Hi Eddie
I had almost given up on my request for help.....thanks for getting back to me.
First the status of PC...its still the same more or less. One improvement though is that I have upgraded my son's account to Admin status and am able to work through that. But the original admin account where all my documents and settings were stored is still inaccessible.
I am pasting the various logs as u asked.
Thanks again for your help..
OTLOTL logfile created on: 20-Aug-11 7:00:33 AM - Run 1
OTL by OldTimer - Version 3.2.26.1 Folder = C:\Users\AKSHA\Desktop
Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: dd-MMM-yy
1.87 Gb Total Physical Memory | 0.75 Gb Available Physical Memory | 40.31% Memory free
3.75 Gb Paging File | 2.47 Gb Available in Paging File | 65.88% Paging File free
Paging file location(s): g:\pagefile.sys 0 0 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 48.83 Gb Total Space | 20.68 Gb Free Space | 42.36% Space Free | Partition Type: NTFS
Drive D: | 43.95 Gb Total Space | 34.22 Gb Free Space | 77.87% Space Free | Partition Type: NTFS
Drive E: | 43.95 Gb Total Space | 42.11 Gb Free Space | 95.81% Space Free | Partition Type: NTFS
Drive F: | 96.15 Gb Total Space | 28.47 Gb Free Space | 29.61% Space Free | Partition Type: NTFS
Drive G: | 78.34 Gb Total Space | 75.99 Gb Free Space | 97.01% Space Free | Partition Type: NTFS
Drive H: | 70.71 Gb Total Space | 39.07 Gb Free Space | 55.25% Space Free | Partition Type: NTFS
Drive I: | 4.35 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: CDFS
Computer Name: ARVIND | User Name: AKSHAT | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ========== PRC - [2011-08-17 19:41:11 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2011-08-10 07:13:14 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Users\AKSHA\Desktop\OTL.exe
PRC - [2011-08-04 19:53:29 | 000,177,784 | ---- | M] (Solid Documents, LLC) -- C:\Windows\Installer\MSI4583.tmp
PRC - [2011-08-03 01:00:18 | 000,602,112 | ---- | M] (Bitsum Technologies) -- C:\Program Files\Process Lasso\ProcessLasso.exe
PRC - [2011-08-03 00:59:31 | 000,327,168 | ---- | M] (Bitsum Technologies) -- C:\Program Files\Process Lasso\ProcessGovernor.exe
PRC - [2011-07-06 19:52:38 | 000,449,584 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2011-07-06 19:52:38 | 000,366,640 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2011-05-28 14:46:56 | 000,353,168 | ---- | M] (IObit) -- C:\Program Files\IObit\Advanced SystemCare 4\ASCService.exe
PRC - [2011-05-16 15:28:24 | 000,321,288 | ---- | M] (SXR Software) -- C:\Program Files\SXR Software\StatWin\ExecStat.exe
PRC - [2011-04-18 17:40:08 | 002,334,560 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgtray.exe
PRC - [2011-04-18 17:39:42 | 007,398,752 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
PRC - [2011-04-14 05:36:42 | 001,080,672 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgnsx.exe
PRC - [2011-03-28 03:00:52 | 000,351,072 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgcsrvx.exe
PRC - [2011-03-16 16:05:14 | 000,656,736 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgchsvx.exe
PRC - [2011-02-25 11:00:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2011-02-10 07:55:18 | 001,148,256 | ---- | M] () -- C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSMonitor.exe
PRC - [2011-02-08 05:33:42 | 000,269,520 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgwdsvc.exe
PRC - [2011-02-08 05:33:20 | 000,658,784 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgrsx.exe
PRC - [2010-11-20 17:47:47 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2010-09-16 14:06:22 | 000,080,896 | ---- | M] () -- C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe
PRC - [2010-04-30 20:17:00 | 000,014,088 | ---- | M] (Memeo) -- C:\Program Files\Seagate\Seagate Dashboard\SeagateDashboardService.exe
PRC - [2009-12-12 04:22:52 | 001,078,632 | ---- | M] (Blue Coat Systems, Inc.) -- C:\Program Files\Blue Coat K9 Web Protection\k9filter.exe
PRC - [2009-07-14 06:44:24 | 001,401,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mmc.exe
PRC - [2009-01-26 15:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
========== Modules (SafeList) ========== MOD - [2011-08-10 07:13:14 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Users\AKSHA\Desktop\OTL.exe
MOD - [2010-11-20 17:25:09 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
========== Win32 Services (SafeList) ========== SRV - [2011-08-04 19:53:29 | 000,177,784 | ---- | M] (Solid Documents, LLC) [Auto | Running] -- C:\Windows\Installer\MSI4583.tmp -- (SCPDFReadSpool)
SRV - [2011-07-24 13:32:26 | 000,339,336 | ---- | M] () [Disabled | Stopped] -- C:\Program Files\tuEagles\EglSrv.exe -- (tuEaglesService)
SRV - [2011-07-06 19:52:38 | 000,366,640 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2011-06-21 19:58:36 | 008,155,648 | ---- | M] () [Disabled | Stopped] -- H:\Program Files\MySql\MySQL Server 5.5\bin\mysqld.exe -- (MySQL)
SRV - [2011-05-28 14:46:56 | 000,353,168 | ---- | M] (IObit) [Auto | Running] -- C:\Program Files\IObit\Advanced SystemCare 4\ASCService.exe -- (AdvancedSystemCareService)
SRV - [2011-05-16 15:28:24 | 000,321,288 | ---- | M] (SXR Software) [Auto | Running] -- C:\Program Files\SXR Software\StatWin\ExecStat.exe -- (SW Administration Service)
SRV - [2011-04-24 22:39:44 | 001,343,400 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2011-04-18 17:39:42 | 007,398,752 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe -- (AVGIDSAgent)
SRV - [2011-03-30 22:27:40 | 000,029,504 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\System32\uxtuneup.dll -- (UxTuneUp)
SRV - [2011-02-08 05:33:42 | 000,269,520 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG10\avgwdsvc.exe -- (avgwd)
SRV - [2010-09-16 14:06:22 | 000,080,896 | ---- | M] () [Auto | Running] -- C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe -- (PassThru Service)
SRV - [2010-06-25 22:37:20 | 000,117,264 | ---- | M] (CACE Technologies, Inc.) [On_Demand | Stopped] -- C:\Program Files\WinPcap\rpcapd.exe -- (rpcapd) Remote Packet Capture Protocol v.0 (experimental)
SRV - [2010-04-30 20:17:00 | 000,014,088 | ---- | M] (Memeo) [Auto | Running] -- C:\Program Files\Seagate\Seagate Dashboard\SeagateDashboardService.exe -- (SeagateDashboardService)
SRV - [2009-12-12 04:22:52 | 001,078,632 | ---- | M] (Blue Coat Systems, Inc.) [Auto | Running] -- C:\Program Files\Blue Coat K9 Web Protection\k9filter.exe -- (bckwfs)
SRV - [2009-07-14 06:46:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009-07-14 06:46:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009-07-14 06:45:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2009-01-26 15:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) [Auto | Running] -- C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe -- (SBSDWSCService)
========== Driver Services (SafeList) ========== DRV - [2011-07-24 13:32:28 | 000,066,952 | ---- | M] () [Kernel | Auto | Running] -- C:\Program Files\tuEagles\egldrv.sys -- (egldrv)
DRV - [2011-07-06 19:52:42 | 000,041,272 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy)
DRV - [2011-07-06 19:52:42 | 000,022,712 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2011-04-14 21:28:30 | 000,134,480 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AVGIDSDriver.sys -- (AVGIDSDriver)
DRV - [2011-04-05 00:59:56 | 000,297,168 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgtdix.sys -- (Avgtdix)
DRV - [2011-03-16 18:59:38 | 000,032,672 | ---- | M] (IObit Information Technology) [File_System | Auto | Running] -- C:\Program Files\IObit\Protected Folder\pffilter.sys -- (PfFilter)
DRV - [2011-03-16 16:03:20 | 000,032,592 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\system32\DRIVERS\avgrkx86.sys -- (Avgrkx86)
DRV - [2011-03-01 14:25:18 | 000,034,896 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\System32\drivers\avgmfx86.sys -- (Avgmfx86)
DRV - [2011-02-22 08:12:50 | 000,022,992 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\AVGIDSEH.Sys -- (AVGIDSEH)
DRV - [2011-02-10 07:53:42 | 000,021,968 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AVGIDSShim.sys -- (AVGIDSShim)
DRV - [2011-02-10 07:53:40 | 000,024,144 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AVGIDSFilter.sys -- (AVGIDSFilter)
DRV - [2011-01-19 17:47:12 | 000,022,504 | ---- | M] (CPUID) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\cpuz135_x32.sys -- (cpuz135)
DRV - [2011-01-07 06:41:46 | 000,248,656 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgldx86.sys -- (Avgldx86)
DRV - [2010-11-20 18:00:15 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\vmbus.sys -- (vmbus)
DRV - [2010-11-20 18:00:15 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\vmstorfl.sys -- (storflt)
DRV - [2010-11-20 18:00:15 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\storvsc.sys -- (storvsc)
DRV - [2010-11-20 15:54:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010-11-20 15:51:14 | 000,015,872 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV - [2010-11-20 15:29:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2010-11-20 14:44:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2010-11-20 14:44:41 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\vms3cap.sys -- (s3cap)
DRV - [2010-08-25 14:45:28 | 000,395,464 | ---- | M] (Paragon) [Kernel | System | Running] -- C:\Windows\System32\drivers\Uim_IM.sys -- (Uim_IM)
DRV - [2010-08-25 14:45:28 | 000,056,208 | ---- | M] (Paragon Software Group) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\hotcore3.sys -- (hotcore3)
DRV - [2010-08-25 14:45:28 | 000,037,080 | ---- | M] (Windows ® 2000 DDK provider) [Kernel | System | Running] -- C:\Windows\System32\drivers\UimBus.sys -- (UimBus)
DRV - [2010-07-15 08:44:20 | 000,014,216 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\epmntdrv.sys -- (epmntdrv)
DRV - [2010-07-15 08:44:20 | 000,008,456 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\EuGdiDrv.sys -- (EuGdiDrv)
DRV - [2010-06-25 22:37:14 | 000,035,088 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\npf.sys -- (NPF)
DRV - [2010-06-23 10:24:56 | 000,023,040 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\htcnprot.sys -- (htcnprot)
DRV - [2010-01-11 14:30:32 | 000,164,992 | ---- | M] (Etron) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ETdrv.sys -- (usbet)
DRV - [2009-12-12 04:22:52 | 000,074,088 | ---- | M] (Blue Coat Systems, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\bckd.sys -- (bckd)
DRV - [2009-10-26 16:54:24 | 000,025,088 | ---- | M] (HTC, Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ANDROIDUSB.sys -- (HTCAND32)
DRV - [2009-07-14 05:15:33 | 000,083,456 | ---- | M] (Brother Industries Ltd.) [Kernel | System | Running] -- C:\Windows\System32\drivers\serial.sys -- (Serial)
DRV - [2008-09-26 12:30:54 | 000,651,264 | ---- | M] (Ralink Technology Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\netr28u.sys -- (netr28u)
DRV - [2008-07-22 07:42:58 | 000,051,200 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtnicxp.sys -- (RTL8023xp)
DRV - [2008-06-03 06:22:56 | 003,695,104 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2007-04-24 11:33:46 | 000,100,488 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s125mgmt.sys -- (s125mgmt) Sony Ericsson Device 125 USB WMC Device Management Drivers (WDM)
DRV - [2007-04-24 11:33:46 | 000,098,696 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s125obex.sys -- (s125obex)
DRV - [2007-04-24 11:33:44 | 000,108,680 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s125mdm.sys -- (s125mdm)
DRV - [2007-04-24 11:33:42 | 000,015,112 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s125mdfl.sys -- (s125mdfl)
DRV - [2007-04-24 11:33:34 | 000,083,336 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s125bus.sys -- (s125bus) Sony Ericsson Device 125 driver (WDM)
DRV - [2005-02-28 09:49:24 | 000,034,064 | ---- | M] (Your Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Invoker.sys -- (Invoker)
DRV - [2005-02-28 09:49:24 | 000,033,148 | ---- | M] (Your Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\FlexBios.sys -- (FlexBios)
========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://in.yahoo.com/?fr=fp-spt_genIE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://in.yahoo.com/?fr=fp-spt_gen IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1482587846-388736396-4178039007-1007\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache =
http://in.msn.com/?rd=1IE - HKU\S-1-5-21-1482587846-388736396-4178039007-1007\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
IE - HKU\S-1-5-21-1482587846-388736396-4178039007-1007\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 50 AB 6F 4A 58 57 CC 01 [binary data]
IE - HKU\S-1-5-21-1482587846-388736396-4178039007-1007\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ========== FF - prefs.js..browser.startup.homepage: "
http://www.google.co.in/" FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pack.google.com/Google Updater;version=14: C:\Program Files\Google\Google Updater\2.4.1970.7372\npCIDetect14.dll (Google)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files\AVG\AVG10\Firefox4\ [2011-08-09 15:40:00 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 4.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011-08-17 19:41:11 | 000,000,000 | ---D | M]
[2011-07-17 17:16:54 | 000,000,000 | ---D | M] (No name found) -- C:\Users\AKSHA\AppData\Roaming\mozilla\Extensions
[2011-08-15 14:44:44 | 000,000,000 | ---D | M] (No name found) -- C:\Users\AKSHA\AppData\Roaming\mozilla\Firefox\Profiles\khe0qax7.default\extensions
[2011-07-02 08:05:45 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011-05-01 17:19:22 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}
[2011-07-02 08:05:45 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
File not found (No name found) --
() (No name found) -- C:\USERS\AKSHA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KHE0QAX7.DEFAULT\EXTENSIONS\{454867E3-7F62-BD5D-A26D-5D98E7E50FEC}.XPI
[2011-08-17 19:41:11 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2010-01-01 13:30:00 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
O1 HOSTS File: ([2011-08-15 10:19:13 | 000,436,434 | R--- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 127.0.0.1 123fporn.info
O1 - Hosts: 15019 more lines...
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG10\avgssie.dll (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG10\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [ES] C:\Program Files\SXR Software\StatWin\ExecStat.exe (SXR Software)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoPropertiesMyComputer = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoViewContextMenu = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFileAssociate = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoClose = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: StartMenuLogoff = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispCPL = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispBackgroundPage = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispSettingsPage = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispScrSavPage = 0
O7 - HKU\S-1-5-21-1482587846-388736396-4178039007-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1482587846-388736396-4178039007-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKU\S-1-5-21-1482587846-388736396-4178039007-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000}
http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F}
http://content.syste...el_4.4.22.0.cab (Reg Error: Value error.)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000}
https://fpdownload.m...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E5ABEB00-B357-4884-9949-77B2C71A7EE3}
http://www.intel.com...did/BoardID.cab (BoardCtl Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG10\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O28 - HKLM ShellExecuteHooks: {A5BE62CA-DE0F-4764-A0CB-4044816DB174} - C:\Program Files\tuEagles\EagleObj.dll ()
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - Reg Error: Key error. File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009-06-11 03:12:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG10\avgchsvx.exe /sync) - C:\Program Files\AVG\AVG10\avgchsvx.exe (AVG Technologies CZ, s.r.o.)
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG10\avgrsx.exe /sync /restart) - C:\Program Files\AVG\AVG10\avgrsx.exe (AVG Technologies CZ, s.r.o.)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ========== [2011-08-19 15:16:09 | 000,000,000 | ---D | C] -- C:\Users\AKSHA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WebCracker 3.0
[2011-08-17 20:06:07 | 000,000,000 | ---D | C] -- C:\Users\AKSHA\Desktop\NDA PAPERS
[2011-08-17 19:20:43 | 000,000,000 | ---D | C] -- C:\HYDRA
[2011-08-17 18:15:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cygwin
[2011-08-17 17:59:49 | 000,000,000 | ---D | C] -- C:\cygwin
[2011-08-16 21:21:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinPcap
[2011-08-16 21:21:23 | 000,000,000 | ---D | C] -- C:\Program Files\WinPcap
[2011-08-16 21:20:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cain
[2011-08-16 21:20:49 | 000,000,000 | ---D | C] -- C:\Program Files\Cain
[2011-08-15 15:48:56 | 000,000,000 | ---D | C] -- C:\Users\AKSHA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Brutus AET 2
[2011-08-15 15:48:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brutus AET 2
[2011-08-14 18:25:07 | 000,000,000 | ---D | C] -- C:\Users\AKSHA\.m2
[2011-08-14 09:06:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Protexis
[2011-08-14 09:06:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DJ Java Decompiler v.3.11.11.95
[2011-08-14 09:06:02 | 000,000,000 | ---D | C] -- C:\Program Files\decomp
[2011-08-13 20:05:40 | 000,000,000 | ---D | C] -- C:\Users\AKSHA\AppData\Roaming\skypePM
[2011-08-13 20:04:54 | 000,000,000 | ---D | C] -- C:\Users\AKSHA\AppData\Roaming\Skype
[2011-08-12 21:14:34 | 000,000,000 | ---D | C] -- C:\Users\AKSHA\AppData\Roaming\PandoraRecovery
[2011-08-12 21:14:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pandora Recovery
[2011-08-12 21:07:16 | 000,000,000 | ---D | C] -- C:\Users\AKSHA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Convar
[2011-08-12 20:22:08 | 000,000,000 | ---D | C] -- C:\ProgramData\restore
[2011-08-12 20:20:11 | 000,000,000 | ---D | C] -- C:\ProgramData\arcverify
[2011-08-12 20:11:55 | 000,000,000 | ---D | C] -- C:\ProgramData\frestore
[2011-08-12 18:07:49 | 000,000,000 | ---D | C] -- C:\Users\AKSHA\AppData\Roaming\R-TT
[2011-08-12 18:06:33 | 000,000,000 | ---D | C] -- C:\Users\AKSHA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\R-Undelete
[2011-08-12 18:06:33 | 000,000,000 | ---D | C] -- C:\Users\AKSHA\Documents\R-TT
[2011-08-12 18:06:30 | 000,000,000 | ---D | C] -- C:\Program Files\R-Undelete
[2011-08-12 17:16:00 | 000,000,000 | ---D | C] -- C:\Users\AKSHA\AppData\Local\MindGems
[2011-08-12 17:16:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Folder Size
[2011-08-12 17:15:59 | 000,000,000 | ---D | C] -- C:\Program Files\Folder Size
[2011-08-12 16:52:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Puran Defrag
[2011-08-12 16:52:21 | 000,000,000 | ---D | C] -- C:\Program Files\Puran Defrag
[2011-08-11 17:52:05 | 000,000,000 | ---D | C] -- C:\Users\AKSHA\AppData\Local\Microsoft Games
[2011-08-11 16:30:40 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2011-08-11 16:30:38 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript.dll
[2011-08-11 16:30:38 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2011-08-11 16:30:37 | 001,797,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2011-08-11 16:30:37 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2011-08-11 16:30:35 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2011-08-11 16:23:28 | 000,000,000 | ---D | C] -- C:\Users\AKSHA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CleanUp!
[2011-08-11 16:23:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CleanUp!
[2011-08-11 16:23:23 | 000,000,000 | ---D | C] -- C:\Program Files\CleanUp!
[2011-08-11 16:16:50 | 003,912,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2011-08-11 16:16:49 | 003,967,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2011-08-11 16:15:35 | 000,271,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
[2011-08-11 16:15:35 | 000,169,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winsrv.dll
[2011-08-11 16:15:35 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2011-08-11 16:15:34 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-security-base-l1-1-0.dll
[2011-08-11 16:15:34 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-file-l1-1-0.dll
[2011-08-11 16:15:34 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-threadpool-l1-1-0.dll
[2011-08-11 16:15:34 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-processthreads-l1-1-0.dll
[2011-08-11 16:15:34 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-sysinfo-l1-1-0.dll
[2011-08-11 16:15:34 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-synch-l1-1-0.dll
[2011-08-11 16:15:34 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-misc-l1-1-0.dll
[2011-08-11 16:15:34 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-localregistry-l1-1-0.dll
[2011-08-11 16:15:34 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-xstate-l1-1-0.dll
[2011-08-11 16:15:34 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-processenvironment-l1-1-0.dll
[2011-08-11 16:15:34 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-memory-l1-1-0.dll
[2011-08-11 16:15:34 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-util-l1-1-0.dll
[2011-08-11 16:15:34 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-string-l1-1-0.dll
[2011-08-11 16:15:34 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-rtlsupport-l1-1-0.dll
[2011-08-11 16:15:34 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-profile-l1-1-0.dll
[2011-08-11 16:15:34 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-fibers-l1-1-0.dll
[2011-08-11 16:15:34 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-errorhandling-l1-1-0.dll
[2011-08-11 16:15:34 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-delayload-l1-1-0.dll
[2011-08-11 16:15:34 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-debug-l1-1-0.dll
[2011-08-11 16:15:34 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-datetime-l1-1-0.dll
[2011-08-11 16:15:33 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-localization-l1-1-0.dll
[2011-08-11 16:15:33 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-namedpipe-l1-1-0.dll
[2011-08-11 16:15:33 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-interlocked-l1-1-0.dll
[2011-08-11 16:15:33 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-heap-l1-1-0.dll
[2011-08-11 16:15:33 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-io-l1-1-0.dll
[2011-08-11 16:15:33 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-handle-l1-1-0.dll
[2011-08-11 16:15:33 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-console-l1-1-0.dll
[2011-08-11 16:15:22 | 000,319,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbcjt32.dll
[2011-08-11 16:15:22 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbccu32.dll
[2011-08-11 16:15:22 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbccr32.dll
[2011-08-11 16:15:21 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbctrac.dll
[2011-08-11 16:15:21 | 000,122,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbccp32.dll
[2011-08-10 18:38:54 | 000,000,000 | -HSD | C] -- C:\Users\AKSHA\Desktop\%APPDATA%
[2011-08-10 17:31:16 | 000,000,000 | ---D | C] -- C:\Windows\System32\%LocalAppData%
[2011-08-10 07:13:07 | 000,579,584 | ---- | C] (OldTimer Tools) -- C:\Users\AKSHA\Desktop\OTL.exe
[2011-08-09 18:24:53 | 000,000,000 | ---D | C] -- C:\Users\AKSHA\AppData\Roaming\Malwarebytes
[2011-08-06 09:37:06 | 000,000,000 | ---D | C] -- C:\Users\AKSHA\AppData\Local\Yahoo
[2011-08-06 09:37:05 | 000,000,000 | ---D | C] -- C:\Users\AKSHA\AppData\Roaming\Yahoo!
[2011-08-04 19:53:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SolidDocuments
[2011-08-04 19:53:05 | 000,000,000 | ---D | C] -- C:\ProgramData\SolidDocuments
[2011-08-03 20:07:22 | 000,000,000 | -H-D | C] -- C:\$AVG
[2011-08-03 19:43:06 | 000,000,000 | ---D | C] -- C:\Users\AKSHA\Desktop\Akshat
[2011-08-01 21:13:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audiograbber
[2011-08-01 21:13:46 | 000,000,000 | ---D | C] -- C:\Program Files\Audiograbber
[2011-07-27 22:48:25 | 000,000,000 | ---D | C] -- C:\Users\AKSHA\AppData\Roaming\MySQL
[2011-07-27 22:45:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MySQL
[2011-07-27 22:28:12 | 000,000,000 | ---D | C] -- C:\Users\AKSHA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MySQL
[2011-07-27 15:24:02 | 000,000,000 | ---D | C] -- C:\Users\AKSHA\Documents\NetBeansProjects
[2011-07-27 15:16:25 | 000,000,000 | ---D | C] -- C:\Users\AKSHA\.netbeans
[2011-07-24 14:12:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blue Coat K9 Web Protection
[2011-07-24 14:12:04 | 000,000,000 | ---D | C] -- C:\Program Files\Blue Coat K9 Web Protection
[2011-07-24 13:32:26 | 000,000,000 | RHSD | C] -- C:\Program Files\tuEagles
[2011-07-24 12:03:16 | 000,352,256 | ---- | C] (Intel Corporation) -- C:\Windows\System32\ijl15.dll
[2011-07-24 12:03:16 | 000,209,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TABCTL32.OCX
[2011-07-24 12:03:16 | 000,102,400 | ---- | C] (Info-ZIP) -- C:\Windows\System32\unzip3252.dll
[2011-07-24 12:03:16 | 000,089,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\VB5DB.DLL
[2011-07-24 12:03:11 | 000,662,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSCOMCT2.OCX
[2011-07-24 12:03:11 | 000,140,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\COMDLG32.OCX
[2011-07-24 12:03:11 | 000,081,920 | ---- | C] (Marco Bellinaso) -- C:\Windows\System32\MBMouse.ocx
[2011-07-24 12:03:11 | 000,000,000 | ---D | C] -- C:\Program Files\Hyperdyne Software
========== Files - Modified Within 30 Days ========== [2011-08-20 06:59:02 | 000,000,880 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011-08-20 06:59:01 | 000,000,876 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011-08-20 06:53:41 | 000,000,868 | ---- | M] () -- C:\Windows\tasks\Google Software Updater.job
[2011-08-20 06:51:42 | 000,000,433 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts.ics
[2011-08-20 06:49:59 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011-08-20 06:49:42 | 1507,995,648 | -HS- | M] () -- C:\hiberfil.sys
[2011-08-19 18:37:14 | 000,012,304 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011-08-19 18:37:14 | 000,012,304 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011-08-19 17:34:48 | 128,778,320 | ---- | M] () -- C:\Windows\System32\drivers\AVG\incavi.avm
[2011-08-19 15:15:49 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2011-08-19 15:15:49 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2011-08-18 16:32:20 | 000,404,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2011-08-18 15:06:57 | 000,921,654 | ---- | M] () -- C:\Windows\snapshot.bmp
[2011-08-17 18:15:51 | 000,000,598 | ---- | M] () -- C:\Users\Public\Desktop\Cygwin.lnk
[2011-08-15 17:14:21 | 000,002,473 | ---- | M] () -- C:\Users\AKSHA\Desktop\captcha.html
[2011-08-15 14:14:12 | 000,000,000 | ---- | M] () -- C:\Users\AKSHA\Desktop\index.php
[2011-08-15 14:11:05 | 000,001,213 | ---- | M] () -- C:\Users\AKSHA\Desktop\ppp.html
[2011-08-15 10:19:13 | 000,436,434 | R--- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2011-08-15 08:45:01 | 000,113,461 | ---- | M] () -- C:\Windows\System32\drivers\AVG\iavichjw.avm
[2011-08-14 09:06:04 | 000,001,793 | ---- | M] () -- C:\Users\Public\Desktop\DJ Java Decompiler 3.11.lnk
[2011-08-13 20:05:54 | 000,065,736 | ---- | M] () -- C:\Users\AKSHA\Documents\Still0003.jpg
[2011-08-13 20:04:46 | 000,002,533 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2011-08-12 21:14:29 | 000,001,006 | ---- | M] () -- C:\Users\Public\Desktop\Pandora Recovery.lnk
[2011-08-12 21:07:16 | 000,000,850 | ---- | M] () -- C:\Users\AKSHA\Desktop\PC Inspector File Recovery.lnk
[2011-08-12 18:07:15 | 000,001,029 | ---- | M] () -- C:\Users\AKSHA\Desktop\R-Undelete.lnk
[2011-08-12 17:16:00 | 000,001,000 | ---- | M] () -- C:\Users\AKSHA\Desktop\Folder Size.lnk
[2011-08-12 16:52:22 | 000,001,033 | ---- | M] () -- C:\Users\AKSHA\Desktop\Puran Defrag.lnk
[2011-08-11 16:57:39 | 000,000,017 | ---- | M] () -- C:\Users\AKSHA\AppData\Local\resmon.resmoncfg
[2011-08-11 16:33:42 | 000,353,374 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011-08-11 16:33:42 | 000,055,498 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011-08-11 16:02:21 | 000,000,632 | RHS- | M] () -- C:\Users\AKSHA\ntuser.pol
[2011-08-10 07:13:14 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Users\AKSHA\Desktop\OTL.exe
[2011-08-09 20:48:33 | 000,000,000 | ---- | M] () -- C:\Users\AKSHA\AppData\Local\{C583354B-7858-4DA7-A74E-03EFEF392EE1}
[2011-08-09 15:40:00 | 000,000,923 | ---- | M] () -- C:\Users\Public\Desktop\AVG 2011.lnk
[2011-08-05 17:47:33 | 000,166,556 | ---- | M] () -- C:\Windows\System32\drivers\AVG\iavichjg.avm
[2011-08-04 19:53:29 | 000,002,685 | ---- | M] () -- C:\Users\Public\Desktop\Solid Converter PDF.lnk
[2011-08-03 21:37:25 | 000,410,680 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2011-08-01 21:13:50 | 000,001,089 | ---- | M] () -- C:\Users\Public\Desktop\Audiograbber.lnk
[2011-07-27 22:45:37 | 000,000,232 | ---- | M] () -- C:\Windows\ODBCINST.INI
[2011-07-27 22:24:13 | 000,104,262 | ---- | M] () -- C:\Users\AKSHA\Desktop\NDA result.pdf
[2011-07-24 14:12:06 | 000,002,028 | ---- | M] () -- C:\Users\Public\Desktop\Blue Coat K9 Web Protection Admin.lnk
[2011-07-24 14:09:59 | 000,436,154 | R--- | M] () -- C:\Windows\System32\drivers\etc\hosts.20110815-101913.backup
[2011-07-24 14:08:42 | 000,000,965 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2011-07-24 14:08:40 | 000,436,154 | R--- | M] () -- C:\Windows\System32\drivers\etc\hosts.20110724-140959.backup
[2011-07-24 13:32:47 | 000,009,522 | ---- | M] () -- C:\Windows\Eleathe.bmp
[2011-07-24 13:23:13 | 000,000,830 | ---- | M] () -- C:\Users\Public\Desktop\Snitch.lnk
[2011-07-22 08:24:43 | 001,797,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2011-07-22 08:17:24 | 000,231,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2011-07-22 08:16:48 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2011-07-22 08:15:41 | 000,716,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jscript.dll
[2011-07-22 08:14:36 | 002,382,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2011-07-22 08:13:07 | 000,176,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
========== Files Created - No Company Name ========== [2011-08-19 15:15:49 | 000,000,000 | RHS- | C] () -- C:\MSDOS.SYS
[2011-08-19 15:15:49 | 000,000,000 | RHS- | C] () -- C:\IO.SYS
[2011-08-17 18:15:51 | 000,000,598 | ---- | C] () -- C:\Users\Public\Desktop\Cygwin.lnk
[2011-08-15 17:13:12 | 000,002,473 | ---- | C] () -- C:\Users\AKSHA\Desktop\captcha.html
[2011-08-15 14:14:07 | 000,000,000 | ---- | C] () -- C:\Users\AKSHA\Desktop\index.php
[2011-08-15 14:10:05 | 000,001,213 | ---- | C] () -- C:\Users\AKSHA\Desktop\ppp.html
[2011-08-14 09:06:04 | 000,001,793 | ---- | C] () -- C:\Users\Public\Desktop\DJ Java Decompiler 3.11.lnk
[2011-08-13 20:05:54 | 000,065,736 | ---- | C] () -- C:\Users\AKSHA\Documents\Still0003.jpg
[2011-08-12 21:14:29 | 000,001,006 | ---- | C] () -- C:\Users\Public\Desktop\Pandora Recovery.lnk
[2011-08-12 21:07:16 | 000,000,850 | ---- | C] () -- C:\Users\AKSHA\Desktop\PC Inspector File Recovery.lnk
[2011-08-12 18:07:15 | 000,001,029 | ---- | C] () -- C:\Users\AKSHA\Desktop\R-Undelete.lnk
[2011-08-12 17:16:00 | 000,001,000 | ---- | C] () -- C:\Users\AKSHA\Desktop\Folder Size.lnk
[2011-08-12 16:52:22 | 000,001,033 | ---- | C] () -- C:\Users\AKSHA\Desktop\Puran Defrag.lnk
[2011-08-11 16:57:39 | 000,000,017 | ---- | C] () -- C:\Users\AKSHA\AppData\Local\resmon.resmoncfg
[2011-08-09 20:48:33 | 000,000,000 | ---- | C] () -- C:\Users\AKSHA\AppData\Local\{C583354B-7858-4DA7-A74E-03EFEF392EE1}
[2011-08-04 19:53:32 | 000,027,456 | ---- | C] () -- C:\Windows\System32\solidlocalmon.dll
[2011-08-04 19:53:32 | 000,018,752 | ---- | C] () -- C:\Windows\System32\solidlocalui.dll
[2011-08-04 19:53:29 | 000,002,685 | ---- | C] () -- C:\Users\Public\Desktop\Solid Converter PDF.lnk
[2011-08-01 21:13:50 | 000,001,089 | ---- | C] () -- C:\Users\Public\Desktop\Audiograbber.lnk
[2011-07-27 22:45:37 | 000,000,232 | ---- | C] () -- C:\Windows\ODBCINST.INI
[2011-07-27 22:24:13 | 000,104,262 | ---- | C] () -- C:\Users\AKSHA\Desktop\NDA result.pdf
[2011-07-24 14:12:06 | 000,002,028 | ---- | C] () -- C:\Users\Public\Desktop\Blue Coat K9 Web Protection Admin.lnk
[2011-07-24 14:08:42 | 000,000,965 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2011-07-24 13:32:47 | 000,009,522 | ---- | C] () -- C:\Windows\Eleathe.bmp
[2011-07-24 12:03:16 | 000,667,648 | ---- | C] () -- C:\Windows\System32\FreeImage.dll
[2011-07-24 12:03:16 | 000,159,744 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2011-07-24 12:03:16 | 000,040,448 | ---- | C] () -- C:\Windows\System32\UNACE.DLL
[2011-07-24 12:03:11 | 000,053,248 | ---- | C] () -- C:\Windows\System32\IMAGEPLUSCONTROL_II.OCX
[2011-07-24 12:03:11 | 000,000,842 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Snitch.lnk
[2011-07-24 12:03:11 | 000,000,830 | ---- | C] () -- C:\Users\Public\Desktop\Snitch.lnk
[2011-07-19 11:57:03 | 000,000,000 | ---- | C] () -- C:\Users\AKSHA\AppData\Local\{39C1F240-1137-4B98-AFB5-AB96E71A565E}
[2011-07-12 19:03:13 | 000,000,000 | ---- | C] () -- C:\Users\AKSHA\AppData\Local\{61C1C535-F65F-4AA6-9F9E-EBB89CFF9C72}
[2011-06-16 10:36:48 | 000,645,632 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2011-06-16 10:36:48 | 000,240,640 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2011-06-04 18:59:33 | 000,073,728 | ---- | C] () -- C:\Windows\System32\ETCoInst.dll
[2011-03-06 11:38:20 | 000,080,896 | ---- | C] () -- C:\Windows\System32\RDVGHelper.exe
[2011-03-06 11:36:53 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
[2011-02-03 07:25:01 | 000,014,848 | ---- | C] () -- C:\Windows\System32\EuEpmGdi.dll
[2011-02-03 07:25:00 | 002,336,384 | ---- | C] () -- C:\Windows\System32\BootMan.exe
[2011-02-03 07:24:59 | 000,086,408 | ---- | C] () -- C:\Windows\System32\setupempdrv03.exe
[2011-02-03 07:24:59 | 000,014,216 | ---- | C] () -- C:\Windows\System32\epmntdrv.sys
[2011-02-03 07:24:59 | 000,008,456 | ---- | C] () -- C:\Windows\System32\EuGdiDrv.sys
[2011-01-29 13:42:21 | 000,015,312 | ---- | C] () -- C:\Windows\System32\RaCoInst.dat
[2011-01-02 18:49:28 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010-10-13 20:19:43 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2010-06-25 22:33:12 | 000,053,299 | ---- | C] () -- C:\Windows\System32\pthreadVC.dll
[2009-08-03 15:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll
[2009-08-03 15:07:42 | 000,230,768 | ---- | C] () -- C:\Windows\System32\OGAEXEC.exe
[2009-07-14 10:27:37 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009-07-14 10:03:53 | 000,410,680 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2009-07-14 07:35:48 | 000,353,374 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2009-07-14 07:35:48 | 000,291,294 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2009-07-14 07:35:48 | 000,055,498 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2009-07-14 07:35:48 | 000,031,548 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2009-07-14 07:35:05 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2009-07-14 07:34:11 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2009-07-14 05:25:01 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009-07-14 05:21:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll
[2009-07-14 05:12:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll
[2009-06-11 02:56:10 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2008-06-03 03:35:18 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll
[2008-06-03 03:02:02 | 003,107,788 | ---- | C] () -- C:\Windows\System32\atiumdva.dat
[2008-04-28 21:09:10 | 000,172,033 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2008-03-06 00:38:44 | 000,090,112 | ---- | C] () -- C:\Windows\System32\atibrtmon.exe
[2004-01-03 07:16:47 | 000,000,376 | ---- | C] () -- C:\Windows\ODBC.INI
========== Alternate Data Streams ========== @Alternate Data Stream - 169 bytes -> C:\ProgramData\TEMP:07BF512B
@Alternate Data Stream - 119 bytes -> C:\ProgramData\TEMP:63238B95
@Alternate Data Stream - 118 bytes -> C:\ProgramData\TEMP:F7F48F12
@Alternate Data Stream - 118 bytes -> C:\ProgramData\TEMP:7631EA83
@Alternate Data Stream - 112 bytes -> C:\ProgramData\TEMP:D1B5B4F1
< End of report >
OTL EXTRASOTL Extras logfile created on: 20-Aug-11 7:00:33 AM - Run 1
OTL by OldTimer - Version 3.2.26.1 Folder = C:\Users\AKSHA\Desktop
Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: dd-MMM-yy
1.87 Gb Total Physical Memory | 0.75 Gb Available Physical Memory | 40.31% Memory free
3.75 Gb Paging File | 2.47 Gb Available in Paging File | 65.88% Paging File free
Paging file location(s): g:\pagefile.sys 0 0 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 48.83 Gb Total Space | 20.68 Gb Free Space | 42.36% Space Free | Partition Type: NTFS
Drive D: | 43.95 Gb Total Space | 34.22 Gb Free Space | 77.87% Space Free | Partition Type: NTFS
Drive E: | 43.95 Gb Total Space | 42.11 Gb Free Space | 95.81% Space Free | Partition Type: NTFS
Drive F: | 96.15 Gb Total Space | 28.47 Gb Free Space | 29.61% Space Free | Partition Type: NTFS
Drive G: | 78.34 Gb Total Space | 75.99 Gb Free Space | 97.01% Space Free | Partition Type: NTFS
Drive H: | 70.71 Gb Total Space | 39.07 Gb Free Space | 55.25% Space Free | Partition Type: NTFS
Drive I: | 4.35 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: CDFS
Computer Name: ARVIND | User Name: AKSHAT | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)
========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [runas] -- cmd.exe /c takeown /f "%1" /r /d y && icacls "%1" /grant administrators:F /t (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ========== ========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{090C73E1-BB48-403D-9DFF-A60FD71FF73A}" = MySQL Connector J
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{13A5E785-5197-4EAD-8EE3-D660271E49BC}" = Feedback Tool
"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{20EAC554-95F9-4926-8D9A-C4FF3EC44C72}" = AVG 2011
"{23BE4DF2-293D-4077-82F4-1FD8C269277C}" = TuneUp Utilities Language Pack (en-US)
"{24036256-BFDB-4CD3-BE8A-A3D6160F2E16}" = TuneUp Utilities 2011
"{25BEC3AB-5CD4-481D-9143-215C1BBB189E}" = Sony Ericsson PC Suite
"{26A24AE4-039D-4CA4-87B4-2F83216025FF}" = Java 6 Update 26
"{2AEDC172-479F-47AE-8A48-A0524D4AED5B}_is1" = Inpaint 3.0
"{2DFA85ED-588F-4CE3-A175-29E52C3804A8}}_is1" = Folder Size 1.9.5.0
"{31A559C1-9E4D-423B-9DD3-34A6C5398752}" = HTC BMP USB Driver
"{32A3A4F4-B792-11D6-A78A-00B0D0160250}" = Java SE Development Kit 6 Update 25
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{46552BC3-52B6-404c-9B42-CE536AB719FD}_is1" = Ashampoo Home Designer1.0.0
"{46C045BF-2B3F-4BC4-8E4C-00E0CF8BD9DB}" = Adobe AIR
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4EE9A620-46A0-4BCF-82AC-950D2BBED982}" = Belkin Wireless USB Adapter Setup
"{5335DADB-34BA-4AE8-A519-648D78498846}" = Skype™ 5.3
"{55B1E4FA-F2E0-45DF-9B36-0B30A7949984}" = NWZ-S540 WALKMAN Guide
"{5645FB61-898F-4F59-AF80-52FEF3D63A64}" = HTC Sync
"{56BFAA6E-2BCC-4AED-9233-84731E66B205}" = Solid Converter PDF
"{58C526E3-2BAE-4933-86D0-938F547756D7}_is1" = Visual Search Pony version 7.52
"{5D64323C-288C-4BC4-9D07-D1E9B176D119}" = MySQL Server 5.5
"{5FD88490-011C-4DF1-B886-F298D955171B}" = MySQL Connector Net 6.3.7
"{66F9302D-E145-4375-8C84-54DA2339C483}" = MySQL Connector C 6.0.2
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{695B13B2-7919-4EC5-8601-092F0D2DE069}" = AVG 2011
"{6D6664A9-3342-4948-9B7E-034EFE366F0F}" = HTC Driver Installer
"{6F206B58-E2F7-4A70-ACAC-8E0ABFBC62F6}" = MySQL Connector/ODBC 5.1
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7216871F-869E-437C-B9BF-2A13F2DCE63F}_is1" = Auslogics BoostSpeed
"{73EC658D-A1C6-40CA-8E86-E05821BAACE7}" = Java DB 10.6.2.1
"{80956555-A512-4190-9CAD-B000C36D6B6B}" = Windows Live Messenger
"{83BEEC5D-A5C0-4CF0-B398-63CEFA6A6EF5}" = iBall Super-View C8.0 Webcam
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8AF09748-FCC1-48AB-9A81-21D76903F5C9}" = MySQL Server 5.5
"{90024193-9F13-4877-89D5-A1CDF0CBBF28}" = Feedback Tool
"{90110409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90120000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2007
"{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_PROPLUS_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_PROPLUS_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_PROPLUS_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_PROPLUS_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_PROPLUS_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_PROPLUS_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_PROPLUS_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_PROPLUS_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_PROPLUS_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}_PROPLUS_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_PROPLUS_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_PROPLUS_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_PROPLUS_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{91D2C605-AD2B-44C8-A0A1-9B116B3C91CB}" = AVG 2011
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AC76BA86-7AD7-1033-7B44-A94000000001}" = Adobe Reader 9.4.5
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B3FED300-806C-11E0-A0D0-B8AC6F97B88E}" = Google Earth
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{C268B5E1-A5DA-11DF-A289-005056C00008}" = Paragon Backup & Recovery™ 2010 Free Advanced
"{C3A11907-930D-41AC-A135-CC3B12F92011}" = Seagate Dashboard
"{C59C4A56-8560-4E3B-AA5D-BDCED4F110E7}" = MySQL Documents
"{C60BA916-9E44-4DA4-B11A-9E27B7624EF5}" = Sony Ericsson Drivers
"{C92E7DF1-624A-4D95-A4C4-18CB491B44A4}" = Sony Ericsson Device Data
"{CD95F661-A5C4-44F5-A6AA-ECDD91C240BD}" = WinZip 14.5
"{CF3BB92C-1E4D-4CDF-BB97-9786C16649FF}" = Snitch
"{CFADE4AF-C0CF-4A04-A776-741318F1658F}" = Content Transfer
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D6BF6477-8369-489F-8DE6-3731F4B88560}" = Sony Ericsson PC Suite
"{DF6320E3-B716-4FAB-99CD-18AB6A2C3970}" = DJ Java Decompiler v.3.11.11.95
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}" = Windows Media Encoder 9 Series
"{E3ABB4CC-1DC5-4430-BC49-D86AB708A9B8}" = MySQL Workbench 5.2 CE
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{ED10D0D6-4E12-4EAF-828F-4CB82C05E626}" = MySQL Installer
"{EE6097DD-05F4-4178-9719-D3170BF098E8}" = Apple Application Support
"{F53503A3-41B3-4327-A5C0-B058AB72B90D}" = MySQL Examples and Samples 5.5
"{FD753E57-1F44-41E6-B962-E01D76676206}" = MySQL Connector C++ 1.1.0
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Advanced SystemCare 4_is1" = Advanced SystemCare 4
"AllMyNotes Organizer" = AllMyNotes Organizer
"Ashampoo Burning Studio 2010 Advanced_is1" = Ashampoo Burning Studio 2010 Advanced
"Ashampoo Internet Accelerator 2_is1" = Ashampoo Internet Accelerator 2
"Ashampoo Snap 3_is1" = Ashampoo Snap 3.50
"Audiograbber" = Audiograbber 1.83 SE
"AVG" = AVG 2011
"Blue Coat K9 Web Protection" = Blue Coat® K9 Web Protection 4.0.296
"Brutus AET 2" = Brutus AET 2
"CCleaner" = CCleaner
"CleanUp!" = CleanUp!
"CPUID CPU-Z_is1" = CPUID CPU-Z 1.57
"DiskAnalyzer Pro_is1" = DiskAnalyzer Pro 3.4
"EASEUS Partition Master Professional Edition_is1" = EASEUS Partition Master 7.0.1 Professional
"Extension Changer" = Extension Changer
"FormatFactory" = FormatFactory 2.60
"Free Window Registry Repair" = Free Window Registry Repair
"Garena" = Garena 2010
"Google Chrome" = Google Chrome
"Google Updater" = Google Updater
"GRT Data Recovery_is1" = GRT Data Recovery 2.6
"GRT Recover My File_is1" = GRT Recover My File 2.6
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware version 1.51.1.1800
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"MiniTool Power Data Recovery_is1" = MiniTool Power Data Recovery
"Mobile Media Converter_is1" = MIKSOFT Mobile Media Converter
"Mozilla Firefox 4.0 (x86 en-US)" = Mozilla Firefox 4.0 (x86 en-US)
"MPE" = MyPhoneExplorer
"nbi-nb-base-7.0.0.0.0" = NetBeans IDE 7.0
"PandoraRecovery" = PandoraRecovery (Remove Only)
"Picasa 3" = Picasa 3
"ProcessLasso" = Process Lasso
"PROPLUS" = Microsoft Office Professional Plus 2007
"Protected Folder_is1" = Protected Folder
"Puran Defrag Free Edition_is1" = Puran Defrag Free Edition 7.3
"Recuva" = Recuva
"R-Undelete 4.1NSIS" = R-Undelete 4.1
"SMRecorder" = SMRecorder 1.2.0
"SoftOrbits Flash Drive Recovery_is1" = SoftOrbits Flash Drive Recovery 1.3
"StatWin Professional_is1" = StatWin
"Time Stopper3.12" = Time Stopper
"Unlocker" = Unlocker 1.9.1
"uTorrent" = µTorrent
"VLC media player" = VLC media player 1.0.3
"Web Page Maker_is1" = Web Page Maker V3.21
"WebCracker 4.0" = WebCracker 4.0
"WinPcapInst" = WinPcap 4.1.2
"WinRAR archiver" = WinRAR archiver
"Xvid Video Codec 1.3.2" = Xvid Video Codec
"YouTubeGet_is1" = YouTubeGet 5.9.1
========== Last 10 Event Log Errors ========== [ Application Events ]
Error - 04-Apr-11 3:57:20 AM | Computer Name = ARVIND | Source = SideBySide | ID = 16842787
Description = Activation context generation failed for "c:\program files\EASEUS\easeus
partition master 7.0.1 professional edition\bin\x64\WinChkdsk.exe".Error in manifest
or policy file "c:\program files\EASEUS\easeus partition master 7.0.1 professional
edition\bin\x64\Microsoft.VC80.CRT.MANIFEST" on line 11. Component identity found
in manifest does not match the identity of the component requested. Reference is
Microsoft.VC80.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.762".
Definition
is Microsoft.VC80.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0".
Please
use sxstrace.exe for detailed diagnosis.
Error - 04-Apr-11 3:58:55 AM | Computer Name = ARVIND | Source = SideBySide | ID = 16842815
Description = Activation context generation failed for "c:\program files\spybot
- search & destroy\DelZip179.dll".Error in manifest or policy file "c:\program files\spybot
- search & destroy\DelZip179.dll" on line 8. The value "*" of attribute "language"
in element "assemblyIdentity" is invalid.
Error - 04-Apr-11 8:18:48 AM | Computer Name = ARVIND | Source = VSS | ID = 8194
Description =
Error - 05-Apr-11 2:58:48 AM | Computer Name = ARVIND | Source = SideBySide | ID = 16842761
Description = Activation context generation failed for "C:\Users\Arunima\AppData\Roaming\Google.com\Google
Bar\adxloader.dll.Manifest".Error in manifest or policy file "C:\Users\Arunima\AppData\Roaming\Google.com\Google
Bar\adxloader.dll.Manifest" on line 2. The manifest file root element must be assembly.
Error - 05-Apr-11 2:59:49 AM | Computer Name = ARVIND | Source = SideBySide | ID = 16842787
Description = Activation context generation failed for "c:\program files\EASEUS\easeus
partition master 7.0.1 professional edition\bin\x64\WinChkdsk.exe".Error in manifest
or policy file "c:\program files\EASEUS\easeus partition master 7.0.1 professional
edition\bin\x64\Microsoft.VC80.CRT.MANIFEST" on line 11. Component identity found
in manifest does not match the identity of the component requested. Reference is
Microsoft.VC80.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.762".
Definition
is Microsoft.VC80.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0".
Please
use sxstrace.exe for detailed diagnosis.
Error - 05-Apr-11 3:00:43 AM | Computer Name = ARVIND | Source = SideBySide | ID = 16842815
Description = Activation context generation failed for "c:\program files\spybot
- search & destroy\DelZip179.dll".Error in manifest or policy file "c:\program files\spybot
- search & destroy\DelZip179.dll" on line 8. The value "*" of attribute "language"
in element "assemblyIdentity" is invalid.
Error - 06-Apr-11 8:17:10 AM | Computer Name = ARVIND | Source = VSS | ID = 8194
Description =
Error - 06-Apr-11 11:30:31 AM | Computer Name = ARVIND | Source = SideBySide | ID = 16842761
Description = Activation context generation failed for "C:\Users\Arunima\AppData\Roaming\Google.com\Google
Bar\adxloader.dll.Manifest".Error in manifest or policy file "C:\Users\Arunima\AppData\Roaming\Google.com\Google
Bar\adxloader.dll.Manifest" on line 2. The manifest file root element must be assembly.
Error - 06-Apr-11 11:31:43 AM | Computer Name = ARVIND | Source = SideBySide | ID = 16842787
Description = Activation context generation failed for "c:\program files\EASEUS\easeus
partition master 7.0.1 professional edition\bin\x64\WinChkdsk.exe".Error in manifest
or policy file "c:\program files\EASEUS\easeus partition master 7.0.1 professional
edition\bin\x64\Microsoft.VC80.CRT.MANIFEST" on line 11. Component identity found
in manifest does not match the identity of the component requested. Reference is
Microsoft.VC80.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.762".
Definition
is Microsoft.VC80.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0".
Please
use sxstrace.exe for detailed diagnosis.
Error - 06-Apr-11 11:32:42 AM | Computer Name = ARVIND | Source = SideBySide | ID = 16842815
Description = Activation context generation failed for "c:\program files\spybot
- search & destroy\DelZip179.dll".Error in manifest or policy file "c:\program files\spybot
- search & destroy\DelZip179.dll" on line 8. The value "*" of attribute "language"
in element "assemblyIdentity" is invalid.
[ Media Center Events ]
Error - 30-Oct-10 7:01:45 AM | Computer Name = ARVIND | Source = MCUpdate | ID = 0
Description = 4:31:44 PM - Error connecting to the internet. 4:31:44 PM - Unable
to contact server..
Error - 30-Oct-10 7:01:57 AM | Computer Name = ARVIND | Source = MCUpdate | ID = 0
Description = 4:31:50 PM - Error connecting to the internet. 4:31:50 PM - Unable
to contact server..
Error - 07-Nov-10 11:36:24 PM | Computer Name = ARVIND | Source = MCUpdate | ID = 0
Description = 9:06:23 AM - Error connecting to the internet. 9:06:23 AM - Unable
to contact server..
Error - 19-Nov-10 9:19:58 PM | Computer Name = ARVIND | Source = MCUpdate | ID = 0
Description = 6:49:58 AM - Error connecting to the internet. 6:49:58 AM - Unable
to contact server..
Error - 19-Nov-10 10:42:38 PM | Computer Name = ARVIND | Source = MCUpdate | ID = 0
Description = 8:12:37 AM - Error connecting to the internet. 8:12:37 AM - Unable
to contact server..
Error - 13-Dec-10 9:30:40 PM | Computer Name = ARVIND | Source = MCUpdate | ID = 0
Description = 7:00:39 AM - Error connecting to the internet. 7:00:40 AM - Unable
to contact server..
Error - 26-Dec-10 3:47:16 AM | Computer Name = ARVIND | Source = MCUpdate | ID = 0
Description = 1:17:16 PM - Error connecting to the internet. 1:17:16 PM - Unable
to contact server..
Error - 01-Jan-11 2:59:35 AM | Computer Name = ARVIND | Source = MCUpdate | ID = 0
Description = 12:29:32 PM - Error connecting to the internet. 12:29:34 PM - Unable
to contact server..
Error - 12-Jan-11 9:17:00 PM | Computer Name = ARVIND | Source = MCUpdate | ID = 0
Description = 6:47:00 AM - Error connecting to the internet. 6:47:00 AM - Unable
to contact server..
Error - 18-Jan-11 9:24:21 PM | Computer Name = ARVIND | Source = MCUpdate | ID = 0
Description = 6:54:20 AM - Error connecting to the internet. 6:54:20 AM - Unable
to contact server..
[ ODiag Events ]
Error - 27-Apr-11 8:58:26 PM | Computer Name = ARVIND | Source = Microsoft Office 12 Diagnostics | ID = 320
Description = An unexpected error occurred. Tag: 3fft. Error code: N/A
Error - 27-Apr-11 8:59:50 PM | Computer Name = ARVIND | Source = Microsoft Office 12 Diagnostics | ID = 320
Description = An unexpected error occurred. Tag: 3fft. Error code: N/A
Error - 27-Apr-11 9:07:10 PM | Computer Name = ARVIND | Source = Microsoft Office 12 Diagnostics | ID = 320
Description = An unexpected error occurred. Tag: 3fft. Error code: N/A
Error - 27-Apr-11 9:07:14 PM | Computer Name = ARVIND | Source = Microsoft Office 12 Diagnostics | ID = 320
Description = An unexpected error occurred. Tag: 3fft. Error code: N/A
[ OSession Events ]
Error - 13-Apr-11 11:58:17 PM | Computer Name = ARVIND | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 935
seconds with 0 seconds of active time. This session ended with a crash.
[ System Events ]
Error - 19-Aug-11 4:51:21 AM | Computer Name = ARVIND | Source = Service Control Manager | ID = 7001
Description = The Windows Image Acquisition (WIA) service depends on the Shell Hardware
Detection service which failed to start because of the following error: %%1058
Error - 19-Aug-11 4:52:09 AM | Computer Name = ARVIND | Source = Service Control Manager | ID = 7023
Description = The Superfetch service terminated with the following error: %%2
Error - 19-Aug-11 4:52:22 AM | Computer Name = ARVIND | Source = ipnathlp | ID = 34001
Description =
Error - 19-Aug-11 5:35:17 AM | Computer Name = ARVIND | Source = ipnathlp | ID = 30005
Description =
Error - 19-Aug-11 9:20:39 PM | Computer Name = ARVIND | Source = Service Control Manager | ID = 7001
Description = The Windows Image Acquisition (WIA) service depends on the Shell Hardware
Detection service which failed to start because of the following error: %%1058
Error - 19-Aug-11 9:21:27 PM | Computer Name = ARVIND | Source = Service Control Manager | ID = 7023
Description = The Superfetch service terminated with the following error: %%2
Error - 19-Aug-11 9:21:38 PM | Computer Name = ARVIND | Source = ipnathlp | ID = 34001
Description =
Error - 19-Aug-11 9:35:11 PM | Computer Name = ARVIND | Source = DCOM | ID = 10005
Description =
Error - 19-Aug-11 9:35:11 PM | Computer Name = ARVIND | Source = Service Control Manager | ID = 7001
Description = The Windows Image Acquisition (WIA) service depends on the Shell Hardware
Detection service which failed to start because of the following error: %%1058
Error - 19-Aug-11 9:35:12 PM | Computer Name = ARVIND | Source = Service Control Manager | ID = 7001
Description = The Windows Image Acquisition (WIA) service depends on the Shell Hardware
Detection service which failed to start because of the following error: %%1058
[ Windows PowerShell Events ]
Error - 10-Aug-11 8:01:15 AM | Computer Name = ARVIND | Source = PowerShell | ID = 103
Description =
Error - 10-Aug-11 8:03:39 AM | Computer Name = ARVIND | Source = PowerShell | ID = 103
Description =
< End of report >
Malwarebytes' Anti-Malware 1.51.1.1800
www.malwarebytes.org
Database version: 7513
Windows 6.1.7601 Service Pack 1
Internet Explorer 9.0.8112.16421
20-Aug-11 4:57:43 PM
mbam-log-2011-08-20 (16-57-43).txt
Scan type: Full scan (C:\|D:\|E:\|F:\|G:\|H:\|)
Objects scanned: 572273
Time elapsed: 5 hour(s), 8 minute(s), 30 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 6
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
c:\HYDRA\hydra-5.4-win\pw-inspector.exe (PUP.PasswordTool.Hydra) -> Quarantined and deleted successfully.
h:\hack tools\bruteforcer\Client\BFC.exe (Spyware.Passwords) -> Quarantined and deleted successfully.
h:\hack tools\BRUTUS\BrutusA2.exe (HackTool.Brutus) -> Quarantined and deleted successfully.
h:\hack tools\HYDRA\hydra-5.4-win\hydra.exe (PUP.PasswordTool.Hydra) -> Quarantined and deleted successfully.
h:\hack tools\HYDRA\hydra-5.4-win\pw-inspector.exe (PUP.PasswordTool.Hydra) -> Quarantined and deleted successfully.
h:\hack tools\new folder\brutus\NEW\nova pasta\BrutusA2.exe (HackTool.Brutus) -> Quarantined and deleted successfully.
SuperAntispywareSUPERAntiSpyware Scan Log
http://www.superantispyware.comGenerated 08/20/2011 at 06:28 PM
Application Version : 5.0.1118
Core Rules Database Version : 7585
Trace Rules Database Version: 5397
Scan type : Complete Scan
Total Scan Time : 05:38:56
Operating System Information
Windows 7 Ultimate 32-bit, Service Pack 1 (Build 6.01.7601)
UAC On - Limited User
Memory items scanned : 554
Memory threats detected : 0
Registry items scanned : 37775
Registry threats detected : 0
File items scanned : 219111
File threats detected : 5
Adware.Tracking Cookie
.doubleclick.net [ C:\USERS\AKSHA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.doubleclick.net [ C:\USERS\AKSHA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KHE0QAX7.DEFAULT\COOKIES.SQLITE ]
.doubleclick.net [ C:\USERS\AKSHA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KHE0QAX7.DEFAULT\COOKIES.SQLITE ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\ARVIND$@2O7[1].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\ARVIND$@IN.GETCLICKY[1].TXT