Hi,
I ran GMER and it said no changes found. There was no log generated. However, I saw the screenshot of how the GMER settings should look like. And in my case, only the checkboxes which you have mentioned were active (Services, registry, c:, ADS). All other checkboxes (System, IAT, Sections etc) were inactive and unchecked. Show all was unchecked and inactive.
The OTL logs are as below:
Thanks!
-------OTL.txt-----------
OTL logfile created on: 10/27/2010 10:15:52 AM - Run 1
OTL by OldTimer - Version 3.2.17.1 Folder = C:\Users\Sandeep\Desktop
64bit- Home Basic Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: India | Language: ENN | Date Format: dd-MM-yyyy
3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 64.00% Memory free
6.00 Gb Paging File | 5.00 Gb Available in Paging File | 80.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 144.23 Gb Total Space | 56.55 Gb Free Space | 39.20% Space Free | Partition Type: NTFS
Drive E: | 71.07 Gb Total Space | 48.02 Gb Free Space | 67.58% Space Free | Partition Type: NTFS
Drive F: | 71.07 Gb Total Space | 70.93 Gb Free Space | 99.81% Space Free | Partition Type: NTFS
Computer Name: SANDEEP-LAPPY | User Name: Sandeep | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ========== PRC - C:\Users\Sandeep\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Alwil Software\Avast5\AvastUI.exe (AVAST Software)
PRC - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (AVAST Software)
PRC - C:\Program Files (x86)\Toshiba\ConfigFree\NDSTray.exe (TOSHIBA CORPORATION)
PRC - C:\Program Files (x86)\Toshiba\ConfigFree\CFSwMgr.exe (TOSHIBA CORPORATION)
PRC - C:\Program Files (x86)\Toshiba\ConfigFree\CFSvcs.exe (TOSHIBA CORPORATION)
PRC - C:\Program Files (x86)\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe (Microsoft Corporation)
PRC - C:\Program Files (x86)\sugarcrm-6.0.1\mysql\bin\mysqld.exe ()
PRC - C:\Program Files (x86)\sugarcrm-6.0.1\apache2\bin\Apache.exe (Apache Software Foundation)
PRC - C:\Users\Sandeep\AppData\Roaming\Google\Google Talk\googletalk.exe (Google)
========== Modules (SafeList) ========== MOD - C:\Users\Sandeep\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\Windows\winsxs\x86_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.4053_none_d1c738ec43578ea1\ATL80.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\normaliz.dll (Microsoft Corporation)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll (Microsoft Corporation)
MOD - C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4927_none_d08a205e442db5b5\msvcr80.dll (Microsoft Corporation)
========== Win32 Services (SafeList) ========== SRV:
64bit: - (avast! Web Scanner) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (AVAST Software)
SRV:
64bit: - (avast! Mail Scanner) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (AVAST Software)
SRV:
64bit: - (avast! Antivirus) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (AVAST Software)
SRV:
64bit: - (TOSHIBA HDD SSD Alert Service) -- C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe (TOSHIBA Corporation)
SRV:
64bit: - (TosCoSrv) -- C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe (TOSHIBA Corporation)
SRV:
64bit: - (TODDSrv) -- C:\Windows\SysNative\TODDSrv.exe (TOSHIBA Corporation)
SRV:
64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (cfWiMAXService) -- C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe (TOSHIBA CORPORATION)
SRV - (TMachInfo) -- C:\Program Files (x86)\Toshiba\TOSHIBA Service Station\TMachInfo.exe (TOSHIBA Corporation)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (ConfigFree Service) -- C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe (TOSHIBA CORPORATION)
SRV - (BcmSqlStartupSvc) -- C:\Program Files (x86)\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe (Microsoft Corporation)
SRV - (sugarMysql) -- C:\Program Files (x86)\sugarcrm-6.0.1\mysql\bin\mysqld.exe ()
SRV - (sugarApache) -- C:\Program Files (x86)\sugarcrm-6.0.1\apache2\bin\Apache.exe (Apache Software Foundation)
========== Driver Services (SafeList) ========== DRV:
64bit: - (aswMonFlt) -- C:\Windows\SysNative\drivers\aswMonFlt.sys (AVAST Software)
DRV:
64bit: - (CnxtHdAudService) -- C:\Windows\SysNative\drivers\CHDRT64.sys (Conexant Systems Inc.)
DRV:
64bit: - (SynTP) -- C:\Windows\SysNative\drivers\SynTP.sys (Synaptics Incorporated)
DRV:
64bit: - (tos_sps64) -- C:\Windows\SysNative\drivers\tos_sps64.sys (TOSHIBA Corporation)
DRV:
64bit: - (L1C) -- C:\Windows\SysNative\drivers\L1C62x64.sys (Atheros Communications, Inc.)
DRV:
64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)
DRV:
64bit: - (RSUSBSTOR) -- C:\Windows\SysNative\drivers\RtsUStor.sys (Realtek Semiconductor Corp.)
DRV:
64bit: - (athr) -- C:\Windows\SysNative\drivers\athrx.sys (Atheros Communications, Inc.)
DRV:
64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)
DRV:
64bit: - (tdcmdpst) -- C:\Windows\SysNative\drivers\tdcmdpst.sys (TOSHIBA Corporation.)
DRV:
64bit: - (TVALZ) -- C:\Windows\SysNative\drivers\TVALZ_O.SYS (TOSHIBA Corporation)
DRV:
64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:
64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:
64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:
64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:
64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:
64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:
64bit: - (ROOTMODEM) -- C:\Windows\SysNative\drivers\rootmdm.sys (Microsoft Corporation)
DRV:
64bit: - (FwLnk) -- C:\Windows\SysNative\drivers\FwLnk.sys (TOSHIBA Corporation)
DRV:
64bit: - (PGEffect) -- C:\Windows\SysNative\drivers\PGEffect.sys (TOSHIBA Corporation)
DRV:
64bit: - (Ntfs) -- C:\Windows\SysNative\wbem\ntfs.mof ()
DRV:
64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:
64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:
64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:
64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:
64bit: - (RimVSerPort) -- C:\Windows\SysNative\drivers\RimSerial_AMD64.sys (Research in Motion Ltd)
DRV:
64bit: - (RimUsb) -- C:\Windows\SysNative\drivers\RimUsb_AMD64.sys (Research In Motion Limited)
========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-4093001165-512480850-3753344430-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://toshiba.msn.comIE - HKU\S-1-5-21-4093001165-512480850-3753344430-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\S-1-5-21-4093001165-512480850-3753344430-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ========== FF - prefs.js..browser.startup.homepage: ""
FF - prefs.js..network.proxy.type: 4
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.10\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2010/09/16 10:15:10 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.10\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2010/10/11 15:25:12 | 000,000,000 | ---D | M]
[2010/07/17 12:50:23 | 000,000,000 | ---D | M] -- C:\Users\Sandeep\AppData\Roaming\Mozilla\Extensions
[2010/09/14 12:59:36 | 000,000,000 | ---D | M] -- C:\Users\Sandeep\AppData\Roaming\Mozilla\Firefox\Profiles\1nnp2c5c.default\extensions
[2010/07/17 12:50:11 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Firefox\extensions
O1 HOSTS File: ([2009/06/10 16:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (TOSHIBA Media Controller Plug-in) - {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\Toshiba\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll (<TOSHIBA>)
O3:
64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:
64bit: - HKLM..\Run: [] File not found
O4:
64bit: - HKLM..\Run: [00TCrdMain] C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe (TOSHIBA Corporation)
O4:
64bit: - HKLM..\Run: [cAudioFilterAgent] C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent64.exe (Conexant Systems, Inc.)
O4:
64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:
64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:
64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:
64bit: - HKLM..\Run: [SmartAudio] C:\Program Files\CONEXANT\SAII\SAIICpl.exe ()
O4:
64bit: - HKLM..\Run: [SmartFaceVWatcher] C:\Program Files\TOSHIBA\SmartFaceV\SmartFaceVWatcher.exe (TOSHIBA Corporation)
O4:
64bit: - HKLM..\Run: [SmoothView] C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe (TOSHIBA Corporation)
O4:
64bit: - HKLM..\Run: [TosNC] C:\Program Files\TOSHIBA\BulletinBoard\TosNcCore.exe (TOSHIBA Corporation)
O4:
64bit: - HKLM..\Run: [TosSENotify] C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe (TOSHIBA Corporation)
O4:
64bit: - HKLM..\Run: [TosVolRegulator] C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe (TOSHIBA Corporation)
O4:
64bit: - HKLM..\Run: [TPwrMain] C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-4093001165-512480850-3753344430-1004..\Run: [googletalk] C:\Users\Sandeep\AppData\Roaming\Google\Google Talk\googletalk.exe (Google)
O4 - HKU\S-1-5-21-4093001165-512480850-3753344430-1004..\Run: [mstsasks] C:\Users\Sandeep\AppData\Local\Temp\MigAfmon.DLL ()
O4 - HKU\S-1-5-21-4093001165-512480850-3753344430-1004..\Run: [Tcejeqoharusane] C:\Users\Sandeep\AppData\Local\psemdkri.DLL (Progressive Networks)
O4 - HKU\S-1-5-21-4093001165-512480850-3753344430-1004..\Run: [Vpuwixoxi] C:\Users\Sandeep\AppData\Local\ovujadanapiqif.DLL (Ask.com)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\windows\SysWow64\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\windows\SysWow64\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000}
https://fpdownload.m...ash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.5 205.152.132.23 172.16.32.10 65.106.1.196 65.106.7.196
O18:
64bit: - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - Reg Error: Key error. File not found
O18:
64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:
64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:
64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:
64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18:
64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:
64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20:
64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:
64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKU\S-1-5-21-4093001165-512480850-3753344430-1004 Winlogon: Shell - (C:\Users\Sandeep\AppData\Roaming\hotfix.exe) - C:\Users\Sandeep\AppData\Roaming\hotfix.exe File not found
O20:
64bit: - Winlogon\Notify\igfxcui: DllName - Reg Error: Key error. - C:\windows\SysNative\igfxdev.dll (Intel Corporation)
O21:
64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:
64bit: - HKLM\..comfile [open] -- "%1" %*
O35:
64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:
64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:
64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
Drivers32:
64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\windows\SysWow64\iccvid.dll (Radius Inc.)
MsConfig:64bit - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Acrobat Speed Launcher.lnk - C:\windows\Installer\{AC76BA86-1033-0000-7760-000000000002}\SC_Acrobat.exe - File not found
MsConfig:64bit - StartUpReg:
Acrobat Assistant 7.0 - hkey= - key= - C:\Program Files (x86)\Adobe\Acrobat 7.0\Distillr\Acrotray.exe File not found
MsConfig:64bit - StartUpReg:
Adobe ARM - hkey= - key= - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
MsConfig:64bit - StartUpReg:
Adobe Reader Speed Launcher - hkey= - key= - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
MsConfig:64bit - StartUpReg:
MPlayerForWindows_UpdateReminder - hkey= - key= - C:\Program Files (x86)\MPlayer for Windows\AutoUpdate.exe ()
MsConfig:64bit - StartUpReg:
TosReelTimeMonitor - hkey= - key= - C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe (TOSHIBA Corporation)
MsConfig:64bit - StartUpReg:
TWebCamera - hkey= - key= - C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe (TOSHIBA CORPORATION.)
MsConfig:64bit - State: "startup" - Reg Error: Key error.
SafeBootMin:
64bit: AppMgmt - Service
SafeBootMin:
64bit: Base - Driver Group
SafeBootMin:
64bit: Boot Bus Extender - Driver Group
SafeBootMin:
64bit: Boot file system - Driver Group
SafeBootMin:
64bit: File system - Driver Group
SafeBootMin:
64bit: Filter - Driver Group
SafeBootMin:
64bit: HelpSvc - Service
SafeBootMin:
64bit: PCI Configuration - Driver Group
SafeBootMin:
64bit: PNP Filter - Driver Group
SafeBootMin:
64bit: Primary disk - Driver Group
SafeBootMin:
64bit: sacsvr - Service
SafeBootMin:
64bit: SCSI Class - Driver Group
SafeBootMin:
64bit: System Bus Extender - Driver Group
SafeBootMin:
64bit: vmms - Service
SafeBootMin:
64bit: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootMin:
64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin:
64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin:
64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin:
64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin:
64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin:
64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin:
64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin:
64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin:
64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin:
64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin:
64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin:
64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin:
64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin:
64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin:
64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin:
64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin:
64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootMin: AppMgmt - Service
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vmms - Service
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootNet:
64bit: AppMgmt - Service
SafeBootNet:
64bit: Base - Driver Group
SafeBootNet:
64bit: Boot Bus Extender - Driver Group
SafeBootNet:
64bit: Boot file system - Driver Group
SafeBootNet:
64bit: File system - Driver Group
SafeBootNet:
64bit: Filter - Driver Group
SafeBootNet:
64bit: HelpSvc - Service
SafeBootNet:
64bit: NDIS Wrapper - Driver Group
SafeBootNet:
64bit: NetBIOSGroup - Driver Group
SafeBootNet:
64bit: NetDDEGroup - Driver Group
SafeBootNet:
64bit: Network - Driver Group
SafeBootNet:
64bit: NetworkProvider - Driver Group
SafeBootNet:
64bit: PCI Configuration - Driver Group
SafeBootNet:
64bit: PNP Filter - Driver Group
SafeBootNet:
64bit: PNP_TDI - Driver Group
SafeBootNet:
64bit: Primary disk - Driver Group
SafeBootNet:
64bit: rdsessmgr - Service
SafeBootNet:
64bit: sacsvr - Service
SafeBootNet:
64bit: SCSI Class - Driver Group
SafeBootNet:
64bit: Streams Drivers - Driver Group
SafeBootNet:
64bit: System Bus Extender - Driver Group
SafeBootNet:
64bit: TDI - Driver Group
SafeBootNet:
64bit: vmms - Service
SafeBootNet:
64bit: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootNet:
64bit: WudfUsbccidDriver - Driver
SafeBootNet:
64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet:
64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet:
64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet:
64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet:
64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet:
64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet:
64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet:
64bit: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet:
64bit: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet:
64bit: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet:
64bit: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet:
64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet:
64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet:
64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet:
64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet:
64bit: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet:
64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet:
64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet:
64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet:
64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet:
64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet:
64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootNet: AppMgmt - Service
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vmms - Service
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
ActiveX:
64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX:
64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX:
64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX:
64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX:
64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX:
64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX:
64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX:
64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX:
64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX:
64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX:
64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX:
64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX:
64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX:
64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings
ActiveX:
64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX:
64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX:
64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX:
64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX:
64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX:
64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework
ActiveX:
64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX:
64bit: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig
ActiveX:
64bit: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {59C1C5DA-C66B-4ED9-1E24-A789B564A463} - Microsoft Windows Media Player 12.0
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\SysWOW64\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\SysWOW64\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\iedkcs32.dll",BrandIEActiveSetup SIGNUP
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
========== Files/Folders - Created Within 30 Days ========== [2010/10/27 09:52:25 | 000,000,000 | ---D | C] -- C:\Users\Sandeep\Desktop\gmer
[2010/10/27 09:49:08 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Users\Sandeep\Desktop\OTL.exe
[2010/10/26 09:11:45 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP
[2010/10/26 09:00:50 | 000,000,000 | ---D | C] -- C:\Users\Sandeep\AppData\Local\{25404CD8-D127-46AB-9176-C0295864F05B}
[2010/10/25 21:30:53 | 000,000,000 | ---D | C] -- C:\Users\Sandeep\AppData\Local\CrashDumps
[2010/10/24 23:08:55 | 000,000,000 | ---D | C] -- C:\Users\Sandeep\Desktop\Final Strat 2011
[2010/10/11 14:25:25 | 000,000,000 | ---D | C] -- C:\Users\Sandeep\AppData\Roaming\DivX
[2010/10/11 14:25:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\PX Storage Engine
[2010/10/11 14:25:13 | 000,000,000 | ---D | C] -- C:\Program Files\DivX
[2010/10/11 14:24:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DivX
[2010/10/11 14:23:54 | 000,000,000 | ---D | C] -- C:\ProgramData\DivX
[2010/10/10 21:46:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2010/10/09 01:43:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe
[2010/10/05 02:23:06 | 000,000,000 | --SD | C] -- C:\Users\Sandeep\Documents\My Data Sources
[2010/09/29 10:46:58 | 000,000,000 | ---D | C] -- C:\Users\Sandeep\AppData\Roaming\skypePM
[2010/09/29 09:55:56 | 000,000,000 | ---D | C] -- C:\Users\Sandeep\AppData\Roaming\Skype
[2010/09/29 09:55:46 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype
[2010/09/29 09:55:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype
[2009/07/13 18:24:58 | 000,187,904 | ---- | C] (Ask.com) -- C:\Users\Sandeep\AppData\Local\ovujadanapiqif.dll
[2009/07/13 18:24:58 | 000,082,432 | ---- | C] (Progressive Networks) -- C:\Users\Sandeep\AppData\Local\psemdkri.dll
========== Files - Modified Within 30 Days ========== [2010/10/27 09:49:12 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Sandeep\Desktop\OTL.exe
[2010/10/27 09:48:53 | 000,286,404 | ---- | M] () -- C:\Users\Sandeep\Desktop\gmer.zip
[2010/10/27 09:38:38 | 000,110,548 | ---- | M] () -- C:\Users\Sandeep\Desktop\18 mm new.xlsx
[2010/10/27 09:19:02 | 000,000,916 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-4093001165-512480850-3753344430-1004UA.job
[2010/10/27 09:17:11 | 000,014,320 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2010/10/27 09:17:11 | 000,014,320 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2010/10/27 09:10:23 | 000,000,120 | ---- | M] () -- C:\Users\Sandeep\AppData\Local\Etopurupo.dat
[2010/10/27 09:10:13 | 000,000,000 | ---- | M] () -- C:\Users\Sandeep\AppData\Local\Ykavaga.bin
[2010/10/27 09:09:44 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2010/10/27 09:09:39 | 2312,085,504 | -HS- | M] () -- C:\hiberfil.sys
[2010/10/26 12:02:27 | 000,123,267 | ---- | M] () -- C:\Users\Sandeep\Desktop\RAHUL SUKESAN CVx.pdf
[2010/10/26 11:43:33 | 000,468,480 | ---- | M] () -- C:\Users\Sandeep\Desktop\Business Overview_eMids.doc
[2010/10/26 11:25:16 | 000,966,744 | ---- | M] () -- C:\windows\SysNative\PerfStringBackup.INI
[2010/10/26 11:25:16 | 000,800,390 | ---- | M] () -- C:\windows\SysNative\perfh009.dat
[2010/10/26 11:25:16 | 000,174,056 | ---- | M] () -- C:\windows\SysNative\perfc009.dat
[2010/10/26 08:58:51 | 000,000,006 | ---- | M] () -- C:\Users\Sandeep\AppData\Roaming\start
[2010/10/26 08:57:40 | 000,000,006 | ---- | M] () -- C:\Users\Sandeep\AppData\Roaming\completescan
[2010/10/25 21:34:12 | 000,000,010 | ---- | M] () -- C:\Users\Sandeep\AppData\Roaming\install
[2010/10/25 09:12:26 | 000,358,171 | ---- | M] () -- C:\Users\Sandeep\Desktop\TOR for the kNOw MORE Wheeze Campaign.pdf
[2010/10/25 08:19:00 | 000,000,864 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-4093001165-512480850-3753344430-1004Core.job
[2010/10/13 08:13:55 | 000,013,700 | ---- | M] () -- C:\Users\Sandeep\Desktop\to do.xlsx
[2010/10/05 05:08:29 | 000,025,494 | ---- | M] () -- C:\Users\Sandeep\Desktop\Incentive Tracking Sep 30 2010.xlsx
[2010/09/29 10:46:58 | 000,000,056 | -H-- | M] () -- C:\ProgramData\ezsidmv.dat
========== Files Created - No Company Name ========== [2010/10/27 09:48:50 | 000,286,404 | ---- | C] () -- C:\Users\Sandeep\Desktop\gmer.zip
[2010/10/26 16:55:34 | 000,110,548 | ---- | C] () -- C:\Users\Sandeep\Desktop\18 mm new.xlsx
[2010/10/26 12:02:24 | 000,123,267 | ---- | C] () -- C:\Users\Sandeep\Desktop\RAHUL SUKESAN CVx.pdf
[2010/10/26 11:41:32 | 000,468,480 | ---- | C] () -- C:\Users\Sandeep\Desktop\Business Overview_eMids.doc
[2010/10/26 09:00:52 | 000,000,000 | ---- | C] () -- C:\Users\Sandeep\AppData\Local\Ykavaga.bin
[2010/10/26 09:00:51 | 000,000,120 | ---- | C] () -- C:\Users\Sandeep\AppData\Local\Etopurupo.dat
[2010/10/26 08:58:51 | 000,000,006 | ---- | C] () -- C:\Users\Sandeep\AppData\Roaming\start
[2010/10/26 08:57:40 | 000,000,006 | ---- | C] () -- C:\Users\Sandeep\AppData\Roaming\completescan
[2010/10/25 21:34:12 | 000,000,010 | ---- | C] () -- C:\Users\Sandeep\AppData\Roaming\install
[2010/10/25 09:12:25 | 000,358,171 | ---- | C] () -- C:\Users\Sandeep\Desktop\TOR for the kNOw MORE Wheeze Campaign.pdf
[2010/09/29 10:46:58 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010/08/13 03:35:33 | 000,000,539 | ---- | C] () -- C:\Users\Sandeep\AppData\Roaming\Rim.Desktop.Exception.log
[2010/08/13 01:26:38 | 000,000,807 | ---- | C] () -- C:\Users\Sandeep\AppData\Roaming\Rim.Desktop.HttpServerSetup.log
[2010/07/19 01:06:22 | 000,003,584 | ---- | C] () -- C:\Users\Sandeep\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/07/18 00:31:23 | 000,925,512 | ---- | C] () -- C:\windows\SysWow64\PerfStringBackup.INI
[2010/07/18 00:07:50 | 000,000,000 | ---- | C] () -- C:\windows\NDSTray.INI
[2010/02/20 10:27:36 | 000,208,896 | ---- | C] () -- C:\windows\SysWow64\iglhsip32.dll
[2010/02/20 10:27:36 | 000,143,360 | ---- | C] () -- C:\windows\SysWow64\iglhcp32.dll
[2009/07/13 18:42:10 | 000,064,000 | ---- | C] () -- C:\windows\SysWow64\BWContextHandler.dll
[2009/07/13 16:03:59 | 000,364,544 | ---- | C] () -- C:\windows\SysWow64\msjetoledb40.dll
========== LOP Check ========== [2010/08/17 14:07:18 | 000,000,000 | ---D | M] -- C:\Users\Sandeep\AppData\Roaming\BitTorrent
[2010/08/13 03:35:41 | 000,000,000 | ---D | M] -- C:\Users\Sandeep\AppData\Roaming\Research In Motion
[2010/07/17 12:34:05 | 000,000,000 | ---D | M] -- C:\Users\Sandeep\AppData\Roaming\Toshiba
[2010/07/26 11:00:12 | 000,000,000 | ---D | M] -- C:\Users\Sandeep\AppData\Roaming\webex
[2010/10/09 01:41:54 | 000,032,620 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ========== ========== Custom Scans ========== < %SYSTEMDRIVE%\*.* >[2009/07/13 20:38:58 | 000,383,562 | RHS- | M] () -- C:\bootmgr
[2010/04/20 23:38:46 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK
[2010/10/27 09:09:39 | 2312,085,504 | -HS- | M] () -- C:\hiberfil.sys
[2010/10/27 09:09:43 | 3082,780,672 | -HS- | M] () -- C:\pagefile.sys
< %systemroot%\Fonts\*.com >[2009/07/14 00:32:31 | 000,026,040 | ---- | M] () -- C:\windows\Fonts\GlobalMonospace.CompositeFont
[2009/07/14 00:32:31 | 000,026,489 | ---- | M] () -- C:\windows\Fonts\GlobalSansSerif.CompositeFont
[2009/07/14 00:32:31 | 000,029,779 | ---- | M] () -- C:\windows\Fonts\GlobalSerif.CompositeFont
[2009/07/14 00:32:31 | 000,043,318 | ---- | M] () -- C:\windows\Fonts\GlobalUserInterface.CompositeFont
< %systemroot%\Fonts\*.dll > < %systemroot%\Fonts\*.ini >[2009/06/10 15:49:50 | 000,000,065 | ---- | M] () -- C:\windows\Fonts\desktop.ini
< %systemroot%\Fonts\*.ini2 > < %systemroot%\Fonts\*.exe > < %systemroot%\system32\spool\prtprocs\w32x86\*.* > < %systemroot%\REPAIR\*.bak1 > < %systemroot%\REPAIR\*.ini > < %systemroot%\system32\*.jpg > < %systemroot%\*.jpg > < %systemroot%\*.png > < %systemroot%\*.scr >[2010/09/07 10:12:17 | 000,038,848 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr
[2009/07/10 14:15:46 | 000,306,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\WLXPGSS.SCR
< %systemroot%\*._sy > < %APPDATA%\Adobe\Update\*.* > < %ALLUSERSPROFILE%\Favorites\*.* > < %APPDATA%\Microsoft\*.* > < %PROGRAMFILES%\*.* >[2009/07/13 23:54:24 | 000,000,174 | -HS- | M] () -- C:\Program Files (x86)\desktop.ini
< %APPDATA%\Update\*.* > < %systemroot%\*. /mp /s > < %systemroot%\System32\config\*.sav > < %PROGRAMFILES%\bak. /s > < %systemroot%\system32\bak. /s > < %ALLUSERSPROFILE%\Start Menu\*.lnk /x > < %systemroot%\system32\config\systemprofile\*.dat /x > < %systemroot%\*.config > < %systemroot%\system32\*.db > < %APPDATA%\Microsoft\Internet Explorer\Quick Launch\*.lnk /x >[2010/07/17 12:23:25 | 000,000,221 | -HS- | M] () -- C:\Users\Sandeep\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\desktop.ini
< %USERPROFILE%\Desktop\*.exe >[2010/10/27 09:49:12 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Sandeep\Desktop\OTL.exe
< %PROGRAMFILES%\Common Files\*.* > < %systemroot%\*.src > < %systemroot%\install\*.* > < %systemroot%\system32\DLL\*.* > < %systemroot%\system32\HelpFiles\*.* > < %systemroot%\system32\rundll\*.* > < %systemroot%\winn32\*.* > < %systemroot%\Java\*.* > < %systemroot%\system32\test\*.* > < %systemroot%\system32\Rundll32\*.* > < %systemroot%\AppPatch\Custom\*.* > < %APPDATA%\Roaming\Microsoft\Windows\Recent\*.lnk /x > < %PROGRAMFILES%\PC-Doctor\Downloads\*.* > < %PROGRAMFILES%\Internet Explorer\*.tmp > < %PROGRAMFILES%\Internet Explorer\*.dat > < %USERPROFILE%\My Documents\*.exe > < %USERPROFILE%\*.exe > < %systemroot%\ADDINS\*.* >[2009/06/10 16:20:04 | 000,000,802 | ---- | M] () -- C:\Windows\addins\FXSEXT.ecf
< %systemroot%\assembly\*.bak2 > < %systemroot%\Config\*.* > < %systemroot%\REPAIR\*.bak2 > < %systemroot%\SECURITY\Database\*.sdb /x > < %systemroot%\SYSTEM\*.bak2 > < %systemroot%\Web\*.bak2 > < %systemroot%\Driver Cache\*.* > < %PROGRAMFILES%\Mozilla Firefox\0*.exe > < %ProgramFiles%\Microsoft Common\*.* > < %ProgramFiles%\TinyProxy. > < %USERPROFILE%\Favorites\*.url /x >[2010/07/17 12:18:59 | 000,000,402 | -HS- | M] () -- C:\Users\Sandeep\Favorites\desktop.ini
< %systemroot%\system32\*.bk > < %systemroot%\*.te > < %systemroot%\system32\system32\*.* > < %ALLUSERSPROFILE%\*.dat /x > < %systemroot%\system32\drivers\*.rmv > < dir /b "%systemroot%\system32\*.exe" | find /i " " /c > < dir /b "%systemroot%\*.exe" | find /i " " /c > < %PROGRAMFILES%\Microsoft\*.* > < %systemroot%\System32\Wbem\proquota.exe > < %PROGRAMFILES%\Mozilla Firefox\*.dat > < %USERPROFILE%\Cookies\*.txt /x > < %SystemRoot%\system32\fonts\*.* > < %systemroot%\system32\winlog\*.* > < %systemroot%\system32\Language\*.* > < %systemroot%\system32\Settings\*.* > < %systemroot%\system32\*.quo > < %SYSTEMROOT%\AppPatch\*.exe > < %SYSTEMROOT%\inf\*.exe > < %SYSTEMROOT%\Installer\*.exe > < %systemroot%\system32\config\*.bak2 > < %systemroot%\system32\Computers\*.* > < %SystemRoot%\system32\Sound\*.* > < %SystemRoot%\system32\SpecialImg\*.* > < %SystemRoot%\system32\code\*.* > < %SystemRoot%\system32\draft\*.* > < %SystemRoot%\system32\MSSSys\*.* > < %ProgramFiles%\Javascript\*.* > < %systemroot%\pchealth\helpctr\System\*.exe /s > < %systemroot%\Web\*.exe > < %systemroot%\system32\msn\*.* > < %systemroot%\system32\*.tro > < %AppData%\Microsoft\Installer\msupdates\*.* > < %ProgramFiles%\Messenger\*.exe > < %systemroot%\system32\systhem32\*.* > < %systemroot%\system\*.exe > < %USERPROFILE%\Templates\*.tmp > < %SYSTEMDRIVE%\explorexxx.exe\*.* > < %Windir%\Installer\*.tmp >[1 C:\windows\Installer\*.tmp files -> C:\windows\Installer\*.tmp -> ]
< %systemroot%\System32\*.xco > < %ProgramFiles%\system32\*.* > < %systemroot%\System32\windos\*.* > < %SystemRoot%\system32\sandbox\*.* > < %SystemRoot%\system32\*.amo > < %SystemRoot%\system32\Windows Live\*.* > < %ProgramFiles%\logs\*.* > < %ProgramFiles%\Bifrost\*.* > < %SystemRoot%\system32\*.goo > < %systemroot%\system32\IME\*.* > < %systemroot%\BackUp\*.* > < %systemroot%\system32\*.ico >[2009/06/10 16:17:19 | 000,116,288 | ---- | M] () -- C:\Windows\SysWOW64\PerfCenterCpl.ico
< %systemroot%\system\*.dat > < %systemroot%\system\*.exe > < %AppData%\Macromedia\Common\*.* > < %SYSTEMDRIVE%\dir\*.* /s > < %systemroot%\system32\ras\*.exe > < %SYSTEMDRIVE%\MFILES\*.* > < %SYSTEMDRIVE%\mDNSRespon.exe\*.* > < %systemroot%\system32\services\*.* > < %systemroot%\Spooler\*.* > < %ProgramFiles%\system32\*.* > < %systemroot%\system32\Setup\*.dll /x > < %systemroot%\system32\*.mine > < %SYSTEMDRIVE%\cleansweep.exe\*.* > < %systemroot%\system32\ras\*.dll > < %systemroot%\system32\ras\*.drv > < %systemroot%\*.iq > < %systemroot%\system32\XP\*.* > < %SYSTEMDRIVE%\Extracted\*.* > < %systemroot%\system32\windows\*.* > < %systemroot%\logs\*.* >[2010/07/18 00:12:05 | 000,051,563 | ---- | M] () -- C:\Windows\Logs\DirectX.log
< %SYSTEMDRIVE%\Win.Msi\*.* > < %systemroot%\regedit\*.* > < %systemroot%\system32\skype\*.* > < %AppData%\Adobe\dlluplwin25\*.* > < %UserProfile%\*.dat >[2010/10/27 10:19:55 | 001,572,864 | -HS- | M] () -- C:\Users\Sandeep\NTUSER.DAT
< %UserProfile%\*.dll > < %systemroot%\system32\*.sxo > < %SYSTEMDRIVE%\Gazma\*.* /s > < %systemroot%\system32\spynet\*.* > < %systemroot%\system32\System\*.* > < %appdata%\Microsoft\Windows\*.* > < %systemroot%\system32\WinDir\*.* > < %systemroot%\_\*.* > < %systemroot%\system32\windows32\*.* > < %ProgramFiles%\win\*.* > < %AppData%\Microsoft\CD Burning\*.* > < %systemroot%\*.cab > < %systemroot%\K.Backup\*.* > < %ProgramFiles%\Massenger\*.* > < %systemroot%\System32\*.doc > < %systemroot%\Office12\*.* > < %systemroot%\System32\Rundl32.exe\*.* > < %ProgramFiles%\yahoo.net\*.* > < %systemroot%\system32\*.igo > < %systemroot%\*.rew > < %systemroot%\System32\spool\DRIVERS\W32X86\3\*.exe > < %USERPROFILE%\.COMMgr\*.* > < %USERPROFILE%\Desktop\*.bat > < %PROGRAMFILES%\Common Files\Real\visualizations\*.* > < %PROGRAMFILES%\Internet Explorer\*.Jmp > < %PROGRAMFILES%\Windows NT\system\*.dll > < %systemroot%\system32\*.ext > < %systemroot%\system32\Com\*.cfg > < %systemroot%\system32\btz\*.* > < %systemroot%\system32\EMP\*.* > < %systemroot%\system32\expo\*.* > < %systemroot%\system32\inet2\*.* > < %systemroot%\system32\xrem\*.* > < %ProgramFiles%\Microsoft\*.* > < %systemroot%\usgwmt\*.* > < %ProgramFiles%\B\*.* > < %SYSTEMDRIVE%\lspp\*.* > < %systemroot%\Kral\*.* > < %SYSTEMDRIVE%\windowsdvd.exe\*.* > < %systemroot%\system32\*.ipo > < %SYSTEMDRIVE%\usxxxxxxxx.exe\*.* > < %systemroot%\system32\*.mof >[2009/07/13 15:29:26 | 000,000,714 | ---- | M] () -- C:\Windows\SysWOW64\RestartManager.mof
[2009/07/13 15:29:26 | 000,000,176 | ---- | M] () -- C:\Windows\SysWOW64\RestartManagerUninstall.mof
< %systemroot%\*.atm > < %systemroot%\system32\svhost\*.* > < %ProgramFiles%\system32\*.* > < %ProgramFiles%\Docmentt\*.* > < %systemroot%\Help\*.vbs > < %ProgramFiles%\Windows WinSxs\*.* /s > < %ProgramFiles%\Outlook Express\IDT\*.* /s > < %ProgramFiles%\Microsoft Office\365\*.* /s > < %ProgramFiles%\Windows Live\*.* > < %systemroot%\system32\win32\*.* > < %SYSTEMDRIVE%\RECYCLER\*.* > < %systemroot%\Fresh1\*.* > < %ProgramFiles%\Kekj\*.* /s > < %systemroot%\GDU\*.* > < %systemroot%\KA\*.* > < %systemroot%\R\*.* > < %systemroot%\system32\*.fyo > < %USERPROFILE%\System\*.* > < %systemroot%\Source\*.* > < %systemroot%\system32\ac\*.* > < %ProgramFiles%\MSDN\*.* > < %AppData%\AdobeUM\winvcldll54\*.* /s > < %ProgramFiles%\Internet Explorer\*.ico > < %systemroot%\system32\*.ojo > < %systemroot%\system32\d323s\*.* > < %systemroot%\system32\re\*.* > < %UserProfile%\Microsoft\*.dll > < %UserProfile%\Microsoft\*.log > < %systemroot%\Bios\*.* > < %ProgramFiles%\Spool\*.* > < %ProgramFiles%\promp3\*.* > < %SYSTEMDRIVE%\Driver\*.* /s > < %SYSTEMDRIVE%\inetserver.exe\*.* > < %systemroot%\java\trustlib\*.* > < %ProgramFiles%\Common Files\designer\*.exe > < %ProgramFiles%\*. >[2010/07/19 02:25:14 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Adobe
[2010/07/18 00:05:04 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Atheros
[2010/07/19 07:20:05 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\BitTorrent
[2010/10/26 09:47:28 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Common Files
[2010/10/11 15:26:08 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\DivX
[2010/07/18 00:12:01 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\InstallShield Installation Information
[2010/07/17 23:56:29 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Intel
[2010/04/20 23:09:00 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Internet Explorer
[2010/04/20 23:10:48 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Java
[2010/07/18 00:14:03 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft
[2010/07/19 10:43:24 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft Office
[2010/07/18 00:45:44 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft Silverlight
[2010/07/18 04:05:48 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft Small Business
[2010/07/18 00:32:21 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft SQL Server
[2010/07/18 00:14:40 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
[2010/07/19 10:43:36 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft Visual Studio
[2010/07/19 10:41:19 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft Visual Studio 8
[2010/07/18 05:35:39 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft Works
[2010/07/18 05:35:16 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft.NET
[2010/09/16 10:15:10 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Firefox
[2010/07/17 13:56:38 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\MPlayer for Windows
[2010/07/19 10:43:49 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\MSBuild
[2010/08/12 08:07:32 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\MSECache
[2010/07/18 00:04:37 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Realtek
[2009/07/14 00:32:38 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Reference Assemblies
[2010/08/13 01:27:21 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Research In Motion
[2010/09/29 09:55:50 | 000,000,000 | R--D | M] -- C:\Program Files (x86)\Skype
[2010/08/30 09:23:53 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\sugarcrm-6.0.1
[2010/07/18 00:12:20 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Toshiba
[2010/10/11 15:27:54 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\TOSHIBA Games
[2009/07/13 23:57:06 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Uninstall Information
[2009/07/14 00:37:47 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Defender
[2010/07/18 00:15:05 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Live
[2010/07/18 00:13:50 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Live SkyDrive
[2009/07/14 00:37:47 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Mail
[2010/04/20 23:04:24 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Media Player
[2009/07/14 00:32:38 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows NT
[2009/07/14 00:37:47 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Photo Viewer
[2009/07/14 00:32:40 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Portable Devices
[2009/07/14 00:37:47 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Sidebar
[2010/07/18 04:18:28 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\WinRAR
< %systemroot%\system32\*.tso > < %ALLUSERSPROFILE%\Documents\Server\*.* > < %systemroot%\*.pif > < %systemroot%\system32\n7533\*.* > < %systemroot%\Us18336\*.* > < %systemroot%\system32\*.zip > < %systemroot%\system32\*.wgo > < %systemroot%\system32\dllcache\*.com > < %systemroot%\system32\dllchache\*.* > < %systemroot%\system32\038840\*.* > < %systemroot%\system32\13E92A\*.* > < %systemroot%\system32\1CB5AD\*.* > < %systemroot%\system32\52682A\*.* > < %USERPROFILE%\My Documents\*.htm > < %SYSTEMDRIVE%\Mr_CF\*.* > < %USERPROFILE%\My Documents\*.dll > < %USERPROFILE%\My Documents\*.ccc > < %systemroot%\system32\Sis\*.* > < %systemroot%\Microsft\*.* > < %SYSTEMDRIVE%\driverwinx.exe\*.* > < %systemroot%\BifroXx\*.* > < %SYSTEMDRIVE%\TSTP\*.* > < %systemroot%\winsn\*.* > < %ProgramFiles%\windata\*.* > < %SYSTEMDRIVE%\msixxxxxxx.exe\*.* > < %systemroot%\system32\*.sao > < %systemroot%\system32\*.iem > < %systemroot%\system32\*.mdd > < %systemroot%\system32\*.wlo > < %systemroot%\system32\*.skn > < %SYSTEMDRIVE%\Winup\*.* > < %SYSTEMDRIVE%\test\*.* > < %systemroot%\system32\med\*.* > < %systemroot%\Bifrost\*.* > < %systemroot%\system32\explorer.exe\*.* > < %UserProfile%\UserData\*.dat /x > < %SYSTEMDRIVE%\Arquivo de programas\*.* > < %ProgramFiles%\tcpview\*.* > < %systemroot%\system32\*.lyo > < %ProgramFiles%\huanbang2\*.* > < %systemroot%\winhuanbang\*.* > < %systemroot%\minrsv.ini\*.* > < %systemroot%\assembly\GAC\*.* > < %AppData%\Adobe\crtmswin91\*.* > < %ProgramFiles%\Windows NT\Accessories\*.exe >[2009/07/13 20:14:49 | 004,243,968 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Windows NT\Accessories\wordpad.exe
< %systemroot%\system32\*.pdo > < %SYSTEMDRIVE%\APPDATASH\*.* > < HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU > < HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs > ========== Alternate Data Streams ========== @Alternate Data Stream - 121 bytes -> C:\ProgramData\TEMP:DFC5A2B2
@Alternate Data Stream - 109 bytes -> C:\ProgramData\TEMP:A8ADE5D8
< End of report >
--------------EXTRAS.txt-----------------
OTL Extras logfile created on: 10/27/2010 10:15:52 AM - Run 1
OTL by OldTimer - Version 3.2.17.1 Folder = C:\Users\Sandeep\Desktop
64bit- Home Basic Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: India | Language: ENN | Date Format: dd-MM-yyyy
3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 64.00% Memory free
6.00 Gb Paging File | 5.00 Gb Available in Paging File | 80.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 144.23 Gb Total Space | 56.55 Gb Free Space | 39.20% Space Free | Partition Type: NTFS
Drive E: | 71.07 Gb Total Space | 48.02 Gb Free Space | 67.58% Space Free | Partition Type: NTFS
Drive F: | 71.07 Gb Total Space | 70.93 Gb Free Space | 99.81% Space Free | Partition Type: NTFS
Computer Name: SANDEEP-LAPPY | User Name: Sandeep | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ========== ========== File Associations ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\System32\ieframe.DLL (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\windows\SysWow64\control.exe (Microsoft Corporation)
.url [@ = InternetShortcut] -- C:\Windows\System32\ieframe.DLL (Microsoft Corporation)
[HKEY_USERS\S-1-5-21-4093001165-512480850-3753344430-1004\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- C:\Users\Sandeep\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.)
========== Shell Spawning ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ========== ========== HKEY_LOCAL_MACHINE Uninstall List ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{066CFFF8-12BF-4390-A673-75F95EFF188E}" = TOSHIBA Value Added Package
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{5DA0E02F-970B-424B-BF41-513A5018E4C0}" = TOSHIBA Disc Creator
"{79BF7CB8-1E09-489F-9547-DB3EE8EA3F16}" = Microsoft SQL Server Native Client
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{86177DAE-38B1-49DD-912E-35CB703AB779}" = Microsoft SQL Server VSS Writer
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007
"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9B48B0AC-C813-4174-9042-476A887592C7}" = Windows Live ID Sign-in Assistant
"{A0E99122-25C1-4CA4-9063-499A2A814EB6}" = TOSHIBA ReelTime
"{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}" = TOSHIBA Recovery Media Creator
"{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}" = PlayReady PC Runtime amd64
"{C14518AF-1A0F-4D39-8011-69BAA01CD380}" = TOSHIBA Bulletin Board
"{D4322448-B6AF-4316-B859-D8A0E84DCB38}" = TOSHIBA HDD/SSD Alert
"{F67FA545-D8E5-4209-86B1-AEE045D1003F}" = TOSHIBA Face Recognition
"CNXT_AUDIO_HDA" = Conexant HD Audio
"SynTPDeinstKey" = Synaptics Pointing Device Driver
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{008D69EB-70FF-46AB-9C75-924620DF191A}" = TOSHIBA Speech System SR Engine(U.S.) Version1.0
"{066CFFF8-12BF-4390-A673-75F95EFF188E}" = TOSHIBA Value Added Package
"{073B89C3-BA88-41B5-965F-B35A88EAE838}" = TOSHIBA Supervisor Password
"{178832DE-9DE0-4C87-9F82-9315A9B03985}" = Windows Live Writer
"{1B87C40B-A60B-4EF3-9A68-706CF4B69978}" = TOSHIBA Assist
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26A24AE4-039D-4CA4-87B4-2F83216017FF}" = Java 6 Update 17
"{2750B389-A2D2-4953-99CA-27C1F2A8E6FD}" = Microsoft SQL Server 2005 Tools Express Edition
"{2AFFFDD7-ED85-4A90-8C52-5DA9EBDC9B8F}" = Microsoft SQL Server 2005 Express Edition (SQLEXPRESS)
"{305A7CD8-758B-4E20-9CC0-3ADEDE9005B8}" = BlackBerry Device Software v5.0.0 for the BlackBerry 8520 smartphone
"{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver
"{3360D505-B0AA-4284-92DF-F872AF90A448}" = BlackBerry Device Software Updater
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3D5044A5-97B8-45C0-B956-BB2376569188}" = Windows Live Movie Maker
"{3FBF6F99-8EC6-41B4-8527-0A32241B5496}" = TOSHIBA Speech System TTS Engine(U.S.) Version1.0
"{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}" = Microsoft SQL Server Setup Support Files (English)
"{5E6F6CF3-BACC-4144-868C-E14622C658F3}" = TOSHIBA Web Camera Application
"{607BE7BF-7C28-4ADB-A4A0-385962B901C3}" = TOSHIBA ConfigFree
"{6412CECE-8172-4BE5-935B-6CECACD2CA87}" = Windows Live Mail
"{6C5F3BDC-0A1B-4436-A696-5939629D5C31}" = TOSHIBA DVD PLAYER
"{6DEF11C0-35FF-4160-A543-FDD336C4DAE5}" = Microsoft SQL Server 2005 Express Edition (MSSMLBIZ)
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{81128EE8-8EAD-4DB0-85C6-17C2CE50FF71}" = Windows Live Essentials
"{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}" = Windows Live Sync
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8E9CEA3B-EBD1-439C-A01D-830CB39613C6}" = TOSHIBA Hardware Setup
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00B2-0409-0000-0000000FF1CE}" = Microsoft Save as PDF or XPS Add-in for 2007 Microsoft Office programs
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader
"{983CD6FE-8320-4B80-A8F6-0D0366E0AA22}" = TOSHIBA Media Controller
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A85FD55B-891B-4314-97A5-EA96C0BD80B5}" = Windows Live Messenger
"{AC6569FA-6919-442A-8552-073BE69E247A}" = TOSHIBA Service Station
"{AC76BA86-7AD7-1033-7B44-A94000000001}" = Adobe Reader 9.4.0
"{AC76BA86-7AD7-5670-0000-900000000003}" = Korean Fonts Support For Adobe Reader 9
"{AC76BA86-7AD7-5760-0000-900000000003}" = Japanese Fonts Support For Adobe Reader 9
"{B32C4059-6E7A-41EF-AD20-56DF1872B923}" = Business Contact Manager for Outlook 2007 SP2
"{C3A32068-8AB1-4327-BB16-BED9C6219DC7}" = Atheros Driver Installation Program
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D25F26E6-7F37-4580-9E83-2BDD9BE9E0CE}" = BlackBerry Desktop Software 6.0
"{D4322448-B6AF-4316-B859-D8A0E84DCB38}" = TOSHIBA HDD/SSD Alert
"{D6C75F0B-3BC1-4FC9-B8C5-3F7E8ED059CA}" = Windows Live Photo Gallery
"{DB9E4EAB-2717-499F-8D56-4CC8A644AB60}" = MPlayer for Windows (Full Package)
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
"{EE033C1F-443E-41EC-A0E2-559B539A4E4D}" = TOSHIBA Speech System Applications
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel® Graphics Media Accelerator Driver
"{F26FDF57-483E-42C8-A9C9-EEE1EDB256E0}" = TOSHIBA Media Controller Plug-in
"{F6BD194C-4190-4D73-B1B1-C48C99921BFE}" = Windows Live Call
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"avast5" = avast! Free Antivirus
"BitTorrent" = BitTorrent
"BlackBerry_Desktop" = BlackBerry Desktop Software 6.0
"Business Contact Manager" = Business Contact Manager for Outlook 2007 SP2
"ENTERPRISE" = Microsoft Office Enterprise 2007
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"InstallShield_{066CFFF8-12BF-4390-A673-75F95EFF188E}" = TOSHIBA Value Added Package
"InstallShield_{A0E99122-25C1-4CA4-9063-499A2A814EB6}" = TOSHIBA ReelTime
"InstallShield_{C14518AF-1A0F-4D39-8011-69BAA01CD380}" = TOSHIBA Bulletin Board
"InstallShield_{D4322448-B6AF-4316-B859-D8A0E84DCB38}" = TOSHIBA HDD/SSD Alert
"InstallShield_{F67FA545-D8E5-4209-86B1-AEE045D1003F}" = TOSHIBA Face Recognition
"Microsoft SQL Server 2005" = Microsoft SQL Server 2005
"Mozilla Firefox (3.6.10)" = Mozilla Firefox (3.6.10)
"SugarCRM on FastStack 6.0.1" = SugarCRM on FastStack
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR archiver
========== HKEY_USERS Uninstall List ========== [HKEY_USERS\S-1-5-21-4093001165-512480850-3753344430-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{226b64e8-dc75-4eea-a6c8-abcb496320f2}-Google Talk" = Google Talk (remove only)
"ActiveTouchMeetingClient" = WebEx
"Google Chrome" = Google Chrome
========== Last 10 Event Log Errors ========== [ Application Events ]
Error - 10/8/2010 9:06:17 AM | Computer Name = Sandeep-Lappy | Source = Application Error | ID = 1000
Description = Faulting application name: POWERPNT.EXE, version: 12.0.4518.1014,
time stamp: 0x45428035 Faulting module name: mso.dll, version: 12.0.4518.1014, time
stamp: 0x4542867b Exception code: 0xc0000005 Fault offset: 0x001205fb Faulting process
id: 0x9c0 Faulting application start time: 0x01cb66e9812a58df Faulting application
path: C:\Program Files (x86)\Microsoft Office\Office12\POWERPNT.EXE Faulting module
path: C:\Program Files (x86)\Common Files\Microsoft Shared\office12\mso.dll Report
Id: d5e51533-d2dc-11df-be44-00266c6050fc
Error - 10/13/2010 8:14:15 AM | Computer Name = Sandeep-Lappy | Source = Google Update | ID = 20
Description =
Error - 10/15/2010 9:14:05 AM | Computer Name = Sandeep-Lappy | Source = Google Update | ID = 20
Description =
Error - 10/15/2010 10:14:05 AM | Computer Name = Sandeep-Lappy | Source = Google Update | ID = 20
Description =
Error - 10/15/2010 11:14:05 AM | Computer Name = Sandeep-Lappy | Source = Google Update | ID = 20
Description =
Error - 10/15/2010 12:14:05 PM | Computer Name = Sandeep-Lappy | Source = Google Update | ID = 20
Description =
Error - 10/15/2010 1:14:05 PM | Computer Name = Sandeep-Lappy | Source = Google Update | ID = 20
Description =
Error - 10/15/2010 2:14:05 PM | Computer Name = Sandeep-Lappy | Source = Google Update | ID = 20
Description =
Error - 10/15/2010 3:14:05 PM | Computer Name = Sandeep-Lappy | Source = Google Update | ID = 20
Description =
Error - 10/15/2010 4:14:05 PM | Computer Name = Sandeep-Lappy | Source = Google Update | ID = 20
Description =
[ OSession Events ]
Error - 8/27/2010 9:25:45 AM | Computer Name = Sandeep-Lappy | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 551
seconds with 540 seconds of active time. This session ended with a crash.
Error - 10/8/2010 9:02:42 AM | Computer Name = Sandeep-Lappy | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application
Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session
lasted 278 seconds with 120 seconds of active time. This session ended with a crash.
Error - 10/8/2010 9:06:17 AM | Computer Name = Sandeep-Lappy | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application
Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session
lasted 38 seconds with 0 seconds of active time. This session ended with a crash.
Error - 10/20/2010 2:53:13 PM | Computer Name = Sandeep-Lappy | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 2862
seconds with 2460 seconds of active time. This session ended with a crash.
[ System Events ]
Error - 10/10/2010 4:18:46 PM | Computer Name = Sandeep-Lappy | Source = Schannel | ID = 36884
Description = The certificate received from the remote server does not contain the
expected name. It is therefore not possible to determine whether we are connecting
to the correct server. The server name we were expecting is www.google.com. The
SSL connection request has failed. The attached data contains the server certificate.
Error - 10/10/2010 4:18:46 PM | Computer Name = Sandeep-Lappy | Source = Schannel | ID = 36888
Description = The following fatal alert was generated: 43. The internal error state
is 552.
Error - 10/10/2010 4:18:46 PM | Computer Name = Sandeep-Lappy | Source = Schannel | ID = 36884
Description = The certificate received from the remote server does not contain the
expected name. It is therefore not possible to determine whether we are connecting
to the correct server. The server name we were expecting is www.google.com. The
SSL connection request has failed. The attached data contains the server certificate.
Error - 10/10/2010 4:18:46 PM | Computer Name = Sandeep-Lappy | Source = Schannel | ID = 36888
Description = The following fatal alert was generated: 43. The internal error state
is 552.
Error - 10/10/2010 4:18:46 PM | Computer Name = Sandeep-Lappy | Source = Schannel | ID = 36884
Description = The certificate received from the remote server does not contain the
expected name. It is therefore not possible to determine whether we are connecting
to the correct server. The server name we were expecting is www.google.com. The
SSL connection request has failed. The attached data contains the server certificate.
Error - 10/10/2010 4:18:46 PM | Computer Name = Sandeep-Lappy | Source = Schannel | ID = 36888
Description = The following fatal alert was generated: 43. The internal error state
is 552.
Error - 10/10/2010 4:18:46 PM | Computer Name = Sandeep-Lappy | Source = Schannel | ID = 36884
Description = The certificate received from the remote server does not contain the
expected name. It is therefore not possible to determine whether we are connecting
to the correct server. The server name we were expecting is www.google.com. The
SSL connection request has failed. The attached data contains the server certificate.
Error - 10/10/2010 4:18:46 PM | Computer Name = Sandeep-Lappy | Source = Schannel | ID = 36888
Description = The following fatal alert was generated: 43. The internal error state
is 552.
Error - 10/10/2010 4:18:46 PM | Computer Name = Sandeep-Lappy | Source = Schannel | ID = 36884
Description = The certificate received from the remote server does not contain the
expected name. It is therefore not possible to determine whether we are connecting
to the correct server. The server name we were expecting is www.google.com. The
SSL connection request has failed. The attached data contains the server certificate.
Error - 10/25/2010 10:33:02 PM | Computer Name = Sandeep-Lappy | Source = EventLog | ID = 6008
Description = The previous system shutdown at 21:31:34 on ?25-?10-?2010 was unexpected.
< End of report >