I have 2 issues on my machine :
1. SVChost process take all memory and CPU when I start iExplorer and connect to internet. This process connect to sound of the system and when i forcefully kill process I loose sound of the system and everything else run fine after this.
2. I also have issue of google redirects . I tried to follow thread " http://www.geekstogo...ogle-redirects/ " and things seems to be improved on this front since than (today morning)
I have attached OTL logs for quick reference. Please suggest next actions.
I know this is very common issue and there are a few more postings I search on this, but I was not able to follow as tools suggests in some of the thread are no longer accessable. So I am starting a new thread.
regards-Jaswant
OTL LOG
______________________________________________
OTL logfile created on: 3/6/2011 10:13:50 AM - Run 1
OTL by OldTimer - Version 3.2.22.2 Folder = C:\Documents and Settings\singhpur\Desktop\VIRUS
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 53.00% Memory free
4.00 Gb Paging File | 3.00 Gb Available in Paging File | 75.00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74.52 Gb Total Space | 20.09 Gb Free Space | 26.95% Space Free | Partition Type: NTFS
Computer Name: JPURBA2 | User Name: singhpur | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2011/03/06 10:04:52 | 000,581,120 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\singhpur\Desktop\VIRUS\OTL.exe
PRC - [2011/03/06 09:59:51 | 000,388,608 | ---- | M] (Trend Micro Inc.) -- C:\Documents and Settings\singhpur\Desktop\VIRUS\HiJackThis.exe
PRC - [2010/06/01 10:17:48 | 005,252,408 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
PRC - [2010/03/09 09:08:33 | 000,046,120 | ---- | M] (ActivIdentity) -- c:\Program Files\ActivIdentity\ActivClient\acautoup.exe
PRC - [2010/03/09 09:06:49 | 000,198,184 | ---- | M] (ActivIdentity) -- c:\Program Files\ActivIdentity\ActivClient\accoca.exe
PRC - [2010/03/09 09:06:48 | 000,141,864 | ---- | M] (ActivIdentity) -- c:\Program Files\ActivIdentity\ActivClient\acevents.exe
PRC - [2010/03/09 08:27:56 | 000,349,616 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Adobe\Reader 9.0\Reader\AcroRd32.exe
PRC - [2010/01/06 11:07:00 | 000,147,472 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\VirusScan Enterprise\Mcshield.exe
PRC - [2010/01/06 11:07:00 | 000,070,728 | ---- | M] (McAfee, Inc.) -- C:\WINDOWS\system32\mfevtps.exe
PRC - [2010/01/06 11:07:00 | 000,066,896 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\VirusScan Enterprise\VsTskMgr.exe
PRC - [2010/01/06 11:07:00 | 000,027,960 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\VirusScan Enterprise\mfeann.exe
PRC - [2010/01/06 11:07:00 | 000,022,816 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\VirusScan Enterprise\EngineServer.exe
PRC - [2009/10/20 04:25:22 | 001,489,984 | ---- | M] (McAfee, Inc.) -- c:\Program Files\McAfee\Host Intrusion Prevention\FireSvc.exe
PRC - [2009/09/24 19:50:00 | 000,185,664 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\Common Framework\naPrdMgr.exe
PRC - [2009/09/24 19:50:00 | 000,136,512 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\Common Framework\UdaterUI.exe
PRC - [2009/09/24 19:50:00 | 000,120,128 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\Common Framework\FrameworkService.exe
PRC - [2009/09/24 19:50:00 | 000,075,072 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\Common Framework\McTray.exe
PRC - [2009/09/02 08:59:20 | 000,035,696 | ---- | M] (McAfee, Inc.) -- c:\Program Files\McAfee\Host Intrusion Prevention\HIPSCore\HIPSvc.exe
PRC - [2009/08/06 07:53:24 | 000,222,528 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\SiteAdvisor Enterprise\McSACore.exe
PRC - [2008/11/09 12:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
PRC - [2008/07/03 00:28:32 | 000,315,570 | ---- | M] (Hewlett-Packard) -- c:\Program Files\Hewlett-Packard\PC COE 3\OV CMS\Radstgms.exe
PRC - [2008/04/17 09:08:46 | 001,528,608 | ---- | M] (Cisco Systems, Inc.) -- C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
PRC - [2008/04/14 04:00:00 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008/04/14 04:00:00 | 000,389,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cmd.exe
PRC - [2007/03/22 08:19:28 | 000,172,205 | ---- | M] (Hewlett-Packard) -- c:\Program Files\Hewlett-Packard\PC COE 3\OV CMS\radsched.exe
PRC - [2007/02/20 04:59:58 | 000,270,510 | ---- | M] (Hewlett-Packard) -- c:\Program Files\Hewlett-Packard\PC COE 3\OV CMS\radexecd.exe
PRC - [2007/01/24 14:28:58 | 000,124,928 | ---- | M] (Hewlett-Packard Corporation) -- C:\WINDOWS\system32\accelerometerST.exe
PRC - [2007/01/04 19:48:52 | 000,112,152 | R--- | M] (InterVideo) -- C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
PRC - [2007/01/01 13:22:02 | 003,739,648 | ---- | M] (Google) -- C:\Program Files\Google\Google Talk\googletalk.exe
========== Modules (SafeList) ==========
MOD - [2011/03/06 10:04:52 | 000,581,120 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\singhpur\Desktop\VIRUS\OTL.exe
MOD - [2010/08/23 08:12:02 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
========== Win32 Services (SafeList) ==========
SRV - [2010/03/09 09:08:33 | 000,046,120 | ---- | M] (ActivIdentity) [Auto | Running] -- c:\Program Files\ActivIdentity\ActivClient\acautoup.exe -- (acautoup)
SRV - [2010/03/09 09:06:49 | 000,198,184 | ---- | M] (ActivIdentity) [Auto | Running] -- c:\Program Files\ActivIdentity\ActivClient\accoca.exe -- (accoca)
SRV - [2010/01/06 11:07:00 | 000,147,472 | ---- | M] (McAfee, Inc.) [Unknown | Running] -- C:\Program Files\McAfee\VirusScan Enterprise\Mcshield.exe -- (McShield)
SRV - [2010/01/06 11:07:00 | 000,070,728 | ---- | M] (McAfee, Inc.) [Unknown | Running] -- C:\WINDOWS\system32\mfevtps.exe -- (mfevtp)
SRV - [2010/01/06 11:07:00 | 000,066,896 | ---- | M] (McAfee, Inc.) [Unknown | Running] -- C:\Program Files\McAfee\VirusScan Enterprise\VsTskMgr.exe -- (McTaskManager)
SRV - [2010/01/06 11:07:00 | 000,022,816 | ---- | M] (McAfee, Inc.) [Unknown | Running] -- C:\Program Files\McAfee\VirusScan Enterprise\EngineServer.exe -- (McAfeeEngineService)
SRV - [2009/10/20 04:25:22 | 001,489,984 | ---- | M] (McAfee, Inc.) [Auto | Running] -- c:\Program Files\McAfee\Host Intrusion Prevention\FireSvc.exe -- (enterceptAgent)
SRV - [2009/09/24 19:50:00 | 000,120,128 | ---- | M] (McAfee, Inc.) [Unknown | Running] -- C:\Program Files\McAfee\Common Framework\FrameworkService.exe -- (McAfeeFramework)
SRV - [2009/09/02 08:59:20 | 000,035,696 | ---- | M] (McAfee, Inc.) [Auto | Running] -- c:\Program Files\McAfee\Host Intrusion Prevention\HIPSCore\HIPSvc.exe -- (hips)
SRV - [2009/08/06 07:53:24 | 000,222,528 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\McAfee\SiteAdvisor Enterprise\McSACore.exe -- (McAfee SiteAdvisor Enterprise Service)
SRV - [2008/11/09 12:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
SRV - [2008/07/03 00:28:32 | 000,315,570 | ---- | M] (Hewlett-Packard) [Auto | Running] -- c:\Program Files\Hewlett-Packard\PC COE 3\OV CMS\Radstgms.exe -- (Radstgms)
SRV - [2008/04/17 09:08:46 | 001,528,608 | ---- | M] (Cisco Systems, Inc.) [Auto | Running] -- C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe -- (CVPND)
SRV - [2007/03/22 08:19:28 | 000,172,205 | ---- | M] (Hewlett-Packard) [Auto | Running] -- c:\Program Files\Hewlett-Packard\PC COE 3\OV CMS\radsched.exe -- (radsched)
SRV - [2007/02/20 04:59:58 | 000,270,510 | ---- | M] (Hewlett-Packard) [Auto | Running] -- c:\Program Files\Hewlett-Packard\PC COE 3\OV CMS\radexecd.exe -- (radexecd)
SRV - [2007/01/04 19:48:52 | 000,112,152 | R--- | M] (InterVideo) [Auto | Running] -- C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe -- (IviRegMgr)
========== Driver Services (SafeList) ==========
DRV - [2010/01/06 11:07:00 | 000,343,920 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\mfehidk.sys -- (mfehidk)
DRV - [2010/01/06 11:07:00 | 000,091,832 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mfeavfk.sys -- (mfeavfk)
DRV - [2010/01/06 11:07:00 | 000,075,704 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mfeapfk.sys -- (mfeapfk)
DRV - [2010/01/06 11:07:00 | 000,066,600 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mferkdet.sys -- (mferkdet)
DRV - [2010/01/06 11:07:00 | 000,064,208 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\mfetdik.sys -- (mfetdik)
DRV - [2010/01/06 11:07:00 | 000,043,288 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mfebopk.sys -- (mfebopk)
DRV - [2009/10/20 04:23:46 | 000,030,952 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\firelm01.sys -- (firelm01)
DRV - [2009/10/20 04:23:40 | 000,145,616 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\FireTDI.sys -- (FireTDI)
DRV - [2009/10/20 04:23:36 | 000,135,872 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\Drivers\FirePM.sys -- (FirePM)
DRV - [2009/09/02 08:59:00 | 000,035,584 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HIPQK.sys -- (HIPQK)
DRV - [2009/09/02 08:58:44 | 000,038,680 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HIPPSK.sys -- (HIPPSK)
DRV - [2009/09/02 08:58:28 | 000,107,960 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HIPK.sys -- (HIPK)
DRV - [2008/10/17 06:26:24 | 000,044,680 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\firehk.sys -- (FirehkMP)
DRV - [2008/10/17 06:26:24 | 000,044,680 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\firehk.sys -- (Firehk)
DRV - [2008/04/17 09:07:52 | 000,306,299 | ---- | M] (Cisco Systems, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\CVPNDRVA.sys -- (CVPNDRVA)
DRV - [2008/03/29 17:36:28 | 000,125,328 | ---- | M] (Deterministic Networks, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\dne2000.sys -- (DNE)
DRV - [2007/12/11 10:09:00 | 000,027,008 | ---- | M] (ActivIdentity) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\aksim.sys -- (AKSIM)
DRV - [2007/12/11 10:09:00 | 000,013,619 | ---- | M] (ActivCard) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\akbus.sys -- (akbus)
DRV - [2007/12/11 10:09:00 | 000,009,493 | ---- | M] (ActivCard) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\akpcsc.sys -- (akpcsc)
DRV - [2007/08/03 10:31:00 | 000,023,424 | ---- | M] (Hewlett Packard) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\radiamsi.sys -- (RadiaMsi)
DRV - [2007/04/06 02:46:50 | 000,013,647 | ---- | M] (ActivIdentity) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\aksbus.sys -- (aksbus)
DRV - [2007/04/06 02:46:50 | 000,010,161 | ---- | M] (ActivIdentity) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\akspcsc.sys -- (akspcsc)
DRV - [2007/03/01 07:13:06 | 002,203,520 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NETw4x32.sys -- (NETw4x32) Intel®
DRV - [2007/02/14 12:21:00 | 000,067,960 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btwusb.sys -- (BTWUSB)
DRV - [2007/02/14 12:20:58 | 000,868,298 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btkrnl.sys -- (BTKRNL)
DRV - [2007/02/13 17:00:06 | 001,160,320 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2007/01/18 17:28:02 | 000,005,275 | ---- | M] (Cisco Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\CVirtA.sys -- (CVirtA)
DRV - [2007/01/16 00:26:22 | 000,160,256 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\b57xp32.sys -- (b57w2k)
DRV - [2006/11/30 11:24:58 | 000,008,192 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\eabfiltr.sys -- (eabfiltr)
DRV - [2006/09/19 08:58:58 | 000,036,608 | ---- | M] (Infineon Technologies AG) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ifxtpm.sys -- (IFXTPM)
DRV - [2006/07/24 00:00:04 | 000,022,016 | ---- | M] (Hewlett-Packard Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Accelerometer.sys -- (Accelerometer)
DRV - [2006/07/24 00:00:04 | 000,017,920 | ---- | M] (Hewlett-Packard Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\hpdskflt.sys -- (hpdskflt)
DRV - [2006/06/28 10:54:00 | 000,009,472 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\CPQBttn.sys -- (HBtnKey)
DRV - [2006/05/25 07:28:18 | 000,121,216 | R--- | M] (AuthenTec, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\atswpdrv.sys -- (ATSWPDRV) AuthenTec TruePrint USB Driver (AES2500)
DRV - [2005/11/01 04:00:46 | 000,092,288 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\symmpi.sys -- (Symmpi)
DRV - [2005/01/26 11:22:20 | 000,280,344 | ---- | M] (Zone Labs LLC) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\vsdatant.sys -- (vsdatant)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://athp.hp.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [Binary data over 100 bytes]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = [Binary data over 100 bytes]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://athp.hp.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://athp.hp.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ig
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
FF - HKLM\software\mozilla\Firefox\Extensions\\{B7082FAA-CB62-4872-9106-E42DD88EDE45}: C:\Program Files\McAfee\SiteAdvisor Enterprise\ [2010/03/09 07:25:29 | 000,000,000 | ---D | M]
O1 HOSTS File: ([2011/03/06 08:44:55 | 000,000,098 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - C:\Program Files\McAfee\SiteAdvisor Enterprise\McIEPlg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - C:\Program Files\McAfee\SiteAdvisor Enterprise\McIEPlg.dll (McAfee, Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {00000000-0000-0000-0000-000000000000} - No CLSID value found.
O4 - HKLM..\Run: [AccelerometerSysTrayApplet] C:\WINDOWS\system32\accelerometerST.exe (Hewlett-Packard Corporation)
O4 - HKLM..\Run: [googletalk] C:\Program Files\Google\Google Talk\googletalk.exe (Google)
O4 - HKLM..\Run: [ShStatEXE] C:\Program Files\McAfee\VirusScan Enterprise\SHSTAT.EXE (McAfee, Inc.)
O4 - HKLM..\Run: [WatchDog] C:\Program Files\InterVideo\DVD Check\DVDCheck.exe (InterVideo Inc.)
O4 - HKCU..\Run: [{3EBC2962-FF2E-DAD0-F449-3159DFBF9285}] C:\Documents and Settings\singhpur\Application Data\Qyfi\ovhya.exe ()
O4 - HKCU..\Run: [Messenger (Yahoo!)] C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\VPN Client.lnk = C:\WINDOWS\Installer\{4C271126-C295-4828-A901-5910AE0C258B}\Icon3E5562ED7.ico ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoMSAppLogo5ChannelNotify = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoToolbarCustomize = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoBandCustomize = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableNT4Policy = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoWindowsUpdate = 0
O8 - Extra context menu item: Send to &Bluetooth Device... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O9 - Extra Button: Fix Common Internet Explorer Problems - {E270AB82-96D5-45DB-ABE3-0BC038B92334} - c:\Program Files\Hewlett-Packard\IEToolBar\HP IE Fix.exe (Hewlett-Packard Company)
O9 - Extra 'Tools' menuitem : Fix Common Internet Explorer Problems - {E270AB82-96D5-45DB-ABE3-0BC038B92334} - c:\Program Files\Hewlett-Packard\IEToolBar\HP IE Fix.exe (Hewlett-Packard Company)
O15 - HKLM\..Trusted Domains: compaq.co.jp ([]http in Local intranet)
O15 - HKLM\..Trusted Domains: compaq.com ([]http in Local intranet)
O15 - HKLM\..Trusted Domains: compaq.com ([ie.config.asia] http in Trusted sites)
O15 - HKLM\..Trusted Domains: compaq.com ([ie.config.eur] http in Trusted sites)
O15 - HKLM\..Trusted Domains: compaq.com ([ie.config.im.hou] http in Trusted sites)
O15 - HKLM\..Trusted Domains: compaq.com ([ie.config.jp] http in Trusted sites)
O15 - HKLM\..Trusted Domains: compaq.com.ar ([]http in Local intranet)
O15 - HKLM\..Trusted Domains: compaq.com.br ([]http in Local intranet)
O15 - HKLM\..Trusted Domains: compaq.com.cl ([]http in Local intranet)
O15 - HKLM\..Trusted Domains: compaq.com.co ([]http in Local intranet)
O15 - HKLM\..Trusted Domains: compaq.com.mx ([]http in Local intranet)
O15 - HKLM\..Trusted Domains: compaq.com.sg ([]http in Local intranet)
O15 - HKLM\..Trusted Domains: compaq.com.ve ([]http in Local intranet)
O15 - HKLM\..Trusted Domains: cpqcorp.net ([]http in Local intranet)
O15 - HKLM\..Trusted Domains: dec.com ([]http in Local intranet)
O15 - HKLM\..Trusted Domains: dec.com ([ie.config.ecom] http in Trusted sites)
O15 - HKLM\..Trusted Domains: digital.co.uk ([]http in Local intranet)
O15 - HKLM\..Trusted Domains: digital.com ([]http in Local intranet)
O15 - HKLM\..Trusted Domains: hp.com ([]http in Local intranet)
O15 - HKLM\..Trusted Domains: microcom.com ([]http in Local intranet)
O15 - HKLM\..Trusted Domains: siteadvisor.com ([www] http in Trusted sites)
O15 - HKLM\..Trusted Domains: siteadvisor.com ([www] https in Trusted sites)
O15 - HKLM\..Trusted Domains: tandem.com ([]http in Local intranet)
O15 - HKLM\..Trusted Domains: tandem.com ([ie.config] http in Trusted sites)
O15 - HKCU\..Trusted Domains: compaq.com ([]* in Local intranet)
O15 - HKCU\..Trusted Domains: compaq.com ([]http in Trusted sites)
O15 - HKCU\..Trusted Domains: compaq.com.ar ([]* in Local intranet)
O15 - HKCU\..Trusted Domains: compaq.com.ar ([]http in Trusted sites)
O15 - HKCU\..Trusted Domains: compaq.com.br ([]* in Local intranet)
O15 - HKCU\..Trusted Domains: compaq.com.br ([]http in Trusted sites)
O15 - HKCU\..Trusted Domains: compaq.com.co ([]* in Local intranet)
O15 - HKCU\..Trusted Domains: compaq.com.co ([]http in Trusted sites)
O15 - HKCU\..Trusted Domains: compaq.com.mx ([]* in Local intranet)
O15 - HKCU\..Trusted Domains: compaq.com.mx ([]http in Trusted sites)
O15 - HKCU\..Trusted Domains: compaq.com.sg ([]* in Local intranet)
O15 - HKCU\..Trusted Domains: compaq.com.sg ([]http in Trusted sites)
O15 - HKCU\..Trusted Domains: compaq.com.ve ([]* in Local intranet)
O15 - HKCU\..Trusted Domains: compaq.com.ve ([]http in Trusted sites)
O15 - HKCU\..Trusted Domains: cpqcorp.net ([]* in Local intranet)
O15 - HKCU\..Trusted Domains: cpqcorp.net ([]http in Trusted sites)
O15 - HKCU\..Trusted Domains: cpqcorp.net ([]https in Trusted sites)
O15 - HKCU\..Trusted Domains: dcu.org ([]* in Local intranet)
O15 - HKCU\..Trusted Domains: dcu.org ([]http in Trusted sites)
O15 - HKCU\..Trusted Domains: dcu.org ([]https in Trusted sites)
O15 - HKCU\..Trusted Domains: hp.com ([]* in Local intranet)
O15 - HKCU\..Trusted Domains: hp.com ([]http in Trusted sites)
O15 - HKCU\..Trusted Domains: hp.com ([]https in Trusted sites)
O15 - HKCU\..Trusted Domains: hpqcorp.net ([]* in Local intranet)
O15 - HKCU\..Trusted Domains: hpqcorp.net ([]http in Trusted sites)
O15 - HKCU\..Trusted Domains: hpqcorp.net ([]https in Trusted sites)
O15 - HKCU\..Trusted Domains: localhost ([]http in Local intranet)
O15 - HKCU\..Trusted Domains: sap-ag.de ([websmp105] https in Trusted sites)
O15 - HKCU\..Trusted Ranges: GD ([http] in Local intranet)
O16 - DPF: {857ABA85-8AB2-4C9E-8FAA-D2A963739859} https://g2t0066.aust...om/hp/HPPKI.cab (HPPKI Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {A1BFBE93-8D91-427C-965B-72088CFAADF4} https://g2t0066.aust...p/vscertdel.cab (CCertificateDelete Object)
O16 - DPF: {A996E48C-D3DC-4244-89F7-AFA33EC60679} https://g2t0066.aust.../hp/capicom.cab (Settings Class)
O16 - DPF: {CAFEEFAC-0014-0002-0019-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.4.2_19)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {FCADE536-93F5-4577-80A3-E7C32FAC4C7D} https://qcclorox10.s...in/Spider10.cab (Loader Class v5)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 68.87.76.182 68.87.78.134
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = asiapacific.cpqcorp.net
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files\McAfee\SiteAdvisor Enterprise\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files\McAfee\SiteAdvisor Enterprise\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\saphtmlp {D1F8BD1E-7967-11D2-B43A-006094B9EADB} - c:\Program Files\SAP\FrontEnd\SAPgui\SAPHTMLP.DLL (SAP AG, Walldorf)
O18 - Protocol\Handler\sapr3 {D1F8BD1E-7967-11D2-B43A-006094B9EADB} - c:\Program Files\SAP\FrontEnd\SAPgui\SAPHTMLP.DLL (SAP AG, Walldorf)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL) - C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\ackpbsc: DllName - c:\WINDOWS\system32\ackpbsc.dll - C:\WINDOWS\system32\ackpbsc.dll (ActivIdentity)
O20 - Winlogon\Notify\acunlock: DllName - c:\Program Files\ActivIdentity\ActivClient\acunlock.dll - c:\Program Files\ActivIdentity\ActivClient\acunlock.dll (ActivIdentity)
O24 - Desktop WallPaper: C:\Documents and Settings\singhpur\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\singhpur\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010/03/09 05:07:58 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2011/03/06 09:05:15 | 000,039,816 | ---- | C] (McAfee, Inc.) -- C:\WINDOWS\System32\HIPIS0e011af.dll
[2011/03/06 08:39:27 | 000,000,000 | ---D | C] -- C:\_OTM
[2011/03/06 08:33:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\singhpur\Desktop\VIRUS
[2011/03/03 08:36:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Adobe
[2011/02/27 23:17:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\singhpur\Local Settings\Application Data\Yahoo
[2011/02/27 23:16:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\singhpur\Application Data\Yahoo!
[2011/02/27 23:13:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Yahoo! Messenger
[2011/02/27 23:13:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Yahoo!
[2011/02/27 23:11:14 | 000,000,000 | ---D | C] -- C:\Program Files\Yahoo!
[2011/02/27 13:34:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Macromedia
[2011/02/27 13:34:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Adobe
[2011/02/27 03:16:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Macromedia
[2011/02/27 03:16:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Adobe
[2011/02/27 03:06:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\singhpur\Application Data\Xuxuqu
[2011/02/27 03:06:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\singhpur\Application Data\Qyfi
[2011/02/26 10:45:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Global Pets 2002
[2011/02/26 10:45:36 | 000,115,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MSINET.OCX
[2011/02/26 10:45:34 | 000,000,000 | ---D | C] -- C:\Program Files\Global Pets 2002
[2011/02/26 10:45:20 | 000,299,520 | ---- | C] (InstallShield Corporation, Inc.) -- C:\WINDOWS\uninst.exe
[2011/02/26 10:45:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\singhpur\WINDOWS
[2011/02/26 10:44:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\singhpur\Desktop\Games
[2011/02/26 10:42:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\singhpur\Start Menu\Programs\MyABCD
[2011/02/26 10:42:33 | 000,000,000 | ---D | C] -- C:\Program Files\MyABCD
[2011/02/26 10:40:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Kea Coloring Book
[2011/02/26 10:39:57 | 000,000,000 | ---D | C] -- C:\Program Files\Kea
[2011/02/18 19:03:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\Minidump
[2010/11/19 15:04:43 | 003,145,728 | ---- | C] (SAP Technology,Inc) -- C:\Program Files\Common Files\sapxlhelper.dll
[2010/11/19 15:04:43 | 000,192,512 | ---- | C] (SAP Tech Inc.) -- C:\Program Files\Common Files\sapconsr3.dll
[2010/11/19 15:04:42 | 000,626,688 | ---- | C] (SAP AG) -- C:\Program Files\Common Files\sapconsaccess.dll
[2010/11/19 15:04:41 | 000,040,960 | ---- | C] (SAP-TECHNOLOGY) -- C:\Program Files\Common Files\DigitalSignature.ocx
========== Files - Modified Within 30 Days ==========
[2011/03/06 10:04:08 | 000,000,060 | ---- | M] () -- C:\WINDOWS\wpd99.drv
[2011/03/06 09:08:03 | 000,002,447 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\VPN Client.lnk
[2011/03/06 09:06:01 | 000,041,303 | ---- | M] () -- C:\WINDOWS\System32\api_hook_list.dat
[2011/03/06 09:04:55 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/03/06 09:04:48 | 000,164,320 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011/03/06 09:04:47 | 2138,361,856 | -HS- | M] () -- C:\hiberfil.sys
[2011/03/06 08:44:55 | 000,000,098 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\Hosts
[2011/03/06 07:52:28 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011/03/05 21:34:03 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/02/27 23:17:44 | 000,000,808 | ---- | M] () -- C:\Documents and Settings\singhpur\Application Data\Microsoft\Internet Explorer\Quick Launch\Yahoo! Messenger (2).lnk
[2011/02/27 23:13:53 | 000,000,826 | ---- | M] () -- C:\Documents and Settings\singhpur\Application Data\Microsoft\Internet Explorer\Quick Launch\Yahoo! Messenger.lnk
[2011/02/26 10:53:24 | 000,001,530 | ---- | M] () -- C:\Documents and Settings\singhpur\Desktop\MyABCD.lnk
[2011/02/26 10:48:50 | 000,000,733 | ---- | M] () -- C:\Documents and Settings\singhpur\Desktop\Kea Coloring Book.lnk
[2011/02/26 10:45:44 | 000,000,000 | ---- | M] () -- C:\WINDOWS\PROTOCOL.INI
[2011/02/26 10:29:11 | 000,043,274 | ---- | M] () -- C:\Documents and Settings\singhpur\Desktop\saposcol Install and configure.pdf
[2011/02/25 23:51:16 | 000,038,400 | ---- | M] () -- C:\Documents and Settings\singhpur\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/02/12 22:38:01 | 000,000,817 | ---- | M] () -- C:\Documents and Settings\singhpur\Desktop\Shortcut to alli-losers-xvid.avi.lnk
[2011/02/07 17:54:56 | 000,136,512 | ---- | M] (McAfee, Inc.) -- C:\WINDOWS\System32\KevlarSigs.dll
========== Files Created - No Company Name ==========
[2011/03/06 09:06:01 | 000,041,303 | ---- | C] () -- C:\WINDOWS\System32\api_hook_list.dat
[2011/02/27 23:45:36 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011/02/27 23:17:44 | 000,000,808 | ---- | C] () -- C:\Documents and Settings\singhpur\Application Data\Microsoft\Internet Explorer\Quick Launch\Yahoo! Messenger (2).lnk
[2011/02/27 23:13:53 | 000,000,826 | ---- | C] () -- C:\Documents and Settings\singhpur\Application Data\Microsoft\Internet Explorer\Quick Launch\Yahoo! Messenger.lnk
[2011/02/27 14:38:47 | 2138,361,856 | -HS- | C] () -- C:\hiberfil.sys
[2011/02/26 10:53:24 | 000,001,530 | ---- | C] () -- C:\Documents and Settings\singhpur\Desktop\MyABCD.lnk
[2011/02/26 10:48:50 | 000,000,733 | ---- | C] () -- C:\Documents and Settings\singhpur\Desktop\Kea Coloring Book.lnk
[2011/02/26 10:45:44 | 000,000,000 | ---- | C] () -- C:\WINDOWS\PROTOCOL.INI
[2011/02/26 10:27:57 | 000,043,274 | ---- | C] () -- C:\Documents and Settings\singhpur\Desktop\saposcol Install and configure.pdf
[2011/02/12 22:38:01 | 000,000,817 | ---- | C] () -- C:\Documents and Settings\singhpur\Desktop\Shortcut to alli-losers-xvid.avi.lnk
[2010/12/23 13:15:24 | 000,000,028 | ---- | C] () -- C:\WINDOWS\pdf995.ini
[2010/12/23 13:12:52 | 000,051,716 | ---- | C] () -- C:\WINDOWS\System32\pdf995mon.dll
[2010/12/23 13:12:52 | 000,000,060 | ---- | C] () -- C:\WINDOWS\wpd99.drv
[2010/12/05 17:08:50 | 000,000,132 | ---- | C] () -- C:\WINDOWS\mercury.ini
[2010/12/04 13:40:09 | 000,007,041 | ---- | C] () -- C:\WINDOWS\System32\saplogon.ini
[2010/12/04 13:39:55 | 000,007,041 | ---- | C] () -- C:\WINDOWS\saplogon.ini
[2010/11/20 13:56:19 | 000,038,400 | ---- | C] () -- C:\Documents and Settings\singhpur\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/11/19 15:04:42 | 000,955,904 | ---- | C] () -- C:\Program Files\Common Files\SAPActiveXL.xlt
[2010/11/19 15:04:42 | 000,949,760 | ---- | C] () -- C:\Program Files\Common Files\SAPActiveXL_nosig.xlt
[2010/11/19 15:00:49 | 001,064,960 | ---- | C] () -- C:\WINDOWS\System32\h5krnl32.dll
[2010/11/19 15:00:49 | 000,188,928 | ---- | C] () -- C:\WINDOWS\System32\h5icon32.dll
[2010/11/19 15:00:49 | 000,175,616 | ---- | C] () -- C:\WINDOWS\System32\h5menu32.dll
[2010/11/19 15:00:49 | 000,095,744 | ---- | C] () -- C:\WINDOWS\System32\h5rtf32.dll
[2010/11/19 15:00:49 | 000,051,200 | ---- | C] () -- C:\WINDOWS\System32\h5tool32.dll
[2010/11/19 14:46:18 | 000,000,000 | ---- | C] () -- C:\WINDOWS\HPMProp.INI
[2010/11/19 13:23:12 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeW7.dll
[2010/11/19 13:23:12 | 000,200,704 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeA6.dll
[2010/11/19 13:23:12 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeP6.dll
[2010/11/19 13:23:12 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeM6.dll
[2010/11/19 13:23:12 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\IVIresizePX.dll
[2010/11/19 13:23:12 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\IVIresize.dll
[2010/03/11 05:55:09 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2010/03/10 09:48:08 | 000,006,550 | ---- | C] () -- C:\WINDOWS\jautoexp.dat
[2010/03/09 13:56:11 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2010/03/09 13:56:07 | 000,441,692 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2010/03/09 13:56:07 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2010/03/09 13:56:07 | 000,071,462 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2010/03/09 13:56:07 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2010/03/09 13:56:05 | 000,004,463 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2010/03/09 13:56:04 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2010/03/09 13:56:02 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2010/03/09 13:55:56 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2010/03/09 13:55:56 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2010/03/09 13:55:43 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2010/03/09 13:55:36 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin
[2010/03/09 09:07:32 | 000,114,688 | ---- | C] () -- C:\WINDOWS\System32\aicext.dll
[2010/03/09 08:47:24 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2010/03/09 08:36:00 | 000,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2010/03/09 08:08:53 | 000,195,392 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2010/03/09 06:02:22 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2010/03/09 06:01:38 | 000,164,320 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/03/09 05:09:44 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2010/03/09 05:06:02 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2008/04/17 09:08:56 | 000,197,408 | ---- | C] () -- C:\WINDOWS\System32\vpnapi.dll
[2008/04/17 09:08:44 | 000,193,312 | ---- | C] () -- C:\WINDOWS\System32\CSGina.dll
[2007/04/17 01:33:15 | 000,701,840 | ---- | C] () -- C:\WINDOWS\System32\igmedkrn.dll
[2007/04/17 01:33:15 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4785.dll
[2007/02/06 15:20:00 | 002,842,624 | ---- | C] () -- C:\WINDOWS\System32\btwicons.dll
[2007/02/06 14:55:52 | 000,090,112 | ---- | C] () -- C:\WINDOWS\System32\btprn2k.dll
[2001/11/14 12:56:00 | 001,802,240 | ---- | C] () -- C:\WINDOWS\System32\lcppn21.dll
< End of report >
Attached Files
Edited by jaswantpurba, 06 March 2011 - 12:27 PM.