HUER:trojan.script.iframer and trojan.win32.fraudpack.amcd [Closed]

im getting about 30-40 viruses a day in the content IES folder, i actually went as far to delete it but kaspersky 2010 is still picking things up in the folder even after its been deleted. The same 2 viruses keep coming up -HEUR:trojan.script.iframer and Trojan.win32.fraudpack.amcd. I cleaned the system out using spyware doctor but i cant seem to find the problem. Can you plz help asap. Ive been to the self remomal guides but nothing seems to work.

Heres the mbam log report:

Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Database version: 4092

Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.18904

12/05/2010 14:41:05
mbam-log-2010-05-12 (14-41-05).txt

Scan type: Full scan (C:\|D:\|E:\|)
Objects scanned: 227820
Time elapsed: 1 hour(s), 31 minute(s), 16 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 7
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 3
Files Infected: 1

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_CLASSES_ROOT\cscrptxt.cscrptxt (Adware.EZlife) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\cscrptxt.cscrptxt.1.0 (Adware.EZlife) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\AppID\{38061edc-40bb-4618-a8da-e56353347e6d} (Adware.EZlife) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ezLife (Adware.EzLife) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\ezLife (Adware.EzLife) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\adshothlpr.adshothlpr (Adware.Adrotator) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\adshothlpr.adshothlpr.1.0 (Adware.Adrotator) -> Quarantined and deleted successfully.

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
C:\Program Files\ezLife (Adware.EzLife) -> Quarantined and deleted successfully.
C:\Program Files\ezLife\ezLife (Adware.EzLife) -> Quarantined and deleted successfully.
C:\Program Files\ezLife\ezLife\1.5.5.0 (Adware.EzLife) -> Quarantined and deleted successfully.

Files Infected:
C:\Program Files\ezLife\ezLife\1.5.5.0\uninstall.exe (Adware.EzLife) -> Quarantined and deleted successfully.

and the OTL log report:

OTL logfile created on: 12/05/2010 12:54:10 - Run 1
OTL by OldTimer - Version 3.2.4.1 Folder = C:\Users\imran\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18904)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 68.00% Memory free
7.00 Gb Paging File | 5.00 Gb Available in Paging File | 83.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 172.79 Gb Total Space | 48.68 Gb Free Space | 28.17% Space Free | Partition Type: NTFS
Drive D: | 97.66 Gb Total Space | 63.59 Gb Free Space | 65.12% Space Free | Partition Type: NTFS
Drive E: | 195.31 Gb Total Space | 169.06 Gb Free Space | 86.56% Space Free | Partition Type: NTFS
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: PCSBSFN28
Current User Name: imran
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Standard
Quick Scan

========== Processes (SafeList) ==========

PRC - [2010/05/12 12:52:55 | 000,570,880 | ---- | M] (OldTimer Tools) -- C:\Users\imran\Downloads\OTL.exe
PRC - [2010/04/03 12:17:30 | 000,910,296 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2010/03/23 16:39:18 | 001,303,784 | ---- | M] (Trusteer Ltd.) -- C:\Program Files\Trusteer\Rapport\bin\RapportService.exe
PRC - [2010/03/23 16:39:18 | 000,779,496 | ---- | M] (Trusteer Ltd.) -- C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe
PRC - [2010/03/15 11:50:36 | 001,142,224 | ---- | M] (PC Tools) -- C:\Program Files\Spyware Doctor\pctsSvc.exe
PRC - [2010/03/11 11:09:22 | 000,366,840 | ---- | M] (PC Tools) -- C:\Program Files\Spyware Doctor\pctsAuxs.exe
PRC - [2010/03/09 08:40:26 | 001,286,608 | ---- | M] (PC Tools) -- C:\Program Files\Spyware Doctor\pctsTray.exe
PRC - [2010/01/22 09:56:24 | 000,112,592 | ---- | M] (Threat Expert Ltd.) -- C:\Program Files\Spyware Doctor\BDT\BDTUpdateService.exe
PRC - [2009/05/25 05:21:40 | 000,207,376 | ---- | M] (Kaspersky Lab) -- C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\klwtblfs.exe
PRC - [2009/04/11 00:27:38 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008/05/20 11:06:00 | 006,144,000 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
PRC - [2007/10/17 15:02:50 | 001,040,384 | ---- | M] (Ralink Technology, Corp.) -- C:\Program Files\RALINK\Common\RaUI.exe

========== Modules (SafeList) ==========

MOD - [2010/05/12 12:52:55 | 000,570,880 | ---- | M] (OldTimer Tools) -- C:\Users\imran\Downloads\OTL.exe
MOD - [2010/02/17 12:44:18 | 000,496,872 | ---- | M] (Trusteer Ltd.) -- C:\Program Files\Trusteer\Rapport\bin\rooksbas.dll
MOD - [2009/10/30 10:18:16 | 000,147,024 | ---- | M] (PC Tools) -- C:\Program Files\Spyware Doctor\PCTGMhk.dll
MOD - [2009/04/11 00:21:40 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0\comctl32.dll
MOD - [2008/01/18 23:33:02 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msscript.ocx

========== Win32 Services (SafeList) ==========

SRV - [2010/03/23 16:39:18 | 000,779,496 | ---- | M] (Trusteer Ltd.) [Auto | Running] -- C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe -- (RapportMgmtService)
SRV - [2010/03/15 11:50:36 | 001,142,224 | ---- | M] (PC Tools) [Auto | Running] -- C:\Program Files\Spyware Doctor\pctsSvc.exe -- (sdCoreService)
SRV - [2010/03/11 11:09:22 | 000,366,840 | ---- | M] (PC Tools) [Auto | Running] -- C:\Program Files\Spyware Doctor\pctsAuxs.exe -- (sdAuxService)
SRV - [2010/01/22 09:56:24 | 000,112,592 | ---- | M] (Threat Expert Ltd.) [Auto | Running] -- C:\Program Files\Spyware Doctor\BDT\BDTUpdateService.exe -- (Browser Defender Update Service)
SRV - [2009/09/25 02:27:04 | 000,793,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\FntCache.dll -- (FontCache)
SRV - [2009/09/14 18:35:00 | 003,597,136 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\Windows\System32\GameMon.des -- (npggsvc)
SRV - [2009/07/26 07:43:14 | 000,025,832 | ---- | M] (BioWare) [On_Demand | Stopped] -- E:\Dragon Age\bin_ship\daupdatersvc.service.exe -- (DAUpdaterSvc)
SRV - [2009/05/25 05:26:40 | 000,303,376 | ---- | M] (Kaspersky Lab) [Auto | Running] -- C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe -- (AVP)
SRV - [2008/01/18 23:38:26 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)

========== Driver Services (SafeList) ==========

DRV - [2010/03/29 10:06:14 | 000,218,592 | ---- | M] (PC Tools) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\PCTCore.sys -- (PCTCore)
DRV - [2010/03/23 16:39:26 | 000,125,160 | ---- | M] (Trusteer Ltd.) [Kernel | System | Running] -- C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys -- (RapportPG)
DRV - [2010/03/23 16:39:26 | 000,058,984 | ---- | M] (Trusteer Ltd.) [Kernel | System | Running] -- C:\Program Files\Trusteer\Rapport\bin\RapportKELL.sys -- (RapportKELL)
DRV - [2009/09/29 18:09:48 | 000,721,904 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\sptd.sys -- (sptd)
DRV - [2009/09/21 19:20:15 | 000,280,592 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\klif.sys -- (TSP)
DRV - [2009/09/21 19:20:15 | 000,280,592 | ---- | M] (Kaspersky Lab) [File_System | System | Running] -- C:\Windows\System32\drivers\klif.sys -- (KLIF)
DRV - [2009/09/21 19:20:15 | 000,128,016 | ---- | M] (Kaspersky Lab) [Kernel | System | Running] -- C:\Windows\System32\drivers\kl1.sys -- (kl1)
DRV - [2009/06/10 06:38:16 | 000,335,872 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\netr61.sys -- (rt61x86)
DRV - [2009/05/16 20:59:34 | 000,019,472 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\klmouflt.sys -- (klmouflt)
DRV - [2009/05/15 18:50:22 | 000,021,008 | ---- | M] (Kaspersky Lab) [Kernel | System | Running] -- C:\Windows\System32\drivers\klim6.sys -- (KLIM6)
DRV - [2008/12/15 20:41:32 | 000,033,808 | ---- | M] (Kaspersky Lab) [File_System | Boot | Running] -- C:\Windows\system32\drivers\klbg.sys -- (klbg)
DRV - [2008/07/26 18:18:00 | 007,281,056 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2008/07/22 08:42:34 | 000,123,904 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169)
DRV - [2008/05/20 11:01:00 | 002,143,136 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RTKVHDA.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2007/05/02 12:11:18 | 000,109,704 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_mdm.sys -- (ss_mdm)
DRV - [2007/05/02 12:11:18 | 000,015,112 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_mdfl.sys -- (ss_mdfl)
DRV - [2007/05/02 12:11:16 | 000,083,592 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_bus.sys -- (ss_bus) SAMSUNG Mobile USB Device 1.0 driver (WDM)
DRV - [2006/11/02 10:51:45 | 000,900,712 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300)
DRV - [2006/11/02 10:51:38 | 000,420,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx)
DRV - [2006/11/02 10:51:34 | 000,316,520 | ---- | M] (Emulex) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor)
DRV - [2006/11/02 10:51:32 | 000,297,576 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci)
DRV - [2006/11/02 10:51:25 | 000,235,112 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci)
DRV - [2006/11/02 10:51:25 | 000,232,040 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV)
DRV - [2006/11/02 10:51:00 | 000,147,048 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320)
DRV - [2006/11/02 10:50:45 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2)
DRV - [2006/11/02 10:50:41 | 000,112,232 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid)
DRV - [2006/11/02 10:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx)
DRV - [2006/11/02 10:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata)
DRV - [2006/11/02 10:50:35 | 000,098,408 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m)
DRV - [2006/11/02 10:50:24 | 000,088,680 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid)
DRV - [2006/11/02 10:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960)
DRV - [2006/11/02 10:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp)
DRV - [2006/11/02 10:50:16 | 000,071,784 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4)
DRV - [2006/11/02 10:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor)
DRV - [2006/11/02 10:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx)
DRV - [2006/11/02 10:50:10 | 000,067,688 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas)
DRV - [2006/11/02 10:50:10 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI)
DRV - [2006/11/02 10:50:10 | 000,038,504 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid2.sys -- (SiSRaid2)
DRV - [2006/11/02 10:50:10 | 000,037,480 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs)
DRV - [2006/11/02 10:50:09 | 000,067,688 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arc.sys -- (arc)
DRV - [2006/11/02 10:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid)
DRV - [2006/11/02 10:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi)
DRV - [2006/11/02 10:50:05 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS)
DRV - [2006/11/02 10:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx)
DRV - [2006/11/02 10:50:04 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC)
DRV - [2006/11/02 10:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3)
DRV - [2006/11/02 10:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x)
DRV - [2006/11/02 10:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi)
DRV - [2006/11/02 10:49:53 | 000,028,776 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasas.sys -- (megasas)
DRV - [2006/11/02 10:49:30 | 000,017,512 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\viaide.sys -- (viaide)
DRV - [2006/11/02 10:49:28 | 000,016,488 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide)
DRV - [2006/11/02 10:49:20 | 000,014,952 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\aliide.sys -- (aliide)
DRV - [2006/11/02 09:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
DRV - [2006/11/02 09:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer)
DRV - [2006/11/02 09:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp)
DRV - [2006/11/02 09:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo)
DRV - [2006/11/02 09:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm)
DRV - [2006/11/02 09:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm)
DRV - [2006/11/02 08:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi)
DRV - [2006/11/02 08:30:54 | 000,117,760 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60) Intel®
DRV - [2006/07/24 17:05:00 | 000,005,632 | ---- | M] () [File_System | System | Running] -- C:\Windows\System32\drivers\StarOpen.sys -- (StarOpen)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://uk.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-gb
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = A2 BB 92 2D C5 EF CA 01 [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = :

========== FireFox ==========

FF - prefs.js..extensions.enabledItems: [email protected]:9.0.0.459

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/04/03 12:17:35 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/04/03 12:17:35 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Thunderbird\Extensions\\[email protected]: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird

[2010/03/24 17:40:09 | 000,000,000 | ---D | M] -- C:\Users\imran\AppData\Roaming\Mozilla\Extensions
[2009/09/29 19:58:22 | 000,000,000 | ---D | M] -- C:\Users\imran\AppData\Roaming\Mozilla\Extensions\[email protected]
[2010/05/11 22:47:34 | 000,000,000 | ---D | M] -- C:\Users\imran\AppData\Roaming\Mozilla\Firefox\Profiles\zi1kyzgv.default\extensions
[2010/03/24 17:41:31 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\imran\AppData\Roaming\Mozilla\Firefox\Profiles\zi1kyzgv.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/03/24 17:39:57 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2009/09/19 07:37:18 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\[email protected]
[2010/03/16 19:27:25 | 000,001,538 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazon-en-GB.xml
[2010/03/16 19:27:25 | 000,000,947 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\chambers-en-GB.xml
[2010/03/16 19:27:25 | 000,000,769 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay-en-GB.xml
[2010/03/16 19:27:25 | 000,001,135 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-en-GB.xml

O1 HOSTS File: ([2006/09/18 22:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (PC Tools Browser Guard BHO) - {2A0F3D1B-0909-4FF4-B272-609CCE6054E7} - C:\Program Files\Spyware Doctor\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll File not found
O2 - BHO: (no name) - {50726AEE-AB16-42A3-A647-12A5E352D286} - No CLSID value found.
O2 - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\ievkbd.dll (Kaspersky Lab)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O2 - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\klwtbbho.dll (Kaspersky Lab)
O3 - HKLM\..\Toolbar: (PC Tools Browser Guard) - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files\Spyware Doctor\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (PC Tools Browser Guard) - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files\Spyware Doctor\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
O4 - HKLM..\Run: [AVP] C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe (Kaspersky Lab)
O4 - HKLM..\Run: [ISTray] C:\Program Files\Spyware Doctor\pctsTray.exe (PC Tools)
O4 - HKLM..\Run: [NeroFilterCheck] C:\Windows\System32\NeroCheck.exe (Ahead Software Gmbh)
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [Skytel] C:\Windows\SkyTel.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\daemon.exe (DT Soft Ltd)
O4 - HKCU..\Run: [EA Core] C:\Program Files\Electronic Arts\EADM\Core.exe File not found
O4 - HKCU..\Run: [RGSC] E:\GTA4\Rockstar Games Social Club\RGSCLauncher.exe File not found
O4 - HKCU..\Run: [uTorrent] C:\Program Files\uTorrent\uTorrent.exe (BitTorrent, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 28
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: &Virtual keyboard - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\klwtbbho.dll (Kaspersky Lab)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: URLs c&heck - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\klwtbbho.dll (Kaspersky Lab)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000028 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O13 - gopher Prefix: missing
O16 - DPF: {48884C41-EFAC-433D-958A-9FADAC41408E} https://www.e-games....GamesPlugin.cab (EGamesPlugin Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 129.12.21.3
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll) - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\mzvkbd3.dll (Kaspersky Lab)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\klogon: DllName - C:\Windows\system32\klogon.dll - C:\Windows\System32\klogon.dll (Kaspersky Lab)
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img24.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img24.jpg
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{037bb8a4-a366-11de-b5ef-00e04c18b26a}\Shell - "" = AutoRun
O33 - MountPoints2\{037bb8a4-a366-11de-b5ef-00e04c18b26a}\Shell\AutoRun\command - "" = G:\AutoRun.exe -- File not found
O33 - MountPoints2\{8082dc62-a322-11de-8587-001966ca2cc3}\Shell - "" = AutoRun
O33 - MountPoints2\{8082dc62-a322-11de-8587-001966ca2cc3}\Shell\AutoRun\command - "" = G:\AutoRun.exe -- File not found
O33 - MountPoints2\{8082dc78-a322-11de-8587-001966ca2cc3}\Shell - "" = AutoRun
O33 - MountPoints2\{8082dc78-a322-11de-8587-001966ca2cc3}\Shell\AutoRun\command - "" = G:\AutoRun.exe -- File not found
O33 - MountPoints2\{f7a59730-dd1a-11de-be4e-806e6f6e6963}\Shell - "" = Autorun
O33 - MountPoints2\{f7a59730-dd1a-11de-be4e-806e6f6e6963}\Shell\Open\command - "" = RECYCLER\S-9-4-53-100012410-100029271-100013198-2221.com e:\
O33 - MountPoints2\H\Shell - "" = Autorun
O33 - MountPoints2\H\Shell\Open\command - "" = RECYCLER\S-9-4-53-100012410-100029271-100013198-2221.com e:\
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKCU\...exe [@ = exefile] -- Reg Error: Key error. File not found

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias [2009/09/21 17:24:52 | 000,000,000 | ---D | M]
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: Wmi - C:\Windows\System32\wmi.dll (Microsoft Corporation)
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 90 Days ==========

[2010/05/12 12:37:46 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2010/05/12 12:31:35 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2010/05/12 12:30:50 | 000,000,000 | ---D | C] -- C:\Program Files\ERUNT
[2010/05/11 23:12:02 | 000,000,000 | ---D | C] -- C:\Users\imran\AppData\Local\Threat Expert
[2010/05/11 22:52:19 | 000,149,456 | ---- | C] (PC Tools) -- C:\Windows\SGDetectionTool.dll
[2010/05/11 22:52:18 | 001,652,688 | ---- | C] (Threat Expert Ltd.) -- C:\Windows\PCTBDCore.dll
[2010/05/11 22:52:18 | 000,165,840 | ---- | C] (Threat Expert Ltd.) -- C:\Windows\PCTBDRes.dll
[2010/05/11 22:50:31 | 000,233,136 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\pctgntdi.sys
[2010/05/11 22:50:31 | 000,100,136 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\pctwfpfilter.sys
[2010/05/11 22:50:21 | 000,218,592 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\PCTCore.sys
[2010/05/11 22:50:21 | 000,088,040 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\PCTAppEvent.sys
[2010/05/11 22:50:15 | 000,063,360 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\pctplsg.sys
[2010/05/11 22:50:11 | 000,000,000 | ---D | C] -- C:\Program Files\Spyware Doctor
[2010/05/11 22:50:11 | 000,000,000 | ---D | C] -- C:\Users\imran\AppData\Roaming\PC Tools
[2010/05/11 22:50:11 | 000,000,000 | ---D | C] -- C:\ProgramData\PC Tools
[2010/05/11 22:50:11 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\PC Tools
[2010/05/11 22:50:01 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP
[2010/05/11 21:57:53 | 000,000,000 | ---D | C] -- C:\Program Files\ezLife
[2010/05/05 00:33:44 | 000,000,000 | ---D | C] -- C:\Users\imran\AppData\Local\storage
[2010/05/05 00:33:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Ubisoft
[2010/04/07 17:44:51 | 000,000,000 | ---D | C] -- C:\Users\imran\.jagex_cache_32
[2010/03/31 11:50:25 | 003,597,136 | ---- | C] (INCA Internet Co., Ltd.) -- C:\Windows\System32\GameMon.des
[2010/03/31 11:49:32 | 000,004,682 | ---- | C] (INCA Internet Co., Ltd.) -- C:\Windows\System32\npptNT2.sys
[2010/03/31 11:49:03 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\INCA Shared
[2010/03/31 09:32:30 | 000,000,000 | ---D | C] -- C:\Users\imran\Documents\RanOnline
[2010/03/22 21:30:13 | 000,000,000 | ---D | C] -- C:\.jagex_cache_32
[2010/03/22 02:04:17 | 000,000,000 | ---D | C] -- C:\Program Files\uTorrent
[2010/03/18 00:42:50 | 000,000,000 | ---D | C] -- C:\ProgramData\NetStat Agent
[2010/03/18 00:39:32 | 000,000,000 | ---D | C] -- C:\Users\imran\AppData\Roaming\NetStat Agent
[2010/03/15 23:26:25 | 000,000,000 | ---D | C] -- C:\Users\imran\AppData\Roaming\JonDo
[2010/03/08 14:50:54 | 000,000,000 | ---D | C] -- C:\Users\imran\Documents\Bioshock2
[2010/03/08 14:35:38 | 000,000,000 | -HSD | C] -- C:\ProgramData\SecuROM
[2010/03/08 14:18:32 | 000,000,000 | ---D | C] -- C:\Users\imran\AppData\Roaming\Bioshock2
[2010/03/08 14:11:05 | 000,000,000 | ---D | C] -- C:\Users\imran\Documents\CDBurnerXP Projects
[2010/03/08 14:11:05 | 000,000,000 | ---D | C] -- C:\Users\imran\AppData\Roaming\Canneverbe_Limited
[2010/03/08 14:11:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Canneverbe Limited
[2010/03/02 01:33:47 | 000,000,000 | R--D | C] -- C:\Users\imran\Desktop\soon
[2010/03/01 17:53:36 | 000,000,000 | ---D | C] -- C:\Users\imran\AppData\Roaming\InstallShield
[2010/03/01 17:40:11 | 000,000,000 | -H-D | C] -- C:\Program Files\Temp
[2010/03/01 17:04:51 | 000,000,000 | ---D | C] -- C:\ProgramData\DriverScanner
[2010/03/01 17:03:55 | 000,000,000 | -H-D | C] -- C:\ProgramData\{66E2F539-12B6-4870-A500-7689CDE75C5E}
[2010/02/24 13:15:55 | 000,000,000 | ---D | C] -- C:\Program Files\MSXML 4.0
[2010/02/24 00:58:38 | 000,000,000 | ---D | C] -- C:\Users\imran\AppData\Roaming\Samsung
[2010/02/24 00:55:21 | 000,000,000 | ---D | C] -- C:\Program Files\Samsung
[2010/02/22 11:49:36 | 000,000,000 | ---D | C] -- C:\Users\imran\AppData\Roaming\Malwarebytes
[2010/02/22 11:49:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010/02/22 11:49:21 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010/02/22 00:28:34 | 000,000,000 | ---D | C] -- C:\Windows\Sun
[2010/02/21 19:59:55 | 000,000,000 | ---D | C] -- C:\ProgramData\ESET
[2010/02/21 17:50:52 | 000,000,000 | ---D | C] -- C:\Program Files\AVG
[2010/02/21 17:50:51 | 000,000,000 | ---D | C] -- C:\ProgramData\avg9
[2010/02/21 17:22:17 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Mcafee
[2010/02/19 21:19:26 | 000,000,000 | ---D | C] -- C:\Users\imran\AppData\Roaming\LimeWire
[2010/02/19 21:19:15 | 000,000,000 | ---D | C] -- C:\Program Files\LimeWire

========== Files - Modified Within 90 Days ==========

[2010/05/12 13:00:40 | 002,621,440 | -HS- | M] () -- C:\Users\imran\NTUSER.DAT
[2010/05/12 12:51:14 | 000,694,964 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2010/05/12 12:51:14 | 000,602,846 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010/05/12 12:51:14 | 000,106,292 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010/05/12 12:50:44 | 000,013,312 | ---- | M] () -- C:\Users\imran\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/05/12 12:45:18 | 000,004,784 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010/05/12 12:45:18 | 000,004,784 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010/05/12 12:45:18 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010/05/12 12:45:09 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010/05/12 12:45:05 | 3421,822,976 | -HS- | M] () -- C:\hiberfil.sys
[2010/05/12 12:45:04 | 279,054,287 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2010/05/12 12:30:53 | 000,000,733 | ---- | M] () -- C:\Users\imran\Desktop\NTREGOPT.lnk
[2010/05/12 12:30:53 | 000,000,714 | ---- | M] () -- C:\Users\imran\Desktop\ERUNT.lnk
[2010/05/12 12:10:23 | 000,524,288 | -HS- | M] () -- C:\Users\imran\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms
[2010/05/12 12:10:23 | 000,065,536 | -HS- | M] () -- C:\Users\imran\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TM.blf
[2010/05/12 12:06:12 | 002,393,841 | -H-- | M] () -- C:\Users\imran\AppData\Local\IconCache.db
[2010/05/12 12:00:38 | 000,001,759 | ---- | M] () -- C:\Users\Public\Desktop\Spyware Doctor.lnk
[2010/05/11 21:57:59 | 000,050,990 | ---- | M] () -- C:\Windows\System32\btmgtefcdlrlvt.exe
[2010/05/09 17:08:01 | 000,084,992 | ---- | M] () -- C:\Users\imran\Desktop\AC3002009examand_answers.doc
[2010/05/05 11:27:42 | 000,113,933 | ---- | M] () -- C:\Windows\System32\drivers\klin.dat
[2010/05/05 11:27:42 | 000,097,549 | ---- | M] () -- C:\Windows\System32\drivers\klick.dat
[2010/04/29 10:17:20 | 000,370,176 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2010/04/28 20:48:43 | 000,046,592 | ---- | M] () -- C:\Users\imran\Desktop\LW502_Caselist10.doc
[2010/04/09 10:47:47 | 000,022,609 | ---- | M] () -- C:\Users\imran\Desktop\new economics2.docx
[2010/04/08 14:29:32 | 000,063,360 | ---- | M] (PC Tools) -- C:\Windows\System32\drivers\pctplsg.sys
[2010/04/08 08:53:45 | 000,020,404 | ---- | M] () -- C:\Users\imran\Desktop\business law.docx
[2010/04/05 18:34:44 | 000,012,162 | -HS- | M] () -- C:\Users\imran\AppData\Local\GbW53PfLB
[2010/04/05 18:34:44 | 000,012,162 | -HS- | M] () -- C:\ProgramData\GbW53PfLB
[2010/04/01 13:47:00 | 000,256,512 | ---- | M] () -- C:\Users\imran\Desktop\EC302Lecture42.ppt
[2010/04/01 10:50:54 | 000,008,662 | -HS- | M] () -- C:\Users\imran\AppData\Local\0S70
[2010/04/01 10:50:54 | 000,008,662 | -HS- | M] () -- C:\ProgramData\0S70
[2010/03/31 20:48:39 | 000,000,116 | ---- | M] () -- C:\Windows\NeroDigital.ini
[2010/03/31 18:11:44 | 000,000,000 | ---- | M] () -- C:\ProgramData\LauncherAccess.dt
[2010/03/29 10:06:14 | 000,218,592 | ---- | M] (PC Tools) -- C:\Windows\System32\drivers\PCTCore.sys
[2010/03/24 17:39:58 | 000,001,724 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2010/03/22 02:04:19 | 000,000,752 | ---- | M] () -- C:\Users\Public\Desktop\µTorrent.lnk
[2010/03/20 16:31:29 | 000,009,038 | -HS- | M] () -- C:\Users\imran\AppData\Local\7OWr8MdX62
[2010/03/20 16:31:29 | 000,009,038 | -HS- | M] () -- C:\ProgramData\7OWr8MdX62
[2010/03/08 12:50:18 | 000,008,790 | -HS- | M] () -- C:\Users\imran\AppData\Local\ksY41JP0et2Ke
[2010/03/01 17:59:14 | 002,621,440 | -HS- | M] () -- C:\Users\imran\ntuser.dat_previous
[2010/02/27 20:23:04 | 000,007,844 | -HS- | M] () -- C:\Users\imran\AppData\Local\MVkXhU7
[2010/02/24 13:41:44 | 000,100,432 | ---- | M] () -- C:\Users\imran\AppData\Local\GDIPFONTCACHEV1.DAT
[2010/02/24 00:55:25 | 000,000,773 | ---- | M] () -- C:\Users\Public\Desktop\Samsung PC Studio 3.lnk
[2010/02/22 13:13:47 | 000,009,890 | -HS- | M] () -- C:\Users\imran\AppData\Local\e1wnOl
[2010/02/22 11:22:46 | 000,000,000 | ---- | M] () -- C:\Users\imran\AppData\Local\Fnujebicogiceyiq.bin
[2010/02/22 00:35:22 | 000,000,120 | ---- | M] () -- C:\Users\imran\AppData\Local\Ytulalihocimafey.dat
[2010/02/22 00:28:34 | 000,002,032 | ---- | M] () -- C:\Users\imran\AppData\Local\d3d9caps.dat
[2010/02/20 23:29:20 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2010/02/20 23:29:20 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2010/02/19 21:19:22 | 000,001,702 | ---- | M] () -- C:\Users\imran\Desktop\LimeWire 4.12.3.lnk

========== Files Created - No Company Name ==========

[2010/05/12 12:37:41 | 279,054,287 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2010/05/12 12:30:53 | 000,000,733 | ---- | C] () -- C:\Users\imran\Desktop\NTREGOPT.lnk
[2010/05/12 12:30:53 | 000,000,714 | ---- | C] () -- C:\Users\imran\Desktop\ERUNT.lnk
[2010/05/11 22:52:19 | 000,767,952 | ---- | C] () -- C:\Windows\BDTSupport.dll
[2010/05/11 22:52:19 | 000,000,882 | ---- | C] () -- C:\Windows\RegSDImport.xml
[2010/05/11 22:52:19 | 000,000,879 | ---- | C] () -- C:\Windows\RegISSImport.xml
[2010/05/11 22:52:19 | 000,000,131 | ---- | C] () -- C:\Windows\IDB.zip
[2010/05/11 22:52:18 | 001,152,444 | ---- | C] () -- C:\Windows\UDB.zip
[2010/05/11 22:50:31 | 000,007,387 | ---- | C] () -- C:\Windows\System32\drivers\pctgntdi.cat
[2010/05/11 22:50:21 | 000,007,412 | ---- | C] () -- C:\Windows\System32\drivers\PCTAppEvent.cat
[2010/05/11 22:50:21 | 000,007,383 | ---- | C] () -- C:\Windows\System32\drivers\pctcore.cat
[2010/05/11 22:50:18 | 000,001,759 | ---- | C] () -- C:\Users\Public\Desktop\Spyware Doctor.lnk
[2010/05/11 22:50:15 | 000,007,383 | ---- | C] () -- C:\Windows\System32\drivers\pctplsg.cat
[2010/05/11 21:57:59 | 000,050,990 | ---- | C] () -- C:\Windows\System32\btmgtefcdlrlvt.exe
[2010/05/09 17:08:00 | 000,084,992 | ---- | C] () -- C:\Users\imran\Desktop\AC3002009examand_answers.doc
[2010/04/28 20:48:42 | 000,046,592 | ---- | C] () -- C:\Users\imran\Desktop\LW502_Caselist10.doc
[2010/04/25 21:05:43 | 000,013,312 | ---- | C] () -- C:\Users\imran\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/04/05 18:32:46 | 000,012,162 | -HS- | C] () -- C:\Users\imran\AppData\Local\GbW53PfLB
[2010/04/05 18:32:46 | 000,012,162 | -HS- | C] () -- C:\ProgramData\GbW53PfLB
[2010/04/03 14:13:21 | 000,020,404 | ---- | C] () -- C:\Users\imran\Desktop\business law.docx
[2010/04/01 13:27:51 | 000,256,512 | ---- | C] () -- C:\Users\imran\Desktop\EC302Lecture42.ppt
[2010/04/01 10:48:47 | 000,008,662 | -HS- | C] () -- C:\Users\imran\AppData\Local\0S70
[2010/04/01 10:48:47 | 000,008,662 | -HS- | C] () -- C:\ProgramData\0S70
[2010/03/31 18:25:14 | 000,022,609 | ---- | C] () -- C:\Users\imran\Desktop\new economics2.docx
[2010/03/31 11:49:32 | 000,005,174 | ---- | C] () -- C:\Windows\System32\nppt9x.vxd
[2010/03/24 17:39:58 | 000,001,724 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2010/03/22 02:04:19 | 000,000,752 | ---- | C] () -- C:\Users\Public\Desktop\µTorrent.lnk
[2010/03/20 16:27:52 | 000,009,038 | -HS- | C] () -- C:\Users\imran\AppData\Local\7OWr8MdX62
[2010/03/20 16:27:52 | 000,009,038 | -HS- | C] () -- C:\ProgramData\7OWr8MdX62
[2010/03/08 12:48:31 | 000,008,790 | -HS- | C] () -- C:\Users\imran\AppData\Local\ksY41JP0et2Ke
[2010/02/27 20:21:24 | 000,007,844 | -HS- | C] () -- C:\Users\imran\AppData\Local\MVkXhU7
[2010/02/24 00:55:25 | 000,000,773 | ---- | C] () -- C:\Users\Public\Desktop\Samsung PC Studio 3.lnk
[2010/02/21 19:24:03 | 000,000,120 | ---- | C] () -- C:\Users\imran\AppData\Local\Ytulalihocimafey.dat
[2010/02/21 19:24:03 | 000,000,000 | ---- | C] () -- C:\Users\imran\AppData\Local\Fnujebicogiceyiq.bin
[2010/02/21 14:17:36 | 000,009,890 | -HS- | C] () -- C:\Users\imran\AppData\Local\e1wnOl
[2010/02/20 23:29:20 | 000,000,000 | RHS- | C] () -- C:\MSDOS.SYS
[2010/02/20 23:29:20 | 000,000,000 | RHS- | C] () -- C:\IO.SYS
[2010/02/19 21:19:22 | 000,001,702 | ---- | C] () -- C:\Users\imran\Desktop\LimeWire 4.12.3.lnk
[2010/02/19 20:51:54 | 000,000,116 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2010/01/31 15:06:43 | 000,005,632 | ---- | C] () -- C:\Windows\System32\drivers\StarOpen.sys
[2010/01/17 23:02:02 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009/11/06 11:58:04 | 000,178,975 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat
[2009/09/29 18:09:47 | 000,721,904 | ---- | C] () -- C:\Windows\System32\drivers\sptd.sys
[2009/09/17 06:49:59 | 000,000,376 | ---- | C] () -- C:\Windows\ODBC.INI
[2009/09/17 01:23:40 | 000,005,095 | ---- | C] () -- C:\Windows\Ascd_tmp.ini
[2009/09/17 01:23:39 | 000,010,288 | ---- | C] () -- C:\Windows\System32\drivers\ASUSHWIO.SYS
[2009/08/03 15:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll
[2009/06/19 20:06:22 | 000,197,912 | ---- | C] () -- C:\Windows\System32\physxcudart_20.dll
[2009/06/19 20:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelTraditionalChinese.dll
[2009/06/19 20:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSwedish.dll
[2009/06/19 20:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSpanish.dll
[2009/06/19 20:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSimplifiedChinese.dll
[2009/06/19 20:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelPortugese.dll
[2009/06/19 20:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelKorean.dll
[2009/06/19 20:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelJapanese.dll
[2009/06/19 20:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelGerman.dll
[2009/06/19 20:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelFrench.dll
[2006/11/02 13:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 08:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini

========== LOP Check ==========

[2010/03/10 19:32:03 | 000,000,000 | ---D | M] -- C:\Users\imran\AppData\Roaming\Bioshock2
[2010/03/08 14:11:05 | 000,000,000 | ---D | M] -- C:\Users\imran\AppData\Roaming\Canneverbe_Limited
[2009/10/19 19:54:09 | 000,000,000 | ---D | M] -- C:\Users\imran\AppData\Roaming\DAEMON Tools Lite
[2010/03/15 23:32:31 | 000,000,000 | ---D | M] -- C:\Users\imran\AppData\Roaming\JonDo
[2010/03/02 22:19:31 | 000,000,000 | ---D | M] -- C:\Users\imran\AppData\Roaming\LimeWire
[2010/03/18 00:53:56 | 000,000,000 | ---D | M] -- C:\Users\imran\AppData\Roaming\NetStat Agent
[2010/02/24 00:58:38 | 000,000,000 | ---D | M] -- C:\Users\imran\AppData\Roaming\Samsung
[2009/11/02 00:01:59 | 000,000,000 | ---D | M] -- C:\Users\imran\AppData\Roaming\Sports Interactive
[2009/11/06 20:34:37 | 000,000,000 | ---D | M] -- C:\Users\imran\AppData\Roaming\Tropico 3
[2009/11/23 15:49:50 | 000,000,000 | ---D | M] -- C:\Users\imran\AppData\Roaming\Trusteer
[2010/05/12 12:49:21 | 000,000,000 | ---D | M] -- C:\Users\imran\AppData\Roaming\uTorrent
[2010/05/12 12:10:15 | 000,032,576 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========

========== Custom Scans ==========

< %SYSTEMDRIVE%\*.* >
[2006/09/18 22:43:36 | 000,000,024 | ---- | M] () -- C:\autoexec.bat
[2009/04/11 00:36:38 | 000,333,257 | RHS- | M] () -- C:\bootmgr
[2009/09/17 10:08:13 | 000,008,192 | R-S- | M] () -- C:\BOOTSECT.BAK
[2006/09/18 22:43:37 | 000,000,010 | ---- | M] () -- C:\config.sys
[2010/05/12 12:45:05 | 3421,822,976 | -HS- | M] () -- C:\hiberfil.sys
[2010/02/20 23:29:20 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2010/02/20 23:29:20 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2010/05/12 12:45:04 | 3735,633,920 | -HS- | M] () -- C:\pagefile.sys

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[2008/01/18 23:35:16 | 001,386,496 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\msvbvm60.dll
[2009/04/11 00:27:48 | 000,241,128 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\rsaenh.dll
[2009/04/11 00:28:24 | 000,228,352 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\SLC.dll

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\System32\config\*.sav >
[2006/11/02 11:34:05 | 000,008,192 | ---- | M] () -- C:\Windows\System32\config\COMPONENTS.SAV
[2006/11/02 11:34:05 | 000,020,480 | ---- | M] () -- C:\Windows\System32\config\DEFAULT.SAV
[2006/11/02 11:34:05 | 000,008,192 | ---- | M] () -- C:\Windows\System32\config\SECURITY.SAV
[2006/11/02 11:34:08 | 010,133,504 | ---- | M] () -- C:\Windows\System32\config\SOFTWARE.SAV
[2006/11/02 11:34:08 | 001,826,816 | ---- | M] () -- C:\Windows\System32\config\SYSTEM.SAV

< %systemroot%\system32\drivers\*.sys /90 >
[2010/02/20 21:53:34 | 000,411,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\http.sys
[2010/02/23 12:10:13 | 000,106,496 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\mrxsmb.sys
[2010/02/23 12:10:19 | 000,212,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\mrxsmb10.sys
[2010/02/23 12:10:13 | 000,079,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\mrxsmb20.sys
[2010/03/29 10:06:14 | 000,218,592 | ---- | M] (PC Tools) -- C:\Windows\System32\drivers\PCTCore.sys
[2010/04/08 14:29:32 | 000,063,360 | ---- | M] (PC Tools) -- C:\Windows\System32\drivers\pctplsg.sys
[2010/02/18 15:07:16 | 000,904,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\tcpip.sys
[2010/02/18 12:28:13 | 000,025,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\tunnel.sys

========== Alternate Data Streams ==========

@Alternate Data Stream - 194 bytes -> C:\ProgramData\TEMP:DFC5A2B2
@Alternate Data Stream - 109 bytes -> C:\ProgramData\TEMP:A8ADE5D8
< End of report >

extras:

OTL Extras logfile created on: 12/05/2010 12:54:10 - Run 1
OTL by OldTimer - Version 3.2.4.1 Folder = C:\Users\imran\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18904)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 68.00% Memory free
7.00 Gb Paging File | 5.00 Gb Available in Paging File | 83.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 172.79 Gb Total Space | 48.68 Gb Free Space | 28.17% Space Free | Partition Type: NTFS
Drive D: | 97.66 Gb Total Space | 63.59 Gb Free Space | 65.12% Space Free | Partition Type: NTFS
Drive E: | 195.31 Gb Total Space | 169.06 Gb Free Space | 86.56% Space Free | Partition Type: NTFS
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: PCSBSFN28
Current User Name: imran
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Standard
Quick Scan

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.exe [@ = exefile] -- Reg Error: Key error. File not found
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~2\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring" = 1
"" =

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0

========== Authorized Applications List ==========

========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{34E4E7EB-4462-417C-ADF2-9ECB818BC81B}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{5C5033DE-9DF8-416D-96F6-7EB3366FA02D}" = lport=2869 | protocol=6 | dir=in | app=system |
"{FBAFE4EB-C266-4139-90B4-B52C68E766DD}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0317FCFF-2011-4C40-BFD2-F4EE1CDB5D5F}" = protocol=17 | dir=in | app=e:\football manager 2010\fm.exe |
"{15CAB869-0816-47CB-B752-4241FF159C54}" = protocol=6 | dir=in | app=e:\bioshock 2\mp\builds\binaries\bioshock2.exe |
"{1F74E018-E089-4DCB-8F6E-1FB0CC95AA92}" = protocol=17 | dir=in | app=e:\neverwinter\nwupdate.exe |
"{2303C561-6962-49FE-A2DE-1AF2DC55B129}" = dir=in | app=c:\program files\windows live\messenger\wlcsdk.exe |
"{27BFF88B-D30B-49AC-AD92-B9CC85295C04}" = protocol=6 | dir=in | app=e:\dragon age\bin_ship\daorigins.exe |
"{325C1BC7-D640-49FE-AD36-6A131775DC71}" = protocol=17 | dir=in | app=e:\neverwinter\nwn2server.exe |
"{3B27EE0B-4517-4CA9-9FEF-FC108C4B91B2}" = protocol=6 | dir=in | app=e:\neverwinter\nwn2main.exe |
"{3EED71DE-F83F-4F87-AC8B-F8C56BB9F44E}" = protocol=6 | dir=in | app=e:\neverwinter\nwupdate.exe |
"{4136742C-B9B3-40C1-A39F-69A6848837C5}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{4736F21D-36E3-4C4C-AC77-6D1CF024CEE3}" = protocol=6 | dir=in | app=e:\dragon age\bin_ship\daupdatersvc.service.exe |
"{4AA598CE-9755-4276-BBAF-92354F385862}" = protocol=6 | dir=in | app=e:\neverwinter\nwn2main_amdxp.exe |
"{557AD28E-D3E0-4E93-955E-81C9E258049C}" = protocol=17 | dir=in | app=e:\dragon age\daoriginslauncher.exe |
"{5ADF3544-302F-40A3-AAA1-3154D0E31D16}" = protocol=17 | dir=in | app=e:\bioshock 2\sp\builds\binaries\bioshock2.exe |
"{69AAF2D8-0C1C-40FB-B91F-661F142F6D61}" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{6DC38F47-63FF-4C98-AD9A-BFD13F77E01E}" = protocol=17 | dir=in | app=e:\dragon age\bin_ship\daupdatersvc.service.exe |
"{82D96DC1-727E-4043-8B65-B379F97E56A1}" = protocol=6 | dir=in | app=e:\bioshock 2\sp\builds\binaries\bioshock2.exe |
"{8F89DE45-1010-4A25-8007-955791B8CA85}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{935E1C0B-BB72-4096-A72F-7E9EB7BC2F5D}" = protocol=17 | dir=in | app=e:\neverwinter\nwn2main.exe |
"{98A6E9E5-A79E-4694-B6C5-C15AAB0D1B44}" = protocol=6 | dir=in | app=e:\football manager 2010\fm.exe |
"{A793C943-020B-4205-9E7B-98E3A28D4D1D}" = protocol=17 | dir=in | app=e:\neverwinter\nwn2main_amdxp.exe |
"{A94827D6-3415-4FD9-A22B-E9B19E2E415A}" = protocol=17 | dir=in | app=e:\dragon age\bin_ship\daorigins.exe |
"{B1D2BE38-5D64-4901-9296-A0B03E31614E}" = protocol=17 | dir=in | app=e:\bioshock 2\mp\builds\binaries\bioshock2.exe |
"{B4FE47F5-1113-4249-8198-218F839B4488}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{C309DF94-B529-4D12-96C0-C64FC53601FB}" = protocol=6 | dir=in | app=e:\neverwinter\nwn2server.exe |
"{CC2181E9-DB38-48CC-BEA3-05F9804D0F2C}" = protocol=17 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.2.0.10194-to-3.2.2.10482-enus-trial-downloader.exe |
"{E8592CFB-DCC2-490D-BE21-C1A7B7909C4C}" = protocol=6 | dir=in | app=e:\dragon age\daoriginslauncher.exe |
"{F0EA2686-D130-46ED-98CC-613215053CDF}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{F1E81D6E-0E53-433D-9BF0-89D87C2387AD}" = protocol=6 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.2.0.10194-to-3.2.2.10482-enus-trial-downloader.exe |
"{FF88EDCB-D040-418F-BBEC-B1D370FC4D92}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{FF9F5263-72F1-4A36-B97E-CE66708D8B72}" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"TCP Query User{19DD460E-D6A2-4AD8-A171-FE513BC34C5B}E:\borderlands\binaries\borderlands.exe" = protocol=6 | dir=in | app=e:\borderlands\binaries\borderlands.exe |
"TCP Query User{1D608EF9-A463-47FD-9677-DB67E211F554}C:\program files\huawei technologies\huawei umts data card\3 usb modem.exe" = protocol=6 | dir=in | app=c:\program files\huawei technologies\huawei umts data card\3 usb modem.exe |
"TCP Query User{27C0DFD9-54C7-49E0-9C66-AD63C7214205}C:\users\imran\desktop\charon\charon.exe" = protocol=6 | dir=in | app=c:\users\imran\desktop\charon\charon.exe |
"TCP Query User{33FB7E06-F6EE-4551-A069-CBF0A805047D}E:\modern warfare 2\iw4mp.exe" = protocol=6 | dir=in | app=e:\modern warfare 2\iw4mp.exe |
"TCP Query User{47CDB2AC-1490-447E-8E62-FF1DCA089056}C:\users\imran\downloads\____5 ____.call.of.duty.world.at.war.v1.1.full.rip\call of duty - world at war - v1.1\codwawmp.exe" = protocol=6 | dir=in | app=c:\users\imran\downloads\____5 ____.call.of.duty.world.at.war.v1.1.full.rip\call of duty - world at war - v1.1\codwawmp.exe |
"TCP Query User{68AB04B7-5A0B-403E-99F3-17C79E71F84F}E:\garena\garena.exe" = protocol=6 | dir=in | app=e:\garena\garena.exe |
"TCP Query User{840B3937-5E9A-4DE7-9032-8BF86E7F6EE2}E:\wamp\bin\apache\apache2.2.11\bin\httpd.exe" = protocol=6 | dir=in | app=e:\wamp\bin\apache\apache2.2.11\bin\httpd.exe |
"TCP Query User{841FDBE7-99EA-4A3B-AF29-1194FE4BC269}E:\resident evil 5\re5dx9.exe" = protocol=6 | dir=in | app=e:\resident evil 5\re5dx9.exe |
"TCP Query User{98241512-0C4A-4E0E-8616-A3A06656D2B5}C:\program files\limewire\limewire.exe" = protocol=6 | dir=in | app=c:\program files\limewire\limewire.exe |
"TCP Query User{BDB05B3B-549E-4A0F-B725-0F606F065844}C:\program files\sopcast\adv\sopadver.exe" = protocol=6 | dir=in | app=c:\program files\sopcast\adv\sopadver.exe |
"TCP Query User{CC91C1A2-29C2-4B81-AAC0-2BD579C51947}C:\program files\sopcast\sopcast.exe" = protocol=6 | dir=in | app=c:\program files\sopcast\sopcast.exe |
"TCP Query User{D19AD2E0-FA60-43DF-98B8-C5B1B9D0B52F}C:\users\imran\downloads\____5 ____.call.of.duty.world.at.war.v1.1.full.rip\call of duty - world at war - v1.1\codwaw.exe" = protocol=6 | dir=in | app=c:\users\imran\downloads\____5 ____.call.of.duty.world.at.war.v1.1.full.rip\call of duty - world at war - v1.1\codwaw.exe |
"TCP Query User{E37BE160-F51E-46A9-9470-2F2A0A3DD33F}C:\programdata\kaspersky lab setup files\kaspersky anti-virus 2010 9.0.0.459\english\setup.exe" = protocol=6 | dir=in | app=c:\programdata\kaspersky lab setup files\kaspersky anti-virus 2010 9.0.0.459\english\setup.exe |
"TCP Query User{F6424259-93CC-4764-A084-58A309B3E252}E:\gta4\grand theft auto iv\gtaiv.exe" = protocol=6 | dir=in | app=e:\gta4\grand theft auto iv\gtaiv.exe |
"TCP Query User{FE049706-B108-437D-8B6A-C047282B9F0B}E:\resident evil 5\re5dx10.exe" = protocol=6 | dir=in | app=e:\resident evil 5\re5dx10.exe |
"UDP Query User{0CA68E4C-8CB5-4921-A4E8-490B976AB96A}E:\resident evil 5\re5dx9.exe" = protocol=17 | dir=in | app=e:\resident evil 5\re5dx9.exe |
"UDP Query User{3EA22EF2-992A-4EE6-9062-E12E06482393}C:\program files\huawei technologies\huawei umts data card\3 usb modem.exe" = protocol=17 | dir=in | app=c:\program files\huawei technologies\huawei umts data card\3 usb modem.exe |
"UDP Query User{4EACA00C-221E-4674-8BE7-89B6152547B6}E:\resident evil 5\re5dx10.exe" = protocol=17 | dir=in | app=e:\resident evil 5\re5dx10.exe |
"UDP Query User{7EE657EA-9448-4DE2-8AC3-EA3C7A43DE87}E:\modern warfare 2\iw4mp.exe" = protocol=17 | dir=in | app=e:\modern warfare 2\iw4mp.exe |
"UDP Query User{7F7A0500-C0D5-45F3-980A-9D9FBF66FE49}E:\garena\garena.exe" = protocol=17 | dir=in | app=e:\garena\garena.exe |
"UDP Query User{89063551-90A7-4BF6-95D5-B24AB40D3FEC}C:\users\imran\downloads\____5 ____.call.of.duty.world.at.war.v1.1.full.rip\call of duty - world at war - v1.1\codwawmp.exe" = protocol=17 | dir=in | app=c:\users\imran\downloads\____5 ____.call.of.duty.world.at.war.v1.1.full.rip\call of duty - world at war - v1.1\codwawmp.exe |
"UDP Query User{92169DB4-D574-40B4-818A-5D01ADC79C0C}E:\gta4\grand theft auto iv\gtaiv.exe" = protocol=17 | dir=in | app=e:\gta4\grand theft auto iv\gtaiv.exe |
"UDP Query User{B4ACF157-A5F7-449C-B363-23C0FE7F3D65}C:\users\imran\desktop\charon\charon.exe" = protocol=17 | dir=in | app=c:\users\imran\desktop\charon\charon.exe |
"UDP Query User{BBAC8916-8F1A-4AEE-BA91-B4A90C4F9CBA}E:\wamp\bin\apache\apache2.2.11\bin\httpd.exe" = protocol=17 | dir=in | app=e:\wamp\bin\apache\apache2.2.11\bin\httpd.exe |
"UDP Query User{C7DB56E8-A4E9-4F80-B25E-7C575720F459}C:\programdata\kaspersky lab setup files\kaspersky anti-virus 2010 9.0.0.459\english\setup.exe" = protocol=17 | dir=in | app=c:\programdata\kaspersky lab setup files\kaspersky anti-virus 2010 9.0.0.459\english\setup.exe |
"UDP Query User{CA3DDA28-B513-4C79-BB62-32B4CE4DA4DE}C:\users\imran\downloads\____5 ____.call.of.duty.world.at.war.v1.1.full.rip\call of duty - world at war - v1.1\codwaw.exe" = protocol=17 | dir=in | app=c:\users\imran\downloads\____5 ____.call.of.duty.world.at.war.v1.1.full.rip\call of duty - world at war - v1.1\codwaw.exe |
"UDP Query User{CB04A817-67DA-4098-B109-F485A1BE1B59}C:\program files\limewire\limewire.exe" = protocol=17 | dir=in | app=c:\program files\limewire\limewire.exe |
"UDP Query User{F0579476-BCC0-49EB-BA4F-8903AA354ABD}C:\program files\sopcast\sopcast.exe" = protocol=17 | dir=in | app=c:\program files\sopcast\sopcast.exe |
"UDP Query User{F6942838-7849-4190-B33E-2D8068D65A64}C:\program files\sopcast\adv\sopadver.exe" = protocol=17 | dir=in | app=c:\program files\sopcast\adv\sopadver.exe |
"UDP Query User{FE794E47-C86B-44F5-96BA-7E56FF9DA096}E:\borderlands\binaries\borderlands.exe" = protocol=17 | dir=in | app=e:\borderlands\binaries\borderlands.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{00C5F4F4-62F9-40D7-8000-AD8A9CD0C669}" = Microsoft Games for Windows - LIVE Redistributable
"{1B0098FF-1816-4F42-8203-FA29F5735596}" = Samsung PC Studio 3
"{1DD81E7D-0D28-4CEB-87B2-C041A4FCB215}" = Rapport
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26A24AE4-039D-4CA4-87B4-2F83216016FF}" = Java™ 6 Update 16
"{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{45338B07-A236-4270-9A77-EBB4115517B5}" = Windows Live Sign-in Assistant
"{4A8B461A-9336-4CF9-98F4-14DD38E673F0}" = BioShock 2
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{81128EE8-8EAD-4DB0-85C6-17C2CE50FF71}" = Windows Live Essentials
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8169 8168 8101E 8102E Ethernet Driver
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISE_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_ENTERPRISE_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{943B6738-4801-4982-90EC-0442EF7AEB16}" = Kaspersky Anti-Virus 2010
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A1C962E2-2426-49C6-A38B-9A07E40D607C}" = Microsoft Games for Windows - LIVE
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A85FD55B-891B-4314-97A5-EA96C0BD80B5}" = Windows Live Messenger
"{AC76BA86-7AD7-1033-7B44-A91000000001}" = Adobe Reader 9.1
"{AEC81925-9C76-4707-84A9-40696C613ED3}" = Dragon Age: Origins
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{C4A4722E-79F9-417C-BD72-8D359A090C97}" = Samsung PC Studio 3
"{C5C1C0F0-D62F-4DBF-81D4-D7EF397C228B}" = NVIDIA PhysX
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D4E5A687-797D-44B1-8F96-4FD7A24166A9}" = DEVIL MAY CRY 4
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F6BD194C-4190-4D73-B1B1-C48C99921BFE}" = Windows Live Call
"{FAB1F336-1B7C-4057-A7BC-2922CD82A781}" = Ralink Wireless LAN
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Browser Defender_is1" = Browser Defender 2.0.6.15
"btmgtefcdlrlvt" = Performance Solution Hotrevenue
"ENTERPRISE" = Microsoft Office Enterprise 2007
"ERUNT_is1" = ERUNT 1.1j
"ezLife" = ezLife browser enhancer
"Football Manager 2010" = Football Manager 2010
"InstallWIX_{943B6738-4801-4982-90EC-0442EF7AEB16}" = Kaspersky Anti-Virus 2010
"LimeWire" = LimeWire 4.12.3
"Messenger Plus! Live" = Messenger Plus! Live
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.6.3)" = Mozilla Firefox (3.6.3)
"Nero - Burning Rom!UninstallKey" = Nero OEM
"NVIDIA Drivers" = NVIDIA Drivers
"Rapport_msi" = Rapport
"SAMSUNG Mobile Modem" = SAMSUNG Mobile Modem Driver Set
"Samsung Mobile phone USB driver" = Samsung Mobile phone USB driver Software
"SAMSUNG Mobile USB Modem" = SAMSUNG Mobile USB Modem Software
"SAMSUNG Mobile USB Modem 1.0" = SAMSUNG Mobile USB Modem 1.0 Software
"SopCast" = SopCast 3.2.4
"Spyware Doctor" = Spyware Doctor 7.0
"uTorrent" = µTorrent
"VLC media player" = VLC media player 1.0.3
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR archiver

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 12/05/2010 07:47:49 | Computer Name = PCSBSfn28 | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =

Error - 12/05/2010 07:47:49 | Computer Name = PCSBSfn28 | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =

Error - 12/05/2010 07:48:39 | Computer Name = PCSBSfn28 | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =

Error - 12/05/2010 07:48:39 | Computer Name = PCSBSfn28 | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =

Error - 12/05/2010 07:48:58 | Computer Name = PCSBSfn28 | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =

Error - 12/05/2010 07:51:23 | Computer Name = PCSBSfn28 | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =

Error - 12/05/2010 07:51:23 | Computer Name = PCSBSfn28 | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =

Error - 12/05/2010 07:51:35 | Computer Name = PCSBSfn28 | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =

Error - 12/05/2010 07:51:35 | Computer Name = PCSBSfn28 | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =

Error - 12/05/2010 07:58:37 | Computer Name = PCSBSfn28 | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =

[ OSession Events ]
Error - 13/11/2009 05:34:06 | Computer Name = PCSBSfn28 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application
Version: 12.0.6500.5000, Microsoft Office Version: 12.0.6425.1000. This session
lasted 4749 seconds with 480 seconds of active time. This session ended with a
crash.

[ System Events ]
Error - 12/05/2010 07:08:38 | Computer Name = PCSBSfn28 | Source = Service Control Manager | ID = 7009
Description =

Error - 12/05/2010 07:08:38 | Computer Name = PCSBSfn28 | Source = Service Control Manager | ID = 7000
Description =

Error - 12/05/2010 07:20:35 | Computer Name = PCSBSfn28 | Source = Microsoft-Windows-Kernel-Processor-Power | ID = 6
Description =

Error - 12/05/2010 07:22:18 | Computer Name = PCSBSfn28 | Source = Service Control Manager | ID = 7026
Description =

Error - 12/05/2010 07:37:37 | Computer Name = PCSBSfn28 | Source = Microsoft-Windows-Kernel-Processor-Power | ID = 6
Description =

Error - 12/05/2010 07:37:51 | Computer Name = PCSBSfn28 | Source = EventLog | ID = 6008
Description = The previous system shutdown at 12:36:17 on 12/05/2010 was unexpected.

Error - 12/05/2010 07:40:30 | Computer Name = PCSBSfn28 | Source = Service Control Manager | ID = 7026
Description =

Error - 12/05/2010 07:44:58 | Computer Name = PCSBSfn28 | Source = Microsoft-Windows-Kernel-Processor-Power | ID = 6
Description =

Error - 12/05/2010 07:45:14 | Computer Name = PCSBSfn28 | Source = EventLog | ID = 6008
Description = The previous system shutdown at 12:43:51 on 12/05/2010 was unexpected.

Error - 12/05/2010 07:46:45 | Computer Name = PCSBSfn28 | Source = Service Control Manager | ID = 7026
Description =

Ive run the TFC cleaner sucessfully but i wasnt able to run the GMER because my computer kept going to the blue screen of death, with the memory dumping. Hope this helps. ty

HUER:trojan.script.iframer and trojan.win32.fraudpack.amcd [Closed]

#1
venom786

Posted 12 May 2010 - 12:50 PM

Advertisements

#2
emeraldnzl

Posted 13 May 2010 - 01:32 AM

#3
emeraldnzl

Posted 26 May 2010 - 01:17 AM

Similar Topics

0 user(s) are reading this topic

As Featured On:

Forums

Downloads

Members

Connect With Us

HUER:trojan.script.iframer and trojan.win32.fraudpack.amcd [Closed]

#1 venom786 Posted 12 May 2010 - 12:50 PM

Advertisements

#2 emeraldnzl Posted 13 May 2010 - 01:32 AM

#3 emeraldnzl Posted 26 May 2010 - 01:17 AM

Similar Topics

0 user(s) are reading this topic

As Featured On:

Forums

Downloads

Members

Connect With Us

Sign In

#1
venom786

Posted 12 May 2010 - 12:50 PM

#2
emeraldnzl

Posted 13 May 2010 - 01:32 AM

#3
emeraldnzl

Posted 26 May 2010 - 01:17 AM