Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

desperately help needed for yet another ALUREON.H virus


  • Please log in to reply

#16
Ali Butt

Ali Butt

    Member

  • Topic Starter
  • Member
  • PipPip
  • 24 posts
OTL logfile created on: 12/26/2011 2:00:19 AM - Run 2
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Documents and Settings\ALI BUTT\Desktop
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

510.98 Mb Total Physical Memory | 58.24 Mb Available Physical Memory | 11.40% Memory free
979.98 Mb Paging File | 308.34 Mb Available in Paging File | 31.46% Paging File free
Paging file location(s): C:\pagefile.sys 500 700 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 19.53 Gb Total Space | 10.68 Gb Free Space | 54.68% Space Free | Partition Type: NTFS
Drive D: | 9.76 Gb Total Space | 3.28 Gb Free Space | 33.59% Space Free | Partition Type: FAT32
Drive E: | 7.94 Gb Total Space | 1.52 Gb Free Space | 19.15% Space Free | Partition Type: FAT32

Computer Name: HOME-1157E821BE | User Name: ALI BUTT | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/12/26 00:18:43 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\ALI BUTT\Desktop\OTL.exe
PRC - [2011/12/23 11:35:48 | 025,001,480 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\ALI BUTT\My Documents\Downloads\Programs\NetFx20SP2_x86.exe
PRC - [2011/12/21 12:24:52 | 000,924,632 | ---- | M] (Mozilla Corporation) -- E:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2011/12/19 15:37:13 | 000,869,216 | ---- | M] () -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\9.0.1\ToolbarUpdater.exe
PRC - [2011/12/19 15:37:06 | 000,892,768 | ---- | M] () -- C:\Program Files\AVG Secure Search\vprot.exe
PRC - [2011/12/03 01:22:12 | 004,200,288 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgui.exe
PRC - [2011/12/03 01:22:12 | 002,415,456 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgtray.exe
PRC - [2011/11/28 01:19:04 | 001,229,664 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgnsx.exe
PRC - [2011/10/25 11:48:40 | 003,437,976 | ---- | M] (Tonec Inc.) -- E:\idm\Internet Download Manager\IDMan.exe
PRC - [2011/10/12 06:25:22 | 004,433,248 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe
PRC - [2011/10/10 06:23:34 | 000,973,664 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgemcx.exe
PRC - [2011/09/08 20:53:26 | 000,743,264 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgrsx.exe
PRC - [2011/08/31 17:00:48 | 000,366,152 | ---- | M] (Malwarebytes Corporation) -- d:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2011/08/15 06:21:40 | 000,337,760 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgcsrvx.exe
PRC - [2011/08/02 06:09:08 | 000,192,776 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgwdsvc.exe
PRC - [2011/05/29 23:23:40 | 000,623,520 | ---- | M] (Zbshareware Lab) -- E:\Program Files\USB Disk Security\USBGuard.exe
PRC - [2011/04/12 02:44:44 | 000,112,800 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\IPROSetMonitor.exe
PRC - [2010/09/28 17:49:22 | 000,143,360 | ---- | M] (Vimisoft Studio) -- E:\Program Files\IM Magician\vicamon.exe
PRC - [2010/09/28 17:46:38 | 000,233,472 | ---- | M] (Vimisoft Studio) -- E:\Program Files\IM Magician\vmonproc.exe
PRC - [2010/07/27 00:01:58 | 003,474,848 | ---- | M] (Webshots.com) -- C:\Program Files\Webshots\3.1.5.7619\Webshots.scr
PRC - [2010/05/25 19:28:58 | 000,263,600 | ---- | M] (Tonec Inc.) -- E:\idm\Internet Download Manager\IEMonitor.exe
PRC - [2008/07/29 18:47:34 | 000,269,304 | ---- | M] (Microsoft Corporation) -- c:\3740e3e3ddab50c890967448ec34a462\Setup.EXE
PRC - [2008/01/05 00:00:00 | 000,847,688 | ---- | M] (WinAbility® Software Corporation) -- E:\Program Files\folder guard\Folder Guard\FGuard.exe
PRC - [2008/01/05 00:00:00 | 000,118,600 | ---- | M] (WinAbility® Software Corporation) -- E:\Program Files\folder guard\Folder Guard\FGKey.exe
PRC - [2007/05/17 16:02:32 | 000,481,280 | ---- | M] (SRS Labs, Inc.) -- E:\Program Files\SRS Labs\Audio Sandbox\SRSSSC.exe
PRC - [2004/08/04 05:56:58 | 000,196,608 | ---- | M] () -- \\?\C:\WINDOWS\System32\WBEM\WMIADAP.EXE
PRC - [2004/08/04 05:56:50 | 001,032,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe


========== Modules (No Company Name) ==========

MOD - [2011/12/25 15:32:22 | 008,527,008 | ---- | M] () -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
MOD - [2011/12/21 12:24:52 | 002,124,760 | ---- | M] () -- E:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2011/12/19 15:37:13 | 000,869,216 | ---- | M] () -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\9.0.1\ToolbarUpdater.exe
MOD - [2011/12/19 15:37:06 | 000,892,768 | ---- | M] () -- C:\Program Files\AVG Secure Search\vprot.exe
MOD - [2008/05/16 14:01:00 | 000,466,944 | ---- | M] () -- C:\WINDOWS\system32\nvshell.dll
MOD - [2004/08/04 05:56:58 | 000,196,608 | ---- | M] () -- \\?\C:\WINDOWS\System32\WBEM\WMIADAP.EXE
MOD - [2004/08/04 05:56:48 | 000,214,528 | ---- | M] () -- \\?\C:\WINDOWS\System32\WBEM\wbemcomn.dll
MOD - [2004/08/04 05:56:44 | 000,059,904 | ---- | M] () -- C:\WINDOWS\system32\devenum.dll
MOD - [2004/08/04 05:56:44 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- -- (SwOffWeb)
SRV - File not found [Auto | Stopped] -- -- (SwOffScheduler)
SRV - File not found [Auto | Stopped] -- -- (MySQL)
SRV - File not found [Disabled | Stopped] -- -- (HidServ)
SRV - [2011/12/19 15:37:13 | 000,869,216 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\9.0.1\ToolbarUpdater.exe -- (vToolbarUpdater)
SRV - [2011/10/30 00:55:32 | 000,072,704 | ---- | M] (SRS Labs) [On_Demand | Stopped] -- C:\Program Files\Common Files\SRS Labs Shared\Service\srslabslicenseservice.exe -- (SRS Labs License Service)
SRV - [2011/10/12 06:25:22 | 004,433,248 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe -- (AVGIDSAgent)
SRV - [2011/08/31 17:00:48 | 000,366,152 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- d:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2011/08/02 06:09:08 | 000,192,776 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2012\avgwdsvc.exe -- (avgwd)
SRV - [2011/04/12 02:44:44 | 000,112,800 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\WINDOWS\system32\IPROSetMonitor.exe -- (Intel® PROSet Monitoring Service) Intel®
SRV - [2010/06/29 08:04:18 | 000,020,480 | ---- | M] (AG Interactive) [Auto | Stopped] -- C:\Program Files\AGI\core\4.2.0.10754\AGCoreService.exe -- (AGCoreService)


========== Driver Services (SafeList) ==========

DRV - [2011/10/07 06:23:48 | 000,230,608 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgldx86.sys -- (Avgldx86)
DRV - [2011/10/04 06:21:42 | 000,016,720 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AVGIDSShim.sys -- (AVGIDSShim)
DRV - [2011/09/21 08:09:28 | 000,271,360 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\atksgt.sys -- (atksgt)
DRV - [2011/09/21 08:09:24 | 000,018,048 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\lirsgt.sys -- (lirsgt)
DRV - [2011/09/13 06:30:10 | 000,032,592 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\avgrkx86.sys -- (Avgrkx86)
DRV - [2011/08/31 17:00:50 | 000,022,216 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2011/08/08 06:08:58 | 000,040,016 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\avgmfx86.sys -- (Avgmfx86)
DRV - [2011/07/11 01:14:38 | 000,295,248 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgtdix.sys -- (Avgtdix)
DRV - [2011/07/11 01:14:28 | 000,024,272 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AVGIDSFilter.sys -- (AVGIDSFilter)
DRV - [2011/07/11 01:14:28 | 000,023,120 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\AVGIDSEH.Sys -- (AVGIDSEH)
DRV - [2011/07/11 01:14:26 | 000,134,608 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AVGIDSDriver.sys -- (AVGIDSDriver)
DRV - [2011/07/06 20:14:42 | 000,101,616 | ---- | M] (Tonec Inc.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\idmtdi.sys -- (IDMTDI)
DRV - [2011/06/02 14:12:42 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2010/12/08 06:34:30 | 000,030,368 | ---- | M] (Intel Corporation ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\iqvw32.sys -- (NAL)
DRV - [2008/01/05 00:00:00 | 000,054,008 | ---- | M] (WinAbility® Software Corporation) [Kernel | Auto | Running] -- E:\Program Files\folder guard\Folder Guard\FGUARD32.SYS -- (FGUARD32)
DRV - [2006/10/09 10:18:10 | 000,034,048 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SRS_SSCFilter.sys -- (SRS_SSCFilter) SRS Labs Audio Sandbox (WDM)
DRV - [2001/08/17 17:11:06 | 000,066,591 | ---- | M] (3Com Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\el90xbc5.sys -- (EL90XBC)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = CC 27 0B AC 87 C2 CC 01 [binary data]
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "www.google.com"

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.450: D:\installd\real\Real Alternative\browser\plugins\nppl3260.dll File not found
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.448: D:\installd\real\Real Alternative\browser\plugins\nprpjplug.dll File not found
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=1.1.11: e:\Program Files\VideoLAN\VLC\npvlc.dll (the VideoLAN Team)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\ALI BUTT\Local Settings\Application Data\Google\Update\1.3.21.65\npGoogleUpdate3.dll File not found
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\ALI BUTT\Local Settings\Application Data\Google\Update\1.3.21.65\npGoogleUpdate3.dll File not found
FF - HKCU\Software\MozillaPlugins\@yahoo.com/BrowserPlus,version=2.9.8: C:\Documents and Settings\ALI BUTT\Local Settings\Application Data\Yahoo!\BrowserPlus\2.9.8\Plugins\npybrowserplus_2.9.8.dll (Yahoo! Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\[email protected]: C:\Program Files\SearchPredict\PRFireFox
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{0329E7D6-6F54-462D-93F6-F5C3118BADF2}: C:\Program Files\SpeedBit Video Downloader\SPFireFox
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files\AVG\AVG2012\Firefox4\ [2011/12/23 11:41:42 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Components: e:\Program Files\Mozilla Firefox\components [2011/12/25 15:25:38 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Plugins: e:\Program Files\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Documents and Settings\ALI BUTT\Application Data\IDM\idmmzcc5 [2011/10/30 15:56:06 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\SeaMonkey\Extensions\\[email protected]: C:\Documents and Settings\ALI BUTT\Application Data\IDM\idmmzcc5 [2011/10/30 15:56:06 | 000,000,000 | ---D | M]

[2011/12/25 15:25:52 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\ALI BUTT\Application Data\Mozilla\Extensions
[2011/12/25 22:24:46 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF

O1 HOSTS File: ([2011/12/25 23:43:11 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (IDM integration (IDMIEHlprObj Class)) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - E:\idm\Internet Download Manager\IDMIECC.dll (Internet Download Manager, Tonec Inc.)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG2012\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\9.0.0.22\AVG Secure Search_toolbar.dll ()
O2 - BHO: (no name) - {c8d5d964-2be8-4c5b-8cf5-6e975aa88504} - No CLSID value found.
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\9.0.0.22\AVG Secure Search_toolbar.dll ()
O3 - HKLM\..\Toolbar: (no name) - {97ab88ef-346b-4179-a0b1-7445896547a5} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {0329E7D6-6F54-462D-93F6-F5C3118BADF2} - No CLSID value found.
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [FG_Monitor] E:\Program Files\folder guard\Folder Guard\FGKey.exe (WinAbility® Software Corporation)
O4 - HKLM..\Run: [IMMON] e:\Program Files\IM Magician\Vicamon.exe (Vimisoft Studio)
O4 - HKLM..\Run: [IMMONSUPPORT] e:\Program Files\IM Magician\vmonproc.exe (Vimisoft Studio)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] d:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [USB Security] e:\Program Files\USB Disk Security\USBGuard.exe (Zbshareware Lab)
O4 - HKLM..\Run: [vProt] C:\Program Files\AVG Secure Search\vprot.exe ()
O4 - HKCU..\Run: [IDMan] E:\idm\Internet Download Manager\IDMan.exe (Tonec Inc.)
O4 - HKCU..\Run: [Messenger (Yahoo!)] d:\Program Files\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
O4 - HKCU..\Run: [SRS Audio Sandbox] E:\Program Files\SRS Labs\Audio Sandbox\SRSSSC.exe (SRS Labs, Inc.)
O4 - Startup: C:\Documents and Settings\ALI BUTT\Start Menu\Programs\Startup\Webshots.lnk = C:\Program Files\Webshots\3.1.5.7619\Launcher.exe (Webshots.com)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Download all links with IDM - E:\idm\Internet Download Manager\IEGetAll.htm ()
O8 - Extra context menu item: Download with IDM - E:\idm\Internet Download Manager\IEExt.htm ()
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_30)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E6143302-4981-49E1-9A13-51FB471FCDFE}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\9.0.1\ViProtocol.dll ()
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\ALI BUTT\Application Data\Webshots\The Webshots Desktop\Webshots Wallpaper.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011/05/30 09:19:11 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG2012\avgrsx.exe /sync /restart)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: HidServ - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

Drivers32: msacm.ac3acm - ac3acm.acm File not found
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.lameacm - lameACM.acm File not found
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FFDS - ff_vfw.dll File not found
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: VIDC.LAGS - lagarith.dll File not found
Drivers32: VIDC.VP70 - vp7vfw.dll File not found
Drivers32: VIDC.XVID - xvidvfw.dll File not found
Drivers32: VIDC.YV12 - xvidvfw.dll File not found

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2011/12/26 02:04:17 | 000,000,000 | ---D | C] -- C:\9972aac500c860040f4a
[2011/12/26 01:52:20 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\URTTEMP
[2011/12/26 01:37:05 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\ALI BUTT\Recent
[2011/12/26 01:16:51 | 000,000,000 | --SD | C] -- C:\ComboFix
[2011/12/26 00:29:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/12/26 00:29:32 | 000,022,216 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2011/12/26 00:28:43 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2011/12/26 00:18:35 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\ALI BUTT\Desktop\OTL.exe
[2011/12/26 00:15:49 | 009,852,544 | ---- | C] (Malwarebytes Corporation ) -- C:\Documents and Settings\ALI BUTT\Desktop\mbam-setup-1.51.2.1300.exe
[2011/12/25 23:56:18 | 001,918,464 | ---- | C] (AVAST Software) -- C:\Documents and Settings\ALI BUTT\Desktop\aswMBR.exe
[2011/12/25 23:52:44 | 001,578,288 | ---- | C] (Kaspersky Lab ZAO) -- C:\Documents and Settings\ALI BUTT\Desktop\TDSSKiller.exe
[2011/12/25 23:29:02 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2011/12/25 23:26:11 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2011/12/25 23:26:11 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2011/12/25 23:26:11 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2011/12/25 23:26:11 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2011/12/25 23:25:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2011/12/25 23:25:41 | 000,000,000 | ---D | C] -- C:\Qoobox
[2011/12/25 23:22:01 | 004,351,768 | R--- | C] (Swearware) -- C:\Documents and Settings\ALI BUTT\Desktop\ComboFix.exe
[2011/12/25 22:35:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\ALI BUTT\Start Menu\Programs\Essentials Codec Pack
[2011/12/25 22:31:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\ALI BUTT\Application Data\Nullsoft
[2011/12/25 22:25:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Sun
[2011/12/25 22:25:42 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2011/12/25 22:25:10 | 000,073,728 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl
[2011/12/25 22:25:09 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2011/12/25 22:25:08 | 000,149,280 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2011/12/25 22:25:08 | 000,149,280 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2011/12/25 22:24:23 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2011/12/25 21:15:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\PlayFirst
[2011/12/25 20:44:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\GoBit Games
[2011/12/25 20:44:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\MFAData
[2011/12/25 20:41:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Zbshareware Lab
[2011/12/25 17:05:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\ALI BUTT\Application Data\Sun
[2011/12/25 15:52:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\ALI BUTT\Application Data\Malwarebytes
[2011/12/25 15:51:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2011/12/25 15:39:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Adobe
[2011/12/25 15:38:42 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe
[2011/12/25 15:38:30 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe AIR
[2011/12/25 15:38:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\ALI BUTT\Local Settings\Application Data\Adobe
[2011/12/25 15:34:17 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Adobe
[2011/12/25 15:32:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\ALI BUTT\Application Data\Adobe
[2011/12/25 15:32:22 | 000,414,368 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2011/12/25 15:25:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\ALI BUTT\Application Data\Mozilla
[2011/12/25 14:09:16 | 000,000,000 | ---D | C] -- C:\WINDOWS\RegAce
[2011/12/22 23:32:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\ALI BUTT\Application Data\Yahoo!
[2011/12/22 23:31:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Yahoo! Messenger
[2011/12/22 23:31:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Yahoo!
[2011/12/21 21:38:19 | 000,000,000 | ---D | C] -- C:\WINDOWS\Minidump
[2011/12/21 20:31:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\A4Tech IM Magician
[2011/12/21 20:30:27 | 000,450,560 | ---- | C] (FotoFan) -- C:\WINDOWS\System32\newlistview2.dll
[2011/12/21 20:30:27 | 000,077,824 | ---- | C] (FotoFan Studio) -- C:\WINDOWS\System32\vgf.dll
[2011/12/21 20:30:26 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Vimisoft Studio
[2011/12/21 19:52:09 | 000,109,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\VidCap32.exe
[2011/12/21 19:51:21 | 000,102,400 | ---- | C] (Meta Media Inc) -- C:\WINDOWS\MMVEM.EXE
[2011/12/21 19:51:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\ALI BUTT\Start Menu\Programs\VP-EYE
[2011/12/21 19:48:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\ALI BUTT\Application Data\Vimisoft Studio
[2011/12/21 19:48:16 | 000,309,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmv8dmod.dll
[2011/12/21 19:48:16 | 000,245,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mp4sds32.ax
[2011/12/21 19:47:38 | 000,000,000 | ---D | C] -- C:\WINDOWS\RegisteredPackages
[2011/12/21 19:47:27 | 000,000,000 | ---D | C] -- C:\Program Files\Vimicro Corporation
[2011/12/21 19:41:12 | 000,005,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstee.sys
[2011/12/21 19:41:07 | 000,010,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ndisip.sys
[2011/12/21 19:41:04 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ipsink.ax
[2011/12/21 19:41:04 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ipsink.ax
[2011/12/21 19:41:04 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\streamip.sys
[2011/12/21 19:41:00 | 000,011,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\slip.sys
[2011/12/21 19:40:56 | 000,019,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wstcodec.sys
[2011/12/21 19:40:51 | 000,085,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nabtsfec.sys
[2011/12/21 19:40:48 | 000,017,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ccdecode.sys
[2011/12/21 19:40:34 | 000,059,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbaudio.sys
[2011/12/21 19:40:19 | 000,090,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kswdmcap.ax
[2011/12/21 19:40:19 | 000,090,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kswdmcap.ax
[2011/12/21 19:40:19 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\vidcap.ax
[2011/12/21 19:40:19 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\vidcap.ax
[2011/12/21 19:40:18 | 000,078,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbvideo.sys
[2011/12/21 19:40:18 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kstvtune.ax
[2011/12/21 19:40:18 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kstvtune.ax
[2011/12/21 19:40:18 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\vfwwdm32.dll
[2011/12/21 19:40:18 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\vfwwdm32.dll
[2011/12/21 19:40:17 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ksxbar.ax
[2011/12/21 19:40:17 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ksxbar.ax
[2011/12/21 19:40:17 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dshowext.ax
[2011/12/21 19:40:17 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dshowext.ax
[2011/12/21 19:40:10 | 000,031,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbccgp.sys
[2011/12/19 17:38:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\ALI BUTT\Start Menu\Programs\XIII - Lost Identity
[2011/12/19 15:37:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AVG Secure Search
[2011/12/14 22:13:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\ALI BUTT\Local Settings\Application Data\Help
[2011/12/14 22:13:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\ALI BUTT\Application Data\Help
[2011/12/13 00:23:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\Drivers
[2011/12/12 23:44:30 | 000,000,000 | ---D | C] -- C:\WINDOWS\CSC
[2011/12/12 23:23:00 | 000,021,992 | ---- | C] (CPUID) -- C:\WINDOWS\System32\drivers\cpuz135_x32.sys
[2011/12/12 23:23:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\CPUID
[2011/12/12 23:01:04 | 000,012,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mouhid.sys
[2011/12/12 23:00:59 | 000,009,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hidusb.sys
[2011/12/04 22:29:20 | 000,000,000 | ---D | C] -- C:\$AVG
[2011/12/04 17:17:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\ALI BUTT\My Documents\Telltale Games
[2011/12/04 17:13:34 | 000,000,000 | ---D | C] -- C:\WINDOWS\Puzzle Agent 2
[2011/11/29 01:43:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\ALI BUTT\My Documents\New(2)
[2011/11/29 01:14:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\ALI BUTT\Application Data\AVG
[2011/11/29 00:46:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\ALI BUTT\Application Data\AVG2012
[2011/11/29 00:44:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\AVG 2012
[2011/11/29 00:43:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\ALI BUTT\Application Data\AVG Secure Search
[2011/11/29 00:43:42 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\AVG Secure Search
[2011/11/29 00:43:41 | 000,000,000 | ---D | C] -- C:\Program Files\AVG Secure Search
[2011/11/29 00:42:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AVG2012
[2011/11/29 00:42:18 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\AVG
[2011/11/29 00:40:47 | 000,000,000 | ---D | C] -- C:\Program Files\AVG
[2011/11/26 13:52:04 | 000,000,000 | R--D | C] -- C:\Documents and Settings\ALI BUTT\My Documents\My Videos
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/12/26 02:25:36 | 000,517,338 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011/12/26 02:25:36 | 000,093,844 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011/12/26 01:42:41 | 000,181,020 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2011/12/26 01:40:27 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/12/26 00:46:19 | 085,150,936 | ---- | M] () -- C:\WINDOWS\System32\drivers\AVG\incavi.avm
[2011/12/26 00:29:38 | 000,000,554 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/12/26 00:18:43 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\ALI BUTT\Desktop\OTL.exe
[2011/12/26 00:17:32 | 009,852,544 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\ALI BUTT\Desktop\mbam-setup-1.51.2.1300.exe
[2011/12/26 00:13:06 | 000,000,512 | ---- | M] () -- C:\MBR.dat
[2011/12/25 23:56:41 | 001,918,464 | ---- | M] (AVAST Software) -- C:\Documents and Settings\ALI BUTT\Desktop\aswMBR.exe
[2011/12/25 23:43:11 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2011/12/25 23:29:09 | 000,000,327 | RHS- | M] () -- C:\boot.ini
[2011/12/25 23:22:44 | 004,351,768 | R--- | M] (Swearware) -- C:\Documents and Settings\ALI BUTT\Desktop\ComboFix.exe
[2011/12/25 22:36:29 | 000,000,354 | ---- | M] () -- C:\WINDOWS\tasks\Windows Codec Update Service.job
[2011/12/25 22:36:06 | 000,000,597 | ---- | M] () -- C:\Documents and Settings\ALI BUTT\Desktop\Media Player Classic.lnk
[2011/12/25 22:24:45 | 000,157,472 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2011/12/25 22:24:45 | 000,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2011/12/25 22:24:45 | 000,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2011/12/25 22:24:45 | 000,073,728 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl
[2011/12/25 22:24:44 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deployJava1.dll
[2011/12/25 15:32:22 | 000,414,368 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2011/12/25 15:25:44 | 000,000,510 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2011/12/25 15:25:44 | 000,000,510 | ---- | M] () -- C:\Documents and Settings\ALI BUTT\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2011/12/25 14:41:42 | 000,085,402 | ---- | M] () -- C:\Documents and Settings\ALI BUTT\My Documents\bookmarks-2011-12-25.json
[2011/12/25 04:16:06 | 000,013,985 | ---- | M] () -- C:\Documents and Settings\ALI BUTT\My Documents\The_Darjeeling_Limited_(2007)_720p_BRRip_suN_sujaidr.6817706.TPB.torrent
[2011/12/25 04:12:39 | 000,014,005 | ---- | M] () -- C:\Documents and Settings\ALI BUTT\My Documents\The_Inbetweeners_movie_2011_Extended_Cut_720p_BRrip_scOrp_sujaid.6884992.TPB.torrent
[2011/12/25 04:11:08 | 000,014,492 | ---- | M] () -- C:\Documents and Settings\ALI BUTT\My Documents\O_Brother_Where_Art_Thou_2000_720p_BRrip_scOrp_sujaidr.6893079.TPB.torrent
[2011/12/25 04:05:20 | 000,016,555 | ---- | M] () -- C:\Documents and Settings\ALI BUTT\My Documents\A_Separation_(2011)_720p_BRrip_sujaidr.6904198.TPB.torrent
[2011/12/25 02:54:18 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/12/23 19:52:26 | 001,578,288 | ---- | M] (Kaspersky Lab ZAO) -- C:\Documents and Settings\ALI BUTT\Desktop\TDSSKiller.exe
[2011/12/23 11:41:42 | 000,000,702 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\AVG 2012.lnk
[2011/12/23 00:10:56 | 000,173,568 | ---- | M] () -- C:\Documents and Settings\ALI BUTT\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/12/22 23:31:17 | 000,000,572 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Yahoo! Messenger.lnk
[2011/12/22 23:31:17 | 000,000,572 | ---- | M] () -- C:\Documents and Settings\ALI BUTT\Application Data\Microsoft\Internet Explorer\Quick Launch\Yahoo! Messenger.lnk
[2011/12/21 20:31:33 | 000,000,490 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\IM Magician.lnk
[2011/12/21 19:51:03 | 000,000,649 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\VP-EYE 6.0.lnk
[2011/12/20 00:38:41 | 000,014,220 | ---- | M] () -- C:\Documents and Settings\ALI BUTT\My Documents\Mystic_River__2003__720p_BrRip_mkv___655MB___YIFY.torrent
[2011/12/20 00:35:15 | 000,017,169 | ---- | M] () -- C:\Documents and Settings\ALI BUTT\My Documents\Letters_from_Iwo_Jima__2006__720p__BRRip__MRShanku_Silver_RG.torrent
[2011/12/19 18:26:17 | 000,051,787 | ---- | M] () -- C:\WINDOWS\System32\drivers\AVG\iavichjg.avm
[2011/12/19 17:44:31 | 000,014,764 | ---- | M] () -- C:\Documents and Settings\ALI BUTT\My Documents\NOVO_2002_PARENTE_DVD_RIP_XVID.torrent
[2011/12/19 17:38:20 | 000,000,741 | ---- | M] () -- C:\Documents and Settings\ALI BUTT\Desktop\XIII - Lost Identity.lnk
[2011/12/19 01:08:45 | 000,018,018 | ---- | M] () -- C:\Documents and Settings\ALI BUTT\My Documents\Burning_Palms__2010__720p__BRRip__MRShanku_Silver_RG.torrent
[2011/12/17 12:33:27 | 000,014,018 | ---- | M] () -- C:\Documents and Settings\ALI BUTT\My Documents\The_Curious_Case_of_Benjamin_Button_(2008)_650mb_720p_-_YIFY.6116188.TPB.torrent
[2011/12/17 12:23:34 | 000,066,668 | ---- | M] () -- C:\Documents and Settings\ALI BUTT\My Documents\The_Departed_(2006)_-_BRRip_-_720p_-_x264_-_MKV_by_RiddlerA.5838338.TPB.torrent
[2011/12/17 12:15:06 | 000,023,018 | ---- | M] () -- C:\Documents and Settings\ALI BUTT\My Documents\Das.Boot.[The.Boat].Original.Uncut.1981.DVDRip.H264.AAC.Gopo..6071769.TPB.torrent
[2011/12/17 11:59:25 | 000,073,137 | ---- | M] () -- C:\Documents and Settings\ALI BUTT\My Documents\Munich[2005]DvDrip[Eng]-aXXo.4320529.TPB.torrent
[2011/12/17 00:58:41 | 000,016,835 | ---- | M] () -- C:\Documents and Settings\ALI BUTT\My Documents\Bunraku_2010_720p_BRrip_ShAaNiG_sujaidr.torrent
[2011/12/16 17:21:53 | 000,015,128 | ---- | M] () -- C:\Documents and Settings\ALI BUTT\My Documents\Lars_von_Trier_-_Manderlay_(2005).4995399.TPB.torrent
[2011/12/16 16:55:42 | 000,000,978 | ---- | M] () -- C:\Documents and Settings\ALI BUTT\Desktop\Shortcut to coed11.exe.lnk
[2011/12/16 16:31:26 | 000,028,897 | ---- | M] () -- C:\Documents and Settings\ALI BUTT\My Documents\Habemus_Papam_[We_Have_a_Pope](EngSubs_DVDrip)_2011.6773241.TPB.torrent
[2011/12/16 12:35:40 | 000,000,777 | ---- | M] () -- C:\Documents and Settings\ALI BUTT\Start Menu\Programs\Startup\Webshots.lnk
[2011/12/15 16:25:24 | 000,083,883 | ---- | M] () -- C:\Documents and Settings\ALI BUTT\My Documents\Land_of_plenty_KLAXXON.torrent
[2011/12/15 13:47:15 | 000,111,560 | ---- | M] () -- C:\Documents and Settings\ALI BUTT\My Documents\Diary.of.A .Addict(2001)DVDRip.aaaevilacharya.6062160.TPB.torrent
[2011/12/15 13:41:57 | 000,020,636 | ---- | M] () -- C:\Documents and Settings\ALI BUTT\My Documents\The_Borgias_-_SEASON_1_Complete_480p_x264_-_BoB.6454225.TPB.torrent
[2011/12/15 12:51:26 | 000,014,940 | ---- | M] () -- C:\Documents and Settings\ALI BUTT\My Documents\[kat.ph]post.coitum.2004.dvdrip.torrent
[2011/12/15 03:57:25 | 000,014,570 | ---- | M] () -- C:\Documents and Settings\ALI BUTT\My Documents\[kat.ph]the.united.states.of.leland.dvdrip.torrent
[2011/12/15 01:36:43 | 000,014,998 | ---- | M] () -- C:\Documents and Settings\ALI BUTT\My Documents\Death_In_Love_2008_DVDRip_XviD_aAF.torrent
[2011/12/14 02:00:33 | 000,016,049 | ---- | M] () -- C:\Documents and Settings\ALI BUTT\My Documents\Mother_and_Child_(2009)_720p_mkv_x264_-_750MB_-_YIFY.6154744.TPB.torrent
[2011/12/14 01:43:12 | 000,014,972 | ---- | M] () -- C:\Documents and Settings\ALI BUTT\My Documents\Lost_in_Translation__2003__720p_BrRip_x264___700MB___YIFY.torrent
[2011/12/13 13:59:55 | 000,014,582 | ---- | M] () -- C:\Documents and Settings\ALI BUTT\My Documents\Wings_of_Desire_DVDRip_XviD_InFeCtiouS(ENG_SUBS)[ExtraTorrent].5554173.TPB.torrent
[2011/12/13 13:53:08 | 000,015,350 | ---- | M] () -- C:\Documents and Settings\ALI BUTT\My Documents\Haevnen(2010)(In_a_Better_World)DVDRip_nl_subs_Nlt-Release(Divx).6580282.TPB.torrent
[2011/12/13 13:46:16 | 000,028,803 | ---- | M] () -- C:\Documents and Settings\ALI BUTT\My Documents\Goodbye_Lenin___2003_avi_torrent.torrent
[2011/12/13 13:36:16 | 000,016,286 | ---- | M] () -- C:\Documents and Settings\ALI BUTT\My Documents\Chico_and_Rita_(2010)_BRRip_720p_x264_-MitZep_(PhoenixRG)_.6447274.TPB.torrent
[2011/12/13 13:25:27 | 000,029,483 | ---- | M] () -- C:\Documents and Settings\ALI BUTT\My Documents\The_Inbetweeners_2011_Extended_BDRIP_XVID_-_SCR0N.6883209.TPB.torrent
[2011/12/12 23:23:11 | 000,000,517 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\CPUID CPU-Z.lnk
[2011/12/12 22:57:24 | 000,282,928 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011/12/12 14:18:51 | 000,017,392 | ---- | M] () -- C:\Documents and Settings\ALI BUTT\My Documents\Walk_the_Line__2005___Extended_Cut__720p_x264__TYNYFYD_.torrent
[2011/12/12 14:07:38 | 000,256,634 | ---- | M] () -- C:\Documents and Settings\ALI BUTT\My Documents\Up_in_the_Air[2009]DvDrip[Eng]-FXG.5379168.TPB.torrent
[2011/12/12 13:44:55 | 000,056,873 | ---- | M] () -- C:\Documents and Settings\ALI BUTT\My Documents\Rescue.Dawn[2007]DvDrip[Eng]-aXXo.3882591.TPB.torrent
[2011/12/12 10:54:38 | 000,018,322 | ---- | M] () -- C:\Documents and Settings\ALI BUTT\My Documents\Kieslowski_-_Dekalog.4592132.TPB.torrent
[2011/12/12 03:40:43 | 000,035,993 | ---- | M] () -- C:\Documents and Settings\ALI BUTT\My Documents\_drama_politics)_Another_Way_[Egymasra_nezve]_EngSub_Div.4142403.TPB.torrent
[2011/12/12 03:34:23 | 000,015,291 | ---- | M] () -- C:\Documents and Settings\ALI BUTT\My Documents\The.Ron.Clark.Story.DVDRiP.XViD-DvF.4505329.TPB.torrent
[2011/12/09 17:45:35 | 000,012,985 | ---- | M] () -- C:\Documents and Settings\ALI BUTT\My Documents\Catch_44_2011_720p_BRrip_scOrp_sujaidr.6862257.TPB.torrent
[2011/12/09 17:43:44 | 000,019,681 | ---- | M] () -- C:\Documents and Settings\ALI BUTT\Desktop\Turn_Me_On__Dammit__(2011)_720p_BRrip_sujaidr.6863611.TPB.torrent
[2011/12/08 23:01:05 | 000,057,001 | ---- | M] () -- C:\Documents and Settings\ALI BUTT\My Documents\The_Darjeeling_Limited[2007]DvDrip[Eng]-FXG.4027350.TPB.torrent
[2011/12/07 11:14:29 | 000,014,358 | ---- | M] () -- C:\Documents and Settings\ALI BUTT\My Documents\Hamlet_(1990)_MEL_GIBSON.GLENN_CLOSE.5131879.TPB.torrent
[2011/12/07 00:13:19 | 000,016,336 | ---- | M] () -- C:\Documents and Settings\ALI BUTT\My Documents\Synecdoche_New_York_(2008)_720p_BrRip_x264_-_750MB_-_YIFY.6867426.TPB.torrent
[2011/12/06 00:10:03 | 000,014,932 | ---- | M] () -- C:\Documents and Settings\ALI BUTT\My Documents\SOUND_OF_NOISE__2010__DVD_Rip_Xvid__StB_.torrent
[2011/12/06 00:05:50 | 000,016,868 | ---- | M] () -- C:\Documents and Settings\ALI BUTT\My Documents\Paula-Paula[2010][DVDRip][spanish].6271832.TPB.torrent
[2011/12/04 17:51:39 | 000,032,557 | ---- | M] () -- C:\Documents and Settings\ALI BUTT\My Documents\150_Gamehouse_Games.3974158.TPB.torrent
[2011/12/03 16:49:13 | 000,012,104 | ---- | M] () -- C:\Documents and Settings\ALI BUTT\My Documents\Love Child (2005) Liebeskind.torrent
[2011/12/03 10:09:59 | 000,021,259 | ---- | M] () -- C:\Documents and Settings\ALI BUTT\My Documents\The_Lookout__2007__720p___500mb___YIFY.torrent
[2011/12/02 23:24:53 | 000,018,332 | ---- | M] () -- C:\Documents and Settings\ALI BUTT\My Documents\The_Debt_Ha_Hov_2007_DVDRip.torrent
[2011/12/02 16:39:57 | 000,060,644 | ---- | M] () -- C:\Documents and Settings\ALI BUTT\My Documents\Alabama_Moon_2009_DVDRip_XviD_aAF.torrent
[2011/12/02 16:36:28 | 000,013,183 | ---- | M] () -- C:\Documents and Settings\ALI BUTT\My Documents\Red_Dog_(2011)_720p_BrRip_x264_-_600MB_-_YIFY.6853925.TPB.torrent
[2011/12/02 13:37:55 | 000,029,723 | ---- | M] () -- C:\Documents and Settings\ALI BUTT\Desktop\Burke_and_Hare_2010_BDRip_XviD_AMIABLE.torrent
[2011/12/01 23:31:42 | 000,011,786 | ---- | M] () -- C:\Documents and Settings\ALI BUTT\My Documents\Martyrs (2008).torrent
[2011/12/01 22:36:50 | 000,000,044 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\{3D55D1F4-1059-11DC-B281-197056D89593}
[2011/12/01 16:55:46 | 000,015,758 | ---- | M] () -- C:\Documents and Settings\ALI BUTT\My Documents\11 Days 11 Nights (1987) Undici giorni, undici notti.torrent
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/12/26 00:46:19 | 085,150,936 | ---- | C] () -- C:\WINDOWS\System32\drivers\AVG\incavi.avm
[2011/12/26 00:29:38 | 000,000,554 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/12/26 00:13:06 | 000,000,512 | ---- | C] () -- C:\MBR.dat
[2011/12/25 23:29:09 | 000,000,211 | ---- | C] () -- C:\Boot.bak
[2011/12/25 23:29:04 | 000,260,272 | RHS- | C] () -- C:\cmldr
[2011/12/25 23:26:11 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2011/12/25 23:26:11 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2011/12/25 23:26:11 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2011/12/25 23:26:11 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2011/12/25 23:26:11 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2011/12/25 22:36:29 | 000,000,354 | ---- | C] () -- C:\WINDOWS\tasks\Windows Codec Update Service.job
[2011/12/25 22:36:06 | 000,000,597 | ---- | C] () -- C:\Documents and Settings\ALI BUTT\Desktop\Media Player Classic.lnk
[2011/12/25 15:25:44 | 000,000,510 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2011/12/25 15:25:44 | 000,000,510 | ---- | C] () -- C:\Documents and Settings\ALI BUTT\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2011/12/25 15:25:43 | 000,000,510 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Mozilla Firefox.lnk
[2011/12/25 14:41:42 | 000,085,402 | ---- | C] () -- C:\Documents and Settings\ALI BUTT\My Documents\bookmarks-2011-12-25.json
[2011/12/25 04:16:05 | 000,013,985 | ---- | C] () -- C:\Documents and Settings\ALI BUTT\My Documents\The_Darjeeling_Limited_(2007)_720p_BRRip_suN_sujaidr.6817706.TPB.torrent
[2011/12/25 04:12:39 | 000,014,005 | ---- | C] () -- C:\Documents and Settings\ALI BUTT\My Documents\The_Inbetweeners_movie_2011_Extended_Cut_720p_BRrip_scOrp_sujaid.6884992.TPB.torrent
[2011/12/25 04:11:07 | 000,014,492 | ---- | C] () -- C:\Documents and Settings\ALI BUTT\My Documents\O_Brother_Where_Art_Thou_2000_720p_BRrip_scOrp_sujaidr.6893079.TPB.torrent
[2011/12/25 04:05:17 | 000,016,555 | ---- | C] () -- C:\Documents and Settings\ALI BUTT\My Documents\A_Separation_(2011)_720p_BRrip_sujaidr.6904198.TPB.torrent
[2011/12/22 23:31:17 | 000,000,572 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Yahoo! Messenger.lnk
[2011/12/22 23:31:17 | 000,000,572 | ---- | C] () -- C:\Documents and Settings\ALI BUTT\Application Data\Microsoft\Internet Explorer\Quick Launch\Yahoo! Messenger.lnk
[2011/12/21 20:31:33 | 000,000,490 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\IM Magician.lnk
[2011/12/21 19:52:09 | 000,035,600 | ---- | C] () -- C:\WINDOWS\AMCAP.EXE
[2011/12/21 19:51:45 | 000,172,032 | ---- | C] () -- C:\WINDOWS\JAPI2.DLL
[2011/12/21 19:51:09 | 000,106,496 | ---- | C] () -- C:\WINDOWS\JAPI.DLL
[2011/12/21 19:51:09 | 000,020,992 | ---- | C] () -- C:\WINDOWS\MMVCB.AX
[2011/12/21 19:51:03 | 000,000,649 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\VP-EYE 6.0.lnk
[2011/12/20 00:38:39 | 000,014,220 | ---- | C] () -- C:\Documents and Settings\ALI BUTT\My Documents\Mystic_River__2003__720p_BrRip_mkv___655MB___YIFY.torrent
[2011/12/20 00:35:13 | 000,017,169 | ---- | C] () -- C:\Documents and Settings\ALI BUTT\My Documents\Letters_from_Iwo_Jima__2006__720p__BRRip__MRShanku_Silver_RG.torrent
[2011/12/19 18:26:17 | 000,051,787 | ---- | C] () -- C:\WINDOWS\System32\drivers\AVG\iavichjg.avm
[2011/12/19 17:44:29 | 000,014,764 | ---- | C] () -- C:\Documents and Settings\ALI BUTT\My Documents\NOVO_2002_PARENTE_DVD_RIP_XVID.torrent
[2011/12/19 17:38:20 | 000,000,741 | ---- | C] () -- C:\Documents and Settings\ALI BUTT\Desktop\XIII - Lost Identity.lnk
[2011/12/19 01:08:41 | 000,018,018 | ---- | C] () -- C:\Documents and Settings\ALI BUTT\My Documents\Burning_Palms__2010__720p__BRRip__MRShanku_Silver_RG.torrent
[2011/12/17 12:33:26 | 000,014,018 | ---- | C] () -- C:\Documents and Settings\ALI BUTT\My Documents\The_Curious_Case_of_Benjamin_Button_(2008)_650mb_720p_-_YIFY.6116188.TPB.torrent
[2011/12/17 12:23:33 | 000,066,668 | ---- | C] () -- C:\Documents and Settings\ALI BUTT\My Documents\The_Departed_(2006)_-_BRRip_-_720p_-_x264_-_MKV_by_RiddlerA.5838338.TPB.torrent
[2011/12/17 12:15:03 | 000,023,018 | ---- | C] () -- C:\Documents and Settings\ALI BUTT\My Documents\Das.Boot.[The.Boat].Original.Uncut.1981.DVDRip.H264.AAC.Gopo..6071769.TPB.torrent
[2011/12/17 11:59:20 | 000,073,137 | ---- | C] () -- C:\Documents and Settings\ALI BUTT\My Documents\Munich[2005]DvDrip[Eng]-aXXo.4320529.TPB.torrent
[2011/12/17 00:58:38 | 000,016,835 | ---- | C] () -- C:\Documents and Settings\ALI BUTT\My Documents\Bunraku_2010_720p_BRrip_ShAaNiG_sujaidr.torrent
[2011/12/16 17:21:52 | 000,015,128 | ---- | C] () -- C:\Documents and Settings\ALI BUTT\My Documents\Lars_von_Trier_-_Manderlay_(2005).4995399.TPB.torrent
[2011/12/16 16:55:42 | 000,000,978 | ---- | C] () -- C:\Documents and Settings\ALI BUTT\Desktop\Shortcut to coed11.exe.lnk
[2011/12/16 16:31:22 | 000,028,897 | ---- | C] () -- C:\Documents and Settings\ALI BUTT\My Documents\Habemus_Papam_[We_Have_a_Pope](EngSubs_DVDrip)_2011.6773241.TPB.torrent
[2011/12/15 16:25:20 | 000,083,883 | ---- | C] () -- C:\Documents and Settings\ALI BUTT\My Documents\Land_of_plenty_KLAXXON.torrent
[2011/12/15 13:47:12 | 000,111,560 | ---- | C] () -- C:\Documents and Settings\ALI BUTT\My Documents\Diary.of.A .Addict(2001)DVDRip.aaaevilacharya.6062160.TPB.torrent
[2011/12/15 13:41:55 | 000,020,636 | ---- | C] () -- C:\Documents and Settings\ALI BUTT\My Documents\The_Borgias_-_SEASON_1_Complete_480p_x264_-_BoB.6454225.TPB.torrent
[2011/12/15 12:51:17 | 000,014,940 | ---- | C] () -- C:\Documents and Settings\ALI BUTT\My Documents\[kat.ph]post.coitum.2004.dvdrip.torrent
[2011/12/15 03:57:24 | 000,014,570 | ---- | C] () -- C:\Documents and Settings\ALI BUTT\My Documents\[kat.ph]the.united.states.of.leland.dvdrip.torrent
[2011/12/15 01:36:40 | 000,014,998 | ---- | C] () -- C:\Documents and Settings\ALI BUTT\My Documents\Death_In_Love_2008_DVDRip_XviD_aAF.torrent
[2011/12/14 02:00:31 | 000,016,049 | ---- | C] () -- C:\Documents and Settings\ALI BUTT\My Documents\Mother_and_Child_(2009)_720p_mkv_x264_-_750MB_-_YIFY.6154744.TPB.torrent
[2011/12/14 01:43:08 | 000,014,972 | ---- | C] () -- C:\Documents and Settings\ALI BUTT\My Documents\Lost_in_Translation__2003__720p_BrRip_x264___700MB___YIFY.torrent
[2011/12/13 13:59:51 | 000,014,582 | ---- | C] () -- C:\Documents and Settings\ALI BUTT\My Documents\Wings_of_Desire_DVDRip_XviD_InFeCtiouS(ENG_SUBS)[ExtraTorrent].5554173.TPB.torrent
[2011/12/13 13:53:08 | 000,015,350 | ---- | C] () -- C:\Documents and Settings\ALI BUTT\My Documents\Haevnen(2010)(In_a_Better_World)DVDRip_nl_subs_Nlt-Release(Divx).6580282.TPB.torrent
[2011/12/13 13:46:16 | 000,028,803 | ---- | C] () -- C:\Documents and Settings\ALI BUTT\My Documents\Goodbye_Lenin___2003_avi_torrent.torrent
[2011/12/13 13:36:16 | 000,016,286 | ---- | C] () -- C:\Documents and Settings\ALI BUTT\My Documents\Chico_and_Rita_(2010)_BRRip_720p_x264_-MitZep_(PhoenixRG)_.6447274.TPB.torrent
[2011/12/13 13:25:24 | 000,029,483 | ---- | C] () -- C:\Documents and Settings\ALI BUTT\My Documents\The_Inbetweeners_2011_Extended_BDRIP_XVID_-_SCR0N.6883209.TPB.torrent
[2011/12/12 23:23:11 | 000,000,517 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\CPUID CPU-Z.lnk
[2011/12/12 14:18:47 | 000,017,392 | ---- | C] () -- C:\Documents and Settings\ALI BUTT\My Documents\Walk_the_Line__2005___Extended_Cut__720p_x264__TYNYFYD_.torrent
[2011/12/12 14:07:36 | 000,256,634 | ---- | C] () -- C:\Documents and Settings\ALI BUTT\My Documents\Up_in_the_Air[2009]DvDrip[Eng]-FXG.5379168.TPB.torrent
[2011/12/12 13:44:52 | 000,056,873 | ---- | C] () -- C:\Documents and Settings\ALI BUTT\My Documents\Rescue.Dawn[2007]DvDrip[Eng]-aXXo.3882591.TPB.torrent
[2011/12/12 10:54:34 | 000,018,322 | ---- | C] () -- C:\Documents and Settings\ALI BUTT\My Documents\Kieslowski_-_Dekalog.4592132.TPB.torrent
[2011/12/12 03:40:43 | 000,035,993 | ---- | C] () -- C:\Documents and Settings\ALI BUTT\My Documents\_drama_politics)_Another_Way_[Egymasra_nezve]_EngSub_Div.4142403.TPB.torrent
[2011/12/12 03:34:20 | 000,015,291 | ---- | C] () -- C:\Documents and Settings\ALI BUTT\My Documents\The.Ron.Clark.Story.DVDRiP.XViD-DvF.4505329.TPB.torrent
[2011/12/09 17:45:34 | 000,012,985 | ---- | C] () -- C:\Documents and Settings\ALI BUTT\My Documents\Catch_44_2011_720p_BRrip_scOrp_sujaidr.6862257.TPB.torrent
[2011/12/09 17:43:37 | 000,019,681 | ---- | C] () -- C:\Documents and Settings\ALI BUTT\Desktop\Turn_Me_On__Dammit__(2011)_720p_BRrip_sujaidr.6863611.TPB.torrent
[2011/12/08 23:01:02 | 000,057,001 | ---- | C] () -- C:\Documents and Settings\ALI BUTT\My Documents\The_Darjeeling_Limited[2007]DvDrip[Eng]-FXG.4027350.TPB.torrent
[2011/12/07 11:14:26 | 000,014,358 | ---- | C] () -- C:\Documents and Settings\ALI BUTT\My Documents\Hamlet_(1990)_MEL_GIBSON.GLENN_CLOSE.5131879.TPB.torrent
[2011/12/07 00:13:19 | 000,016,336 | ---- | C] () -- C:\Documents and Settings\ALI BUTT\My Documents\Synecdoche_New_York_(2008)_720p_BrRip_x264_-_750MB_-_YIFY.6867426.TPB.torrent
[2011/12/06 00:10:00 | 000,014,932 | ---- | C] () -- C:\Documents and Settings\ALI BUTT\My Documents\SOUND_OF_NOISE__2010__DVD_Rip_Xvid__StB_.torrent
[2011/12/06 00:05:47 | 000,016,868 | ---- | C] () -- C:\Documents and Settings\ALI BUTT\My Documents\Paula-Paula[2010][DVDRip][spanish].6271832.TPB.torrent
[2011/12/04 17:51:36 | 000,032,557 | ---- | C] () -- C:\Documents and Settings\ALI BUTT\My Documents\150_Gamehouse_Games.3974158.TPB.torrent
[2011/12/03 16:49:11 | 000,012,104 | ---- | C] () -- C:\Documents and Settings\ALI BUTT\My Documents\Love Child (2005) Liebeskind.torrent
[2011/12/03 10:09:56 | 000,021,259 | ---- | C] () -- C:\Documents and Settings\ALI BUTT\My Documents\The_Lookout__2007__720p___500mb___YIFY.torrent
[2011/12/02 23:24:36 | 000,018,332 | ---- | C] () -- C:\Documents and Settings\ALI BUTT\My Documents\The_Debt_Ha_Hov_2007_DVDRip.torrent
[2011/12/02 16:39:53 | 000,060,644 | ---- | C] () -- C:\Documents and Settings\ALI BUTT\My Documents\Alabama_Moon_2009_DVDRip_XviD_aAF.torrent
[2011/12/02 16:36:27 | 000,013,183 | ---- | C] () -- C:\Documents and Settings\ALI BUTT\My Documents\Red_Dog_(2011)_720p_BrRip_x264_-_600MB_-_YIFY.6853925.TPB.torrent
[2011/12/02 13:37:45 | 000,029,723 | ---- | C] () -- C:\Documents and Settings\ALI BUTT\Desktop\Burke_and_Hare_2010_BDRip_XviD_AMIABLE.torrent
[2011/12/01 23:31:40 | 000,011,786 | ---- | C] () -- C:\Documents and Settings\ALI BUTT\My Documents\Martyrs (2008).torrent
[2011/12/01 22:36:44 | 000,000,044 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\{3D55D1F4-1059-11DC-B281-197056D89593}
[2011/12/01 16:55:43 | 000,015,758 | ---- | C] () -- C:\Documents and Settings\ALI BUTT\My Documents\11 Days 11 Nights (1987) Undici giorni, undici notti.torrent
[2011/11/29 00:44:06 | 000,000,702 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\AVG 2012.lnk
[2011/11/10 12:58:03 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\HPPLVS.dll
[2011/11/01 22:49:24 | 000,055,256 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2011/10/29 00:48:29 | 000,017,408 | ---- | C] () -- C:\Documents and Settings\ALI BUTT\Local Settings\Application Data\WebpageIcons.db
[2011/10/11 11:24:37 | 000,001,025 | ---- | C] () -- C:\WINDOWS\System32\sysprs7.dll
[2011/09/21 08:09:27 | 000,271,360 | ---- | C] () -- C:\WINDOWS\System32\drivers\atksgt.sys
[2011/09/21 08:09:24 | 000,018,048 | ---- | C] () -- C:\WINDOWS\System32\drivers\lirsgt.sys
[2011/08/31 01:26:49 | 000,004,096 | ---- | C] () -- C:\WINDOWS\d3dx.dat
[2011/08/14 17:59:42 | 000,000,000 | ---- | C] () -- C:\WINDOWS\WB.ini
[2011/08/10 16:44:04 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2011/07/25 02:43:05 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011/07/07 00:12:04 | 001,156,552 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\bdinstall.bin
[2011/07/01 02:08:11 | 000,022,328 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2011/07/01 00:39:37 | 000,103,736 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrB.exe
[2011/07/01 00:38:42 | 000,066,872 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrA.exe
[2011/06/01 15:29:46 | 000,000,081 | ---- | C] () -- C:\WINDOWS\GECKOS.INI
[2011/05/30 12:12:14 | 000,084,480 | ---- | C] () -- C:\WINDOWS\System32\EasyHook32.dll
[2011/05/30 12:06:08 | 000,173,568 | ---- | C] () -- C:\Documents and Settings\ALI BUTT\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/05/30 12:04:19 | 000,175,616 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2011/05/30 09:37:24 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2011/05/30 09:22:58 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2011/05/30 09:15:15 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2011/05/30 02:08:33 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2011/05/30 02:05:51 | 000,282,928 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2008/05/16 14:01:00 | 001,703,936 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2008/05/16 14:01:00 | 001,630,208 | ---- | C] () -- C:\WINDOWS\System32\nwiz.exe
[2008/05/16 14:01:00 | 001,486,848 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2008/05/16 14:01:00 | 001,339,392 | ---- | C] () -- C:\WINDOWS\System32\nvdspsch.exe
[2008/05/16 14:01:00 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2008/05/16 14:01:00 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2008/05/16 14:01:00 | 000,442,368 | ---- | C] () -- C:\WINDOWS\System32\nvappbar.exe
[2008/05/16 14:01:00 | 000,425,984 | ---- | C] () -- C:\WINDOWS\System32\keystone.exe
[2008/05/16 14:01:00 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2007/07/26 12:01:50 | 000,114,688 | ---- | C] () -- C:\WINDOWS\System32\hppatusg01.dll
[2006/10/09 22:18:10 | 000,036,992 | ---- | C] () -- C:\WINDOWS\System32\drivers\csiidecoder_kern_i386.sys
[2006/10/09 22:18:10 | 000,034,048 | ---- | C] () -- C:\WINDOWS\System32\drivers\SRS_SSCFilter.sys
[2006/10/09 22:18:08 | 000,044,160 | ---- | C] () -- C:\WINDOWS\System32\drivers\tshd4_kern_i386.sys
[2006/10/09 22:18:08 | 000,042,240 | ---- | C] () -- C:\WINDOWS\System32\drivers\Surroundhp_kern_i386.sys
[2004/08/04 06:07:22 | 000,001,788 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin
[2004/08/02 19:20:40 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004/07/17 16:36:38 | 000,027,440 | ---- | C] () -- C:\WINDOWS\System32\drivers\secdrv.sys
[2001/08/23 19:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2001/08/23 19:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2001/08/23 19:00:00 | 000,482,042 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2001/08/23 19:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2001/08/23 19:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2001/08/23 19:00:00 | 000,086,064 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2001/08/23 19:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2001/08/23 19:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2001/08/23 19:00:00 | 000,004,463 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2001/08/23 19:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat

========== Custom Scans ==========


< >

< %SYSTEMDRIVE%\*.* >
[2011/12/26 00:13:06 | 000,002,122 | ---- | M] () -- C:\aswMBR.txt
[2011/05/30 09:19:11 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2011/05/30 09:12:24 | 000,000,211 | ---- | M] () -- C:\Boot.bak
[2011/12/25 23:29:09 | 000,000,327 | RHS- | M] () -- C:\boot.ini
[2004/08/03 23:00:00 | 000,260,272 | RHS- | M] () -- C:\cmldr
[2011/05/30 09:19:11 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2011/12/26 01:09:47 | 000,046,170 | ---- | M] () -- C:\Extras.Txt
[2011/05/30 09:19:11 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2011/12/26 00:45:43 | 000,000,908 | ---- | M] () -- C:\mbam-log-2011-12-26 (00-44-54).txt
[2011/12/26 00:13:06 | 000,000,512 | ---- | M] () -- C:\MBR.dat
[2011/05/30 09:19:11 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2004/08/04 03:38:34 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2004/08/04 03:59:34 | 000,250,032 | RHS- | M] () -- C:\ntldr
[2011/12/26 01:09:56 | 000,120,126 | ---- | M] () -- C:\OTL.Txt
[2011/12/26 01:40:21 | 524,288,000 | -HS- | M] () -- C:\pagefile.sys
[2011/12/25 23:56:50 | 000,048,962 | ---- | M] () -- C:\TDSSKiller.2.6.25.0_25.12.2011_23.53.53_log.txt
[2011/12/26 01:49:30 | 000,049,178 | ---- | M] () -- C:\TDSSKiller.2.6.25.0_26.12.2011_01.48.41_log.txt

< %systemroot%\Fonts\*.com >

< %systemroot%\Fonts\*.dll >

< %systemroot%\Fonts\*.ini >
[2011/05/30 09:18:30 | 000,000,067 | -HS- | M] () -- C:\WINDOWS\Fonts\desktop.ini

< %systemroot%\Fonts\*.ini2 >

< %systemroot%\Fonts\*.exe >

< %systemroot%\system32\spool\prtprocs\w32x86\*.* >
[2007/03/22 20:24:58 | 000,028,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll
[2007/09/10 15:12:46 | 000,229,888 | ---- | M] (Hewlett-Packard ) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\HP1006S.DLL
[2006/10/26 19:56:12 | 000,033,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\msonpppr.dll
[2007/03/22 20:25:42 | 000,677,376 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\PrintFilterPipelineSvc.exe

< %systemroot%\REPAIR\*.bak1 >

< %systemroot%\REPAIR\*.ini >

< %systemroot%\system32\*.jpg >

< %systemroot%\*.jpg >

< %systemroot%\*.png >

< %systemroot%\*.scr >

< %systemroot%\*._sy >

< %APPDATA%\Adobe\Update\*.* >

< %ALLUSERSPROFILE%\Favorites\*.* >

< %APPDATA%\Microsoft\*.* >

< %PROGRAMFILES%\*.* >

< %APPDATA%\Update\*.* >

< %systemroot%\*. /mp /s >

< %systemroot%\System32\config\*.sav >
[2011/05/30 02:05:04 | 000,094,208 | ---- | M] () -- C:\WINDOWS\System32\config\default.sav
[2011/05/30 02:05:04 | 000,659,456 | ---- | M] () -- C:\WINDOWS\System32\config\software.sav
[2011/05/30 02:05:03 | 000,880,640 | ---- | M] () -- C:\WINDOWS\System32\config\system.sav

< %PROGRAMFILES%\bak. /s >

< %systemroot%\system32\bak. /s >

< %ALLUSERSPROFILE%\Start Menu\*.lnk /x >
[2011/05/30 09:19:19 | 000,000,294 | -HS- | M] () -- C:\Documents and Settings\All Users\Start Menu\desktop.ini

< %systemroot%\system32\config\systemprofile\*.dat /x >

< %systemroot%\*.config >

< %systemroot%\system32\*.db >

< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >


< MD5 for: BEEP.SYS >
[2001/08/23 19:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\dllcache\beep.sys
[2001/08/23 19:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\drivers\beep.sys

< MD5 for: MSWSOCK.DLL >
[2004/08/04 05:56:46 | 000,245,248 | ---- | M] (Microsoft Corporation) MD5=4E74AF063C3271FBEA20DD940CFD1184 -- C:\WINDOWS\system32\dllcache\mswsock.dll
[2004/08/04 05:56:46 | 000,245,248 | ---- | M] (Microsoft Corporation) MD5=4E74AF063C3271FBEA20DD940CFD1184 -- C:\WINDOWS\system32\mswsock.dll

< MD5 for: NETCFGX.DLL >
[2004/08/04 05:56:46 | 000,622,080 | ---- | M] (Microsoft Corporation) MD5=E3AE8DC04643850D2DFD431443558B28 -- C:\WINDOWS\system32\dllcache\netcfgx.dll
[2004/08/04 05:56:46 | 000,622,080 | ---- | M] (Microsoft Corporation) MD5=E3AE8DC04643850D2DFD431443558B28 -- C:\WINDOWS\system32\netcfgx.dll

< MD5 for: NETMAN.DLL >
[2004/08/04 05:56:46 | 000,198,144 | ---- | M] (Microsoft Corporation) MD5=DAB9E6C7105D2EF49876FE92C524F565 -- C:\WINDOWS\system32\dllcache\netman.dll
[2004/08/04 05:56:46 | 000,198,144 | ---- | M] (Microsoft Corporation) MD5=DAB9E6C7105D2EF49876FE92C524F565 -- C:\WINDOWS\system32\netman.dll

< MD5 for: NETSHELL.DLL >
[2004/08/04 05:56:46 | 001,708,032 | ---- | M] (Microsoft Corporation) MD5=BF52A4D4EB4CFB3109667E429B93E21A -- C:\WINDOWS\system32\dllcache\netshell.dll
[2004/08/04 05:56:46 | 001,708,032 | ---- | M] (Microsoft Corporation) MD5=BF52A4D4EB4CFB3109667E429B93E21A -- C:\WINDOWS\system32\netshell.dll

< dxgthk.sys >

< ntdll.dll >

< atapi.sys >

========== Files - Unicode (All) ==========
[2011/07/07 11:51:54 | 000,000,000 | ---- | M] ()(C:\Documents and Settings\ALI BUTT\?????) -- C:\Documents and Settings\ALI BUTT\獷楬汢捯污

< End of report >
  • 0

Advertisements


#17
Ali Butt

Ali Butt

    Member

  • Topic Starter
  • Member
  • PipPip
  • 24 posts
OTL Extras logfile created on: 12/26/2011 2:00:19 AM - Run 2
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Documents and Settings\ALI BUTT\Desktop
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

510.98 Mb Total Physical Memory | 58.24 Mb Available Physical Memory | 11.40% Memory free
979.98 Mb Paging File | 308.34 Mb Available in Paging File | 31.46% Paging File free
Paging file location(s): C:\pagefile.sys 500 700 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 19.53 Gb Total Space | 10.68 Gb Free Space | 54.68% Space Free | Partition Type: NTFS
Drive D: | 9.76 Gb Total Space | 3.28 Gb Free Space | 33.59% Space Free | Partition Type: FAT32
Drive E: | 7.94 Gb Total Space | 1.52 Gb Free Space | 19.15% Space Free | Partition Type: FAT32

Computer Name: HOME-1157E821BE | User Name: ALI BUTT | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (All) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.bat [@ = batfile] -- "%1" %*
.chm [@ = chm.file] -- C:\WINDOWS\hh.exe (Microsoft Corporation)
.cmd [@ = cmdfile] -- "%1" %*
.com [@ = comfile] -- "%1" %*
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.exe [@ = exefile] -- "%1" %*
.hlp [@ = hlpfile] -- C:\WINDOWS\System32\winhlp32.exe (Microsoft Corporation)
.hta [@ = htafile] -- C:\WINDOWS\System32\mshta.exe (Microsoft Corporation)
.html [@ = SafariHTML] -- Reg Error: Key error. File not found
.inf [@ = inffile] -- C:\WINDOWS\System32\NOTEPAD.EXE (Microsoft Corporation)
.ini [@ = inifile] -- C:\WINDOWS\System32\NOTEPAD.EXE (Microsoft Corporation)
.url [@ = InternetShortcut] -- rundll32.exe shdocvw.dll,OpenURL %l
.js [@ = JSFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
.jse [@ = JSEFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
.pif [@ = piffile] -- "%1" %*
.reg [@ = regfile] -- C:\WINDOWS\regedit.exe (Microsoft Corporation)
.scr [@ = scrfile] -- "%1" /S
.txt [@ = txtfile] -- C:\WINDOWS\System32\NOTEPAD.EXE (Microsoft Corporation)
.vbe [@ = VBEFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
.vbs [@ = VBSFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
.wsf [@ = WSFFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
.wsh [@ = WSHFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- E:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
batfile [open] -- "%1" %*
batfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
chm.file [open] -- "%SYSTEMROOT%\hh.exe" %1 (Microsoft Corporation)
cmdfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
cmdfile [open] -- "%1" %*
cmdfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
helpfile [open] -- winhlp32.exe %1 (Microsoft Corporation)
hlpfile [open] -- %SystemRoot%\System32\winhlp32.exe %1 (Microsoft Corporation)
htafile [open] -- C:\WINDOWS\system32\mshta.exe "%1" %* (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
https [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection DefaultInstall 132 %1 (Microsoft Corporation)
inffile [open] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
inffile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
inifile [open] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
inifile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
InternetShortcut [open] -- rundll32.exe shdocvw.dll,OpenURL %l
InternetShortcut [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
jsfile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
jsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsfile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
jsefile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
jsefile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsefile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [edit] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
regfile [open] -- regedit.exe "%1" (Microsoft Corporation)
regfile [merge] -- Reg Error: Key error.
regfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
txtfile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
txtfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
txtfile [printto] -- %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4" (Microsoft Corporation)
vbefile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
vbefile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
vbefile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
vbsfile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
vbsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
vbsfile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
wsffile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
wsffile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
wsffile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
wshfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "e:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "e:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "%programfiles%\internet explorer\iexplore.exe" (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"21563:TCP" = 21563:TCP:*:Enabled:BitComet 21563 TCP
"21563:UDP" = 21563:UDP:*:Enabled:BitComet 21563 UDP

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"E:\software\TeamViewer.exe" = E:\software\TeamViewer.exe:*:Enabled:TeamViewer Remote Control Application -- (TeamViewer GmbH)
"D:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" = D:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger -- (Yahoo! Inc.)
"E:\Program Files\BitTorrent\BitTorrent.exe" = E:\Program Files\BitTorrent\BitTorrent.exe:*:Enabled:BitTorrent -- (BitTorrent, Inc.)
"C:\Program Files\AVG\AVG2012\avgmfapx.exe" = C:\Program Files\AVG\AVG2012\avgmfapx.exe:*:Enabled:AVG Installer -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG2012\avgnsx.exe" = C:\Program Files\AVG\AVG2012\avgnsx.exe:*:Enabled:Online Shield -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG2012\avgdiagex.exe" = C:\Program Files\AVG\AVG2012\avgdiagex.exe:*:Enabled:AVG Diagnostics 2012 -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG2012\avgemcx.exe" = C:\Program Files\AVG\AVG2012\avgemcx.exe:*:Enabled:Personal E-mail Scanner -- (AVG Technologies CZ, s.r.o.)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{0E2B767B-EA6A-489B-BF83-8083FE1DB661}" = Pcsx2 0.9.6
"{13F00518-807A-4B3A-83B0-A7CD90F3A398}" = MarketResearch
"{26A24AE4-039D-4CA4-87B4-2F83216030FF}" = Java™ 6 Update 30
"{2767DEDE-EA9D-4FCE-A06A-40F4DD293330}" = hppusgP1000
"{2857dbef-0b50-361c-8690-7d505747009f}" = Webshots Desktop
"{2BA00471-0328-3743-93BD-FA813353A783}" = Microsoft .NET Framework 3.0 Service Pack 1
"{2FC099BD-AC9B-33EB-809C-D332E1B27C40}" = Microsoft .NET Framework 3.5
"{31187E06-E131-4709-9285-7D105D77AA89}" = Components Setup
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{39D7BD4A-5BE7-11D4-9D68-0020781864F1}" = CueClub
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{44A69352-33DD-405E-ADB8-2D768643BBAE}_is1" = AnyBizSoft PDF to Word (Build 3.0.0)
"{4877CCD5-6B0B-4B3A-8EF1-911D946B8B94}" = SRS Audio Sandbox
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{58ECE031-9AAD-4011-B34A-BC78E77527E2}" = hppMSRedist
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{8398852A-7B61-4808-8F58-D0A40D1B2CB6}" = AVG 2012
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9819EF4D-7A28-54B5-8A25-CE97793845A4}" = Webshots Daily Features
"{A5742726-2180-4253-83A7-53558486A7A2}" = IM Magician
"{AA59DDE4-B672-4621-A016-4C248204957A}" = Skype™ 5.5
"{BA524348-59A6-437A-A4FB-25080BDEFCD6}" = VP-EYE
"{BDDEE95D-0671-4A38-AAF3-2A7D5801B323}" = Components Setup
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{E171F5DA-6F17-472D-A223-92468142C5E8}" = AVG 2012
"{E89760FE-AA0B-407D-BB94-E23CE78385F3}" = CueClub Patch
"{ECA31632-C2AD-4774-A3CA-2813D47E4DD0}" = HPCarePackProducts
"{F0A37341-D692-11D4-A984-009027EC0A9C}" = SoundMAX
"{FE23D063-934D-4829-A0D8-00634CE79B4A}" = Adobe AIR
"Adobe AIR" = Adobe AIR
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"AVG" = AVG 2012
"BitTorrent" = BitTorrent
"Burger Shop 2 1.00" = Burger Shop 2 1.00
"CCleaner" = CCleaner
"CPUID CPU-Z_is1" = CPUID CPU-Z 1.59
"Folder Guard" = Folder Guard
"Foxit Reader" = Foxit Reader
"Jumpa_is1" = Jumpa 1.0
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware version 1.51.2.1300
"Microsoft .NET Framework 3.5" = Microsoft .NET Framework 3.5
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Mozilla Firefox 9.0.1 (x86 en-US)" = Mozilla Firefox 9.0.1 (x86 en-US)
"NVIDIA Drivers" = NVIDIA Drivers
"USB Disk Security_is1" = USB Disk Security
"VLC media player" = VLC media player 1.1.11
"WebshotsDailyFeatures.D47BD63EE77CC0AC7AE23BFA386A3F1EDA7C080D.1" = Webshots Daily Features
"Wedding Dash 4 Ever 1.00" = Wedding Dash 4 Ever 1.00
"WIC" = Windows Imaging Component
"Windows Essentials Media Codec Pack" = Windows Essentials Media Codec Pack 3.6 [32-Bit]
"WinRAR archiver" = WinRAR 4.10 beta 2 (32-bit)
"XIII - Lost Identity1.0" = XIII - Lost Identity
"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0
"Yahoo! Messenger" = Yahoo! Messenger

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Yahoo! BrowserPlus" = Yahoo! BrowserPlus 2.9.8

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 12/25/2011 3:23:11 PM | Computer Name = HOME-1157E821BE | Source = Userenv | ID = 1041
Description = Windows cannot query DllName registry entry for {7B849a69-220F-451E-B3FE-2CB811AF94AE}
and it will not be loaded. This is most likely caused by a faulty registration.

Error - 12/25/2011 3:23:11 PM | Computer Name = HOME-1157E821BE | Source = Userenv | ID = 1041
Description = Windows cannot query DllName registry entry for {CF7639F3-ABA2-41DB-97F2-81E2C5DBFC5D}
and it will not be loaded. This is most likely caused by a faulty registration.

Error - 12/25/2011 3:24:49 PM | Computer Name = HOME-1157E821BE | Source = Application Error | ID = 1000
Description = Faulting application explorer.exe, version 6.0.2900.2180, faulting
module unknown, version 0.0.0.0, fault address 0x42315bbb.

Error - 12/25/2011 3:26:04 PM | Computer Name = HOME-1157E821BE | Source = Application Error | ID = 1001
Description = Fault bucket 646499498.

Error - 12/25/2011 3:26:26 PM | Computer Name = HOME-1157E821BE | Source = Application Error | ID = 1000
Description = Faulting application drwtsn32.exe, version 5.1.2600.0, faulting module
dbghelp.dll, version 5.1.2600.2180, fault address 0x0001295d.

Error - 12/25/2011 3:26:31 PM | Computer Name = HOME-1157E821BE | Source = Application Error | ID = 1001
Description = Fault bucket 00733296.

Error - 12/25/2011 4:40:42 PM | Computer Name = HOME-1157E821BE | Source = Userenv | ID = 1041
Description = Windows cannot query DllName registry entry for {7B849a69-220F-451E-B3FE-2CB811AF94AE}
and it will not be loaded. This is most likely caused by a faulty registration.

Error - 12/25/2011 4:40:42 PM | Computer Name = HOME-1157E821BE | Source = Userenv | ID = 1041
Description = Windows cannot query DllName registry entry for {CF7639F3-ABA2-41DB-97F2-81E2C5DBFC5D}
and it will not be loaded. This is most likely caused by a faulty registration.

Error - 12/25/2011 4:40:42 PM | Computer Name = HOME-1157E821BE | Source = Userenv | ID = 1041
Description = Windows cannot query DllName registry entry for {7B849a69-220F-451E-B3FE-2CB811AF94AE}
and it will not be loaded. This is most likely caused by a faulty registration.

Error - 12/25/2011 4:40:42 PM | Computer Name = HOME-1157E821BE | Source = Userenv | ID = 1041
Description = Windows cannot query DllName registry entry for {CF7639F3-ABA2-41DB-97F2-81E2C5DBFC5D}
and it will not be loaded. This is most likely caused by a faulty registration.

[ Application Events ]
Error - 12/25/2011 3:23:11 PM | Computer Name = HOME-1157E821BE | Source = Userenv | ID = 1041
Description = Windows cannot query DllName registry entry for {7B849a69-220F-451E-B3FE-2CB811AF94AE}
and it will not be loaded. This is most likely caused by a faulty registration.

Error - 12/25/2011 3:23:11 PM | Computer Name = HOME-1157E821BE | Source = Userenv | ID = 1041
Description = Windows cannot query DllName registry entry for {CF7639F3-ABA2-41DB-97F2-81E2C5DBFC5D}
and it will not be loaded. This is most likely caused by a faulty registration.

Error - 12/25/2011 3:24:49 PM | Computer Name = HOME-1157E821BE | Source = Application Error | ID = 1000
Description = Faulting application explorer.exe, version 6.0.2900.2180, faulting
module unknown, version 0.0.0.0, fault address 0x42315bbb.

Error - 12/25/2011 3:26:04 PM | Computer Name = HOME-1157E821BE | Source = Application Error | ID = 1001
Description = Fault bucket 646499498.

Error - 12/25/2011 3:26:26 PM | Computer Name = HOME-1157E821BE | Source = Application Error | ID = 1000
Description = Faulting application drwtsn32.exe, version 5.1.2600.0, faulting module
dbghelp.dll, version 5.1.2600.2180, fault address 0x0001295d.

Error - 12/25/2011 3:26:31 PM | Computer Name = HOME-1157E821BE | Source = Application Error | ID = 1001
Description = Fault bucket 00733296.

Error - 12/25/2011 4:40:42 PM | Computer Name = HOME-1157E821BE | Source = Userenv | ID = 1041
Description = Windows cannot query DllName registry entry for {7B849a69-220F-451E-B3FE-2CB811AF94AE}
and it will not be loaded. This is most likely caused by a faulty registration.

Error - 12/25/2011 4:40:42 PM | Computer Name = HOME-1157E821BE | Source = Userenv | ID = 1041
Description = Windows cannot query DllName registry entry for {CF7639F3-ABA2-41DB-97F2-81E2C5DBFC5D}
and it will not be loaded. This is most likely caused by a faulty registration.

Error - 12/25/2011 4:40:42 PM | Computer Name = HOME-1157E821BE | Source = Userenv | ID = 1041
Description = Windows cannot query DllName registry entry for {7B849a69-220F-451E-B3FE-2CB811AF94AE}
and it will not be loaded. This is most likely caused by a faulty registration.

Error - 12/25/2011 4:40:42 PM | Computer Name = HOME-1157E821BE | Source = Userenv | ID = 1041
Description = Windows cannot query DllName registry entry for {CF7639F3-ABA2-41DB-97F2-81E2C5DBFC5D}
and it will not be loaded. This is most likely caused by a faulty registration.

[ System Events ]
Error - 12/25/2011 4:19:08 PM | Computer Name = HOME-1157E821BE | Source = Service Control Manager | ID = 7034
Description = The NVIDIA Display Driver Service service terminated unexpectedly.
It has done this 1 time(s).

Error - 12/25/2011 4:40:30 PM | Computer Name = HOME-1157E821BE | Source = Dhcp | ID = 1002
Description = The IP address lease 192.168.1.2 for the Network Card with network
address 00104B07DB26 has been denied by the DHCP server 192.168.1.1 (The DHCP Server
sent a DHCPNACK message).

Error - 12/25/2011 4:41:11 PM | Computer Name = HOME-1157E821BE | Source = Service Control Manager | ID = 7009
Description = Timeout (30000 milliseconds) waiting for the AG Core Services service
to connect.

Error - 12/25/2011 4:41:11 PM | Computer Name = HOME-1157E821BE | Source = Service Control Manager | ID = 7000
Description = The AG Core Services service failed to start due to the following
error: %%1053

Error - 12/25/2011 4:41:11 PM | Computer Name = HOME-1157E821BE | Source = Service Control Manager | ID = 7000
Description = The MySQL service failed to start due to the following error: %%3

Error - 12/25/2011 4:41:11 PM | Computer Name = HOME-1157E821BE | Source = Service Control Manager | ID = 7000
Description = The Airytec Switch Off - Task Scheduler service failed to start due
to the following error: %%2

Error - 12/25/2011 4:41:11 PM | Computer Name = HOME-1157E821BE | Source = Service Control Manager | ID = 7000
Description = The Airytec Switch Off - Web Interface service failed to start due
to the following error: %%2

Error - 12/25/2011 4:42:50 PM | Computer Name = HOME-1157E821BE | Source = SideBySide | ID = 16842784
Description = Dependent Assembly Microsoft.VC80.CRT could not be found and Last
Error was The referenced assembly is not installed on your system.

Error - 12/25/2011 4:42:51 PM | Computer Name = HOME-1157E821BE | Source = SideBySide | ID = 16842811
Description = Resolve Partial Assembly failed for Microsoft.VC80.CRT. Reference error
message: The referenced assembly is not installed on your system. .

Error - 12/25/2011 4:42:51 PM | Computer Name = HOME-1157E821BE | Source = SideBySide | ID = 16842811
Description = Generate Activation Context failed for D:\PROGRA~1\Yahoo!\Messenger\YahooMessenger.exe.
Reference
error message: The operation completed successfully. .


< End of report >
  • 0

#18
RKinner

RKinner

    Malware Expert

  • Expert
  • 19,797 posts
  • MVP
I had a typo in the OTL script. Can you do it again:

Copy the text in the code box:

/md5start
DMIcall.sys
beep.sys
Netshell.dll
netcfgx.dll
Netman.dll
connect.dll
mswsock.dll
mmswsock.dll 
dxgthk.sys
ntdll.dll
atapi.sys 
/md5stop


Run OTL (Vista or Win 7 => right click and Run As Administrator)

Paste (Ctrl + v) the copied text in the box where it says Custom Scan/Fixes

Hit Run Scan. Please copy and paste only the OTL log.
  • 0

#19
Ali Butt

Ali Butt

    Member

  • Topic Starter
  • Member
  • PipPip
  • 24 posts
this is the new otl scan report with u ask.
but why i am still unable to run the second combo fix scan, scan has been running for almost 2 hours but still no response from combo fix.
  • 0

#20
Ali Butt

Ali Butt

    Member

  • Topic Starter
  • Member
  • PipPip
  • 24 posts
OTL logfile created on: 12/26/2011 12:21:50 PM - Run 3
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Documents and Settings\ALI BUTT\Desktop
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

510.98 Mb Total Physical Memory | 347.40 Mb Available Physical Memory | 67.99% Memory free
980.45 Mb Paging File | 615.49 Mb Available in Paging File | 62.78% Paging File free
Paging file location(s): C:\pagefile.sys 500 700 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 19.53 Gb Total Space | 10.23 Gb Free Space | 52.39% Space Free | Partition Type: NTFS
Drive D: | 9.76 Gb Total Space | 3.28 Gb Free Space | 33.59% Space Free | Partition Type: FAT32
Drive E: | 7.94 Gb Total Space | 1.52 Gb Free Space | 19.15% Space Free | Partition Type: FAT32

Computer Name: HOME-1157E821BE | User Name: ALI BUTT | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/12/26 11:23:24 | 000,388,608 | R--- | M] () -- C:\ComboFix\CF12513.3XE
PRC - [2011/12/26 00:18:43 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\ALI BUTT\Desktop\OTL.exe
PRC - [2011/12/03 01:22:12 | 002,415,456 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgtray.exe
PRC - [2011/11/28 01:19:04 | 001,229,664 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgnsx.exe
PRC - [2011/10/12 06:25:22 | 004,433,248 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe
PRC - [2011/10/10 06:23:34 | 000,973,664 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgemcx.exe
PRC - [2011/09/08 20:53:26 | 000,743,264 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgrsx.exe
PRC - [2011/08/15 06:21:40 | 000,337,760 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgcsrvx.exe
PRC - [2011/08/02 06:09:08 | 000,192,776 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgwdsvc.exe
PRC - [2004/08/04 05:56:50 | 001,032,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe


========== Modules (No Company Name) ==========

MOD - [2011/12/26 11:23:24 | 000,388,608 | R--- | M] () -- C:\ComboFix\CF12513.3XE
MOD - [2008/05/16 14:01:00 | 000,466,944 | ---- | M] () -- C:\WINDOWS\system32\nvshell.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- -- (SwOffWeb)
SRV - File not found [Auto | Stopped] -- -- (SwOffScheduler)
SRV - File not found [Auto | Stopped] -- -- (MySQL)
SRV - File not found [Disabled | Stopped] -- -- (HidServ)
SRV - [2011/12/19 15:37:13 | 000,869,216 | ---- | M] () [Auto | Stopped] -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\9.0.1\ToolbarUpdater.exe -- (vToolbarUpdater)
SRV - [2011/10/30 00:55:32 | 000,072,704 | ---- | M] (SRS Labs) [On_Demand | Stopped] -- C:\Program Files\Common Files\SRS Labs Shared\Service\srslabslicenseservice.exe -- (SRS Labs License Service)
SRV - [2011/10/12 06:25:22 | 004,433,248 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe -- (AVGIDSAgent)
SRV - [2011/08/31 17:00:48 | 000,366,152 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- d:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2011/08/02 06:09:08 | 000,192,776 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2012\avgwdsvc.exe -- (avgwd)
SRV - [2011/04/12 02:44:44 | 000,112,800 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\WINDOWS\system32\IPROSetMonitor.exe -- (Intel® PROSet Monitoring Service) Intel®
SRV - [2010/06/29 08:04:18 | 000,020,480 | ---- | M] (AG Interactive) [Auto | Stopped] -- C:\Program Files\AGI\core\4.2.0.10754\AGCoreService.exe -- (AGCoreService)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Running] -- -- (catchme)
DRV - [2011/10/07 06:23:48 | 000,230,608 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgldx86.sys -- (Avgldx86)
DRV - [2011/10/04 06:21:42 | 000,016,720 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AVGIDSShim.sys -- (AVGIDSShim)
DRV - [2011/09/21 08:09:28 | 000,271,360 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\atksgt.sys -- (atksgt)
DRV - [2011/09/21 08:09:24 | 000,018,048 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\lirsgt.sys -- (lirsgt)
DRV - [2011/09/13 06:30:10 | 000,032,592 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\avgrkx86.sys -- (Avgrkx86)
DRV - [2011/08/31 17:00:50 | 000,022,216 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2011/08/08 06:08:58 | 000,040,016 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\avgmfx86.sys -- (Avgmfx86)
DRV - [2011/07/11 01:14:38 | 000,295,248 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgtdix.sys -- (Avgtdix)
DRV - [2011/07/11 01:14:28 | 000,024,272 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AVGIDSFilter.sys -- (AVGIDSFilter)
DRV - [2011/07/11 01:14:28 | 000,023,120 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\AVGIDSEH.Sys -- (AVGIDSEH)
DRV - [2011/07/11 01:14:26 | 000,134,608 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AVGIDSDriver.sys -- (AVGIDSDriver)
DRV - [2011/07/06 20:14:42 | 000,101,616 | ---- | M] (Tonec Inc.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\idmtdi.sys -- (IDMTDI)
DRV - [2010/12/08 06:34:30 | 000,030,368 | ---- | M] (Intel Corporation ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\iqvw32.sys -- (NAL)
DRV - [2008/01/05 00:00:00 | 000,054,008 | ---- | M] (WinAbility® Software Corporation) [Kernel | Auto | Running] -- E:\Program Files\folder guard\Folder Guard\FGUARD32.SYS -- (FGUARD32)
DRV - [2006/10/09 10:18:10 | 000,034,048 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SRS_SSCFilter.sys -- (SRS_SSCFilter) SRS Labs Audio Sandbox (WDM)
DRV - [2001/08/17 17:11:06 | 000,066,591 | ---- | M] (3Com Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\el90xbc5.sys -- (EL90XBC)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = CC 27 0B AC 87 C2 CC 01 [binary data]
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "www.google.com"
FF - prefs.js..network.proxy.type: 0

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.450: D:\installd\real\Real Alternative\browser\plugins\nppl3260.dll File not found
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.448: D:\installd\real\Real Alternative\browser\plugins\nprpjplug.dll File not found
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=1.1.11: e:\Program Files\VideoLAN\VLC\npvlc.dll (the VideoLAN Team)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\ALI BUTT\Local Settings\Application Data\Google\Update\1.3.21.65\npGoogleUpdate3.dll File not found
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\ALI BUTT\Local Settings\Application Data\Google\Update\1.3.21.65\npGoogleUpdate3.dll File not found
FF - HKCU\Software\MozillaPlugins\@yahoo.com/BrowserPlus,version=2.9.8: C:\Documents and Settings\ALI BUTT\Local Settings\Application Data\Yahoo!\BrowserPlus\2.9.8\Plugins\npybrowserplus_2.9.8.dll (Yahoo! Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\[email protected]: C:\Program Files\SearchPredict\PRFireFox
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{0329E7D6-6F54-462D-93F6-F5C3118BADF2}: C:\Program Files\SpeedBit Video Downloader\SPFireFox
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files\AVG\AVG2012\Firefox4\ [2011/12/23 11:41:42 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Components: e:\Program Files\Mozilla Firefox\components [2011/12/25 15:25:38 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Plugins: e:\Program Files\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Documents and Settings\ALI BUTT\Application Data\IDM\idmmzcc5 [2011/10/30 15:56:06 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\SeaMonkey\Extensions\\[email protected]: C:\Documents and Settings\ALI BUTT\Application Data\IDM\idmmzcc5 [2011/10/30 15:56:06 | 000,000,000 | ---D | M]

[2011/12/25 15:25:52 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\ALI BUTT\Application Data\Mozilla\Extensions
[2011/12/26 03:48:45 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\ALI BUTT\Application Data\Mozilla\Firefox\Profiles\cvwv2kj8.default\extensions
[2011/12/25 22:24:46 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF

Hosts file not found
O2 - BHO: (IDM integration (IDMIEHlprObj Class)) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - E:\idm\Internet Download Manager\IDMIECC.dll (Internet Download Manager, Tonec Inc.)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG2012\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\9.0.0.22\AVG Secure Search_toolbar.dll ()
O2 - BHO: (no name) - {c8d5d964-2be8-4c5b-8cf5-6e975aa88504} - No CLSID value found.
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\9.0.0.22\AVG Secure Search_toolbar.dll ()
O3 - HKLM\..\Toolbar: (no name) - {97ab88ef-346b-4179-a0b1-7445896547a5} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {0329E7D6-6F54-462D-93F6-F5C3118BADF2} - No CLSID value found.
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [FG_Monitor] E:\Program Files\folder guard\Folder Guard\FGKey.exe (WinAbility® Software Corporation)
O4 - HKLM..\Run: [IMMON] e:\Program Files\IM Magician\Vicamon.exe (Vimisoft Studio)
O4 - HKLM..\Run: [IMMONSUPPORT] e:\Program Files\IM Magician\vmonproc.exe (Vimisoft Studio)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] d:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [USB Security] e:\Program Files\USB Disk Security\USBGuard.exe (Zbshareware Lab)
O4 - HKLM..\Run: [vProt] C:\Program Files\AVG Secure Search\vprot.exe ()
O4 - HKCU..\Run: [IDMan] E:\idm\Internet Download Manager\IDMan.exe (Tonec Inc.)
O4 - HKCU..\Run: [Messenger (Yahoo!)] d:\Program Files\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
O4 - HKCU..\Run: [SRS Audio Sandbox] E:\Program Files\SRS Labs\Audio Sandbox\SRSSSC.exe (SRS Labs, Inc.)
O4 - Startup: C:\Documents and Settings\ALI BUTT\Start Menu\Programs\Startup\Webshots.lnk = C:\Program Files\Webshots\3.1.5.7619\Launcher.exe (Webshots.com)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Download all links with IDM - E:\idm\Internet Download Manager\IEGetAll.htm ()
O8 - Extra context menu item: Download with IDM - E:\idm\Internet Download Manager\IEExt.htm ()
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_30)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E6143302-4981-49E1-9A13-51FB471FCDFE}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\9.0.1\ViProtocol.dll ()
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\ALI BUTT\Application Data\Webshots\The Webshots Desktop\Webshots Wallpaper.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011/05/30 09:19:11 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG2012\avgrsx.exe /sync /restart)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/12/26 11:23:47 | 000,000,000 | --SD | C] -- C:\ComboFix
[2011/12/26 11:09:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AGI
[2011/12/26 04:39:32 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\ALI BUTT\Recent
[2011/12/26 03:32:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\ALI BUTT\Desktop\New Folder
[2011/12/26 02:21:06 | 000,000,000 | ---D | C] -- C:\Program Files\MSBuild
[2011/12/26 02:20:47 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\XPSViewer
[2011/12/26 02:20:25 | 000,000,000 | ---D | C] -- C:\Program Files\Reference Assemblies
[2011/12/26 02:17:35 | 000,014,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spmsg2.dll
[2011/12/26 01:52:20 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\URTTEMP
[2011/12/26 00:29:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/12/26 00:29:32 | 000,022,216 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2011/12/26 00:28:43 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2011/12/26 00:18:35 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\ALI BUTT\Desktop\OTL.exe
[2011/12/26 00:15:49 | 009,852,544 | ---- | C] (Malwarebytes Corporation ) -- C:\Documents and Settings\ALI BUTT\Desktop\mbam-setup-1.51.2.1300.exe
[2011/12/25 23:56:18 | 001,918,464 | ---- | C] (AVAST Software) -- C:\Documents and Settings\ALI BUTT\Desktop\aswMBR.exe
[2011/12/25 23:52:44 | 001,578,288 | ---- | C] (Kaspersky Lab ZAO) -- C:\Documents and Settings\ALI BUTT\Desktop\TDSSKiller.exe
[2011/12/25 23:29:02 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2011/12/25 23:26:11 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2011/12/25 23:26:11 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2011/12/25 23:26:11 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2011/12/25 23:26:11 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2011/12/25 23:25:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2011/12/25 23:25:41 | 000,000,000 | ---D | C] -- C:\Qoobox
[2011/12/25 23:22:01 | 004,352,130 | R--- | C] (Swearware) -- C:\Documents and Settings\ALI BUTT\Desktop\ComboFix.exe
[2011/12/25 22:35:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\ALI BUTT\Start Menu\Programs\Essentials Codec Pack
[2011/12/25 22:31:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\ALI BUTT\Application Data\Nullsoft
[2011/12/25 22:25:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Sun
[2011/12/25 22:25:42 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2011/12/25 22:25:10 | 000,073,728 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl
[2011/12/25 22:25:09 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2011/12/25 22:25:08 | 000,149,280 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2011/12/25 22:25:08 | 000,149,280 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2011/12/25 22:24:23 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2011/12/25 21:15:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\PlayFirst
[2011/12/25 20:44:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\GoBit Games
[2011/12/25 20:44:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\MFAData
[2011/12/25 20:41:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Zbshareware Lab
[2011/12/25 17:05:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\ALI BUTT\Application Data\Sun
[2011/12/25 15:52:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\ALI BUTT\Application Data\Malwarebytes
[2011/12/25 15:51:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2011/12/25 15:39:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Adobe
[2011/12/25 15:38:42 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe
[2011/12/25 15:38:30 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe AIR
[2011/12/25 15:38:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\ALI BUTT\Local Settings\Application Data\Adobe
[2011/12/25 15:34:17 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Adobe
[2011/12/25 15:32:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\ALI BUTT\Application Data\Adobe
[2011/12/25 15:32:22 | 000,414,368 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2011/12/25 15:25:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\ALI BUTT\Application Data\Mozilla
[2011/12/25 14:09:16 | 000,000,000 | ---D | C] -- C:\WINDOWS\RegAce
[2011/12/22 23:32:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\ALI BUTT\Application Data\Yahoo!
[2011/12/22 23:31:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Yahoo! Messenger
[2011/12/22 23:31:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Yahoo!
[2011/12/21 21:38:19 | 000,000,000 | ---D | C] -- C:\WINDOWS\Minidump
[2011/12/21 20:31:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\A4Tech IM Magician
[2011/12/21 20:30:27 | 000,450,560 | ---- | C] (FotoFan) -- C:\WINDOWS\System32\newlistview2.dll
[2011/12/21 20:30:27 | 000,077,824 | ---- | C] (FotoFan Studio) -- C:\WINDOWS\System32\vgf.dll
[2011/12/21 20:30:26 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Vimisoft Studio
[2011/12/21 19:52:09 | 000,109,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\VidCap32.exe
[2011/12/21 19:51:21 | 000,102,400 | ---- | C] (Meta Media Inc) -- C:\WINDOWS\MMVEM.EXE
[2011/12/21 19:51:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\ALI BUTT\Start Menu\Programs\VP-EYE
[2011/12/21 19:48:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\ALI BUTT\Application Data\Vimisoft Studio
[2011/12/21 19:48:16 | 000,309,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmv8dmod.dll
[2011/12/21 19:48:16 | 000,245,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mp4sds32.ax
[2011/12/21 19:47:38 | 000,000,000 | ---D | C] -- C:\WINDOWS\RegisteredPackages
[2011/12/21 19:47:27 | 000,000,000 | ---D | C] -- C:\Program Files\Vimicro Corporation
[2011/12/21 19:41:12 | 000,005,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstee.sys
[2011/12/21 19:41:07 | 000,010,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ndisip.sys
[2011/12/21 19:41:04 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ipsink.ax
[2011/12/21 19:41:04 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ipsink.ax
[2011/12/21 19:41:04 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\streamip.sys
[2011/12/21 19:41:00 | 000,011,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\slip.sys
[2011/12/21 19:40:56 | 000,019,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wstcodec.sys
[2011/12/21 19:40:51 | 000,085,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nabtsfec.sys
[2011/12/21 19:40:48 | 000,017,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ccdecode.sys
[2011/12/21 19:40:34 | 000,059,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbaudio.sys
[2011/12/21 19:40:19 | 000,090,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kswdmcap.ax
[2011/12/21 19:40:19 | 000,090,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kswdmcap.ax
[2011/12/21 19:40:19 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\vidcap.ax
[2011/12/21 19:40:19 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\vidcap.ax
[2011/12/21 19:40:18 | 000,078,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbvideo.sys
[2011/12/21 19:40:18 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kstvtune.ax
[2011/12/21 19:40:18 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kstvtune.ax
[2011/12/21 19:40:18 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\vfwwdm32.dll
[2011/12/21 19:40:18 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\vfwwdm32.dll
[2011/12/21 19:40:17 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ksxbar.ax
[2011/12/21 19:40:17 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ksxbar.ax
[2011/12/21 19:40:17 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dshowext.ax
[2011/12/21 19:40:17 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dshowext.ax
[2011/12/21 19:40:10 | 000,031,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbccgp.sys
[2011/12/19 17:38:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\ALI BUTT\Start Menu\Programs\XIII - Lost Identity
[2011/12/19 15:37:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AVG Secure Search
[2011/12/14 22:13:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\ALI BUTT\Local Settings\Application Data\Help
[2011/12/14 22:13:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\ALI BUTT\Application Data\Help
[2011/12/13 00:23:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\Drivers
[2011/12/12 23:44:30 | 000,000,000 | -HSD | C] -- C:\WINDOWS\CSC
[2011/12/12 23:23:00 | 000,021,992 | ---- | C] (CPUID) -- C:\WINDOWS\System32\drivers\cpuz135_x32.sys
[2011/12/12 23:23:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\CPUID
[2011/12/12 23:01:04 | 000,012,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mouhid.sys
[2011/12/12 23:00:59 | 000,009,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hidusb.sys
[2011/12/04 22:29:20 | 000,000,000 | ---D | C] -- C:\$AVG
[2011/12/04 17:17:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\ALI BUTT\My Documents\Telltale Games
[2011/12/04 17:13:34 | 000,000,000 | ---D | C] -- C:\WINDOWS\Puzzle Agent 2
[2011/11/29 01:43:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\ALI BUTT\My Documents\New(2)
[2011/11/29 01:14:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\ALI BUTT\Application Data\AVG
[2011/11/29 00:46:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\ALI BUTT\Application Data\AVG2012
[2011/11/29 00:44:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\AVG 2012
[2011/11/29 00:43:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\ALI BUTT\Application Data\AVG Secure Search
[2011/11/29 00:43:42 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\AVG Secure Search
[2011/11/29 00:43:41 | 000,000,000 | ---D | C] -- C:\Program Files\AVG Secure Search
[2011/11/29 00:42:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AVG2012
[2011/11/29 00:42:18 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\AVG
[2011/11/29 00:40:47 | 000,000,000 | ---D | C] -- C:\Program Files\AVG
[2011/11/26 13:52:04 | 000,000,000 | R--D | C] -- C:\Documents and Settings\ALI BUTT\My Documents\My Videos
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/12/26 11:25:06 | 085,194,043 | ---- | M] () -- C:\WINDOWS\System32\drivers\AVG\incavi.avm
[2011/12/26 11:22:59 | 004,352,130 | R--- | M] (Swearware) -- C:\Documents and Settings\ALI BUTT\Desktop\ComboFix.exe
[2011/12/26 11:16:57 | 000,181,020 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2011/12/26 11:16:10 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/12/26 04:23:15 | 000,286,112 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011/12/26 02:25:36 | 000,517,338 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011/12/26 02:25:36 | 000,093,844 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011/12/26 00:29:38 | 000,000,554 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/12/26 00:18:43 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\ALI BUTT\Desktop\OTL.exe
[2011/12/26 00:17:32 | 009,852,544 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\ALI BUTT\Desktop\mbam-setup-1.51.2.1300.exe
[2011/12/26 00:13:06 | 000,000,512 | ---- | M] () -- C:\MBR.dat
[2011/12/25 23:56:41 | 001,918,464 | ---- | M] (AVAST Software) -- C:\Documents and Settings\ALI BUTT\Desktop\aswMBR.exe
[2011/12/25 23:29:09 | 000,000,327 | RHS- | M] () -- C:\boot.ini
[2011/12/25 22:36:29 | 000,000,354 | ---- | M] () -- C:\WINDOWS\tasks\Windows Codec Update Service.job
[2011/12/25 22:36:06 | 000,000,597 | ---- | M] () -- C:\Documents and Settings\ALI BUTT\Desktop\Media Player Classic.lnk
[2011/12/25 22:24:45 | 000,157,472 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2011/12/25 22:24:45 | 000,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2011/12/25 22:24:45 | 000,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2011/12/25 22:24:45 | 000,073,728 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl
[2011/12/25 22:24:44 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deployJava1.dll
[2011/12/25 15:32:22 | 000,414,368 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2011/12/25 15:25:44 | 000,000,510 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2011/12/25 15:25:44 | 000,000,510 | ---- | M] () -- C:\Documents and Settings\ALI BUTT\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2011/12/25 14:41:42 | 000,085,402 | ---- | M] () -- C:\Documents and Settings\ALI BUTT\My Documents\bookmarks-2011-12-25.json
[2011/12/25 04:16:06 | 000,013,985 | ---- | M] () -- C:\Documents and Settings\ALI BUTT\My Documents\The_Darjeeling_Limited_(2007)_720p_BRRip_suN_sujaidr.6817706.TPB.torrent
[2011/12/25 04:12:39 | 000,014,005 | ---- | M] () -- C:\Documents and Settings\ALI BUTT\My Documents\The_Inbetweeners_movie_2011_Extended_Cut_720p_BRrip_scOrp_sujaid.6884992.TPB.torrent
[2011/12/25 04:11:08 | 000,014,492 | ---- | M] () -- C:\Documents and Settings\ALI BUTT\My Documents\O_Brother_Where_Art_Thou_2000_720p_BRrip_scOrp_sujaidr.6893079.TPB.torrent
[2011/12/25 04:05:20 | 000,016,555 | ---- | M] () -- C:\Documents and Settings\ALI BUTT\My Documents\A_Separation_(2011)_720p_BRrip_sujaidr.6904198.TPB.torrent
[2011/12/25 02:54:18 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/12/23 19:52:26 | 001,578,288 | ---- | M] (Kaspersky Lab ZAO) -- C:\Documents and Settings\ALI BUTT\Desktop\TDSSKiller.exe
[2011/12/23 11:41:42 | 000,000,702 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\AVG 2012.lnk
[2011/12/23 00:10:56 | 000,173,568 | ---- | M] () -- C:\Documents and Settings\ALI BUTT\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/12/22 23:31:17 | 000,000,572 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Yahoo! Messenger.lnk
[2011/12/22 23:31:17 | 000,000,572 | ---- | M] () -- C:\Documents and Settings\ALI BUTT\Application Data\Microsoft\Internet Explorer\Quick Launch\Yahoo! Messenger.lnk
[2011/12/21 20:31:33 | 000,000,490 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\IM Magician.lnk
[2011/12/21 19:51:03 | 000,000,649 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\VP-EYE 6.0.lnk
[2011/12/20 00:38:41 | 000,014,220 | ---- | M] () -- C:\Documents and Settings\ALI BUTT\My Documents\Mystic_River__2003__720p_BrRip_mkv___655MB___YIFY.torrent
[2011/12/20 00:35:15 | 000,017,169 | ---- | M] () -- C:\Documents and Settings\ALI BUTT\My Documents\Letters_from_Iwo_Jima__2006__720p__BRRip__MRShanku_Silver_RG.torrent
[2011/12/19 18:26:17 | 000,051,787 | ---- | M] () -- C:\WINDOWS\System32\drivers\AVG\iavichjg.avm
[2011/12/19 17:44:31 | 000,014,764 | ---- | M] () -- C:\Documents and Settings\ALI BUTT\My Documents\NOVO_2002_PARENTE_DVD_RIP_XVID.torrent
[2011/12/19 17:38:20 | 000,000,741 | ---- | M] () -- C:\Documents and Settings\ALI BUTT\Desktop\XIII - Lost Identity.lnk
[2011/12/19 01:08:45 | 000,018,018 | ---- | M] () -- C:\Documents and Settings\ALI BUTT\My Documents\Burning_Palms__2010__720p__BRRip__MRShanku_Silver_RG.torrent
[2011/12/17 12:33:27 | 000,014,018 | ---- | M] () -- C:\Documents and Settings\ALI BUTT\My Documents\The_Curious_Case_of_Benjamin_Button_(2008)_650mb_720p_-_YIFY.6116188.TPB.torrent
[2011/12/17 12:23:34 | 000,066,668 | ---- | M] () -- C:\Documents and Settings\ALI BUTT\My Documents\The_Departed_(2006)_-_BRRip_-_720p_-_x264_-_MKV_by_RiddlerA.5838338.TPB.torrent
[2011/12/17 12:15:06 | 000,023,018 | ---- | M] () -- C:\Documents and Settings\ALI BUTT\My Documents\Das.Boot.[The.Boat].Original.Uncut.1981.DVDRip.H264.AAC.Gopo..6071769.TPB.torrent
[2011/12/17 11:59:25 | 000,073,137 | ---- | M] () -- C:\Documents and Settings\ALI BUTT\My Documents\Munich[2005]DvDrip[Eng]-aXXo.4320529.TPB.torrent
[2011/12/17 00:58:41 | 000,016,835 | ---- | M] () -- C:\Documents and Settings\ALI BUTT\My Documents\Bunraku_2010_720p_BRrip_ShAaNiG_sujaidr.torrent
[2011/12/16 17:21:53 | 000,015,128 | ---- | M] () -- C:\Documents and Settings\ALI BUTT\My Documents\Lars_von_Trier_-_Manderlay_(2005).4995399.TPB.torrent
[2011/12/16 16:55:42 | 000,000,978 | ---- | M] () -- C:\Documents and Settings\ALI BUTT\Desktop\Shortcut to coed11.exe.lnk
[2011/12/16 16:31:26 | 000,028,897 | ---- | M] () -- C:\Documents and Settings\ALI BUTT\My Documents\Habemus_Papam_[We_Have_a_Pope](EngSubs_DVDrip)_2011.6773241.TPB.torrent
[2011/12/16 12:35:40 | 000,000,777 | ---- | M] () -- C:\Documents and Settings\ALI BUTT\Start Menu\Programs\Startup\Webshots.lnk
[2011/12/15 16:25:24 | 000,083,883 | ---- | M] () -- C:\Documents and Settings\ALI BUTT\My Documents\Land_of_plenty_KLAXXON.torrent
[2011/12/15 13:47:15 | 000,111,560 | ---- | M] () -- C:\Documents and Settings\ALI BUTT\My Documents\Diary.of.A .Addict(2001)DVDRip.aaaevilacharya.6062160.TPB.torrent
[2011/12/15 13:41:57 | 000,020,636 | ---- | M] () -- C:\Documents and Settings\ALI BUTT\My Documents\The_Borgias_-_SEASON_1_Complete_480p_x264_-_BoB.6454225.TPB.torrent
[2011/12/15 12:51:26 | 000,014,940 | ---- | M] () -- C:\Documents and Settings\ALI BUTT\My Documents\[kat.ph]post.coitum.2004.dvdrip.torrent
[2011/12/15 03:57:25 | 000,014,570 | ---- | M] () -- C:\Documents and Settings\ALI BUTT\My Documents\[kat.ph]the.united.states.of.leland.dvdrip.torrent
[2011/12/15 01:36:43 | 000,014,998 | ---- | M] () -- C:\Documents and Settings\ALI BUTT\My Documents\Death_In_Love_2008_DVDRip_XviD_aAF.torrent
[2011/12/14 02:00:33 | 000,016,049 | ---- | M] () -- C:\Documents and Settings\ALI BUTT\My Documents\Mother_and_Child_(2009)_720p_mkv_x264_-_750MB_-_YIFY.6154744.TPB.torrent
[2011/12/14 01:43:12 | 000,014,972 | ---- | M] () -- C:\Documents and Settings\ALI BUTT\My Documents\Lost_in_Translation__2003__720p_BrRip_x264___700MB___YIFY.torrent
[2011/12/13 13:59:55 | 000,014,582 | ---- | M] () -- C:\Documents and Settings\ALI BUTT\My Documents\Wings_of_Desire_DVDRip_XviD_InFeCtiouS(ENG_SUBS)[ExtraTorrent].5554173.TPB.torrent
[2011/12/13 13:53:08 | 000,015,350 | ---- | M] () -- C:\Documents and Settings\ALI BUTT\My Documents\Haevnen(2010)(In_a_Better_World)DVDRip_nl_subs_Nlt-Release(Divx).6580282.TPB.torrent
[2011/12/13 13:46:16 | 000,028,803 | ---- | M] () -- C:\Documents and Settings\ALI BUTT\My Documents\Goodbye_Lenin___2003_avi_torrent.torrent
[2011/12/13 13:36:16 | 000,016,286 | ---- | M] () -- C:\Documents and Settings\ALI BUTT\My Documents\Chico_and_Rita_(2010)_BRRip_720p_x264_-MitZep_(PhoenixRG)_.6447274.TPB.torrent
[2011/12/13 13:25:27 | 000,029,483 | ---- | M] () -- C:\Documents and Settings\ALI BUTT\My Documents\The_Inbetweeners_2011_Extended_BDRIP_XVID_-_SCR0N.6883209.TPB.torrent
[2011/12/12 23:23:11 | 000,000,517 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\CPUID CPU-Z.lnk
[2011/12/12 14:18:51 | 000,017,392 | ---- | M] () -- C:\Documents and Settings\ALI BUTT\My Documents\Walk_the_Line__2005___Extended_Cut__720p_x264__TYNYFYD_.torrent
[2011/12/12 14:07:38 | 000,256,634 | ---- | M] () -- C:\Documents and Settings\ALI BUTT\My Documents\Up_in_the_Air[2009]DvDrip[Eng]-FXG.5379168.TPB.torrent
[2011/12/12 13:44:55 | 000,056,873 | ---- | M] () -- C:\Documents and Settings\ALI BUTT\My Documents\Rescue.Dawn[2007]DvDrip[Eng]-aXXo.3882591.TPB.torrent
[2011/12/12 10:54:38 | 000,018,322 | ---- | M] () -- C:\Documents and Settings\ALI BUTT\My Documents\Kieslowski_-_Dekalog.4592132.TPB.torrent
[2011/12/12 03:40:43 | 000,035,993 | ---- | M] () -- C:\Documents and Settings\ALI BUTT\My Documents\_drama_politics)_Another_Way_[Egymasra_nezve]_EngSub_Div.4142403.TPB.torrent
[2011/12/12 03:34:23 | 000,015,291 | ---- | M] () -- C:\Documents and Settings\ALI BUTT\My Documents\The.Ron.Clark.Story.DVDRiP.XViD-DvF.4505329.TPB.torrent
[2011/12/09 17:45:35 | 000,012,985 | ---- | M] () -- C:\Documents and Settings\ALI BUTT\My Documents\Catch_44_2011_720p_BRrip_scOrp_sujaidr.6862257.TPB.torrent
[2011/12/09 17:43:44 | 000,019,681 | ---- | M] () -- C:\Documents and Settings\ALI BUTT\Desktop\Turn_Me_On__Dammit__(2011)_720p_BRrip_sujaidr.6863611.TPB.torrent
[2011/12/08 23:01:05 | 000,057,001 | ---- | M] () -- C:\Documents and Settings\ALI BUTT\My Documents\The_Darjeeling_Limited[2007]DvDrip[Eng]-FXG.4027350.TPB.torrent
[2011/12/07 11:14:29 | 000,014,358 | ---- | M] () -- C:\Documents and Settings\ALI BUTT\My Documents\Hamlet_(1990)_MEL_GIBSON.GLENN_CLOSE.5131879.TPB.torrent
[2011/12/07 00:13:19 | 000,016,336 | ---- | M] () -- C:\Documents and Settings\ALI BUTT\My Documents\Synecdoche_New_York_(2008)_720p_BrRip_x264_-_750MB_-_YIFY.6867426.TPB.torrent
[2011/12/06 00:10:03 | 000,014,932 | ---- | M] () -- C:\Documents and Settings\ALI BUTT\My Documents\SOUND_OF_NOISE__2010__DVD_Rip_Xvid__StB_.torrent
[2011/12/06 00:05:50 | 000,016,868 | ---- | M] () -- C:\Documents and Settings\ALI BUTT\My Documents\Paula-Paula[2010][DVDRip][spanish].6271832.TPB.torrent
[2011/12/04 17:51:39 | 000,032,557 | ---- | M] () -- C:\Documents and Settings\ALI BUTT\My Documents\150_Gamehouse_Games.3974158.TPB.torrent
[2011/12/03 16:49:13 | 000,012,104 | ---- | M] () -- C:\Documents and Settings\ALI BUTT\My Documents\Love Child (2005) Liebeskind.torrent
[2011/12/03 10:09:59 | 000,021,259 | ---- | M] () -- C:\Documents and Settings\ALI BUTT\My Documents\The_Lookout__2007__720p___500mb___YIFY.torrent
[2011/12/02 23:24:53 | 000,018,332 | ---- | M] () -- C:\Documents and Settings\ALI BUTT\My Documents\The_Debt_Ha_Hov_2007_DVDRip.torrent
[2011/12/02 16:39:57 | 000,060,644 | ---- | M] () -- C:\Documents and Settings\ALI BUTT\My Documents\Alabama_Moon_2009_DVDRip_XviD_aAF.torrent
[2011/12/02 16:36:28 | 000,013,183 | ---- | M] () -- C:\Documents and Settings\ALI BUTT\My Documents\Red_Dog_(2011)_720p_BrRip_x264_-_600MB_-_YIFY.6853925.TPB.torrent
[2011/12/02 13:37:55 | 000,029,723 | ---- | M] () -- C:\Documents and Settings\ALI BUTT\Desktop\Burke_and_Hare_2010_BDRip_XviD_AMIABLE.torrent
[2011/12/01 23:31:42 | 000,011,786 | ---- | M] () -- C:\Documents and Settings\ALI BUTT\My Documents\Martyrs (2008).torrent
[2011/12/01 22:36:50 | 000,000,044 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\{3D55D1F4-1059-11DC-B281-197056D89593}
[2011/12/01 16:55:46 | 000,015,758 | ---- | M] () -- C:\Documents and Settings\ALI BUTT\My Documents\11 Days 11 Nights (1987) Undici giorni, undici notti.torrent
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/12/26 11:25:06 | 085,194,043 | ---- | C] () -- C:\WINDOWS\System32\drivers\AVG\incavi.avm
[2011/12/26 02:25:09 | 000,164,968 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2011/12/26 00:29:38 | 000,000,554 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/12/26 00:13:06 | 000,000,512 | ---- | C] () -- C:\MBR.dat
[2011/12/25 23:29:09 | 000,000,211 | ---- | C] () -- C:\Boot.bak
[2011/12/25 23:29:04 | 000,260,272 | RHS- | C] () -- C:\cmldr
[2011/12/25 23:26:11 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2011/12/25 23:26:11 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2011/12/25 23:26:11 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2011/12/25 23:26:11 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2011/12/25 23:26:11 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2011/12/25 22:36:29 | 000,000,354 | ---- | C] () -- C:\WINDOWS\tasks\Windows Codec Update Service.job
[2011/12/25 22:36:06 | 000,000,597 | ---- | C] () -- C:\Documents and Settings\ALI BUTT\Desktop\Media Player Classic.lnk
[2011/12/25 15:25:44 | 000,000,510 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2011/12/25 15:25:44 | 000,000,510 | ---- | C] () -- C:\Documents and Settings\ALI BUTT\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2011/12/25 15:25:43 | 000,000,510 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Mozilla Firefox.lnk
[2011/12/25 14:41:42 | 000,085,402 | ---- | C] () -- C:\Documents and Settings\ALI BUTT\My Documents\bookmarks-2011-12-25.json
[2011/12/25 04:16:05 | 000,013,985 | ---- | C] () -- C:\Documents and Settings\ALI BUTT\My Documents\The_Darjeeling_Limited_(2007)_720p_BRRip_suN_sujaidr.6817706.TPB.torrent
[2011/12/25 04:12:39 | 000,014,005 | ---- | C] () -- C:\Documents and Settings\ALI BUTT\My Documents\The_Inbetweeners_movie_2011_Extended_Cut_720p_BRrip_scOrp_sujaid.6884992.TPB.torrent
[2011/12/25 04:11:07 | 000,014,492 | ---- | C] () -- C:\Documents and Settings\ALI BUTT\My Documents\O_Brother_Where_Art_Thou_2000_720p_BRrip_scOrp_sujaidr.6893079.TPB.torrent
[2011/12/25 04:05:17 | 000,016,555 | ---- | C] () -- C:\Documents and Settings\ALI BUTT\My Documents\A_Separation_(2011)_720p_BRrip_sujaidr.6904198.TPB.torrent
[2011/12/22 23:31:17 | 000,000,572 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Yahoo! Messenger.lnk
[2011/12/22 23:31:17 | 000,000,572 | ---- | C] () -- C:\Documents and Settings\ALI BUTT\Application Data\Microsoft\Internet Explorer\Quick Launch\Yahoo! Messenger.lnk
[2011/12/21 20:31:33 | 000,000,490 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\IM Magician.lnk
[2011/12/21 19:52:09 | 000,035,600 | ---- | C] () -- C:\WINDOWS\AMCAP.EXE
[2011/12/21 19:51:45 | 000,172,032 | ---- | C] () -- C:\WINDOWS\JAPI2.DLL
[2011/12/21 19:51:09 | 000,106,496 | ---- | C] () -- C:\WINDOWS\JAPI.DLL
[2011/12/21 19:51:09 | 000,020,992 | ---- | C] () -- C:\WINDOWS\MMVCB.AX
[2011/12/21 19:51:03 | 000,000,649 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\VP-EYE 6.0.lnk
[2011/12/20 00:38:39 | 000,014,220 | ---- | C] () -- C:\Documents and Settings\ALI BUTT\My Documents\Mystic_River__2003__720p_BrRip_mkv___655MB___YIFY.torrent
[2011/12/20 00:35:13 | 000,017,169 | ---- | C] () -- C:\Documents and Settings\ALI BUTT\My Documents\Letters_from_Iwo_Jima__2006__720p__BRRip__MRShanku_Silver_RG.torrent
[2011/12/19 18:26:17 | 000,051,787 | ---- | C] () -- C:\WINDOWS\System32\drivers\AVG\iavichjg.avm
[2011/12/19 17:44:29 | 000,014,764 | ---- | C] () -- C:\Documents and Settings\ALI BUTT\My Documents\NOVO_2002_PARENTE_DVD_RIP_XVID.torrent
[2011/12/19 17:38:20 | 000,000,741 | ---- | C] () -- C:\Documents and Settings\ALI BUTT\Desktop\XIII - Lost Identity.lnk
[2011/12/19 01:08:41 | 000,018,018 | ---- | C] () -- C:\Documents and Settings\ALI BUTT\My Documents\Burning_Palms__2010__720p__BRRip__MRShanku_Silver_RG.torrent
[2011/12/17 12:33:26 | 000,014,018 | ---- | C] () -- C:\Documents and Settings\ALI BUTT\My Documents\The_Curious_Case_of_Benjamin_Button_(2008)_650mb_720p_-_YIFY.6116188.TPB.torrent
[2011/12/17 12:23:33 | 000,066,668 | ---- | C] () -- C:\Documents and Settings\ALI BUTT\My Documents\The_Departed_(2006)_-_BRRip_-_720p_-_x264_-_MKV_by_RiddlerA.5838338.TPB.torrent
[2011/12/17 12:15:03 | 000,023,018 | ---- | C] () -- C:\Documents and Settings\ALI BUTT\My Documents\Das.Boot.[The.Boat].Original.Uncut.1981.DVDRip.H264.AAC.Gopo..6071769.TPB.torrent
[2011/12/17 11:59:20 | 000,073,137 | ---- | C] () -- C:\Documents and Settings\ALI BUTT\My Documents\Munich[2005]DvDrip[Eng]-aXXo.4320529.TPB.torrent
[2011/12/17 00:58:38 | 000,016,835 | ---- | C] () -- C:\Documents and Settings\ALI BUTT\My Documents\Bunraku_2010_720p_BRrip_ShAaNiG_sujaidr.torrent
[2011/12/16 17:21:52 | 000,015,128 | ---- | C] () -- C:\Documents and Settings\ALI BUTT\My Documents\Lars_von_Trier_-_Manderlay_(2005).4995399.TPB.torrent
[2011/12/16 16:55:42 | 000,000,978 | ---- | C] () -- C:\Documents and Settings\ALI BUTT\Desktop\Shortcut to coed11.exe.lnk
[2011/12/16 16:31:22 | 000,028,897 | ---- | C] () -- C:\Documents and Settings\ALI BUTT\My Documents\Habemus_Papam_[We_Have_a_Pope](EngSubs_DVDrip)_2011.6773241.TPB.torrent
[2011/12/15 16:25:20 | 000,083,883 | ---- | C] () -- C:\Documents and Settings\ALI BUTT\My Documents\Land_of_plenty_KLAXXON.torrent
[2011/12/15 13:47:12 | 000,111,560 | ---- | C] () -- C:\Documents and Settings\ALI BUTT\My Documents\Diary.of.A .Addict(2001)DVDRip.aaaevilacharya.6062160.TPB.torrent
[2011/12/15 13:41:55 | 000,020,636 | ---- | C] () -- C:\Documents and Settings\ALI BUTT\My Documents\The_Borgias_-_SEASON_1_Complete_480p_x264_-_BoB.6454225.TPB.torrent
[2011/12/15 12:51:17 | 000,014,940 | ---- | C] () -- C:\Documents and Settings\ALI BUTT\My Documents\[kat.ph]post.coitum.2004.dvdrip.torrent
[2011/12/15 03:57:24 | 000,014,570 | ---- | C] () -- C:\Documents and Settings\ALI BUTT\My Documents\[kat.ph]the.united.states.of.leland.dvdrip.torrent
[2011/12/15 01:36:40 | 000,014,998 | ---- | C] () -- C:\Documents and Settings\ALI BUTT\My Documents\Death_In_Love_2008_DVDRip_XviD_aAF.torrent
[2011/12/14 02:00:31 | 000,016,049 | ---- | C] () -- C:\Documents and Settings\ALI BUTT\My Documents\Mother_and_Child_(2009)_720p_mkv_x264_-_750MB_-_YIFY.6154744.TPB.torrent
[2011/12/14 01:43:08 | 000,014,972 | ---- | C] () -- C:\Documents and Settings\ALI BUTT\My Documents\Lost_in_Translation__2003__720p_BrRip_x264___700MB___YIFY.torrent
[2011/12/13 13:59:51 | 000,014,582 | ---- | C] () -- C:\Documents and Settings\ALI BUTT\My Documents\Wings_of_Desire_DVDRip_XviD_InFeCtiouS(ENG_SUBS)[ExtraTorrent].5554173.TPB.torrent
[2011/12/13 13:53:08 | 000,015,350 | ---- | C] () -- C:\Documents and Settings\ALI BUTT\My Documents\Haevnen(2010)(In_a_Better_World)DVDRip_nl_subs_Nlt-Release(Divx).6580282.TPB.torrent
[2011/12/13 13:46:16 | 000,028,803 | ---- | C] () -- C:\Documents and Settings\ALI BUTT\My Documents\Goodbye_Lenin___2003_avi_torrent.torrent
[2011/12/13 13:36:16 | 000,016,286 | ---- | C] () -- C:\Documents and Settings\ALI BUTT\My Documents\Chico_and_Rita_(2010)_BRRip_720p_x264_-MitZep_(PhoenixRG)_.6447274.TPB.torrent
[2011/12/13 13:25:24 | 000,029,483 | ---- | C] () -- C:\Documents and Settings\ALI BUTT\My Documents\The_Inbetweeners_2011_Extended_BDRIP_XVID_-_SCR0N.6883209.TPB.torrent
[2011/12/12 23:23:11 | 000,000,517 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\CPUID CPU-Z.lnk
[2011/12/12 14:18:47 | 000,017,392 | ---- | C] () -- C:\Documents and Settings\ALI BUTT\My Documents\Walk_the_Line__2005___Extended_Cut__720p_x264__TYNYFYD_.torrent
[2011/12/12 14:07:36 | 000,256,634 | ---- | C] () -- C:\Documents and Settings\ALI BUTT\My Documents\Up_in_the_Air[2009]DvDrip[Eng]-FXG.5379168.TPB.torrent
[2011/12/12 13:44:52 | 000,056,873 | ---- | C] () -- C:\Documents and Settings\ALI BUTT\My Documents\Rescue.Dawn[2007]DvDrip[Eng]-aXXo.3882591.TPB.torrent
[2011/12/12 10:54:34 | 000,018,322 | ---- | C] () -- C:\Documents and Settings\ALI BUTT\My Documents\Kieslowski_-_Dekalog.4592132.TPB.torrent
[2011/12/12 03:40:43 | 000,035,993 | ---- | C] () -- C:\Documents and Settings\ALI BUTT\My Documents\_drama_politics)_Another_Way_[Egymasra_nezve]_EngSub_Div.4142403.TPB.torrent
[2011/12/12 03:34:20 | 000,015,291 | ---- | C] () -- C:\Documents and Settings\ALI BUTT\My Documents\The.Ron.Clark.Story.DVDRiP.XViD-DvF.4505329.TPB.torrent
[2011/12/09 17:45:34 | 000,012,985 | ---- | C] () -- C:\Documents and Settings\ALI BUTT\My Documents\Catch_44_2011_720p_BRrip_scOrp_sujaidr.6862257.TPB.torrent
[2011/12/09 17:43:37 | 000,019,681 | ---- | C] () -- C:\Documents and Settings\ALI BUTT\Desktop\Turn_Me_On__Dammit__(2011)_720p_BRrip_sujaidr.6863611.TPB.torrent
[2011/12/08 23:01:02 | 000,057,001 | ---- | C] () -- C:\Documents and Settings\ALI BUTT\My Documents\The_Darjeeling_Limited[2007]DvDrip[Eng]-FXG.4027350.TPB.torrent
[2011/12/07 11:14:26 | 000,014,358 | ---- | C] () -- C:\Documents and Settings\ALI BUTT\My Documents\Hamlet_(1990)_MEL_GIBSON.GLENN_CLOSE.5131879.TPB.torrent
[2011/12/07 00:13:19 | 000,016,336 | ---- | C] () -- C:\Documents and Settings\ALI BUTT\My Documents\Synecdoche_New_York_(2008)_720p_BrRip_x264_-_750MB_-_YIFY.6867426.TPB.torrent
[2011/12/06 00:10:00 | 000,014,932 | ---- | C] () -- C:\Documents and Settings\ALI BUTT\My Documents\SOUND_OF_NOISE__2010__DVD_Rip_Xvid__StB_.torrent
[2011/12/06 00:05:47 | 000,016,868 | ---- | C] () -- C:\Documents and Settings\ALI BUTT\My Documents\Paula-Paula[2010][DVDRip][spanish].6271832.TPB.torrent
[2011/12/04 17:51:36 | 000,032,557 | ---- | C] () -- C:\Documents and Settings\ALI BUTT\My Documents\150_Gamehouse_Games.3974158.TPB.torrent
[2011/12/03 16:49:11 | 000,012,104 | ---- | C] () -- C:\Documents and Settings\ALI BUTT\My Documents\Love Child (2005) Liebeskind.torrent
[2011/12/03 10:09:56 | 000,021,259 | ---- | C] () -- C:\Documents and Settings\ALI BUTT\My Documents\The_Lookout__2007__720p___500mb___YIFY.torrent
[2011/12/02 23:24:36 | 000,018,332 | ---- | C] () -- C:\Documents and Settings\ALI BUTT\My Documents\The_Debt_Ha_Hov_2007_DVDRip.torrent
[2011/12/02 16:39:53 | 000,060,644 | ---- | C] () -- C:\Documents and Settings\ALI BUTT\My Documents\Alabama_Moon_2009_DVDRip_XviD_aAF.torrent
[2011/12/02 16:36:27 | 000,013,183 | ---- | C] () -- C:\Documents and Settings\ALI BUTT\My Documents\Red_Dog_(2011)_720p_BrRip_x264_-_600MB_-_YIFY.6853925.TPB.torrent
[2011/12/02 13:37:45 | 000,029,723 | ---- | C] () -- C:\Documents and Settings\ALI BUTT\Desktop\Burke_and_Hare_2010_BDRip_XviD_AMIABLE.torrent
[2011/12/01 23:31:40 | 000,011,786 | ---- | C] () -- C:\Documents and Settings\ALI BUTT\My Documents\Martyrs (2008).torrent
[2011/12/01 22:36:44 | 000,000,044 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\{3D55D1F4-1059-11DC-B281-197056D89593}
[2011/12/01 16:55:43 | 000,015,758 | ---- | C] () -- C:\Documents and Settings\ALI BUTT\My Documents\11 Days 11 Nights (1987) Undici giorni, undici notti.torrent
[2011/11/29 00:44:06 | 000,000,702 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\AVG 2012.lnk
[2011/11/10 12:58:03 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\HPPLVS.dll
[2011/11/01 22:49:24 | 000,055,256 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2011/10/29 00:48:29 | 000,017,408 | ---- | C] () -- C:\Documents and Settings\ALI BUTT\Local Settings\Application Data\WebpageIcons.db
[2011/10/11 11:24:37 | 000,001,025 | ---- | C] () -- C:\WINDOWS\System32\sysprs7.dll
[2011/09/21 08:09:27 | 000,271,360 | ---- | C] () -- C:\WINDOWS\System32\drivers\atksgt.sys
[2011/09/21 08:09:24 | 000,018,048 | ---- | C] () -- C:\WINDOWS\System32\drivers\lirsgt.sys
[2011/08/31 01:26:49 | 000,004,096 | ---- | C] () -- C:\WINDOWS\d3dx.dat
[2011/08/14 17:59:42 | 000,000,000 | ---- | C] () -- C:\WINDOWS\WB.ini
[2011/08/10 16:44:04 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2011/07/25 02:43:05 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011/07/07 00:12:04 | 001,156,552 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\bdinstall.bin
[2011/07/01 02:08:11 | 000,022,328 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2011/07/01 00:39:37 | 000,103,736 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrB.exe
[2011/07/01 00:38:42 | 000,066,872 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrA.exe
[2011/06/01 15:29:46 | 000,000,081 | ---- | C] () -- C:\WINDOWS\GECKOS.INI
[2011/05/30 12:12:14 | 000,084,480 | ---- | C] () -- C:\WINDOWS\System32\EasyHook32.dll
[2011/05/30 12:06:08 | 000,173,568 | ---- | C] () -- C:\Documents and Settings\ALI BUTT\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/05/30 12:04:19 | 000,175,616 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2011/05/30 09:37:24 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2011/05/30 09:22:58 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2011/05/30 09:15:15 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2011/05/30 02:08:33 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2011/05/30 02:05:51 | 000,286,112 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2008/05/16 14:01:00 | 001,703,936 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2008/05/16 14:01:00 | 001,630,208 | ---- | C] () -- C:\WINDOWS\System32\nwiz.exe
[2008/05/16 14:01:00 | 001,486,848 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2008/05/16 14:01:00 | 001,339,392 | ---- | C] () -- C:\WINDOWS\System32\nvdspsch.exe
[2008/05/16 14:01:00 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2008/05/16 14:01:00 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2008/05/16 14:01:00 | 000,442,368 | ---- | C] () -- C:\WINDOWS\System32\nvappbar.exe
[2008/05/16 14:01:00 | 000,425,984 | ---- | C] () -- C:\WINDOWS\System32\keystone.exe
[2008/05/16 14:01:00 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2007/07/26 12:01:50 | 000,114,688 | ---- | C] () -- C:\WINDOWS\System32\hppatusg01.dll
[2006/10/09 22:18:10 | 000,036,992 | ---- | C] () -- C:\WINDOWS\System32\drivers\csiidecoder_kern_i386.sys
[2006/10/09 22:18:10 | 000,034,048 | ---- | C] () -- C:\WINDOWS\System32\drivers\SRS_SSCFilter.sys
[2006/10/09 22:18:08 | 000,044,160 | ---- | C] () -- C:\WINDOWS\System32\drivers\tshd4_kern_i386.sys
[2006/10/09 22:18:08 | 000,042,240 | ---- | C] () -- C:\WINDOWS\System32\drivers\Surroundhp_kern_i386.sys
[2004/08/04 06:07:22 | 000,001,788 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin
[2004/08/02 19:20:40 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004/07/17 16:36:38 | 000,027,440 | ---- | C] () -- C:\WINDOWS\System32\drivers\secdrv.sys
[2001/08/23 19:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2001/08/23 19:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2001/08/23 19:00:00 | 000,517,338 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2001/08/23 19:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2001/08/23 19:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2001/08/23 19:00:00 | 000,093,844 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2001/08/23 19:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2001/08/23 19:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2001/08/23 19:00:00 | 000,004,463 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2001/08/23 19:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat

========== Custom Scans ==========



< MD5 for: ATAPI.SYS >
[2004/08/04 06:05:44 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2004/08/03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\dllcache\atapi.sys
[2004/08/03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004/08/04 03:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0007\DriverFiles\i386\atapi.sys

< MD5 for: BEEP.SYS >
[2001/08/23 19:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\dllcache\beep.sys
[2001/08/23 19:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\drivers\beep.sys

< MD5 for: DXGTHK.SYS >
[2001/08/23 19:00:00 | 000,003,328 | ---- | M] (Microsoft Corporation) MD5=A73F5D6705B1D820C19B18782E176EFD -- C:\WINDOWS\system32\dllcache\dxgthk.sys
[2001/08/23 19:00:00 | 000,003,328 | ---- | M] (Microsoft Corporation) MD5=A73F5D6705B1D820C19B18782E176EFD -- C:\WINDOWS\system32\drivers\dxgthk.sys

< MD5 for: MSWSOCK.DLL >
[2004/08/04 05:56:46 | 000,245,248 | ---- | M] (Microsoft Corporation) MD5=4E74AF063C3271FBEA20DD940CFD1184 -- C:\WINDOWS\system32\dllcache\mswsock.dll
[2004/08/04 05:56:46 | 000,245,248 | ---- | M] (Microsoft Corporation) MD5=4E74AF063C3271FBEA20DD940CFD1184 -- C:\WINDOWS\system32\mswsock.dll

< MD5 for: NETCFGX.DLL >
[2004/08/04 05:56:46 | 000,622,080 | ---- | M] (Microsoft Corporation) MD5=E3AE8DC04643850D2DFD431443558B28 -- C:\WINDOWS\system32\dllcache\netcfgx.dll
[2004/08/04 05:56:46 | 000,622,080 | ---- | M] (Microsoft Corporation) MD5=E3AE8DC04643850D2DFD431443558B28 -- C:\WINDOWS\system32\netcfgx.dll

< MD5 for: NETMAN.DLL >
[2004/08/04 05:56:46 | 000,198,144 | ---- | M] (Microsoft Corporation) MD5=DAB9E6C7105D2EF49876FE92C524F565 -- C:\WINDOWS\system32\dllcache\netman.dll
[2004/08/04 05:56:46 | 000,198,144 | ---- | M] (Microsoft Corporation) MD5=DAB9E6C7105D2EF49876FE92C524F565 -- C:\WINDOWS\system32\netman.dll

< MD5 for: NETSHELL.DLL >
[2004/08/04 05:56:46 | 001,708,032 | ---- | M] (Microsoft Corporation) MD5=BF52A4D4EB4CFB3109667E429B93E21A -- C:\WINDOWS\system32\dllcache\netshell.dll
[2004/08/04 05:56:46 | 001,708,032 | ---- | M] (Microsoft Corporation) MD5=BF52A4D4EB4CFB3109667E429B93E21A -- C:\WINDOWS\system32\netshell.dll

< MD5 for: NTDLL.DLL >
[2004/08/04 00:56:38 | 000,708,096 | ---- | M] (Microsoft Corporation) MD5=BB5CBFFC096497506167BCE1D9690EF2 -- C:\cmdcons\SYSTEM32\NTDLL.DLL
[2004/08/04 05:56:38 | 000,708,096 | ---- | M] (Microsoft Corporation) MD5=BB5CBFFC096497506167BCE1D9690EF2 -- C:\WINDOWS\system32\dllcache\ntdll.dll
[2004/08/04 05:56:38 | 000,708,096 | ---- | M] (Microsoft Corporation) MD5=BB5CBFFC096497506167BCE1D9690EF2 -- C:\WINDOWS\system32\ntdll.dll

========== Files - Unicode (All) ==========
[2011/07/07 11:51:54 | 000,000,000 | ---- | M] ()(C:\Documents and Settings\ALI BUTT\?????) -- C:\Documents and Settings\ALI BUTT\獷楬汢捯污

< End of report >
  • 0

#21
Ali Butt

Ali Butt

    Member

  • Topic Starter
  • Member
  • PipPip
  • 24 posts
OTL Extras logfile created on: 12/26/2011 12:21:50 PM - Run 3
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Documents and Settings\ALI BUTT\Desktop
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

510.98 Mb Total Physical Memory | 347.40 Mb Available Physical Memory | 67.99% Memory free
980.45 Mb Paging File | 615.49 Mb Available in Paging File | 62.78% Paging File free
Paging file location(s): C:\pagefile.sys 500 700 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 19.53 Gb Total Space | 10.23 Gb Free Space | 52.39% Space Free | Partition Type: NTFS
Drive D: | 9.76 Gb Total Space | 3.28 Gb Free Space | 33.59% Space Free | Partition Type: FAT32
Drive E: | 7.94 Gb Total Space | 1.52 Gb Free Space | 19.15% Space Free | Partition Type: FAT32

Computer Name: HOME-1157E821BE | User Name: ALI BUTT | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (All) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.bat [@ = batfile] -- "%1" %*
.chm [@ = chm.file] -- C:\WINDOWS\hh.exe (Microsoft Corporation)
.cmd [@ = cmdfile] -- "%1" %*
.com [@ = comfile] -- "%1" %*
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.exe [@ = exefile] -- "%1" %*
.hlp [@ = hlpfile] -- C:\WINDOWS\System32\winhlp32.exe (Microsoft Corporation)
.hta [@ = htafile] -- C:\WINDOWS\System32\mshta.exe (Microsoft Corporation)
.html [@ = SafariHTML] -- Reg Error: Key error. File not found
.inf [@ = inffile] -- C:\WINDOWS\System32\NOTEPAD.EXE (Microsoft Corporation)
.ini [@ = inifile] -- C:\WINDOWS\System32\NOTEPAD.EXE (Microsoft Corporation)
.url [@ = InternetShortcut] -- rundll32.exe shdocvw.dll,OpenURL %l
.js [@ = JSFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
.jse [@ = JSEFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
.pif [@ = piffile] -- "%1" %*
.reg [@ = regfile] -- C:\WINDOWS\regedit.exe (Microsoft Corporation)
.scr [@ = scrfile] -- "%1" /S
.txt [@ = txtfile] -- C:\WINDOWS\System32\NOTEPAD.EXE (Microsoft Corporation)
.vbe [@ = VBEFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
.vbs [@ = VBSFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
.wsf [@ = WSFFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
.wsh [@ = WSHFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- E:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
batfile [open] -- "%1" %*
batfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
chm.file [open] -- "%SYSTEMROOT%\hh.exe" %1 (Microsoft Corporation)
cmdfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
cmdfile [open] -- "%1" %*
cmdfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
helpfile [open] -- winhlp32.exe %1 (Microsoft Corporation)
hlpfile [open] -- %SystemRoot%\System32\winhlp32.exe %1 (Microsoft Corporation)
htafile [open] -- C:\WINDOWS\system32\mshta.exe "%1" %* (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
https [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection DefaultInstall 132 %1 (Microsoft Corporation)
inffile [open] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
inffile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
inifile [open] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
inifile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
InternetShortcut [open] -- rundll32.exe shdocvw.dll,OpenURL %l
InternetShortcut [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
jsfile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
jsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsfile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
jsefile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
jsefile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsefile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [edit] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
regfile [open] -- regedit.exe "%1" (Microsoft Corporation)
regfile [merge] -- Reg Error: Key error.
regfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
txtfile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
txtfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
txtfile [printto] -- %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4" (Microsoft Corporation)
vbefile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
vbefile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
vbefile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
vbsfile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
vbsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
vbsfile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
wsffile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
wsffile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
wsffile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
wshfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "e:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "e:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "%programfiles%\internet explorer\iexplore.exe" (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"21563:TCP" = 21563:TCP:*:Enabled:BitComet 21563 TCP
"21563:UDP" = 21563:UDP:*:Enabled:BitComet 21563 UDP

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"E:\software\TeamViewer.exe" = E:\software\TeamViewer.exe:*:Enabled:TeamViewer Remote Control Application -- (TeamViewer GmbH)
"D:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" = D:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger -- (Yahoo! Inc.)
"E:\Program Files\BitTorrent\BitTorrent.exe" = E:\Program Files\BitTorrent\BitTorrent.exe:*:Enabled:BitTorrent -- (BitTorrent, Inc.)
"C:\Program Files\AVG\AVG2012\avgmfapx.exe" = C:\Program Files\AVG\AVG2012\avgmfapx.exe:*:Enabled:AVG Installer -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG2012\avgnsx.exe" = C:\Program Files\AVG\AVG2012\avgnsx.exe:*:Enabled:Online Shield -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG2012\avgdiagex.exe" = C:\Program Files\AVG\AVG2012\avgdiagex.exe:*:Enabled:AVG Diagnostics 2012 -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG2012\avgemcx.exe" = C:\Program Files\AVG\AVG2012\avgemcx.exe:*:Enabled:Personal E-mail Scanner -- (AVG Technologies CZ, s.r.o.)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{0E2B767B-EA6A-489B-BF83-8083FE1DB661}" = Pcsx2 0.9.6
"{13F00518-807A-4B3A-83B0-A7CD90F3A398}" = MarketResearch
"{26A24AE4-039D-4CA4-87B4-2F83216030FF}" = Java™ 6 Update 30
"{2767DEDE-EA9D-4FCE-A06A-40F4DD293330}" = hppusgP1000
"{2857dbef-0b50-361c-8690-7d505747009f}" = Webshots Desktop
"{2BA00471-0328-3743-93BD-FA813353A783}" = Microsoft .NET Framework 3.0 Service Pack 1
"{2FC099BD-AC9B-33EB-809C-D332E1B27C40}" = Microsoft .NET Framework 3.5
"{31187E06-E131-4709-9285-7D105D77AA89}" = Components Setup
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{39D7BD4A-5BE7-11D4-9D68-0020781864F1}" = CueClub
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{44A69352-33DD-405E-ADB8-2D768643BBAE}_is1" = AnyBizSoft PDF to Word (Build 3.0.0)
"{4877CCD5-6B0B-4B3A-8EF1-911D946B8B94}" = SRS Audio Sandbox
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{58ECE031-9AAD-4011-B34A-BC78E77527E2}" = hppMSRedist
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{8398852A-7B61-4808-8F58-D0A40D1B2CB6}" = AVG 2012
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9819EF4D-7A28-54B5-8A25-CE97793845A4}" = Webshots Daily Features
"{A5742726-2180-4253-83A7-53558486A7A2}" = IM Magician
"{AA59DDE4-B672-4621-A016-4C248204957A}" = Skype™ 5.5
"{BA524348-59A6-437A-A4FB-25080BDEFCD6}" = VP-EYE
"{BDDEE95D-0671-4A38-AAF3-2A7D5801B323}" = Components Setup
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{E171F5DA-6F17-472D-A223-92468142C5E8}" = AVG 2012
"{E89760FE-AA0B-407D-BB94-E23CE78385F3}" = CueClub Patch
"{ECA31632-C2AD-4774-A3CA-2813D47E4DD0}" = HPCarePackProducts
"{F0A37341-D692-11D4-A984-009027EC0A9C}" = SoundMAX
"{FE23D063-934D-4829-A0D8-00634CE79B4A}" = Adobe AIR
"Adobe AIR" = Adobe AIR
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"AVG" = AVG 2012
"BitTorrent" = BitTorrent
"Burger Shop 2 1.00" = Burger Shop 2 1.00
"CCleaner" = CCleaner
"CPUID CPU-Z_is1" = CPUID CPU-Z 1.59
"Folder Guard" = Folder Guard
"Foxit Reader" = Foxit Reader
"Jumpa_is1" = Jumpa 1.0
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware version 1.51.2.1300
"Microsoft .NET Framework 3.5" = Microsoft .NET Framework 3.5
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Mozilla Firefox 9.0.1 (x86 en-US)" = Mozilla Firefox 9.0.1 (x86 en-US)
"NVIDIA Drivers" = NVIDIA Drivers
"USB Disk Security_is1" = USB Disk Security
"VLC media player" = VLC media player 1.1.11
"WebshotsDailyFeatures.D47BD63EE77CC0AC7AE23BFA386A3F1EDA7C080D.1" = Webshots Daily Features
"Wedding Dash 4 Ever 1.00" = Wedding Dash 4 Ever 1.00
"WIC" = Windows Imaging Component
"Windows Essentials Media Codec Pack" = Windows Essentials Media Codec Pack 3.6 [32-Bit]
"WinRAR archiver" = WinRAR 4.10 beta 2 (32-bit)
"XIII - Lost Identity1.0" = XIII - Lost Identity
"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0
"Yahoo! Messenger" = Yahoo! Messenger

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Yahoo! BrowserPlus" = Yahoo! BrowserPlus 2.9.8

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 12/25/2011 7:23:39 PM | Computer Name = HOME-1157E821BE | Source = Userenv | ID = 1041
Description = Windows cannot query DllName registry entry for {CF7639F3-ABA2-41DB-97F2-81E2C5DBFC5D}
and it will not be loaded. This is most likely caused by a faulty registration.

Error - 12/25/2011 7:26:51 PM | Computer Name = HOME-1157E821BE | Source = .NET Runtime Optimization Service | ID = 1103
Description = .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32)
- Tried to start a service that wasn't the latest version of CLR Optimization service.
Will shutdown

Error - 12/26/2011 2:10:59 AM | Computer Name = HOME-1157E821BE | Source = Userenv | ID = 1041
Description = Windows cannot query DllName registry entry for {7B849a69-220F-451E-B3FE-2CB811AF94AE}
and it will not be loaded. This is most likely caused by a faulty registration.

Error - 12/26/2011 2:10:59 AM | Computer Name = HOME-1157E821BE | Source = Userenv | ID = 1041
Description = Windows cannot query DllName registry entry for {CF7639F3-ABA2-41DB-97F2-81E2C5DBFC5D}
and it will not be loaded. This is most likely caused by a faulty registration.

Error - 12/26/2011 2:11:07 AM | Computer Name = HOME-1157E821BE | Source = Userenv | ID = 1041
Description = Windows cannot query DllName registry entry for {7B849a69-220F-451E-B3FE-2CB811AF94AE}
and it will not be loaded. This is most likely caused by a faulty registration.

Error - 12/26/2011 2:11:07 AM | Computer Name = HOME-1157E821BE | Source = Userenv | ID = 1041
Description = Windows cannot query DllName registry entry for {CF7639F3-ABA2-41DB-97F2-81E2C5DBFC5D}
and it will not be loaded. This is most likely caused by a faulty registration.

Error - 12/26/2011 2:16:25 AM | Computer Name = HOME-1157E821BE | Source = Userenv | ID = 1041
Description = Windows cannot query DllName registry entry for {7B849a69-220F-451E-B3FE-2CB811AF94AE}
and it will not be loaded. This is most likely caused by a faulty registration.

Error - 12/26/2011 2:16:25 AM | Computer Name = HOME-1157E821BE | Source = Userenv | ID = 1041
Description = Windows cannot query DllName registry entry for {CF7639F3-ABA2-41DB-97F2-81E2C5DBFC5D}
and it will not be loaded. This is most likely caused by a faulty registration.

Error - 12/26/2011 2:16:28 AM | Computer Name = HOME-1157E821BE | Source = Userenv | ID = 1041
Description = Windows cannot query DllName registry entry for {7B849a69-220F-451E-B3FE-2CB811AF94AE}
and it will not be loaded. This is most likely caused by a faulty registration.

Error - 12/26/2011 2:16:28 AM | Computer Name = HOME-1157E821BE | Source = Userenv | ID = 1041
Description = Windows cannot query DllName registry entry for {CF7639F3-ABA2-41DB-97F2-81E2C5DBFC5D}
and it will not be loaded. This is most likely caused by a faulty registration.

[ Application Events ]
Error - 12/25/2011 7:23:39 PM | Computer Name = HOME-1157E821BE | Source = Userenv | ID = 1041
Description = Windows cannot query DllName registry entry for {CF7639F3-ABA2-41DB-97F2-81E2C5DBFC5D}
and it will not be loaded. This is most likely caused by a faulty registration.

Error - 12/25/2011 7:26:51 PM | Computer Name = HOME-1157E821BE | Source = .NET Runtime Optimization Service | ID = 1103
Description = .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32)
- Tried to start a service that wasn't the latest version of CLR Optimization service.
Will shutdown

Error - 12/26/2011 2:10:59 AM | Computer Name = HOME-1157E821BE | Source = Userenv | ID = 1041
Description = Windows cannot query DllName registry entry for {7B849a69-220F-451E-B3FE-2CB811AF94AE}
and it will not be loaded. This is most likely caused by a faulty registration.

Error - 12/26/2011 2:10:59 AM | Computer Name = HOME-1157E821BE | Source = Userenv | ID = 1041
Description = Windows cannot query DllName registry entry for {CF7639F3-ABA2-41DB-97F2-81E2C5DBFC5D}
and it will not be loaded. This is most likely caused by a faulty registration.

Error - 12/26/2011 2:11:07 AM | Computer Name = HOME-1157E821BE | Source = Userenv | ID = 1041
Description = Windows cannot query DllName registry entry for {7B849a69-220F-451E-B3FE-2CB811AF94AE}
and it will not be loaded. This is most likely caused by a faulty registration.

Error - 12/26/2011 2:11:07 AM | Computer Name = HOME-1157E821BE | Source = Userenv | ID = 1041
Description = Windows cannot query DllName registry entry for {CF7639F3-ABA2-41DB-97F2-81E2C5DBFC5D}
and it will not be loaded. This is most likely caused by a faulty registration.

Error - 12/26/2011 2:16:25 AM | Computer Name = HOME-1157E821BE | Source = Userenv | ID = 1041
Description = Windows cannot query DllName registry entry for {7B849a69-220F-451E-B3FE-2CB811AF94AE}
and it will not be loaded. This is most likely caused by a faulty registration.

Error - 12/26/2011 2:16:25 AM | Computer Name = HOME-1157E821BE | Source = Userenv | ID = 1041
Description = Windows cannot query DllName registry entry for {CF7639F3-ABA2-41DB-97F2-81E2C5DBFC5D}
and it will not be loaded. This is most likely caused by a faulty registration.

Error - 12/26/2011 2:16:28 AM | Computer Name = HOME-1157E821BE | Source = Userenv | ID = 1041
Description = Windows cannot query DllName registry entry for {7B849a69-220F-451E-B3FE-2CB811AF94AE}
and it will not be loaded. This is most likely caused by a faulty registration.

Error - 12/26/2011 2:16:28 AM | Computer Name = HOME-1157E821BE | Source = Userenv | ID = 1041
Description = Windows cannot query DllName registry entry for {CF7639F3-ABA2-41DB-97F2-81E2C5DBFC5D}
and it will not be loaded. This is most likely caused by a faulty registration.

[ System Events ]
Error - 12/26/2011 2:17:52 AM | Computer Name = HOME-1157E821BE | Source = Service Control Manager | ID = 7000
Description = The Airytec Switch Off - Web Interface service failed to start due
to the following error: %%2

Error - 12/26/2011 2:28:44 AM | Computer Name = HOME-1157E821BE | Source = Service Control Manager | ID = 7034
Description = The Intel® PROSet Monitoring Service service terminated unexpectedly.
It has done this 1 time(s).

Error - 12/26/2011 2:28:44 AM | Computer Name = HOME-1157E821BE | Source = Service Control Manager | ID = 7031
Description = The Microsoft .NET Framework NGEN v4.0.30319_X86 service terminated
unexpectedly. It has done this 1 time(s). The following corrective action will
be taken in 120000 milliseconds: Restart the service.

Error - 12/26/2011 2:28:44 AM | Computer Name = HOME-1157E821BE | Source = Service Control Manager | ID = 7034
Description = The Print Spooler service terminated unexpectedly. It has done this
1 time(s).

Error - 12/26/2011 2:28:46 AM | Computer Name = HOME-1157E821BE | Source = Service Control Manager | ID = 7034
Description = The Application Layer Gateway Service service terminated unexpectedly.
It has done this 1 time(s).

Error - 12/26/2011 2:28:46 AM | Computer Name = HOME-1157E821BE | Source = Service Control Manager | ID = 7034
Description = The PnkBstrA service terminated unexpectedly. It has done this 1
time(s).

Error - 12/26/2011 2:28:46 AM | Computer Name = HOME-1157E821BE | Source = Service Control Manager | ID = 7034
Description = The vToolbarUpdater service terminated unexpectedly. It has done
this 1 time(s).

Error - 12/26/2011 2:28:46 AM | Computer Name = HOME-1157E821BE | Source = Service Control Manager | ID = 7034
Description = The Java Quick Starter service terminated unexpectedly. It has done
this 1 time(s).

Error - 12/26/2011 2:28:46 AM | Computer Name = HOME-1157E821BE | Source = Service Control Manager | ID = 7034
Description = The MBAMService service terminated unexpectedly. It has done this
1 time(s).

Error - 12/26/2011 2:28:46 AM | Computer Name = HOME-1157E821BE | Source = Service Control Manager | ID = 7034
Description = The NVIDIA Display Driver Service service terminated unexpectedly.
It has done this 1 time(s).


< End of report >
  • 0

#22
Ali Butt

Ali Butt

    Member

  • Topic Starter
  • Member
  • PipPip
  • 24 posts
i try to run the combo fix scan in safe mode with networking but was unable to stop my anti-virus program. how can i do this?
sorry, i have posted the both otl and extras log file of otl scan.
the first one i posted is otl and second post is extras log.

Edited by Ali Butt, 26 December 2011 - 01:45 AM.

  • 0

#23
RKinner

RKinner

    Malware Expert

  • Expert
  • 19,797 posts
  • MVP
Go ahead and stop Combofix and reboot. Run TDSSKiller again and post the log.

You don't appear to have any other copies of the "suspicious" programs that aswMBR found that we could use. The checksums look good but it must have a reason it doesn't like them.

Please submit the programs:

C:\WINDOWS\System32\drivers\dxgthk.sys
C:\WINDOWS\system32\ntdll.dll

to http://www.virustotal.com and let's see what they say about them. If they do not say 0/43 or so then please copy and paste the report.
  • 0

#24
Ali Butt

Ali Butt

    Member

  • Topic Starter
  • Member
  • PipPip
  • 24 posts
okay, thank you for your time and assistance.
for just a reminder, here it is what is happening to me.
my every web browser is redirecting my certain web sites or google's searches to youtube, and of course without my consent.
is this is really a ALUREON.H virus or am i just missing some microsoft program to run my machine properly?
  • 0

#25
Ali Butt

Ali Butt

    Member

  • Topic Starter
  • Member
  • PipPip
  • 24 posts
tdsskiler log file new:
14:15:19.0890 3588 TDSS rootkit removing tool 2.6.25.0 Dec 23 2011 14:51:16
14:15:21.0125 3588 ============================================================
14:15:21.0125 3588 Current date / time: 2011/12/26 14:15:21.0125
14:15:21.0125 3588 SystemInfo:
14:15:21.0125 3588
14:15:21.0125 3588 OS Version: 5.1.2600 ServicePack: 2.0
14:15:21.0125 3588 Product type: Workstation
14:15:21.0125 3588 ComputerName: HOME-1157E821BE
14:15:21.0125 3588 UserName: ALI BUTT
14:15:21.0125 3588 Windows directory: C:\WINDOWS
14:15:21.0125 3588 System windows directory: C:\WINDOWS
14:15:21.0125 3588 Processor architecture: Intel x86
14:15:21.0125 3588 Number of processors: 1
14:15:21.0125 3588 Page size: 0x1000
14:15:21.0125 3588 Boot type: Normal boot
14:15:21.0125 3588 ============================================================
14:15:24.0250 3588 Initialize success
14:15:27.0640 3712 ============================================================
14:15:27.0640 3712 Scan started
14:15:27.0640 3712 Mode: Manual;
14:15:27.0640 3712 ============================================================
14:15:29.0234 3712 Abiosdsk - ok
14:15:29.0265 3712 abp480n5 - ok
14:15:29.0359 3712 ACPI (a10c7534f7223f4a73a948967d00e69b) C:\WINDOWS\system32\DRIVERS\ACPI.sys
14:15:29.0359 3712 ACPI - ok
14:15:29.0421 3712 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
14:15:29.0421 3712 ACPIEC - ok
14:15:29.0484 3712 adpu160m - ok
14:15:29.0562 3712 aeaudio (11c04b17ed2abbb4833694bcd644ac90) C:\WINDOWS\system32\drivers\aeaudio.sys
14:15:29.0562 3712 aeaudio - ok
14:15:29.0640 3712 aec (841f385c6cfaf66b58fbd898722bb4f0) C:\WINDOWS\system32\drivers\aec.sys
14:15:29.0656 3712 aec - ok
14:15:29.0734 3712 AFD (5ac495f4cb807b2b98ad2ad591e6d92e) C:\WINDOWS\System32\drivers\afd.sys
14:15:29.0750 3712 AFD - ok
14:15:29.0843 3712 agp440 (2c428fa0c3e3a01ed93c9b2a27d8d4bb) C:\WINDOWS\system32\DRIVERS\agp440.sys
14:15:29.0843 3712 agp440 - ok
14:15:29.0890 3712 Aha154x - ok
14:15:29.0921 3712 aic78u2 - ok
14:15:29.0968 3712 aic78xx - ok
14:15:30.0031 3712 AliIde - ok
14:15:30.0078 3712 amsint - ok
14:15:30.0125 3712 asc - ok
14:15:30.0156 3712 asc3350p - ok
14:15:30.0203 3712 asc3550 - ok
14:15:30.0343 3712 AsyncMac (02000abf34af4c218c35d257024807d6) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
14:15:30.0359 3712 AsyncMac - ok
14:15:30.0468 3712 atapi (cdfe4411a69c224bd1d11b2da92dac51) C:\WINDOWS\system32\DRIVERS\atapi.sys
14:15:30.0484 3712 atapi - ok
14:15:30.0546 3712 Atdisk - ok
14:15:30.0625 3712 atksgt (6e996cf8459a2594e0e9609d0e34d41f) C:\WINDOWS\system32\DRIVERS\atksgt.sys
14:15:30.0640 3712 atksgt - ok
14:15:30.0734 3712 Atmarpc (ec88da854ab7d7752ec8be11a741bb7f) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
14:15:30.0750 3712 Atmarpc - ok
14:15:30.0843 3712 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
14:15:30.0859 3712 audstub - ok
14:15:31.0078 3712 AVGIDSDriver (4fa401b33c1b50c816486f6951244a14) C:\WINDOWS\system32\DRIVERS\AVGIDSDriver.Sys
14:15:31.0093 3712 AVGIDSDriver - ok
14:15:31.0187 3712 AVGIDSEH (69578bc9d43d614c6b3455db4af19762) C:\WINDOWS\system32\DRIVERS\AVGIDSEH.Sys
14:15:31.0187 3712 AVGIDSEH - ok
14:15:31.0265 3712 AVGIDSFilter (6df528406aa22201f392b9b19121cd6f) C:\WINDOWS\system32\DRIVERS\AVGIDSFilter.Sys
14:15:31.0265 3712 AVGIDSFilter - ok
14:15:31.0343 3712 AVGIDSShim (1e01c2166b5599802bcd61b9691f7476) C:\WINDOWS\system32\DRIVERS\AVGIDSShim.Sys
14:15:31.0343 3712 AVGIDSShim - ok
14:15:31.0437 3712 Avgldx86 (bf8118cd5e2255387b715b534d64acd1) C:\WINDOWS\system32\DRIVERS\avgldx86.sys
14:15:31.0453 3712 Avgldx86 - ok
14:15:31.0546 3712 Avgmfx86 (1c77ef67f196466adc9924cb288afe87) C:\WINDOWS\system32\DRIVERS\avgmfx86.sys
14:15:31.0546 3712 Avgmfx86 - ok
14:15:31.0640 3712 Avgrkx86 (f2038ed7284b79dcef581468121192a9) C:\WINDOWS\system32\DRIVERS\avgrkx86.sys
14:15:31.0640 3712 Avgrkx86 - ok
14:15:31.0734 3712 Avgtdix (a6d562b612216d8d02a35ebeb92366bd) C:\WINDOWS\system32\DRIVERS\avgtdix.sys
14:15:31.0781 3712 Avgtdix - ok
14:15:31.0890 3712 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
14:15:31.0890 3712 Beep - ok
14:15:32.0000 3712 catchme - ok
14:15:32.0109 3712 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
14:15:32.0109 3712 cbidf2k - ok
14:15:32.0187 3712 CCDECODE (6163ed60b684bab19d3352ab22fc48b2) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
14:15:32.0203 3712 CCDECODE - ok
14:15:32.0281 3712 cd20xrnt - ok
14:15:32.0359 3712 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
14:15:32.0359 3712 Cdaudio - ok
14:15:32.0453 3712 Cdfs (cd7d5152df32b47f4e36f710b35aae02) C:\WINDOWS\system32\drivers\Cdfs.sys
14:15:32.0453 3712 Cdfs - ok
14:15:32.0515 3712 Cdrom (af9c19b3100fe010496b1a27181fbf72) C:\WINDOWS\system32\DRIVERS\cdrom.sys
14:15:32.0531 3712 Cdrom - ok
14:15:32.0578 3712 Changer - ok
14:15:32.0656 3712 CmdIde - ok
14:15:32.0718 3712 Cpqarray - ok
14:15:32.0765 3712 cpudrv - ok
14:15:32.0828 3712 dac2w2k - ok
14:15:32.0875 3712 dac960nt - ok
14:15:32.0968 3712 Disk (00ca44e4534865f8a3b64f7c0984bff0) C:\WINDOWS\system32\DRIVERS\disk.sys
14:15:32.0968 3712 Disk - ok
14:15:33.0078 3712 dmboot (c0fbb516e06e243f0cf31f597e7ebf7d) C:\WINDOWS\system32\drivers\dmboot.sys
14:15:33.0125 3712 dmboot - ok
14:15:33.0234 3712 dmio (f5e7b358a732d09f4bcf2824b88b9e28) C:\WINDOWS\system32\drivers\dmio.sys
14:15:33.0234 3712 dmio - ok
14:15:33.0328 3712 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
14:15:33.0328 3712 dmload - ok
14:15:33.0421 3712 DMusic (a6f881284ac1150e37d9ae47ff601267) C:\WINDOWS\system32\drivers\DMusic.sys
14:15:33.0421 3712 DMusic - ok
14:15:33.0484 3712 dpti2o - ok
14:15:33.0562 3712 drmkaud (1ed4dbbae9f5d558dbba4cc450e3eb2e) C:\WINDOWS\system32\drivers\drmkaud.sys
14:15:33.0562 3712 drmkaud - ok
14:15:33.0671 3712 E100B (ac9cf17ee2ae003c98eb4f5336c38058) C:\WINDOWS\system32\DRIVERS\e100b325.sys
14:15:33.0718 3712 E100B - ok
14:15:33.0812 3712 EL90XBC (6e883bf518296a40959131c2304af714) C:\WINDOWS\system32\DRIVERS\el90xbc5.sys
14:15:33.0812 3712 EL90XBC - ok
14:15:33.0906 3712 Fastfat (3117f595e9615e04f05a54fc15a03b20) C:\WINDOWS\system32\drivers\Fastfat.sys
14:15:33.0921 3712 Fastfat - ok
14:15:34.0031 3712 Fdc (ced2e8396a8838e59d8fd529c680e02c) C:\WINDOWS\system32\DRIVERS\fdc.sys
14:15:34.0031 3712 Fdc - ok
14:15:34.0156 3712 FGUARD32 (f87bd63452c24df2dd11d64a89ec25dd) E:\Program Files\folder guard\Folder Guard\FGUARD32.SYS
14:15:35.0125 3712 FGUARD32 - ok
14:15:35.0218 3712 Fips (e153ab8a11de5452bcf5ac7652dbf3ed) C:\WINDOWS\system32\drivers\Fips.sys
14:15:35.0234 3712 Fips - ok
14:15:35.0296 3712 Flpydisk (0dd1de43115b93f4d85e889d7a86f548) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
14:15:35.0312 3712 Flpydisk - ok
14:15:35.0390 3712 FltMgr (157754f0df355a9e0a6f54721914f9c6) C:\WINDOWS\system32\DRIVERS\fltMgr.sys
14:15:35.0406 3712 FltMgr - ok
14:15:35.0484 3712 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
14:15:35.0484 3712 Fs_Rec - ok
14:15:35.0546 3712 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
14:15:35.0546 3712 Ftdisk - ok
14:15:35.0625 3712 Gpc (c0f1d4a21de5a415df8170616703debf) C:\WINDOWS\system32\DRIVERS\msgpc.sys
14:15:35.0640 3712 Gpc - ok
14:15:35.0718 3712 HidUsb (1de6783b918f540149aa69943bdfeba8) C:\WINDOWS\system32\DRIVERS\hidusb.sys
14:15:35.0734 3712 HidUsb - ok
14:15:35.0812 3712 hpn - ok
14:15:35.0890 3712 HTTP (c19b522a9ae0bbc3293397f3055e80a1) C:\WINDOWS\system32\Drivers\HTTP.sys
14:15:35.0906 3712 HTTP - ok
14:15:35.0968 3712 i2omgmt - ok
14:15:36.0015 3712 i2omp - ok
14:15:36.0078 3712 i8042prt (5502b58eef7486ee6f93f3f164dcb808) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
14:15:36.0093 3712 i8042prt - ok
14:15:36.0171 3712 IDMTDI (330a6a0baf4fd945bde14c7b1d88d9b9) C:\WINDOWS\system32\DRIVERS\idmtdi.sys
14:15:36.0171 3712 IDMTDI - ok
14:15:36.0234 3712 Imapi (f8aa320c6a0409c0380e5d8a99d76ec6) C:\WINDOWS\system32\DRIVERS\imapi.sys
14:15:36.0234 3712 Imapi - ok
14:15:36.0296 3712 ini910u - ok
14:15:36.0390 3712 IntelIde (2d722b2b54ab55b2fa475eb58d7b2aad) C:\WINDOWS\system32\DRIVERS\intelide.sys
14:15:36.0390 3712 IntelIde - ok
14:15:36.0453 3712 intelppm (279fb78702454dff2bb445f238c048d2) C:\WINDOWS\system32\DRIVERS\intelppm.sys
14:15:36.0468 3712 intelppm - ok
14:15:36.0515 3712 Ip6Fw (4448006b6bc60e6c027932cfc38d6855) C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
14:15:36.0515 3712 Ip6Fw - ok
14:15:36.0593 3712 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
14:15:36.0593 3712 IpFilterDriver - ok
14:15:36.0687 3712 IpInIp (e1ec7f5da720b640cd8fb8424f1b14bb) C:\WINDOWS\system32\DRIVERS\ipinip.sys
14:15:36.0687 3712 IpInIp - ok
14:15:36.0750 3712 IpNat (b5a8e215ac29d24d60b4d1250ef05ace) C:\WINDOWS\system32\DRIVERS\ipnat.sys
14:15:36.0765 3712 IpNat - ok
14:15:36.0921 3712 IPSec (64537aa5c003a6afeee1df819062d0d1) C:\WINDOWS\system32\DRIVERS\ipsec.sys
14:15:36.0937 3712 IPSec - ok
14:15:37.0031 3712 IRENUM (50708daa1b1cbb7d6ac1cf8f56a24410) C:\WINDOWS\system32\DRIVERS\irenum.sys
14:15:37.0031 3712 IRENUM - ok
14:15:37.0234 3712 isapnp (e504f706ccb699c2596e9a3da1596e87) C:\WINDOWS\system32\DRIVERS\isapnp.sys
14:15:37.0234 3712 isapnp - ok
14:15:37.0328 3712 Kbdclass (ebdee8a2ee5393890a1acee971c4c246) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
14:15:37.0328 3712 Kbdclass - ok
14:15:37.0421 3712 kmixer (d93cad07c5683db066b0b2d2d3790ead) C:\WINDOWS\system32\drivers\kmixer.sys
14:15:37.0421 3712 kmixer - ok
14:15:37.0500 3712 KSecDD (eb7ffe87fd367ea8fca0506f74a87fbb) C:\WINDOWS\system32\drivers\KSecDD.sys
14:15:37.0515 3712 KSecDD - ok
14:15:37.0578 3712 lbrtfdc - ok
14:15:37.0656 3712 lirsgt (975b6cf65f44e95883f3855bae8cecaf) C:\WINDOWS\system32\DRIVERS\lirsgt.sys
14:15:37.0671 3712 lirsgt - ok
14:15:37.0765 3712 MBAMProtector (69a6268d7f81e53d568ab4e7e991caf3) C:\WINDOWS\system32\drivers\mbam.sys
14:15:37.0765 3712 MBAMProtector - ok
14:15:37.0875 3712 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
14:15:37.0875 3712 mnmdd - ok
14:15:37.0953 3712 Modem (6fc6f9d7acc36dca9b914565a3aeda05) C:\WINDOWS\system32\drivers\Modem.sys
14:15:37.0953 3712 Modem - ok
14:15:38.0031 3712 Mouclass (34e1f0031153e491910e12551400192c) C:\WINDOWS\system32\DRIVERS\mouclass.sys
14:15:38.0031 3712 Mouclass - ok
14:15:38.0093 3712 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
14:15:38.0093 3712 mouhid - ok
14:15:38.0156 3712 MountMgr (65653f3b4477f3c63e68a9659f85ee2e) C:\WINDOWS\system32\drivers\MountMgr.sys
14:15:38.0171 3712 MountMgr - ok
14:15:38.0203 3712 mraid35x - ok
14:15:38.0296 3712 MRxDAV (46edcc8f2db2f322c24f48785cb46366) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
14:15:38.0312 3712 MRxDAV - ok
14:15:38.0421 3712 MRxSmb (1fd607fc67f7f7c633c3da65bfc53d18) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
14:15:38.0468 3712 MRxSmb - ok
14:15:38.0593 3712 Msfs (561b3a4333ca2dbdba28b5b956822519) C:\WINDOWS\system32\drivers\Msfs.sys
14:15:38.0593 3712 Msfs - ok
14:15:38.0687 3712 MSKSSRV (ae431a8dd3c1d0d0610cdbac16057ad0) C:\WINDOWS\system32\drivers\MSKSSRV.sys
14:15:38.0703 3712 MSKSSRV - ok
14:15:38.0781 3712 MSPCLOCK (13e75fef9dfeb08eeded9d0246e1f448) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
14:15:38.0796 3712 MSPCLOCK - ok
14:15:38.0890 3712 MSPQM (1988a33ff19242576c3d0ef9ce785da7) C:\WINDOWS\system32\drivers\MSPQM.sys
14:15:38.0890 3712 MSPQM - ok
14:15:38.0968 3712 mssmbios (469541f8bfd2b32659d5d463a6714bce) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
14:15:38.0968 3712 mssmbios - ok
14:15:39.0046 3712 MSTEE (bf13612142995096ab084f2db7f40f77) C:\WINDOWS\system32\drivers\MSTEE.sys
14:15:39.0046 3712 MSTEE - ok
14:15:39.0140 3712 Mup (82035e0f41c2dd05ae41d27fe6cf7de1) C:\WINDOWS\system32\drivers\Mup.sys
14:15:39.0156 3712 Mup - ok
14:15:39.0234 3712 NABTSFEC (5c8dc6429c43dc6177c1fa5b76290d1a) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
14:15:39.0234 3712 NABTSFEC - ok
14:15:39.0328 3712 NAL (4c8a40aaf288f8aa22eab655fc5ff46f) C:\WINDOWS\system32\Drivers\iqvw32.sys
14:15:39.0343 3712 NAL - ok
14:15:39.0421 3712 NDIS (558635d3af1c7546d26067d5d9b6959e) C:\WINDOWS\system32\drivers\NDIS.sys
14:15:39.0437 3712 NDIS - ok
14:15:39.0531 3712 NdisIP (520ce427a8b298f54112857bcf6bde15) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
14:15:39.0531 3712 NdisIP - ok
14:15:39.0609 3712 NdisTapi (08d43bbdacdf23f34d79e44ed35c1b4c) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
14:15:39.0625 3712 NdisTapi - ok
14:15:39.0687 3712 Ndisuio (34d6cd56409da9a7ed573e1c90a308bf) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
14:15:39.0687 3712 Ndisuio - ok
14:15:39.0765 3712 NdisWan (0b90e255a9490166ab368cd55a529893) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
14:15:39.0781 3712 NdisWan - ok
14:15:39.0875 3712 NDProxy (59fc3fb44d2669bc144fd87826bb571f) C:\WINDOWS\system32\drivers\NDProxy.sys
14:15:39.0875 3712 NDProxy - ok
14:15:39.0953 3712 NetBIOS (3a2aca8fc1d7786902ca434998d7ceb4) C:\WINDOWS\system32\DRIVERS\netbios.sys
14:15:39.0953 3712 NetBIOS - ok
14:15:40.0015 3712 NetBT (0c80e410cd2f47134407ee7dd19cc86b) C:\WINDOWS\system32\DRIVERS\netbt.sys
14:15:40.0031 3712 NetBT - ok
14:15:40.0140 3712 Npfs (4f601bcb8f64ea3ac0994f98fed03f8e) C:\WINDOWS\system32\drivers\Npfs.sys
14:15:40.0140 3712 Npfs - ok
14:15:40.0250 3712 Ntfs (b78be402c3f63dd55521f73876951cdd) C:\WINDOWS\system32\drivers\Ntfs.sys
14:15:40.0296 3712 Ntfs - ok
14:15:40.0421 3712 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
14:15:40.0421 3712 Null - ok
14:15:40.0937 3712 nv (9f4384aa43548ddd438f7b7825d11699) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
14:15:41.0421 3712 nv - ok
14:15:41.0515 3712 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
14:15:41.0531 3712 NwlnkFlt - ok
14:15:41.0625 3712 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
14:15:41.0625 3712 NwlnkFwd - ok
14:15:41.0718 3712 Parport (29744eb4ce659dfe3b4122deb45bc478) C:\WINDOWS\system32\DRIVERS\parport.sys
14:15:41.0718 3712 Parport - ok
14:15:41.0812 3712 PartMgr (3334430c29dc338092f79c38ef7b4cd0) C:\WINDOWS\system32\drivers\PartMgr.sys
14:15:41.0812 3712 PartMgr - ok
14:15:41.0890 3712 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
14:15:41.0906 3712 ParVdm - ok
14:15:41.0968 3712 PCI (8086d9979234b603ad5bc2f5d890b234) C:\WINDOWS\system32\DRIVERS\pci.sys
14:15:41.0968 3712 PCI - ok
14:15:42.0031 3712 PCIDump - ok
14:15:42.0078 3712 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
14:15:42.0093 3712 PCIIde - ok
14:15:42.0171 3712 Pcmcia (82a087207decec8456fbe8537947d579) C:\WINDOWS\system32\drivers\Pcmcia.sys
14:15:42.0171 3712 Pcmcia - ok
14:15:42.0218 3712 PDCOMP - ok
14:15:42.0265 3712 PDFRAME - ok
14:15:42.0312 3712 PDRELI - ok
14:15:42.0375 3712 PDRFRAME - ok
14:15:42.0421 3712 perc2 - ok
14:15:42.0453 3712 perc2hib - ok
14:15:42.0609 3712 PptpMiniport (1c5cc65aac0783c344f16353e60b72ac) C:\WINDOWS\system32\DRIVERS\raspptp.sys
14:15:42.0625 3712 PptpMiniport - ok
14:15:42.0671 3712 PSched (48671f327553dcf1d27f6197f622a668) C:\WINDOWS\system32\DRIVERS\psched.sys
14:15:42.0687 3712 PSched - ok
14:15:42.0750 3712 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
14:15:42.0750 3712 Ptilink - ok
14:15:42.0812 3712 ql1080 - ok
14:15:42.0859 3712 Ql10wnt - ok
14:15:42.0890 3712 ql12160 - ok
14:15:42.0937 3712 ql1240 - ok
14:15:42.0984 3712 ql1280 - ok
14:15:43.0046 3712 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
14:15:43.0062 3712 RasAcd - ok
14:15:43.0171 3712 Rasl2tp (98faeb4a4dcf812ba1c6fca4aa3e115c) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
14:15:43.0171 3712 Rasl2tp - ok
14:15:43.0218 3712 RasPppoe (7306eeed8895454cbed4669be9f79faa) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
14:15:43.0218 3712 RasPppoe - ok
14:15:43.0296 3712 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
14:15:43.0312 3712 Raspti - ok
14:15:43.0421 3712 Rdbss (29d66245adba878fff574cd66abd2884) C:\WINDOWS\system32\DRIVERS\rdbss.sys
14:15:43.0437 3712 Rdbss - ok
14:15:43.0515 3712 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
14:15:43.0515 3712 RDPCDD - ok
14:15:43.0609 3712 rdpdr (a2cae2c60bc37e0751ef9dda7ceaf4ad) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
14:15:43.0625 3712 rdpdr - ok
14:15:43.0703 3712 RDPWD (d4f5643d7714ef499ae9527fdcd50894) C:\WINDOWS\system32\drivers\RDPWD.sys
14:15:43.0703 3712 RDPWD - ok
14:15:43.0812 3712 redbook (b31b4588e4086d8d84adbf9845c2402b) C:\WINDOWS\system32\DRIVERS\redbook.sys
14:15:43.0812 3712 redbook - ok
14:15:43.0953 3712 Secdrv (d26e26ea516450af9d072635c60387f4) C:\WINDOWS\system32\DRIVERS\secdrv.sys
14:15:43.0953 3712 Secdrv - ok
14:15:44.0031 3712 serenum (a2d868aeeff612e70e213c451a70cafb) C:\WINDOWS\system32\DRIVERS\serenum.sys
14:15:44.0046 3712 serenum - ok
14:15:44.0093 3712 Serial (cd9404d115a00d249f70a371b46d5a26) C:\WINDOWS\system32\DRIVERS\serial.sys
14:15:44.0093 3712 Serial - ok
14:15:44.0203 3712 Sfloppy (0d13b6df6e9e101013a7afb0ce629fe0) C:\WINDOWS\system32\drivers\Sfloppy.sys
14:15:44.0218 3712 Sfloppy - ok
14:15:44.0265 3712 Simbad - ok
14:15:44.0375 3712 SLIP (5caeed86821fa2c6139e32e9e05ccdc9) C:\WINDOWS\system32\DRIVERS\SLIP.sys
14:15:44.0390 3712 SLIP - ok
14:15:44.0515 3712 smwdm (5ac51dba9b3a75d6ca79583edbf23001) C:\WINDOWS\system32\drivers\smwdm.sys
14:15:44.0562 3712 smwdm - ok
14:15:44.0609 3712 Sparrow - ok
14:15:44.0687 3712 splitter (8e186b8f23295d1e42c573b82b80d548) C:\WINDOWS\system32\drivers\splitter.sys
14:15:44.0703 3712 splitter - ok
14:15:44.0781 3712 sr (e41b6d037d6cd08461470af04500dc24) C:\WINDOWS\system32\DRIVERS\sr.sys
14:15:44.0796 3712 sr - ok
14:15:44.0890 3712 SRS_SSCFilter (a864d48cc592985df965df0180b7bf26) C:\WINDOWS\system32\drivers\srs_sscfilter.sys
14:15:44.0906 3712 SRS_SSCFilter - ok
14:15:44.0984 3712 Srv (20b7e396720353e4117d64d9dcb926ca) C:\WINDOWS\system32\DRIVERS\srv.sys
14:15:45.0015 3712 Srv - ok
14:15:45.0093 3712 streamip (284c57df5dc7abca656bc2b96a667afb) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
14:15:45.0109 3712 streamip - ok
14:15:45.0203 3712 swenum (03c1bae4766e2450219d20b993d6e046) C:\WINDOWS\system32\DRIVERS\swenum.sys
14:15:45.0203 3712 swenum - ok
14:15:45.0281 3712 swmidi (94abc808fc4b6d7d2bbf42b85e25bb4d) C:\WINDOWS\system32\drivers\swmidi.sys
14:15:45.0281 3712 swmidi - ok
14:15:45.0375 3712 symc810 - ok
14:15:45.0421 3712 symc8xx - ok
14:15:45.0468 3712 sym_hi - ok
14:15:45.0515 3712 sym_u3 - ok
14:15:45.0578 3712 sysaudio (650ad082d46bac0e64c9c0e0928492fd) C:\WINDOWS\system32\drivers\sysaudio.sys
14:15:45.0593 3712 sysaudio - ok
14:15:45.0718 3712 Tcpip (9f4b36614a0fc234525ba224957de55c) C:\WINDOWS\system32\DRIVERS\tcpip.sys
14:15:45.0750 3712 Tcpip - ok
14:15:45.0843 3712 TDPIPE (38d437cf2d98965f239b0abcd66dcb0f) C:\WINDOWS\system32\drivers\TDPIPE.sys
14:15:45.0843 3712 TDPIPE - ok
14:15:45.0906 3712 TDTCP (ed0580af02502d00ad8c4c066b156be9) C:\WINDOWS\system32\drivers\TDTCP.sys
14:15:45.0921 3712 TDTCP - ok
14:15:46.0000 3712 TermDD (a540a99c281d933f3d69d55e48727f47) C:\WINDOWS\system32\DRIVERS\termdd.sys
14:15:46.0000 3712 TermDD - ok
14:15:46.0078 3712 TosIde - ok
14:15:46.0171 3712 Udfs (12f70256f140cd7d52c58c7048fde657) C:\WINDOWS\system32\drivers\Udfs.sys
14:15:46.0171 3712 Udfs - ok
14:15:46.0234 3712 ultra - ok
14:15:46.0312 3712 Update (aff2e5045961bbc0a602bb6f95eb1345) C:\WINDOWS\system32\DRIVERS\update.sys
14:15:46.0343 3712 Update - ok
14:15:46.0437 3712 usbaudio (45a0d14b26c35497ad93bce7e15c9941) C:\WINDOWS\system32\drivers\usbaudio.sys
14:15:46.0437 3712 usbaudio - ok
14:15:46.0515 3712 usbccgp (bffd9f120cc63bcbaa3d840f3eef9f79) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
14:15:46.0531 3712 usbccgp - ok
14:15:46.0609 3712 usbehci (15e993ba2f6946b2bfbbfcd30398621e) C:\WINDOWS\system32\DRIVERS\usbehci.sys
14:15:46.0609 3712 usbehci - ok
14:15:46.0687 3712 usbhub (c72f40947f92cea56a8fb532edf025f1) C:\WINDOWS\system32\DRIVERS\usbhub.sys
14:15:46.0687 3712 usbhub - ok
14:15:46.0765 3712 usbprint (a42369b7cd8886cd7c70f33da6fcbcf5) C:\WINDOWS\system32\DRIVERS\usbprint.sys
14:15:46.0765 3712 usbprint - ok
14:15:46.0828 3712 USBSTOR (6cd7b22193718f1d17a47a1cd6d37e75) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
14:15:46.0843 3712 USBSTOR - ok
14:15:46.0906 3712 usbuhci (f8fd1400092e23c8f2f31406ef06167b) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
14:15:46.0906 3712 usbuhci - ok
14:15:46.0984 3712 usbvideo (8968ff3973a883c49e8b564200f565b9) C:\WINDOWS\system32\Drivers\usbvideo.sys
14:15:46.0984 3712 usbvideo - ok
14:15:47.0062 3712 VgaSave (8a60edd72b4ea5aea8202daf0e427925) C:\WINDOWS\System32\drivers\vga.sys
14:15:47.0062 3712 VgaSave - ok
14:15:47.0109 3712 ViaIde - ok
14:15:47.0203 3712 VolSnap (ee4660083deba849ff6c485d944b379b) C:\WINDOWS\system32\drivers\VolSnap.sys
14:15:47.0203 3712 VolSnap - ok
14:15:47.0312 3712 Wanarp (984ef0b9788abf89974cfed4bfbaacbc) C:\WINDOWS\system32\DRIVERS\wanarp.sys
14:15:47.0312 3712 Wanarp - ok
14:15:47.0375 3712 WDICA - ok
14:15:47.0453 3712 wdmaud (2797f33ebf50466020c430ee4f037933) C:\WINDOWS\system32\drivers\wdmaud.sys
14:15:47.0468 3712 wdmaud - ok
14:15:47.0640 3712 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys
14:15:47.0656 3712 WS2IFSL - ok
14:15:47.0734 3712 WSTCODEC (d5842484f05e12121c511aa93f6439ec) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
14:15:47.0750 3712 WSTCODEC - ok
14:15:47.0828 3712 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0
14:15:48.0375 3712 \Device\Harddisk0\DR0 - ok
14:15:48.0406 3712 Boot (0x1200) (1e99ee1969c12124f31a1b64d66503e7) \Device\Harddisk0\DR0\Partition0
14:15:48.0421 3712 \Device\Harddisk0\DR0\Partition0 - ok
14:15:48.0453 3712 Boot (0x1200) (7c9c9b4eed61f62c3815d4c145bd8f16) \Device\Harddisk0\DR0\Partition1
14:15:48.0468 3712 \Device\Harddisk0\DR0\Partition1 - ok
14:15:48.0500 3712 Boot (0x1200) (bc370a04348baae327d839b79dd273dc) \Device\Harddisk0\DR0\Partition2
14:15:48.0531 3712 \Device\Harddisk0\DR0\Partition2 - ok
14:15:48.0531 3712 ============================================================
14:15:48.0531 3712 Scan finished
14:15:48.0531 3712 ============================================================
14:15:48.0562 3692 Detected object count: 0
14:15:48.0562 3692 Actual detected object count: 0
  • 0

Advertisements


#26
Ali Butt

Ali Butt

    Member

  • Topic Starter
  • Member
  • PipPip
  • 24 posts
so i did submit the file on virustotal.com and the results are 0/43 of both programs.
what should i do next?
  • 0

#27
RKinner

RKinner

    Malware Expert

  • Expert
  • 19,797 posts
  • MVP
Start, Run, sfc /scannow, OK

SPACE after sfc. This will check your critical system files. If it asks for a CD and you don't have one or it doesn't like your CD just tell it to SKIP or Continue. You may have to do this a lot but try and get through the whole scan.

Then run aswMBR again and post the log.

Download

http://ad13.geekstogo.com/MBRCheck.exe

Save it and run it. It will produce a log MBRCheck(date).txt on your desktop. Copy and paste it into a reply.
(Close mbrcheck)
  • 0

#28
Ali Butt

Ali Butt

    Member

  • Topic Starter
  • Member
  • PipPip
  • 24 posts
hi, just now i tried to log in those website which were earlier redirecting to youtube and it seems that the problem has been gone for time being. i don't know what happened but problem seems to be gone.
what do you recommend me to do?
  • 0

#29
Ali Butt

Ali Butt

    Member

  • Topic Starter
  • Member
  • PipPip
  • 24 posts
new aswmbr log file:
aswMBR version 0.9.9.1120 Copyright© 2011 AVAST Software
Run date: 2011-12-27 02:01:33
-----------------------------
02:01:33.750 OS Version: Windows 5.1.2600 Service Pack 2
02:01:33.750 Number of processors: 1 586 0x207
02:01:33.765 ComputerName: HOME-1157E821BE UserName: ALI BUTT
02:01:37.375 Initialize success
02:10:22.546 AVAST engine defs: 11122601
02:10:29.546 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3
02:10:29.546 Disk 0 Vendor: ST340016A 3.75 Size: 38166MB BusType: 3
02:10:31.578 Disk 0 MBR read successfully
02:10:31.578 Disk 0 MBR scan
02:10:33.234 Disk 0 Windows XP default MBR code
02:10:33.234 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 20002 MB offset 63
02:10:34.703 Disk 0 Partition - 00 0F Extended LBA 18151 MB offset 40965750
02:10:34.718 Disk 0 Partition 2 00 0B FAT32 MSDOS5.0 10001 MB offset 40965813
02:10:34.953 Disk 0 Partition - 00 05 Extended 8150 MB offset 61448625
02:10:34.968 Disk 0 Partition 3 00 0B FAT32 MSDOS5.0 8150 MB offset 61448688
02:10:35.062 Disk 0 scanning sectors +78140160
02:10:35.687 Disk 0 scanning C:\WINDOWS\system32\drivers
02:11:13.437 Service scanning
02:11:20.531 Modules scanning
02:11:28.968 Module: C:\WINDOWS\System32\drivers\dxgthk.sys **SUSPICIOUS**
02:11:31.984 Module: C:\WINDOWS\system32\ntdll.dll **SUSPICIOUS**
02:11:32.968 AVAST engine scan C:\WINDOWS
02:11:53.015 AVAST engine scan C:\WINDOWS\system32
02:16:11.453 AVAST engine scan C:\WINDOWS\system32\drivers
02:16:34.687 AVAST engine scan C:\Documents and Settings\ALI BUTT
02:19:47.671 AVAST engine scan C:\Documents and Settings\All Users
02:20:29.937 Scan finished successfully
02:21:37.453 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\ALI BUTT\Desktop\MBR.dat"
02:21:37.453 The log file has been saved successfully to "C:\Documents and Settings\ALI BUTT\Desktop\aswMBR.txt"
  • 0

#30
Ali Butt

Ali Butt

    Member

  • Topic Starter
  • Member
  • PipPip
  • 24 posts
MBRCheck, version 1.2.3
© 2010, AD

Command-line:
Windows Version: Windows XP Professional
Windows Information: Service Pack 2 (build 2600)
Logical Drives Mask: 0x0000003d

Kernel Drivers (total 133):
0x804D7000 \WINDOWS\system32\ntoskrnl.exe
0x806EC000 \WINDOWS\system32\hal.dll
0xF8B76000 \WINDOWS\system32\KDCOM.DLL
0xF8A86000 \WINDOWS\system32\BOOTVID.dll
0xF8627000 ACPI.sys
0xF8B78000 \WINDOWS\system32\DRIVERS\WMILIB.SYS
0xF8616000 pci.sys
0xF8676000 isapnp.sys
0xF8C3E000 pciide.sys
0xF88F6000 \WINDOWS\system32\DRIVERS\PCIIDEX.SYS
0xF8B7A000 intelide.sys
0xF8686000 MountMgr.sys
0xF85F7000 ftdisk.sys
0xF8B7C000 dmload.sys
0xF85D1000 dmio.sys
0xF88FE000 PartMgr.sys
0xF8696000 VolSnap.sys
0xF85B9000 atapi.sys
0xF86A6000 disk.sys
0xF86B6000 \WINDOWS\system32\DRIVERS\CLASSPNP.SYS
0xF859A000 fltMgr.sys
0xF8588000 sr.sys
0xF8571000 KSecDD.sys
0xF84E4000 Ntfs.sys
0xF84B7000 NDIS.sys
0xF849C000 Mup.sys
0xF8906000 avgrkx86.sys
0xF8A8A000 AVGIDSEH.Sys
0xF86C6000 agp440.sys
0xF8836000 \SystemRoot\system32\DRIVERS\intelppm.sys
0xF7E02000 \SystemRoot\system32\DRIVERS\nv4_mini.sys
0xF7DEE000 \SystemRoot\system32\DRIVERS\VIDEOPRT.SYS
0xF8966000 \SystemRoot\system32\DRIVERS\usbuhci.sys
0xF7DCB000 \SystemRoot\system32\DRIVERS\USBPORT.SYS
0xF896E000 \SystemRoot\system32\DRIVERS\usbehci.sys
0xF7DBA000 \SystemRoot\system32\DRIVERS\el90xbc5.sys
0xF8846000 \SystemRoot\system32\DRIVERS\i8042prt.sys
0xF8976000 \SystemRoot\system32\DRIVERS\kbdclass.sys
0xF897E000 \SystemRoot\system32\DRIVERS\fdc.sys
0xF7DA6000 \SystemRoot\system32\DRIVERS\parport.sys
0xF8856000 \SystemRoot\system32\DRIVERS\serial.sys
0xF8B3A000 \SystemRoot\system32\DRIVERS\serenum.sys
0xF8866000 \SystemRoot\system32\DRIVERS\cdrom.sys
0xF8876000 \SystemRoot\system32\DRIVERS\redbook.sys
0xF7D83000 \SystemRoot\system32\DRIVERS\ks.sys
0xF7CF5000 \SystemRoot\system32\drivers\smwdm.sys
0xF7CD1000 \SystemRoot\system32\drivers\portcls.sys
0xF8886000 \SystemRoot\system32\drivers\drmk.sys
0xF8B8E000 \SystemRoot\system32\drivers\aeaudio.sys
0xF8896000 \SystemRoot\system32\drivers\srs_sscfilter.sys
0xF8986000 \SystemRoot\system32\drivers\wowhd_kern_i386.sys
0xF88A6000 \SystemRoot\system32\drivers\csiidecoder_kern_i386.sys
0xF88B6000 \SystemRoot\system32\drivers\surroundhp_kern_i386.sys
0xF88C6000 \SystemRoot\system32\drivers\tshd4_kern_i386.sys
0xF8CB3000 \SystemRoot\system32\DRIVERS\audstub.sys
0xF88D6000 \SystemRoot\system32\DRIVERS\rasl2tp.sys
0xF8B42000 \SystemRoot\system32\DRIVERS\ndistapi.sys
0xF7CBA000 \SystemRoot\system32\DRIVERS\ndiswan.sys
0xF88E6000 \SystemRoot\system32\DRIVERS\raspppoe.sys
0xF86E6000 \SystemRoot\system32\DRIVERS\raspptp.sys
0xF898E000 \SystemRoot\system32\DRIVERS\TDI.SYS
0xF7CA9000 \SystemRoot\system32\DRIVERS\psched.sys
0xF86F6000 \SystemRoot\system32\DRIVERS\msgpc.sys
0xF8996000 \SystemRoot\system32\DRIVERS\ptilink.sys
0xF899E000 \SystemRoot\system32\DRIVERS\raspti.sys
0xF7BD8000 \SystemRoot\system32\DRIVERS\rdpdr.sys
0xF8706000 \SystemRoot\system32\DRIVERS\termdd.sys
0xF89A6000 \SystemRoot\system32\DRIVERS\mouclass.sys
0xF8B90000 \SystemRoot\system32\DRIVERS\swenum.sys
0xF7B7C000 \SystemRoot\system32\DRIVERS\update.sys
0xF8B5E000 \SystemRoot\system32\DRIVERS\mssmbios.sys
0xF8716000 \SystemRoot\System32\Drivers\NDProxy.SYS
0xF8726000 \SystemRoot\system32\DRIVERS\usbhub.sys
0xF8B92000 \SystemRoot\system32\DRIVERS\USBD.SYS
0xF89AE000 \SystemRoot\system32\DRIVERS\flpydisk.sys
0xF8746000 \SystemRoot\system32\DRIVERS\avgmfx86.sys
0xF8B96000 \SystemRoot\System32\Drivers\Fs_Rec.SYS
0xF8D35000 \SystemRoot\System32\Drivers\Null.SYS
0xF8B98000 \SystemRoot\System32\Drivers\Beep.SYS
0xF89BE000 \SystemRoot\System32\drivers\vga.sys
0xF8B9A000 \SystemRoot\System32\Drivers\mnmdd.SYS
0xF8B9C000 \SystemRoot\System32\DRIVERS\RDPCDD.sys
0xF89C6000 \SystemRoot\System32\Drivers\Msfs.SYS
0xF89CE000 \SystemRoot\System32\Drivers\Npfs.SYS
0xF8447000 \SystemRoot\system32\DRIVERS\rasacd.sys
0xF69DB000 \SystemRoot\system32\DRIVERS\ipsec.sys
0xF6983000 \SystemRoot\system32\DRIVERS\tcpip.sys
0xF693C000 \SystemRoot\system32\DRIVERS\avgtdix.sys
0xF691B000 \SystemRoot\system32\DRIVERS\ipnat.sys
0xF8756000 \SystemRoot\system32\DRIVERS\wanarp.sys
0xF8B12000 \SystemRoot\system32\DRIVERS\hidusb.sys
0xF8766000 \SystemRoot\system32\DRIVERS\HIDCLASS.SYS
0xF89DE000 \SystemRoot\system32\DRIVERS\HIDPARSE.SYS
0xF68F3000 \SystemRoot\system32\DRIVERS\netbt.sys
0xF68D1000 \SystemRoot\System32\drivers\afd.sys
0xF8776000 \SystemRoot\system32\DRIVERS\netbios.sys
0xF68A5000 \SystemRoot\system32\DRIVERS\rdbss.sys
0xF6836000 \SystemRoot\system32\DRIVERS\mrxsmb.sys
0xF681F000 \SystemRoot\system32\DRIVERS\idmtdi.sys
0xF8796000 \SystemRoot\System32\Drivers\Fips.SYS
0xF89F6000 \SystemRoot\system32\DRIVERS\usbccgp.sys
0xF8B1A000 \SystemRoot\system32\DRIVERS\mouhid.sys
0xF680B000 \SystemRoot\System32\Drivers\usbvideo.sys
0xF87A6000 \SystemRoot\system32\drivers\usbaudio.sys
0xF670C000 \SystemRoot\system32\DRIVERS\avgldx86.sys
0xF66E9000 \SystemRoot\System32\Drivers\Fastfat.SYS
0xF6631000 \SystemRoot\System32\Drivers\dump_atapi.sys
0xF8BE6000 \SystemRoot\System32\Drivers\dump_WMILIB.SYS
0xBF800000 \SystemRoot\System32\win32k.sys
0xF8A66000 \SystemRoot\System32\watchdog.sys
0xF66B5000 \SystemRoot\System32\drivers\Dxapi.sys
0xBF000000 \SystemRoot\System32\drivers\dxg.sys
0xF8D4F000 \SystemRoot\System32\drivers\dxgthk.sys
0xBF012000 \SystemRoot\System32\nv4_disp.dll
0xBFFA0000 \SystemRoot\System32\ATMFD.DLL
0xF6695000 \??\C:\WINDOWS\system32\drivers\mbam.sys
0xF87C6000 \??\E:\Program Files\folder guard\Folder Guard\FGUARD32.SYS
0xBA6FC000 \SystemRoot\system32\DRIVERS\ndisuio.sys
0xBA4A3000 \SystemRoot\system32\drivers\wdmaud.sys
0xBA780000 \SystemRoot\system32\drivers\sysaudio.sys
0xBA1F1000 \SystemRoot\system32\DRIVERS\mrxdav.sys
0xF8BEA000 \SystemRoot\System32\Drivers\ParVdm.SYS
0xBA0BE000 \SystemRoot\system32\DRIVERS\atksgt.sys
0xBA4D8000 \SystemRoot\system32\DRIVERS\AVGIDSShim.Sys
0xF89D6000 \SystemRoot\system32\DRIVERS\lirsgt.sys
0xB9FF3000 \SystemRoot\system32\DRIVERS\srv.sys
0xF8A36000 \SystemRoot\system32\DRIVERS\AVGIDSFilter.Sys
0xB9CE4000 \SystemRoot\system32\DRIVERS\AVGIDSDriver.Sys
0xB98FC000 \SystemRoot\System32\Drivers\HTTP.sys
0xB9884000 \SystemRoot\system32\DRIVERS\ipfltdrv.sys
0xB9520000 \??\C:\DOCUME~1\ALIBUT~1\LOCALS~1\Temp\aswMBR.sys
0xB8639000 \SystemRoot\system32\drivers\kmixer.sys
0x7C900000 \WINDOWS\system32\ntdll.dll

Processes (total 47):
0 System Idle Process
4 System
456 C:\WINDOWS\system32\smss.exe
496 C:\PROGRA~1\AVG\AVG2012\avgrsx.exe
528 C:\Program Files\AVG\AVG2012\avgcsrvx.exe
720 csrss.exe
752 C:\WINDOWS\system32\winlogon.exe
804 C:\WINDOWS\system32\services.exe
816 C:\WINDOWS\system32\lsass.exe
996 C:\WINDOWS\system32\svchost.exe
1064 svchost.exe
1148 C:\WINDOWS\system32\svchost.exe
1224 svchost.exe
1304 svchost.exe
1452 C:\WINDOWS\system32\spoolsv.exe
1732 C:\WINDOWS\explorer.exe
1920 E:\Program Files\USB Disk Security\USBGuard.exe
1928 C:\WINDOWS\system32\rundll32.exe
1948 C:\Program Files\AVG\AVG2012\avgtray.exe
1968 C:\Program Files\AVG Secure Search\vprot.exe
1988 E:\Program Files\folder guard\Folder Guard\FGKey.exe
2024 E:\Program Files\IM Magician\vmonproc.exe
2032 C:\Program Files\Common Files\Java\Java Update\jusched.exe
128 D:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
200 E:\Program Files\SRS Labs\Audio Sandbox\SRSSSC.exe
220 E:\idm\Internet Download Manager\IDMan.exe
472 C:\PROGRA~1\Webshots\315~1.761\Webshots.scr
692 C:\Program Files\AVG\AVG2012\avgwdsvc.exe
712 E:\Program Files\IM Magician\Vicamon.exe
1244 C:\WINDOWS\system32\IPROSetMonitor.exe
1420 C:\Program Files\Java\jre6\bin\jqs.exe
1540 D:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
1716 C:\WINDOWS\system32\nvsvc32.exe
1580 C:\WINDOWS\system32\PnkBstrA.exe
1824 C:\WINDOWS\system32\svchost.exe
852 C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\9.0.1\ToolbarUpdater.exe
264 C:\Program Files\AVG\AVG2012\avgnsx.exe
372 C:\Program Files\AVG\AVG2012\avgemcx.exe
1896 C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe
3688 C:\WINDOWS\system32\wscntfy.exe
2612 alg.exe
2748 E:\idm\Internet Download Manager\IEMonitor.exe
3844 E:\Program Files\folder guard\Folder Guard\FGuard.exe
3012 E:\Program Files\Mozilla Firefox\firefox.exe
2092 E:\Program Files\Mozilla Firefox\plugin-container.exe
3776 E:\Program Files\BitTorrent\BitTorrent.exe
3380 C:\Documents and Settings\ALI BUTT\Desktop\MBRCheck.exe

\\.\C: --> \\.\PhysicalDrive0 at offset 0x00000000`00007e00 (NTFS)
\\.\D: --> \\.\PhysicalDrive0 at offset 0x00000004`e22d6a00 (FAT32)
\\.\E: --> \\.\PhysicalDrive0 at offset 0x00000007`5343e000 (FAT32)

PhysicalDrive0 Model Number: ST340016A, Rev: 3.75

Size Device Name MBR Status
--------------------------------------------
37 GB \\.\PhysicalDrive0 Windows XP MBR code detected
SHA1: DA38B874B7713D1B51CBC449F4EF809B0DEC644A


Done!
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP