncher.exe |
"{376B7D8C-3E97-48DF-AEA0-5141E74336DF}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstra.exe |
"{42168979-97AB-4AF5-8720-5136E08BF589}" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{4A99966D-5F14-439E-8A51-A25A4F1FCF46}" = protocol=17 | dir=in | app=c:\program files\orb networks\orb\bin\orbir.exe |
"{4EE18189-6A6E-49A1-8A03-95CDF435D90E}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstrb.exe |
"{51887F65-65BA-4AD7-9DE9-0A71BBE827D3}" = protocol=6 | dir=in | app=c:\program files\winamp remote\bin\orbir.exe |
"{51E4B671-B31B-4530-879B-B5290A6068BA}" = protocol=6 | dir=in | app=c:\program files\kontiki\kservice.exe |
"{553549FA-F470-4109-AF26-57A6822C1546}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{563A3DCC-9551-48A3-9BAF-F6D60403678D}" = protocol=17 | dir=in | app=c:\program files\orb networks\orb\bin\orbstreamerclient.exe |
"{5A296A7B-CCB3-4FE6-BF5C-08FAA1FC394F}" = protocol=17 | dir=in | app=c:\program files\winamp remote\bin\orbir.exe |
"{5C6FE0A4-598C-4124-B43D-4896E8EE9FDA}" = protocol=6 | dir=in | app=c:\users\sunil\desktop\utorrent.exe |
"{681FFFCE-5833-49D2-B6E6-A3BCE097B656}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstrb.exe |
"{6874040B-7692-46E3-8C72-796A0DF53B98}" = protocol=58 | dir=in | [email protected],-28545 |
"{69FEE916-B106-419C-B0FD-D7ED0D06A4E6}" = protocol=17 | dir=in | app=c:\program files\winamp remote\bin\orbstreamerclient.exe |
"{6D07A9B2-E688-4ADD-B8E0-70CD71929D1F}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstra.exe |
"{6D2B15FA-43E1-488D-9909-813BD373C73E}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{6E2BF15D-06B2-4D6E-A21B-6EDB2B66A269}" = protocol=6 | dir=in | app=c:\program files\orb networks\orb\bin\orbcontrolpanel.exe |
"{6E43470B-24EA-4F9D-8B91-43582F8286DD}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{6FE09A12-85C8-4ABD-B307-9C901AD64A61}" = protocol=17 | dir=in | app=c:\program files\orb networks\orb\bin\orb.exe |
"{71703133-2238-4301-95DB-A7C35FF36BEB}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstra.exe |
"{777D5333-4125-4BB8-A7E9-79EF1706E577}" = protocol=6 | dir=in | app=c:\program files\winamp remote\bin\orbstreamerclient.exe |
"{79A39790-86BD-4948-9AD9-1E587AC258A2}" = protocol=6 | dir=in | app=c:\program files\spotify\spotify.exe |
"{7E698090-84B6-471F-968A-E6AA106159E5}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstrb.exe |
"{7E842D29-3DEC-4C48-B6CE-60FD90877A37}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{80F903CC-EA7C-4353-B27B-F080B10AD9E8}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{85C0A866-6573-4613-A83B-1AB046F99BCC}" = protocol=17 | dir=in | app=c:\users\sunil\desktop\utorrent.exe |
"{88930487-824E-47FE-ACC6-32D3532A6FED}" = protocol=17 | dir=in | app=c:\program files\skype\plugin manager\skypepm.exe |
"{893DFBC7-5FC8-4FBF-A93A-64D49E84D390}" = protocol=17 | dir=in | app=c:\program files\winamp remote\bin\orbtray.exe |
"{97EA56D5-9CF9-4D3D-88D4-E401F628C00E}" = protocol=1 | dir=in | [email protected],-28543 |
"{9A8ED968-E335-4287-B3E4-55C213F84AEA}" = protocol=17 | dir=in | app=c:\program files\ventrilo\ventrilo.exe |
"{9F0C8CA8-433B-4A76-9AE3-047395B5B0A3}" = protocol=1 | dir=in | [email protected],-28543 |
"{A0CC141A-4D30-44E0-9ADA-9DD614813986}" = protocol=58 | dir=out | [email protected],-28546 |
"{AB5CF6DF-60EF-4C6E-BF90-1523DD292FF1}" = protocol=17 | dir=in | app=c:\program files\spotify\spotify.exe |
"{ACDFFF4C-CB9D-4D6A-B702-F55A8633F901}" = protocol=6 | dir=in | app=c:\program files\spotify\spotify.exe |
"{B42BA061-B368-45F1-8C53-445ACDFAF421}" = protocol=6 | dir=in | app=c:\program files\orb networks\orb\bin\orbir.exe |
"{B69530F4-9E84-4FD8-9C43-A02864B65CF1}" = protocol=17 | dir=in | app=c:\users\sunil\downloads\csa.exe |
"{B79F83C5-C224-4466-BB01-661C008204C8}" = protocol=17 | dir=in | app=c:\program files\spotify\spotify.exe |
"{B8C393BE-A214-473B-B86A-E0B8E8C166F1}" = protocol=6 | dir=in | app=c:\program files\orb networks\orb\bin\orbstreamerclient.exe |
"{BB3B0A11-4DEE-4D30-9694-B1BC70CE700B}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{BFAF44D4-05E0-4788-8AA0-B9B960A2913D}" = protocol=1 | dir=out | [email protected],-28544 |
"{C02E3D39-F565-4752-BA44-C714B2D1565E}" = protocol=17 | dir=in | app=c:\program files\winamp remote\bin\orb.exe |
"{C10BB66D-81CF-4A6E-9F55-D0AD1F79CC35}" = protocol=1 | dir=out | [email protected],-28544 |
"{C8B9B6DF-C94A-4AA7-9A18-D5B9E538D0BB}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstrb.exe |
"{CAB178B1-E4A6-4119-9136-21C4046A0D64}" = protocol=17 | dir=in | app=d:\itunes!\itunes.exe |
"{CCB7155D-CC17-4C0A-B959-79F0A656F134}" = protocol=6 | dir=in | app=c:\users\sunil\downloads\csa.exe |
"{D231B49F-E339-4731-9D7C-96E81916688C}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{D271900C-A1A0-455D-A672-E28F421D70D3}" = protocol=6 | dir=in | app=c:\program files\orb networks\orb\bin\orbsetupwizard.exe |
"{D349B08B-4B63-4830-A88A-DB2D760F853F}" = protocol=6 | dir=in | app=c:\program files\ventrilo\ventrilo.exe |
"{DDF7DDB4-4800-4202-B67D-AB099CBB2260}" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{DE58A9F0-74C5-44ED-9170-2B9D74EF8135}" = protocol=6 | dir=in | app=c:\program files\winamp remote\bin\orb.exe |
"{DFDC7C57-84DA-4295-8D52-C8EC1D900FEA}" = protocol=58 | dir=in | [email protected],-28545 |
"{E60FEFE8-EF0E-4B95-9561-4DD099A2EE9D}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{EDC9B9F4-889D-43B2-B0D9-EA3DAB3118DE}" = protocol=6 | dir=in | app=c:\program files\orb networks\orb\bin\orb.exe |
"TCP Query User{38908767-4E1D-45B2-8DC3-CA08867A8B6F}C:\program files\america's army\system\armyops.exe" = protocol=6 | dir=in | app=c:\program files\america's army\system\armyops.exe |
"TCP Query User{4FCDB6F6-C74F-4026-87A2-4732C4528B85}C:\program files\xfire\xfire.exe" = protocol=6 | dir=in | app=c:\program files\xfire\xfire.exe |
"TCP Query User{5531FDBE-2FF3-4304-9408-6BD4094A5816}C:\program files\america's army\system\armyops.exe" = protocol=6 | dir=in | app=c:\program files\america's army\system\armyops.exe |
"TCP Query User{7FCBE7F3-F806-4073-82AA-A86F90CA536B}C:\program files\xfire\xfire.exe" = protocol=6 | dir=in | app=c:\program files\xfire\xfire.exe |
"TCP Query User{84056752-56DE-41B0-8D49-430842FBEB0A}C:\users\sunil\desktop\torrents\utorrent.exe" = protocol=6 | dir=in | app=c:\users\sunil\desktop\torrents\utorrent.exe |
"TCP Query User{9305627F-B0AB-4BE1-AB4B-03EA1F0F9491}D:\itunes!\itunes.exe" = protocol=6 | dir=in | app=d:\itunes!\itunes.exe |
"TCP Query User{EB3890CE-D245-4D0F-BD96-551D2547E0FB}C:\program files\winamp remote\bin\orbtray.exe" = protocol=6 | dir=in | app=c:\program files\winamp remote\bin\orbtray.exe |
"TCP Query User{EC12E32A-4F4B-4D7E-8B2C-80D94332A1F8}C:\program files\america's army deploy client\aadeployclient.exe" = protocol=6 | dir=in | app=c:\program files\america's army deploy client\aadeployclient.exe |
"UDP Query User{38899A6A-6CC5-4F59-992E-0F219CB336BD}C:\program files\america's army\system\armyops.exe" = protocol=17 | dir=in | app=c:\program files\america's army\system\armyops.exe |
"UDP Query User{7ABCF4D3-7C4B-4493-95AE-37512DD8F5BA}C:\program files\america's army deploy client\aadeployclient.exe" = protocol=17 | dir=in | app=c:\program files\america's army deploy client\aadeployclient.exe |
"UDP Query User{99319F34-A26F-41E7-A9CC-6533AAEED057}C:\program files\winamp remote\bin\orbtray.exe" = protocol=17 | dir=in | app=c:\program files\winamp remote\bin\orbtray.exe |
"UDP Query User{A8709345-5EB2-4B49-A75A-C38212B3BDEB}C:\users\sunil\desktop\torrents\utorrent.exe" = protocol=17 | dir=in | app=c:\users\sunil\desktop\torrents\utorrent.exe |
"UDP Query User{CEA4B7A0-CAD8-4CE5-9F52-E583A9364A16}C:\program files\america's army\system\armyops.exe" = protocol=17 | dir=in | app=c:\program files\america's army\system\armyops.exe |
"UDP Query User{D66E3A0A-55A3-4AFD-99EC-DFDBE7E0A563}C:\program files\xfire\xfire.exe" = protocol=17 | dir=in | app=c:\program files\xfire\xfire.exe |
"UDP Query User{ED622071-159D-495B-8330-683308CE58DC}C:\program files\xfire\xfire.exe" = protocol=17 | dir=in | app=c:\program files\xfire\xfire.exe |
"UDP Query User{EF1C30DA-7FD0-4561-9040-2B3F76F49E82}D:\itunes!\itunes.exe" = protocol=17 | dir=in | app=d:\itunes!\itunes.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{025F9C8B-27B3-76B0-08E8-4EB918DE287B}" = Catalyst Control Center Localization Dutch
"{02EBDBB9-4600-41D3-B566-40CB861511D2}" = World of Warcraft FREE Trial
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour
"{0813BDD1-7E8E-4F18-A13C-037CDD7F9A48}" = Catalyst Control Center Localization Chinese Traditional
"{0A47C6E1-9BB2-023C-BBEC-2D3DBEA91A9A}" = ATI Catalyst Install Manager
"{0B3ED35F-3BDC-72FE-3477-A7CA54325F06}" = CCC Help Chinese Traditional
"{0B950F52-0FD9-C679-6FD0-C4D4F43ACA3E}" = Catalyst Control Center Localization Greek
"{0E4DC8EF-9438-AEEF-A042-851C2EA86FEA}" = Catalyst Control Center Localization Finnish
"{10A44844-4465-456E-8C97-80BDD4F68845}" = Windows Live ID Sign-in Assistant
"{11D3D948-2789-2E3D-03D7-282B537D8C01}" = BBC iPlayer Desktop
"{139B0FFA-187E-4BA1-BCA6-6B56B2B6AB8C}" = ATK Media
"{1451DE6B-ABE1-4F62-BE9A-B363A17588A2}" = QuickTime
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{1A915E9E-75A0-5FD6-53C3-D2E5EDA27B52}" = Catalyst Control Center Localization Polish
"{1BDCA62C-699A-A3C2-57C6-D496414BA297}" = Catalyst Control Center Graphics Full New
"{1C8521E5-5A7B-4A4E-A9CD-AD53116EAEE0}" = ASUS Data Security Manager
"{1CE34A07-F95C-C749-B8FB-10BEFBB5D917}" = Catalyst Control Center Localization Swedish
"{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}" = LifeFrame2
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{2133CB3F-F891-4081-8681-FEE2B2419FF4}" = Orb Runtime libraries
"{21AE04E8-EBF6-40DB-9AA9-B7A80C5D057D}" = mkv2vob
"{22AD2DF3-00C4-68EB-8D2A-C5AC60BDA907}" = CCC Help Greek
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{24339461-1E3B-290E-613E-B0B234B64ABE}" = Catalyst Control Center Localization Japanese
"{26A24AE4-039D-4CA4-87B4-2F83216012FF}" = Java™ 6 Update 17
"{27DB888F-A703-E898-6261-D84260EF93DA}" = Catalyst Control Center Core Implementation
"{28006915-2739-4EBE-B5E8-49B25D32EB33}" = Atheros Driver Installation Program
"{32A3A4F4-B792-11D6-A78A-00B0D0160170}" = Java™ SE Development Kit 6 Update 17
"{337C0055-BE59-63E5-72AE-DAED46ED980B}" = CCC Help Korean
"{342D2010-703F-2098-441E-F96F532EBD09}" = CCC Help Chinese Standard
"{3912D529-02BC-4CA8-B5ED-0D0C20EB6003}" = ATK Hotkey
"{3A9A74B7-DAE0-EB01-E51A-D2A6720CF135}" = CCC Help Japanese
"{3E7CE151-F6EC-8550-9B73-427F6A89AC42}" = CCC Help Polish
"{3FA365DF-2D68-45ED-8F83-8C8A33E65143}" = Apple Application Support
"{45936E5D-5CEB-A100-8694-B62523FD99C6}" = Catalyst Control Center Localization German
"{4BE52CD7-9B51-F4D8-ED51-8E89324F3EBD}" = Catalyst Control Center Localization Norwegian
"{4EE9DA0A-4CED-1FB9-3231-24C85855A387}" = Catalyst Control Center Localization Spanish
"{50DD51CF-31D8-7831-D4E8-E13E0A736D93}" = Catalyst Control Center Localization Russian
"{52159193-1EA1-B129-7C03-7120CB0C502E}" = CCC Help Portuguese
"{52E43F33-7D7C-3209-0539-1B2A43010E0D}" = Catalyst Control Center Localization Turkish
"{541DEAC0-5F3D-45E6-B7CB-94ECF3B96748}" = Skype web features
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{57B15AD4-8C9D-4164-82BB-E33D8644E757}" = ASUS InstantFun
"{58752780-E21C-A458-2397-BD8D5E3CB0C1}" = Catalyst Control Center Localization Portuguese
"{5C1DB4ED-E9B4-402D-BB14-D75D97D6C1A6}" = ATKOSD2
"{6412CECE-8172-4BE5-935B-6CECACD2CA87}" = Windows Live Mail
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{6602C18D-52EC-BB1F-C3B9-EFF2F1463A58}" = Catalyst Control Center Localization Thai
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6D6204C8-6B1D-4FBA-ADA9-CB6DFF9BF80D}" = America's Army Deploy Client
"{6E32B134-CA8D-49DD-B94C-0DB155CE70B5}" = ccc-Branding
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{767CC44C-9BBC-438D-BAD3-FD4595DD148B}" = VC80CRTRedist - 8.0.50727.762
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{77AD4A77-F70F-84BC-B52B-91DAB868EF27}" = CCC Help Czech
"{77DCDCE3-2DED-62F3-8154-05E745472D07}" = Acrobat.com
"{789289CA-F73A-4A16-A331-54D498CE069F}" = Ventrilo Client
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{81128EE8-8EAD-4DB0-85C6-17C2CE50FF71}" = Windows Live Essentials
"{83F73CB1-7705-49D1-9852-84D839CA2A45}" = Wireless Console 2
"{872717DD-EE82-F142-4DF7-0308772A8DE4}" = ccc-utility
"{88D44595-9B8E-38FF-7CD9-F5A1423BA2D6}" = Catalyst Control Center Graphics Light
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8D3D4041-DA1D-F814-B37E-ABF774556DAA}" = Catalyst Control Center Localization Italian
"{900F0963-B211-5692-EEEC-4DFF6F7321F6}" = CCC Help Swedish
"{90110409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{91AA9814-7B89-DA53-5FCA-EBDCDAC4F611}" = CCC Help Italian
"{926C96FB-9D0A-4504-8000-C6D3A4A3118E}" = Java DB 10.4.2.1
"{92C98289-5C00-4A4E-03ED-6E59F7D73435}" = Catalyst Control Center Localization Chinese Standard
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{97C9E93A-7DEA-37C2-50F0-E6172D91DEE6}" = CCC Help German
"{97F73E68-213C-6F88-A590-9C600186E36C}" = CCC Help Finnish
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BF9D522-7FA6-D442-9769-558E3B4503F0}" = Skins
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A6FDF86A-F541-4E7B-AEA0-8849A2A700D5}" = iTunes
"{A85FD55B-891B-4314-97A5-EA96C0BD80B5}" = Windows Live Messenger
"{AADEA55D-C834-4BCB-98A3-4B8D1C18F4EE}" = Apple Mobile Device Support
"{AB870B63-94EF-0B0A-340E-62CAF5D48B17}" = CCC Help French
"{AC76BA86-7AD7-1033-7B44-A92000000001}" = Adobe Reader 9.2
"{AE3CF174-872C-46C6-B9F6-C0593F3BC7B8}" = Microsoft Office Live Add-in 1.4
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B6512E97-FFA8-6A76-4B07-036784E56A7B}" = Catalyst Control Center Localization Czech
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{B8F1FA25-D1F3-5DEB-5AE2-18E72A2955CA}" = Catalyst Control Center Localization Danish
"{B935DAF9-605C-A1F8-7A4E-BE87E82B7237}" = CCC Help Norwegian
"{BC61F51E-8AF7-46B9-AF20-B33B5EE81033}" = Nero 7 Essentials
"{C0BAF48F-940E-7AC7-63B3-BDFAF8A6CCA5}" = CCC Help Thai
"{C0FC1C14-4824-4A73-87A6-9E888C9C3102}" = ASUS Splendid Video Enhancement Technology
"{C1B22596-9F6C-6795-F374-D6843ABA8A9A}" = Catalyst Control Center Localization Korean
"{C376495E-6F9D-2A3A-329E-960682A22B3B}" = Catalyst Control Center Localization Hungarian
"{C6FB5BC4-823A-FE8B-01CB-3A7F51B4C9C2}" = ccc-core-static
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE86A0E7-818D-43EC-A181-59BA9BD3EF2E}" = LightScribe 1.8.13.1
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.1
"{D3D54F3E-C5C3-443D-978F-87A72E5616E8}" = ATK Generic Function Service
"{D8438AE5-4BE7-CEC7-D0AA-189B34C4628F}" = CCC Help Dutch
"{D873FA4B-C374-4F8A-8D9A-130DB56FAB16}" = America's Army
"{DC24971E-1946-445D-8A82-CE685433FA7D}" = Realtek USB 2.0 Card Reader
"{DF4EB70F-6EBF-AD9E-AF89-D1398A284C86}" = Catalyst Control Center Graphics Previews Common
"{E037311F-0715-DB85-4394-6B09A66605C0}" = CCC Help Spanish
"{E1D0A2DB-9B8D-E7B1-295B-DDAB0B9A423F}" = Catalyst Control Center Localization French
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
"{E657B243-9AD4-4ECC-BE81-4CCF8D667FD0}" = ASUS Live Update
"{EAF8F949-849D-9E39-2A86-0DB83A90405B}" = Catalyst Control Center Graphics Full Existing
"{ED00D08A-3C5F-488D-93A0-A04F21F23956}" = Windows Live Communications Platform
"{EDFE36E7-B60E-BF8E-F2DF-0DD61B1E3CAE}" = CCC Help Hungarian
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F446A5CB-74F2-44F5-988C-0738E5613689}" = BitDefender Internet Security 2010
"{F656696C-CF30-03E5-03A8-05078E02ACEB}" = CCC Help Danish
"{F6BD194C-4190-4D73-B1B1-C48C99921BFE}" = Windows Live Call
"{F6CAF803-A534-705F-A673-A04FCEC5AFC9}" = CCC Help Russian
"{FCABF3BF-D716-980B-F463-32D5734A3DB4}" = CCC Help English
"{FE0C4C63-56C1-087C-3404-C547405FCEA7}" = Catalyst Control Center Graphics Previews Vista
"{FE44D8AC-80B2-A8BA-291F-59109DE96C11}" = CCC Help Turkish
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"BBCiPlayerDesktop.61DB7A798358575D6A969CCD73DDBBD723A6DA9D.1" = BBC iPlayer Desktop
"CCleaner" = CCleaner
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"ERUNT_is1" = ERUNT 1.1j
"LastFM_is1" = Last.fm 1.5.4.24567
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.5.7)" = Mozilla Firefox (3.5.7)
"Orb" = Orb
"PunkBusterSvc" = PunkBuster Services
"SMSERIAL" = Motorola SM56 Speakerphone Modem
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"Teamspeak 2 RC2_is1" = TeamSpeak 2 RC2
"USB2.0 1.3M UVC WebCam" = USB2.0 1.3M UVC WebCam
"uTorrent" = µTorrent
"VLC media player" = VideoLAN VLC media player 0.8.6d
"Winamp" = Winamp
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR archiver

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{8DC910CD-8EE3-4ffc-A4EB-9B02701059C4}" = Battlefield Heroes (Sunil)
"0638265cfb8124a6" = AA2Deploy
"Google Chrome" = Google Chrome
"Winamp Detect" = Winamp Application Detect

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 30/09/2009 03:53:56 | Computer Name = Sunils--Laptop | Source = WerSvc | ID = 5007
Description =

Error - 30/09/2009 03:54:53 | Computer Name = Sunils--Laptop | Source = Google Update | ID = 20
Description =

Error - 30/09/2009 09:05:06 | Computer Name = Sunils--Laptop | Source = Google Update | ID = 20
Description =

Error - 30/09/2009 09:05:26 | Computer Name = Sunils--Laptop | Source = Google Update | ID = 20
Description =

Error - 30/09/2009 13:37:20 | Computer Name = Sunils--Laptop | Source = WerSvc | ID = 5007
Description =

Error - 30/09/2009 20:20:12 | Computer Name = Sunils--Laptop | Source = Application Hang | ID = 1002
Description = The program firefox.exe version 1.9.0.3526 stopped interacting with
Windows and was closed. To see if more information about the problem is available,
check the problem history in the Problem Reports and Solutions control panel. Process
ID: 554 Start Time: 01ca422bacdac840 Termination Time: 62

Error - 30/09/2009 20:54:37 | Computer Name = Sunils--Laptop | Source = Application Error | ID = 1000
Description = Faulting application msnmsgr.exe, version 8.5.1302.1018, time stamp
0x4717a53b, faulting module unknown, version 0.0.0.0, time stamp 0x00000000, exception
code 0xc0000005, fault offset 0x13c475e1, process id 0xfcc, application start time
0x01ca41f4b39afb6e.

Error - 01/10/2009 16:17:49 | Computer Name = Sunils--Laptop | Source = WerSvc | ID = 5007
Description =

Error - 02/10/2009 05:55:50 | Computer Name = Sunils--Laptop | Source = WerSvc | ID = 5007
Description =

Error - 02/10/2009 14:54:10 | Computer Name = Sunils--Laptop | Source = WerSvc | ID = 5007
Description =

[ System Events ]
Error - 08/01/2010 15:32:07 | Computer Name = Sunils--Laptop | Source = HTTP | ID = 15021
Description =

Error - 08/01/2010 15:32:07 | Computer Name = Sunils--Laptop | Source = HTTP | ID = 15021
Description =

Error - 08/01/2010 15:32:07 | Computer Name = Sunils--Laptop | Source = HTTP | ID = 15021
Description =

Error - 08/01/2010 15:32:07 | Computer Name = Sunils--Laptop | Source = HTTP | ID = 15021
Description =

Error - 08/01/2010 15:32:07 | Computer Name = Sunils--Laptop | Source = HTTP | ID = 15021
Description =

Error - 08/01/2010 15:32:07 | Computer Name = Sunils--Laptop | Source = HTTP | ID = 15021
Description =

Error - 08/01/2010 15:32:07 | Computer Name = Sunils--Laptop | Source = HTTP | ID = 15021
Description =

Error - 08/01/2010 15:32:07 | Computer Name = Sunils--Laptop | Source = HTTP | ID = 15021
Description =

Error - 08/01/2010 15:34:28 | Computer Name = Sunils--Laptop | Source = Service Control Manager | ID = 7023
Description =

Error - 08/01/2010 15:49:44 | Computer Name = Sunils--Laptop | Source = Microsoft-Windows-LanguagePackSetup | ID = 1003
Description =


< End of report >
  • 0

#19
hammerman
Posted 08 January 2010 - 02:36 PM

hammerman

    Member 4k

  • Member
  • PipPipPipPipPipPipPip
  • 4,183 posts
How's your computer running?
  • 0

#20
Skag
Posted 08 January 2010 - 06:37 PM

Skag

    Member

  • Topic Starter
  • Member
  • PipPip
  • 15 posts
Generally, it is running fine and smooth. Actually a bit better before I was badly affected by this malware. However start ups are still long, around 5minutes until the log-in screen but I've had this problem a couple times with my laptop before so I don't believe it is the fault from viruses.
  • 0

#21
hammerman
Posted 09 January 2010 - 06:52 AM

hammerman

    Member 4k

  • Member
  • PipPipPipPipPipPipPip
  • 4,183 posts
Congratulations, your computer appears clean :)

Let's remove the tools we've been using.

Please follow these steps.

-- Step 1 --

Follow these steps to uninstall Combofix and tools used in the removal of malware
  • Click START then RUN
  • Now type Combofix /Uninstall in the runbox and click OK. Note the space between the X and the U, it needs to be there.
    Posted Image
-- Step 2 --
  • Download OTC to your desktop and run it
  • Click Yes to beginning the Cleanup process and remove these components, including this application.
  • You will be asked to reboot the machine to finish the Cleanup process. Choose Yes.
-- Step 3 --

Can you please delete the GMER, SysProt and SystemLook files you downloaded and any log files created.

Here are some measures you can take to ensure that your computer remains clean.

1. Updates

Windows Updates

It is essential that you regularly check and install the latest Windows Updates. Vulnerabilities within Windows can leave your computer open to infection. Regular updates are released to fix these security vulnerabilities. It is recommended that you set Windows to check, download and install your updates automatically.

  • Click Start
  • Select Control Panel
  • Click on Automatic (recommended)
  • Set the day and time for the update check. Set this to a time when your computer will normally be on and connected to the internet.
  • Click Apply then OK.
Java Updates

You should install service packs SP1 and SP2 on your system and enable UAC for greater security.


As with Windows, Java also needs to be regularly updated to fix security vulnerabilites. You can download the latest version of the Java Runtime Environment (JRE) from here. Download, install and reboot your computer. You also need to uininstall older versions of Java.

  • Click Start
  • Select Control Panel
  • Select Add or Remove Programs
  • Remove all Java updates except the latest one you have just installed.
Adobe Updates

Your Adobe reader needs updating. You should ensure you use the latest Adobe Acrobat Reader and install any security updates that are released. You can download the latest reader and updates from here.

Other Updates

Regularly check for updates for all your security programs including firewall, antivirus, antispyware etc

2. Security Programs

Here is a list of security programs that I would recommend.

Firewall

A firewall is essential to stop hackers infiltrating your computer. The following firewalls are free for personal use. Do not install more than one firewall.

Zone Alarm is an excellent free basic firewall which is very easy to use.
Online-Armor Free is a more advanced firewall which includes a Host Intrusion Protection System (HIPS). This ensures that unrecognised programs will not run unless you give permission.

Antivirus

An antivirus program is essential. The following antivirus programs are free for personal use. Do not use more than one antivirus and always update virus definitions regularly.

AVG
Avira Free
Avast

Anti-Malware

Malwarebytes Anti-Malware MBAM is an excellent anti-malware tool that should be updated and a Quick Scan performed regularly. A Full Scan does not have to be carried out on such a regular basis as the developers aim to detect the vast majority of malware with the Quick Scan. The scanner is free for on-demand scans only.

Ad-Aware, Spybot, SuperAntispyware and A-Squared Free are also very good anti-malware programs that are free for on-demand scans. Spybot has a real-time protection feature called TeaTimer.

Prevention

SpywareBlaster is an excellent free tool for preventing the installation of spyware.
SpywareGuard offers real-time protection so that spyware is detected and blocked before it can do any harm.

Cleaner

ATF Cleaner removes temporary Internet Explorer, Firefox and Windows files.

Browser

Firefox is an alternative browser to Internet Explorer and is more secure.
NoScript is an add-on for Firefox and prevents execution of malicious scripts.
MVPS is a HOSTS file to replace your existing file. This prevents you connecting to a list of well-known ad sites.
  • 0

#22
Skag
Posted 09 January 2010 - 08:26 AM

Skag

    Member

  • Topic Starter
  • Member
  • PipPip
  • 15 posts
I'm still getting a one problem that I didn't get before the malware. The biggest is that my laptop will refuse to shutdown or restart sometimes. I had ran the OTC application and clicked yes to reboot, however it didn't make any attempt to reboot. I tried through the start button but that didn't work either. Also I couldn't get into Windows Task manager. It seemed my laptop just ignored it, since everything else ran fine such as opening up an internet browser.

Other than that I think I've secured my laptop well. Theres 1 or 2 windows updates I have yet to download and install, better than the 61 I saw the other day. I still have to install SP1 and SP2 but I'm having problems with SP1 installation. Jav and Adobe is up to date. I have a bitdefender firewall and anti-virus that is up to date. MBAM and Spywareguard is installed. I already have CCleaner installed and NoScript is on my firefox. And I've done MVPS.


Thank you for all the help and advice. You have helped alot and made my laptop probably better than it was before it was infected. Easy to follow instructions and very fast replies - I would recommend this website to anyone with PC problems!

Edited by Skag, 09 January 2010 - 10:07 AM.

  • 0

#23
hammerman
Posted 09 January 2010 - 12:25 PM

hammerman

    Member 4k

  • Member
  • PipPipPipPipPipPipPip
  • 4,183 posts
Hi,

Did these startup delays and shutdown problems start after installing BitDefender?
  • 0

#24
Skag
Posted 10 January 2010 - 09:25 AM

Skag

    Member

  • Topic Starter
  • Member
  • PipPip
  • 15 posts
No, bitdefender was installed I experienced these problems, I'm sure of this. Im not quite sure what could be the cause - it could be the windows updates. I remember the updates had caused problems on my laptop previously making it alot slower. But this was about a year or so ago.
  • 0

#25
hammerman
Posted 10 January 2010 - 01:46 PM

hammerman

    Member 4k

  • Member
  • PipPipPipPipPipPipPip
  • 4,183 posts
Hi,

Let's get a fresh look at your system.

  • Download OTL to your desktop.
  • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
  • When the window appears, underneath Output at the top change it to Minimal Output.
  • Under the Custom Scan box paste this in

    netsvcs
    msconfig
    safebootminimal
    safebootnetwork
    activex
    drivers32
    %ALLUSERSPROFILE%\Application Data\*.
    %ALLUSERSPROFILE%\Application Data\*.exe /s
    %APPDATA%\*.
    %APPDATA%\*.exe /s
    %SYSTEMDRIVE%\*.exe
    /md5start
    eventlog.dll
    scecli.dll
    netlogon.dll
    cngaudit.dll
    sceclt.dll
    ntelogon.dll
    logevent.dll
    iaStor.sys
    nvstor.sys
    nvstor32.sys
    atapi.sys
    IdeChnDr.sys
    viasraid.sys
    AGP440.sys
    vaxscsi.sys
    nvatabus.sys
    viamraid.sys
    nvata.sys
    nvgts.sys
    iastorv.sys
    ViPrt.sys
    eNetHook.dll
    ahcix86.sys
    KR10N.sys
    ahcix86s.sys
    nvrd32.sys
    /md5stop
    %systemroot%\*. /mp /s
    c:\$recycle.bin\*.* /s
    %systemroot%\system32\*.dll /lockedfiles
    %systemroot%\Tasks\*.job /lockedfiles
    CREATERESTOREPOINT

  • Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan won't take long.
  • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
  • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post it with your next reply. You may need two posts to fit them all in.

  • 0

Advertisements

#26
Skag
Posted 10 January 2010 - 07:12 PM

Skag

    Member

  • Topic Starter
  • Member
  • PipPip
  • 15 posts
here are the reports:
OTL.txt

OTL logfile created on: 11/01/2010 00:31:37 - Run 1
OTL by OldTimer - Version 3.1.23.0 Folder = C:\Users\Sunil\Desktop
Windows Vista Home Premium Edition (Version = 6.0.6000) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18865)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 64.00% Memory free
6.00 Gb Paging File | 4.00 Gb Available in Paging File | 75.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 149.04 Gb Total Space | 75.25 Gb Free Space | 50.49% Space Free | Partition Type: NTFS
Drive D: | 141.23 Gb Total Space | 50.41 Gb Free Space | 35.70% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: SUNILS--LAPTOP
Current User Name: Sunil
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal

========== Processes (SafeList) ==========

PRC - C:\Users\Sunil\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Bit Defender NEW\BitDefender 2010\seccenter.exe (BitDefender S.R.L.)
PRC - C:\Program Files\Bit Defender NEW\BitDefender 2010\bdagent.exe (BitDefender S.R.L.)
PRC - C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe (BitDefender S.R.L.)
PRC - C:\Program Files\Bit Defender NEW\BitDefender 2010\vsserv.exe (BitDefender S.R.L.)
PRC - C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe (Motorola Inc.)
PRC - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (Apple Inc.)
PRC - C:\Windows\System32\PnkBstrA.exe ()
PRC - C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE (Microsoft Corporation)
PRC - C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE (Microsoft Corporation)
PRC - C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc.)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Windows\ASScrPro.exe ()
PRC - C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
PRC - C:\Windows\System32\Ati2evxx.exe (ATI Technologies Inc.)
PRC - C:\Program Files\ATKGFNEX\GFNEXSrv.exe ()
PRC - C:\Program Files\ASUS\Splendid\ACMON.exe (ATK)
PRC - C:\Program Files\Common Files\LightScribe\LSSrvc.exe (Hewlett-Packard Company)
PRC - C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe ()
PRC - C:\Program Files\ATK Hotkey\HControl.exe (ATK0100)
PRC - C:\Program Files\ATK Hotkey\KBFiltr.exe ()
PRC - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics, Inc.)
PRC - C:\Program Files\ATK Hotkey\ASLDRSrv.exe ()
PRC - C:\Program Files\ATKOSD2\ATKOSD2.exe ()
PRC - C:\Program Files\Wireless Console 2\wcourier.exe ()
PRC - C:\Program Files\ATK Hotkey\ATKOSD.exe ()
PRC - C:\Windows\System32\WUDFHost.exe (Microsoft Corporation)
PRC - C:\Windows\System32\wbem\unsecapp.exe (Microsoft Corporation)
PRC - C:\Windows\System32\ACEngSvr.exe (ASUSTeK)
PRC - C:\Program Files\SpywareGuard\sgmain.exe ()
PRC - C:\Program Files\SpywareGuard\sgbhp.exe ()


========== Modules (SafeList) ==========

MOD - C:\Users\Sunil\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\Program Files\Bit Defender NEW\BitDefender 2010\Active Virus Control\midas32-v2_000\plugin_extra.m32 (BitDefender S.R.L. Bucharest, ROMANIA)
MOD - C:\Program Files\Bit Defender NEW\BitDefender 2010\Active Virus Control\midas32-v2_000\plugin_nt.m32 (BitDefender S.R.L. Bucharest, ROMANIA)
MOD - C:\Program Files\Bit Defender NEW\BitDefender 2010\Active Virus Control\midas32-v2_000\plugin_net.m32 (BitDefender S.R.L. Bucharest, ROMANIA)
MOD - C:\Program Files\Bit Defender NEW\BitDefender 2010\Active Virus Control\midas32-v2_000\plugin_fragments.m32 (BitDefender S.R.L. Bucharest, ROMANIA)
MOD - C:\Program Files\Bit Defender NEW\BitDefender 2010\Active Virus Control\midas32-v2_000\plugin_registry.m32 (BitDefender S.R.L. Bucharest, ROMANIA)
MOD - C:\Program Files\Bit Defender NEW\BitDefender 2010\Active Virus Control\midas32-v2_000\plugin_base.m32 (BitDefender S.R.L. Bucharest, ROMANIA)
MOD - C:\Program Files\Bit Defender NEW\BitDefender 2010\Active Virus Control\midas32-v2_000\midas32.dll (BitDefender S.R.L. Bucharest, ROMANIA)
MOD - C:\Windows\System32\sfc_os.dll (Microsoft Corporation)
MOD - C:\Windows\System32\sfc.dll (Microsoft Corporation)
MOD - C:\Windows\System32\msi.dll (Microsoft Corporation)
MOD - C:\Windows\System32\msiltcfg.dll (Microsoft Corporation)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll (Microsoft Corporation)


========== Win32 Services (SafeList) ==========

SRV - (LIVESRV) -- C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe (BitDefender S.R.L.)
SRV - (iPod Service) -- C:\Program Files\iPod\bin\iPodService.exe (Apple Inc.)
SRV - (VSSERV) -- C:\Program Files\Bit Defender NEW\BitDefender 2010\vsserv.exe (BitDefender S.R.L.)
SRV - (scan) -- C:\Program Files\Common Files\BitDefender\BitDefender Threat Scanner\scan.dll (S.C. BitDefender S.R.L)
SRV - (Arrakis3) -- C:\Program Files\Common Files\BitDefender\BitDefender Arrakis Server\bin\arrakis3.exe (BitDefender S.R.L. http://www.bitdefender.com)
SRV - (Steam Client Service) -- C:\Program Files\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (Apple Mobile Device) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (Apple Inc.)
SRV - (PnkBstrA) -- C:\Windows\System32\PnkBstrA.exe ()
SRV - (wlidsvc) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corporation)
SRV - (Bonjour Service) -- C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc.)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (Ati External Event Utility) -- C:\Windows\System32\Ati2evxx.exe (ATI Technologies Inc.)
SRV - (ATKGFNEXSrv) -- C:\Program Files\ATKGFNEX\GFNEXSrv.exe ()
SRV - (LightScribeService) -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe (Hewlett-Packard Company)
SRV - (NMIndexingService) -- C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe (Nero AG)
SRV - (ADSMService) -- C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe ()
SRV - (NBService) -- C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe (Nero AG)
SRV - (ASLDRService) -- C:\Program Files\ATK Hotkey\ASLDRSrv.exe ()
SRV - (ehstart) -- C:\Windows\ehome\ehstart.dll (Microsoft Corporation)
SRV - (ose) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)
SRV - (IDriverT) -- C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe (Macrovision Corporation)


========== Driver Services (SafeList) ==========

DRV - (BDFM) -- C:\Windows\System32\drivers\bdfm.sys (BitDefender S.R.L. Bucharest, ROMANIA)
DRV - (BDSelfPr) -- C:\Program Files\Bit Defender NEW\BitDefender 2010\bdselfpr.sys (BitDefender)
DRV - (smserial) -- C:\Windows\System32\drivers\smserial.sys (Motorola Inc.)
DRV - (BdfNdisf) -- C:\Windows\System32\drivers\BdfNdisf6.sys (BitDefender LLC)
DRV - (BDVEDISK) -- C:\Program Files\Bit Defender NEW\BitDefender 2010\bdvedisk.sys (BitDefender)
DRV - (athr) -- C:\Windows\System32\drivers\athr.sys (Atheros Communications, Inc.)
DRV - (bdftdif) -- C:\Program Files\Common Files\BitDefender\BitDefender Firewall\bdftdif.sys (BitDefender LLC)
DRV - (Profos) -- C:\Program Files\Common Files\BitDefender\BitDefender Threat Scanner\profos.sys (BitDefender S.R.L.)
DRV - (bdfsfltr) -- C:\Windows\system32\DRIVERS\bdfsfltr.sys (BitDefender S.R.L. Bucharest, ROMANIA)
DRV - (USBAAPL) -- C:\Windows\System32\drivers\usbaapl.sys (Apple, Inc.)
DRV - (GEARAspiWDM) -- C:\Windows\System32\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV - (Trufos) -- C:\Program Files\Common Files\BitDefender\BitDefender Threat Scanner\trufos.sys (BitDefender S.R.L.)
DRV - (ENTECH) -- C:\Windows\System32\drivers\Entech.sys (EnTech Taiwan)
DRV - (SiSGbeLH) -- C:\Windows\System32\drivers\SiSGB6.sys (Silicon Integrated Systems Corp.)
DRV - (PxHelp20) -- C:\Windows\System32\Drivers\PxHelp20.sys (Sonic Solutions)
DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\Windows\System32\drivers\RTKVHDA.sys (Realtek Semiconductor Corp.)
DRV - (atikmdag) -- C:\Windows\System32\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV - (RTSTOR) -- C:\Windows\System32\drivers\RTSTOR.sys (Realtek Semiconductor Corp.)
DRV - (FiltUSBET) -- C:\Windows\System32\drivers\etFilter.sys (eMPIA Technology Inc.)
DRV - (ScanUSBET) -- C:\Windows\System32\drivers\etScan.sys (eMPIA Technology, Inc.)
DRV - (DCamUSBET) -- C:\Windows\System32\drivers\etDevice.sys (eMPIA Technology, Inc.)
DRV - (AsDsm) -- C:\Windows\System32\drivers\AsDsm.sys (Windows ® Codename Longhorn DDK provider)
DRV - (ASMMAP) -- C:\Program Files\ATKGFNEX\ASMMAP.sys ()
DRV - (SynTP) -- C:\Windows\System32\drivers\SynTP.sys (Synaptics, Inc.)
DRV - (kbfiltr) -- C:\Windows\System32\drivers\kbfiltr.sys ( )
DRV - (MTsensor) -- C:\Windows\System32\drivers\ATKACPI.sys (ATK0100)
DRV - (ql2300) -- C:\Windows\system32\drivers\ql2300.sys (QLogic Corporation)
DRV - (adp94xx) -- C:\Windows\system32\drivers\adp94xx.sys (Adaptec, Inc.)
DRV - (elxstor) -- C:\Windows\system32\drivers\elxstor.sys (Emulex)
DRV - (adpahci) -- C:\Windows\system32\drivers\adpahci.sys (Adaptec, Inc.)
DRV - (uliahci) -- C:\Windows\system32\drivers\uliahci.sys (ULi Electronics Inc.)
DRV - (iaStorV) -- C:\Windows\system32\drivers\iastorv.sys (Intel Corporation)
DRV - (adpu320) -- C:\Windows\system32\drivers\adpu320.sys (Adaptec, Inc.)
DRV - (ulsata2) -- C:\Windows\system32\drivers\ulsata2.sys (Promise Technology, Inc.)
DRV - (vsmraid) -- C:\Windows\system32\drivers\vsmraid.sys (VIA Technologies Inc.,Ltd)
DRV - (ql40xx) -- C:\Windows\system32\drivers\ql40xx.sys (QLogic Corporation)
DRV - (UlSata) -- C:\Windows\system32\drivers\ulsata.sys (Promise Technology, Inc.)
DRV - (adpu160m) -- C:\Windows\system32\drivers\adpu160m.sys (Adaptec, Inc.)
DRV - (nvraid) -- C:\Windows\system32\drivers\nvraid.sys (NVIDIA Corporation)
DRV - (nfrd960) -- C:\Windows\system32\drivers\nfrd960.sys (IBM Corporation)
DRV - (iirsp) -- C:\Windows\system32\drivers\iirsp.sys (Intel Corp./ICP vortex GmbH)
DRV - (TPM) -- C:\Windows\System32\drivers\tpm.sys (Microsoft Corporation)
DRV - (SiSRaid4) -- C:\Windows\system32\drivers\sisraid4.sys (Silicon Integrated Systems)
DRV - (nvstor) -- C:\Windows\system32\drivers\nvstor.sys (NVIDIA Corporation)
DRV - (aic78xx) -- C:\Windows\system32\drivers\djsvs.sys (Adaptec, Inc.)
DRV - (arcsas) -- C:\Windows\system32\drivers\arcsas.sys (Adaptec, Inc.)
DRV - (LSI_SCSI) -- C:\Windows\system32\drivers\lsi_scsi.sys (LSI Logic)
DRV - (SiSRaid2) -- C:\Windows\system32\drivers\sisraid2.sys (Silicon Integrated Systems Corp.)
DRV - (HpCISSs) -- C:\Windows\system32\drivers\hpcisss.sys (Hewlett-Packard Company)
DRV - (arc) -- C:\Windows\system32\drivers\arc.sys (Adaptec, Inc.)
DRV - (iteraid) -- C:\Windows\system32\drivers\iteraid.sys (Integrated Technology Express, Inc.)
DRV - (iteatapi) -- C:\Windows\system32\drivers\iteatapi.sys (Integrated Technology Express, Inc.)
DRV - (LSI_SAS) -- C:\Windows\system32\drivers\lsi_sas.sys (LSI Logic)
DRV - (Symc8xx) -- C:\Windows\system32\drivers\symc8xx.sys (LSI Logic)
DRV - (LSI_FC) -- C:\Windows\system32\drivers\lsi_fc.sys (LSI Logic)
DRV - (Sym_u3) -- C:\Windows\system32\drivers\sym_u3.sys (LSI Logic)
DRV - (Mraid35x) -- C:\Windows\system32\drivers\mraid35x.sys (LSI Logic Corporation)
DRV - (Sym_hi) -- C:\Windows\system32\drivers\sym_hi.sys (LSI Logic)
DRV - (megasas) -- C:\Windows\system32\drivers\megasas.sys (LSI Logic Corporation)
DRV - (viaide) -- C:\Windows\system32\drivers\viaide.sys (VIA Technologies, Inc.)
DRV - (cmdide) -- C:\Windows\system32\drivers\cmdide.sys (CMD Technology, Inc.)
DRV - (aliide) -- C:\Windows\system32\drivers\aliide.sys (Acer Laboratories Inc.)
DRV - (MODEMCSA) -- C:\Windows\System32\drivers\MODEMCSA.sys (Microsoft Corporation)
DRV - (Brserid) Brother MFC Serial Port Interface Driver (WDM) -- C:\Windows\system32\drivers\brserid.sys (Brother Industries Ltd.)
DRV - (BrUsbSer) -- C:\Windows\system32\drivers\brusbser.sys (Brother Industries Ltd.)
DRV - (BrFiltUp) -- C:\Windows\system32\drivers\brfiltup.sys (Brother Industries, Ltd.)
DRV - (BrFiltLo) -- C:\Windows\system32\drivers\brfiltlo.sys (Brother Industries, Ltd.)
DRV - (BrSerWdm) -- C:\Windows\system32\drivers\brserwdm.sys (Brother Industries Ltd.)
DRV - (BrUsbMdm) -- C:\Windows\system32\drivers\brusbmdm.sys (Brother Industries Ltd.)
DRV - (ntrigdigi) -- C:\Windows\system32\drivers\ntrigdigi.sys (N-trig Innovative Technologies)
DRV - (RTL8169) -- C:\Windows\System32\drivers\Rtlh86.sys (Realtek Corporation)
DRV - (NETw3v32) Intel® -- C:\Windows\System32\drivers\NETw3v32.sys (Intel® Corporation)
DRV - (E1G60) Intel® -- C:\Windows\System32\drivers\E1G60I32.sys (Intel Corporation)
DRV - (secdrv) -- C:\Windows\System32\drivers\secdrv.sys (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)
DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========


IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.asus.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://www.google.co.uk"
FF - prefs.js..extensions.enabledItems: [email protected]:4.0.27.0
FF - prefs.js..extensions.enabledItems: [email protected]:2.0
FF - prefs.js..extensions.enabledItems: {0545b830-f0aa-4d7e-8820-50a4629a56fe}:4.1
FF - prefs.js..extensions.enabledItems: {89506680-e3f4-484c-a2c0-ed711d481eda}:0.9.5.1
FF - prefs.js..extensions.enabledItems: [email protected]:1.5
FF - prefs.js..extensions.enabledItems: {46551EC9-40F0-4e47-8E18-8E5CF550CFB8}:1.0.7
FF - prefs.js..extensions.enabledItems: Office2007Black@JBBS:1.4.6

FF - HKLM\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\Bit Defender NEW\BitDefender 2010\bdaphffext\ [2010/01/07 13:56:40 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.7\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/01/09 15:46:39 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.7\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/01/09 15:46:39 | 00,000,000 | ---D | M]

[2008/09/27 15:14:38 | 00,000,000 | ---D | M] -- C:\Users\Sunil\AppData\Roaming\Mozilla\Extensions
[2010/01/10 16:01:38 | 00,000,000 | ---D | M] -- C:\Users\Sunil\AppData\Roaming\Mozilla\Firefox\Profiles\4956bnvf.default\extensions
[2010/01/07 16:17:09 | 00,000,000 | ---D | M] (No name found) -- C:\Users\Sunil\AppData\Roaming\Mozilla\Firefox\Profiles\4956bnvf.default\extensions\{0545b830-f0aa-4d7e-8820-50a4629a56fe}
[2008/12/05 01:47:51 | 00,000,000 | ---D | M] (No name found) -- C:\Users\Sunil\AppData\Roaming\Mozilla\Firefox\Profiles\4956bnvf.default\extensions\{0545b830-f0aa-4d7e-8820-50a4629a56fe}(73)
[2010/01/07 16:25:24 | 00,000,000 | ---D | M] (Stylish) -- C:\Users\Sunil\AppData\Roaming\Mozilla\Firefox\Profiles\4956bnvf.default\extensions\{46551EC9-40F0-4e47-8E18-8E5CF550CFB8}
[2010/01/09 13:53:09 | 00,000,000 | ---D | M] (No name found) -- C:\Users\Sunil\AppData\Roaming\Mozilla\Firefox\Profiles\4956bnvf.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}
[2008/10/16 22:44:26 | 00,000,000 | ---D | M] (Aquatint Black Gloss) -- C:\Users\Sunil\AppData\Roaming\Mozilla\Firefox\Profiles\4956bnvf.default\extensions\{7694c49c-9fbd-11dc-8314-0800200c9a66}
[2009/10/01 15:50:46 | 00,000,000 | ---D | M] (Firefox Showcase) -- C:\Users\Sunil\AppData\Roaming\Mozilla\Firefox\Profiles\4956bnvf.default\extensions\{89506680-e3f4-484c-a2c0-ed711d481eda}
[2010/01/07 17:22:34 | 00,000,000 | ---D | M] (No name found) -- C:\Users\Sunil\AppData\Roaming\Mozilla\Firefox\Profiles\4956bnvf.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}
[2009/10/23 03:49:30 | 00,000,000 | ---D | M] -- C:\Users\Sunil\AppData\Roaming\Mozilla\Firefox\Profiles\4956bnvf.default\extensions\[email protected]
[2010/01/07 16:52:24 | 00,000,000 | ---D | M] -- C:\Users\Sunil\AppData\Roaming\Mozilla\Firefox\Profiles\4956bnvf.default\extensions\[email protected]
[2008/12/06 02:30:43 | 00,000,000 | ---D | M] -- C:\Users\Sunil\AppData\Roaming\Mozilla\Firefox\Profiles\4956bnvf.default\extensions\nasanightlaunch@example(72).com
[2010/01/07 16:49:16 | 00,000,000 | ---D | M] -- C:\Users\Sunil\AppData\Roaming\Mozilla\Firefox\Profiles\4956bnvf.default\extensions\Office2007Black@JBBS
[2010/01/07 16:59:58 | 00,000,000 | ---D | M] -- C:\Users\Sunil\AppData\Roaming\Mozilla\Firefox\Profiles\4956bnvf.default\extensions\[email protected]
[2010/01/09 13:53:09 | 00,000,000 | ---D | M] -- C:\Users\Sunil\AppData\Roaming\Mozilla\Firefox\Profiles\4956bnvf.default\extensions\staged-xpis
[2008/10/16 15:59:22 | 00,001,146 | ---- | M] () -- C:\Users\Sunil\AppData\Roaming\Mozilla\Firefox\Profiles\4956bnvf.default\searchplugins\bbc-news.xml
[2008/10/16 15:59:31 | 00,001,504 | ---- | M] () -- C:\Users\Sunil\AppData\Roaming\Mozilla\Firefox\Profiles\4956bnvf.default\searchplugins\imdb.xml
[2010/01/08 11:51:58 | 00,004,868 | ---- | M] () -- C:\Users\Sunil\AppData\Roaming\Mozilla\Firefox\Profiles\4956bnvf.default\searchplugins\isohunt---bt-search.xml
[2009/02/24 02:28:15 | 00,002,298 | ---- | M] () -- C:\Users\Sunil\AppData\Roaming\Mozilla\Firefox\Profiles\4956bnvf.default\searchplugins\lastfm.xml
[2009/03/03 00:58:09 | 00,002,006 | ---- | M] () -- C:\Users\Sunil\AppData\Roaming\Mozilla\Firefox\Profiles\4956bnvf.default\searchplugins\urban-dictionary.xml
[2009/02/07 17:44:42 | 00,001,337 | ---- | M] () -- C:\Users\Sunil\AppData\Roaming\Mozilla\Firefox\Profiles\4956bnvf.default\searchplugins\whois-lookup.xml
[2008/10/16 15:59:51 | 00,001,032 | ---- | M] () -- C:\Users\Sunil\AppData\Roaming\Mozilla\Firefox\Profiles\4956bnvf.default\searchplugins\wikipedia-eng.xml
[2008/10/16 16:00:06 | 00,002,108 | ---- | M] () -- C:\Users\Sunil\AppData\Roaming\Mozilla\Firefox\Profiles\4956bnvf.default\searchplugins\youtube-video-search.xml
[2010/01/10 16:01:38 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2009/10/19 18:59:44 | 00,047,104 | ---- | M] (BitDefender S.R.L.) -- C:\Program Files\Mozilla Firefox\components\FFComm.dll
[2009/12/21 05:47:02 | 00,063,488 | ---- | M] (Nullsoft) -- C:\Program Files\Mozilla Firefox\plugins\npwachk.dll
[2010/01/07 16:05:20 | 00,001,538 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazon-en-GB.xml
[2010/01/07 16:05:20 | 00,000,947 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\chambers-en-GB.xml
[2010/01/07 16:05:20 | 00,000,769 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay-en-GB.xml
[2010/01/07 16:05:20 | 00,000,831 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-en-GB.xml

O1 HOSTS File: (625907 bytes) - C:\Windows\System32\drivers\etc\HOSTS
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 fr.a2dfp.net
O1 - Hosts: 127.0.0.1 m.fr.a2dfp.net
O1 - Hosts: 127.0.0.1 ad.a8.net
O1 - Hosts: 127.0.0.1 asy.a8ww.net
O1 - Hosts: 127.0.0.1 adv.abv.bg
O1 - Hosts: 127.0.0.1 bimg.abv.bg
O1 - Hosts: 127.0.0.1 www2.a-counter.kiev.ua
O1 - Hosts: 127.0.0.1 track.acclaimnetwork.com
O1 - Hosts: 127.0.0.1 accuserveadsystem.com
O1 - Hosts: 127.0.0.1 www.accuserveadsystem.com
O1 - Hosts: 127.0.0.1 achmedia.com
O1 - Hosts: 127.0.0.1 aconti.net
O1 - Hosts: 127.0.0.1 secure.aconti.net
O1 - Hosts: 127.0.0.1 www.aconti.net #[Dialer.Aconti]
O1 - Hosts: 127.0.0.1 ads.active.com
O1 - Hosts: 127.0.0.1 am1.activemeter.com
O1 - Hosts: 127.0.0.1 www.activemeter.com #[Tracking.Cookie]
O1 - Hosts: 127.0.0.1 ads.activepower.net
O1 - Hosts: 127.0.0.1 data2.activshopper.com #[Trackware.ActivShopper]
O1 - Hosts: 127.0.0.1 stat.active24stats.nl #[Tracking.Cookie]
O1 - Hosts: 127.0.0.1 ad2games.com
O1 - Hosts: 127.0.0.1 cms.ad2click.nl
O1 - Hosts: 127.0.0.1 ads.ad2games.com
O1 - Hosts: 127.0.0.1 content.ad20.net
O1 - Hosts: 16591 more lines...
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (SpywareGuardDLBLOCK.CBrowserHelper) - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - C:\Program Files\SpywareGuard\dlprotect.dll ()
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O3 - HKLM\..\Toolbar: (BitDefender Toolbar) - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\Bit Defender NEW\BitDefender 2010\ietoolbar.dll (BitDefender S.R.L.)
O4 - HKLM..\Run: [ASUS Screen Saver Protector] C:\Windows\ASScrPro.exe ()
O4 - HKLM..\Run: [BDAgent] C:\Program Files\Bit Defender NEW\BitDefender 2010\bdagent.exe (BitDefender S.R.L.)
O4 - HKLM..\Run: [BitDefender Antiphishing Helper] C:\Program Files\Bit Defender NEW\BitDefender 2010\IEShow.exe (BitDefender S.R.L.)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [SMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe (Motorola Inc.)
O4 - HKLM..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics, Inc.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
O4 - Startup: C:\Users\Sunil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SpywareGuard.lnk = C:\Program Files\SpywareGuard\sgmain.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra 'Tools' menuitem : Uninstall BitDefender Online Scanner - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKLM\..Trusted Domains: 48 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKCU\..Trusted Domains: 48 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} http://messenger.zon...kr.cab56986.cab (Checkers Class)
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} http://download.bitd...can8/oscan8.cab (BDSCANONLINE Control)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.micros...b?1242104793887 (WUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zon...nt.cab56907.cab (MessengerStatsClient Class)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} http://messenger.zon...er.cab56986.cab (Minesweeper Flags Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {81559C35-8464-49F7-BB0E-07A383BEF910} - C:\Program Files\SpywareGuard\spywareguard.dll ()
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 21:43:36 | 00,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (aswBoot.exe /A:"*" /L:"English" /KBD:3) - File not found
O35 - comfile [open] -- "%1" %*
O35 - exefile [open] -- "%1" %*

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias [2006/11/02 11:18:47 | 00,000,000 | ---D | M]
NetSvcs: Irmon - C:\Windows\System32\irmon.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: Wmi - C:\Windows\System32\wmi.dll (Microsoft Corporation)
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found

MsConfig - StartUpReg: Adobe Reader Speed Launcher - hkey= - key= - C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
MsConfig - StartUpReg: Google Update - hkey= - key= - C:\Users\Sunil\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.)
MsConfig - StartUpReg: iTunesHelper - hkey= - key= - D:\ITUNES!\iTunesHelper.exe (Apple Inc.)
MsConfig - StartUpReg: LightScribe Control Panel - hkey= - key= - C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe (Hewlett-Packard Company)
MsConfig - StartUpReg: NeroFilterCheck - hkey= - key= - C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe (Nero AG)
MsConfig - StartUpReg: QuickTime Task - hkey= - key= - C:\Program Files\QuickTime\QTTask.exe (Apple Inc.)
MsConfig - State: "startup" - 2

SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: NTDS - File not found
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PEVSystemStart - Service
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: procexp90.Sys - Driver
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: NTDS - File not found
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PEVSystemStart - Service
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: procexp90.Sys - Driver
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

ActiveX: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "C:\Program Files\Common Files\LightScribe\LSRunOnce.exe"
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} -
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 11.0
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} -
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.7
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - Web Folders
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {78310121-036D-427A-9FAA-A9D8135E5F8F} - .NET Framework
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP

Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.lhacm - C:\Windows\System32\lhacm.acm (Microsoft Corporation)
Drivers32: msacm.siren - C:\Windows\System32\sirenacm.dll (Microsoft Corporation)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\Windows\System32\DivX.dll (DivX, Inc.)
Drivers32: vidc.yv12 - C:\Windows\System32\DivX.dll (DivX, Inc.)
Drivers32: wave1 - C:\Windows\System32\serwvdrv.dll (Microsoft Corporation)
OTL cannot create restorepoints on Vista OSs!

========== Files/Folders - Created Within 30 Days ==========

[2010/01/11 00:29:29 | 00,543,744 | ---- | C] (OldTimer Tools) -- C:\Users\Sunil\Desktop\OTL.exe
[2010/01/09 15:47:29 | 00,148,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ks.sys
[2010/01/09 15:46:34 | 00,897,920 | ---- | C] (Microsoft Corporation) -- C:\Users\Sunil\Desktop\WGAPluginInstall.exe
[2010/01/09 15:13:21 | 45,561,1504 | ---- | C] (Microsoft Corporation) -- C:\Users\Sunil\Desktop\Windows6.0-KB936330-X86-wave0.exe
[2010/01/09 14:47:38 | 00,726,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript.dll
[2010/01/09 14:08:44 | 00,000,000 | ---D | C] -- C:\Program Files\SpywareGuard
[2010/01/09 13:35:33 | 00,000,000 | ---D | C] -- C:\32788R22FWJFW
[2010/01/08 14:31:19 | 00,000,000 | ---D | C] -- C:\Program Files\Orb Networks
[2010/01/08 14:24:43 | 24,569,416 | ---- | C] (Orb Networks) -- C:\Users\Sunil\Desktop\Orb20SetupUs.exe
[2010/01/08 13:44:14 | 00,000,000 | ---D | C] -- C:\Users\Sunil\Office Genuine Advantage
[2010/01/07 21:37:12 | 01,638,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2010/01/07 21:37:11 | 00,594,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2010/01/07 21:37:11 | 00,184,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2010/01/07 21:37:11 | 00,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2010/01/07 21:37:10 | 00,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2010/01/07 21:37:10 | 00,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2010/01/07 21:37:09 | 00,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2010/01/07 21:37:09 | 00,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2010/01/07 21:37:08 | 00,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2010/01/07 21:37:08 | 00,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2010/01/07 21:37:07 | 00,387,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2010/01/07 21:37:07 | 00,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2010/01/07 21:37:07 | 00,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2010/01/07 21:37:06 | 01,469,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2010/01/07 21:34:23 | 00,156,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll
[2010/01/07 21:34:23 | 00,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\admparse.dll
[2010/01/07 21:34:23 | 00,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtmler.dll
[2010/01/07 21:34:22 | 00,348,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll
[2010/01/07 21:34:22 | 00,216,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll
[2010/01/07 21:34:22 | 00,125,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakeng.dll
[2010/01/07 21:34:22 | 00,034,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imgutil.dll
[2010/01/07 21:34:22 | 00,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\corpol.dll
[2010/01/07 21:34:21 | 00,229,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll
[2010/01/07 21:34:21 | 00,193,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll
[2010/01/07 21:34:21 | 00,094,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inseng.dll
[2010/01/07 21:34:21 | 00,043,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[2010/01/07 21:34:20 | 00,611,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll
[2010/01/07 21:34:20 | 00,208,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WinFXDocObj.exe
[2010/01/07 21:34:20 | 00,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakui.dll
[2010/01/07 21:34:20 | 00,066,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wextract.exe
[2010/01/07 21:34:19 | 00,445,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2010/01/07 21:34:19 | 00,420,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vbscript.dll
[2010/01/07 21:34:19 | 00,128,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\advpack.dll
[2010/01/07 21:34:19 | 00,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pngfilt.dll
[2010/01/07 21:34:18 | 00,385,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2010/01/07 21:34:18 | 00,105,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2010/01/07 21:34:17 | 03,698,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat
[2010/01/07 21:34:17 | 00,169,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iexpress.exe
[2010/01/07 21:34:16 | 00,109,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PDMSetup.exe
[2010/01/07 21:34:16 | 00,107,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe
[2010/01/07 21:34:16 | 00,107,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SetIEInstalledDate.exe
[2010/01/07 17:18:26 | 00,000,000 | ---D | C] -- C:\ProgramData\Office Genuine Advantage
[2010/01/07 17:04:46 | 00,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[2010/01/07 17:01:36 | 00,024,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nshhttp.dll
[2010/01/07 17:01:32 | 00,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\httpapi.dll
[2010/01/07 16:56:10 | 01,233,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\lsasrv.dll
[2010/01/07 16:27:37 | 00,000,000 | ---D | C] -- C:\Program Files\Winamp Detect
[2010/01/07 16:21:24 | 00,297,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlansec.dll
[2010/01/07 16:21:24 | 00,290,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlanmsm.dll
[2010/01/07 16:21:24 | 00,123,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\L2SecHC.dll
[2010/01/07 16:21:24 | 00,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlanhlp.dll
[2010/01/07 16:21:24 | 00,047,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlanapi.dll
[2010/01/07 16:21:09 | 00,604,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMSPDMOD.DLL
[2010/01/07 16:20:50 | 00,311,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\unregmp2.exe
[2010/01/07 16:20:49 | 00,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spwmp.dll
[2010/01/07 16:20:49 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxmasf.dll
[2010/01/07 16:20:48 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdxm.ocx
[2010/01/07 16:20:47 | 08,147,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmploc.DLL
[2010/01/07 16:13:07 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2010/01/07 14:37:52 | 00,000,000 | ---D | C] -- C:\Program Files\Sun
[2010/01/07 13:56:25 | 00,000,000 | ---D | C] -- C:\Users\Sunil\AppData\Roaming\BitDefender
[2010/01/07 13:56:23 | 00,000,000 | ---D | C] -- C:\ProgramData\BitDefender
[2010/01/07 13:56:23 | 00,000,000 | ---D | C] -- C:\Program Files\Bit Defender NEW
[2010/01/07 13:53:54 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\BitDefender
[2010/01/06 19:47:56 | 00,157,696 | ---- | C] (The RaProducts Team: Paul McLain and Fred de Vries) -- C:\Users\Sunil\Desktop\JavaRa.exe
[2010/01/06 19:44:49 | 00,107,368 | ---- | C] (GEAR Software Inc.) -- C:\Windows\System32\GEARAspi.dll
[2010/01/06 19:44:49 | 00,026,600 | ---- | C] (GEAR Software Inc.) -- C:\Windows\System32\drivers\GEARAspiWDM.sys
[2010/01/06 19:44:01 | 00,000,000 | ---D | C] -- C:\Program Files\iPod
[2010/01/06 19:43:56 | 00,000,000 | ---D | C] -- C:\ProgramData\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2010/01/06 19:41:25 | 00,000,000 | ---D | C] -- C:\Program Files\QuickTime
[2010/01/06 19:22:55 | 00,000,000 | ---D | C] -- C:\Users\Sunil\AppData\Local\AA2DeployClient
[2010/01/06 19:22:55 | 00,000,000 | ---D | C] -- C:\ProgramData\AA2DeployClient
[2010/01/06 19:22:01 | 00,000,000 | ---D | C] -- C:\Users\Sunil\AppData\Local\Apps
[2010/01/06 19:22:00 | 00,000,000 | ---D | C] -- C:\Users\Sunil\AppData\Local\Deployment
[2010/01/06 16:50:11 | 00,213,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\netio.sys
[2010/01/06 16:50:11 | 00,103,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netiohlp.dll
[2010/01/06 16:50:10 | 00,167,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tcpipcfg.dll
[2010/01/06 16:50:09 | 00,027,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NETSTAT.EXE
[2010/01/06 16:50:09 | 00,022,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netiougc.exe
[2010/01/06 16:50:09 | 00,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ARP.EXE
[2010/01/06 16:50:09 | 00,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ROUTE.EXE
[2010/01/06 16:50:09 | 00,011,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MRINFO.EXE
[2010/01/06 16:50:09 | 00,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\finger.exe
[2010/01/06 16:50:09 | 00,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TCPSVCS.EXE
[2010/01/06 16:50:09 | 00,008,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\HOSTNAME.EXE
[2010/01/06 16:50:08 | 00,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netevent.dll
[2010/01/06 16:48:35 | 00,428,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EncDec.dll
[2010/01/06 16:48:35 | 00,292,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\psisdecd.dll
[2010/01/06 16:48:35 | 00,217,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\psisrndr.ax
[2010/01/06 16:48:32 | 01,244,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mcmde.dll
[2010/01/06 16:48:32 | 00,177,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mpg2splt.ax
[2010/01/06 16:48:31 | 00,080,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSNP.ax
[2010/01/06 16:48:31 | 00,068,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Mpeg2Data.ax
[2010/01/06 16:48:31 | 00,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSDvbNP.ax
[2010/01/06 16:48:24 | 00,713,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\timedate.cpl
[2010/01/06 16:48:21 | 02,032,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2010/01/06 16:48:16 | 02,855,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mf.dll
[2010/01/06 16:48:16 | 02,433,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVCORE.DLL
[2010/01/06 16:48:15 | 00,098,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfps.dll
[2010/01/06 16:48:15 | 00,052,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rrinstaller.exe
[2010/01/06 16:48:14 | 00,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfpmp.exe
[2010/01/06 16:48:14 | 00,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mferror.dll
[2010/01/06 16:47:57 | 00,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msxml6r.dll
[2010/01/06 16:47:57 | 00,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msxml3r.dll
[2010/01/06 16:47:51 | 01,686,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gameux.dll
[2010/01/06 16:47:51 | 00,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Apphlpdm.dll
[2010/01/06 16:47:50 | 04,247,552 | ---- | C] (Microsoft) -- C:\Windows\System32\GameUXLegacyGDFs.dll
[2010/01/06 16:47:25 | 00,116,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\aaclient.dll
[2010/01/06 16:47:25 | 00,036,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tsgqec.dll
[2010/01/06 16:47:13 | 00,654,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\printfilterpipelinesvc.exe
[2010/01/06 16:47:13 | 00,158,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sdohlp.dll
[2010/01/06 16:47:13 | 00,097,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasrecst.dll
[2010/01/06 16:47:13 | 00,053,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasads.dll
[2010/01/06 16:47:13 | 00,037,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasdatastore.dll
[2010/01/06 16:47:13 | 00,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\printfilterpipelineprxy.dll
[2010/01/06 16:47:04 | 00,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdxm.tlb
[2010/01/06 16:47:04 | 00,018,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\amcompat.tlb
[2010/01/06 16:46:58 | 00,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\amxread.dll
[2010/01/06 16:46:58 | 00,014,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\apilogen.dll
[2010/01/06 16:46:53 | 00,500,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdtcprx.dll
[2010/01/06 16:46:53 | 00,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xolehlp.dll
[2010/01/06 16:46:50 | 00,123,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msvfw32.dll
[2010/01/06 16:46:50 | 00,088,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\avifil32.dll
[2010/01/06 16:46:50 | 00,082,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mciavi32.dll
[2010/01/06 16:46:50 | 00,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\avicap32.dll
[2010/01/06 16:46:45 | 03,502,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2010/01/06 16:46:45 | 03,467,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2010/01/06 16:46:41 | 00,289,792 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll
[2010/01/06 16:46:41 | 00,156,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\t2embed.dll
[2010/01/06 16:46:41 | 00,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fontsub.dll
[2010/01/06 16:46:41 | 00,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll
[2010/01/06 16:46:41 | 00,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dciman32.dll
[2010/01/06 16:46:28 | 00,696,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\localspl.dll
[2010/01/06 16:43:16 | 00,000,000 | ---D | C] -- C:\Windows\BDOSCAN8
[2010/01/06 16:32:54 | 00,274,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\raschap.dll
[2010/01/06 16:32:54 | 00,232,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rastls.dll
[2010/01/06 16:32:46 | 00,321,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSDApi.dll
[2010/01/06 15:36:34 | 00,000,000 | ---D | C] -- C:\Users\Sunil\Desktop\Malware Protection Files
[2010/01/06 15:33:14 | 00,160,608 | ---- | C] (Microsoft Corporation) -- C:\Users\Sunil\Desktop\bitdefender_isecurity.exe
[2010/01/06 15:27:12 | 00,149,280 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe
[2010/01/06 15:27:12 | 00,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe
[2010/01/06 15:27:12 | 00,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe
[2010/01/06 14:40:48 | 00,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2010/01/06 12:34:28 | 00,000,000 | ---D | C] -- C:\Program Files\Alwil Software
[2010/01/05 19:40:57 | 00,000,000 | ---D | C] -- C:\Users\Sunil\Desktop\SysProt
[2010/01/05 12:40:26 | 00,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2010/01/05 11:04:42 | 00,000,000 | ---D | C] -- C:\Windows\temp
[2010/01/05 11:04:42 | 00,000,000 | ---D | C] -- C:\Users\Sunil\AppData\Local\temp
[2010/01/05 10:35:35 | 00,000,000 | ---D | C] -- C:\Combo-Fix
[2010/01/03 05:11:24 | 00,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010/01/03 05:11:21 | 00,019,160 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010/01/03 05:11:21 | 00,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010/01/03 05:09:35 | 00,000,000 | ---D | C] -- C:\Windows\ERDNT
[2010/01/03 05:08:38 | 00,000,000 | ---D | C] -- C:\Program Files\ERUNT
[2010/01/03 01:36:32 | 45,347,568 | ---- | C] (Trend Micro Inc.) -- C:\Users\Public\Desktop\TrendMicro_TIS_17.50_en-US_32-bit.exe
[2009/12/30 06:47:04 | 00,000,000 | ---D | C] -- C:\Users\Sunil\Downloads\Flash Forward Season 1
[2009/12/30 02:30:30 | 00,000,000 | ---D | C] -- C:\Program Files\mkv2vob
[2009/12/29 13:22:44 | 00,000,000 | ---D | C] -- C:\Users\Sunil\Downloads\Flash Forward HD s01e09
[2009/12/29 13:21:44 | 00,000,000 | ---D | C] -- C:\Users\Sunil\Downloads\Flash Forward HD s01e08
[2009/12/29 13:21:13 | 00,000,000 | ---D | C] -- C:\Users\Sunil\Downloads\Flash Forward HD s01e07
[2009/12/29 13:20:05 | 00,000,000 | ---D | C] -- C:\Users\Sunil\Downloads\Flash Forward HD s01e06
[2009/12/28 15:19:11 | 00,000,000 | ---D | C] -- C:\Users\Sunil\Desktop\originals
[2007/01/24 18:08:39 | 00,005,632 | ---- | C] ( ) -- C:\Windows\System32\drivers\kbfiltr.sys

========== Files - Modified Within 30 Days ==========

[2010/01/11 00:31:14 | 05,242,880 | -HS- | M] () -- C:\Users\Sunil\ntuser.dat
[2010/01/11 00:29:34 | 00,543,744 | ---- | M] (OldTimer Tools) -- C:\Users\Sunil\Desktop\OTL.exe
[2010/01/11 00:11:00 | 00,000,906 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2299308901-2864604730-1019191112-1000UA.job
[2010/01/10 23:47:31 | 00,189,392 | ---- | M] () -- C:\Windows\System32\PnkBstrB.xtr
[2010/01/10 23:47:31 | 00,189,392 | ---- | M] () -- C:\Windows\System32\PnkBstrB.exe
[2010/01/10 23:39:17 | 00,003,200 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010/01/10 23:39:17 | 00,003,200 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010/01/10 23:32:35 | 00,138,016 | ---- | M] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2010/01/10 19:18:55 | 00,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010/01/10 15:39:17 | 00,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010/01/10 15:38:35 | 32,204,63616 | -HS- | M] () -- C:\hiberfil.sys
[2010/01/09 17:15:15 | 00,196,608 | ---- | M] () -- C:\Windows\SPInstall.etl
[2010/01/09 17:15:01 | 00,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2010/01/09 17:13:07 | 02,923,437 | -H-- | M] () -- C:\Users\Sunil\AppData\Local\IconCache.db
[2010/01/09 15:47:15 | 00,259,796 | ---- | M] () -- C:\Users\Sunil\Desktop\Windows6.0-KB950127-x86.msu
[2010/01/09 15:46:36 | 00,897,920 | ---- | M] (Microsoft Corporation) -- C:\Users\Sunil\Desktop\WGAPluginInstall.exe
[2010/01/09 15:21:48 | 45,561,1504 | ---- | M] (Microsoft Corporation) -- C:\Users\Sunil\Desktop\Windows6.0-KB936330-X86-wave0.exe
[2010/01/09 15:11:02 | 00,045,056 | ---- | M] () -- C:\Windows\System32\acovcnt.exe
[2010/01/09 14:08:45 | 00,000,803 | ---- | M] () -- C:\Users\Sunil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SpywareGuard.lnk
[2010/01/09 14:01:08 | 00,031,232 | ---- | M] () -- C:\Users\Sunil\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/01/09 13:46:29 | 00,099,864 | ---- | M] () -- C:\Users\Sunil\AppData\Local\GDIPFONTCACHEV1.DAT
[2010/01/09 13:43:58 | 00,370,280 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2010/01/08 21:03:23 | 00,692,118 | ---- | M] () -- C:\Windows\System32\perfh013.dat
[2010/01/08 21:03:23 | 00,623,342 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010/01/08 21:03:23 | 00,126,808 | ---- | M] () -- C:\Windows\System32\perfc013.dat
[2010/01/08 21:03:23 | 00,108,526 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010/01/08 21:03:22 | 01,515,942 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2010/01/08 21:00:41 | 00,000,069 | ---- | M] () -- C:\Windows\NeroDigital.ini
[2010/01/08 16:47:12 | 00,000,000 | ---- | M] () -- C:\Windows\System32\wsbl.dat
[2010/01/08 16:47:12 | 00,000,000 | ---- | M] () -- C:\Windows\System32\ph_white.dat
[2010/01/08 16:47:12 | 00,000,000 | ---- | M] () -- C:\Windows\System32\ph_summ.dat
[2010/01/08 16:47:12 | 00,000,000 | ---- | M] () -- C:\Windows\System32\ph_spoof.sig
[2010/01/08 16:47:12 | 00,000,000 | ---- | M] () -- C:\Windows\System32\ph_sign.slf
[2010/01/08 16:47:12 | 00,000,000 | ---- | M] () -- C:\Windows\System32\ph_fuzzy.sig
[2010/01/08 16:47:12 | 00,000,000 | ---- | M] () -- C:\Windows\System32\ph_black.dat
[2010/01/08 16:47:12 | 00,000,000 | ---- | M] () -- C:\Windows\System32\pcwords2.dat
[2010/01/08 16:47:12 | 00,000,000 | ---- | M] () -- C:\Windows\System32\pcwords.dat
[2010/01/08 16:47:12 | 00,000,000 | ---- | M] () -- C:\Windows\System32\pc_sign.slf
[2010/01/08 16:47:12 | 00,000,000 | ---- | M] () -- C:\Windows\System32\ab_sbl.sig
[2010/01/08 16:36:22 | 00,000,258 | RHS- | M] () -- C:\ProgramData\ntuser.pol
[2010/01/08 14:31:32 | 00,001,026 | ---- | M] () -- C:\Users\Public\Desktop\Orb.lnk
[2010/01/08 14:26:58 | 24,569,416 | ---- | M] (Orb Networks) -- C:\Users\Sunil\Desktop\Orb20SetupUs.exe
[2010/01/07 21:33:09 | 00,280,680 | ---- | M] () -- C:\Users\Sunil\Desktop\AA2DeployInstaller.exe
[2010/01/07 21:09:28 | 00,002,127 | ---- | M] () -- C:\Users\Public\Desktop\SF A-Team Videos.lnk
[2010/01/07 21:09:28 | 00,001,976 | ---- | M] () -- C:\Users\Public\Desktop\America's Army.lnk
[2010/01/07 18:46:46 | 72,116,6492 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2010/01/07 17:15:59 | 00,000,385 | ---- | M] () -- C:\Windows\System32\user_gensett.xml
[2010/01/07 17:08:39 | 00,000,121 | ---- | M] () -- C:\Windows\bdagent.INI
[2010/01/07 16:13:34 | 00,001,894 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2010/01/07 14:10:39 | 00,000,132 | ---- | M] () -- C:\Windows\System32\rezumatenoi.dat
[2010/01/07 14:07:13 | 00,000,016 | ---- | M] () -- C:\Windows\System32\asdict.dat
[2010/01/07 14:07:13 | 00,000,004 | ---- | M] () -- C:\Windows\System32\aspdict-en.dat
[2010/01/07 14:07:13 | 00,000,000 | ---- | M] () -- C:\Windows\System32\ab_bl.sig
[2010/01/07 13:58:13 | 00,002,051 | ---- | M] () -- C:\Users\Public\Desktop\BitDefender Internet Security 2010.lnk
[2010/01/06 19:44:53 | 00,001,804 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2010/01/06 16:42:33 | 00,000,038 | ---- | M] () -- C:\BdUninstallTool2010.01.06-04.38.17.reg
[2010/01/06 16:38:12 | 00,031,656 | ---- | M] () -- C:\BdUninstallTool2010.01.06-04.37.04.reg
[2010/01/06 15:33:21 | 00,160,608 | ---- | M] (Microsoft Corporation) -- C:\Users\Sunil\Desktop\bitdefender_isecurity.exe
[2010/01/06 12:34:54 | 00,002,577 | ---- | M] () -- C:\Windows\System32\config.nt
[2010/01/05 11:04:56 | 00,000,215 | ---- | M] () -- C:\Windows\system.ini
[2010/01/05 08:31:49 | 00,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\HOSTS.MVP
[2010/01/03 05:11:26 | 00,000,825 | ---- | M] () -- C:\Users\Public\Desktop\Mal warebytes' AntiMalware.lnk
[2010/01/03 04:41:30 | 00,000,050 | ---- | M] () -- C:\Windows\wininit.ini
[2010/01/03 04:10:15 | 00,000,854 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2299308901-2864604730-1019191112-1000Core.job
[2010/01/03 01:37:32 | 45,347,568 | ---- | M] (Trend Micro Inc.) -- C:\Users\Public\Desktop\TrendMicro_TIS_17.50_en-US_32-bit.exe
[2010/01/03 00:34:10 | 00,000,008 | ---- | M] () -- C:\ProgramData\sysReserve.ini
[2010/01/02 20:36:30 | 00,243,007 | ---- | M] () -- C:\Users\Sunil\Desktop\Shot01320.png
[2009/12/30 14:55:24 | 00,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2009/12/30 14:54:58 | 00,019,160 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2009/12/30 02:30:31 | 00,001,794 | ---- | M] () -- C:\Users\Sunil\Desktop\mkv2vob.lnk
[2009/12/22 04:13:44 | 00,625,907 | ---- | M] () -- C:\Windows\System32\drivers\etc\HOSTS

========== Files Created - No Company Name ==========

[2010/01/09 15:47:14 | 00,259,796 | ---- | C] () -- C:\Users\Sunil\Desktop\Windows6.0-KB950127-x86.msu
[2010/01/09 15:22:26 | 00,196,608 | ---- | C] () -- C:\Windows\SPInstall.etl
[2010/01/09 14:08:45 | 00,000,803 | ---- | C] () -- C:\Users\Sunil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SpywareGuard.lnk
[2010/01/08 16:47:12 | 00,000,000 | ---- | C] () -- C:\Windows\System32\wsbl.dat
[2010/01/08 16:47:12 | 00,000,000 | ---- | C] () -- C:\Windows\System32\ph_white.dat
[2010/01/08 16:47:12 | 00,000,000 | ---- | C] () -- C:\Windows\System32\ph_summ.dat
[2010/01/08 16:47:12 | 00,000,000 | ---- | C] () -- C:\Windows\System32\ph_spoof.sig
[2010/01/08 16:47:12 | 00,000,000 | ---- | C] () -- C:\Windows\System32\ph_sign.slf
[2010/01/08 16:47:12 | 00,000,000 | ---- | C] () -- C:\Windows\System32\ph_fuzzy.sig
[2010/01/08 16:47:12 | 00,000,000 | ---- | C] () -- C:\Windows\System32\ph_black.dat
[2010/01/08 16:47:12 | 00,000,000 | ---- | C] () -- C:\Windows\System32\pcwords2.dat
[2010/01/08 16:47:12 | 00,000,000 | ---- | C] () -- C:\Windows\System32\pcwords.dat
[2010/01/08 16:47:12 | 00,000,000 | ---- | C] () -- C:\Windows\System32\pc_sign.slf
[2010/01/08 16:47:12 | 00,000,000 | ---- | C] () -- C:\Windows\System32\ab_sbl.sig
[2010/01/08 14:31:32 | 00,001,026 | ---- | C] () -- C:\Users\Public\Desktop\Orb.lnk
[2010/01/07 21:37:08 | 00,057,667 | ---- | C] () -- C:\Windows\System32\ieuinit.inf
[2010/01/07 21:09:28 | 00,002,127 | ---- | C] () -- C:\Users\Public\Desktop\SF A-Team Videos.lnk
[2010/01/07 21:09:28 | 00,001,976 | ---- | C] () -- C:\Users\Public\Desktop\America's Army.lnk
[2010/01/07 18:45:10 | 72,116,6492 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2010/01/07 17:15:59 | 00,000,385 | ---- | C] () -- C:\Windows\System32\user_gensett.xml
[2010/01/07 16:21:24 | 01,657,350 | ---- | C] () -- C:\Windows\System32\wlan.tmf
[2010/01/07 16:13:34 | 00,001,894 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2010/01/07 15:36:38 | 00,000,121 | ---- | C] () -- C:\Windows\bdagent.INI
[2010/01/07 14:10:39 | 00,000,132 | ---- | C] () -- C:\Windows\System32\rezumatenoi.dat
[2010/01/07 14:07:13 | 00,000,016 | ---- | C] () -- C:\Windows\System32\asdict.dat
[2010/01/07 14:07:13 | 00,000,004 | ---- | C] () -- C:\Windows\System32\aspdict-en.dat
[2010/01/07 14:07:13 | 00,000,000 | ---- | C] () -- C:\Windows\System32\ab_bl.sig
[2010/01/07 13:58:13 | 00,002,051 | ---- | C] () -- C:\Users\Public\Desktop\BitDefender Internet Security 2010.lnk
[2010/01/06 19:47:56 | 00,245,103 | ---- | C] () -- C:\Users\Sunil\Desktop\JavaRa.def
[2010/01/06 19:44:53 | 00,001,804 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2010/01/06 19:21:55 | 00,280,680 | ---- | C] () -- C:\Users\Sunil\Desktop\AA2DeployInstaller.exe
[2010/01/06 16:38:17 | 00,000,038 | ---- | C] () -- C:\BdUninstallTool2010.01.06-04.38.17.reg
[2010/01/06 16:37:04 | 00,031,656 | ---- | C] () -- C:\BdUninstallTool2010.01.06-04.37.04.reg
[2010/01/05 12:36:24 | 32,204,63616 | -HS- | C] () -- C:\hiberfil.sys
[2010/01/05 07:29:05 | 00,261,632 | ---- | C] () -- C:\Windows\PEV.exe
[2010/01/05 07:29:05 | 00,077,312 | ---- | C] () -- C:\Windows\MBR.exe
[2010/01/03 05:11:26 | 00,000,825 | ---- | C] () -- C:\Users\Public\Desktop\Mal warebytes' AntiMalware.lnk
[2010/01/03 04:36:48 | 00,000,050 | ---- | C] () -- C:\Windows\wininit.ini
[2010/01/03 00:34:10 | 00,000,008 | ---- | C] () -- C:\ProgramData\sysReserve.ini
[2010/01/02 20:36:29 | 00,243,007 | ---- | C] () -- C:\Users\Sunil\Desktop\Shot01320.png
[2009/12/30 02:30:31 | 00,001,794 | ---- | C] () -- C:\Users\Sunil\Desktop\mkv2vob.lnk
[2009/08/03 15:07:42 | 00,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll
[2009/03/01 22:53:04 | 00,000,262 | ---- | C] () -- C:\Windows\{789289CA-F73A-4A16-A331-54D498CE069F}_WiseFW.ini
[2009/02/04 03:07:09 | 00,000,258 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2009/01/15 12:45:34 | 00,181,248 | ---- | C] () -- C:\Windows\System32\txmlutil.dll
[2009/01/05 15:44:10 | 00,000,453 | ---- | C] () -- C:\Windows\bdoscandellang.ini
[2008/12/24 17:21:58 | 00,000,680 | ---- | C] () -- C:\Users\Sunil\AppData\Local\d3d9caps.dat
[2008/11/28 18:01:01 | 00,138,056 | ---- | C] () -- C:\Users\Sunil\AppData\Roaming\PnkBstrK.sys
[2008/11/10 00:25:12 | 00,000,552 | ---- | C] () -- C:\Users\Sunil\AppData\Local\d3d8caps.dat
[2008/09/30 16:04:06 | 00,138,016 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2008/09/29 14:03:28 | 00,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2008/09/28 00:19:15 | 00,031,232 | ---- | C] () -- C:\Users\Sunil\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/09/26 17:36:42 | 00,000,376 | ---- | C] () -- C:\Windows\ODBC.INI
[2008/09/19 21:57:34 | 03,596,288 | ---- | C] () -- C:\Windows\System32\qt-dx331.dll
[2008/09/19 21:55:10 | 00,000,416 | ---- | C] () -- C:\Windows\System32\dtu100.dll.manifest
[2008/09/19 21:55:10 | 00,000,416 | ---- | C] () -- C:\Windows\System32\dpl100.dll.manifest
[2008/09/19 21:54:18 | 00,012,288 | ---- | C] () -- C:\Windows\System32\DivXWMPExtType.dll
[2008/05/14 07:38:35 | 00,012,288 | ---- | C] () -- C:\Windows\impborl.dll
[2007/12/20 14:02:19 | 00,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll
[2007/04/18 09:06:01 | 00,000,010 | ---- | C] () -- C:\Windows\System32\ABLKSR.ini
[2007/03/06 06:39:19 | 00,049,152 | ---- | C] () -- C:\Windows\revdevdll.dll
[2007/01/31 13:50:32 | 00,913,408 | ---- | C] () -- C:\Windows\System32\xreglib.dll
[2006/11/02 12:35:32 | 00,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 07:40:29 | 00,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/03/09 10:57:59 | 01,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
[2003/01/07 22:05:08 | 00,002,695 | ---- | C] () -- C:\Windows\System32\OUTLPERF.INI

========== Custom Scans ==========


< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2009/01/15 00:34:16 | 00,000,000 | ---D | M] -- C:\Users\Sunil\AppData\Roaming\Adobe
[2009/01/11 00:27:34 | 00,000,000 | ---D | M] -- C:\Users\Sunil\AppData\Roaming\Ahead
[2010/01/07 14:31:50 | 00,000,000 | ---D | M] -- C:\Users\Sunil\AppData\Roaming\Apple Computer
[2008/09/26 21:49:19 | 00,000,000 | ---D | M] -- C:\Users\Sunil\AppData\Roaming\ATI
[2009/11/15 01:43:05 | 00,000,000 | ---D | M] -- C:\Users\Sunil\AppData\Roaming\BBCiPlayerDesktop.61DB7A798358575D6A969CCD73DDBBD723A6DA9D.1
[2010/01/07 13:58:10 | 00,000,000 | ---D | M] -- C:\Users\Sunil\AppData\Roaming\BitDefender
[2008/11/29 20:34:24 | 00,000,000 | ---D | M] -- C:\Users\Sunil\AppData\Roaming\DivX
[2009/07/17 19:59:10 | 00,000,000 | ---D | M] -- C:\Users\Sunil\AppData\Roaming\dvdcss
[2008/09/27 14:56:38 | 00,000,000 | ---D | M] -- C:\Users\Sunil\AppData\Roaming\Google
[2009/03/22 09:09:11 | 00,000,000 | ---D | M] -- C:\Users\Sunil\AppData\Roaming\Graboid Inc
[2008/09/26 21:48:39 | 00,000,000 | ---D | M] -- C:\Users\Sunil\AppData\Roaming\Identities
[2008/12/05 01:42:23 | 00,000,000 | ---D | M] -- C:\Users\Sunil\AppData\Roaming\K2-Solutions
[2009/02/04 16:17:17 | 00,000,000 | ---D | M] -- C:\Users\Sunil\AppData\Roaming\Kasper-Key_Sharing_Networ
[2008/09/26 21:49:07 | 00,000,000 | ---D | M] -- C:\Users\Sunil\AppData\Roaming\Macromedia
[2009/02/04 19:52:31 | 00,000,000 | ---D | M] -- C:\Users\Sunil\AppData\Roaming\Malwarebytes
[2006/11/02 12:37:34 | 00,000,000 | ---D | M] -- C:\Users\Sunil\AppData\Roaming\Media Center Programs
[2009/09/07 17:33:44 | 00,000,000 | --SD | M] -- C:\Users\Sunil\AppData\Roaming\Microsoft
[2008/09/27 15:14:38 | 00,000,000 | ---D | M] -- C:\Users\Sunil\AppData\Roaming\Mozilla
[2009/03/23 02:41:37 | 00,000,000 | ---D | M] -- C:\Users\Sunil\AppData\Roaming\MozillaControl
[2010/01/07 17:08:27 | 00,000,000 | ---D | M] -- C:\Users\Sunil\AppData\Roaming\Skype
[2010/01/07 16:18:14 | 00,000,000 | ---D | M] -- C:\Users\Sunil\AppData\Roaming\skypePM
[2009/11/11 21:59:26 | 00,000,000 | ---D | M] -- C:\Users\Sunil\AppData\Roaming\teamspeak2
[2009/07/17 21:25:59 | 00,000,000 | ---D | M] -- C:\Users\Sunil\AppData\Roaming\U3
[2010/01/01 10:18:34 | 00,000,000 | ---D | M] -- C:\Users\Sunil\AppData\Roaming\uTorrent
[2009/03/01 23:29:12 | 00,000,000 | ---D | M] -- C:\Users\Sunil\AppData\Roaming\Ventrilo
[2008/10/22 16:58:26 | 00,000,000 | ---D | M] -- C:\Users\Sunil\AppData\Roaming\vghd
[2009/03/23 02:50:31 | 00,000,000 | ---D | M] -- C:\Users\Sunil\AppData\Roaming\vlc
[2010/01/07 16:35:04 | 00,000,000 | ---D | M] -- C:\Users\Sunil\AppData\Roaming\Winamp
[2009/02/04 16:14:11 | 00,000,000 | ---D | M] -- C:\Users\Sunil\AppData\Roaming\WinRAR

< %APPDATA%\*.exe /s >
[2010/01/02 23:51:16 | 00,038,784 | ---- | M] () -- C:\Users\Sunil\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
[2009/12/30 02:30:36 | 00,029,184 | R--- | M] () -- C:\Users\Sunil\AppData\Roaming\Microsoft\Installer\{21AE04E8-EBF6-40DB-9AA9-B7A80C5D057D}\Icon21AE04E8.exe
[2009/10/23 03:49:30 | 01,291,640 | ---- | M] (EA Digital Illusions CE AB) -- C:\Users\Sunil\AppData\Roaming\Mozilla\Firefox\Profiles\4956bnvf.default\extensions\[email protected]\platform\WINNT_x86-msvc\plugins\BFHUpdater.exe
[2006/12/14 09:00:02 | 00,110,592 | ---- | M] () -- C:\Users\Sunil\AppData\Roaming\U3\temp\cleanup.exe
[2007/02/12 16:46:54 | 03,096,576 | -H-- | M] (SanDisk Corporation) -- C:\Users\Sunil\AppData\Roaming\U3\temp\Launchpad Removal.exe

< %SYSTEMDRIVE%\*.exe >


< MD5 for: AGP440.SYS >
[2008/01/19 07:42:25 | 00,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\SoftwareDistribution\Download\1c436700711381f954e9ff3f0c4b052b\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys
[2008/05/14 06:14:21 | 00,056,504 | ---- | M] (Microsoft Corporation) MD5=198636E76971EBC96404547EC0FD5E75 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_cb7c81c7\AGP440.sys
[2008/05/14 06:14:21 | 00,056,504 | ---- | M] (Microsoft Corporation) MD5=198636E76971EBC96404547EC0FD5E75 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6000.20598_none_b85cfa98dae9b436\AGP440.sys
[2006/11/02 09:49:52 | 00,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\drivers\AGP440.sys
[2006/11/02 09:49:52 | 00,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys

< MD5 for: ATAPI.SYS >
[2008/01/19 07:41:30 | 00,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\SoftwareDistribution\Download\1c436700711381f954e9ff3f0c4b052b\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys
[2006/11/02 09:49:36 | 00,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys
[2008/09/26 16:09:43 | 00,021,560 | ---- | M] (Microsoft Corporation) MD5=B35CFCEF838382AB6490B321C87EDF17 -- C:\Windows\System32\drivers\atapi.sys
[2008/09/26 16:09:43 | 00,021,560 | ---- | M] (Microsoft Corporation) MD5=B35CFCEF838382AB6490B321C87EDF17 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_7de13c21\atapi.sys
[2008/09/26 16:09:43 | 00,021,560 | ---- | M] (Microsoft Corporation) MD5=B35CFCEF838382AB6490B321C87EDF17 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.16632_none_db337a442479c42c\atapi.sys
[2008/09/26 16:09:43 | 00,021,560 | ---- | M] (Microsoft Corporation) MD5=E03E8C99D15D0381E02743C36AFC7C6F -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.20757_none_dbac78a93da31a8b\atapi.sys

< MD5 for: CNGAUDIT.DLL >
[2006/11/02 09:46:03 | 00,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\System32\cngaudit.dll
[2006/11/02 09:46:03 | 00,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll

< MD5 for: EVENTLOG.DLL >
[2009/06/25 15:04:32 | 00,001,536 | ---- | M] () MD5=8D4CD834292293F4055BAC313268E2DE -- C:\Program Files\Common Files\BitDefender\BitDefender Arrakis Server\lib\eventlog.dll

< MD5 for: IASTORV.SYS >
[2008/01/19 07:42:51 | 00,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\SoftwareDistribution\Download\1c436700711381f954e9ff3f0c4b052b\x86_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_af11527887c7fa8f\iaStorV.sys
[2006/11/02 09:51:25 | 00,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\drivers\iaStorV.sys
[2006/11/02 09:51:25 | 00,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_37cdafa4\iaStorV.sys

< MD5 for: NETLOGON.DLL >
[2006/11/02 09:46:11 | 00,559,616 | ---- | M] (Microsoft Corporation) MD5=889A2C9F2AACCD8F64EF50AC0B3D553B -- C:\Windows\System32\netlogon.dll
[2006/11/02 09:46:11 | 00,559,616 | ---- | M] (Microsoft Corporation) MD5=889A2C9F2AACCD8F64EF50AC0B3D553B -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6000.16386_none_fb80f5473b0ed783\netlogon.dll
[2008/01/19 07:35:36 | 00,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\SoftwareDistribution\Download\1c436700711381f954e9ff3f0c4b052b\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_fdb7b74337f9e857\netlogon.dll

< MD5 for: NVSTOR.SYS >
[2006/11/02 09:50:13 | 00,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\drivers\nvstor.sys
[2006/11/02 09:50:13 | 00,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvstor.sys
[2008/01/19 07:42:09 | 00,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\SoftwareDistribution\Download\1c436700711381f954e9ff3f0c4b052b\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvstor.sys

< MD5 for: SCECLI.DLL >
[2008/01/19 07:36:19 | 00,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\SoftwareDistribution\Download\1c436700711381f954e9ff3f0c4b052b\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_380de25bd91b6f12\scecli.dll
[2006/11/02 09:46:12 | 00,176,640 | ---- | M] (Microsoft Corporation) MD5=80E2839D05CA5970A86D7BE2A08BFF61 -- C:\Windows\System32\scecli.dll
[2006/11/02 09:46:12 | 00,176,640 | ---- | M] (Microsoft Corporation) MD5=80E2839D05CA5970A86D7BE2A08BFF61 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6000.16386_none_35d7205fdc305e3e\scecli.dll

< %systemroot%\*. /mp /s >

< c:\$recycle.bin\*.* /s >
[2010/01/09 14:18:04 | 00,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2299308901-2864604730-1019191112-1000\$I0WNW9J.reg
[2010/01/09 14:18:04 | 00,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2299308901-2864604730-1019191112-1000\$I1OAKLM.bat
[2010/01/09 14:18:04 | 00,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2299308901-2864604730-1019191112-1000\$I2KMNMA.txt
[2010/01/09 14:18:04 | 00,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2299308901-2864604730-1019191112-1000\$I4M19V6.zip
[2010/01/09 14:18:04 | 00,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2299308901-2864604730-1019191112-1000\$I5YI4CP.txt
[2010/01/09 14:18:04 | 00,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2299308901-2864604730-1019191112-1000\$I6QL227.txt
[2010/01/09 14:18:04 | 00,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2299308901-2864604730-1019191112-1000\$I6WDV7Z.exe
[2010/01/09 14:18:04 | 00,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2299308901-2864604730-1019191112-1000\$I77FR60.Txt
[2010/01/09 14:18:04 | 00,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2299308901-2864604730-1019191112-1000\$I82VONR.txt
[2010/01/09 14:18:04 | 00,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2299308901-2864604730-1019191112-1000\$I88O4LJ
[2010/01/09 14:18:04 | 00,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2299308901-2864604730-1019191112-1000\$I8EO5M8.txt
[2010/01/09 14:18:04 | 00,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2299308901-2864604730-1019191112-1000\$I8FX0GC.txt
[2010/01/09 14:18:04 | 00,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2299308901-2864604730-1019191112-1000\$IA2KXX3.txt
[2010/01/09 14:18:04 | 00,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2299308901-2864604730-1019191112-1000\$IALZH78.lnk
[2010/01/09 14:18:04 | 00,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2299308901-2864604730-1019191112-1000\$IBE3AD1.zip
[2010/01/09 14:18:12 | 00,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2299308901-2864604730-1019191112-1000\$ICN2UEA.ini
[2010/01/09 14:18:04 | 00,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2299308901-2864604730-1019191112-1000\$IDO9LNA.txt
[2010/01/09 14:18:04 | 00,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2299308901-2864604730-1019191112-1000\$IERY11A.lnk
[2010/01/09 14:18:04 | 00,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2299308901-2864604730-1019191112-1000\$IGE9RJ2.zip
[2010/01/09 14:18:04 | 00,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2299308901-2864604730-1019191112-1000\$IHYWL1R.reg
[2010/01/09 14:18:04 | 00,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2299308901-2864604730-1019191112-1000\$II80FFO.txt
[2010/01/09 14:18:04 | 00,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2299308901-2864604730-1019191112-1000\$IITPET8.exe
[2010/01/09 14:18:04 | 00,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2299308901-2864604730-1019191112-1000\$IIZBIQL.zip
[2010/01/09 14:18:04 | 00,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2299308901-2864604730-1019191112-1000\$IJI4H7Q.txt
[2010/01/09 14:18:04 | 00,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2299308901-2864604730-1019191112-1000\$IJMSJK1.exe
[2010/01/09 14:18:04 | 00,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2299308901-2864604730-1019191112-1000\$ILDWNTK.exe
[2010/01/09 14:18:04 | 00,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2299308901-2864604730-1019191112-1000\$ILGENA0.exe
[2010/01/09 14:18:04 | 00,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2299308901-2864604730-1019191112-1000\$IN13PM3.txt
[2010/01/09 14:18:04 | 00,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2299308901-2864604730-1019191112-1000\$INJISBF.exe
[2010/01/09 14:18:04 | 00,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2299308901-2864604730-1019191112-1000\$IODZDLT.txt
[2010/01/09 14:18:04 | 00,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2299308901-2864604730-1019191112-1000\$IP7776U.txt
[2010/01/09 14:18:04 | 00,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2299308901-2864604730-1019191112-1000\$IT8TZNW.txt
[2010/01/09 14:18:04 | 00,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2299308901-2864604730-1019191112-1000\$IWSTB25.Txt
[2010/01/09 14:18:04 | 00,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2299308901-2864604730-1019191112-1000\$IX9WI7Y.exe
[2010/01/09 14:18:04 | 00,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2299308901-2864604730-1019191112-1000\$IZHNA6Y.txt
[2010/01/06 19:10:37 | 00,000,129 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2299308901-2864604730-1019191112-1000\$R0WNW9J.reg
[2008/12/24 04:07:42 | 00,001,615 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2299308901-2864604730-1019191112-1000\$R1OAKLM.bat
[2009/07/18 22:56:28 | 00,006,293 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2299308901-2864604730-1019191112-1000\$R2KMNMA.txt
[2010/01/09 14:15:46 | 00,153,727 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2299308901-2864604730-1019191112-1000\$R4M19V6.zip
[2010/01/08 19:34:53 | 00,001,926 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2299308901-2864604730-1019191112-1000\$R5YI4CP.txt
[2010/01/06 12:12:41 | 00,003,334 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2299308901-2864604730-1019191112-1000\$R6QL227.txt
[2010/01/06 12:04:27 | 00,102,660 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2299308901-2864604730-1019191112-1000\$R6WDV7Z.exe
[2010/01/08 19:51:25 | 00,061,302 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2299308901-2864604730-1019191112-1000\$R77FR60.Txt
[2010/01/06 12:37:35 | 00,072,658 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2299308901-2864604730-1019191112-1000\$R82VONR.txt
[2009/12/22 04:13:44 | 00,625,907 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2299308901-2864604730-1019191112-1000\$R88O4LJ
[2010/01/08 15:11:39 | 00,001,138 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2299308901-2864604730-1019191112-1000\$R8EO5M8.txt
[2010/01/06 12:29:25 | 00,000,851 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2299308901-2864604730-1019191112-1000\$R8FX0GC.txt
[2010/01/06 16:17:42 | 00,001,133 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2299308901-2864604730-1019191112-1000\$RA2KXX3.txt
[2010/01/03 05:08:38 | 00,000,740 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2299308901-2864604730-1019191112-1000\$RALZH78.lnk
[2010/01/03 05:15:17 | 00,284,915 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2299308901-2864604730-1019191112-1000\$RBE3AD1.zip
[2009/12/28 15:24:11 | 00,033,376 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2299308901-2864604730-1019191112-1000\$RCN2UEA.ini
[2010/01/06 19:09:58 | 00,000,129 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2299308901-2864604730-1019191112-1000\$RDO9LNA.txt
[2010/01/03 05:08:38 | 00,000,721 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2299308901-2864604730-1019191112-1000\$RERY11A.lnk
[2010/01/06 19:26:09 | 00,071,798 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2299308901-2864604730-1019191112-1000\$RGE9RJ2.zip
[2010/01/09 14:14:04 | 00,000,214 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2299308901-2864604730-1019191112-1000\$RHYWL1R.reg
[2010/01/07 15:53:43 | 00,000,849 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2299308901-2864604730-1019191112-1000\$RI80FFO.txt
[2010/01/07 14:31:56 | 77,125,400 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2299308901-2864604730-1019191112-1000\$RITPET8.exe
[2010/01/05 18:32:57 | 00,354,396 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2299308901-2864604730-1019191112-1000\$RIZBIQL.zip
[2010/01/06 19:09:47 | 00,000,129 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2299308901-2864604730-1019191112-1000\$RJI4H7Q.txt
[2010/01/09 14:08:17 | 02,062,665 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2299308901-2864604730-1019191112-1000\$RJMSJK1.exe
[2010/01/03 05:02:02 | 00,021,504 | ---- | M] (Doug Knox) -- c:\$recycle.bin\S-1-5-21-2299308901-2864604730-1019191112-1000\$RLDWNTK.exe
[2010/01/08 19:35:47 | 00,843,187 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2299308901-2864604730-1019191112-1000\$RLGENA0.exe
[2010/01/06 12:30:47 | 00,000,856 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2299308901-2864604730-1019191112-1000\$RN13PM3.txt
[2010/01/03 05:02:07 | 00,791,393 | ---- | M] (Lars Hederer ) -- c:\$recycle.bin\S-1-5-21-2299308901-2864604730-1019191112-1000\$RNJISBF.exe
[2009/07/18 22:58:38 | 00,001,384 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2299308901-2864604730-1019191112-1000\$RODZDLT.txt
[2010/01/06 19:09:13 | 00,000,129 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2299308901-2864604730-1019191112-1000\$RP7776U.txt
[2007/09/06 00:12:58 | 00,000,794 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2299308901-2864604730-1019191112-1000\$RT8TZNW.txt
[2010/01/08 19:50:07 | 00,114,158 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2299308901-2864604730-1019191112-1000\$RWSTB25.Txt
[2010/01/03 04:53:21 | 00,410,624 | ---- | M] (OldTimer Tools) -- c:\$recycle.bin\S-1-5-21-2299308901-2864604730-1019191112-1000\$RX9WI7Y.exe
[2010/01/05 10:27:44 | 00,002,614 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2299308901-2864604730-1019191112-1000\$RZHNA6Y.txt
[2010/01/05 12:40:26 | 00,000,129 | -HS- | M] () -- c:\$recycle.bin\S-1-5-21-2299308901-2864604730-1019191112-1000\desktop.ini

< %systemroot%\system32\*.dll /lockedfiles >
[2006/11/02 09:47:18 | 00,228,968 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\rsaenh.dll
[2008/05/14 04:59:19 | 00,223,232 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\SLC.dll

< %systemroot%\Tasks\*.job /lockedfiles >
< End of report >


Extras.txt

OTL Extras logfile created on: 11/01/2010 00:31:37 - Run 1
OTL by OldTimer - Version 3.1.23.0 Folder = C:\Users\Sunil\Desktop
Windows Vista Home Premium Edition (Version = 6.0.6000) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18865)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 64.00% Memory free
6.00 Gb Paging File | 4.00 Gb Available in Paging File | 75.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 149.04 Gb Total Space | 75.25 Gb Free Space | 50.49% Space Free | Partition Type: NTFS
Drive D: | 141.23 Gb Total Space | 50.41 Gb Free Space | 35.70% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: SUNILS--LAPTOP
Current User Name: Sunil
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" /p %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [runas] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{5760BD42-5005-45F4-94D8-E30A95F5F597}" = rport=137 | protocol=17 | dir=out | app=system |
"{613B6AB6-895D-42FA-B7D2-643265E84FA5}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{6D338166-CFCE-496A-BEC4-782B958B39B2}" = lport=137 | protocol=17 | dir=in | app=system |
"{7CE72F15-3F92-4502-8F0C-CCCE6C25D726}" = rport=138 | protocol=17 | dir=out | app=system |
"{A3D0EA85-286F-47F0-B4D0-F6DD5B2ED2F1}" = rport=445 | protocol=6 | dir=out | app=system |
"{A8BE2625-F4A3-4C21-A53D-69B61B7BDCF0}" = lport=2869 | protocol=6 | dir=in | app=system |
"{B4AB4C34-4DBF-49CC-B175-CC98AF148465}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{C0FC4478-AF4C-47EF-A872-F92C7C1ABF18}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | [email protected],-28539 |
"{D3FDAAB6-6D27-4427-8A38-19C63349648F}" = lport=2869 | protocol=6 | dir=in | app=system |
"{DBB7E189-CF1D-4D5C-B8C8-0312F6EDF6A0}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{E0653FAB-C5FA-4050-8125-8E4446778146}" = lport=138 | protocol=17 | dir=in | app=system |
"{EC74977A-BA7C-47CF-8545-812221AF67B0}" = lport=139 | protocol=6 | dir=in | app=system |
"{EF2B7C3B-865C-47F6-A17D-9FD4BE6EE4A2}" = rport=139 | protocol=6 | dir=out | app=system |
"{F05ED7DA-7A31-4C50-9DEB-807902547BB9}" = lport=445 | protocol=6 | dir=in | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00B17D17-734B-4B58-B21A-F7BCAD658387}" = protocol=17 | dir=in | app=d:\itunes.exe |
"{05CC44C4-91E8-4417-B21D-BC6B0EB01A95}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstra.exe |
"{07E42E8B-683A-47AE-8CB9-9A6E35403E91}" = dir=in | app=c:\program files\windows live\messenger\livecall.exe |
"{088C9189-2F1A-4865-951A-10EAE1CFA059}" = protocol=6 | dir=in | app=d:\itunes!\itunes.exe |
"{13DFEA9B-9097-4D4F-8E5A-2CBE42471010}" = protocol=17 | dir=in | app=c:\program files\kontiki\kservice.exe |
"{1AC18BD2-2B6A-42D2-BF54-8226681B307B}" = protocol=58 | dir=out | [email protected],-28546 |
"{1D69F916-829F-44A0-B89E-846ED6EA15D2}" = protocol=6 | dir=in | app=c:\program files\winamp remote\bin\orbtray.exe |
"{24482675-33C9-4137-8A96-6F1AFE0902D3}" = protocol=6 | dir=in | app=d:\itunes.exe |
"{27F5F137-1FB4-4683-87B5-FED9666E80E2}" = protocol=6 | dir=in | app=c:\program files\skype\plugin manager\skypepm.exe |
"{28B4697A-72B9-4188-A477-63845D4B55E1}" = protocol=17 | dir=in | app=c:\program files\orb networks\orb\bin\orbcontrolpanel.exe |
"{29DDBDFA-2C2C-4A06-9A70-7F19E2C17D22}" = protocol=6 | dir=in | app=c:\program files\orb networks\orb\bin\orblauncher.exe |
"{2F5FF6B1-EF93-4359-BD4D-A30D49525894}" = protocol=17 | dir=in | app=c:\program files\orb networks\orb\bin\orbsetupwizard.exe |
"{2FA9F4F6-31C4-4A49-B2F2-7C37B643DDF9}" = protocol=17 | dir=in | app=c:\program files\orb networks\orb\bin\orblauncher.exe |
"{376B7D8C-3E97-48DF-AEA0-5141E74336DF}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstra.exe |
"{42168979-97AB-4AF5-8720-5136E08BF589}" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{4A99966D-5F14-439E-8A51-A25A4F1FCF46}" = protocol=17 | dir=in | app=c:\program files\orb networks\orb\bin\orbir.exe |
"{4EE18189-6A6E-49A1-8A03-95CDF435D90E}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstrb.exe |
"{51887F65-65BA-4AD7-9DE9-0A71BBE827D3}" = protocol=6 | dir=in | app=c:\program files\winamp remote\bin\orbir.exe |
"{51E4B671-B31B-4530-879B-B5290A6068BA}" = protocol=6 | dir=in | app=c:\program files\kontiki\kservice.exe |
"{553549FA-F470-4109-AF26-57A6822C1546}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{563A3DCC-9551-48A3-9BAF-F6D60403678D}" = protocol=17 | dir=in | app=c:\program files\orb networks\orb\bin\orbstreamerclient.exe |
"{5A296A7B-CCB3-4FE6-BF5C-08FAA1FC394F}" = protocol=17 | dir=in | app=c:\program files\winamp remote\bin\orbir.exe |
"{5C6FE0A4-598C-4124-B43D-4896E8EE9FDA}" = protocol=6 | dir=in | app=c:\users\sunil\desktop\utorrent.exe |
"{681FFFCE-5833-49D2-B6E6-A3BCE097B656}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstrb.exe |
"{6874040B-7692-46E3-8C72-796A0DF53B98}" = protocol=58 | dir=in | [email protected],-28545 |
"{69FEE916-B106-419C-B0FD-D7ED0D06A4E6}" = protocol=17 | dir=in | app=c:\program files\winamp remote\bin\orbstreamerclient.exe |
"{6D07A9B2-E688-4ADD-B8E0-70CD71929D1F}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstra.exe |
"{6D2B15FA-43E1-488D-9909-813BD373C73E}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{6E2BF15D-06B2-4D6E-A21B-6EDB2B66A269}" = protocol=6 | dir=in | app=c:\program files\orb networks\orb\bin\orbcontrolpanel.exe |
"{6E43470B-24EA-4F9D-8B91-43582F8286DD}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{6FE09A12-85C8-4ABD-B307-9C901AD64A61}" = protocol=17 | dir=in | app=c:\program files\orb networks\orb\bin\orb.exe |
"{71703133-2238-4301-95DB-A7C35FF36BEB}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstra.exe |
"{777D5333-4125-4BB8-A7E9-79EF1706E577}" = protocol=6 | dir=in | app=c:\program files\winamp remote\bin\orbstreamerclient.exe |
"{79A39790-86BD-4948-9AD9-1E587AC258A2}" = protocol=6 | dir=in | app=c:\program files\spotify\spotify.exe |
"{7E698090-84B6-471F-968A-E6AA106159E5}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstrb.exe |
"{7E842D29-3DEC-4C48-B6CE-60FD90877A37}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{80F903CC-EA7C-4353-B27B-F080B10AD9E8}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{85C0A866-6573-4613-A83B-1AB046F99BCC}" = protocol=17 | dir=in | app=c:\users\sunil\desktop\utorrent.exe |
"{88930487-824E-47FE-ACC6-32D3532A6FED}" = protocol=17 | dir=in | app=c:\program files\skype\plugin manager\skypepm.exe |
"{893DFBC7-5FC8-4FBF-A93A-64D49E84D390}" = protocol=17 | dir=in | app=c:\program files\winamp remote\bin\orbtray.exe |
"{97EA56D5-9CF9-4D3D-88D4-E401F628C00E}" = protocol=1 | dir=in | [email protected],-28543 |
"{9A8ED968-E335-4287-B3E4-55C213F84AEA}" = protocol=17 | dir=in | app=c:\program files\ventrilo\ventrilo.exe |
"{9F0C8CA8-433B-4A76-9AE3-047395B5B0A3}" = protocol=1 | dir=in | [email protected],-28543 |
"{A0CC141A-4D30-44E0-9ADA-9DD614813986}" = protocol=58 | dir=out | [email protected],-28546 |
"{AB5CF6DF-60EF-4C6E-BF90-1523DD292FF1}" = protocol=17 | dir=in | app=c:\program files\spotify\spotify.exe |
"{ACDFFF4C-CB9D-4D6A-B702-F55A8633F901}" = protocol=6 | dir=in | app=c:\program files\spotify\spotify.exe |
"{B42BA061-B368-45F1-8C53-445ACDFAF421}" = protocol=6 | dir=in | app=c:\program files\orb networks\orb\bin\orbir.exe |
"{B69530F4-9E84-4FD8-9C43-A02864B65CF1}" = protocol=17 | dir=in | app=c:\users\sunil\downloads\csa.exe |
"{B79F83C5-C224-4466-BB01-661C008204C8}" = protocol=17 | dir=in | app=c:\program files\spotify\spotify.exe |
"{B8C393BE-A214-473B-B86A-E0B8E8C166F1}" = protocol=6 | dir=in | app=c:\program files\orb networks\orb\bin\orbstreamerclient.exe |
"{BB3B0A11-4DEE-4D30-9694-B1BC70CE700B}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{BFAF44D4-05E0-4788-8AA0-B9B960A2913D}" = protocol=1 | dir=out | [email protected],-28544 |
"{C02E3D39-F565-4752-BA44-C714B2D1565E}" = protocol=17 | dir=in | app=c:\program files\winamp remote\bin\orb.exe |
"{C10BB66D-81CF-4A6E-9F55-D0AD1F79CC35}" = protocol=1 | dir=out | [email protected],-28544 |
"{C8B9B6DF-C94A-4AA7-9A18-D5B9E538D0BB}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstrb.exe |
"{CAB178B1-E4A6-4119-9136-21C4046A0D64}" = protocol=17 | dir=in | app=d:\itunes!\itunes.exe |
"{CCB7155D-CC17-4C0A-B959-79F0A656F134}" = protocol=6 | dir=in | app=c:\users\sunil\downloads\csa.exe |
"{D231B49F-E339-4731-9D7C-96E81916688C}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{D271900C-A1A0-455D-A672-E28F421D70D3}" = protocol=6 | dir=in | app=c:\program files\orb networks\orb\bin\orbsetupwizard.exe |
"{D349B08B-4B63-4830-A88A-DB2D760F853F}" = protocol=6 | dir=in | app=c:\program files\ventrilo\ventrilo.exe |
"{DDF7DDB4-4800-4202-B67D-AB099CBB2260}" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{DE58A9F0-74C5-44ED-9170-2B9D74EF8135}" = protocol=6 | dir=in | app=c:\program files\winamp remote\bin\orb.exe |
"{DFDC7C57-84DA-4295-8D52-C8EC1D900FEA}" = protocol=58 | dir=in | [email protected],-28545 |
"{E60FEFE8-EF0E-4B95-9561-4DD099A2EE9D}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{EDC9B9F4-889D-43B2-B0D9-EA3DAB3118DE}" = protocol=6 | dir=in | app=c:\program files\orb networks\orb\bin\orb.exe |
"TCP Query User{38908767-4E1D-45B2-8DC3-CA08867A8B6F}C:\program files\america's army\system\armyops.exe" = protocol=6 | dir=in | app=c:\program files\america's army\system\armyops.exe |
"TCP Query User{4FCDB6F6-C74F-4026-87A2-4732C4528B85}C:\program files\xfire\xfire.exe" = protocol=6 | dir=in | app=c:\program files\xfire\xfire.exe |
"TCP Query User{5531FDBE-2FF3-4304-9408-6BD4094A5816}C:\program files\america's army\system\armyops.exe" = protocol=6 | dir=in | app=c:\program files\america's army\system\armyops.exe |
"TCP Query User{7FCBE7F3-F806-4073-82AA-A86F90CA536B}C:\program files\xfire\xfire.exe" = protocol=6 | dir=in | app=c:\program files\xfire\xfire.exe |
"TCP Query User{84056752-56DE-41B0-8D49-430842FBEB0A}C:\users\sunil\desktop\torrents\utorrent.exe" = protocol=6 | dir=in | app=c:\users\sunil\desktop\torrents\utorrent.exe |
"TCP Query User{9305627F-B0AB-4BE1-AB4B-03EA1F0F9491}D:\itunes!\itunes.exe" = protocol=6 | dir=in | app=d:\itunes!\itunes.exe |
"TCP Query User{EB3890CE-D245-4D0F-BD96-551D2547E0FB}C:\program files\winamp remote\bin\orbtray.exe" = protocol=6 | dir=in | app=c:\program files\winamp remote\bin\orbtray.exe |
"TCP Query User{EC12E32A-4F4B-4D7E-8B2C-80D94332A1F8}C:\program files\america's army deploy client\aadeployclient.exe" = protocol=6 | dir=in | app=c:\program files\america's army deploy client\aadeployclient.exe |
"UDP Query User{38899A6A-6CC5-4F59-992E-0F219CB336BD}C:\program files\america's army\system\armyops.exe" = protocol=17 | dir=in | app=c:\program files\america's army\system\armyops.exe |
"UDP Query User{7ABCF4D3-7C4B-4493-95AE-37512DD8F5BA}C:\program files\america's army deploy client\aadeployclient.exe" = protocol=17 | dir=in | app=c:\program files\america's army deploy client\aadeployclient.exe |
"UDP Query User{99319F34-A26F-41E7-A9CC-6533AAEED057}C:\program files\winamp remote\bin\orbtray.exe" = protocol=17 | dir=in | app=c:\program files\winamp remote\bin\orbtray.exe |
"UDP Query User{A8709345-5EB2-4B49-A75A-C38212B3BDEB}C:\users\sunil\desktop\torrents\utorrent.exe" = protocol=17 | dir=in | app=c:\users\sunil\desktop\torrents\utorrent.exe |
"UDP Query User{CEA4B7A0-CAD8-4CE5-9F52-E583A9364A16}C:\program files\america's army\system\armyops.exe" = protocol=17 | dir=in | app=c:\program files\america's army\system\armyops.exe |
"UDP Query User{D66E3A0A-55A3-4AFD-99EC-DFDBE7E0A563}C:\program files\xfire\xfire.exe" = protocol=17 | dir=in | app=c:\program files\xfire\xfire.exe |
"UDP Query User{ED622071-159D-495B-8330-683308CE58DC}C:\program files\xfire\xfire.exe" = protocol=17 | dir=in | app=c:\program files\xfire\xfire.exe |
"UDP Query User{EF1C30DA-7FD0-4561-9040-2B3F76F49E82}D:\itunes!\itunes.exe" = protocol=17 | dir=in | app=d:\itunes!\itunes.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{025F9C8B-27B3-76B0-08E8-4EB918DE287B}" = Catalyst Control Center Localization Dutch
"{02EBDBB9-4600-41D3-B566-40CB861511D2}" = World of Warcraft FREE Trial
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour
"{0813BDD1-7E8E-4F18-A13C-037CDD7F9A48}" = Catalyst Control Center Localization Chinese Traditional
"{0A47C6E1-9BB2-023C-BBEC-2D3DBEA91A9A}" = ATI Catalyst Install Manager
"{0B3ED35F-3BDC-72FE-3477-A7CA54325F06}" = CCC Help Chinese Traditional
"{0B950F52-0FD9-C679-6FD0-C4D4F43ACA3E}" = Catalyst Control Center Localization Greek
"{0E4DC8EF-9438-AEEF-A042-851C2EA86FEA}" = Catalyst Control Center Localization Finnish
"{10A44844-4465-456E-8C97-80BDD4F68845}" = Windows Live ID Sign-in Assistant
"{11D3D948-2789-2E3D-03D7-282B537D8C01}" = BBC iPlayer Desktop
"{139B0FFA-187E-4BA1-BCA6-6B56B2B6AB8C}" = ATK Media
"{1451DE6B-ABE1-4F62-BE9A-B363A17588A2}" = QuickTime
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{1A915E9E-75A0-5FD6-53C3-D2E5EDA27B52}" = Catalyst Control Center Localization Polish
"{1BDCA62C-699A-A3C2-57C6-D496414BA297}" = Catalyst Control Center Graphics Full New
"{1C8521E5-5A7B-4A4E-A9CD-AD53116EAEE0}" = ASUS Data Security Manager
"{1CE34A07-F95C-C749-B8FB-10BEFBB5D917}" = Catalyst Control Center Localization Swedish
"{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}" = LifeFrame2
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{2133CB3F-F891-4081-8681-FEE2B2419FF4}" = Orb Runtime libraries
"{21AE04E8-EBF6-40DB-9AA9-B7A80C5D057D}" = mkv2vob
"{22AD2DF3-00C4-68EB-8D2A-C5AC60BDA907}" = CCC Help Greek
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{24339461-1E3B-290E-613E-B0B234B64ABE}" = Catalyst Control Center Localization Japanese
"{26A24AE4-039D-4CA4-87B4-2F83216012FF}" = Java™ 6 Update 17
"{27DB888F-A703-E898-6261-D84260EF93DA}" = Catalyst Control Center Core Implementation
"{28006915-2739-4EBE-B5E8-49B25D32EB33}" = Atheros Driver Installation Program
"{32A3A4F4-B792-11D6-A78A-00B0D0160170}" = Java™ SE Development Kit 6 Update 17
"{337C0055-BE59-63E5-72AE-DAED46ED980B}" = CCC Help Korean
"{342D2010-703F-2098-441E-F96F532EBD09}" = CCC Help Chinese Standard
"{3912D529-02BC-4CA8-B5ED-0D0C20EB6003}" = ATK Hotkey
"{3A9A74B7-DAE0-EB01-E51A-D2A6720CF135}" = CCC Help Japanese
"{3E7CE151-F6EC-8550-9B73-427F6A89AC42}" = CCC Help Polish
"{3FA365DF-2D68-45ED-8F83-8C8A33E65143}" = Apple Application Support
"{45936E5D-5CEB-A100-8694-B62523FD99C6}" = Catalyst Control Center Localization German
"{4BE52CD7-9B51-F4D8-ED51-8E89324F3EBD}" = Catalyst Control Center Localization Norwegian
"{4EE9DA0A-4CED-1FB9-3231-24C85855A387}" = Catalyst Control Center Localization Spanish
"{50DD51CF-31D8-7831-D4E8-E13E0A736D93}" = Catalyst Control Center Localization Russian
"{52159193-1EA1-B129-7C03-7120CB0C502E}" = CCC Help Portuguese
"{52E43F33-7D7C-3209-0539-1B2A43010E0D}" = Catalyst Control Center Localization Turkish
"{541DEAC0-5F3D-45E6-B7CB-94ECF3B96748}" = Skype web features
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{57B15AD4-8C9D-4164-82BB-E33D8644E757}" = ASUS InstantFun
"{58752780-E21C-A458-2397-BD8D5E3CB0C1}" = Catalyst Control Center Localization Portuguese
"{5C1DB4ED-E9B4-402D-BB14-D75D97D6C1A6}" = ATKOSD2
"{6412CECE-8172-4BE5-935B-6CECACD2CA87}" = Windows Live Mail
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{6602C18D-52EC-BB1F-C3B9-EFF2F1463A58}" = Catalyst Control Center Localization Thai
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6D6204C8-6B1D-4FBA-ADA9-CB6DFF9BF80D}" = America's Army Deploy Client
"{6E32B134-CA8D-49DD-B94C-0DB155CE70B5}" = ccc-Branding
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{767CC44C-9BBC-438D-BAD3-FD4595DD148B}" = VC80CRTRedist - 8.0.50727.762
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{77AD4A77-F70F-84BC-B52B-91DAB868EF27}" = CCC Help Czech
"{77DCDCE3-2DED-62F3-8154-05E745472D07}" = Acrobat.com
"{789289CA-F73A-4A16-A331-54D498CE069F}" = Ventrilo Client
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{81128EE8-8EAD-4DB0-85C6-17C2CE50FF71}" = Windows Live Essentials
"{83F73CB1-7705-49D1-9852-84D839CA2A45}" = Wireless Console 2
"{872717DD-EE82-F142-4DF7-0308772A8DE4}" = ccc-utility
"{88D44595-9B8E-38FF-7CD9-F5A1423BA2D6}" = Catalyst Control Center Graphics Light
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8D3D4041-DA1D-F814-B37E-ABF774556DAA}" = Catalyst Control Center Localization Italian
"{900F0963-B211-5692-EEEC-4DFF6F7321F6}" = CCC Help Swedish
"{90110409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{91AA9814-7B89-DA53-5FCA-EBDCDAC4F611}" = CCC Help Italian
"{926C96FB-9D0A-4504-8000-C6D3A4A3118E}" = Java DB 10.4.2.1
"{92C98289-5C00-4A4E-03ED-6E59F7D73435}" = Catalyst Control Center Localization Chinese Standard
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{97C9E93A-7DEA-37C2-50F0-E6172D91DEE6}" = CCC Help German
"{97F73E68-213C-6F88-A590-9C600186E36C}" = CCC Help Finnish
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BF9D522-7FA6-D442-9769-558E3B4503F0}" = Skins
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A6FDF86A-F541-4E7B-AEA0-8849A2A700D5}" = iTunes
"{A85FD55B-891B-4314-97A5-EA96C0BD80B5}" = Windows Live Messenger
"{AADEA55D-C834-4BCB-98A3-4B8D1C18F4EE}" = Apple Mobile Device Support
"{AB870B63-94EF-0B0A-340E-62CAF5D48B17}" = CCC Help French
"{AC76BA86-7AD7-1033-7B44-A92000000001}" = Adobe Reader 9.2
"{AE3CF174-872C-46C6-B9F6-C0593F3BC7B8}" = Microsoft Office Live Add-in 1.4
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B6512E97-FFA8-6A76-4B07-036784E56A7B}" = Catalyst Control Center Localization Czech
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{B8F1FA25-D1F3-5DEB-5AE2-18E72A2955CA}" = Catalyst Control Center Localization Danish
"{B935DAF9-605C-A1F8-7A4E-BE87E82B7237}" = CCC Help Norwegian
"{BC61F51E-8AF7-46B9-AF20-B33B5EE81033}" = Nero 7 Essentials
"{C0BAF48F-940E-7AC7-63B3-BDFAF8A6CCA5}" = CCC Help Thai
"{C0FC1C14-4824-4A73-87A6-9E888C9C3102}" = ASUS Splendid Video Enhancement Technology
"{C1B22596-9F6C-6795-F374-D6843ABA8A9A}" = Catalyst Control Center Localization Korean
"{C376495E-6F9D-2A3A-329E-960682A22B3B}" = Catalyst Control Center Localization Hungarian
"{C6FB5BC4-823A-FE8B-01CB-3A7F51B4C9C2}" = ccc-core-static
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE86A0E7-818D-43EC-A181-59BA9BD3EF2E}" = LightScribe 1.8.13.1
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.1
"{D3D54F3E-C5C3-443D-978F-87A72E5616E8}" = ATK Generic Function Service
"{D8438AE5-4BE7-CEC7-D0AA-189B34C4628F}" = CCC Help Dutch
"{D873FA4B-C374-4F8A-8D9A-130DB56FAB16}" = America's Army
"{DC24971E-1946-445D-8A82-CE685433FA7D}" = Realtek USB 2.0 Card Reader
"{DF4EB70F-6EBF-AD9E-AF89-D1398A284C86}" = Catalyst Control Center Graphics Previews Common
"{E037311F-0715-DB85-4394-6B09A66605C0}" = CCC Help Spanish
"{E1D0A2DB-9B8D-E7B1-295B-DDAB0B9A423F}" = Catalyst Control Center Localization French
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
"{E657B243-9AD4-4ECC-BE81-4CCF8D667FD0}" = ASUS Live Update
"{EAF8F949-849D-9E39-2A86-0DB83A90405B}" = Catalyst Control Center Graphics Full Existing
"{ED00D08A-3C5F-488D-93A0-A04F21F23956}" = Windows Live Communications Platform
"{EDFE36E7-B60E-BF8E-F2DF-0DD61B1E3CAE}" = CCC Help Hungarian
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F446A5CB-74F2-44F5-988C-0738E5613689}" = BitDefender Internet Security 2010
"{F656696C-CF30-03E5-03A8-05078E02ACEB}" = CCC Help Danish
"{F6BD194C-4190-4D73-B1B1-C48C99921BFE}" = Windows Live Call
"{F6CAF803-A534-705F-A673-A04FCEC5AFC9}" = CCC Help Russian
"{FCABF3BF-D716-980B-F463-32D5734A3DB4}" = CCC Help English
"{FE0C4C63-56C1-087C-3404-C547405FCEA7}" = Catalyst Control Center Graphics Previews Vista
"{FE44D8AC-80B2-A8BA-291F-59109DE96C11}" = CCC Help Turkish
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"BBCiPlayerDesktop.61DB7A798358575D6A969CCD73DDBBD723A6DA9D.1" = BBC iPlayer Desktop
"CCleaner" = CCleaner
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"ERUNT_is1" = ERUNT 1.1j
"LastFM_is1" = Last.fm 1.5.4.24567
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.5.7)" = Mozilla Firefox (3.5.7)
"Orb" = Orb
"PunkBusterSvc" = PunkBuster Services
"SMSERIAL" = Motorola SM56 Speakerphone Modem
"SpywareGuard_is1" = SpywareGuard v2.2
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"Teamspeak 2 RC2_is1" = TeamSpeak 2 RC2
"USB2.0 1.3M UVC WebCam" = USB2.0 1.3M UVC WebCam
"uTorrent" = µTorrent
"VLC media player" = VideoLAN VLC media player 0.8.6d
"Winamp" = Winamp
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR archiver

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{8DC910CD-8EE3-4ffc-A4EB-9B02701059C4}" = Battlefield Heroes (Sunil)
"0638265cfb8124a6" = AA2Deploy
"Google Chrome" = Google Chrome
"Winamp Detect" = Winamp Application Detect

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 28/09/2009 07:42:54 | Computer Name = Sunils--Laptop | Source = Application Error | ID = 1000
Description = Faulting application firefox.exe, version 1.9.0.3526, time stamp 0x4a96afb2,
faulting module MSVCR71.dll, version 7.10.3052.4, time stamp 0x3e561eac, exception
code 0xc0000005, fault offset 0x000128fe, process id 0xee4, application start time
0x01ca4030cb720b4a.

Error - 28/09/2009 21:20:26 | Computer Name = Sunils--Laptop | Source = Application Error | ID = 1000
Description = Faulting application firefox.exe, version 1.9.0.3526, time stamp 0x4a96afb2,
faulting module MSVCR71.dll, version 7.10.3052.4, time stamp 0x3e561eac, exception
code 0xc0000005, fault offset 0x000128fe, process id 0x52c, application start time
0x01ca40a30057200b.

Error - 30/09/2009 03:53:56 | Computer Name = Sunils--Laptop | Source = WerSvc | ID = 5007
Description =

Error - 30/09/2009 03:54:53 | Computer Name = Sunils--Laptop | Source = Google Update | ID = 20
Description =

Error - 30/09/2009 09:05:06 | Computer Name = Sunils--Laptop | Source = Google Update | ID = 20
Description =

Error - 30/09/2009 09:05:26 | Computer Name = Sunils--Laptop | Source = Google Update | ID = 20
Description =

Error - 30/09/2009 13:37:20 | Computer Name = Sunils--Laptop | Source = WerSvc | ID = 5007
Description =

Error - 30/09/2009 20:20:12 | Computer Name = Sunils--Laptop | Source = Application Hang | ID = 1002
Description = The program firefox.exe version 1.9.0.3526 stopped interacting with
Windows and was closed. To see if more information about the problem is available,
check the problem history in the Problem Reports and Solutions control panel. Process
ID: 554 Start Time: 01ca422bacdac840 Termination Time: 62

Error - 30/09/2009 20:54:37 | Computer Name = Sunils--Laptop | Source = Application Error | ID = 1000
Description = Faulting application msnmsgr.exe, version 8.5.1302.1018, time stamp
0x4717a53b, faulting module unknown, version 0.0.0.0, time stamp 0x00000000, exception
code 0xc0000005, fault offset 0x13c475e1, process id 0xfcc, application start time
0x01ca41f4b39afb6e.

Error - 01/10/2009 16:17:49 | Computer Name = Sunils--Laptop | Source = WerSvc | ID = 5007
Description =

[ System Events ]
Error - 10/01/2010 12:01:42 | Computer Name = Sunils--Laptop | Source = Microsoft-Windows-Servicing | ID = 4375
Description =

Error - 10/01/2010 12:01:42 | Computer Name = Sunils--Laptop | Source = Microsoft-Windows-Servicing | ID = 4375
Description =

Error - 10/01/2010 12:01:42 | Computer Name = Sunils--Laptop | Source = Microsoft-Windows-Servicing | ID = 4375
Description =

Error - 10/01/2010 12:01:42 | Computer Name = Sunils--Laptop | Source = Microsoft-Windows-Servicing | ID = 4375
Description =

Error - 10/01/2010 12:01:42 | Computer Name = Sunils--Laptop | Source = Microsoft-Windows-Servicing | ID = 4375
Description =

Error - 10/01/2010 12:01:42 | Computer Name = Sunils--Laptop | Source = Microsoft-Windows-Servicing | ID = 4375
Description =

Error - 10/01/2010 12:01:42 | Computer Name = Sunils--Laptop | Source = Microsoft-Windows-Servicing | ID = 4375
Description =

Error - 10/01/2010 12:01:42 | Computer Name = Sunils--Laptop | Source = Microsoft-Windows-Servicing | ID = 4375
Description =

Error - 10/01/2010 12:01:42 | Computer Name = Sunils--Laptop | Source = Microsoft-Windows-Servicing | ID = 4375
Description =

Error - 10/01/2010 12:01:42 | Computer Name = Sunils--Laptop | Source = Microsoft-Windows-LanguagePackSetup | ID = 1003
Description =


< End of report >
  • 0

#27
hammerman
Posted 11 January 2010 - 02:47 PM

hammerman

    Member 4k

  • Member
  • PipPipPipPipPipPipPip
  • 4,183 posts
Hi,

Your logs look clean. If you post in the Vista forum here, I'm sure they will help you with your updates. Let them know I've been helping you and post a link to this topic.
  • 0

#28
Skag
Posted 11 January 2010 - 04:31 PM

Skag

    Member

  • Topic Starter
  • Member
  • PipPip
  • 15 posts
Thank you very much for all the help hammerman :)
  • 0

#29
hammerman
Posted 16 January 2010 - 04:05 AM

hammerman

    Member 4k

  • Member
  • PipPipPipPipPipPipPip
  • 4,183 posts
Since this issue appears to be resolved ... this Topic has been closed. Glad we could help. :)

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP