Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

SVCHost consumes all CPU & Memory

Started by jaswantpurba , Mar 06 2011 12:20 PM

  • Please log in to reply

#1
jaswantpurba
Posted 06 March 2011 - 12:20 PM

jaswantpurba

    Member

  • Member
  • PipPip
  • 15 posts
Hi Geeks Guru(s)

I have 2 issues on my machine :

1. SVChost process take all memory and CPU when I start iExplorer and connect to internet. This process connect to sound of the system and when i forcefully kill process I loose sound of the system and everything else run fine after this.

2. I also have issue of google redirects . I tried to follow thread " http://www.geekstogo...ogle-redirects/ " and things seems to be improved on this front since than (today morning)


I have attached OTL logs for quick reference. Please suggest next actions.



I know this is very common issue and there are a few more postings I search on this, but I was not able to follow as tools suggests in some of the thread are no longer accessable. So I am starting a new thread.

regards-Jaswant


OTL LOG
______________________________________________

OTL logfile created on: 3/6/2011 10:13:50 AM - Run 1
OTL by OldTimer - Version 3.2.22.2 Folder = C:\Documents and Settings\singhpur\Desktop\VIRUS
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 53.00% Memory free
4.00 Gb Paging File | 3.00 Gb Available in Paging File | 75.00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74.52 Gb Total Space | 20.09 Gb Free Space | 26.95% Space Free | Partition Type: NTFS

Computer Name: JPURBA2 | User Name: singhpur | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/03/06 10:04:52 | 000,581,120 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\singhpur\Desktop\VIRUS\OTL.exe
PRC - [2011/03/06 09:59:51 | 000,388,608 | ---- | M] (Trend Micro Inc.) -- C:\Documents and Settings\singhpur\Desktop\VIRUS\HiJackThis.exe
PRC - [2010/06/01 10:17:48 | 005,252,408 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
PRC - [2010/03/09 09:08:33 | 000,046,120 | ---- | M] (ActivIdentity) -- c:\Program Files\ActivIdentity\ActivClient\acautoup.exe
PRC - [2010/03/09 09:06:49 | 000,198,184 | ---- | M] (ActivIdentity) -- c:\Program Files\ActivIdentity\ActivClient\accoca.exe
PRC - [2010/03/09 09:06:48 | 000,141,864 | ---- | M] (ActivIdentity) -- c:\Program Files\ActivIdentity\ActivClient\acevents.exe
PRC - [2010/03/09 08:27:56 | 000,349,616 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Adobe\Reader 9.0\Reader\AcroRd32.exe
PRC - [2010/01/06 11:07:00 | 000,147,472 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\VirusScan Enterprise\Mcshield.exe
PRC - [2010/01/06 11:07:00 | 000,070,728 | ---- | M] (McAfee, Inc.) -- C:\WINDOWS\system32\mfevtps.exe
PRC - [2010/01/06 11:07:00 | 000,066,896 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\VirusScan Enterprise\VsTskMgr.exe
PRC - [2010/01/06 11:07:00 | 000,027,960 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\VirusScan Enterprise\mfeann.exe
PRC - [2010/01/06 11:07:00 | 000,022,816 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\VirusScan Enterprise\EngineServer.exe
PRC - [2009/10/20 04:25:22 | 001,489,984 | ---- | M] (McAfee, Inc.) -- c:\Program Files\McAfee\Host Intrusion Prevention\FireSvc.exe
PRC - [2009/09/24 19:50:00 | 000,185,664 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\Common Framework\naPrdMgr.exe
PRC - [2009/09/24 19:50:00 | 000,136,512 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\Common Framework\UdaterUI.exe
PRC - [2009/09/24 19:50:00 | 000,120,128 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\Common Framework\FrameworkService.exe
PRC - [2009/09/24 19:50:00 | 000,075,072 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\Common Framework\McTray.exe
PRC - [2009/09/02 08:59:20 | 000,035,696 | ---- | M] (McAfee, Inc.) -- c:\Program Files\McAfee\Host Intrusion Prevention\HIPSCore\HIPSvc.exe
PRC - [2009/08/06 07:53:24 | 000,222,528 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\SiteAdvisor Enterprise\McSACore.exe
PRC - [2008/11/09 12:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
PRC - [2008/07/03 00:28:32 | 000,315,570 | ---- | M] (Hewlett-Packard) -- c:\Program Files\Hewlett-Packard\PC COE 3\OV CMS\Radstgms.exe
PRC - [2008/04/17 09:08:46 | 001,528,608 | ---- | M] (Cisco Systems, Inc.) -- C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
PRC - [2008/04/14 04:00:00 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008/04/14 04:00:00 | 000,389,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cmd.exe
PRC - [2007/03/22 08:19:28 | 000,172,205 | ---- | M] (Hewlett-Packard) -- c:\Program Files\Hewlett-Packard\PC COE 3\OV CMS\radsched.exe
PRC - [2007/02/20 04:59:58 | 000,270,510 | ---- | M] (Hewlett-Packard) -- c:\Program Files\Hewlett-Packard\PC COE 3\OV CMS\radexecd.exe
PRC - [2007/01/24 14:28:58 | 000,124,928 | ---- | M] (Hewlett-Packard Corporation) -- C:\WINDOWS\system32\accelerometerST.exe
PRC - [2007/01/04 19:48:52 | 000,112,152 | R--- | M] (InterVideo) -- C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
PRC - [2007/01/01 13:22:02 | 003,739,648 | ---- | M] (Google) -- C:\Program Files\Google\Google Talk\googletalk.exe


========== Modules (SafeList) ==========

MOD - [2011/03/06 10:04:52 | 000,581,120 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\singhpur\Desktop\VIRUS\OTL.exe
MOD - [2010/08/23 08:12:02 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - [2010/03/09 09:08:33 | 000,046,120 | ---- | M] (ActivIdentity) [Auto | Running] -- c:\Program Files\ActivIdentity\ActivClient\acautoup.exe -- (acautoup)
SRV - [2010/03/09 09:06:49 | 000,198,184 | ---- | M] (ActivIdentity) [Auto | Running] -- c:\Program Files\ActivIdentity\ActivClient\accoca.exe -- (accoca)
SRV - [2010/01/06 11:07:00 | 000,147,472 | ---- | M] (McAfee, Inc.) [Unknown | Running] -- C:\Program Files\McAfee\VirusScan Enterprise\Mcshield.exe -- (McShield)
SRV - [2010/01/06 11:07:00 | 000,070,728 | ---- | M] (McAfee, Inc.) [Unknown | Running] -- C:\WINDOWS\system32\mfevtps.exe -- (mfevtp)
SRV - [2010/01/06 11:07:00 | 000,066,896 | ---- | M] (McAfee, Inc.) [Unknown | Running] -- C:\Program Files\McAfee\VirusScan Enterprise\VsTskMgr.exe -- (McTaskManager)
SRV - [2010/01/06 11:07:00 | 000,022,816 | ---- | M] (McAfee, Inc.) [Unknown | Running] -- C:\Program Files\McAfee\VirusScan Enterprise\EngineServer.exe -- (McAfeeEngineService)
SRV - [2009/10/20 04:25:22 | 001,489,984 | ---- | M] (McAfee, Inc.) [Auto | Running] -- c:\Program Files\McAfee\Host Intrusion Prevention\FireSvc.exe -- (enterceptAgent)
SRV - [2009/09/24 19:50:00 | 000,120,128 | ---- | M] (McAfee, Inc.) [Unknown | Running] -- C:\Program Files\McAfee\Common Framework\FrameworkService.exe -- (McAfeeFramework)
SRV - [2009/09/02 08:59:20 | 000,035,696 | ---- | M] (McAfee, Inc.) [Auto | Running] -- c:\Program Files\McAfee\Host Intrusion Prevention\HIPSCore\HIPSvc.exe -- (hips)
SRV - [2009/08/06 07:53:24 | 000,222,528 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\McAfee\SiteAdvisor Enterprise\McSACore.exe -- (McAfee SiteAdvisor Enterprise Service)
SRV - [2008/11/09 12:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
SRV - [2008/07/03 00:28:32 | 000,315,570 | ---- | M] (Hewlett-Packard) [Auto | Running] -- c:\Program Files\Hewlett-Packard\PC COE 3\OV CMS\Radstgms.exe -- (Radstgms)
SRV - [2008/04/17 09:08:46 | 001,528,608 | ---- | M] (Cisco Systems, Inc.) [Auto | Running] -- C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe -- (CVPND)
SRV - [2007/03/22 08:19:28 | 000,172,205 | ---- | M] (Hewlett-Packard) [Auto | Running] -- c:\Program Files\Hewlett-Packard\PC COE 3\OV CMS\radsched.exe -- (radsched)
SRV - [2007/02/20 04:59:58 | 000,270,510 | ---- | M] (Hewlett-Packard) [Auto | Running] -- c:\Program Files\Hewlett-Packard\PC COE 3\OV CMS\radexecd.exe -- (radexecd)
SRV - [2007/01/04 19:48:52 | 000,112,152 | R--- | M] (InterVideo) [Auto | Running] -- C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe -- (IviRegMgr)


========== Driver Services (SafeList) ==========

DRV - [2010/01/06 11:07:00 | 000,343,920 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\mfehidk.sys -- (mfehidk)
DRV - [2010/01/06 11:07:00 | 000,091,832 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mfeavfk.sys -- (mfeavfk)
DRV - [2010/01/06 11:07:00 | 000,075,704 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mfeapfk.sys -- (mfeapfk)
DRV - [2010/01/06 11:07:00 | 000,066,600 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mferkdet.sys -- (mferkdet)
DRV - [2010/01/06 11:07:00 | 000,064,208 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\mfetdik.sys -- (mfetdik)
DRV - [2010/01/06 11:07:00 | 000,043,288 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mfebopk.sys -- (mfebopk)
DRV - [2009/10/20 04:23:46 | 000,030,952 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\firelm01.sys -- (firelm01)
DRV - [2009/10/20 04:23:40 | 000,145,616 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\FireTDI.sys -- (FireTDI)
DRV - [2009/10/20 04:23:36 | 000,135,872 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\Drivers\FirePM.sys -- (FirePM)
DRV - [2009/09/02 08:59:00 | 000,035,584 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HIPQK.sys -- (HIPQK)
DRV - [2009/09/02 08:58:44 | 000,038,680 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HIPPSK.sys -- (HIPPSK)
DRV - [2009/09/02 08:58:28 | 000,107,960 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HIPK.sys -- (HIPK)
DRV - [2008/10/17 06:26:24 | 000,044,680 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\firehk.sys -- (FirehkMP)
DRV - [2008/10/17 06:26:24 | 000,044,680 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\firehk.sys -- (Firehk)
DRV - [2008/04/17 09:07:52 | 000,306,299 | ---- | M] (Cisco Systems, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\CVPNDRVA.sys -- (CVPNDRVA)
DRV - [2008/03/29 17:36:28 | 000,125,328 | ---- | M] (Deterministic Networks, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\dne2000.sys -- (DNE)
DRV - [2007/12/11 10:09:00 | 000,027,008 | ---- | M] (ActivIdentity) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\aksim.sys -- (AKSIM)
DRV - [2007/12/11 10:09:00 | 000,013,619 | ---- | M] (ActivCard) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\akbus.sys -- (akbus)
DRV - [2007/12/11 10:09:00 | 000,009,493 | ---- | M] (ActivCard) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\akpcsc.sys -- (akpcsc)
DRV - [2007/08/03 10:31:00 | 000,023,424 | ---- | M] (Hewlett Packard) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\radiamsi.sys -- (RadiaMsi)
DRV - [2007/04/06 02:46:50 | 000,013,647 | ---- | M] (ActivIdentity) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\aksbus.sys -- (aksbus)
DRV - [2007/04/06 02:46:50 | 000,010,161 | ---- | M] (ActivIdentity) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\akspcsc.sys -- (akspcsc)
DRV - [2007/03/01 07:13:06 | 002,203,520 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NETw4x32.sys -- (NETw4x32) Intel®
DRV - [2007/02/14 12:21:00 | 000,067,960 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btwusb.sys -- (BTWUSB)
DRV - [2007/02/14 12:20:58 | 000,868,298 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btkrnl.sys -- (BTKRNL)
DRV - [2007/02/13 17:00:06 | 001,160,320 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2007/01/18 17:28:02 | 000,005,275 | ---- | M] (Cisco Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\CVirtA.sys -- (CVirtA)
DRV - [2007/01/16 00:26:22 | 000,160,256 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\b57xp32.sys -- (b57w2k)
DRV - [2006/11/30 11:24:58 | 000,008,192 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\eabfiltr.sys -- (eabfiltr)
DRV - [2006/09/19 08:58:58 | 000,036,608 | ---- | M] (Infineon Technologies AG) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ifxtpm.sys -- (IFXTPM)
DRV - [2006/07/24 00:00:04 | 000,022,016 | ---- | M] (Hewlett-Packard Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Accelerometer.sys -- (Accelerometer)
DRV - [2006/07/24 00:00:04 | 000,017,920 | ---- | M] (Hewlett-Packard Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\hpdskflt.sys -- (hpdskflt)
DRV - [2006/06/28 10:54:00 | 000,009,472 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\CPQBttn.sys -- (HBtnKey)
DRV - [2006/05/25 07:28:18 | 000,121,216 | R--- | M] (AuthenTec, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\atswpdrv.sys -- (ATSWPDRV) AuthenTec TruePrint USB Driver (AES2500)
DRV - [2005/11/01 04:00:46 | 000,092,288 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\symmpi.sys -- (Symmpi)
DRV - [2005/01/26 11:22:20 | 000,280,344 | ---- | M] (Zone Labs LLC) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\vsdatant.sys -- (vsdatant)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://athp.hp.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [Binary data over 100 bytes]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = [Binary data over 100 bytes]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://athp.hp.com

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://athp.hp.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ig
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

FF - HKLM\software\mozilla\Firefox\Extensions\\{B7082FAA-CB62-4872-9106-E42DD88EDE45}: C:\Program Files\McAfee\SiteAdvisor Enterprise\ [2010/03/09 07:25:29 | 000,000,000 | ---D | M]


O1 HOSTS File: ([2011/03/06 08:44:55 | 000,000,098 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - C:\Program Files\McAfee\SiteAdvisor Enterprise\McIEPlg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - C:\Program Files\McAfee\SiteAdvisor Enterprise\McIEPlg.dll (McAfee, Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {00000000-0000-0000-0000-000000000000} - No CLSID value found.
O4 - HKLM..\Run: [AccelerometerSysTrayApplet] C:\WINDOWS\system32\accelerometerST.exe (Hewlett-Packard Corporation)
O4 - HKLM..\Run: [googletalk] C:\Program Files\Google\Google Talk\googletalk.exe (Google)
O4 - HKLM..\Run: [ShStatEXE] C:\Program Files\McAfee\VirusScan Enterprise\SHSTAT.EXE (McAfee, Inc.)
O4 - HKLM..\Run: [WatchDog] C:\Program Files\InterVideo\DVD Check\DVDCheck.exe (InterVideo Inc.)
O4 - HKCU..\Run: [{3EBC2962-FF2E-DAD0-F449-3159DFBF9285}] C:\Documents and Settings\singhpur\Application Data\Qyfi\ovhya.exe ()
O4 - HKCU..\Run: [Messenger (Yahoo!)] C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\VPN Client.lnk = C:\WINDOWS\Installer\{4C271126-C295-4828-A901-5910AE0C258B}\Icon3E5562ED7.ico ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoMSAppLogo5ChannelNotify = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoToolbarCustomize = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoBandCustomize = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableNT4Policy = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoWindowsUpdate = 0
O8 - Extra context menu item: Send to &Bluetooth Device... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O9 - Extra Button: Fix Common Internet Explorer Problems - {E270AB82-96D5-45DB-ABE3-0BC038B92334} - c:\Program Files\Hewlett-Packard\IEToolBar\HP IE Fix.exe (Hewlett-Packard Company)
O9 - Extra 'Tools' menuitem : Fix Common Internet Explorer Problems - {E270AB82-96D5-45DB-ABE3-0BC038B92334} - c:\Program Files\Hewlett-Packard\IEToolBar\HP IE Fix.exe (Hewlett-Packard Company)
O15 - HKLM\..Trusted Domains: compaq.co.jp ([]http in Local intranet)
O15 - HKLM\..Trusted Domains: compaq.com ([]http in Local intranet)
O15 - HKLM\..Trusted Domains: compaq.com ([ie.config.asia] http in Trusted sites)
O15 - HKLM\..Trusted Domains: compaq.com ([ie.config.eur] http in Trusted sites)
O15 - HKLM\..Trusted Domains: compaq.com ([ie.config.im.hou] http in Trusted sites)
O15 - HKLM\..Trusted Domains: compaq.com ([ie.config.jp] http in Trusted sites)
O15 - HKLM\..Trusted Domains: compaq.com.ar ([]http in Local intranet)
O15 - HKLM\..Trusted Domains: compaq.com.br ([]http in Local intranet)
O15 - HKLM\..Trusted Domains: compaq.com.cl ([]http in Local intranet)
O15 - HKLM\..Trusted Domains: compaq.com.co ([]http in Local intranet)
O15 - HKLM\..Trusted Domains: compaq.com.mx ([]http in Local intranet)
O15 - HKLM\..Trusted Domains: compaq.com.sg ([]http in Local intranet)
O15 - HKLM\..Trusted Domains: compaq.com.ve ([]http in Local intranet)
O15 - HKLM\..Trusted Domains: cpqcorp.net ([]http in Local intranet)
O15 - HKLM\..Trusted Domains: dec.com ([]http in Local intranet)
O15 - HKLM\..Trusted Domains: dec.com ([ie.config.ecom] http in Trusted sites)
O15 - HKLM\..Trusted Domains: digital.co.uk ([]http in Local intranet)
O15 - HKLM\..Trusted Domains: digital.com ([]http in Local intranet)
O15 - HKLM\..Trusted Domains: hp.com ([]http in Local intranet)
O15 - HKLM\..Trusted Domains: microcom.com ([]http in Local intranet)
O15 - HKLM\..Trusted Domains: siteadvisor.com ([www] http in Trusted sites)
O15 - HKLM\..Trusted Domains: siteadvisor.com ([www] https in Trusted sites)
O15 - HKLM\..Trusted Domains: tandem.com ([]http in Local intranet)
O15 - HKLM\..Trusted Domains: tandem.com ([ie.config] http in Trusted sites)
O15 - HKCU\..Trusted Domains: compaq.com ([]* in Local intranet)
O15 - HKCU\..Trusted Domains: compaq.com ([]http in Trusted sites)
O15 - HKCU\..Trusted Domains: compaq.com.ar ([]* in Local intranet)
O15 - HKCU\..Trusted Domains: compaq.com.ar ([]http in Trusted sites)
O15 - HKCU\..Trusted Domains: compaq.com.br ([]* in Local intranet)
O15 - HKCU\..Trusted Domains: compaq.com.br ([]http in Trusted sites)
O15 - HKCU\..Trusted Domains: compaq.com.co ([]* in Local intranet)
O15 - HKCU\..Trusted Domains: compaq.com.co ([]http in Trusted sites)
O15 - HKCU\..Trusted Domains: compaq.com.mx ([]* in Local intranet)
O15 - HKCU\..Trusted Domains: compaq.com.mx ([]http in Trusted sites)
O15 - HKCU\..Trusted Domains: compaq.com.sg ([]* in Local intranet)
O15 - HKCU\..Trusted Domains: compaq.com.sg ([]http in Trusted sites)
O15 - HKCU\..Trusted Domains: compaq.com.ve ([]* in Local intranet)
O15 - HKCU\..Trusted Domains: compaq.com.ve ([]http in Trusted sites)
O15 - HKCU\..Trusted Domains: cpqcorp.net ([]* in Local intranet)
O15 - HKCU\..Trusted Domains: cpqcorp.net ([]http in Trusted sites)
O15 - HKCU\..Trusted Domains: cpqcorp.net ([]https in Trusted sites)
O15 - HKCU\..Trusted Domains: dcu.org ([]* in Local intranet)
O15 - HKCU\..Trusted Domains: dcu.org ([]http in Trusted sites)
O15 - HKCU\..Trusted Domains: dcu.org ([]https in Trusted sites)
O15 - HKCU\..Trusted Domains: hp.com ([]* in Local intranet)
O15 - HKCU\..Trusted Domains: hp.com ([]http in Trusted sites)
O15 - HKCU\..Trusted Domains: hp.com ([]https in Trusted sites)
O15 - HKCU\..Trusted Domains: hpqcorp.net ([]* in Local intranet)
O15 - HKCU\..Trusted Domains: hpqcorp.net ([]http in Trusted sites)
O15 - HKCU\..Trusted Domains: hpqcorp.net ([]https in Trusted sites)
O15 - HKCU\..Trusted Domains: localhost ([]http in Local intranet)
O15 - HKCU\..Trusted Domains: sap-ag.de ([websmp105] https in Trusted sites)
O15 - HKCU\..Trusted Ranges: GD ([http] in Local intranet)
O16 - DPF: {857ABA85-8AB2-4C9E-8FAA-D2A963739859} https://g2t0066.aust...om/hp/HPPKI.cab (HPPKI Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {A1BFBE93-8D91-427C-965B-72088CFAADF4} https://g2t0066.aust...p/vscertdel.cab (CCertificateDelete Object)
O16 - DPF: {A996E48C-D3DC-4244-89F7-AFA33EC60679} https://g2t0066.aust.../hp/capicom.cab (Settings Class)
O16 - DPF: {CAFEEFAC-0014-0002-0019-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.4.2_19)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {FCADE536-93F5-4577-80A3-E7C32FAC4C7D} https://qcclorox10.s...in/Spider10.cab (Loader Class v5)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 68.87.76.182 68.87.78.134
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = asiapacific.cpqcorp.net
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files\McAfee\SiteAdvisor Enterprise\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files\McAfee\SiteAdvisor Enterprise\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\saphtmlp {D1F8BD1E-7967-11D2-B43A-006094B9EADB} - c:\Program Files\SAP\FrontEnd\SAPgui\SAPHTMLP.DLL (SAP AG, Walldorf)
O18 - Protocol\Handler\sapr3 {D1F8BD1E-7967-11D2-B43A-006094B9EADB} - c:\Program Files\SAP\FrontEnd\SAPgui\SAPHTMLP.DLL (SAP AG, Walldorf)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL) - C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\ackpbsc: DllName - c:\WINDOWS\system32\ackpbsc.dll - C:\WINDOWS\system32\ackpbsc.dll (ActivIdentity)
O20 - Winlogon\Notify\acunlock: DllName - c:\Program Files\ActivIdentity\ActivClient\acunlock.dll - c:\Program Files\ActivIdentity\ActivClient\acunlock.dll (ActivIdentity)
O24 - Desktop WallPaper: C:\Documents and Settings\singhpur\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\singhpur\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010/03/09 05:07:58 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/03/06 09:05:15 | 000,039,816 | ---- | C] (McAfee, Inc.) -- C:\WINDOWS\System32\HIPIS0e011af.dll
[2011/03/06 08:39:27 | 000,000,000 | ---D | C] -- C:\_OTM
[2011/03/06 08:33:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\singhpur\Desktop\VIRUS
[2011/03/03 08:36:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Adobe
[2011/02/27 23:17:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\singhpur\Local Settings\Application Data\Yahoo
[2011/02/27 23:16:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\singhpur\Application Data\Yahoo!
[2011/02/27 23:13:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Yahoo! Messenger
[2011/02/27 23:13:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Yahoo!
[2011/02/27 23:11:14 | 000,000,000 | ---D | C] -- C:\Program Files\Yahoo!
[2011/02/27 13:34:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Macromedia
[2011/02/27 13:34:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Adobe
[2011/02/27 03:16:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Macromedia
[2011/02/27 03:16:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Adobe
[2011/02/27 03:06:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\singhpur\Application Data\Xuxuqu
[2011/02/27 03:06:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\singhpur\Application Data\Qyfi
[2011/02/26 10:45:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Global Pets 2002
[2011/02/26 10:45:36 | 000,115,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MSINET.OCX
[2011/02/26 10:45:34 | 000,000,000 | ---D | C] -- C:\Program Files\Global Pets 2002
[2011/02/26 10:45:20 | 000,299,520 | ---- | C] (InstallShield Corporation, Inc.) -- C:\WINDOWS\uninst.exe
[2011/02/26 10:45:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\singhpur\WINDOWS
[2011/02/26 10:44:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\singhpur\Desktop\Games
[2011/02/26 10:42:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\singhpur\Start Menu\Programs\MyABCD
[2011/02/26 10:42:33 | 000,000,000 | ---D | C] -- C:\Program Files\MyABCD
[2011/02/26 10:40:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Kea Coloring Book
[2011/02/26 10:39:57 | 000,000,000 | ---D | C] -- C:\Program Files\Kea
[2011/02/18 19:03:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\Minidump
[2010/11/19 15:04:43 | 003,145,728 | ---- | C] (SAP Technology,Inc) -- C:\Program Files\Common Files\sapxlhelper.dll
[2010/11/19 15:04:43 | 000,192,512 | ---- | C] (SAP Tech Inc.) -- C:\Program Files\Common Files\sapconsr3.dll
[2010/11/19 15:04:42 | 000,626,688 | ---- | C] (SAP AG) -- C:\Program Files\Common Files\sapconsaccess.dll
[2010/11/19 15:04:41 | 000,040,960 | ---- | C] (SAP-TECHNOLOGY) -- C:\Program Files\Common Files\DigitalSignature.ocx

========== Files - Modified Within 30 Days ==========

[2011/03/06 10:04:08 | 000,000,060 | ---- | M] () -- C:\WINDOWS\wpd99.drv
[2011/03/06 09:08:03 | 000,002,447 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\VPN Client.lnk
[2011/03/06 09:06:01 | 000,041,303 | ---- | M] () -- C:\WINDOWS\System32\api_hook_list.dat
[2011/03/06 09:04:55 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/03/06 09:04:48 | 000,164,320 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011/03/06 09:04:47 | 2138,361,856 | -HS- | M] () -- C:\hiberfil.sys
[2011/03/06 08:44:55 | 000,000,098 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\Hosts
[2011/03/06 07:52:28 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011/03/05 21:34:03 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/02/27 23:17:44 | 000,000,808 | ---- | M] () -- C:\Documents and Settings\singhpur\Application Data\Microsoft\Internet Explorer\Quick Launch\Yahoo! Messenger (2).lnk
[2011/02/27 23:13:53 | 000,000,826 | ---- | M] () -- C:\Documents and Settings\singhpur\Application Data\Microsoft\Internet Explorer\Quick Launch\Yahoo! Messenger.lnk
[2011/02/26 10:53:24 | 000,001,530 | ---- | M] () -- C:\Documents and Settings\singhpur\Desktop\MyABCD.lnk
[2011/02/26 10:48:50 | 000,000,733 | ---- | M] () -- C:\Documents and Settings\singhpur\Desktop\Kea Coloring Book.lnk
[2011/02/26 10:45:44 | 000,000,000 | ---- | M] () -- C:\WINDOWS\PROTOCOL.INI
[2011/02/26 10:29:11 | 000,043,274 | ---- | M] () -- C:\Documents and Settings\singhpur\Desktop\saposcol Install and configure.pdf
[2011/02/25 23:51:16 | 000,038,400 | ---- | M] () -- C:\Documents and Settings\singhpur\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/02/12 22:38:01 | 000,000,817 | ---- | M] () -- C:\Documents and Settings\singhpur\Desktop\Shortcut to alli-losers-xvid.avi.lnk
[2011/02/07 17:54:56 | 000,136,512 | ---- | M] (McAfee, Inc.) -- C:\WINDOWS\System32\KevlarSigs.dll

========== Files Created - No Company Name ==========

[2011/03/06 09:06:01 | 000,041,303 | ---- | C] () -- C:\WINDOWS\System32\api_hook_list.dat
[2011/02/27 23:45:36 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011/02/27 23:17:44 | 000,000,808 | ---- | C] () -- C:\Documents and Settings\singhpur\Application Data\Microsoft\Internet Explorer\Quick Launch\Yahoo! Messenger (2).lnk
[2011/02/27 23:13:53 | 000,000,826 | ---- | C] () -- C:\Documents and Settings\singhpur\Application Data\Microsoft\Internet Explorer\Quick Launch\Yahoo! Messenger.lnk
[2011/02/27 14:38:47 | 2138,361,856 | -HS- | C] () -- C:\hiberfil.sys
[2011/02/26 10:53:24 | 000,001,530 | ---- | C] () -- C:\Documents and Settings\singhpur\Desktop\MyABCD.lnk
[2011/02/26 10:48:50 | 000,000,733 | ---- | C] () -- C:\Documents and Settings\singhpur\Desktop\Kea Coloring Book.lnk
[2011/02/26 10:45:44 | 000,000,000 | ---- | C] () -- C:\WINDOWS\PROTOCOL.INI
[2011/02/26 10:27:57 | 000,043,274 | ---- | C] () -- C:\Documents and Settings\singhpur\Desktop\saposcol Install and configure.pdf
[2011/02/12 22:38:01 | 000,000,817 | ---- | C] () -- C:\Documents and Settings\singhpur\Desktop\Shortcut to alli-losers-xvid.avi.lnk
[2010/12/23 13:15:24 | 000,000,028 | ---- | C] () -- C:\WINDOWS\pdf995.ini
[2010/12/23 13:12:52 | 000,051,716 | ---- | C] () -- C:\WINDOWS\System32\pdf995mon.dll
[2010/12/23 13:12:52 | 000,000,060 | ---- | C] () -- C:\WINDOWS\wpd99.drv
[2010/12/05 17:08:50 | 000,000,132 | ---- | C] () -- C:\WINDOWS\mercury.ini
[2010/12/04 13:40:09 | 000,007,041 | ---- | C] () -- C:\WINDOWS\System32\saplogon.ini
[2010/12/04 13:39:55 | 000,007,041 | ---- | C] () -- C:\WINDOWS\saplogon.ini
[2010/11/20 13:56:19 | 000,038,400 | ---- | C] () -- C:\Documents and Settings\singhpur\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/11/19 15:04:42 | 000,955,904 | ---- | C] () -- C:\Program Files\Common Files\SAPActiveXL.xlt
[2010/11/19 15:04:42 | 000,949,760 | ---- | C] () -- C:\Program Files\Common Files\SAPActiveXL_nosig.xlt
[2010/11/19 15:00:49 | 001,064,960 | ---- | C] () -- C:\WINDOWS\System32\h5krnl32.dll
[2010/11/19 15:00:49 | 000,188,928 | ---- | C] () -- C:\WINDOWS\System32\h5icon32.dll
[2010/11/19 15:00:49 | 000,175,616 | ---- | C] () -- C:\WINDOWS\System32\h5menu32.dll
[2010/11/19 15:00:49 | 000,095,744 | ---- | C] () -- C:\WINDOWS\System32\h5rtf32.dll
[2010/11/19 15:00:49 | 000,051,200 | ---- | C] () -- C:\WINDOWS\System32\h5tool32.dll
[2010/11/19 14:46:18 | 000,000,000 | ---- | C] () -- C:\WINDOWS\HPMProp.INI
[2010/11/19 13:23:12 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeW7.dll
[2010/11/19 13:23:12 | 000,200,704 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeA6.dll
[2010/11/19 13:23:12 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeP6.dll
[2010/11/19 13:23:12 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeM6.dll
[2010/11/19 13:23:12 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\IVIresizePX.dll
[2010/11/19 13:23:12 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\IVIresize.dll
[2010/03/11 05:55:09 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2010/03/10 09:48:08 | 000,006,550 | ---- | C] () -- C:\WINDOWS\jautoexp.dat
[2010/03/09 13:56:11 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2010/03/09 13:56:07 | 000,441,692 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2010/03/09 13:56:07 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2010/03/09 13:56:07 | 000,071,462 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2010/03/09 13:56:07 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2010/03/09 13:56:05 | 000,004,463 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2010/03/09 13:56:04 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2010/03/09 13:56:02 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2010/03/09 13:55:56 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2010/03/09 13:55:56 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2010/03/09 13:55:43 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2010/03/09 13:55:36 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin
[2010/03/09 09:07:32 | 000,114,688 | ---- | C] () -- C:\WINDOWS\System32\aicext.dll
[2010/03/09 08:47:24 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2010/03/09 08:36:00 | 000,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2010/03/09 08:08:53 | 000,195,392 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2010/03/09 06:02:22 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2010/03/09 06:01:38 | 000,164,320 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/03/09 05:09:44 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2010/03/09 05:06:02 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2008/04/17 09:08:56 | 000,197,408 | ---- | C] () -- C:\WINDOWS\System32\vpnapi.dll
[2008/04/17 09:08:44 | 000,193,312 | ---- | C] () -- C:\WINDOWS\System32\CSGina.dll
[2007/04/17 01:33:15 | 000,701,840 | ---- | C] () -- C:\WINDOWS\System32\igmedkrn.dll
[2007/04/17 01:33:15 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4785.dll
[2007/02/06 15:20:00 | 002,842,624 | ---- | C] () -- C:\WINDOWS\System32\btwicons.dll
[2007/02/06 14:55:52 | 000,090,112 | ---- | C] () -- C:\WINDOWS\System32\btprn2k.dll
[2001/11/14 12:56:00 | 001,802,240 | ---- | C] () -- C:\WINDOWS\System32\lcppn21.dll

< End of report >

Attached Files


Edited by jaswantpurba, 06 March 2011 - 12:27 PM.

  • 0

Advertisements

Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP