Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Redirect Virus

Started by Emoq XD , Oct 30 2011 07:21 AM

  • This topic is locked This topic is locked

#1
Emoq XD
Posted 30 October 2011 - 07:21 AM

Emoq XD

    Member

  • Member
  • PipPip
  • 12 posts
I think I have gotten it since I got redirected to some random sites on chrome,ie and firefox. Anyone can help me? ^_^
  • 0

Advertisements

#2
Essexboy
Posted 30 October 2011 - 09:11 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Hi to help I will need information :)

Download aswMBR.exe ( 1.8mb ) to your desktop.
Double click the aswMBR.exe to run it Click the "Scan" button to start scan

Posted Image

On completion of the scan click save log, save it to your desktop and post in your next reply

Posted Image

THEN

Download OTL to your Desktop
  • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
  • Select All Users
  • Under the Custom Scan box paste this in
    netsvcs
    %SYSTEMDRIVE%\*.exe
    /md5start
    explorer.exe
    winlogon.exe
    Userinit.exe
    svchost.exe
    /md5stop
    C:\Windows\assembly\tmp\U\*.* /s
    CREATERESTOREPOINT
  • Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
  • Post both logs

  • 0

#3
Emoq XD
Posted 30 October 2011 - 10:43 AM

Emoq XD

    Member

  • Topic Starter
  • Member
  • PipPip
  • 12 posts
ASWMBR LOG FILE

aswMBR version 0.9.8.986 Copyright© 2011 AVAST Software
Run date: 2011-10-31 00:27:45
-----------------------------
00:27:45.732 OS Version: Windows x64 6.1.7601 Service Pack 1
00:27:45.732 Number of processors: 4 586 0x2A07
00:27:45.732 ComputerName: EMOQ-HP UserName: Nikhil
00:27:52.050 Initialize success
00:27:57.829 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
00:27:57.829 Disk 0 Vendor: Hitachi_ JP4O Size: 953869MB BusType: 3
00:27:57.938 Disk 0 MBR read successfully
00:27:57.938 Disk 0 MBR scan
00:27:57.938 Disk 0 Windows 7 default MBR code
00:27:57.938 Service scanning
00:28:02.451 Modules scanning
00:28:02.453 Disk 0 trace - called modules:
00:28:02.472 ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll
00:28:02.474 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8009d03060]
00:28:02.476 3 CLASSPNP.SYS[fffff88001a5143f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8007806050]
00:28:02.478 Scan finished successfully
00:28:25.217 Disk 0 MBR has been saved successfully to "C:\Users\Nikhil\Desktop\MBR.dat"
00:28:25.217 The log file has been saved successfully to "C:\Users\Nikhil\Desktop\aswMBR.txt"

OTL LOG FILE



OTL logfile created on: 10/31/2011 12:29:50 AM - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Nikhil\Desktop
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: Singapore | Language: ENE | Date Format: d/M/yyyy

7.98 Gb Total Physical Memory | 6.59 Gb Available Physical Memory | 82.49% Memory free
13.98 Gb Paging File | 12.49 Gb Available in Paging File | 89.32% Paging File free
Paging file location(s): [Binary data over 100 bytes]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 919.50 Gb Total Space | 841.47 Gb Free Space | 91.51% Space Free | Partition Type: NTFS
Drive D: | 11.91 Gb Total Space | 1.46 Gb Free Space | 12.24% Space Free | Partition Type: NTFS

Computer Name: EMOQ-HP | User Name: Nikhil | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/10/31 00:28:41 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Nikhil\Desktop\OTL.exe
PRC - [2011/09/19 18:31:10 | 002,221,200 | ---- | M] (Giraffic) -- C:\Program Files (x86)\Giraffic\Veoh_GirafficWatchdog.exe
PRC - [2011/09/19 18:30:52 | 003,663,488 | ---- | M] (Giraffic) -- C:\Program Files (x86)\Giraffic\Veoh_Giraffic.exe
PRC - [2011/07/29 07:08:12 | 001,259,376 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
PRC - [2011/06/09 20:37:18 | 000,264,008 | ---- | M] (HP) -- C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe
PRC - [2011/06/09 20:37:00 | 000,653,128 | ---- | M] (HP) -- C:\Program Files (x86)\HP SimplePass 2011\TouchControl.exe
PRC - [2011/06/09 20:36:34 | 000,142,664 | ---- | M] (HP) -- C:\Program Files (x86)\HP SimplePass 2011\BioMonitor.exe
PRC - [2011/05/06 07:40:52 | 001,128,952 | ---- | M] (PDF Complete Inc) -- C:\Program Files (x86)\PDF Complete\pdfsvc.exe
PRC - [2011/03/30 15:41:10 | 000,378,472 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2011/03/28 17:07:50 | 000,094,264 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
PRC - [2011/02/24 15:10:24 | 000,212,944 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
PRC - [2011/02/01 15:41:24 | 002,656,280 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
PRC - [2011/02/01 15:41:20 | 000,326,168 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
PRC - [2010/11/24 11:31:24 | 002,069,504 | ---- | M] (Hewlett-Packard) -- C:\Program Files (x86)\Hewlett-Packard\HP Keyboard\CNYHKEY.exe
PRC - [2009/02/28 10:13:04 | 000,053,248 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Keyboard\ModLEDKey.exe
PRC - [2008/11/21 01:47:28 | 000,062,768 | ---- | M] (Hewlett-Packard) -- C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
PRC - [2008/01/23 01:35:52 | 000,103,808 | ---- | M] () -- C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe


========== Modules (No Company Name) ==========

MOD - [2011/07/29 07:09:42 | 000,096,112 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll
MOD - [2011/07/29 07:08:12 | 001,259,376 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
MOD - [2010/11/21 11:24:09 | 000,232,448 | ---- | M] () -- \\?\globalroot\systemroot\syswow64\mswsock.DLL
MOD - [2009/02/28 10:13:04 | 000,053,248 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Keyboard\ModLEDKey.exe
MOD - [2009/02/20 08:22:50 | 000,028,672 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Keyboard\WMINPUT.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2011/02/17 13:47:28 | 000,682,040 | ---- | M] (Hewlett-Packard) [Auto | Running] -- C:\Program Files\Hewlett-Packard\HP Auto\HPAuto.exe -- (HPAuto)
SRV:64bit: - [2011/02/16 20:20:04 | 000,256,336 | ---- | M] (Trend Micro Inc.) [Auto | Running] -- C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe -- (Amsp)
SRV:64bit: - [2010/10/11 17:48:14 | 000,346,168 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe -- (HPClientSvc)
SRV:64bit: - [2010/09/23 09:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2009/07/14 09:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/07/14 09:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2011/10/22 12:35:06 | 000,419,624 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2011/10/10 17:53:00 | 000,075,136 | ---- | M] () [Auto | Stopped] -- C:\Windows\SysWow64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2011/09/19 18:31:10 | 002,221,200 | ---- | M] (Giraffic) [Auto | Running] -- C:\Program Files (x86)\Giraffic\Veoh_GirafficWatchdog.exe -- (Giraffic)
SRV - [2011/08/04 04:39:00 | 004,141,560 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\Windows\SysWow64\GameMon.des -- (npggsvc)
SRV - [2011/06/21 15:57:34 | 000,085,560 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe -- (HP Support Assistant Service)
SRV - [2011/06/09 20:37:18 | 000,264,008 | ---- | M] (HP) [Auto | Running] -- C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe -- (FPLService)
SRV - [2011/05/06 07:40:52 | 001,128,952 | ---- | M] (PDF Complete Inc) [Auto | Running] -- C:\Program Files (x86)\PDF Complete\pdfsvc.exe -- (pdfcDispatcher)
SRV - [2011/03/30 15:41:10 | 000,378,472 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2011/03/28 17:07:50 | 000,094,264 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe -- (HPDrvMntSvc.exe)
SRV - [2011/03/02 12:23:36 | 000,183,560 | ---- | M] (Microsoft Corporation.) [On_Demand | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
SRV - [2011/02/26 01:46:22 | 000,249,648 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE -- (SeaPort)
SRV - [2011/02/24 15:10:24 | 000,212,944 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe -- (jhi_service) Intel®
SRV - [2011/02/01 15:41:24 | 002,656,280 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS) Intel®
SRV - [2011/02/01 15:41:20 | 000,326,168 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS) Intel®
SRV - [2010/10/13 01:59:12 | 000,206,072 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe -- (GamesAppService)
SRV - [2010/06/02 06:31:28 | 002,804,568 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe -- (NOBU)
SRV - [2010/03/19 05:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/06/11 05:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008/01/23 01:35:52 | 000,103,808 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe -- (IJPLMSVC)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2011/10/27 15:44:54 | 000,254,528 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2011/08/13 14:00:36 | 000,031,152 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pmxdrv.sys -- (pmxdrv)
DRV:64bit: - [2011/08/13 13:38:31 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/08/13 13:38:31 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/05/13 03:21:04 | 000,177,640 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadmdm.sys -- (ssadmdm)
DRV:64bit: - [2011/05/13 03:21:04 | 000,146,920 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadserd.sys -- (ssadserd) SAMSUNG Android USB Diagnostic Serial Port (WDM)
DRV:64bit: - [2011/05/13 03:21:02 | 000,157,672 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadbus.sys -- (ssadbus) SAMSUNG Android USB Composite Device driver (WDM)
DRV:64bit: - [2011/05/13 03:21:02 | 000,036,328 | ---- | M] (Google Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadadb.sys -- (androidusb)
DRV:64bit: - [2011/05/13 03:21:02 | 000,016,872 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadmdfl.sys -- (ssadmdfl) SAMSUNG Android USB Modem (Filter)
DRV:64bit: - [2011/04/27 03:07:36 | 000,557,848 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2011/04/22 18:17:04 | 000,471,144 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2011/04/22 08:46:54 | 001,360,960 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\netr28x.sys -- (netr28x)
DRV:64bit: - [2011/03/04 01:59:20 | 000,174,184 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2010/11/21 11:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/21 11:23:48 | 000,071,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2010/11/21 11:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/21 11:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010/10/19 19:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64) Intel®
DRV:64bit: - [2010/08/08 18:18:48 | 000,339,536 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\tmwfp.sys -- (tmwfp)
DRV:64bit: - [2010/08/08 18:18:48 | 000,194,640 | ---- | M] (Trend Micro Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\tmlwf.sys -- (tmlwf)
DRV:64bit: - [2010/08/08 18:18:48 | 000,144,464 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\tmcomm.sys -- (tmcomm)
DRV:64bit: - [2010/08/08 18:18:48 | 000,105,552 | ---- | M] (Trend Micro Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\tmtdi.sys -- (tmtdi)
DRV:64bit: - [2010/08/08 18:18:48 | 000,090,704 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\tmactmon.sys -- (tmactmon)
DRV:64bit: - [2010/08/08 18:18:48 | 000,067,664 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\tmevtmgr.sys -- (tmevtmgr)
DRV:64bit: - [2009/07/14 09:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/14 09:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/14 09:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/14 08:35:32 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\serscan.sys -- (StillCam)
DRV:64bit: - [2009/06/11 04:37:05 | 006,108,416 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2009/06/11 04:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/11 04:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/11 04:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/11 04:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2009/07/14 09:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2004/12/31 05:43:08 | 000,004,682 | ---- | M] (INCA Internet Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWow64\npptNT2.sys -- (NPPTNT2)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.jp.msn.com/HPALL/139
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://g.jp.msn.com/HPALL/139
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.jp.msn.com/HPALL/139
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://g.jp.msn.com/HPALL/139
IE - HKLM\..\URLSearchHook: {cd90bf73-20f6-44ef-993d-bb920303bd2e} - C:\Program Files (x86)\Veoh_Web_Player\prxtbVeoh.dll (Conduit Ltd.)


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-4051046303-2120523462-3941003408-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.jp.msn.com/HPALL/139
IE - HKU\S-1-5-21-4051046303-2120523462-3941003408-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.condui...&ctid=CT3104086
IE - HKU\S-1-5-21-4051046303-2120523462-3941003408-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========


FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_0_1.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.0: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.0\npesnsonar.dll File not found
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=1.1.11: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (the VideoLAN Team)
FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\2\NP_wtapp.dll ()

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{22C7F6C6-8D67-4534-92B5-529A0EC09405}: C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1504\6.6.1088\firefoxextension\ [2011/10/31 09:43:49 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2011/10/20 19:23:09 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011/10/10 16:03:08 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011/10/19 20:36:22 | 000,000,000 | ---D | M]

[2011/10/19 20:36:28 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Nikhil\AppData\Roaming\Mozilla\Extensions
[2011/10/19 20:36:23 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2011/10/10 16:03:09 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA}
[2011/10/19 20:36:23 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}
[2011/10/10 16:03:09 | 000,000,000 | ---D | M] (TrueSuite Website Logon) -- C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]
[2011/09/29 15:09:46 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2011/10/03 05:06:04 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2010/07/27 16:13:46 | 000,027,136 | ---- | M] (NHN USA Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npijjiautoinstallpluginff.dll
[2011/09/29 09:30:22 | 000,001,538 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazon-en-GB.xml
[2011/09/29 09:16:42 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2011/09/29 09:30:22 | 000,000,947 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\chambers-en-GB.xml
[2011/09/29 09:30:22 | 000,001,180 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-en-GB.xml
[2011/09/29 09:30:22 | 000,001,135 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-en-GB.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\14.0.835.202\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
CHR - plugin: Java Deployment Toolkit 6.0.290.11 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java™ Platform SE 6 U29 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll
CHR - plugin: DivX Web Player (Enabled) = C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\14.0.835.202\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\14.0.835.202\pdf.dll
CHR - plugin: Simple Pass 2011 (Enabled) = C:\Users\Nikhil\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpgfhihjicjofdejkbjgnjlaglaciobe\1.0_0\npwebsitelogon.dll
CHR - plugin: ijji Auto Install Plugin for Mozilla (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npijjiautoinstallpluginff.dll
CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.2.183.13\npGoogleOneClick8.dll
CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
CHR - plugin: VLC Multimedia Plug-in (Enabled) = C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
CHR - plugin: WildTangent Games App Presence Detector (Enabled) = C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: One Piece Theme = C:\Users\Nikhil\AppData\Local\Google\Chrome\User Data\Default\Extensions\kkhkehkllpkocgnlbkmpkcicednmbfnp\2_0\
CHR - Extension: DivX Plus Web Player HTML5 \u003Cvideo\u003E = C:\Users\Nikhil\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.126_0\

O1 HOSTS File: ([2009/06/11 05:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (TmIEPlugInBHO Class) - {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\module\20004\1.5.1504\6.6.1088\TmIEPlg.dll (Trend Micro Inc.)
O2:64bit: - BHO: (TrueSuite Website Log On) - {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass 2011\x64\IEBHO.dll (HP)
O2:64bit: - BHO: (TmBpIeBHO Class) - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\module\20002\6.6.1010\6.6.1010\TmBpIe64.dll (Trend Micro Inc.)
O2 - BHO: (TmIEPlugInBHO Class) - {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\module\20004\1.5.1504\6.6.1088\TmIEPlg32.dll (Trend Micro Inc.)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (TrueSuite Website Log On) - {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass 2011\IEBHO.dll (HP)
O2 - BHO: (TmBpIeBHO Class) - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\module\20002\6.6.1010\6.6.1010\TmBpIe32.dll (Trend Micro Inc.)
O2 - BHO: (Veoh Web Player Toolbar) - {cd90bf73-20f6-44ef-993d-bb920303bd2e} - C:\Program Files (x86)\Veoh_Web_Player\prxtbVeoh.dll (Conduit Ltd.)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (Veoh Web Player Toolbar) - {cd90bf73-20f6-44ef-993d-bb920303bd2e} - C:\Program Files (x86)\Veoh_Web_Player\prxtbVeoh.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-4051046303-2120523462-3941003408-1003\..\Toolbar\WebBrowser: (Veoh Web Player Toolbar) - {CD90BF73-20F6-44EF-993D-BB920303BD2E} - C:\Program Files (x86)\Veoh_Web_Player\prxtbVeoh.dll (Conduit Ltd.)
O4:64bit: - HKLM..\Run: [CanonSolutionMenu] C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe (CANON INC.)
O4:64bit: - HKLM..\Run: [hpsysdrv] c:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe (Hewlett-Packard)
O4:64bit: - HKLM..\Run: [Trend Micro Client Framework] C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe (Trend Micro Inc.)
O4:64bit: - HKLM..\Run: [Trend Micro Titanium] C:\Program Files\Trend Micro\Titanium\UIFramework\uiWinMgr.exe (Trend Micro Inc.)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [BATINDICATOR] C:\Program Files (x86)\Hewlett-Packard\HP Keyboard\BATINDICATOR.exe File not found
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [IJNetworkScanUtility] C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.EXE (CANON INC.)
O4 - HKLM..\Run: [LaunchHPOSIAPP] C:\Program Files (x86)\Hewlett-Packard\HP Keyboard\LaunchApp.exe (Hewlett-Packard)
O4 - HKLM..\Run: [Left 4 Dead 2 Bootstrap Checker] "C:\Users\Nikhil\Downloads\Left 4 Dead 2 V2.0.2.7 Full-Rip {blaze69}\Left 4 Dead 2\Left 4 Dead 2\l4d2bootstrapper.exe" check File not found
O4 - HKLM..\Run: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe (Symantec Corporation)
O4 - HKLM..\Run: [PDF Complete] C:\Program Files (x86)\PDF Complete\pdfsty.exe (PDF Complete Inc)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-4051046303-2120523462-3941003408-1003..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun File not found
O4 - HKU\S-1-5-21-4051046303-2120523462-3941003408-1003..\Run: [PowerSuite] C:\Program Files (x86)\Uniblue\PowerSuite\launcher.exe (Uniblue Systems Limited)
O4 - HKU\S-1-5-21-4051046303-2120523462-3941003408-1003..\Run: [Steam] C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)
O4 - HKU\S-1-5-21-4051046303-2120523462-3941003408-1003..\Run: [Xvid] C:\Program Files (x86)\Xvid\CheckUpdate.exe ()
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll File not found
O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll File not found
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000005 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000006 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000007 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000008 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000009 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000010 - mmswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_29)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9CB2CD06-6A9C-47CC-A397-92CBE683ACF4}: DhcpNameServer = 192.168.1.1 192.168.1.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\tmbp {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\6.6.1010\6.6.1010\TmBpIe64.dll (Trend Micro Inc.)
O18:64bit: - Protocol\Handler\tmpx {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\module\20004\1.5.1504\6.6.1088\TmIEPlg.dll (Trend Micro Inc.)
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\tmbp {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\6.6.1010\6.6.1010\TmBpIe32.dll (Trend Micro Inc.)
O18 - Protocol\Handler\tmpx {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\module\20004\1.5.1504\6.6.1088\TmIEPlg32.dll (Trend Micro Inc.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) -C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKU\S-1-5-21-4051046303-2120523462-3941003408-1003 Winlogon: Shell - (C:\Users\Nikhil\AppData\Local\2be7aba1\X) -C:\Users\Nikhil\AppData\Local\2be7aba1\X ()
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

File not found -- C:\Windows\SysNative\consrv.dll
[2011/10/31 00:28:41 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\Nikhil\Desktop\OTL.exe
[2011/10/31 00:27:12 | 001,916,416 | ---- | C] (AVAST Software) -- C:\Users\Nikhil\Desktop\aswMBR.exe
[2011/10/30 19:53:58 | 000,000,000 | ---D | C] -- C:\Users\Nikhil\AppData\Roaming\QuickScan
[2011/10/30 18:51:28 | 000,000,000 | ---D | C] -- C:\Users\Nikhil\AppData\Local\HP
[2011/10/30 18:51:24 | 000,000,000 | ---D | C] -- C:\Users\Nikhil\AppData\Local\AuthenTec
[2011/10/30 16:58:58 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2011/10/30 15:12:37 | 000,000,000 | ---D | C] -- C:\Users\Nikhil\AppData\Local\ElevatedDiagnostics
[2011/10/30 14:26:54 | 000,339,536 | ---- | C] (Trend Micro Inc.) -- C:\Windows\SysNative\drivers\tmwfp.sys
[2011/10/30 14:26:54 | 000,194,640 | ---- | C] (Trend Micro Inc.) -- C:\Windows\SysNative\drivers\tmlwf.sys
[2011/10/29 22:27:40 | 000,000,000 | -HSD | C] -- C:\Windows\SysNative\%APPDATA%
[2011/10/29 19:17:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Uniblue
[2011/10/29 19:09:11 | 000,000,000 | ---D | C] -- C:\Users\Nikhil\AppData\Local\PackageAware
[2011/10/29 19:00:37 | 000,000,000 | ---D | C] -- C:\Users\Nikhil\AppData\Roaming\Uniblue
[2011/10/29 19:00:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Uniblue
[2011/10/29 19:00:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Uniblue
[2011/10/29 18:50:47 | 000,000,000 | -HSD | C] -- C:\Users\Nikhil\AppData\Local\2be7aba1
[2011/10/27 15:44:54 | 000,254,528 | ---- | C] (DT Soft Ltd) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys
[2011/10/27 15:11:32 | 000,000,000 | ---D | C] -- C:\Users\Nikhil\AppData\Roaming\DAEMON Tools Lite
[2011/10/27 15:11:32 | 000,000,000 | ---D | C] -- C:\ProgramData\DAEMON Tools Lite
[2011/10/27 14:45:18 | 000,000,000 | ---D | C] -- C:\Downloads
[2011/10/27 14:28:13 | 000,000,000 | ---D | C] -- C:\Users\Nikhil\AppData\Roaming\WinRAR
[2011/10/24 09:17:19 | 000,000,000 | ---D | C] -- C:\Users\Nikhil\AppData\Roaming\Hewlett-Packard
[2011/10/24 09:15:43 | 000,000,000 | ---D | C] -- C:\Users\Nikhil\AppData\Roaming\HP Support Assistant
[2011/10/24 09:15:36 | 000,000,000 | ---D | C] -- C:\Users\Nikhil\AppData\Roaming\HpUpdate
[2011/10/24 09:15:13 | 000,000,000 | ---D | C] -- C:\Users\Nikhil\AppData\Local\Hewlett-Packard
[2011/10/23 22:58:32 | 000,000,000 | ---D | C] -- C:\Users\Nikhil\AppData\Local\Chronicles of Albian
[2011/10/23 02:19:00 | 000,000,000 | ---D | C] -- C:\Users\Nikhil\AppData\Local\SFK_Team_Inc
[2011/10/22 21:51:57 | 000,000,000 | ---D | C] -- C:\Users\Nikhil\AppData\Local\Omnifone_Ltd
[2011/10/22 21:49:07 | 000,000,000 | ---D | C] -- C:\ProgramData\MusicStation
[2011/10/22 21:49:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MusicStation
[2011/10/22 21:49:05 | 000,000,000 | ---D | C] -- C:\Users\Nikhil\AppData\Local\Downloaded Installations
[2011/10/22 21:49:04 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Synchronization Services
[2011/10/22 21:48:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Synchronization Services
[2011/10/22 13:16:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WinRAR
[2011/10/22 13:16:38 | 000,000,000 | ---D | C] -- C:\Users\Nikhil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
[2011/10/22 13:16:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
[2011/10/22 13:16:27 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR
[2011/10/22 12:33:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
[2011/10/22 12:33:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Steam
[2011/10/22 12:33:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Steam
[2011/10/22 11:46:42 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\directx
[2011/10/21 16:03:31 | 000,000,000 | ---D | C] -- C:\Users\Nikhil\AppData\Local\CrashDumps
[2011/10/20 19:43:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\uTorrent
[2011/10/20 19:42:31 | 000,000,000 | ---D | C] -- C:\Users\Nikhil\AppData\Roaming\uTorrent
[2011/10/20 19:42:31 | 000,000,000 | ---D | C] -- C:\Users\Nikhil\AppData\Local\uTorrent
[2011/10/20 19:23:59 | 000,000,000 | ---D | C] -- C:\Users\Nikhil\AppData\Local\DDMSettings
[2011/10/20 19:23:03 | 000,000,000 | ---D | C] -- C:\Users\Nikhil\AppData\Roaming\DivX
[2011/10/20 19:22:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\PX Storage Engine
[2011/10/20 19:22:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX Plus
[2011/10/20 19:22:31 | 000,000,000 | ---D | C] -- C:\Program Files\DivX
[2011/10/20 19:22:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DivX Shared
[2011/10/20 19:22:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2011/10/20 19:21:59 | 000,000,000 | ---D | C] -- C:\Users\Nikhil\AppData\Local\Google
[2011/10/20 19:21:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google
[2011/10/20 19:21:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DivX
[2011/10/20 19:21:25 | 000,000,000 | ---D | C] -- C:\ProgramData\DivX
[2011/10/20 19:13:57 | 000,000,000 | ---D | C] -- C:\Users\Nikhil\AppData\Roaming\vlc
[2011/10/20 19:13:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
[2011/10/20 19:13:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VideoLAN
[2011/10/20 19:04:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xvid
[2011/10/20 19:04:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Xvid
[2011/10/19 21:12:49 | 000,000,000 | ---D | C] -- C:\Users\Nikhil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
[2011/10/19 20:45:21 | 000,000,000 | ---D | C] -- C:\Users\Nikhil\Documents\Heroes of Newerth (Garena)
[2011/10/19 20:44:02 | 000,000,000 | ---D | C] -- C:\Users\Nikhil\riotsGamesLogs
[2011/10/19 20:43:58 | 000,000,000 | ---D | C] -- C:\Users\Nikhil\AppData\Roaming\LolClient
[2011/10/19 20:43:18 | 000,000,000 | ---D | C] -- C:\Users\Nikhil\AppData\Roaming\GarenaPlus
[2011/10/19 20:38:39 | 000,000,000 | ---D | C] -- C:\Users\Nikhil\AppData\Roaming\Adobe
[2011/10/19 20:36:19 | 000,000,000 | ---D | C] -- C:\Users\Nikhil\AppData\Roaming\Mozilla
[2011/10/19 20:36:19 | 000,000,000 | ---D | C] -- C:\Users\Nikhil\AppData\Local\Mozilla
[2011/10/19 20:36:07 | 000,000,000 | ---D | C] -- C:\Users\Nikhil\AppData\Local\Diagnostics
[2011/10/19 20:27:09 | 000,000,000 | ---D | C] -- C:\Users\Nikhil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Trend Micro Titanium Internet Security
[2011/10/19 20:27:08 | 000,000,000 | ---D | C] -- C:\Users\Nikhil\AppData\Local\PDFC
[2011/10/19 20:26:57 | 000,000,000 | R--D | C] -- C:\Users\Nikhil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2011/10/19 20:26:57 | 000,000,000 | R--D | C] -- C:\Users\Nikhil\Searches
[2011/10/19 20:26:57 | 000,000,000 | R--D | C] -- C:\Users\Nikhil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2011/10/19 20:26:57 | 000,000,000 | -H-D | C] -- C:\Users\Nikhil\Application Data\Microsoft\Internet Explorer\Quick Launch\User Pinned
[2011/10/19 20:26:52 | 000,000,000 | ---D | C] -- C:\Users\Nikhil\AppData\Roaming\Symantec
[2011/10/19 20:26:50 | 000,000,000 | ---D | C] -- C:\Users\Nikhil\AppData\Roaming\Identities
[2011/10/19 20:26:48 | 000,000,000 | R--D | C] -- C:\Users\Nikhil\Contacts
[2011/10/19 20:26:48 | 000,000,000 | ---D | C] -- C:\Users\Nikhil\AppData\Local\VirtualStore
[2011/10/19 20:26:32 | 000,000,000 | --SD | C] -- C:\Users\Nikhil\AppData\Roaming\Microsoft
[2011/10/19 20:26:32 | 000,000,000 | R--D | C] -- C:\Users\Nikhil\Videos
[2011/10/19 20:26:32 | 000,000,000 | R--D | C] -- C:\Users\Nikhil\Saved Games
[2011/10/19 20:26:32 | 000,000,000 | R--D | C] -- C:\Users\Nikhil\Pictures
[2011/10/19 20:26:32 | 000,000,000 | R--D | C] -- C:\Users\Nikhil\Music
[2011/10/19 20:26:32 | 000,000,000 | R--D | C] -- C:\Users\Nikhil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2011/10/19 20:26:32 | 000,000,000 | R--D | C] -- C:\Users\Nikhil\Links
[2011/10/19 20:26:32 | 000,000,000 | R--D | C] -- C:\Users\Nikhil\Favorites
[2011/10/19 20:26:32 | 000,000,000 | R--D | C] -- C:\Users\Nikhil\Downloads
[2011/10/19 20:26:32 | 000,000,000 | R--D | C] -- C:\Users\Nikhil\Documents
[2011/10/19 20:26:32 | 000,000,000 | R--D | C] -- C:\Users\Nikhil\Desktop
[2011/10/19 20:26:32 | 000,000,000 | R--D | C] -- C:\Users\Nikhil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2011/10/19 20:26:32 | 000,000,000 | -HSD | C] -- C:\Users\Nikhil\AppData\Local\Temporary Internet Files
[2011/10/19 20:26:32 | 000,000,000 | -HSD | C] -- C:\Users\Nikhil\Templates
[2011/10/19 20:26:32 | 000,000,000 | -HSD | C] -- C:\Users\Nikhil\Start Menu
[2011/10/19 20:26:32 | 000,000,000 | -HSD | C] -- C:\Users\Nikhil\SendTo
[2011/10/19 20:26:32 | 000,000,000 | -HSD | C] -- C:\Users\Nikhil\Recent
[2011/10/19 20:26:32 | 000,000,000 | -HSD | C] -- C:\Users\Nikhil\PrintHood
[2011/10/19 20:26:32 | 000,000,000 | -HSD | C] -- C:\Users\Nikhil\NetHood
[2011/10/19 20:26:32 | 000,000,000 | -HSD | C] -- C:\Users\Nikhil\Documents\My Videos
[2011/10/19 20:26:32 | 000,000,000 | -HSD | C] -- C:\Users\Nikhil\Documents\My Pictures
[2011/10/19 20:26:32 | 000,000,000 | -HSD | C] -- C:\Users\Nikhil\Documents\My Music
[2011/10/19 20:26:32 | 000,000,000 | -HSD | C] -- C:\Users\Nikhil\My Documents
[2011/10/19 20:26:32 | 000,000,000 | -HSD | C] -- C:\Users\Nikhil\Local Settings
[2011/10/19 20:26:32 | 000,000,000 | -HSD | C] -- C:\Users\Nikhil\AppData\Local\History
[2011/10/19 20:26:32 | 000,000,000 | -HSD | C] -- C:\Users\Nikhil\Cookies
[2011/10/19 20:26:32 | 000,000,000 | -HSD | C] -- C:\Users\Nikhil\Application Data
[2011/10/19 20:26:32 | 000,000,000 | -HSD | C] -- C:\Users\Nikhil\AppData\Local\Application Data
[2011/10/19 20:26:32 | 000,000,000 | -H-D | C] -- C:\Users\Nikhil\AppData
[2011/10/19 20:26:32 | 000,000,000 | ---D | C] -- C:\Users\Nikhil\AppData\Local\Temp
[2011/10/19 20:26:32 | 000,000,000 | ---D | C] -- C:\Users\Nikhil\AppData\Local\Microsoft Help
[2011/10/19 20:26:32 | 000,000,000 | ---D | C] -- C:\Users\Nikhil\AppData\Local\Microsoft
[2011/10/19 20:26:32 | 000,000,000 | ---D | C] -- C:\Users\Nikhil\AppData\Roaming\Media Center Programs
[2011/10/19 20:26:32 | 000,000,000 | ---D | C] -- C:\Users\Nikhil\AppData\Roaming\Macromedia
[2011/10/19 20:14:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Warcraft III Reign of Chaos & The Frozen Throne
[2011/10/19 19:59:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Garena Classic
[2011/10/18 17:49:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Conduit
[2011/10/18 17:49:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Veoh_Web_Player
[2011/10/18 17:48:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Giraffic
[2011/10/18 17:48:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Giraffic
[2011/10/18 17:48:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Veoh Networks
[2011/10/17 13:04:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft XNA
[2011/10/16 13:56:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zoo Empire
[2011/10/16 13:56:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Zoo Empire
[2011/10/16 13:51:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nocturnal - Boston Nightfall
[2011/10/16 13:51:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Nocturnal - Boston Nightfall
[2011/10/16 13:48:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wheel of Fortune 2
[2011/10/16 13:48:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Wheel of Fortune 2
[2011/10/16 13:39:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lost in Reefs
[2011/10/16 13:39:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Lost in Reefs
[2011/10/16 13:39:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Profitville
[2011/10/16 13:39:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Profitville
[2011/10/16 13:38:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Zellians - Kingdom Builder
[2011/10/16 13:38:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\World of Zellians - Kingdom Builder
[2011/10/16 13:34:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Witch and the Warrior Strategy Guide
[2011/10/16 13:34:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\The Witch and the Warrior Strategy Guide
[2011/10/16 13:33:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mystic Diary - Haunted Island
[2011/10/16 13:33:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mystic Diary - Haunted Island
[2011/10/16 12:57:22 | 000,000,000 | -H-D | C] -- C:\ProgramData\CanonIJSolutionMenu
[2011/10/16 12:56:52 | 000,000,000 | -H-D | C] -- C:\ProgramData\CanonIJMyPrinter
[2011/10/16 12:56:46 | 000,000,000 | ---D | C] -- C:\ProgramData\CanonIJPLM
[2011/10/16 12:54:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MP620 series
[2011/10/16 12:53:48 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\CANON
[2011/10/16 12:53:39 | 000,000,000 | ---D | C] -- C:\Program Files\Canon
[2011/10/16 12:52:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities
[2011/10/16 12:52:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon IJ Network Utilities
[2011/10/16 12:51:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MP620 series Manual
[2011/10/16 12:51:46 | 000,000,000 | -H-D | C] -- C:\ProgramData\CanonBJ
[2011/10/16 12:51:41 | 000,000,000 | -H-D | C] -- C:\Windows\SysNative\CanonIJ Uninstaller Information
[2011/10/16 12:51:02 | 000,000,000 | -H-D | C] -- C:\Program Files\CanonBJ
[2011/10/16 12:50:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Canon
[2011/10/13 21:46:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Sandlot Games
[2011/10/12 16:02:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Heroes of Newerth
[2011/10/12 16:01:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Heroes of Newerth
[2011/10/12 09:53:27 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\PlayfulAge
[2011/10/12 09:52:45 | 000,000,000 | ---D | C] -- C:\ProgramData\PlayfulAge
[2011/10/12 09:49:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Supermarket Management 2
[2011/10/12 09:49:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Supermarket Management 2
[2011/10/12 00:32:17 | 000,000,000 | ---D | C] -- C:\ProgramData\CropBusters
[2011/10/11 23:00:26 | 000,000,000 | ---D | C] -- C:\ProgramData\PlayFirst
[2011/10/11 22:10:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dark Parables - Curse of Briar Rose
[2011/10/11 22:10:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Dark Parables - Curse of Briar Rose
[2011/10/11 22:09:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Escape From Paradise
[2011/10/11 22:09:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Escape From Paradise
[2011/10/11 22:09:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gemini Lost
[2011/10/11 22:09:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Gemini Lost
[2011/10/11 22:06:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Crop Busters
[2011/10/11 22:06:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Crop Busters
[2011/10/11 22:06:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Aveyond - The Darkthrop Prophecy
[2011/10/11 22:06:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Aveyond - The Darkthrop Prophecy
[2011/10/11 22:01:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Witch and The Warrior
[2011/10/11 22:01:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\The Witch and The Warrior
[2011/10/11 21:53:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dark Parables - The Exiled Prince
[2011/10/11 21:53:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Dark Parables - The Exiled Prince
[2011/10/11 16:50:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Garena
[2011/10/11 16:50:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Garena Plus
[2011/10/11 16:50:38 | 000,000,000 | ---D | C] -- C:\ProgramData\GarenaMessenger
[2011/10/11 15:38:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Wizet
[2011/10/11 15:32:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
[2011/10/11 15:32:17 | 000,000,000 | ---D | C] -- C:\Program Files\7-Zip
[2011/10/10 21:53:31 | 000,000,000 | ---D | C] -- C:\ProgramData\{D3B41B92-9BC2-43EB-916A-4FA9E8191837}
[2011/10/10 17:54:47 | 000,000,000 | ---D | C] -- C:\ProgramData\EA Core
[2011/10/10 17:53:28 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\Common Files\EAInstaller
[2011/10/10 17:26:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin
[2011/10/10 17:26:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Origin
[2011/10/10 17:26:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Electronic Arts
[2011/10/10 16:20:52 | 000,713,312 | ---- | C] (NHN USA) -- C:\Windows\SysWow64\ijjiSetup.exe
[2011/10/10 16:20:52 | 000,062,048 | ---- | C] (NHN USA Inc.) -- C:\Windows\SysWow64\ijjiProcessRestarter.exe
[2011/10/10 16:11:03 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Macromed
[2011/10/10 16:03:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SymSilent
[2011/10/10 16:03:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Symantec
[2011/10/10 16:03:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Realtek
[2011/10/10 16:03:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PDF Complete
[2011/10/10 16:03:26 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Online Services
[2011/10/10 16:03:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NVIDIA Corporation
[2011/10/10 16:03:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NewspaperDirect
[2011/10/10 16:03:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\My Life Story - Adventures
[2011/10/10 16:03:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2011/10/10 16:03:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft.NET
[2011/10/10 16:03:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Works
[2011/10/10 16:03:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
[2011/10/10 16:02:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Silverlight
[2011/10/10 16:01:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Office
[2011/10/10 16:01:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Mathematics
[2011/10/10 16:00:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft
[2011/10/10 16:00:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MahjonggArtifacts2_at
[2011/10/10 16:00:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Kobo
[2011/10/10 16:00:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java
[2011/10/10 16:00:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Intel
[2011/10/10 15:57:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\HP Games
[2011/10/10 15:57:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Hp
[2011/10/10 15:55:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Hewlett-Packard
[2011/10/10 15:54:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\FishdomH2O_at
[2011/10/10 15:54:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Fingerprint Sensor
[2011/10/10 15:53:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Cyberlink
[2011/10/10 15:53:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Buildalot4_at
[2011/10/10 15:53:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\bfgclient
[2011/10/10 15:52:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Be Rich
[2011/10/10 15:52:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe
[2011/10/10 15:52:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Zinio Reader 4
[2011/10/10 15:52:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows Live
[2011/10/10 15:51:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WildTangent Games
[2011/10/10 15:51:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VirtualCity_at
[2011/10/10 15:46:49 | 000,000,000 | ---D | C] -- C:\Program Files\WinMerge
[2011/10/10 15:25:00 | 000,000,000 | ---D | C] -- C:\Program Files\Games
[2011/10/10 14:50:02 | 000,000,000 | ---D | C] -- C:\Program Files\uTorrent
[2011/10/10 11:29:13 | 000,000,000 | ---D | C] -- C:\Program Files\Tibia
[2011/10/10 11:00:15 | 004,141,560 | ---- | C] (INCA Internet Co., Ltd.) -- C:\Windows\SysWow64\GameMon.des
[2011/10/10 10:59:54 | 000,004,682 | ---- | C] (INCA Internet Co., Ltd.) -- C:\Windows\SysWow64\npptNT2.sys
[2011/10/10 10:59:51 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\INCA Shared
[2011/10/10 10:49:14 | 000,000,000 | ---D | C] -- C:\Program Files\Asiasoft Online
[2011/10/10 09:12:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Flood Light Games
[2011/10/10 09:09:46 | 000,000,000 | ---D | C] -- C:\ProgramData\HipSoft
[2011/10/10 08:58:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mahjongg Artifacts 2
[2011/10/10 08:58:50 | 000,000,000 | ---D | C] -- C:\Program Files\MahjonggArtifacts2_at
[2011/10/10 08:58:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Virtual City
[2011/10/10 08:58:23 | 000,000,000 | ---D | C] -- C:\Program Files\VirtualCity_at
[2011/10/10 08:57:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fishdom H2O
[2011/10/10 08:57:35 | 000,000,000 | ---D | C] -- C:\Program Files\FishdomH2O_at
[2011/10/10 08:57:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Build-a-lot 4
[2011/10/10 08:56:54 | 000,000,000 | ---D | C] -- C:\Program Files\Buildalot4_at
[2011/10/10 08:34:08 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Online Services
[2011/10/09 23:10:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2011/10/09 23:10:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2011/10/09 23:10:14 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2011/10/09 22:48:51 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2011/10/09 21:38:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Be Rich
[2011/10/09 21:38:55 | 000,000,000 | ---D | C] -- C:\Program Files\Be Rich
[2011/10/09 21:35:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\My Life Story - Adventures
[2011/10/09 21:35:23 | 000,000,000 | ---D | C] -- C:\Program Files\My Life Story - Adventures
[2011/10/09 21:34:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Big Fish Games
[2011/10/09 21:34:17 | 000,000,000 | ---D | C] -- C:\Program Files\bfgclient
[2011/10/09 21:33:00 | 000,000,000 | ---D | C] -- C:\BigFishGamesCache
[2011/10/09 21:07:30 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Wat
[2011/10/09 21:07:30 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Wat
[2011/10/09 20:29:11 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\appmgmt
[2011/10/09 20:27:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
[2011/10/09 20:27:14 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Works
[2011/10/09 20:27:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DESIGNER
[2011/10/09 20:24:06 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2011/10/09 20:23:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help
[2011/10/09 20:22:49 | 000,000,000 | RH-D | C] -- C:\MSOCache
[2011/10/09 20:08:36 | 000,000,000 | ---D | C] -- C:\temp
[2011/10/09 20:07:57 | 000,105,552 | ---- | C] (Trend Micro Inc.) -- C:\Windows\SysNative\drivers\tmtdi.sys
[2011/10/09 20:07:55 | 000,144,464 | ---- | C] (Trend Micro Inc.) -- C:\Windows\SysNative\drivers\tmcomm.sys
[2011/10/09 20:07:55 | 000,090,704 | ---- | C] (Trend Micro Inc.) -- C:\Windows\SysNative\drivers\tmactmon.sys
[2011/10/09 20:07:55 | 000,067,664 | ---- | C] (Trend Micro Inc.) -- C:\Windows\SysNative\drivers\tmevtmgr.sys
[2011/10/09 19:13:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Trend Micro
[2011/10/09 19:13:42 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2011/10/09 19:11:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
[2011/10/09 19:05:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Shopping and Services
[2011/10/09 19:05:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Music, Photos and Videos
[2011/10/09 19:05:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP User Manuals
[2011/10/09 19:04:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Mathematics
[2011/10/09 19:04:28 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Mathematics
[2011/10/09 19:04:12 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution

========== Files - Modified Within 30 Days ==========

[2011/10/31 00:34:13 | 000,027,568 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011/10/31 00:34:13 | 000,027,568 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011/10/31 00:32:07 | 000,793,862 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011/10/31 00:32:07 | 000,675,466 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011/10/31 00:32:07 | 000,128,542 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011/10/31 00:28:41 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Nikhil\Desktop\OTL.exe
[2011/10/31 00:28:25 | 000,000,512 | ---- | M] () -- C:\Users\Nikhil\Desktop\MBR.dat
[2011/10/31 00:27:13 | 001,916,416 | ---- | M] (AVAST Software) -- C:\Users\Nikhil\Desktop\aswMBR.exe
[2011/10/31 00:26:48 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011/10/31 00:26:38 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/10/31 00:26:33 | 2133,745,663 | -HS- | M] () -- C:\hiberfil.sys
[2011/10/30 23:46:38 | 000,000,512 | ---- | M] () -- C:\Users\Nikhil\Documents\MBR.dat
[2011/10/30 19:58:54 | 000,051,270 | ---- | M] () -- C:\Users\Nikhil\AppData\Roaming\room_v3.dat
[2011/10/30 18:20:03 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011/10/29 19:25:05 | 000,001,089 | ---- | M] () -- C:\Users\Nikhil\Desktop\PowerSuite.lnk
[2011/10/28 07:05:57 | 000,305,120 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2011/10/27 15:44:54 | 000,254,528 | ---- | M] (DT Soft Ltd) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys
[2011/10/26 10:06:07 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForNikhil.job
[2011/10/23 01:10:39 | 000,001,699 | ---- | M] () -- C:\Users\Public\Desktop\SFK Server Launcher.lnk
[2011/10/23 01:10:39 | 000,001,527 | ---- | M] () -- C:\Users\Public\Desktop\left4dead2.lnk
[2011/10/23 01:10:38 | 000,001,919 | ---- | M] () -- C:\Users\Public\Desktop\SFK Avatar Installer.lnk
[2011/10/22 21:49:13 | 000,000,243 | ---- | M] () -- C:\ProgramData\MusicStation.xml
[2011/10/22 21:49:10 | 000,000,228 | ---- | M] () -- C:\Windows\SysWow64\MsiExec.config
[2011/10/22 21:49:07 | 000,000,937 | ---- | M] () -- C:\Users\Nikhil\Application Data\Microsoft\Internet Explorer\Quick Launch\MusicStation.lnk
[2011/10/22 12:33:49 | 000,000,919 | ---- | M] () -- C:\Users\Public\Desktop\Steam.lnk
[2011/10/20 19:22:20 | 000,002,261 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2011/10/20 19:22:20 | 000,002,245 | ---- | M] () -- C:\Users\Nikhil\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2011/10/19 21:21:25 | 000,001,485 | ---- | M] () -- C:\Users\Nikhil\Desktop\Frozen Throne.lnk
[2011/10/19 20:58:47 | 000,001,486 | ---- | M] () -- C:\Users\Nikhil\Desktop\Garena.lnk
[2011/10/19 20:36:20 | 000,001,443 | ---- | M] () -- C:\Users\Nikhil\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2011/10/19 20:34:30 | 000,001,398 | ---- | M] () -- C:\Users\Nikhil\Desktop\League Of Legends.lnk
[2011/10/19 20:34:22 | 000,001,398 | ---- | M] () -- C:\Users\Nikhil\Desktop\Heroes Of Newerth.lnk
[2011/10/19 20:15:01 | 000,001,306 | ---- | M] () -- C:\Users\Nikhil\Desktop\Warcraft III.lnk
[2011/10/18 10:03:07 | 000,000,348 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleFornyayapati.job
[2011/10/11 16:50:45 | 000,001,069 | ---- | M] () -- C:\Users\Public\Desktop\Garena Plus.lnk
[2011/10/11 15:42:41 | 000,002,068 | ---- | M] () -- C:\Users\Nikhil\Desktop\MapleStory.lnk
[2011/10/10 17:58:33 | 000,280,904 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2011/10/10 17:58:33 | 000,280,904 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2011/10/10 17:53:09 | 000,189,248 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.ex0
[2011/10/10 17:53:00 | 000,075,136 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2011/10/10 10:03:18 | 000,041,450 | ---- | M] () -- C:\Windows\SysWow64\license.rtf
[2011/10/10 10:03:18 | 000,041,450 | ---- | M] () -- C:\Windows\SysNative\license.rtf
[2011/10/10 10:01:07 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_ssadadb_01005.Wdf
[2011/10/09 22:48:54 | 000,001,144 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2011/10/09 21:04:14 | 000,779,290 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011/10/09 19:10:36 | 000,001,449 | ---- | M] () -- C:\Users\Nikhil\Desktop\Internet Explorer.lnk
[2011/10/09 19:05:09 | 000,000,000 | RHS- | M] () -- C:\Windows\SysWow64\drivers\103C_HP_cPC_s5-1150d_Y53316J_0U_Q4CE133_E11AP3MRW603_4A_I2AC2_SPEGATRON CORPORATION_V2.00_B7.13_T110722_W748-1_L409_M8175_J1000_7Intel_86A7_93.10_#110812_N10EC8168;18145392_Z_G10DE0DE5_Ohp DVD A DH16ABLH.MRK
[2011/10/09 19:05:09 | 000,000,000 | RHS- | M] () -- C:\Windows\SysNative\drivers\103C_HP_cPC_s5-1150d_Y53316J_0U_Q4CE133_E11AP3MRW603_4A_I2AC2_SPEGATRON CORPORATION_V2.00_B7.13_T110722_W748-1_L409_M8175_J1000_7Intel_86A7_93.10_#110812_N10EC8168;18145392_Z_G10DE0DE5_Ohp DVD A DH16ABLH.MRK

========== Files Created - No Company Name ==========

[2011/10/31 00:28:25 | 000,000,512 | ---- | C] () -- C:\Users\Nikhil\Desktop\MBR.dat
[2011/10/30 23:42:04 | 000,000,512 | ---- | C] () -- C:\Users\Nikhil\Documents\MBR.dat
[2011/10/29 19:25:05 | 000,001,089 | ---- | C] () -- C:\Users\Nikhil\Desktop\PowerSuite.lnk
[2011/10/24 09:17:26 | 000,000,336 | ---- | C] () -- C:\Windows\tasks\HPCeeScheduleForNikhil.job
[2011/10/23 01:10:39 | 000,001,699 | ---- | C] () -- C:\Users\Public\Desktop\SFK Server Launcher.lnk
[2011/10/23 01:10:39 | 000,001,527 | ---- | C] () -- C:\Users\Public\Desktop\left4dead2.lnk
[2011/10/23 01:10:38 | 000,001,919 | ---- | C] () -- C:\Users\Public\Desktop\SFK Avatar Installer.lnk
[2011/10/22 21:49:13 | 000,000,243 | ---- | C] () -- C:\ProgramData\MusicStation.xml
[2011/10/22 21:49:10 | 000,000,228 | ---- | C] () -- C:\Windows\SysWow64\MsiExec.config
[2011/10/22 21:49:07 | 000,000,937 | ---- | C] () -- C:\Users\Nikhil\Application Data\Microsoft\Internet Explorer\Quick Launch\MusicStation.lnk
[2011/10/22 18:23:30 | 000,051,270 | ---- | C] () -- C:\Users\Nikhil\AppData\Roaming\room_v3.dat
[2011/10/22 12:33:49 | 000,000,919 | ---- | C] () -- C:\Users\Public\Desktop\Steam.lnk
[2011/10/20 19:22:20 | 000,002,261 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2011/10/20 19:22:20 | 000,002,245 | ---- | C] () -- C:\Users\Nikhil\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2011/10/20 19:22:04 | 000,000,898 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011/10/20 19:22:04 | 000,000,894 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011/10/20 19:04:52 | 000,696,832 | ---- | C] () -- C:\Windows\SysNative\xvidcore.dll
[2011/10/20 19:04:52 | 000,255,488 | ---- | C] () -- C:\Windows\SysNative\xvidvfw.dll
[2011/10/20 19:04:52 | 000,173,568 | ---- | C] () -- C:\Windows\SysNative\xvid.ax
[2011/10/20 19:04:51 | 000,645,632 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2011/10/20 19:04:51 | 000,240,640 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2011/10/20 19:04:51 | 000,153,088 | ---- | C] () -- C:\Windows\SysWow64\xvid.ax
[2011/10/19 20:58:47 | 000,001,486 | ---- | C] () -- C:\Users\Nikhil\Desktop\Garena.lnk
[2011/10/19 20:36:20 | 000,001,443 | ---- | C] () -- C:\Users\Nikhil\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2011/10/19 20:34:30 | 000,001,398 | ---- | C] () -- C:\Users\Nikhil\Desktop\League Of Legends.lnk
[2011/10/19 20:34:22 | 000,001,398 | ---- | C] () -- C:\Users\Nikhil\Desktop\Heroes Of Newerth.lnk
[2011/10/19 20:27:02 | 000,001,415 | ---- | C] () -- C:\Users\Nikhil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
[2011/10/19 20:26:58 | 000,001,449 | ---- | C] () -- C:\Users\Nikhil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2011/10/19 20:26:32 | 000,000,290 | ---- | C] () -- C:\Users\Nikhil\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2011/10/19 20:26:32 | 000,000,272 | ---- | C] () -- C:\Users\Nikhil\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2011/10/19 20:15:01 | 000,001,485 | ---- | C] () -- C:\Users\Nikhil\Desktop\Frozen Throne.lnk
[2011/10/19 20:15:01 | 000,001,306 | ---- | C] () -- C:\Users\Nikhil\Desktop\Warcraft III.lnk
[2011/10/16 12:50:56 | 000,117,850 | ---- | C] () -- C:\Windows\SysNative\Cnmnput.chm
[2011/10/11 16:50:45 | 000,001,069 | ---- | C] () -- C:\Users\Public\Desktop\Garena Plus.lnk
[2011/10/11 15:42:41 | 000,002,068 | ---- | C] () -- C:\Users\Nikhil\Desktop\MapleStory.lnk
[2011/10/10 21:57:53 | 000,000,348 | ---- | C] () -- C:\Windows\tasks\HPCeeScheduleFornyayapati.job
[2011/10/10 17:58:33 | 000,280,904 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2011/10/10 17:53:01 | 000,280,904 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2011/10/10 17:53:01 | 000,189,248 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.ex0
[2011/10/10 17:53:00 | 000,075,136 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2011/10/10 10:59:54 | 000,005,174 | ---- | C] () -- C:\Windows\SysWow64\nppt9x.vxd
[2011/10/10 10:01:07 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_ssadadb_01005.Wdf
[2011/10/09 22:51:05 | 000,001,449 | ---- | C] () -- C:\Users\Nikhil\Desktop\Internet Explorer.lnk
[2011/10/09 22:48:54 | 000,001,156 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2011/10/09 22:48:54 | 000,001,144 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2011/10/09 21:34:21 | 000,001,248 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\More Great Games.lnk
[2011/10/09 19:05:25 | 000,000,925 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MusicStation.lnk
[2011/10/09 19:05:12 | 000,001,787 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Warranty.lnk
[2011/10/09 19:05:09 | 000,000,000 | RHS- | C] () -- C:\Windows\SysWow64\drivers\103C_HP_cPC_s5-1150d_Y53316J_0U_Q4CE133_E11AP3MRW603_4A_I2AC2_SPEGATRON CORPORATION_V2.00_B7.13_T110722_W748-1_L409_M8175_J1000_7Intel_86A7_93.10_#110812_N10EC8168;18145392_Z_G10DE0DE5_Ohp DVD A DH16ABLH.MRK
[2011/10/09 19:05:09 | 000,000,000 | RHS- | C] () -- C:\Windows\SysNative\drivers\103C_HP_cPC_s5-1150d_Y53316J_0U_Q4CE133_E11AP3MRW603_4A_I2AC2_SPEGATRON CORPORATION_V2.00_B7.13_T110722_W748-1_L409_M8175_J1000_7Intel_86A7_93.10_#110812_N10EC8168;18145392_Z_G10DE0DE5_Ohp DVD A DH16ABLH.MRK
[2011/08/13 14:01:37 | 000,002,792 | ---- | C] () -- C:\Program Files\HP SimplePass 2011
[2011/06/21 15:07:00 | 000,007,736 | ---- | C] () -- C:\Windows\hpDSTRES.DLL
[2011/02/12 04:29:00 | 000,779,290 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2009/07/14 13:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009/07/14 10:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009/07/14 10:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009/07/14 08:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009/07/14 07:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009/07/14 05:59:36 | 001,498,564 | ---- | C] () -- C:\Windows\SysWow64\igkrng400.bin
[2009/07/14 05:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/06/11 05:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat

========== LOP Check ==========

[2011/10/29 18:51:23 | 000,000,000 | ---D | M] -- C:\Users\Nikhil\AppData\Roaming\DAEMON Tools Lite
[2011/10/23 19:03:27 | 000,000,000 | ---D | M] -- C:\Users\Nikhil\AppData\Roaming\GarenaPlus
[2011/10/19 20:43:58 | 000,000,000 | ---D | M] -- C:\Users\Nikhil\AppData\Roaming\LolClient
[2011/10/30 19:54:04 | 000,000,000 | ---D | M] -- C:\Users\Nikhil\AppData\Roaming\QuickScan
[2011/10/31 09:42:54 | 000,000,000 | ---D | M] -- C:\Users\Nikhil\AppData\Roaming\Uniblue
[2011/10/31 13:46:09 | 000,000,000 | ---D | M] -- C:\Users\Nikhil\AppData\Roaming\uTorrent
[2011/10/11 22:12:10 | 000,000,000 | ---D | M] -- C:\Users\nyayapati\AppData\Roaming\Aveyond 3
[2011/10/20 14:15:15 | 000,000,000 | ---D | M] -- C:\Users\nyayapati\AppData\Roaming\Blue Tea Games
[2011/10/10 09:12:54 | 000,000,000 | ---D | M] -- C:\Users\nyayapati\AppData\Roaming\Flood Light Games
[2011/10/10 09:04:39 | 000,000,000 | ---D | M] -- C:\Users\nyayapati\AppData\Roaming\Gaijin Ent
[2011/10/18 10:20:06 | 000,000,000 | ---D | M] -- C:\Users\nyayapati\AppData\Roaming\GameInvest
[2011/10/11 16:50:45 | 000,000,000 | ---D | M] -- C:\Users\nyayapati\AppData\Roaming\GarenaMessenger
[2011/10/19 19:37:57 | 000,000,000 | ---D | M] -- C:\Users\nyayapati\AppData\Roaming\GarenaPlus
[2011/10/10 16:25:25 | 000,000,000 | ---D | M] -- C:\Users\nyayapati\AppData\Roaming\ijjigame
[2011/10/12 12:48:07 | 000,000,000 | ---D | M] -- C:\Users\nyayapati\AppData\Roaming\LolClient
[2011/10/11 16:53:28 | 000,000,000 | ---D | M] -- C:\Users\nyayapati\AppData\Roaming\LolClient2
[2011/10/10 17:26:29 | 000,000,000 | ---D | M] -- C:\Users\nyayapati\AppData\Roaming\Origin
[2011/10/11 23:00:26 | 000,000,000 | ---D | M] -- C:\Users\nyayapati\AppData\Roaming\PlayFirst
[2011/10/10 09:08:18 | 000,000,000 | ---D | M] -- C:\Users\nyayapati\AppData\Roaming\Playrix Entertainment
[2011/10/19 20:26:16 | 000,000,000 | ---D | M] -- C:\Users\nyayapati\AppData\Roaming\uTorrent
[2011/10/10 09:06:22 | 000,000,000 | ---D | M] -- C:\Users\nyayapati\AppData\Roaming\Virtual City
[2011/10/10 21:52:08 | 000,000,000 | ---D | M] -- C:\Users\nyayapati\AppData\Roaming\WinBatch
[2009/07/14 13:08:49 | 000,012,970 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Custom Scans ==========


< %SYSTEMDRIVE%\*.exe >


< MD5 for: EXPLORER.EXE >
[2011/08/13 13:37:45 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2011/08/13 13:37:45 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011/08/13 13:37:45 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011/08/13 13:37:45 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010/11/21 11:24:25 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2011/08/13 13:37:45 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011/08/13 13:37:45 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2010/11/21 11:24:11 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe

< MD5 for: SVCHOST.EXE >
[2009/07/14 09:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009/07/14 09:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2009/07/14 09:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009/07/14 09:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe

< MD5 for: USERINIT.EXE >
[2010/11/21 11:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010/11/21 11:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2010/11/21 11:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010/11/21 11:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe

< MD5 for: WINLOGON.EXE >
[2010/11/21 11:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010/11/21 11:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe

< C:\Windows\assembly\tmp\U\*.* /s >
[2011/10/29 18:52:50 | 000,003,584 | ---- | M] () -- C:\Windows\assembly\tmp\U\000000c0.@
[2011/10/29 18:52:50 | 000,003,072 | ---- | M] () -- C:\Windows\assembly\tmp\U\000000cb.@
[2011/10/29 18:52:50 | 000,001,536 | ---- | M] () -- C:\Windows\assembly\tmp\U\000000cf.@
[2011/10/29 18:52:51 | 000,018,432 | ---- | M] () -- C:\Windows\assembly\tmp\U\80000000.@
[2011/10/29 18:52:51 | 000,076,800 | ---- | M] () -- C:\Windows\assembly\tmp\U\800000c0.@
[2011/10/29 18:52:51 | 000,020,992 | ---- | M] () -- C:\Windows\assembly\tmp\U\800000cb.@
[2011/10/29 18:52:51 | 000,034,304 | ---- | M] () -- C:\Windows\assembly\tmp\U\800000cf.@

========== Alternate Data Streams ==========

@Alternate Data Stream - 234 bytes -> C:\ProgramData\Temp:84BD8B63
@Alternate Data Stream - 232 bytes -> C:\ProgramData\Temp:CAF8DAC8
@Alternate Data Stream - 231 bytes -> C:\ProgramData\Temp:880F0FEF
@Alternate Data Stream - 231 bytes -> C:\ProgramData\Temp:425759C6
@Alternate Data Stream - 228 bytes -> C:\ProgramData\Temp:371A321E
@Alternate Data Stream - 224 bytes -> C:\ProgramData\Temp:2BE0B2D7
@Alternate Data Stream - 223 bytes -> C:\ProgramData\Temp:D6D084A5
@Alternate Data Stream - 220 bytes -> C:\ProgramData\Temp:B285A50E
@Alternate Data Stream - 215 bytes -> C:\ProgramData\Temp:7AF9CAEB
@Alternate Data Stream - 213 bytes -> C:\ProgramData\Temp:D6B71B40
@Alternate Data Stream - 212 bytes -> C:\ProgramData\Temp:3086B95F
@Alternate Data Stream - 210 bytes -> C:\ProgramData\Temp:9E3E060F
@Alternate Data Stream - 210 bytes -> C:\ProgramData\Temp:1ECED34B
@Alternate Data Stream - 205 bytes -> C:\ProgramData\Temp:ADDDF689
@Alternate Data Stream - 202 bytes -> C:\ProgramData\Temp:067BF339
@Alternate Data Stream - 198 bytes -> C:\ProgramData\Temp:315B4A13
@Alternate Data Stream - 192 bytes -> C:\ProgramData\Temp:4A392155
@Alternate Data Stream - 186 bytes -> C:\ProgramData\Temp:21C01CF5
@Alternate Data Stream - 132 bytes -> C:\ProgramData\Temp:C43C957E

< End of report >


EXTRAS LOG FILE



OTL Extras logfile created on: 10/31/2011 12:29:50 AM - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Nikhil\Desktop
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: Singapore | Language: ENE | Date Format: d/M/yyyy

7.98 Gb Total Physical Memory | 6.59 Gb Available Physical Memory | 82.49% Memory free
13.98 Gb Paging File | 12.49 Gb Available in Paging File | 89.32% Paging File free
Paging file location(s): [Binary data over 100 bytes]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 919.50 Gb Total Space | 841.47 Gb Free Space | 91.51% Space Free | Partition Type: NTFS
Drive D: | 11.91 Gb Total Space | 1.46 Gb Free Space | 12.24% Space Free | Partition Type: NTFS

Computer Name: EMOQ-HP | User Name: Nikhil | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)

[HKEY_USERS\S-1-5-21-4051046303-2120523462-3941003408-1003\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L"
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L"
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========


========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{054EF02F-95D8-48F4-9EEB-2F9CE3072ED8}" = AuthenTec TrueAPI
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP620_series" = Canon MP620 series MP Drivers
"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
"{23170F69-40C1-2702-0920-000001000000}" = 7-Zip 9.20 (x64 edition)
"{2856A1C2-70C5-4EC3-AFF7-E5B51E5530A2}" = HP Client Services
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources
"{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007
"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{ABBD4BA8-6703-40D2-AB1E-5BB1F7DB49A4}" = Trend Micro Titanium Internet Security
"{ABBD4BA9-6703-40D2-AB1E-5BB1F7DB49A4}" = Trend Micro™ Titanium™ Internet Security
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Driver 267.95
"{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 267.95
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Graphics Driver 267.95
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX System Software 9.10.0514
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}" = PlayReady PC Runtime amd64
"{CC4D56B7-6F18-470B-8734-ABCD75BCF4F1}" = HP Auto
"{D07A61E5-A59C-433C-BCBD-22025FA2287B}" = Windows Live Language Selector
"{D79A02E9-6713-4335-9668-AAC7474C0C0E}" = HP Vision Hardware Diagnostics
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{F83779DF-E1F5-43A2-A7BE-732F856FADB7}" = Microsoft SQL Server Compact 3.5 SP1 x64 English
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX 64-bit
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin 64-bit
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"WinRAR archiver" = WinRAR 4.00 (64-bit)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00FF4EB6-6AAC-4E9D-A60A-8F388691BB27}" = HP SimplePass PE 2011
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{07FA4960-B038-49EB-891B-9F95930AA544}" = HP Customer Experience Enhancements
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{16FC3056-90C0-4757-8A68-64D8DA846ADA}" = Remote Graphics Receiver
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1E03DB52-D5CB-4338-A338-E526DD4D4DB1}" = Bing Bar
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{26A24AE4-039D-4CA4-87B4-2F83216027FF}" = Java™ 6 Update 29
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}" = Microsoft XNA Framework Redistributable 4.0
"{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App" = Update Installer for WildTangent Games App
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}" = Norton Online Backup
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}" = Recovery Manager
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4D090F70-6F08-4B60-9357-A1DFD4458F09}" = Microsoft Mathematics
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel® Management Engine Components
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6F340107-F9AA-47C6-B54C-C3A19F11553F}" = Hewlett-Packard ACLM.NET v1.1.1.0
"{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-hp" = WildTangent Games App (HP Games)
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{793A260C-CDBF-499C-ABBA-B51E8E076867}_is1" = Uniblue PowerSuite
"{7DE0E2DB-319A-4C26-BFB1-C6E051678210}" = Sudden Attack SEA
"{7F2A11F4-EAE8-4325-83EC-E3E99F85169E}" = HP Support Information
"{7FB00B6B-6843-97EC-EED6-78BD6D35370A}" = Zinio Reader 4
"{80956555-A512-4190-9CAD-B000C36D6B6B}" = Windows Live Messenger
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}" = Dual Stream 802.11n Wireless LAN Card
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{E64BA721-2310-4B55-BE5A-2925F9706192}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-0409-1000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0116-0409-1000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{901DC58A-5C1B-4315-BA40-5AD3D3A463B9}" = REACTOR
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{912CED74-88D3-4C5B-ACB0-132318649765}" = PressReader
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AE856388-AFAD-4753-81DF-D96B19D0A17C}" = HP Setup Manager
"{AFF7E080-1974-45BF-9310-10DE1A1F5ED0}" = Adobe AIR
"{B40D7926-AE5F-41EA-8AC6-56C0E2F00E9D}" = HP Keyboard
"{B8AC1A89-FFD1-4F97-8051-E505A160F562}" = HP Odometer
"{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}" = NVIDIA PhysX
"{C01A86F5-56E7-101F-9BC9-E3F1025EB779}" = Intel® Identity Protection Technology 1.1.2.0
"{C2F8CA82-2BD9-4513-B2D1-08A47914C1DA}_is1" = Uniblue DriverScanner
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{CA43FE4F-9FF2-4AD7-88F0-CC3BAC17B226}" = HP Support Assistant
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D35B72B6-F0E4-462B-BDEB-E08032B3B681}" = HP Setup
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{DB3147AB-4024-4773-8EC0-A1FE5B44933D}" = HP LinkUp
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DE77FE3F-A33D-499A-87AD-5FC406617B40}" = HP Update
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E55B3271-7CA8-4D0C-AE06-69A24856E996}_is1" = Uniblue SpeedUpMyPC
"{E59113EB-0285-4BFD-A37A-B79EAC6B8F4B}" = Microsoft SQL Server Compact 3.5 SP1 English
"{E63E34A7-E552-412B-9E40-FD6FC5227ABA}_is1" = Uniblue RegistryBooster
"{E74E7F63-E70F-43f2-873F-35FB66F263B2}" = MusicStation
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe AIR" = Adobe AIR
"BFG-Aveyond - The Darkthrop Prophecy" = Aveyond: The Darkthrop Prophecy
"BFG-Be Rich" = Be Rich
"BFGC" = Big Fish Games: Game Manager
"BFG-Crop Busters" = Crop Busters
"BFG-Dark Parables - Curse of Briar Rose" = Dark Parables: Curse of Briar Rose
"BFG-Dark Parables - The Exiled Prince" = Dark Parables: The Exiled Prince
"BFG-Escape From Paradise" = Escape From Paradise
"BFG-Gemini Lost" = Gemini Lost
"BFG-Lost in Reefs" = Lost in Reefs
"BFG-My Life Story - Adventures" = My Life Story: Adventures
"BFG-Mystic Diary - Haunted Island" = Mystic Diary: Haunted Island
"BFG-Nocturnal - Boston Nightfall" = Nocturnal: Boston Nightfall ™
"BFG-Profitville" = Profitville
"BFG-Supermarket Management 2" = Supermarket Management 2
"BFG-The Witch and The Warrior" = The Witch and The Warrior
"BFG-The Witch and the Warrior Strategy Guide" = The Witch and the Warrior Strategy Guide
"BFG-Wheel of Fortune 2" = Wheel of Fortune 2
"BFG-World of Zellians - Kingdom Builder" = World of Zellians: Kingdom Builder ™
"BFG-Zoo Empire" = Zoo Empire
"Build-a-lot 4 Free Trial_is1" = Build-a-lot 4 Free Trial
"Canon_IJ_Network_Scan_UTILITY" = Canon IJ Network Scan Utility
"Canon_IJ_Network_UTILITY" = Canon IJ Network Tool
"CANONIJPLM100" = Inkjet Printer/Scanner Extended Survey Program
"CanonMyPrinter" = Canon Utilities My Printer
"CanonSolutionMenu" = Canon Utilities Solution Menu
"DAEMON Tools Lite" = DAEMON Tools Lite
"DivX Setup" = DivX Setup
"Easy-PhotoPrint EX" = Canon Utilities Easy-PhotoPrint EX
"ESN Sonar-0.70.0" = ESN Sonar
"Fishdom H2O Free Trial_is1" = Fishdom H2O Free Trial
"Garena Classic 2011" = Garena Classic 2011
"Giraffic" = Veoh Giraffic Video Accelerator
"Google Chrome" = Google Chrome
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"im" = Garena Plus
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"Kobo" = Kobo
"L4D2SP" = Left 4 Dead 2 Standalone Patch™
"Mahjongg Artifacts 2 Free Trial_is1" = Mahjongg Artifacts 2 Free Trial
"MapleStorySEA" = MapleStorySEA
"Mozilla Firefox 7.0.1 (x86 en-GB)" = Mozilla Firefox 7.0.1 (x86 en-GB)
"MP Navigator EX 2.0" = Canon MP Navigator EX 2.0
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Origin" = Origin
"PDF Complete" = PDF Complete Special Edition
"PunkBusterSvc" = PunkBuster Services
"uTorrent" = µTorrent
"Veoh Web Player Beta" = Veoh Web Player
"Veoh_Web_Player Toolbar" = Veoh Web Player Toolbar
"VIP Access SDK" = VIP Access SDK (1.0.1.4)
"Virtual City Free Trial_is1" = Virtual City Free Trial
"VLC media player" = VLC media player 1.1.11
"Warcraft III Reign of Chaos & The Frozen Throne" = Warcraft III Reign of Chaos & The Frozen Throne
"WildTangent hp Master Uninstall" = HP Games
"WinLiveSuite" = Windows Live Essentials
"WTA-13aa4f49-ef08-4c56-bb64-f79990eb135a" = Bejeweled 3
"WTA-25ac0269-5271-47d4-8566-42709221d2c9" = Namco All-Stars: PAC-MAN
"WTA-3bca92ad-fc6a-4b9d-86b4-da20c19fd4b7" = Mah Jong Medley
"WTA-3bd3a2f7-9b69-487d-a3e3-f2758cbbd3c2" = Chuzzle Deluxe
"WTA-3d204ef0-1d34-412d-962f-8393bd0ade79" = FATE
"WTA-3df9da29-ee61-4e41-b883-73f7e0ccc6d5" = Cradle of Rome 2
"WTA-3e05bc49-df07-469e-9ec1-808c243ea1d8" = Jewel Quest: The Sleepless Star - Collector's Edition
"WTA-42177f20-069b-4604-8eaa-473c9fbfd0ea" = Slingo Supreme
"WTA-471967a3-c796-4ec1-8217-a1c692508bde" = Blackhawk Striker 2
"WTA-62fd1cff-f352-434a-a14d-d373b4a5eb63" = Chronicles of Albian
"WTA-69e4ba8f-53f7-407f-a93c-da6a73eb873e" = Plants vs. Zombies - Game of the Year
"WTA-7aea40b0-ab11-4dfa-be78-202fcbc9e06b" = Farm Frenzy
"WTA-7fa11778-ca5b-46d7-a0ec-60bfe12b056d" = Vacation Quest - The Hawaiian Islands
"WTA-85fb4e3f-2326-43c3-83e8-83e6169467f0" = Polar Golfer
"WTA-8917c6c8-b368-4d55-a01d-e47b36db9781" = Virtual Villagers 5 - New Believers
"WTA-8cc00ae4-98fe-47f6-a80e-9d0e3751b360" = Governor of Poker 2 Premium Edition
"WTA-a09228af-b900-40c7-9250-3495415caabb" = Zuma Deluxe
"WTA-a1faac33-d11e-4131-b797-104587b99ef6" = Agatha Christie - Peril at End House
"WTA-af41a701-5bf3-414b-a5aa-648f2bd23dd3" = Final Drive: Nitro
"WTA-b437161b-465b-4688-91f0-0e2af7fd4f2e" = Cake Mania
"WTA-c139468e-4e68-4a2f-a03a-9313f8231cbc" = Bounce Symphony
"WTA-c93000c1-964f-41c0-b6e0-2ae6db203acc" = Penguins!
"WTA-d98149b6-2884-4d94-ae3b-6bd4950ccc38" = Mystery of Mortlake Mansion
"WTA-e6126329-6cd4-455f-b631-1b9216dc7b8b" = Blasterball 3
"WTA-e8d8223b-2b7f-4bf8-ac68-88b69187927a" = Polar Bowler
"WTA-f826a7cb-068a-4a35-82b0-e77006cd5c0f" = Poker Superstars III
"Xvid Video Codec 1.3.2" = Xvid Video Codec
"ZinioReader4" = Zinio Reader 4

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 10/15/2011 1:03:12 PM | Computer Name = nyayapati-HP | Source = Windows Search Service | ID = 3083
Description =

Error - 10/17/2011 12:58:31 AM | Computer Name = nyayapati-HP | Source = .NET Runtime | ID = 1026
Description =

Error - 10/17/2011 12:58:32 AM | Computer Name = nyayapati-HP | Source = Application Error | ID = 1000
Description = Faulting application name: Terraria.exe, version: 1.0.4.0, time stamp:
0x4e405fba Faulting module name: KERNELBASE.dll, version: 6.1.7601.17651, time stamp:
0x4e211319 Exception code: 0xe0434352 Fault offset: 0x0000b9bc Faulting process id:
0x12e8 Faulting application start time: 0x01cc8c8969e22aef Faulting application path:
C:\Users\nyayapati\Downloads\Terraria 1.0.6\Terraria 1.0.6\Terraria.exe Faulting
module path: C:\Windows\syswow64\KERNELBASE.dll Report Id: a938a75f-f87c-11e0-8f9d-3860771e56c5

Error - 10/17/2011 12:58:54 AM | Computer Name = nyayapati-HP | Source = .NET Runtime | ID = 1026
Description =

Error - 10/17/2011 12:58:54 AM | Computer Name = nyayapati-HP | Source = Application Error | ID = 1000
Description = Faulting application name: Terraria.exe, version: 1.0.4.0, time stamp:
0x4e405fba Faulting module name: KERNELBASE.dll, version: 6.1.7601.17651, time stamp:
0x4e211319 Exception code: 0xe0434352 Fault offset: 0x0000b9bc Faulting process id:
0x1620 Faulting application start time: 0x01cc8c897829bf8d Faulting application path:
C:\Users\nyayapati\Downloads\Terraria 1.0.6\Terraria 1.0.6\Terraria.exe Faulting
module path: C:\Windows\syswow64\KERNELBASE.dll Report Id: b602e8fd-f87c-11e0-8f9d-3860771e56c5

Error - 10/17/2011 1:01:11 AM | Computer Name = nyayapati-HP | Source = .NET Runtime | ID = 1026
Description =

Error - 10/17/2011 1:01:11 AM | Computer Name = nyayapati-HP | Source = Application Error | ID = 1000
Description = Faulting application name: Terraria.exe, version: 1.0.0.0, time stamp:
0x4dd0bfaa Faulting module name: KERNELBASE.dll, version: 6.1.7601.17651, time stamp:
0x4e211319 Exception code: 0xe0434352 Fault offset: 0x0000b9bc Faulting process id:
0x1570 Faulting application start time: 0x01cc8c89ca1e1657 Faulting application path:
C:\Users\nyayapati\Downloads\terrariaretail\Terraria.exe Faulting module path: C:\Windows\syswow64\KERNELBASE.dll
Report
Id: 07ec5271-f87d-11e0-8f9d-3860771e56c5

Error - 10/17/2011 5:50:46 AM | Computer Name = nyayapati-HP | Source = Windows Search Service | ID = 3083
Description =

Error - 10/17/2011 6:11:08 AM | Computer Name = nyayapati-HP | Source = Windows Search Service | ID = 3083
Description =

Error - 10/18/2011 5:49:27 AM | Computer Name = nyayapati-HP | Source = Application Error | ID = 1000
Description = Faulting application name: iexplore.exe, version: 9.0.8112.16421,
time stamp: 0x4d76255d Faulting module name: unknown, version: 0.0.0.0, time stamp:
0x00000000 Exception code: 0xc0000005 Fault offset: 0x00750068 Faulting process id:
0x109c Faulting application start time: 0x01cc8d7b374972a4 Faulting application path:
C:\Program Files (x86)\Internet Explorer\iexplore.exe Faulting module path: unknown
Report
Id: 7798603d-f96e-11e0-8e26-3860771e56c5

[ Hewlett-Packard Events ]
Error - 10/16/2011 10:25:44 PM | Computer Name = nyayapati-HP | Source = hpsa_service.exe | ID = 2000
Description = HP Error ID: -2146233088 at HP.ActiveCheckLocalMode.SessionManager.ActiveCheckManager.UpdateDetail(String
category) at HP.ActiveCheckLocalMode.SessionManager.ActiveCheckManager.UpdateAndDetectCore()

at HP.SupportAssistant.Service.ACLM.ActiveCheck.LaunchActiveCheck(Boolean singleScan,
Boolean localScan) Message: Failed to perform update. StackTrace: at HP.ActiveCheckLocalMode.SessionManager.ActiveCheckManager.UpdateDetail(String
category) at HP.ActiveCheckLocalMode.SessionManager.ActiveCheckManager.UpdateAndDetectCore()

at HP.SupportAssistant.Service.ACLM.ActiveCheck.LaunchActiveCheck(Boolean singleScan,
Boolean localScan) Source: HP.ActiveCheckLocalMode.SessionManager InnerException.Message:
Object '/b90c932d_56db_4419_82ad_0e07c3b70db8/g_spbizffxcspdxt9itvjsy4_5.rem' has
been disconnected or does not exist at the server. Name: hpsa_service.exe Version:
06.00.01.01 Path: C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
Format:
en-US RAM: 8174 Ram Utilization: 20 TargetSite: Void UpdateDetail(System.String)

[ System Events ]
Error - 10/30/2011 3:21:16 AM | Computer Name = nyayapati-HP | Source = Service Control Manager | ID = 7001
Description = The Windows Firewall service depends on the Windows Firewall Authorization
Driver service which failed to start because of the following error: %%183

Error - 10/30/2011 3:21:20 AM | Computer Name = nyayapati-HP | Source = Service Control Manager | ID = 7000
Description = The PnkBstrA service failed to start due to the following error: %%3

Error - 10/30/2011 3:21:55 AM | Computer Name = nyayapati-HP | Source = Service Control Manager | ID = 7024
Description = The HomeGroup Listener service terminated with service-specific error
%%-2147023143.

Error - 10/30/2011 3:22:20 AM | Computer Name = nyayapati-HP | Source = Service Control Manager | ID = 7000
Description = The Windows Firewall Authorization Driver service failed to start
due to the following error: %%183

Error - 10/30/2011 3:22:20 AM | Computer Name = nyayapati-HP | Source = Service Control Manager | ID = 7001
Description = The Windows Firewall service depends on the Windows Firewall Authorization
Driver service which failed to start because of the following error: %%183

Error - 10/30/2011 3:25:19 AM | Computer Name = nyayapati-HP | Source = Service Control Manager | ID = 7000
Description = The Windows Firewall Authorization Driver service failed to start
due to the following error: %%183

Error - 10/30/2011 3:25:19 AM | Computer Name = nyayapati-HP | Source = Service Control Manager | ID = 7001
Description = The Windows Firewall service depends on the Windows Firewall Authorization
Driver service which failed to start because of the following error: %%183

Error - 10/30/2011 3:26:31 AM | Computer Name = nyayapati-HP | Source = Service Control Manager | ID = 7000
Description = The Windows Firewall Authorization Driver service failed to start
due to the following error: %%183

Error - 10/30/2011 3:26:49 AM | Computer Name = nyayapati-HP | Source = Service Control Manager | ID = 7000
Description = The Windows Firewall Authorization Driver service failed to start
due to the following error: %%183

Error - 10/30/2011 3:26:49 AM | Computer Name = nyayapati-HP | Source = Service Control Manager | ID = 7001
Description = The Windows Firewall service depends on the Windows Firewall Authorization
Driver service which failed to start because of the following error: %%183


< End of report >
  • 0

#4
Emoq XD
Posted 30 October 2011 - 10:48 AM

Emoq XD

    Member

  • Topic Starter
  • Member
  • PipPip
  • 12 posts
Halfway through the scan my anti-virus deleted a .dll file and yes my firewall does not start for some reason >.< Keep getting error code 0x6d9.
  • 0

#5
Essexboy
Posted 30 October 2011 - 11:02 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
OK you have the conserv.dll malware and this needs to be carefully removed

Download and Install Combofix

Download ComboFix from one of the following locations:
Link 1
Link 2

VERY IMPORTANT !!! Save ComboFix.exe to your Desktop

* IMPORTANT - Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. If you have difficulty properly disabling your protective programs, refer to this link here
  • Double click on ComboFix.exe & follow the prompts.

  • Double click on ComboFix.exe & follow the prompts.
  • Accept the disclaimer and allow to update if it asks

    Posted Image

    Posted Image
  • When finished, it shall produce a log for you.
  • Please include the C:\ComboFix.txt in your next reply.

Notes:
1. Do not mouse-click Combofix's window while it is running. That may cause it to stall.
2. Do not "re-run" Combofix. If you have a problem, reply back for further instructions.

Please make sure you include the combo fix log in your next reply as well as describe how your computer is running now
  • 0

#6
Emoq XD
Posted 30 October 2011 - 11:41 AM

Emoq XD

    Member

  • Topic Starter
  • Member
  • PipPip
  • 12 posts
Umm....combofix said it needed to reboot my pc and told me not to reboot it myself and now I'm stuck with a black screen seeing an option at the top left to change language but i can't even see my mouse crusor. Stuck like this for like 25mins.
  • 0

#7
Essexboy
Posted 30 October 2011 - 11:43 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Manually reboot and it should complete
  • 0

#8
Emoq XD
Posted 30 October 2011 - 11:53 AM

Emoq XD

    Member

  • Topic Starter
  • Member
  • PipPip
  • 12 posts
Thanks for the quick reply :) It's preparing a log report now.
  • 0

#9
Emoq XD
Posted 30 October 2011 - 11:58 AM

Emoq XD

    Member

  • Topic Starter
  • Member
  • PipPip
  • 12 posts
ComboFix 11-10-30.02 - Nikhil 31/10/2011 1:17.1.4 - x64
Microsoft Windows 7 Professional 6.1.7601.1.1252.65.1033.18.8175.6461 [GMT 8:00]
Running from: c:\users\Nikhil\Desktop\ComboFix.exe
AV: Trend Micro Titanium Internet Security *Disabled/Updated* {68F968AC-2AA0-091D-848C-803E83E35902}
FW: Trend Micro Firewall Booster *Disabled* {49A8346C-6900-54B6-B1B3-5F678736DDE9}
SP: Trend Micro Titanium Internet Security *Disabled/Updated* {D3988948-0C9A-0693-BE3C-BB4CF86413BF}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Nikhil\AppData\Local\2be7aba1
c:\users\Nikhil\AppData\Local\2be7aba1\@
c:\users\Nikhil\AppData\Local\2be7aba1\U\80000000.@
c:\users\Nikhil\AppData\Local\2be7aba1\U\800000cb.@
c:\users\Nikhil\AppData\Local\2be7aba1\X
c:\windows\assembly\tmp\U
c:\windows\assembly\tmp\U\000000c0.@
c:\windows\assembly\tmp\U\000000cb.@
c:\windows\assembly\tmp\U\000000cf.@
c:\windows\assembly\tmp\U\80000000.@
c:\windows\assembly\tmp\U\800000c0.@
c:\windows\assembly\tmp\U\800000cb.@
c:\windows\assembly\tmp\U\800000cf.@
.
.
((((((((((((((((((((((((( Files Created from 2011-09-28 to 2011-10-30 )))))))))))))))))))))))))))))))
.
.
2011-10-30 17:20 . 2011-10-30 17:20 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-10-30 10:47 . 2011-10-30 16:29 69000 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{A59DC8FA-8E1D-45B5-A95D-69D3CB2E5778}\offreg.dll
2011-10-30 10:47 . 2011-10-17 18:27 8570192 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{A59DC8FA-8E1D-45B5-A95D-69D3CB2E5778}\mpengine.dll
2011-10-30 06:26 . 2010-08-08 10:18 339536 ----a-w- c:\windows\system32\drivers\tmwfp.sys
2011-10-30 06:26 . 2010-08-08 10:18 194640 ----a-w- c:\windows\system32\drivers\tmlwf.sys
2011-10-29 14:27 . 2011-10-31 01:43 -------- d-sh--w- c:\windows\system32\%APPDATA%
2011-10-29 11:17 . 2011-10-29 11:17 -------- d-----w- c:\programdata\Uniblue
2011-10-29 11:00 . 2011-10-31 01:43 -------- d-----w- c:\program files (x86)\Uniblue
2011-10-27 07:44 . 2011-10-27 07:44 254528 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2011-10-27 07:11 . 2011-10-27 07:11 -------- d-----w- c:\programdata\DAEMON Tools Lite
2011-10-27 06:45 . 2011-10-27 06:46 -------- d-----w- C:\Downloads
2011-10-22 13:49 . 2011-10-22 13:49 -------- d-----w- c:\programdata\MusicStation
2011-10-22 13:49 . 2011-10-22 13:49 -------- d-----w- c:\program files (x86)\MusicStation
2011-10-22 13:49 . 2011-10-22 13:49 -------- d-----w- c:\program files\Microsoft Synchronization Services
2011-10-22 13:48 . 2011-10-22 13:48 -------- d-----w- c:\program files (x86)\Microsoft Synchronization Services
2011-10-22 04:33 . 2011-10-30 16:26 -------- d-----w- c:\program files (x86)\Steam
2011-10-22 04:33 . 2011-10-22 10:41 -------- d-----w- c:\program files (x86)\Common Files\Steam
2011-10-20 11:43 . 2011-10-21 01:44 -------- d-----w- c:\program files (x86)\uTorrent
2011-10-20 11:22 . 2011-10-20 11:22 -------- d-----w- c:\program files (x86)\Common Files\PX Storage Engine
2011-10-20 11:22 . 2011-10-20 11:22 -------- d-----w- c:\program files\DivX
2011-10-20 11:22 . 2011-10-20 11:22 -------- d-----w- c:\program files (x86)\Common Files\DivX Shared
2011-10-20 11:21 . 2011-10-20 11:22 -------- d-----w- c:\program files (x86)\Google
2011-10-20 11:21 . 2011-10-20 11:23 -------- d-----w- c:\program files (x86)\DivX
2011-10-20 11:21 . 2011-10-20 11:23 -------- d-----w- c:\programdata\DivX
2011-10-20 11:13 . 2011-10-20 11:13 -------- d-----w- c:\program files (x86)\VideoLAN
2011-10-20 11:04 . 2011-05-30 13:42 255488 ----a-w- c:\windows\system32\xvidvfw.dll
2011-10-20 11:04 . 2011-05-23 07:49 173568 ----a-w- c:\windows\system32\xvid.ax
2011-10-20 11:04 . 2011-05-23 07:45 696832 ----a-w- c:\windows\system32\xvidcore.dll
2011-10-20 11:04 . 2011-05-30 13:42 240640 ----a-w- c:\windows\SysWow64\xvidvfw.dll
2011-10-20 11:04 . 2011-05-23 09:52 153088 ----a-w- c:\windows\SysWow64\xvid.ax
2011-10-20 11:04 . 2011-05-23 07:46 645632 ----a-w- c:\windows\SysWow64\xvidcore.dll
2011-10-20 11:04 . 2011-10-20 11:05 -------- d-----w- c:\program files (x86)\Xvid
2011-10-19 12:26 . 2011-10-30 16:20 -------- d-----w- c:\users\Nikhil
2011-10-19 12:14 . 2011-10-19 13:19 -------- d-----w- c:\program files (x86)\Warcraft III Reign of Chaos & The Frozen Throne
2011-10-19 11:59 . 2011-10-30 10:26 -------- d-----w- c:\program files (x86)\Garena Classic
2011-10-18 09:49 . 2011-10-18 09:49 -------- d-----w- c:\program files (x86)\Conduit
2011-10-18 09:49 . 2011-10-18 09:49 -------- d-----w- c:\program files (x86)\Veoh_Web_Player
2011-10-18 09:48 . 2011-10-31 08:19 -------- d-----w- c:\programdata\Giraffic
2011-10-18 09:48 . 2011-10-30 17:51 -------- d-----w- c:\program files (x86)\Giraffic
2011-10-18 09:48 . 2011-10-18 09:48 -------- d-----w- c:\program files (x86)\Veoh Networks
2011-10-17 05:04 . 2011-10-17 05:04 -------- d-----w- c:\program files (x86)\Microsoft XNA
2011-10-16 05:56 . 2011-10-16 05:57 -------- d-----w- c:\program files (x86)\Zoo Empire
2011-10-16 05:51 . 2011-10-16 05:52 -------- d-----w- c:\program files (x86)\Nocturnal - Boston Nightfall
2011-10-16 05:48 . 2011-10-16 05:48 -------- d-----w- c:\program files (x86)\Wheel of Fortune 2
2011-10-16 05:39 . 2011-10-16 05:39 -------- d-----w- c:\program files (x86)\Lost in Reefs
2011-10-16 05:39 . 2011-10-16 05:39 -------- d-----w- c:\program files (x86)\Profitville
2011-10-16 05:38 . 2011-10-16 05:39 -------- d-----w- c:\program files (x86)\World of Zellians - Kingdom Builder
2011-10-16 05:34 . 2011-10-16 05:34 -------- d-----w- c:\program files (x86)\The Witch and the Warrior Strategy Guide
2011-10-16 05:33 . 2011-10-16 05:34 -------- d-----w- c:\program files (x86)\Mystic Diary - Haunted Island
2011-10-16 04:57 . 2011-10-16 04:57 -------- d--h--w- c:\programdata\CanonIJSolutionMenu
2011-10-16 04:56 . 2011-10-16 04:56 -------- d--h--w- c:\programdata\CanonIJMyPrinter
2011-10-16 04:56 . 2011-10-16 17:06 -------- d-----w- c:\programdata\CanonIJPLM
2011-10-16 04:53 . 2011-10-16 04:53 -------- d-----w- c:\program files\Common Files\CANON
2011-10-16 04:53 . 2011-10-16 04:53 -------- d-----w- c:\program files\Canon
2011-10-16 04:51 . 2011-10-16 04:51 -------- d--h--w- c:\programdata\CanonBJ
2011-10-16 04:51 . 2008-10-09 05:00 82944 ----a-w- c:\windows\system32\Spool\prtprocs\x64\CNMPP9D.DLL
2011-10-16 04:51 . 2008-10-09 05:00 27648 ----a-w- c:\windows\system32\Spool\prtprocs\x64\CNMPD9D.DLL
2011-10-16 04:51 . 2011-10-16 04:51 -------- d--h--w- c:\windows\system32\CanonIJ Uninstaller Information
2011-10-16 04:51 . 2008-10-09 05:00 279040 ----a-w- c:\windows\system32\CNMLM9D.DLL
2011-10-16 04:51 . 2008-05-30 09:28 293376 ----a-w- c:\windows\system32\CNC620L.DLL
2011-10-16 04:51 . 2008-04-07 14:59 1354240 ----a-w- c:\windows\system32\CNC620C.DLL
2011-10-16 04:51 . 2008-04-07 14:59 92672 ----a-w- c:\windows\system32\CNC620I.DLL
2011-10-16 04:51 . 2007-03-15 14:13 229888 ----a-w- c:\windows\system32\CNC620O.DLL
2011-10-16 04:50 . 2007-05-14 15:50 151040 ----a-w- c:\windows\system32\CNMN6UI.DLL
2011-10-16 04:50 . 2007-05-14 15:50 251392 ----a-w- c:\windows\system32\CNMN6PPM.DLL
2011-10-16 04:50 . 2011-10-16 04:56 -------- d-----w- c:\program files (x86)\Canon
2011-10-13 13:46 . 2011-10-13 13:46 -------- d-----w- c:\programdata\Sandlot Games
2011-10-12 08:01 . 2011-10-13 11:48 -------- d-----w- c:\program files (x86)\Heroes of Newerth
2011-10-12 04:53 . 2011-09-06 03:03 3138048 ----a-w- c:\windows\system32\win32k.sys
2011-10-12 04:53 . 2011-08-17 05:26 613888 ----a-w- c:\windows\system32\psisdecd.dll
2011-10-12 04:53 . 2011-08-17 05:25 108032 ----a-w- c:\windows\system32\psisrndr.ax
2011-10-12 04:53 . 2011-08-17 04:24 465408 ----a-w- c:\windows\SysWow64\psisdecd.dll
2011-10-12 04:53 . 2011-08-17 04:19 75776 ----a-w- c:\windows\SysWow64\psisrndr.ax
2011-10-12 04:53 . 2011-08-27 05:37 861696 ----a-w- c:\windows\system32\oleaut32.dll
2011-10-12 04:53 . 2011-08-27 05:37 331776 ----a-w- c:\windows\system32\oleacc.dll
2011-10-12 04:53 . 2011-08-27 04:26 571904 ----a-w- c:\windows\SysWow64\oleaut32.dll
2011-10-12 04:53 . 2011-08-27 04:26 233472 ----a-w- c:\windows\SysWow64\oleacc.dll
2011-10-12 01:52 . 2011-10-12 01:52 -------- d-----w- c:\programdata\PlayfulAge
2011-10-12 01:49 . 2011-10-12 01:49 -------- d-----w- c:\program files (x86)\Supermarket Management 2
2011-10-11 16:32 . 2011-10-11 16:41 -------- d-----w- c:\programdata\CropBusters
2011-10-11 15:00 . 2011-10-11 15:00 -------- d-----w- c:\programdata\PlayFirst
2011-10-11 14:10 . 2011-10-11 14:10 -------- d-----w- c:\program files (x86)\Dark Parables - Curse of Briar Rose
2011-10-11 14:09 . 2011-10-11 14:09 -------- d-----w- c:\program files (x86)\Escape From Paradise
2011-10-11 14:09 . 2011-10-11 14:09 -------- d-----w- c:\program files (x86)\Gemini Lost
2011-10-11 14:06 . 2011-10-11 14:07 -------- d-----w- c:\program files (x86)\Crop Busters
2011-10-11 14:06 . 2011-10-11 14:06 -------- d-----w- c:\program files (x86)\Aveyond - The Darkthrop Prophecy
2011-10-11 14:01 . 2011-10-11 14:02 -------- d-----w- c:\program files (x86)\The Witch and The Warrior
2011-10-11 13:53 . 2011-10-11 13:56 -------- d-----w- c:\program files (x86)\Dark Parables - The Exiled Prince
2011-10-11 08:50 . 2011-10-14 01:00 -------- d-----w- c:\program files (x86)\Garena Plus
2011-10-11 08:50 . 2011-10-23 11:03 -------- d-----w- c:\programdata\GarenaMessenger
2011-10-11 07:38 . 2011-10-11 07:38 -------- d-----w- c:\program files (x86)\Wizet
2011-10-11 07:32 . 2011-10-11 07:32 -------- d-----w- c:\program files\7-Zip
2011-10-10 13:53 . 2011-10-10 13:53 -------- d-----w- c:\programdata\{D3B41B92-9BC2-43EB-916A-4FA9E8191837}
2011-10-10 09:58 . 2011-10-10 09:58 280904 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2011-10-10 09:54 . 2011-10-10 09:54 -------- d-----w- c:\programdata\EA Core
2011-10-10 09:53 . 2011-10-10 10:07 -------- d--h--w- c:\program files (x86)\Common Files\EAInstaller
2011-10-10 09:53 . 2011-10-10 09:58 280904 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2011-10-10 09:53 . 2011-10-10 09:53 189248 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2011-10-10 09:53 . 2011-10-10 09:53 75136 ----a-w- c:\windows\SysWow64\PnkBstrA.exe
2011-10-10 09:26 . 2011-10-10 09:55 -------- d-----w- c:\programdata\Electronic Arts
2011-10-10 09:26 . 2011-10-10 09:54 -------- d-----w- c:\programdata\Origin
2011-10-10 08:20 . 2010-03-24 08:57 713312 ----a-w- c:\windows\SysWow64\ijjiSetup.exe
2011-10-10 08:20 . 2010-03-24 08:56 62048 ----a-w- c:\windows\SysWow64\ijjiProcessRestarter.exe
2011-10-10 08:11 . 2011-10-10 08:11 -------- d-----w- c:\windows\system32\Macromed
2011-10-10 08:03 . 2011-10-10 08:03 -------- d-----w- c:\program files (x86)\SymSilent
2011-10-10 08:03 . 2011-10-31 05:45 -------- d-----w- c:\program files (x86)\Symantec
2011-10-10 08:03 . 2011-10-10 08:03 -------- d-----w- c:\program files (x86)\Realtek
2011-10-10 08:03 . 2011-10-10 08:03 -------- d-----w- c:\program files (x86)\PDF Complete
2011-10-10 08:03 . 2011-10-10 08:03 -------- d-----w- c:\program files (x86)\NVIDIA Corporation
2011-10-10 08:03 . 2011-10-10 08:03 -------- d-----w- c:\program files (x86)\NewspaperDirect
2011-10-10 08:03 . 2011-10-10 08:03 -------- d-----w- c:\program files (x86)\My Life Story - Adventures
2011-10-10 08:03 . 2011-10-31 01:43 -------- d-----w- c:\program files (x86)\Microsoft Works
2011-10-10 08:03 . 2011-10-22 13:48 -------- d-----w- c:\program files (x86)\Microsoft SQL Server Compact Edition
2011-10-10 08:02 . 2011-10-12 22:46 -------- d-----w- c:\program files (x86)\Microsoft Silverlight
2011-10-10 08:01 . 2011-10-10 08:01 -------- d-----w- c:\program files (x86)\Microsoft Mathematics
2011-10-10 08:00 . 2011-10-10 08:00 -------- d-----w- c:\program files (x86)\Microsoft
2011-10-10 08:00 . 2011-10-10 08:00 -------- d-----w- c:\program files (x86)\MahjonggArtifacts2_at
2011-10-10 08:00 . 2011-10-10 08:00 -------- d-----w- c:\program files (x86)\Kobo
2011-10-10 08:00 . 2011-10-19 12:36 -------- d-----w- c:\program files (x86)\Java
2011-10-10 08:00 . 2011-10-10 08:00 -------- d-----w- c:\program files (x86)\Intel
2011-10-10 07:57 . 2011-10-10 08:00 -------- d-----w- c:\program files (x86)\HP Games
2011-10-10 07:57 . 2011-10-10 07:57 -------- d-----w- c:\program files (x86)\Hp
2011-10-10 07:55 . 2011-10-10 13:54 -------- d-----w- c:\program files (x86)\Hewlett-Packard
2011-10-10 07:54 . 2011-10-10 07:55 -------- d-----w- c:\program files (x86)\FishdomH2O_at
2011-10-10 07:54 . 2011-10-10 07:54 -------- d-----w- c:\program files (x86)\Fingerprint Sensor
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-10-29 10:54 . 2011-08-13 05:53 414368 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2011-10-09 11:05 . 2010-06-24 18:33 18328 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2011-08-13 06:00 . 2011-08-13 06:00 31152 ----a-w- c:\windows\system32\drivers\pmxdrv.sys
2011-08-13 05:38 . 2011-08-13 05:38 96768 ----a-w- c:\windows\system32\fsutil.exe
2011-08-13 05:38 . 2011-08-13 05:38 74240 ----a-w- c:\windows\SysWow64\fsutil.exe
2011-08-13 05:38 . 2011-08-13 05:38 410496 ----a-w- c:\windows\system32\drivers\iaStorV.sys
2011-08-13 05:38 . 2011-08-13 05:38 27008 ----a-w- c:\windows\system32\drivers\amdxata.sys
2011-08-13 05:38 . 2011-08-13 05:38 2565632 ----a-w- c:\windows\system32\esent.dll
2011-08-13 05:38 . 2011-08-13 05:38 189824 ----a-w- c:\windows\system32\drivers\storport.sys
2011-08-13 05:38 . 2011-08-13 05:38 1699328 ----a-w- c:\windows\SysWow64\esent.dll
2011-08-13 05:38 . 2011-08-13 05:38 166272 ----a-w- c:\windows\system32\drivers\nvstor.sys
2011-08-13 05:38 . 2011-08-13 05:38 1659776 ----a-w- c:\windows\system32\drivers\ntfs.sys
2011-08-13 05:38 . 2011-08-13 05:38 148352 ----a-w- c:\windows\system32\drivers\nvraid.sys
2011-08-13 05:38 . 2011-08-13 05:38 107904 ----a-w- c:\windows\system32\drivers\amdsata.sys
2011-08-13 05:38 . 2011-08-13 05:38 98816 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2011-08-13 05:38 . 2011-08-13 05:38 7936 ----a-w- c:\windows\system32\drivers\usbd.sys
2011-08-13 05:38 . 2011-08-13 05:38 52736 ----a-w- c:\windows\system32\drivers\usbehci.sys
2011-08-13 05:38 . 2011-08-13 05:38 343040 ----a-w- c:\windows\system32\drivers\usbhub.sys
2011-08-13 05:38 . 2011-08-13 05:38 325120 ----a-w- c:\windows\system32\drivers\usbport.sys
2011-08-13 05:38 . 2011-08-13 05:38 30720 ----a-w- c:\windows\system32\drivers\usbuhci.sys
2011-08-13 05:38 . 2011-08-13 05:38 25600 ----a-w- c:\windows\system32\drivers\usbohci.sys
2011-08-13 05:37 . 2011-08-13 05:37 2871808 ----a-w- c:\windows\explorer.exe
2011-08-13 05:37 . 2011-08-13 05:37 2616320 ----a-w- c:\windows\SysWow64\explorer.exe
2011-08-13 05:37 . 2011-08-13 05:37 90624 ----a-w- c:\windows\system32\drivers\bowser.sys
2011-08-13 05:37 . 2011-08-13 05:37 476160 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2011-08-13 05:37 . 2011-08-13 05:37 288256 ----a-w- c:\windows\SysWow64\XpsGdiConverter.dll
2011-08-13 05:37 . 2011-08-13 05:37 30208 ----a-w- c:\windows\system32\dnscacheugc.exe
2011-08-13 05:37 . 2011-08-13 05:37 28672 ----a-w- c:\windows\SysWow64\dnscacheugc.exe
2011-08-13 05:37 . 2011-08-13 05:37 183296 ----a-w- c:\windows\system32\dnsrslvr.dll
2011-08-13 05:36 . 2011-08-13 05:36 46080 ----a-w- c:\windows\system32\atmlib.dll
2011-08-13 05:36 . 2011-08-13 05:36 367616 ----a-w- c:\windows\system32\atmfd.dll
2011-08-13 05:36 . 2011-08-13 05:36 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2011-08-13 05:36 . 2011-08-13 05:36 294912 ----a-w- c:\windows\SysWow64\atmfd.dll
2011-08-13 05:36 . 2011-08-13 05:36 31232 ----a-w- c:\windows\SysWow64\prevhost.exe
2011-08-13 05:36 . 2011-08-13 05:36 31232 ----a-w- c:\windows\system32\prevhost.exe
2011-08-13 05:36 . 2011-08-13 05:36 1395712 ----a-w- c:\windows\system32\mfc42.dll
2011-08-13 05:36 . 2011-08-13 05:36 1359872 ----a-w- c:\windows\system32\mfc42u.dll
2011-08-13 05:36 . 2011-08-13 05:36 1164288 ----a-w- c:\windows\SysWow64\mfc42u.dll
2011-08-13 05:36 . 2011-08-13 05:36 1137664 ----a-w- c:\windows\SysWow64\mfc42.dll
2011-08-13 05:36 . 2011-08-13 05:36 642944 ----a-w- c:\windows\system32\winload.efi
2011-08-13 05:36 . 2011-08-13 05:36 605552 ----a-w- c:\windows\system32\winload.exe
2011-08-13 05:36 . 2011-08-13 05:36 566208 ----a-w- c:\windows\system32\winresume.efi
2011-08-13 05:36 . 2011-08-13 05:36 518672 ----a-w- c:\windows\system32\winresume.exe
2011-08-13 05:36 . 2011-08-13 05:36 20352 ----a-w- c:\windows\system32\kdusb.dll
2011-08-13 05:36 . 2011-08-13 05:36 19328 ----a-w- c:\windows\system32\kd1394.dll
2011-08-13 05:36 . 2011-08-13 05:36 17792 ----a-w- c:\windows\system32\kdcom.dll
2011-08-13 05:36 . 2011-08-13 05:36 296320 ----a-w- c:\windows\system32\drivers\volsnap.sys
2011-08-13 05:35 . 2011-08-13 05:35 902656 ----a-w- c:\windows\system32\d2d1.dll
2011-08-13 05:35 . 2011-08-13 05:35 739840 ----a-w- c:\windows\SysWow64\d2d1.dll
2011-08-13 05:35 . 2011-08-13 05:35 1544192 ----a-w- c:\windows\system32\DWrite.dll
2011-08-13 05:35 . 2011-08-13 05:35 1139200 ----a-w- c:\windows\system32\FntCache.dll
2011-08-13 05:35 . 2011-08-13 05:35 1076736 ----a-w- c:\windows\SysWow64\DWrite.dll
2011-08-13 05:35 . 2011-08-13 05:35 800256 ----a-w- c:\windows\system32\usp10.dll
2011-08-13 05:35 . 2011-08-13 05:35 7680 ----a-w- c:\windows\system32\KBDINTAM.DLL
2011-08-13 05:35 . 2011-08-13 05:35 7680 ----a-w- c:\windows\system32\KBDINMAL.DLL
2011-08-13 05:35 . 2011-08-13 05:35 7680 ----a-w- c:\windows\system32\KBDINDEV.DLL
2011-08-13 05:35 . 2011-08-13 05:35 7680 ----a-w- c:\windows\system32\KBDINBEN.DLL
2011-08-13 05:35 . 2011-08-13 05:35 7168 ----a-w- c:\windows\SysWow64\KBDINTAM.DLL
2011-08-13 05:35 . 2011-08-13 05:35 7168 ----a-w- c:\windows\SysWow64\KBDINORI.DLL
2011-08-13 05:35 . 2011-08-13 05:35 7168 ----a-w- c:\windows\SysWow64\KBDINMAR.DLL
2011-08-13 05:35 . 2011-08-13 05:35 7168 ----a-w- c:\windows\SysWow64\KBDINMAL.DLL
2011-08-13 05:35 . 2011-08-13 05:35 7168 ----a-w- c:\windows\SysWow64\KBDINKAN.DLL
2011-08-13 05:35 . 2011-08-13 05:35 7168 ----a-w- c:\windows\SysWow64\KBDINHIN.DLL
2011-08-13 05:35 . 2011-08-13 05:35 7168 ----a-w- c:\windows\SysWow64\KBDINDEV.DLL
2011-08-13 05:35 . 2011-08-13 05:35 7168 ----a-w- c:\windows\SysWow64\KBDINBEN.DLL
2011-08-13 05:35 . 2011-08-13 05:35 7168 ----a-w- c:\windows\system32\KBDINTEL.DLL
2011-08-13 05:35 . 2011-08-13 05:35 7168 ----a-w- c:\windows\system32\KBDINPUN.DLL
2011-08-13 05:35 . 2011-08-13 05:35 7168 ----a-w- c:\windows\system32\KBDINORI.DLL
2011-08-13 05:35 . 2011-08-13 05:35 7168 ----a-w- c:\windows\system32\KBDINMAR.DLL
2011-08-13 05:35 . 2011-08-13 05:35 7168 ----a-w- c:\windows\system32\KBDINKAN.DLL
2011-08-13 05:35 . 2011-08-13 05:35 7168 ----a-w- c:\windows\system32\KBDINHIN.DLL
2011-08-13 05:35 . 2011-08-13 05:35 7168 ----a-w- c:\windows\system32\KBDINGUJ.DLL
2011-08-13 05:35 . 2011-08-13 05:35 7168 ----a-w- c:\windows\system32\KBDINEN.DLL
2011-08-13 05:35 . 2011-08-13 05:35 7168 ----a-w- c:\windows\system32\KBDINBE2.DLL
2011-08-13 05:35 . 2011-08-13 05:35 7168 ----a-w- c:\windows\system32\KBDINBE1.DLL
2011-08-13 05:35 . 2011-08-13 05:35 7168 ----a-w- c:\windows\system32\KBDINASA.DLL
2011-08-13 05:35 . 2011-08-13 05:35 6656 ----a-w- c:\windows\SysWow64\KBDINTEL.DLL
2011-08-13 05:35 . 2011-08-13 05:35 6656 ----a-w- c:\windows\SysWow64\KBDINPUN.DLL
2011-08-13 05:35 . 2011-08-13 05:35 6656 ----a-w- c:\windows\SysWow64\KBDINGUJ.DLL
2011-08-13 05:35 . 2011-08-13 05:35 6656 ----a-w- c:\windows\SysWow64\KBDINBE2.DLL
2011-08-13 05:35 . 2011-08-13 05:35 6656 ----a-w- c:\windows\SysWow64\KBDINBE1.DLL
2011-08-13 05:35 . 2011-08-13 05:35 6656 ----a-w- c:\windows\SysWow64\KBDINASA.DLL
2011-08-13 05:35 . 2011-08-13 05:35 626176 ----a-w- c:\windows\SysWow64\usp10.dll
2011-08-13 05:35 . 2011-08-13 05:35 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll
2011-08-13 05:35 . 2011-08-13 05:35 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2011-08-13 05:34 . 2011-08-13 05:34 267776 ----a-w- c:\windows\system32\FXSCOVER.exe
2011-08-13 05:34 . 2011-08-13 05:34 197120 ----a-w- c:\windows\system32\d3d10_1.dll
2011-08-13 05:34 . 2011-08-13 05:34 161792 ----a-w- c:\windows\SysWow64\d3d10_1.dll
2011-08-13 05:34 . 2011-08-13 05:34 70656 ----a-w- c:\windows\SysWow64\fontsub.dll
2011-08-13 05:34 . 2011-08-13 05:34 100864 ----a-w- c:\windows\system32\fontsub.dll
2011-08-13 05:34 . 2011-08-13 05:34 961024 ----a-w- c:\windows\system32\CPFilters.dll
2011-08-13 05:34 . 2011-08-13 05:34 850944 ----a-w- c:\windows\SysWow64\sbe.dll
2011-08-13 05:34 . 2011-08-13 05:34 723968 ----a-w- c:\windows\system32\EncDec.dll
2011-08-13 05:34 . 2011-08-13 05:34 642048 ----a-w- c:\windows\SysWow64\CPFilters.dll
2011-08-13 05:34 . 2011-08-13 05:34 534528 ----a-w- c:\windows\SysWow64\EncDec.dll
2011-08-13 05:34 . 2011-08-13 05:34 259072 ----a-w- c:\windows\system32\mpg2splt.ax
2011-08-13 05:34 . 2011-08-13 05:34 199680 ----a-w- c:\windows\SysWow64\mpg2splt.ax
2011-08-13 05:34 . 2011-08-13 05:34 1118720 ----a-w- c:\windows\system32\sbe.dll
2011-08-13 05:33 . 2011-08-13 05:33 715776 ----a-w- c:\windows\system32\kerberos.dll
2011-08-13 05:33 . 2011-08-13 05:33 542208 ----a-w- c:\windows\SysWow64\kerberos.dll
2011-09-29 07:09 . 2011-10-09 14:48 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{cd90bf73-20f6-44ef-993d-bb920303bd2e}]
2011-05-09 09:49 176936 ----a-w- c:\program files (x86)\Veoh_Web_Player\prxtbVeoh.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{cd90bf73-20f6-44ef-993d-bb920303bd2e}"= "c:\program files (x86)\Veoh_Web_Player\prxtbVeoh.dll" [2011-05-09 176936]
.
[HKEY_CLASSES_ROOT\clsid\{cd90bf73-20f6-44ef-993d-bb920303bd2e}]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Xvid"="c:\program files (x86)\Xvid\CheckUpdate.exe" [2011-01-17 8192]
"Steam"="c:\program files (x86)\Steam\Steam.exe" [2011-10-22 1242448]
"PowerSuite"="c:\program files (x86)\Uniblue\PowerSuite\launcher.exe" [2011-07-18 67448]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2008-12-08 54576]
"LaunchHPOSIAPP"="c:\program files (x86)\Hewlett-Packard\HP Keyboard\LaunchApp.exe" [2009-04-04 385024]
"Norton Online Backup"="c:\program files (x86)\Symantec\Norton Online Backup\NOBuClient.exe" [2010-06-01 1155928]
"PDF Complete"="c:\program files (x86)\PDF Complete\pdfsty.exe" [2011-05-05 658424]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696]
"IJNetworkScanUtility"="c:\program files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.EXE" [2007-05-21 124512]
"DivXUpdate"="c:\program files (x86)\DivX\DivX Update\DivXUpdate.exe" [2011-07-28 1259376]
.
c:\users\nyayapati\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OneNote 2007 Screen Clipper and Launcher.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-10-20 135664]
R2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2011-06-21 85560]
R3 androidusb;SAMSUNG Android Composite ADB Interface Driver;c:\windows\system32\Drivers\ssadadb.sys [x]
R3 BBSvc;Bing Bar Update Service;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-03-02 183560]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys [x]
R3 dump_wmimmc;dump_wmimmc; [x]
R3 EagleX64;EagleX64; [x]
R3 GamesAppService;GamesAppService;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
R3 GGSAFERDriver;GGSAFER Driver; [x]
R3 gupdatem;Google Update Service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-10-20 135664]
R3 pmxdrv;pmxdrv;c:\windows\system32\drivers\pmxdrv.sys [x]
R3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\DRIVERS\ssadbus.sys [x]
R3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\DRIVERS\ssadmdfl.sys [x]
R3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\DRIVERS\ssadmdm.sys [x]
R3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM);c:\windows\system32\DRIVERS\ssadserd.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [x]
S1 tmlwf;Trend Micro NDIS 6.0 Filter Driver;c:\windows\system32\DRIVERS\tmlwf.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 Amsp;Trend Micro Solution Platform;c:\program files\Trend Micro\AMSP\coreServiceShell.exe coreFrameworkHost.exe [x]
S2 FPLService;TrueSuiteService;c:\program files (x86)\HP SimplePass 2011\TrueSuiteService.exe [2011-06-09 264008]
S2 Giraffic;Veoh Giraffic Video Accelerator;c:\program files (x86)\Giraffic\Veoh_GirafficWatchdog.exe [2011-09-19 2221200]
S2 HPAuto;HP Auto;c:\program files\Hewlett-Packard\HP Auto\HPAuto.exe [2011-02-17 682040]
S2 HPClientSvc;HP Client Services;c:\program files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-10-11 346168]
S2 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-03-28 94264]
S2 jhi_service;Intel® Identity Protection Technology Host Interface Service;c:\program files (x86)\Intel\Services\IPT\jhi_service.exe [2011-02-24 212944]
S2 NOBU;Norton Online Backup;c:\program files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe SERVICE [x]
S2 pdfcDispatcher;PDF Document Manager;c:\program files (x86)\PDF Complete\pdfsvc.exe [2011-05-05 1128952]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-03-30 378472]
S2 tmevtmgr;tmevtmgr;c:\windows\system32\DRIVERS\tmevtmgr.sys [x]
S2 tmwfp;Trend Micro WFP Callout Driver;c:\windows\system32\DRIVERS\tmwfp.sys [x]
S2 UNS;Intel® Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2011-02-01 2656280]
S3 MEIx64;Intel® Management Engine Interface;c:\windows\system32\drivers\HECIx64.sys [x]
S3 netr28x;Ralink 802.11n Extensible Wireless Driver;c:\windows\system32\DRIVERS\netr28x.sys [x]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
.
.
Contents of the 'Scheduled Tasks' folder
.
2011-10-30 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-10-20 11:21]
.
2011-10-30 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-10-20 11:21]
.
2011-10-26 c:\windows\Tasks\HPCeeScheduleForNikhil.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-10-10 05:15]
.
2011-10-18 c:\windows\Tasks\HPCeeScheduleFornyayapati.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-10-10 05:15]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"hpsysdrv"="c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe" [2008-11-20 62768]
"Trend Micro Titanium"="c:\program files\Trend Micro\Titanium\UIFramework\uiWinMgr.exe" [2011-02-17 1111568]
"Trend Micro Client Framework"="c:\program files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe" [2011-02-10 197152]
"CanonSolutionMenu"="c:\program files (x86)\Canon\SolutionMenu\CNSLMAIN.exe" [2008-03-11 689488]
"combofix"="c:\combofix\CF16219.3XE" [2010-11-21 345088]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Supplementary Scan -------
.
uStart Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT3104086
mLocal Page = c:\windows\SysWOW64\blank.htm
TCP: DhcpNameServer = 192.168.1.1 192.168.1.1
FF - ProfilePath - c:\users\Nikhil\AppData\Roaming\Mozilla\Firefox\Profiles\aihkop6i.default\
.
- - - - ORPHANS REMOVED - - - -
.
Wow6432Node-HKCU-Run-DAEMON Tools Lite - c:\program files (x86)\DAEMON Tools Lite\DTLite.exe
Wow6432Node-HKLM-Run-BATINDICATOR - c:\program files (x86)\Hewlett-Packard\HP Keyboard\BATINDICATOR.exe
Wow6432Node-HKLM-Run-Left 4 Dead 2 Bootstrap Checker - c:\users\Nikhil\Downloads\Left 4 Dead 2 V2.0.2.7 Full-Rip {blaze69}\Left 4 Dead 2\Left 4 Dead 2\l4d2bootstrapper.exe
WebBrowser-{CD90BF73-20F6-44EF-993D-BB920303BD2E} - (no file)
AddRemove-DAEMON Tools Lite - c:\program files (x86)\DAEMON Tools Lite\uninst.exe
AddRemove-ESN Sonar-0.70.0 - c:\program files (x86)\Battlelog Web Plugins\Sonar\esnsonar_uninstall.exe
AddRemove-L4D2SP - c:\users\Nikhil\Downloads\Left 4 Dead 2 V2.0.2.7 Full-Rip {blaze69}\Left 4 Dead 2\Left 4 Dead 2\Uninstall SP.exe
AddRemove-Origin - c:\program files (x86)\Origin\OriginUninstall.exe
AddRemove-PunkBusterSvc - c:\program files (x86)\Origin Games\Battlefield 3 Beta\pbsvc.exe
AddRemove-{CA43FE4F-9FF2-4AD7-88F0-CC3BAC17B226} - c:\program files (x86)\InstallShield Installation Information\{CA43FE4F-9FF2-4AD7-88F0-CC3BAC17B226}\setup.exe
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\pdfcDispatcher]
"ImagePath"="c:\program files (x86)\PDF Complete\pdfsvc.exe /startedbyscm:66B66708-40E2BE4D-pdfcService"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11c_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11c_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11c.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11c.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11c.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11c.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Other Running Processes ------------------------
.
c:\program files (x86)\Canon\IJPLM\IJPLMSVC.EXE
c:\program files (x86)\Hewlett-Packard\HP Keyboard\ModLEDKey.exe
c:\program files (x86)\Giraffic\Veoh_Giraffic.exe
c:\program files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
.
**************************************************************************
.
Completion time: 2011-10-31 01:54:52 - machine was rebooted
ComboFix-quarantined-files.txt 2011-10-30 17:54
.
Pre-Run: 902,964,097,024 bytes free
Post-Run: 902,798,884,864 bytes free
.
- - End Of File - - 2A0DFFDDCD5D5BC80F17B13C6659CD7A


And I get "illegal operations marked on a registry keythat has been marked for deletion" notice whenever i click on any of my browsers had to run it as an admin.
  • 0

#10
Essexboy
Posted 30 October 2011 - 12:46 PM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Combofix has not released the registry - a reboot will clear that

Could you now run OTL again please with this script and also let me know what the current problems are


  • Select All Users
  • Under the Custom Scan box paste this in
    netsvcs
    %SYSTEMDRIVE%\*.exe
    /md5start
    explorer.exe
    winlogon.exe
    Userinit.exe
    svchost.exe
    /md5stop
    C:\Windows\assembly\tmp\U\*.* /s
    CREATERESTOREPOINT

  • 0

Advertisements

#11
Emoq XD
Posted 30 October 2011 - 01:04 PM

Emoq XD

    Member

  • Topic Starter
  • Member
  • PipPip
  • 12 posts
OTL LOG



OTL logfile created on: 10/31/2011 2:54:26 AM - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Nikhil\Desktop
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: Singapore | Language: ENE | Date Format: d/M/yyyy

7.98 Gb Total Physical Memory | 6.56 Gb Available Physical Memory | 82.12% Memory free
13.98 Gb Paging File | 12.50 Gb Available in Paging File | 89.38% Paging File free
Paging file location(s): [Binary data over 100 bytes]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 919.50 Gb Total Space | 840.94 Gb Free Space | 91.46% Space Free | Partition Type: NTFS
Drive D: | 11.91 Gb Total Space | 1.46 Gb Free Space | 12.24% Space Free | Partition Type: NTFS

Computer Name: EMOQ-HP | User Name: Nikhil | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/10/31 02:53:38 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Nikhil\Desktop\OTL.exe
PRC - [2011/09/19 18:31:10 | 002,221,200 | ---- | M] (Giraffic) -- C:\Program Files (x86)\Giraffic\Veoh_GirafficWatchdog.exe
PRC - [2011/09/19 18:30:52 | 003,663,488 | ---- | M] (Giraffic) -- C:\Program Files (x86)\Giraffic\Veoh_Giraffic.exe
PRC - [2011/07/29 07:08:12 | 001,259,376 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
PRC - [2011/06/09 20:37:18 | 000,264,008 | ---- | M] (HP) -- C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe
PRC - [2011/06/09 20:37:00 | 000,653,128 | ---- | M] (HP) -- C:\Program Files (x86)\HP SimplePass 2011\TouchControl.exe
PRC - [2011/06/09 20:36:34 | 000,142,664 | ---- | M] (HP) -- C:\Program Files (x86)\HP SimplePass 2011\BioMonitor.exe
PRC - [2011/05/06 07:40:52 | 001,128,952 | ---- | M] (PDF Complete Inc) -- C:\Program Files (x86)\PDF Complete\pdfsvc.exe
PRC - [2011/03/30 15:41:10 | 000,378,472 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2011/03/28 17:07:50 | 000,094,264 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
PRC - [2011/02/24 15:10:24 | 000,212,944 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
PRC - [2010/11/24 11:31:24 | 002,069,504 | ---- | M] (Hewlett-Packard) -- C:\Program Files (x86)\Hewlett-Packard\HP Keyboard\CNYHKEY.exe
PRC - [2009/02/28 10:13:04 | 000,053,248 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Keyboard\ModLEDKey.exe
PRC - [2008/11/21 01:47:28 | 000,062,768 | ---- | M] (Hewlett-Packard) -- C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
PRC - [2008/01/23 01:35:52 | 000,103,808 | ---- | M] () -- C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe


========== Modules (No Company Name) ==========

MOD - [2011/07/29 07:09:42 | 000,096,112 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll
MOD - [2011/07/29 07:08:12 | 001,259,376 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
MOD - [2009/02/28 10:13:04 | 000,053,248 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Keyboard\ModLEDKey.exe
MOD - [2009/02/20 08:22:50 | 000,028,672 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Keyboard\WMINPUT.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2011/02/17 13:47:28 | 000,682,040 | ---- | M] (Hewlett-Packard) [Auto | Running] -- C:\Program Files\Hewlett-Packard\HP Auto\HPAuto.exe -- (HPAuto)
SRV:64bit: - [2011/02/16 20:20:04 | 000,256,336 | ---- | M] (Trend Micro Inc.) [Auto | Running] -- C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe -- (Amsp)
SRV:64bit: - [2010/10/11 17:48:14 | 000,346,168 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe -- (HPClientSvc)
SRV:64bit: - [2010/09/23 09:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2009/07/14 09:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/07/14 09:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2011/10/22 12:35:06 | 000,419,624 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2011/10/10 17:53:00 | 000,075,136 | ---- | M] () [Auto | Stopped] -- C:\Windows\SysWow64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2011/09/19 18:31:10 | 002,221,200 | ---- | M] (Giraffic) [Auto | Running] -- C:\Program Files (x86)\Giraffic\Veoh_GirafficWatchdog.exe -- (Giraffic)
SRV - [2011/08/04 04:39:00 | 004,141,560 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\Windows\SysWow64\GameMon.des -- (npggsvc)
SRV - [2011/06/21 15:57:34 | 000,085,560 | ---- | M] (Hewlett-Packard Company) [Auto | Stopped] -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe -- (HP Support Assistant Service)
SRV - [2011/06/09 20:37:18 | 000,264,008 | ---- | M] (HP) [Auto | Running] -- C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe -- (FPLService)
SRV - [2011/05/06 07:40:52 | 001,128,952 | ---- | M] (PDF Complete Inc) [Auto | Running] -- C:\Program Files (x86)\PDF Complete\pdfsvc.exe -- (pdfcDispatcher)
SRV - [2011/03/30 15:41:10 | 000,378,472 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2011/03/28 17:07:50 | 000,094,264 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe -- (HPDrvMntSvc.exe)
SRV - [2011/03/02 12:23:36 | 000,183,560 | ---- | M] (Microsoft Corporation.) [On_Demand | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
SRV - [2011/02/26 01:46:22 | 000,249,648 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE -- (SeaPort)
SRV - [2011/02/24 15:10:24 | 000,212,944 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe -- (jhi_service) Intel®
SRV - [2011/02/01 15:41:24 | 002,656,280 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS) Intel®
SRV - [2011/02/01 15:41:20 | 000,326,168 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS) Intel®
SRV - [2010/11/21 11:24:08 | 000,351,232 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- winhttp.dll -- (WinHttpAutoProxySvc)
SRV - [2010/10/13 01:59:12 | 000,206,072 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe -- (GamesAppService)
SRV - [2010/06/02 06:31:28 | 002,804,568 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe -- (NOBU)
SRV - [2010/03/19 05:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/06/11 05:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008/01/23 01:35:52 | 000,103,808 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe -- (IJPLMSVC)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2011/10/27 15:44:54 | 000,254,528 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2011/08/13 14:00:36 | 000,031,152 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pmxdrv.sys -- (pmxdrv)
DRV:64bit: - [2011/08/13 13:38:31 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/08/13 13:38:31 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/05/13 03:21:04 | 000,177,640 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadmdm.sys -- (ssadmdm)
DRV:64bit: - [2011/05/13 03:21:04 | 000,146,920 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadserd.sys -- (ssadserd) SAMSUNG Android USB Diagnostic Serial Port (WDM)
DRV:64bit: - [2011/05/13 03:21:02 | 000,157,672 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadbus.sys -- (ssadbus) SAMSUNG Android USB Composite Device driver (WDM)
DRV:64bit: - [2011/05/13 03:21:02 | 000,036,328 | ---- | M] (Google Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadadb.sys -- (androidusb)
DRV:64bit: - [2011/05/13 03:21:02 | 000,016,872 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadmdfl.sys -- (ssadmdfl) SAMSUNG Android USB Modem (Filter)
DRV:64bit: - [2011/04/27 03:07:36 | 000,557,848 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2011/04/22 18:17:04 | 000,471,144 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2011/04/22 08:46:54 | 001,360,960 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\netr28x.sys -- (netr28x)
DRV:64bit: - [2011/03/04 01:59:20 | 000,174,184 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2010/11/21 11:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/21 11:23:48 | 000,071,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2010/11/21 11:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/21 11:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010/10/19 19:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64) Intel®
DRV:64bit: - [2010/08/08 18:18:48 | 000,339,536 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\tmwfp.sys -- (tmwfp)
DRV:64bit: - [2010/08/08 18:18:48 | 000,194,640 | ---- | M] (Trend Micro Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\tmlwf.sys -- (tmlwf)
DRV:64bit: - [2010/08/08 18:18:48 | 000,144,464 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\tmcomm.sys -- (tmcomm)
DRV:64bit: - [2010/08/08 18:18:48 | 000,105,552 | ---- | M] (Trend Micro Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\tmtdi.sys -- (tmtdi)
DRV:64bit: - [2010/08/08 18:18:48 | 000,090,704 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\tmactmon.sys -- (tmactmon)
DRV:64bit: - [2010/08/08 18:18:48 | 000,067,664 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\tmevtmgr.sys -- (tmevtmgr)
DRV:64bit: - [2009/07/14 09:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/14 09:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/14 09:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/14 08:35:32 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\serscan.sys -- (StillCam)
DRV:64bit: - [2009/06/11 04:37:05 | 006,108,416 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2009/06/11 04:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/11 04:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/11 04:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/11 04:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2009/07/14 09:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2004/12/31 05:43:08 | 000,004,682 | ---- | M] (INCA Internet Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWow64\npptNT2.sys -- (NPPTNT2)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://g.jp.msn.com/HPALL/139
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://g.jp.msn.com/HPALL/139
IE - HKLM\..\URLSearchHook: {cd90bf73-20f6-44ef-993d-bb920303bd2e} - C:\Program Files (x86)\Veoh_Web_Player\prxtbVeoh.dll (Conduit Ltd.)


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-4051046303-2120523462-3941003408-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.condui...&ctid=CT3104086
IE - HKU\S-1-5-21-4051046303-2120523462-3941003408-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========


FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_0_1.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.0: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.0\npesnsonar.dll File not found
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=1.1.11: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (the VideoLAN Team)
FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\2\NP_wtapp.dll ()

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{22C7F6C6-8D67-4534-92B5-529A0EC09405}: C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1504\6.6.1088\firefoxextension\ [2011/10/31 09:43:49 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2011/10/20 19:23:09 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011/10/10 16:03:08 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011/10/19 20:36:22 | 000,000,000 | ---D | M]

[2011/10/19 20:36:28 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Nikhil\AppData\Roaming\Mozilla\Extensions
[2011/10/19 20:36:23 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2011/10/10 16:03:09 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA}
[2011/10/19 20:36:23 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}
[2011/10/10 16:03:09 | 000,000,000 | ---D | M] (TrueSuite Website Logon) -- C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]
[2011/09/29 15:09:46 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2011/10/03 05:06:04 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2010/07/27 16:13:46 | 000,027,136 | ---- | M] (NHN USA Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npijjiautoinstallpluginff.dll
[2011/09/29 09:30:22 | 000,001,538 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazon-en-GB.xml
[2011/09/29 09:16:42 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2011/09/29 09:30:22 | 000,000,947 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\chambers-en-GB.xml
[2011/09/29 09:30:22 | 000,001,180 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-en-GB.xml
[2011/09/29 09:30:22 | 000,001,135 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-en-GB.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\14.0.835.202\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
CHR - plugin: Java Deployment Toolkit 6.0.290.11 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java™ Platform SE 6 U29 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll
CHR - plugin: DivX Web Player (Enabled) = C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\14.0.835.202\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\14.0.835.202\pdf.dll
CHR - plugin: Simple Pass 2011 (Enabled) = C:\Users\Nikhil\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpgfhihjicjofdejkbjgnjlaglaciobe\1.0_0\npwebsitelogon.dll
CHR - plugin: ijji Auto Install Plugin for Mozilla (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npijjiautoinstallpluginff.dll
CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.2.183.13\npGoogleOneClick8.dll
CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
CHR - plugin: VLC Multimedia Plug-in (Enabled) = C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
CHR - plugin: WildTangent Games App Presence Detector (Enabled) = C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: One Piece Theme = C:\Users\Nikhil\AppData\Local\Google\Chrome\User Data\Default\Extensions\kkhkehkllpkocgnlbkmpkcicednmbfnp\2_0\
CHR - Extension: DivX Plus Web Player HTML5 \u003Cvideo\u003E = C:\Users\Nikhil\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.126_0\

O1 HOSTS File: ([2011/10/31 01:51:04 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (TmIEPlugInBHO Class) - {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\module\20004\1.5.1504\6.6.1088\TmIEPlg.dll (Trend Micro Inc.)
O2:64bit: - BHO: (TrueSuite Website Log On) - {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass 2011\x64\IEBHO.dll (HP)
O2:64bit: - BHO: (TmBpIeBHO Class) - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\module\20002\6.6.1010\6.6.1010\TmBpIe64.dll (Trend Micro Inc.)
O2 - BHO: (TmIEPlugInBHO Class) - {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\module\20004\1.5.1504\6.6.1088\TmIEPlg32.dll (Trend Micro Inc.)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (TrueSuite Website Log On) - {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass 2011\IEBHO.dll (HP)
O2 - BHO: (TmBpIeBHO Class) - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\module\20002\6.6.1010\6.6.1010\TmBpIe32.dll (Trend Micro Inc.)
O2 - BHO: (Veoh Web Player Toolbar) - {cd90bf73-20f6-44ef-993d-bb920303bd2e} - C:\Program Files (x86)\Veoh_Web_Player\prxtbVeoh.dll (Conduit Ltd.)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (Veoh Web Player Toolbar) - {cd90bf73-20f6-44ef-993d-bb920303bd2e} - C:\Program Files (x86)\Veoh_Web_Player\prxtbVeoh.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-4051046303-2120523462-3941003408-1003\..\Toolbar\WebBrowser: (Veoh Web Player Toolbar) - {CD90BF73-20F6-44EF-993D-BB920303BD2E} - C:\Program Files (x86)\Veoh_Web_Player\prxtbVeoh.dll (Conduit Ltd.)
O4:64bit: - HKLM..\Run: [CanonSolutionMenu] C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe (CANON INC.)
O4:64bit: - HKLM..\Run: [hpsysdrv] c:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe (Hewlett-Packard)
O4:64bit: - HKLM..\Run: [Trend Micro Client Framework] C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe (Trend Micro Inc.)
O4:64bit: - HKLM..\Run: [Trend Micro Titanium] C:\Program Files\Trend Micro\Titanium\UIFramework\uiWinMgr.exe (Trend Micro Inc.)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [IJNetworkScanUtility] C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.EXE (CANON INC.)
O4 - HKLM..\Run: [LaunchHPOSIAPP] C:\Program Files (x86)\Hewlett-Packard\HP Keyboard\LaunchApp.exe (Hewlett-Packard)
O4 - HKLM..\Run: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe (Symantec Corporation)
O4 - HKLM..\Run: [PDF Complete] C:\Program Files (x86)\PDF Complete\pdfsty.exe (PDF Complete Inc)
O4 - HKU\S-1-5-21-4051046303-2120523462-3941003408-1003..\Run: [PowerSuite] C:\Program Files (x86)\Uniblue\PowerSuite\launcher.exe (Uniblue Systems Limited)
O4 - HKU\S-1-5-21-4051046303-2120523462-3941003408-1003..\Run: [Steam] C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)
O4 - HKU\S-1-5-21-4051046303-2120523462-3941003408-1003..\Run: [Xvid] C:\Program Files (x86)\Xvid\CheckUpdate.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-4051046303-2120523462-3941003408-1003\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-4051046303-2120523462-3941003408-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll File not found
O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll File not found
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL File not found
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000001 [] - mswsock.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000005 [] - mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000005 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000006 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000007 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000008 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000009 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000010 - mmswsock.dll File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - %SystemRoot%\System32\nwprovau.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000028 - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000029 - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_29)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9CB2CD06-6A9C-47CC-A397-92CBE683ACF4}: DhcpNameServer = 192.168.1.1 192.168.1.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\tmbp {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\6.6.1010\6.6.1010\TmBpIe64.dll (Trend Micro Inc.)
O18:64bit: - Protocol\Handler\tmpx {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\module\20004\1.5.1504\6.6.1088\TmIEPlg.dll (Trend Micro Inc.)
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\tmbp {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\6.6.1010\6.6.1010\TmBpIe32.dll (Trend Micro Inc.)
O18 - Protocol\Handler\tmpx {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\module\20004\1.5.1504\6.6.1088\TmIEPlg32.dll (Trend Micro Inc.)
O18:64bit: - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - Explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) -Explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) -SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O29:64bit: - HKLM SecurityProviders - (credssp.dll) -credssp.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (credssp.dll) -credssp.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2011/10/31 02:53:38 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\Nikhil\Desktop\OTL.exe
[2011/10/31 01:58:35 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2011/10/31 01:16:53 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2011/10/31 00:27:12 | 001,916,416 | ---- | C] (AVAST Software) -- C:\Users\Nikhil\Desktop\aswMBR.exe
[2011/10/30 19:53:58 | 000,000,000 | ---D | C] -- C:\Users\Nikhil\AppData\Roaming\QuickScan
[2011/10/30 18:51:28 | 000,000,000 | ---D | C] -- C:\Users\Nikhil\AppData\Local\HP
[2011/10/30 18:51:24 | 000,000,000 | ---D | C] -- C:\Users\Nikhil\AppData\Local\AuthenTec
[2011/10/30 16:58:58 | 000,000,000 | ---D | C] -- C:\Config.Msi
[2011/10/30 15:12:37 | 000,000,000 | ---D | C] -- C:\Users\Nikhil\AppData\Local\ElevatedDiagnostics
[2011/10/30 14:26:54 | 000,339,536 | ---- | C] (Trend Micro Inc.) -- C:\Windows\SysNative\drivers\tmwfp.sys
[2011/10/30 14:26:54 | 000,194,640 | ---- | C] (Trend Micro Inc.) -- C:\Windows\SysNative\drivers\tmlwf.sys
[2011/10/29 22:27:40 | 000,000,000 | -HSD | C] -- C:\Windows\SysNative\%APPDATA%
[2011/10/29 19:17:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Uniblue
[2011/10/29 19:09:11 | 000,000,000 | ---D | C] -- C:\Users\Nikhil\AppData\Local\PackageAware
[2011/10/29 19:00:37 | 000,000,000 | ---D | C] -- C:\Users\Nikhil\AppData\Roaming\Uniblue
[2011/10/29 19:00:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Uniblue
[2011/10/29 19:00:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Uniblue
[2011/10/27 15:44:54 | 000,254,528 | ---- | C] (DT Soft Ltd) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys
[2011/10/27 15:11:32 | 000,000,000 | ---D | C] -- C:\Users\Nikhil\AppData\Roaming\DAEMON Tools Lite
[2011/10/27 15:11:32 | 000,000,000 | ---D | C] -- C:\ProgramData\DAEMON Tools Lite
[2011/10/27 14:45:18 | 000,000,000 | ---D | C] -- C:\Downloads
[2011/10/27 14:28:13 | 000,000,000 | ---D | C] -- C:\Users\Nikhil\AppData\Roaming\WinRAR
[2011/10/24 09:17:19 | 000,000,000 | ---D | C] -- C:\Users\Nikhil\AppData\Roaming\Hewlett-Packard
[2011/10/24 09:15:43 | 000,000,000 | ---D | C] -- C:\Users\Nikhil\AppData\Roaming\HP Support Assistant
[2011/10/24 09:15:36 | 000,000,000 | ---D | C] -- C:\Users\Nikhil\AppData\Roaming\HpUpdate
[2011/10/24 09:15:13 | 000,000,000 | ---D | C] -- C:\Users\Nikhil\AppData\Local\Hewlett-Packard
[2011/10/23 22:58:32 | 000,000,000 | ---D | C] -- C:\Users\Nikhil\AppData\Local\Chronicles of Albian
[2011/10/23 02:19:00 | 000,000,000 | ---D | C] -- C:\Users\Nikhil\AppData\Local\SFK_Team_Inc
[2011/10/22 21:51:57 | 000,000,000 | ---D | C] -- C:\Users\Nikhil\AppData\Local\Omnifone_Ltd
[2011/10/22 21:49:07 | 000,000,000 | ---D | C] -- C:\ProgramData\MusicStation
[2011/10/22 21:49:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MusicStation
[2011/10/22 21:49:05 | 000,000,000 | ---D | C] -- C:\Users\Nikhil\AppData\Local\Downloaded Installations
[2011/10/22 21:49:04 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Synchronization Services
[2011/10/22 21:48:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Synchronization Services
[2011/10/22 13:16:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WinRAR
[2011/10/22 13:16:38 | 000,000,000 | ---D | C] -- C:\Users\Nikhil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
[2011/10/22 13:16:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
[2011/10/22 13:16:27 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR
[2011/10/22 12:33:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
[2011/10/22 12:33:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Steam
[2011/10/22 12:33:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Steam
[2011/10/22 11:46:42 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\directx
[2011/10/21 16:03:31 | 000,000,000 | ---D | C] -- C:\Users\Nikhil\AppData\Local\CrashDumps
[2011/10/20 19:43:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\uTorrent
[2011/10/20 19:42:31 | 000,000,000 | ---D | C] -- C:\Users\Nikhil\AppData\Roaming\uTorrent
[2011/10/20 19:42:31 | 000,000,000 | ---D | C] -- C:\Users\Nikhil\AppData\Local\uTorrent
[2011/10/20 19:23:59 | 000,000,000 | ---D | C] -- C:\Users\Nikhil\AppData\Local\DDMSettings
[2011/10/20 19:23:03 | 000,000,000 | ---D | C] -- C:\Users\Nikhil\AppData\Roaming\DivX
[2011/10/20 19:22:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\PX Storage Engine
[2011/10/20 19:22:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX Plus
[2011/10/20 19:22:31 | 000,000,000 | ---D | C] -- C:\Program Files\DivX
[2011/10/20 19:22:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DivX Shared
[2011/10/20 19:22:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2011/10/20 19:21:59 | 000,000,000 | ---D | C] -- C:\Users\Nikhil\AppData\Local\Google
[2011/10/20 19:21:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google
[2011/10/20 19:21:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DivX
[2011/10/20 19:21:25 | 000,000,000 | ---D | C] -- C:\ProgramData\DivX
[2011/10/20 19:13:57 | 000,000,000 | ---D | C] -- C:\Users\Nikhil\AppData\Roaming\vlc
[2011/10/20 19:13:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
[2011/10/20 19:13:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VideoLAN
[2011/10/20 19:04:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xvid
[2011/10/20 19:04:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Xvid
[2011/10/19 21:12:49 | 000,000,000 | ---D | C] -- C:\Users\Nikhil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
[2011/10/19 20:45:21 | 000,000,000 | ---D | C] -- C:\Users\Nikhil\Documents\Heroes of Newerth (Garena)
[2011/10/19 20:44:02 | 000,000,000 | ---D | C] -- C:\Users\Nikhil\riotsGamesLogs
[2011/10/19 20:43:58 | 000,000,000 | ---D | C] -- C:\Users\Nikhil\AppData\Roaming\LolClient
[2011/10/19 20:43:18 | 000,000,000 | ---D | C] -- C:\Users\Nikhil\AppData\Roaming\GarenaPlus
[2011/10/19 20:38:39 | 000,000,000 | ---D | C] -- C:\Users\Nikhil\AppData\Roaming\Adobe
[2011/10/19 20:36:19 | 000,000,000 | ---D | C] -- C:\Users\Nikhil\AppData\Roaming\Mozilla
[2011/10/19 20:36:19 | 000,000,000 | ---D | C] -- C:\Users\Nikhil\AppData\Local\Mozilla
[2011/10/19 20:36:07 | 000,000,000 | ---D | C] -- C:\Users\Nikhil\AppData\Local\Diagnostics
[2011/10/19 20:27:09 | 000,000,000 | ---D | C] -- C:\Users\Nikhil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Trend Micro Titanium Internet Security
[2011/10/19 20:27:08 | 000,000,000 | ---D | C] -- C:\Users\Nikhil\AppData\Local\PDFC
[2011/10/19 20:26:57 | 000,000,000 | R--D | C] -- C:\Users\Nikhil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2011/10/19 20:26:57 | 000,000,000 | R--D | C] -- C:\Users\Nikhil\Searches
[2011/10/19 20:26:57 | 000,000,000 | R--D | C] -- C:\Users\Nikhil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2011/10/19 20:26:57 | 000,000,000 | -H-D | C] -- C:\Users\Nikhil\Application Data\Microsoft\Internet Explorer\Quick Launch\User Pinned
[2011/10/19 20:26:52 | 000,000,000 | ---D | C] -- C:\Users\Nikhil\AppData\Roaming\Symantec
[2011/10/19 20:26:50 | 000,000,000 | ---D | C] -- C:\Users\Nikhil\AppData\Roaming\Identities
[2011/10/19 20:26:48 | 000,000,000 | R--D | C] -- C:\Users\Nikhil\Contacts
[2011/10/19 20:26:48 | 000,000,000 | ---D | C] -- C:\Users\Nikhil\AppData\Local\VirtualStore
[2011/10/19 20:26:32 | 000,000,000 | --SD | C] -- C:\Users\Nikhil\AppData\Roaming\Microsoft
[2011/10/19 20:26:32 | 000,000,000 | R--D | C] -- C:\Users\Nikhil\Videos
[2011/10/19 20:26:32 | 000,000,000 | R--D | C] -- C:\Users\Nikhil\Saved Games
[2011/10/19 20:26:32 | 000,000,000 | R--D | C] -- C:\Users\Nikhil\Pictures
[2011/10/19 20:26:32 | 000,000,000 | R--D | C] -- C:\Users\Nikhil\Music
[2011/10/19 20:26:32 | 000,000,000 | R--D | C] -- C:\Users\Nikhil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2011/10/19 20:26:32 | 000,000,000 | R--D | C] -- C:\Users\Nikhil\Links
[2011/10/19 20:26:32 | 000,000,000 | R--D | C] -- C:\Users\Nikhil\Favorites
[2011/10/19 20:26:32 | 000,000,000 | R--D | C] -- C:\Users\Nikhil\Downloads
[2011/10/19 20:26:32 | 000,000,000 | R--D | C] -- C:\Users\Nikhil\Documents
[2011/10/19 20:26:32 | 000,000,000 | R--D | C] -- C:\Users\Nikhil\Desktop
[2011/10/19 20:26:32 | 000,000,000 | R--D | C] -- C:\Users\Nikhil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2011/10/19 20:26:32 | 000,000,000 | -HSD | C] -- C:\Users\Nikhil\AppData\Local\Temporary Internet Files
[2011/10/19 20:26:32 | 000,000,000 | -HSD | C] -- C:\Users\Nikhil\Templates
[2011/10/19 20:26:32 | 000,000,000 | -HSD | C] -- C:\Users\Nikhil\Start Menu
[2011/10/19 20:26:32 | 000,000,000 | -HSD | C] -- C:\Users\Nikhil\SendTo
[2011/10/19 20:26:32 | 000,000,000 | -HSD | C] -- C:\Users\Nikhil\Recent
[2011/10/19 20:26:32 | 000,000,000 | -HSD | C] -- C:\Users\Nikhil\PrintHood
[2011/10/19 20:26:32 | 000,000,000 | -HSD | C] -- C:\Users\Nikhil\NetHood
[2011/10/19 20:26:32 | 000,000,000 | -HSD | C] -- C:\Users\Nikhil\Documents\My Videos
[2011/10/19 20:26:32 | 000,000,000 | -HSD | C] -- C:\Users\Nikhil\Documents\My Pictures
[2011/10/19 20:26:32 | 000,000,000 | -HSD | C] -- C:\Users\Nikhil\Documents\My Music
[2011/10/19 20:26:32 | 000,000,000 | -HSD | C] -- C:\Users\Nikhil\My Documents
[2011/10/19 20:26:32 | 000,000,000 | -HSD | C] -- C:\Users\Nikhil\Local Settings
[2011/10/19 20:26:32 | 000,000,000 | -HSD | C] -- C:\Users\Nikhil\AppData\Local\History
[2011/10/19 20:26:32 | 000,000,000 | -HSD | C] -- C:\Users\Nikhil\Cookies
[2011/10/19 20:26:32 | 000,000,000 | -HSD | C] -- C:\Users\Nikhil\Application Data
[2011/10/19 20:26:32 | 000,000,000 | -HSD | C] -- C:\Users\Nikhil\AppData\Local\Application Data
[2011/10/19 20:26:32 | 000,000,000 | -H-D | C] -- C:\Users\Nikhil\AppData
[2011/10/19 20:26:32 | 000,000,000 | ---D | C] -- C:\Users\Nikhil\AppData\Local\Temp
[2011/10/19 20:26:32 | 000,000,000 | ---D | C] -- C:\Users\Nikhil\AppData\Local\Microsoft Help
[2011/10/19 20:26:32 | 000,000,000 | ---D | C] -- C:\Users\Nikhil\AppData\Local\Microsoft
[2011/10/19 20:26:32 | 000,000,000 | ---D | C] -- C:\Users\Nikhil\AppData\Roaming\Media Center Programs
[2011/10/19 20:26:32 | 000,000,000 | ---D | C] -- C:\Users\Nikhil\AppData\Roaming\Macromedia
[2011/10/19 20:14:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Warcraft III Reign of Chaos & The Frozen Throne
[2011/10/19 19:59:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Garena Classic
[2011/10/18 17:49:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Conduit
[2011/10/18 17:49:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Veoh_Web_Player
[2011/10/18 17:48:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Giraffic
[2011/10/18 17:48:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Giraffic
[2011/10/18 17:48:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Veoh Networks
[2011/10/17 13:04:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft XNA
[2011/10/16 13:56:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zoo Empire
[2011/10/16 13:56:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Zoo Empire
[2011/10/16 13:51:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nocturnal - Boston Nightfall
[2011/10/16 13:51:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Nocturnal - Boston Nightfall
[2011/10/16 13:48:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wheel of Fortune 2
[2011/10/16 13:48:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Wheel of Fortune 2
[2011/10/16 13:39:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lost in Reefs
[2011/10/16 13:39:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Lost in Reefs
[2011/10/16 13:39:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Profitville
[2011/10/16 13:39:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Profitville
[2011/10/16 13:38:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Zellians - Kingdom Builder
[2011/10/16 13:38:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\World of Zellians - Kingdom Builder
[2011/10/16 13:34:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Witch and the Warrior Strategy Guide
[2011/10/16 13:34:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\The Witch and the Warrior Strategy Guide
[2011/10/16 13:33:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mystic Diary - Haunted Island
[2011/10/16 13:33:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mystic Diary - Haunted Island
[2011/10/16 12:57:22 | 000,000,000 | -H-D | C] -- C:\ProgramData\CanonIJSolutionMenu
[2011/10/16 12:56:52 | 000,000,000 | -H-D | C] -- C:\ProgramData\CanonIJMyPrinter
[2011/10/16 12:56:46 | 000,000,000 | ---D | C] -- C:\ProgramData\CanonIJPLM
[2011/10/16 12:54:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MP620 series
[2011/10/16 12:53:48 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\CANON
[2011/10/16 12:53:39 | 000,000,000 | ---D | C] -- C:\Program Files\Canon
[2011/10/16 12:52:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities
[2011/10/16 12:52:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon IJ Network Utilities
[2011/10/16 12:51:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MP620 series Manual
[2011/10/16 12:51:46 | 000,000,000 | -H-D | C] -- C:\ProgramData\CanonBJ
[2011/10/16 12:51:41 | 000,000,000 | -H-D | C] -- C:\Windows\SysNative\CanonIJ Uninstaller Information
[2011/10/16 12:51:02 | 000,000,000 | -H-D | C] -- C:\Program Files\CanonBJ
[2011/10/16 12:50:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Canon
[2011/10/13 21:46:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Sandlot Games
[2011/10/12 16:02:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Heroes of Newerth
[2011/10/12 16:01:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Heroes of Newerth
[2011/10/12 09:53:27 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\PlayfulAge
[2011/10/12 09:52:45 | 000,000,000 | ---D | C] -- C:\ProgramData\PlayfulAge
[2011/10/12 09:49:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Supermarket Management 2
[2011/10/12 09:49:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Supermarket Management 2
[2011/10/12 00:32:17 | 000,000,000 | ---D | C] -- C:\ProgramData\CropBusters
[2011/10/11 23:00:26 | 000,000,000 | ---D | C] -- C:\ProgramData\PlayFirst
[2011/10/11 22:10:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dark Parables - Curse of Briar Rose
[2011/10/11 22:10:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Dark Parables - Curse of Briar Rose
[2011/10/11 22:09:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Escape From Paradise
[2011/10/11 22:09:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Escape From Paradise
[2011/10/11 22:09:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gemini Lost
[2011/10/11 22:09:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Gemini Lost
[2011/10/11 22:06:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Crop Busters
[2011/10/11 22:06:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Crop Busters
[2011/10/11 22:06:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Aveyond - The Darkthrop Prophecy
[2011/10/11 22:06:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Aveyond - The Darkthrop Prophecy
[2011/10/11 22:01:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Witch and The Warrior
[2011/10/11 22:01:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\The Witch and The Warrior
[2011/10/11 21:53:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dark Parables - The Exiled Prince
[2011/10/11 21:53:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Dark Parables - The Exiled Prince
[2011/10/11 16:50:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Garena
[2011/10/11 16:50:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Garena Plus
[2011/10/11 16:50:38 | 000,000,000 | ---D | C] -- C:\ProgramData\GarenaMessenger
[2011/10/11 15:38:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Wizet
[2011/10/11 15:32:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
[2011/10/11 15:32:17 | 000,000,000 | ---D | C] -- C:\Program Files\7-Zip
[2011/10/10 21:53:31 | 000,000,000 | ---D | C] -- C:\ProgramData\{D3B41B92-9BC2-43EB-916A-4FA9E8191837}
[2011/10/10 17:54:47 | 000,000,000 | ---D | C] -- C:\ProgramData\EA Core
[2011/10/10 17:53:28 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\Common Files\EAInstaller
[2011/10/10 17:26:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin
[2011/10/10 17:26:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Origin
[2011/10/10 17:26:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Electronic Arts
[2011/10/10 16:20:52 | 000,713,312 | ---- | C] (NHN USA) -- C:\Windows\SysWow64\ijjiSetup.exe
[2011/10/10 16:20:52 | 000,062,048 | ---- | C] (NHN USA Inc.) -- C:\Windows\SysWow64\ijjiProcessRestarter.exe
[2011/10/10 16:11:03 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Macromed
[2011/10/10 16:03:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SymSilent
[2011/10/10 16:03:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Symantec
[2011/10/10 16:03:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Realtek
[2011/10/10 16:03:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PDF Complete
[2011/10/10 16:03:26 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Online Services
[2011/10/10 16:03:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NVIDIA Corporation
[2011/10/10 16:03:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NewspaperDirect
[2011/10/10 16:03:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\My Life Story - Adventures
[2011/10/10 16:03:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2011/10/10 16:03:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft.NET
[2011/10/10 16:03:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Works
[2011/10/10 16:03:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
[2011/10/10 16:02:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Silverlight
[2011/10/10 16:01:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Office
[2011/10/10 16:01:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Mathematics
[2011/10/10 16:00:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft
[2011/10/10 16:00:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MahjonggArtifacts2_at
[2011/10/10 16:00:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Kobo
[2011/10/10 16:00:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java
[2011/10/10 16:00:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Intel
[2011/10/10 15:57:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\HP Games
[2011/10/10 15:57:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Hp
[2011/10/10 15:55:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Hewlett-Packard
[2011/10/10 15:54:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\FishdomH2O_at
[2011/10/10 15:54:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Fingerprint Sensor
[2011/10/10 15:53:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Cyberlink
[2011/10/10 15:53:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Buildalot4_at
[2011/10/10 15:53:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\bfgclient
[2011/10/10 15:52:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Be Rich
[2011/10/10 15:52:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe
[2011/10/10 15:52:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Zinio Reader 4
[2011/10/10 15:52:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows Live
[2011/10/10 15:51:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WildTangent Games
[2011/10/10 15:51:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VirtualCity_at
[2011/10/10 15:46:49 | 000,000,000 | ---D | C] -- C:\Program Files\WinMerge
[2011/10/10 15:25:00 | 000,000,000 | ---D | C] -- C:\Program Files\Games
[2011/10/10 14:50:02 | 000,000,000 | ---D | C] -- C:\Program Files\uTorrent
[2011/10/10 11:29:13 | 000,000,000 | ---D | C] -- C:\Program Files\Tibia
[2011/10/10 11:00:15 | 004,141,560 | ---- | C] (INCA Internet Co., Ltd.) -- C:\Windows\SysWow64\GameMon.des
[2011/10/10 10:59:54 | 000,004,682 | ---- | C] (INCA Internet Co., Ltd.) -- C:\Windows\SysWow64\npptNT2.sys
[2011/10/10 10:59:51 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\INCA Shared
[2011/10/10 10:49:14 | 000,000,000 | ---D | C] -- C:\Program Files\Asiasoft Online
[2011/10/10 09:12:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Flood Light Games
[2011/10/10 09:09:46 | 000,000,000 | ---D | C] -- C:\ProgramData\HipSoft
[2011/10/10 08:58:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mahjongg Artifacts 2
[2011/10/10 08:58:50 | 000,000,000 | ---D | C] -- C:\Program Files\MahjonggArtifacts2_at
[2011/10/10 08:58:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Virtual City
[2011/10/10 08:58:23 | 000,000,000 | ---D | C] -- C:\Program Files\VirtualCity_at
[2011/10/10 08:57:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fishdom H2O
[2011/10/10 08:57:35 | 000,000,000 | ---D | C] -- C:\Program Files\FishdomH2O_at
[2011/10/10 08:57:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Build-a-lot 4
[2011/10/10 08:56:54 | 000,000,000 | ---D | C] -- C:\Program Files\Buildalot4_at
[2011/10/10 08:34:08 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Online Services
[2011/10/09 23:10:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2011/10/09 23:10:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2011/10/09 23:10:14 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2011/10/09 22:48:51 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2011/10/09 21:38:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Be Rich
[2011/10/09 21:38:55 | 000,000,000 | ---D | C] -- C:\Program Files\Be Rich
[2011/10/09 21:35:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\My Life Story - Adventures
[2011/10/09 21:35:23 | 000,000,000 | ---D | C] -- C:\Program Files\My Life Story - Adventures
[2011/10/09 21:34:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Big Fish Games
[2011/10/09 21:34:17 | 000,000,000 | ---D | C] -- C:\Program Files\bfgclient
[2011/10/09 21:33:00 | 000,000,000 | ---D | C] -- C:\BigFishGamesCache
[2011/10/09 21:07:30 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Wat
[2011/10/09 21:07:30 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Wat
[2011/10/09 20:29:11 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\appmgmt
[2011/10/09 20:27:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
[2011/10/09 20:27:14 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Works
[2011/10/09 20:27:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DESIGNER
[2011/10/09 20:24:06 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2011/10/09 20:23:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help
[2011/10/09 20:22:49 | 000,000,000 | R--D | C] -- C:\MSOCache
[2011/10/09 20:08:36 | 000,000,000 | ---D | C] -- C:\temp
[2011/10/09 20:07:57 | 000,105,552 | ---- | C] (Trend Micro Inc.) -- C:\Windows\SysNative\drivers\tmtdi.sys
[2011/10/09 20:07:55 | 000,144,464 | ---- | C] (Trend Micro Inc.) -- C:\Windows\SysNative\drivers\tmcomm.sys
[2011/10/09 20:07:55 | 000,090,704 | ---- | C] (Trend Micro Inc.) -- C:\Windows\SysNative\drivers\tmactmon.sys
[2011/10/09 20:07:55 | 000,067,664 | ---- | C] (Trend Micro Inc.) -- C:\Windows\SysNative\drivers\tmevtmgr.sys
[2011/10/09 19:13:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Trend Micro
[2011/10/09 19:13:42 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2011/10/09 19:11:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
[2011/10/09 19:05:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Shopping and Services
[2011/10/09 19:05:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Music, Photos and Videos
[2011/10/09 19:05:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP User Manuals
[2011/10/09 19:04:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Mathematics
[2011/10/09 19:04:28 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Mathematics
[2011/10/09 19:04:12 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution

========== Files - Modified Within 30 Days ==========

[2011/10/31 02:59:36 | 000,793,862 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011/10/31 02:59:36 | 000,675,466 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011/10/31 02:59:36 | 000,128,542 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011/10/31 02:53:38 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Nikhil\Desktop\OTL.exe
[2011/10/31 02:52:45 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011/10/31 02:52:33 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/10/31 02:52:29 | 2133,745,663 | -HS- | M] () -- C:\hiberfil.sys
[2011/10/31 02:50:57 | 000,027,568 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011/10/31 02:50:57 | 000,027,568 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011/10/31 02:20:04 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011/10/31 01:51:04 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2011/10/31 00:28:25 | 000,000,512 | ---- | M] () -- C:\Users\Nikhil\Desktop\MBR.dat
[2011/10/31 00:27:13 | 001,916,416 | ---- | M] (AVAST Software) -- C:\Users\Nikhil\Desktop\aswMBR.exe
[2011/10/30 23:46:38 | 000,000,512 | ---- | M] () -- C:\Users\Nikhil\Documents\MBR.dat
[2011/10/30 19:58:54 | 000,051,270 | ---- | M] () -- C:\Users\Nikhil\AppData\Roaming\room_v3.dat
[2011/10/29 19:25:05 | 000,001,089 | ---- | M] () -- C:\Users\Nikhil\Desktop\PowerSuite.lnk
[2011/10/28 07:05:57 | 000,305,120 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2011/10/27 15:44:54 | 000,254,528 | ---- | M] (DT Soft Ltd) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys
[2011/10/26 10:06:07 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForNikhil.job
[2011/10/23 01:10:39 | 000,001,699 | ---- | M] () -- C:\Users\Public\Desktop\SFK Server Launcher.lnk
[2011/10/23 01:10:39 | 000,001,527 | ---- | M] () -- C:\Users\Public\Desktop\left4dead2.lnk
[2011/10/23 01:10:38 | 000,001,919 | ---- | M] () -- C:\Users\Public\Desktop\SFK Avatar Installer.lnk
[2011/10/22 21:49:13 | 000,000,243 | ---- | M] () -- C:\ProgramData\MusicStation.xml
[2011/10/22 21:49:10 | 000,000,228 | ---- | M] () -- C:\Windows\SysWow64\MsiExec.config
[2011/10/22 21:49:07 | 000,000,937 | ---- | M] () -- C:\Users\Nikhil\Application Data\Microsoft\Internet Explorer\Quick Launch\MusicStation.lnk
[2011/10/22 12:33:49 | 000,000,919 | ---- | M] () -- C:\Users\Public\Desktop\Steam.lnk
[2011/10/20 19:22:20 | 000,002,261 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2011/10/20 19:22:20 | 000,002,245 | ---- | M] () -- C:\Users\Nikhil\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2011/10/19 21:21:25 | 000,001,485 | ---- | M] () -- C:\Users\Nikhil\Desktop\Frozen Throne.lnk
[2011/10/19 20:58:47 | 000,001,486 | ---- | M] () -- C:\Users\Nikhil\Desktop\Garena.lnk
[2011/10/19 20:36:20 | 000,001,443 | ---- | M] () -- C:\Users\Nikhil\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2011/10/19 20:34:30 | 000,001,398 | ---- | M] () -- C:\Users\Nikhil\Desktop\League Of Legends.lnk
[2011/10/19 20:34:22 | 000,001,398 | ---- | M] () -- C:\Users\Nikhil\Desktop\Heroes Of Newerth.lnk
[2011/10/19 20:15:01 | 000,001,306 | ---- | M] () -- C:\Users\Nikhil\Desktop\Warcraft III.lnk
[2011/10/18 10:03:07 | 000,000,348 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleFornyayapati.job
[2011/10/11 16:50:45 | 000,001,069 | ---- | M] () -- C:\Users\Public\Desktop\Garena Plus.lnk
[2011/10/11 15:42:41 | 000,002,068 | ---- | M] () -- C:\Users\Nikhil\Desktop\MapleStory.lnk
[2011/10/10 17:58:33 | 000,280,904 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2011/10/10 17:58:33 | 000,280,904 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2011/10/10 17:53:09 | 000,189,248 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.ex0
[2011/10/10 17:53:00 | 000,075,136 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2011/10/10 10:03:18 | 000,041,450 | ---- | M] () -- C:\Windows\SysWow64\license.rtf
[2011/10/10 10:03:18 | 000,041,450 | ---- | M] () -- C:\Windows\SysNative\license.rtf
[2011/10/10 10:01:07 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_ssadadb_01005.Wdf
[2011/10/09 22:48:54 | 000,001,144 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2011/10/09 21:04:14 | 000,779,290 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011/10/09 19:10:36 | 000,001,449 | ---- | M] () -- C:\Users\Nikhil\Desktop\Internet Explorer.lnk
[2011/10/09 19:05:09 | 000,000,000 | RHS- | M] () -- C:\Windows\SysWow64\drivers\103C_HP_cPC_s5-1150d_Y53316J_0U_Q4CE133_E11AP3MRW603_4A_I2AC2_SPEGATRON CORPORATION_V2.00_B7.13_T110722_W748-1_L409_M8175_J1000_7Intel_86A7_93.10_#110812_N10EC8168;18145392_Z_G10DE0DE5_Ohp DVD A DH16ABLH.MRK
[2011/10/09 19:05:09 | 000,000,000 | RHS- | M] () -- C:\Windows\SysNative\drivers\103C_HP_cPC_s5-1150d_Y53316J_0U_Q4CE133_E11AP3MRW603_4A_I2AC2_SPEGATRON CORPORATION_V2.00_B7.13_T110722_W748-1_L409_M8175_J1000_7Intel_86A7_93.10_#110812_N10EC8168;18145392_Z_G10DE0DE5_Ohp DVD A DH16ABLH.MRK

========== Files Created - No Company Name ==========

[2011/10/31 00:28:25 | 000,000,512 | ---- | C] () -- C:\Users\Nikhil\Desktop\MBR.dat
[2011/10/30 23:42:04 | 000,000,512 | ---- | C] () -- C:\Users\Nikhil\Documents\MBR.dat
[2011/10/29 19:25:05 | 000,001,089 | ---- | C] () -- C:\Users\Nikhil\Desktop\PowerSuite.lnk
[2011/10/24 09:17:26 | 000,000,336 | ---- | C] () -- C:\Windows\tasks\HPCeeScheduleForNikhil.job
[2011/10/23 01:10:39 | 000,001,699 | ---- | C] () -- C:\Users\Public\Desktop\SFK Server Launcher.lnk
[2011/10/23 01:10:39 | 000,001,527 | ---- | C] () -- C:\Users\Public\Desktop\left4dead2.lnk
[2011/10/23 01:10:38 | 000,001,919 | ---- | C] () -- C:\Users\Public\Desktop\SFK Avatar Installer.lnk
[2011/10/22 21:49:13 | 000,000,243 | ---- | C] () -- C:\ProgramData\MusicStation.xml
[2011/10/22 21:49:10 | 000,000,228 | ---- | C] () -- C:\Windows\SysWow64\MsiExec.config
[2011/10/22 21:49:07 | 000,000,937 | ---- | C] () -- C:\Users\Nikhil\Application Data\Microsoft\Internet Explorer\Quick Launch\MusicStation.lnk
[2011/10/22 18:23:30 | 000,051,270 | ---- | C] () -- C:\Users\Nikhil\AppData\Roaming\room_v3.dat
[2011/10/22 12:33:49 | 000,000,919 | ---- | C] () -- C:\Users\Public\Desktop\Steam.lnk
[2011/10/20 19:22:20 | 000,002,261 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2011/10/20 19:22:20 | 000,002,245 | ---- | C] () -- C:\Users\Nikhil\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2011/10/20 19:22:04 | 000,000,898 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011/10/20 19:22:04 | 000,000,894 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011/10/20 19:04:52 | 000,696,832 | ---- | C] () -- C:\Windows\SysNative\xvidcore.dll
[2011/10/20 19:04:52 | 000,255,488 | ---- | C] () -- C:\Windows\SysNative\xvidvfw.dll
[2011/10/20 19:04:52 | 000,173,568 | ---- | C] () -- C:\Windows\SysNative\xvid.ax
[2011/10/20 19:04:51 | 000,645,632 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2011/10/20 19:04:51 | 000,240,640 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2011/10/20 19:04:51 | 000,153,088 | ---- | C] () -- C:\Windows\SysWow64\xvid.ax
[2011/10/19 20:58:47 | 000,001,486 | ---- | C] () -- C:\Users\Nikhil\Desktop\Garena.lnk
[2011/10/19 20:36:20 | 000,001,443 | ---- | C] () -- C:\Users\Nikhil\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2011/10/19 20:34:30 | 000,001,398 | ---- | C] () -- C:\Users\Nikhil\Desktop\League Of Legends.lnk
[2011/10/19 20:34:22 | 000,001,398 | ---- | C] () -- C:\Users\Nikhil\Desktop\Heroes Of Newerth.lnk
[2011/10/19 20:27:02 | 000,001,415 | ---- | C] () -- C:\Users\Nikhil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
[2011/10/19 20:26:58 | 000,001,449 | ---- | C] () -- C:\Users\Nikhil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2011/10/19 20:26:32 | 000,000,290 | ---- | C] () -- C:\Users\Nikhil\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2011/10/19 20:26:32 | 000,000,272 | ---- | C] () -- C:\Users\Nikhil\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2011/10/19 20:15:01 | 000,001,485 | ---- | C] () -- C:\Users\Nikhil\Desktop\Frozen Throne.lnk
[2011/10/19 20:15:01 | 000,001,306 | ---- | C] () -- C:\Users\Nikhil\Desktop\Warcraft III.lnk
[2011/10/16 12:50:56 | 000,117,850 | ---- | C] () -- C:\Windows\SysNative\Cnmnput.chm
[2011/10/11 16:50:45 | 000,001,069 | ---- | C] () -- C:\Users\Public\Desktop\Garena Plus.lnk
[2011/10/11 15:42:41 | 000,002,068 | ---- | C] () -- C:\Users\Nikhil\Desktop\MapleStory.lnk
[2011/10/10 21:57:53 | 000,000,348 | ---- | C] () -- C:\Windows\tasks\HPCeeScheduleFornyayapati.job
[2011/10/10 17:58:33 | 000,280,904 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2011/10/10 17:53:01 | 000,280,904 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2011/10/10 17:53:01 | 000,189,248 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.ex0
[2011/10/10 17:53:00 | 000,075,136 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2011/10/10 10:59:54 | 000,005,174 | ---- | C] () -- C:\Windows\SysWow64\nppt9x.vxd
[2011/10/10 10:01:07 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_ssadadb_01005.Wdf
[2011/10/09 22:51:05 | 000,001,449 | ---- | C] () -- C:\Users\Nikhil\Desktop\Internet Explorer.lnk
[2011/10/09 22:48:54 | 000,001,156 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2011/10/09 22:48:54 | 000,001,144 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2011/10/09 21:34:21 | 000,001,248 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\More Great Games.lnk
[2011/10/09 19:05:25 | 000,000,925 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MusicStation.lnk
[2011/10/09 19:05:12 | 000,001,787 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Warranty.lnk
[2011/10/09 19:05:09 | 000,000,000 | RHS- | C] () -- C:\Windows\SysWow64\drivers\103C_HP_cPC_s5-1150d_Y53316J_0U_Q4CE133_E11AP3MRW603_4A_I2AC2_SPEGATRON CORPORATION_V2.00_B7.13_T110722_W748-1_L409_M8175_J1000_7Intel_86A7_93.10_#110812_N10EC8168;18145392_Z_G10DE0DE5_Ohp DVD A DH16ABLH.MRK
[2011/10/09 19:05:09 | 000,000,000 | RHS- | C] () -- C:\Windows\SysNative\drivers\103C_HP_cPC_s5-1150d_Y53316J_0U_Q4CE133_E11AP3MRW603_4A_I2AC2_SPEGATRON CORPORATION_V2.00_B7.13_T110722_W748-1_L409_M8175_J1000_7Intel_86A7_93.10_#110812_N10EC8168;18145392_Z_G10DE0DE5_Ohp DVD A DH16ABLH.MRK
[2011/08/13 14:01:37 | 000,002,792 | ---- | C] () -- C:\Program Files\HP SimplePass 2011
[2011/06/21 15:07:00 | 000,007,736 | ---- | C] () -- C:\Windows\hpDSTRES.DLL
[2011/02/12 04:29:00 | 000,779,290 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2009/07/14 13:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009/07/14 10:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009/07/14 10:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009/07/14 08:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009/07/14 07:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009/07/14 05:59:36 | 001,498,564 | ---- | C] () -- C:\Windows\SysWow64\igkrng400.bin
[2009/07/14 05:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/06/11 05:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat

========== LOP Check ==========

[2011/10/29 18:51:23 | 000,000,000 | ---D | M] -- C:\Users\Nikhil\AppData\Roaming\DAEMON Tools Lite
[2011/10/23 19:03:27 | 000,000,000 | ---D | M] -- C:\Users\Nikhil\AppData\Roaming\GarenaPlus
[2011/10/19 20:43:58 | 000,000,000 | ---D | M] -- C:\Users\Nikhil\AppData\Roaming\LolClient
[2011/10/30 19:54:04 | 000,000,000 | ---D | M] -- C:\Users\Nikhil\AppData\Roaming\QuickScan
[2011/10/31 09:42:54 | 000,000,000 | ---D | M] -- C:\Users\Nikhil\AppData\Roaming\Uniblue
[2011/10/31 13:46:09 | 000,000,000 | ---D | M] -- C:\Users\Nikhil\AppData\Roaming\uTorrent
[2011/10/11 22:12:10 | 000,000,000 | ---D | M] -- C:\Users\nyayapati\AppData\Roaming\Aveyond 3
[2011/10/20 14:15:15 | 000,000,000 | ---D | M] -- C:\Users\nyayapati\AppData\Roaming\Blue Tea Games
[2011/10/10 09:12:54 | 000,000,000 | ---D | M] -- C:\Users\nyayapati\AppData\Roaming\Flood Light Games
[2011/10/10 09:04:39 | 000,000,000 | ---D | M] -- C:\Users\nyayapati\AppData\Roaming\Gaijin Ent
[2011/10/18 10:20:06 | 000,000,000 | ---D | M] -- C:\Users\nyayapati\AppData\Roaming\GameInvest
[2011/10/11 16:50:45 | 000,000,000 | ---D | M] -- C:\Users\nyayapati\AppData\Roaming\GarenaMessenger
[2011/10/19 19:37:57 | 000,000,000 | ---D | M] -- C:\Users\nyayapati\AppData\Roaming\GarenaPlus
[2011/10/10 16:25:25 | 000,000,000 | ---D | M] -- C:\Users\nyayapati\AppData\Roaming\ijjigame
[2011/10/12 12:48:07 | 000,000,000 | ---D | M] -- C:\Users\nyayapati\AppData\Roaming\LolClient
[2011/10/11 16:53:28 | 000,000,000 | ---D | M] -- C:\Users\nyayapati\AppData\Roaming\LolClient2
[2011/10/10 17:26:29 | 000,000,000 | ---D | M] -- C:\Users\nyayapati\AppData\Roaming\Origin
[2011/10/11 23:00:26 | 000,000,000 | ---D | M] -- C:\Users\nyayapati\AppData\Roaming\PlayFirst
[2011/10/10 09:08:18 | 000,000,000 | ---D | M] -- C:\Users\nyayapati\AppData\Roaming\Playrix Entertainment
[2011/10/19 20:26:16 | 000,000,000 | ---D | M] -- C:\Users\nyayapati\AppData\Roaming\uTorrent
[2011/10/10 09:06:22 | 000,000,000 | ---D | M] -- C:\Users\nyayapati\AppData\Roaming\Virtual City
[2011/10/10 21:52:08 | 000,000,000 | ---D | M] -- C:\Users\nyayapati\AppData\Roaming\WinBatch
[2009/07/14 13:08:49 | 000,013,726 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Custom Scans ==========


< %SYSTEMDRIVE%\*.exe >


< MD5 for: EXPLORER.EXE >
[2011/08/13 13:37:45 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2011/08/13 13:37:45 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\ERDNT\cache86\explorer.exe
[2011/08/13 13:37:45 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011/08/13 13:37:45 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011/08/13 13:37:45 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010/11/21 11:24:25 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2011/08/13 13:37:45 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011/08/13 13:37:45 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2010/11/21 11:24:11 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe

< MD5 for: SVCHOST.EXE >
[2009/07/14 09:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\ERDNT\cache86\svchost.exe
[2009/07/14 09:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009/07/14 09:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2009/07/14 09:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\ERDNT\cache64\svchost.exe
[2009/07/14 09:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009/07/14 09:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe

< MD5 for: USERINIT.EXE >
[2010/11/21 11:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\ERDNT\cache86\userinit.exe
[2010/11/21 11:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010/11/21 11:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2010/11/21 11:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\ERDNT\cache64\userinit.exe
[2010/11/21 11:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010/11/21 11:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe

< MD5 for: WINLOGON.EXE >
[2010/11/21 11:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\ERDNT\cache64\winlogon.exe
[2010/11/21 11:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010/11/21 11:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe

< C:\Windows\assembly\tmp\U\*.* /s >

========== Alternate Data Streams ==========

@Alternate Data Stream - 234 bytes -> C:\ProgramData\Temp:84BD8B63
@Alternate Data Stream - 232 bytes -> C:\ProgramData\Temp:CAF8DAC8
@Alternate Data Stream - 231 bytes -> C:\ProgramData\Temp:880F0FEF
@Alternate Data Stream - 231 bytes -> C:\ProgramData\Temp:425759C6
@Alternate Data Stream - 228 bytes -> C:\ProgramData\Temp:371A321E
@Alternate Data Stream - 224 bytes -> C:\ProgramData\Temp:2BE0B2D7
@Alternate Data Stream - 223 bytes -> C:\ProgramData\Temp:D6D084A5
@Alternate Data Stream - 220 bytes -> C:\ProgramData\Temp:B285A50E
@Alternate Data Stream - 215 bytes -> C:\ProgramData\Temp:7AF9CAEB
@Alternate Data Stream - 213 bytes -> C:\ProgramData\Temp:D6B71B40
@Alternate Data Stream - 212 bytes -> C:\ProgramData\Temp:3086B95F
@Alternate Data Stream - 210 bytes -> C:\ProgramData\Temp:9E3E060F
@Alternate Data Stream - 210 bytes -> C:\ProgramData\Temp:1ECED34B
@Alternate Data Stream - 205 bytes -> C:\ProgramData\Temp:ADDDF689
@Alternate Data Stream - 202 bytes -> C:\ProgramData\Temp:067BF339
@Alternate Data Stream - 198 bytes -> C:\ProgramData\Temp:315B4A13
@Alternate Data Stream - 192 bytes -> C:\ProgramData\Temp:4A392155
@Alternate Data Stream - 186 bytes -> C:\ProgramData\Temp:21C01CF5
@Alternate Data Stream - 132 bytes -> C:\ProgramData\Temp:C43C957E

< End of report >


OTL EXTRA LOG


OTL Extras logfile created on: 10/31/2011 2:54:26 AM - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Nikhil\Desktop
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: Singapore | Language: ENE | Date Format: d/M/yyyy

7.98 Gb Total Physical Memory | 6.56 Gb Available Physical Memory | 82.12% Memory free
13.98 Gb Paging File | 12.50 Gb Available in Paging File | 89.38% Paging File free
Paging file location(s): [Binary data over 100 bytes]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 919.50 Gb Total Space | 840.94 Gb Free Space | 91.46% Space Free | Partition Type: NTFS
Drive D: | 11.91 Gb Total Space | 1.46 Gb Free Space | 12.24% Space Free | Partition Type: NTFS

Computer Name: EMOQ-HP | User Name: Nikhil | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)

[HKEY_USERS\S-1-5-21-4051046303-2120523462-3941003408-1003\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection DefaultInstall 132 %1 (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L"
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L"
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{054EF02F-95D8-48F4-9EEB-2F9CE3072ED8}" = AuthenTec TrueAPI
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP620_series" = Canon MP620 series MP Drivers
"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
"{23170F69-40C1-2702-0920-000001000000}" = 7-Zip 9.20 (x64 edition)
"{2856A1C2-70C5-4EC3-AFF7-E5B51E5530A2}" = HP Client Services
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources
"{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007
"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{ABBD4BA8-6703-40D2-AB1E-5BB1F7DB49A4}" = Trend Micro Titanium Internet Security
"{ABBD4BA9-6703-40D2-AB1E-5BB1F7DB49A4}" = Trend Micro™ Titanium™ Internet Security
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Driver 267.95
"{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 267.95
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Graphics Driver 267.95
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX System Software 9.10.0514
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}" = PlayReady PC Runtime amd64
"{CC4D56B7-6F18-470B-8734-ABCD75BCF4F1}" = HP Auto
"{D07A61E5-A59C-433C-BCBD-22025FA2287B}" = Windows Live Language Selector
"{D79A02E9-6713-4335-9668-AAC7474C0C0E}" = HP Vision Hardware Diagnostics
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{F83779DF-E1F5-43A2-A7BE-732F856FADB7}" = Microsoft SQL Server Compact 3.5 SP1 x64 English
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX 64-bit
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin 64-bit
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"WinRAR archiver" = WinRAR 4.00 (64-bit)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00FF4EB6-6AAC-4E9D-A60A-8F388691BB27}" = HP SimplePass PE 2011
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{07FA4960-B038-49EB-891B-9F95930AA544}" = HP Customer Experience Enhancements
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{16FC3056-90C0-4757-8A68-64D8DA846ADA}" = Remote Graphics Receiver
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1E03DB52-D5CB-4338-A338-E526DD4D4DB1}" = Bing Bar
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{26A24AE4-039D-4CA4-87B4-2F83216027FF}" = Java™ 6 Update 29
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}" = Microsoft XNA Framework Redistributable 4.0
"{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App" = Update Installer for WildTangent Games App
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}" = Norton Online Backup
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}" = Recovery Manager
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4D090F70-6F08-4B60-9357-A1DFD4458F09}" = Microsoft Mathematics
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel® Management Engine Components
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6F340107-F9AA-47C6-B54C-C3A19F11553F}" = Hewlett-Packard ACLM.NET v1.1.1.0
"{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-hp" = WildTangent Games App (HP Games)
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{793A260C-CDBF-499C-ABBA-B51E8E076867}_is1" = Uniblue PowerSuite
"{7DE0E2DB-319A-4C26-BFB1-C6E051678210}" = Sudden Attack SEA
"{7F2A11F4-EAE8-4325-83EC-E3E99F85169E}" = HP Support Information
"{7FB00B6B-6843-97EC-EED6-78BD6D35370A}" = Zinio Reader 4
"{80956555-A512-4190-9CAD-B000C36D6B6B}" = Windows Live Messenger
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}" = Dual Stream 802.11n Wireless LAN Card
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{E64BA721-2310-4B55-BE5A-2925F9706192}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-0409-1000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0116-0409-1000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{901DC58A-5C1B-4315-BA40-5AD3D3A463B9}" = REACTOR
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{912CED74-88D3-4C5B-ACB0-132318649765}" = PressReader
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AE856388-AFAD-4753-81DF-D96B19D0A17C}" = HP Setup Manager
"{AFF7E080-1974-45BF-9310-10DE1A1F5ED0}" = Adobe AIR
"{B40D7926-AE5F-41EA-8AC6-56C0E2F00E9D}" = HP Keyboard
"{B8AC1A89-FFD1-4F97-8051-E505A160F562}" = HP Odometer
"{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}" = NVIDIA PhysX
"{C01A86F5-56E7-101F-9BC9-E3F1025EB779}" = Intel® Identity Protection Technology 1.1.2.0
"{C2F8CA82-2BD9-4513-B2D1-08A47914C1DA}_is1" = Uniblue DriverScanner
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{CA43FE4F-9FF2-4AD7-88F0-CC3BAC17B226}" = HP Support Assistant
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D35B72B6-F0E4-462B-BDEB-E08032B3B681}" = HP Setup
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{DB3147AB-4024-4773-8EC0-A1FE5B44933D}" = HP LinkUp
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DE77FE3F-A33D-499A-87AD-5FC406617B40}" = HP Update
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E55B3271-7CA8-4D0C-AE06-69A24856E996}_is1" = Uniblue SpeedUpMyPC
"{E59113EB-0285-4BFD-A37A-B79EAC6B8F4B}" = Microsoft SQL Server Compact 3.5 SP1 English
"{E63E34A7-E552-412B-9E40-FD6FC5227ABA}_is1" = Uniblue RegistryBooster
"{E74E7F63-E70F-43f2-873F-35FB66F263B2}" = MusicStation
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe AIR" = Adobe AIR
"BFG-Aveyond - The Darkthrop Prophecy" = Aveyond: The Darkthrop Prophecy
"BFG-Be Rich" = Be Rich
"BFGC" = Big Fish Games: Game Manager
"BFG-Crop Busters" = Crop Busters
"BFG-Dark Parables - Curse of Briar Rose" = Dark Parables: Curse of Briar Rose
"BFG-Dark Parables - The Exiled Prince" = Dark Parables: The Exiled Prince
"BFG-Escape From Paradise" = Escape From Paradise
"BFG-Gemini Lost" = Gemini Lost
"BFG-Lost in Reefs" = Lost in Reefs
"BFG-My Life Story - Adventures" = My Life Story: Adventures
"BFG-Mystic Diary - Haunted Island" = Mystic Diary: Haunted Island
"BFG-Nocturnal - Boston Nightfall" = Nocturnal: Boston Nightfall ™
"BFG-Profitville" = Profitville
"BFG-Supermarket Management 2" = Supermarket Management 2
"BFG-The Witch and The Warrior" = The Witch and The Warrior
"BFG-The Witch and the Warrior Strategy Guide" = The Witch and the Warrior Strategy Guide
"BFG-Wheel of Fortune 2" = Wheel of Fortune 2
"BFG-World of Zellians - Kingdom Builder" = World of Zellians: Kingdom Builder ™
"BFG-Zoo Empire" = Zoo Empire
"Build-a-lot 4 Free Trial_is1" = Build-a-lot 4 Free Trial
"Canon_IJ_Network_Scan_UTILITY" = Canon IJ Network Scan Utility
"Canon_IJ_Network_UTILITY" = Canon IJ Network Tool
"CANONIJPLM100" = Inkjet Printer/Scanner Extended Survey Program
"CanonMyPrinter" = Canon Utilities My Printer
"CanonSolutionMenu" = Canon Utilities Solution Menu
"DAEMON Tools Lite" = DAEMON Tools Lite
"DivX Setup" = DivX Setup
"Easy-PhotoPrint EX" = Canon Utilities Easy-PhotoPrint EX
"ESN Sonar-0.70.0" = ESN Sonar
"Fishdom H2O Free Trial_is1" = Fishdom H2O Free Trial
"Garena Classic 2011" = Garena Classic 2011
"Giraffic" = Veoh Giraffic Video Accelerator
"Google Chrome" = Google Chrome
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"im" = Garena Plus
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"Kobo" = Kobo
"L4D2SP" = Left 4 Dead 2 Standalone Patch™
"Mahjongg Artifacts 2 Free Trial_is1" = Mahjongg Artifacts 2 Free Trial
"MapleStorySEA" = MapleStorySEA
"Mozilla Firefox 7.0.1 (x86 en-GB)" = Mozilla Firefox 7.0.1 (x86 en-GB)
"MP Navigator EX 2.0" = Canon MP Navigator EX 2.0
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Origin" = Origin
"PDF Complete" = PDF Complete Special Edition
"PunkBusterSvc" = PunkBuster Services
"uTorrent" = µTorrent
"Veoh Web Player Beta" = Veoh Web Player
"Veoh_Web_Player Toolbar" = Veoh Web Player Toolbar
"VIP Access SDK" = VIP Access SDK (1.0.1.4)
"Virtual City Free Trial_is1" = Virtual City Free Trial
"VLC media player" = VLC media player 1.1.11
"Warcraft III Reign of Chaos & The Frozen Throne" = Warcraft III Reign of Chaos & The Frozen Throne
"WildTangent hp Master Uninstall" = HP Games
"WinLiveSuite" = Windows Live Essentials
"WTA-13aa4f49-ef08-4c56-bb64-f79990eb135a" = Bejeweled 3
"WTA-25ac0269-5271-47d4-8566-42709221d2c9" = Namco All-Stars: PAC-MAN
"WTA-3bca92ad-fc6a-4b9d-86b4-da20c19fd4b7" = Mah Jong Medley
"WTA-3bd3a2f7-9b69-487d-a3e3-f2758cbbd3c2" = Chuzzle Deluxe
"WTA-3d204ef0-1d34-412d-962f-8393bd0ade79" = FATE
"WTA-3df9da29-ee61-4e41-b883-73f7e0ccc6d5" = Cradle of Rome 2
"WTA-3e05bc49-df07-469e-9ec1-808c243ea1d8" = Jewel Quest: The Sleepless Star - Collector's Edition
"WTA-42177f20-069b-4604-8eaa-473c9fbfd0ea" = Slingo Supreme
"WTA-471967a3-c796-4ec1-8217-a1c692508bde" = Blackhawk Striker 2
"WTA-62fd1cff-f352-434a-a14d-d373b4a5eb63" = Chronicles of Albian
"WTA-69e4ba8f-53f7-407f-a93c-da6a73eb873e" = Plants vs. Zombies - Game of the Year
"WTA-7aea40b0-ab11-4dfa-be78-202fcbc9e06b" = Farm Frenzy
"WTA-7fa11778-ca5b-46d7-a0ec-60bfe12b056d" = Vacation Quest - The Hawaiian Islands
"WTA-85fb4e3f-2326-43c3-83e8-83e6169467f0" = Polar Golfer
"WTA-8917c6c8-b368-4d55-a01d-e47b36db9781" = Virtual Villagers 5 - New Believers
"WTA-8cc00ae4-98fe-47f6-a80e-9d0e3751b360" = Governor of Poker 2 Premium Edition
"WTA-a09228af-b900-40c7-9250-3495415caabb" = Zuma Deluxe
"WTA-a1faac33-d11e-4131-b797-104587b99ef6" = Agatha Christie - Peril at End House
"WTA-af41a701-5bf3-414b-a5aa-648f2bd23dd3" = Final Drive: Nitro
"WTA-b437161b-465b-4688-91f0-0e2af7fd4f2e" = Cake Mania
"WTA-c139468e-4e68-4a2f-a03a-9313f8231cbc" = Bounce Symphony
"WTA-c93000c1-964f-41c0-b6e0-2ae6db203acc" = Penguins!
"WTA-d98149b6-2884-4d94-ae3b-6bd4950ccc38" = Mystery of Mortlake Mansion
"WTA-e6126329-6cd4-455f-b631-1b9216dc7b8b" = Blasterball 3
"WTA-e8d8223b-2b7f-4bf8-ac68-88b69187927a" = Polar Bowler
"WTA-f826a7cb-068a-4a35-82b0-e77006cd5c0f" = Poker Superstars III
"Xvid Video Codec 1.3.2" = Xvid Video Codec
"ZinioReader4" = Zinio Reader 4

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 10/17/2011 12:58:31 AM | Computer Name = nyayapati-HP | Source = .NET Runtime | ID = 1026
Description =

Error - 10/17/2011 12:58:32 AM | Computer Name = nyayapati-HP | Source = Application Error | ID = 1000
Description = Faulting application name: Terraria.exe, version: 1.0.4.0, time stamp:
0x4e405fba Faulting module name: KERNELBASE.dll, version: 6.1.7601.17651, time stamp:
0x4e211319 Exception code: 0xe0434352 Fault offset: 0x0000b9bc Faulting process id:
0x12e8 Faulting application start time: 0x01cc8c8969e22aef Faulting application path:
C:\Users\nyayapati\Downloads\Terraria 1.0.6\Terraria 1.0.6\Terraria.exe Faulting
module path: C:\Windows\syswow64\KERNELBASE.dll Report Id: a938a75f-f87c-11e0-8f9d-3860771e56c5

Error - 10/17/2011 12:58:54 AM | Computer Name = nyayapati-HP | Source = .NET Runtime | ID = 1026
Description =

Error - 10/17/2011 12:58:54 AM | Computer Name = nyayapati-HP | Source = Application Error | ID = 1000
Description = Faulting application name: Terraria.exe, version: 1.0.4.0, time stamp:
0x4e405fba Faulting module name: KERNELBASE.dll, version: 6.1.7601.17651, time stamp:
0x4e211319 Exception code: 0xe0434352 Fault offset: 0x0000b9bc Faulting process id:
0x1620 Faulting application start time: 0x01cc8c897829bf8d Faulting application path:
C:\Users\nyayapati\Downloads\Terraria 1.0.6\Terraria 1.0.6\Terraria.exe Faulting
module path: C:\Windows\syswow64\KERNELBASE.dll Report Id: b602e8fd-f87c-11e0-8f9d-3860771e56c5

Error - 10/17/2011 1:01:11 AM | Computer Name = nyayapati-HP | Source = .NET Runtime | ID = 1026
Description =

Error - 10/17/2011 1:01:11 AM | Computer Name = nyayapati-HP | Source = Application Error | ID = 1000
Description = Faulting application name: Terraria.exe, version: 1.0.0.0, time stamp:
0x4dd0bfaa Faulting module name: KERNELBASE.dll, version: 6.1.7601.17651, time stamp:
0x4e211319 Exception code: 0xe0434352 Fault offset: 0x0000b9bc Faulting process id:
0x1570 Faulting application start time: 0x01cc8c89ca1e1657 Faulting application path:
C:\Users\nyayapati\Downloads\terrariaretail\Terraria.exe Faulting module path: C:\Windows\syswow64\KERNELBASE.dll
Report
Id: 07ec5271-f87d-11e0-8f9d-3860771e56c5

Error - 10/17/2011 5:50:46 AM | Computer Name = nyayapati-HP | Source = Windows Search Service | ID = 3083
Description =

Error - 10/17/2011 6:11:08 AM | Computer Name = nyayapati-HP | Source = Windows Search Service | ID = 3083
Description =

Error - 10/18/2011 5:49:27 AM | Computer Name = nyayapati-HP | Source = Application Error | ID = 1000
Description = Faulting application name: iexplore.exe, version: 9.0.8112.16421,
time stamp: 0x4d76255d Faulting module name: unknown, version: 0.0.0.0, time stamp:
0x00000000 Exception code: 0xc0000005 Fault offset: 0x00750068 Faulting process id:
0x109c Faulting application start time: 0x01cc8d7b374972a4 Faulting application path:
C:\Program Files (x86)\Internet Explorer\iexplore.exe Faulting module path: unknown
Report
Id: 7798603d-f96e-11e0-8e26-3860771e56c5

Error - 10/21/2011 4:03:28 AM | Computer Name = nyayapati-HP | Source = Application Error | ID = 1000
Description = Faulting application name: iexplore.exe, version: 9.0.8112.16421,
time stamp: 0x4d76255d Faulting module name: SeaNote.dll_unloaded, version: 0.0.0.0,
time stamp: 0x4d55f072 Exception code: 0xc0000005 Fault offset: 0x70a20fd0 Faulting
process id: 0x1bac Faulting application start time: 0x01cc8fc7e740faf6 Faulting application
path: C:\Program Files (x86)\Internet Explorer\iexplore.exe Faulting module path:
SeaNote.dll Report Id: 2895ad98-fbbb-11e0-900a-3860771e56c5

[ Hewlett-Packard Events ]
Error - 10/16/2011 10:25:44 PM | Computer Name = nyayapati-HP | Source = hpsa_service.exe | ID = 2000
Description = HP Error ID: -2146233088 at HP.ActiveCheckLocalMode.SessionManager.ActiveCheckManager.UpdateDetail(String
category) at HP.ActiveCheckLocalMode.SessionManager.ActiveCheckManager.UpdateAndDetectCore()

at HP.SupportAssistant.Service.ACLM.ActiveCheck.LaunchActiveCheck(Boolean singleScan,
Boolean localScan) Message: Failed to perform update. StackTrace: at HP.ActiveCheckLocalMode.SessionManager.ActiveCheckManager.UpdateDetail(String
category) at HP.ActiveCheckLocalMode.SessionManager.ActiveCheckManager.UpdateAndDetectCore()

at HP.SupportAssistant.Service.ACLM.ActiveCheck.LaunchActiveCheck(Boolean singleScan,
Boolean localScan) Source: HP.ActiveCheckLocalMode.SessionManager InnerException.Message:
Object '/b90c932d_56db_4419_82ad_0e07c3b70db8/g_spbizffxcspdxt9itvjsy4_5.rem' has
been disconnected or does not exist at the server. Name: hpsa_service.exe Version:
06.00.01.01 Path: C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
Format:
en-US RAM: 8174 Ram Utilization: 20 TargetSite: Void UpdateDetail(System.String)

[ System Events ]
Error - 10/30/2011 4:12:58 AM | Computer Name = nyayapati-HP | Source = Service Control Manager | ID = 7000
Description = The Windows Firewall Authorization Driver service failed to start
due to the following error: %%183

Error - 10/30/2011 4:12:58 AM | Computer Name = nyayapati-HP | Source = Service Control Manager | ID = 7001
Description = The Windows Firewall service depends on the Windows Firewall Authorization
Driver service which failed to start because of the following error: %%183

Error - 10/30/2011 4:30:14 AM | Computer Name = nyayapati-HP | Source = Service Control Manager | ID = 7000
Description = The Windows Firewall Authorization Driver service failed to start
due to the following error: %%183

Error - 10/30/2011 4:30:14 AM | Computer Name = nyayapati-HP | Source = Service Control Manager | ID = 7001
Description = The Windows Firewall service depends on the Windows Firewall Authorization
Driver service which failed to start because of the following error: %%183

Error - 10/30/2011 4:31:05 AM | Computer Name = nyayapati-HP | Source = Service Control Manager | ID = 7000
Description = The Windows Firewall Authorization Driver service failed to start
due to the following error: %%183

Error - 10/30/2011 4:31:05 AM | Computer Name = nyayapati-HP | Source = Service Control Manager | ID = 7001
Description = The Windows Firewall service depends on the Windows Firewall Authorization
Driver service which failed to start because of the following error: %%183

Error - 10/30/2011 4:35:57 AM | Computer Name = nyayapati-HP | Source = Service Control Manager | ID = 7000
Description = The Windows Firewall Authorization Driver service failed to start
due to the following error: %%183

Error - 10/30/2011 4:35:57 AM | Computer Name = nyayapati-HP | Source = Service Control Manager | ID = 7001
Description = The Windows Firewall service depends on the Windows Firewall Authorization
Driver service which failed to start because of the following error: %%183

Error - 10/30/2011 4:38:04 AM | Computer Name = nyayapati-HP | Source = Service Control Manager | ID = 7000
Description = The Windows Firewall Authorization Driver service failed to start
due to the following error: %%183

Error - 10/30/2011 4:38:04 AM | Computer Name = nyayapati-HP | Source = Service Control Manager | ID = 7001
Description = The Windows Firewall service depends on the Windows Firewall Authorization
Driver service which failed to start because of the following error: %%183


< End of report >
  • 0

#12
Emoq XD
Posted 30 October 2011 - 01:58 PM

Emoq XD

    Member

  • Topic Starter
  • Member
  • PipPip
  • 12 posts
Well almost been an hour since I last posted I'm going to bed(almost 4AM here XD)and can you tell me what this virus does to my computer? and a good anti-virus software so that it won't come back?(using trend micro titanium internet security)
  • 0

#13
Essexboy
Posted 30 October 2011 - 03:03 PM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
The aim of this malware was initially to cause redirects and then hopefully download further malware - rogue antivirus programmes etc...


What are the current problems that you are experiencing ?

This type of malware manages to get by most Anti-virus programmes as it changes on an almost daily basis . Lets check for orphans next

Please download Malwarebytes' Anti-Malware

Double Click mbam-setup.exe to install the application.
  • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Quick Scan", then click Scan.
  • The scan may take some time to finish, so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the entire report in your next reply.
Extra Note:
If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer, please do so immediately.
  • 0

#14
Emoq XD
Posted 30 October 2011 - 08:38 PM

Emoq XD

    Member

  • Topic Starter
  • Member
  • PipPip
  • 12 posts
So, is the redirecting virus gone? After the scans you made me do my windows firewall turned back on was a malware affecting it? I'm running the malwarebytes scan until my anti-virus deleted its .exe lol well reinstalling and turning off my anti-virus.
  • 0

#15
Emoq XD
Posted 30 October 2011 - 08:42 PM

Emoq XD

    Member

  • Topic Starter
  • Member
  • PipPip
  • 12 posts

The scan may take some time to finish, so please be patient.


Took seconds actually.


Here's log


Malwarebytes' Anti-Malware 1.51.2.1300
www.malwarebytes.org

Database version: 8049

Windows 6.1.7601 Service Pack 1
Internet Explorer 9.0.8112.16421

31/10/2011 10:39:27 AM
mbam-log-2011-10-31 (10-39-27).txt

Scan type: Quick scan
Objects scanned: 189881
Time elapsed: 25 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP