Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Task Manager , Registry Editor Disabled by Administrator. [Closed]


  • This topic is locked This topic is locked

#1
smoker05

smoker05

    New Member

  • Member
  • Pip
  • 6 posts
Hey guys,
I am into this super Weird problem.
Before starting Please ignore my english as it is not my native language.
My PC showing up some weird problem like "Task Manger is Disabled By Administrator" and "Registry Editing is Disabled by Administrator".
After this , i thought of formatting my PC. I formatted my pc ( i Didn't format my whole HDD), but still the problem was there(Task Manger is Disabled By Administrator,Registry Editing is Disabled by Administrator).
So after this i formatted my Whole pc , i even formatted my full HDD. That means, my computer was a kind of new. So after formatting , i restart my PC i found that the problem was still there.
Note: I tried to scan my PC. I run "Superantispyware" And "Malwarebytes" software because none of the Antivirus Site was opening on my browser (Kaspersky, Bitdefender, Norton).
I tried all most every solution of this problem is available on net.
I even try to find & try to solve the problem finding a video on youtube.
I took kaspersky trial version & bit-defender trial version from my friend. But none was installed , due to some installation error.
now my PC is showing some Nvidia error, svchost error & netsh.exe(not sure with the spelling) and many more.
So please guys , I request you to help me.
Please guys , please !!
  • 0

Advertisements


#2
smoker05

smoker05

    New Member

  • Topic Starter
  • Member
  • Pip
  • 6 posts
OTL logfile created on: 2/4/2012 5:37:28 PM - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Documents and Settings\harsh\My Documents\Downloads\Programs
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 1.22 Gb Available Physical Memory | 61.20% Memory free
3.85 Gb Paging File | 3.13 Gb Available in Paging File | 81.36% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 48.83 Gb Total Space | 33.83 Gb Free Space | 69.29% Space Free | Partition Type: NTFS
Drive D: | 48.83 Gb Total Space | 19.45 Gb Free Space | 39.83% Space Free | Partition Type: NTFS
Drive E: | 48.83 Gb Total Space | 47.34 Gb Free Space | 96.95% Space Free | Partition Type: NTFS
Drive F: | 48.83 Gb Total Space | 48.25 Gb Free Space | 98.83% Space Free | Partition Type: NTFS
Drive G: | 37.57 Gb Total Space | 37.25 Gb Free Space | 99.17% Space Free | Partition Type: NTFS

Computer Name: HARSH-A1EC9736B | User Name: harsh | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/02/04 17:36:14 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\harsh\My Documents\Downloads\Programs\OTL.exe
PRC - [2012/01/25 03:26:53 | 001,216,496 | ---- | M] (Google Inc.) -- C:\Documents and Settings\harsh\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
PRC - [2011/11/07 20:02:02 | 000,659,456 | ---- | M] () -- C:\Program Files\Connector\Connector.exe
PRC - [2011/08/22 16:12:52 | 003,507,088 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
PRC - [2011/08/03 17:19:00 | 002,255,464 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
PRC - [2011/08/02 15:17:34 | 000,063,488 | ---- | M] () -- C:\Program Files\Samsung\USB Drivers\26_VIA_driver2\x86\VIAService.exe
PRC - [2011/07/18 18:41:22 | 003,483,032 | ---- | M] (Tonec Inc.) -- C:\Program Files\Internet Download Manager\IDMan.exe
PRC - [2010/05/25 19:58:58 | 000,263,600 | ---- | M] (Tonec Inc.) -- C:\Program Files\Internet Download Manager\IEMonitor.exe
PRC - [2008/04/14 11:12:20 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/01/02 02:52:02 | 003,739,648 | ---- | M] (Google) -- C:\Program Files\Google\Google Talk\googletalk.exe
PRC - [2001/08/24 23:30:00 | 000,036,352 | --S- | M] (Microsoft Corporation) -- C:\WINDOWS\svchost.exe


========== Modules (No Company Name) ==========

MOD - [2012/01/25 03:26:51 | 000,441,328 | ---- | M] () -- C:\Documents and Settings\harsh\Local Settings\Application Data\Google\Chrome\Application\18.0.1017.2\ppgooglenaclpluginchrome.dll
MOD - [2012/01/25 03:26:50 | 003,889,648 | ---- | M] () -- C:\Documents and Settings\harsh\Local Settings\Application Data\Google\Chrome\Application\18.0.1017.2\pdf.dll
MOD - [2012/01/25 03:25:26 | 000,122,880 | ---- | M] () -- C:\Documents and Settings\harsh\Local Settings\Application Data\Google\Chrome\Application\18.0.1017.2\avutil-51.dll
MOD - [2012/01/25 03:25:25 | 000,222,208 | ---- | M] () -- C:\Documents and Settings\harsh\Local Settings\Application Data\Google\Chrome\Application\18.0.1017.2\avformat-53.dll
MOD - [2012/01/25 03:25:23 | 001,746,432 | ---- | M] () -- C:\Documents and Settings\harsh\Local Settings\Application Data\Google\Chrome\Application\18.0.1017.2\avcodec-53.dll
MOD - [2012/01/25 02:44:31 | 008,740,512 | ---- | M] () -- C:\Documents and Settings\harsh\Local Settings\Application Data\Google\Chrome\Application\18.0.1017.2\gcswf32.dll
MOD - [2011/11/07 20:02:02 | 000,659,456 | ---- | M] () -- C:\Program Files\Connector\Connector.exe
MOD - [2011/08/02 15:17:34 | 000,063,488 | ---- | M] () -- C:\Program Files\Samsung\USB Drivers\26_VIA_driver2\x86\VIAService.exe
MOD - [2008/04/14 11:12:04 | 001,288,192 | ---- | M] () -- C:\WINDOWS\system32\quartz.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- -- (HidServ)
SRV - [2011/08/03 17:19:00 | 002,255,464 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService)
SRV - [2011/08/02 15:17:34 | 000,063,488 | ---- | M] () [Auto | Running] -- C:\Program Files\Samsung\USB Drivers\26_VIA_driver2\x86\VIAService.exe -- (CDMA Device Service)
SRV - [2011/03/16 10:42:06 | 000,485,160 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2001/08/24 23:30:00 | 000,036,352 | --S- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\svchost.exe -- (PowerManager)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Running] -- -- (abp470n5)
DRV - [2011/07/18 09:54:42 | 000,014,920 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sscdmdfl.sys -- (sscdmdfl)
DRV - [2011/07/18 09:54:40 | 000,132,424 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sscdmdm.sys -- (sscdmdm)
DRV - [2011/07/18 09:54:40 | 000,104,648 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sscdbus.sys -- (sscdbus) SAMSUNG USB Composite Device driver (WDM)
DRV - [2011/07/18 09:54:08 | 000,136,808 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssadmdm.sys -- (ssadmdm)
DRV - [2011/07/18 09:54:08 | 000,121,064 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssadbus.sys -- (ssadbus) SAMSUNG Android USB Composite Device driver (WDM)
DRV - [2011/07/18 09:54:08 | 000,012,776 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssadmdfl.sys -- (ssadmdfl) SAMSUNG Android USB Modem (Filter)
DRV - [2011/07/06 20:44:42 | 000,101,616 | ---- | M] (Tonec Inc.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\idmtdi.sys -- (IDMTDI)
DRV - [2007/03/13 12:32:20 | 004,474,368 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========


FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=1.1.11: C:\Program Files\VideoLAN\VLC\npvlc.dll (the VideoLAN Team)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/02/03 00:02:52 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Documents and Settings\harsh\Application Data\IDM\idmmzcc5 [2012/01/30 23:19:12 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\SeaMonkey\Extensions\\[email protected]: C:\Documents and Settings\harsh\Application Data\IDM\idmmzcc5 [2012/01/30 23:19:12 | 000,000,000 | ---D | M]

[2012/02/03 00:02:59 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\harsh\Application Data\Mozilla\Extensions
[2012/02/03 00:02:59 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\harsh\Application Data\Mozilla\Firefox\Profiles\d7kkcky7.default\extensions
[2012/02/03 00:02:52 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012/02/03 00:02:52 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\distribution\extensions
() (No name found) -- C:\DOCUMENTS AND SETTINGS\HARSH\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\D7KKCKY7.DEFAULT\EXTENSIONS\[email protected]
[2012/01/24 19:02:18 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012/01/24 16:51:10 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012/01/24 16:51:10 | 000,002,040 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms},
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Documents and Settings\harsh\Local Settings\Application Data\Google\Chrome\Application\18.0.1017.2\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Documents and Settings\harsh\Local Settings\Application Data\Google\Chrome\Application\18.0.1017.2\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Documents and Settings\harsh\Local Settings\Application Data\Google\Chrome\Application\18.0.1017.2\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: VLC Multimedia Plug-in (Enabled) = C:\Program Files\VideoLAN\VLC\npvlc.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: Turn Off the Lights = C:\Documents and Settings\harsh\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\bfbmjmiodbnnpllbbbfblcplfjjepjdn\2.0.0.46_0\
CHR - Extension: YouTube = C:\Documents and Settings\harsh\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.3_0\
CHR - Extension: Google Search = C:\Documents and Settings\harsh\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.16_0\
CHR - Extension: The Times of India = C:\Documents and Settings\harsh\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\hkifncilkifgngmpmnmokphicplifhnn\1.0.4_0\
CHR - Extension: Facebook video player = C:\Documents and Settings\harsh\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jkfcaefgomacelijlinohbdfiecabhig\0.1.2_0\
CHR - Extension: Google Dictionary (by Google) = C:\Documents and Settings\harsh\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\mgijmajocgfcbeboacabfgobmjgjcoja\3.0.10_0\
CHR - Extension: Gmail = C:\Documents and Settings\harsh\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2001/08/23 17:30:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (IDM integration (IDMIEHlprObj Class)) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll (Internet Download Manager, Tonec Inc.)
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [googletalk] C:\Program Files\Google\Google Talk\googletalk.exe (Google)
O4 - HKLM..\Run: [KiesHelper] C:\Program Files\Samsung\Kies\KiesHelper.exe (Samsung)
O4 - HKLM..\Run: [KiesTrayAgent] C:\Program Files\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\nvmctray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe ()
O4 - HKCU..\Run: [Connector] C:\Program Files\Connector\Connector.exe ()
O4 - HKCU..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe (Tonec Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 1
O8 - Extra context menu item: Download all links with IDM - C:\Program Files\Internet Download Manager\IEGetAll.htm ()
O8 - Extra context menu item: Download with IDM - C:\Program Files\Internet Download Manager\IEExt.htm ()
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{98FF0CF6-27A8-4D4B-97D4-B2B98E200A76}: NameServer = 208.67.222.222,208.67.220.220
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2012/01/30 22:34:17 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2012/02/04 17:05:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\harsh\Start Menu\Programs\WinRAR
[2012/02/04 17:05:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\WinRAR
[2012/02/04 17:05:09 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR
[2012/02/04 15:57:23 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\LogFiles
[2012/02/04 15:56:07 | 000,136,808 | ---- | C] (MCCI Corporation) -- C:\WINDOWS\System32\drivers\ssadmdm.sys
[2012/02/04 15:56:07 | 000,121,064 | ---- | C] (MCCI Corporation) -- C:\WINDOWS\System32\drivers\ssadbus.sys
[2012/02/04 15:56:07 | 000,012,776 | ---- | C] (MCCI Corporation) -- C:\WINDOWS\System32\drivers\ssadmdfl.sys
[2012/02/04 15:56:07 | 000,010,472 | ---- | C] (MCCI Corporation) -- C:\WINDOWS\System32\drivers\ssadcmnt.sys
[2012/02/04 15:56:07 | 000,010,472 | ---- | C] (MCCI Corporation) -- C:\WINDOWS\System32\drivers\ssadcm.sys
[2012/02/04 15:56:07 | 000,010,344 | ---- | C] (MCCI Corporation) -- C:\WINDOWS\System32\drivers\ssadwhnt.sys
[2012/02/04 15:56:07 | 000,010,344 | ---- | C] (MCCI Corporation) -- C:\WINDOWS\System32\drivers\ssadwh.sys
[2012/02/04 15:55:58 | 000,132,424 | ---- | C] (MCCI Corporation) -- C:\WINDOWS\System32\drivers\sscdmdm.sys
[2012/02/04 15:55:58 | 000,104,648 | ---- | C] (MCCI Corporation) -- C:\WINDOWS\System32\drivers\sscdbus.sys
[2012/02/04 15:55:58 | 000,014,920 | ---- | C] (MCCI Corporation) -- C:\WINDOWS\System32\drivers\sscdmdfl.sys
[2012/02/04 15:55:58 | 000,012,616 | ---- | C] (MCCI Corporation) -- C:\WINDOWS\System32\drivers\sscdcmnt.sys
[2012/02/04 15:55:58 | 000,012,616 | ---- | C] (MCCI Corporation) -- C:\WINDOWS\System32\drivers\sscdcm.sys
[2012/02/04 15:55:58 | 000,012,488 | ---- | C] (MCCI Corporation) -- C:\WINDOWS\System32\drivers\sscdwhnt.sys
[2012/02/04 15:55:58 | 000,012,488 | ---- | C] (MCCI Corporation) -- C:\WINDOWS\System32\drivers\sscdwh.sys
[2012/02/04 15:55:55 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\DRVSTORE
[2012/02/04 15:55:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Samsung
[2012/02/04 15:55:23 | 004,659,712 | ---- | C] (Dmitry Streblechenko) -- C:\WINDOWS\System32\Redemption.dll
[2012/02/04 15:55:12 | 000,821,824 | ---- | C] (Devguru Co., Ltd.) -- C:\WINDOWS\System32\dgderapi.dll
[2012/02/04 15:55:12 | 000,020,032 | ---- | C] (Devguru Co., Ltd) -- C:\WINDOWS\System32\drivers\dgderdrv.sys
[2012/02/04 15:55:12 | 000,000,000 | ---D | C] -- C:\Program Files\MarkAny
[2012/02/04 15:54:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\harsh\Application Data\Samsung
[2012/02/04 15:54:40 | 000,000,000 | ---D | C] -- C:\Program Files\Samsung
[2012/02/04 15:54:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Samsung
[2012/02/04 15:50:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\harsh\Local Settings\Application Data\Downloaded Installations
[2012/02/04 15:40:33 | 000,000,000 | ---D | C] -- C:\WINDOWS\assembly
[2012/02/04 15:39:59 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET
[2012/02/04 15:39:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\Microsoft.NET
[2012/02/04 15:28:46 | 000,000,000 | ---D | C] -- C:\totalcmd
[2012/02/04 15:28:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\harsh\Start Menu\Programs\Total Commander
[2012/02/04 15:28:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\harsh\Application Data\GHISLER
[2012/02/04 15:25:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\harsh\Desktop\Flashing Tools
[2012/02/04 13:11:48 | 000,000,000 | ---D | C] -- C:\WINDOWS\pss
[2012/02/03 00:02:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\harsh\Local Settings\Application Data\Mozilla
[2012/02/03 00:02:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\harsh\Application Data\Mozilla
[2012/02/03 00:02:51 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2012/02/02 18:40:49 | 000,000,000 | ---D | C] -- C:\output
[2012/02/02 18:34:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\harsh\Application Data\PhotoScape
[2012/02/02 18:34:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\PhotoScape
[2012/02/02 18:34:21 | 000,000,000 | ---D | C] -- C:\Program Files\PhotoScape
[2012/02/01 23:59:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Google Talk
[2012/02/01 23:58:26 | 000,000,000 | ---D | C] -- C:\Program Files\Google
[2012/02/01 23:50:43 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Steam
[2012/02/01 23:50:42 | 000,000,000 | ---D | C] -- C:\Program Files\Steam
[2012/02/01 23:50:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Steam
[2012/02/01 23:41:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\harsh\Local Settings\Application Data\Temp
[2012/02/01 23:41:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\harsh\Local Settings\Application Data\Adobe
[2012/02/01 23:40:27 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2012/02/01 23:40:27 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe
[2012/02/01 23:39:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Adobe
[2012/02/01 16:10:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\harsh\Application Data\vlc
[2012/02/01 16:09:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\VideoLAN
[2012/02/01 16:09:17 | 000,000,000 | ---D | C] -- C:\Program Files\VideoLAN
[2012/01/31 22:39:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\harsh\Application Data\TeamViewer
[2012/01/31 22:39:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\TeamViewer 7
[2012/01/31 22:39:03 | 000,000,000 | ---D | C] -- C:\Program Files\TeamViewer
[2012/01/31 15:13:40 | 000,000,000 | ---D | C] -- C:\Program Files\uTorrent
[2012/01/31 15:13:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\harsh\Application Data\uTorrent
[2012/01/31 14:02:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Last.fm
[2012/01/31 14:02:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\harsh\Local Settings\Application Data\Last.fm
[2012/01/31 14:02:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Last.fm
[2012/01/31 14:02:04 | 000,000,000 | ---D | C] -- C:\Program Files\Last.fm
[2012/01/31 14:00:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Winamp
[2012/01/31 14:00:30 | 000,000,000 | ---D | C] -- C:\WINDOWS\Logs
[2012/01/31 13:59:33 | 000,000,000 | ---D | C] -- C:\Program Files\Winamp
[2012/01/31 13:59:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\harsh\Application Data\Winamp
[2012/01/31 03:47:43 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\My Music
[2012/01/31 03:47:11 | 000,000,000 | -HSD | C] -- C:\WINDOWS\Installer
[2012/01/31 03:47:10 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ODBC
[2012/01/31 03:47:04 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\SpeechEngines
[2012/01/31 03:47:04 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Microsoft Shared
[2012/01/31 03:47:03 | 000,000,000 | R--D | C] -- C:\Program Files
[2012/01/31 03:47:03 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files
[2012/01/31 03:46:27 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup
[2012/01/31 03:46:27 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Start Menu
[2012/01/31 03:46:27 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents
[2012/01/31 03:46:27 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Templates
[2012/01/31 03:46:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Favorites
[2012/01/31 03:46:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Desktop
[2012/01/31 03:46:04 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot2
[2012/01/31 03:46:04 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot
[2012/01/31 03:45:58 | 000,000,000 | --SD | C] -- C:\Documents and Settings\All Users\Application Data\Microsoft
[2012/01/31 03:45:58 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\All Users\Application Data
[2012/01/31 03:45:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings
[2012/01/31 03:42:57 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2012/01/31 03:36:10 | 000,000,000 | R-SD | C] -- C:\WINDOWS\Fonts
[2012/01/31 03:36:10 | 000,000,000 | RHSD | C] -- C:\WINDOWS\System32\dllcache
[2012/01/31 03:36:10 | 000,000,000 | R--D | C] -- C:\WINDOWS\Web
[2012/01/31 03:36:10 | 000,000,000 | -H-D | C] -- C:\WINDOWS\inf
[2012/01/31 03:36:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\WinSxS
[2012/01/31 03:36:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\wins
[2012/01/31 03:36:10 | 000,000,000 | ---D | C] -- C:\WINDOWS
[2012/01/31 03:36:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\wbem
[2012/01/31 03:36:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\usmt
[2012/01/31 03:36:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\UMDF
[2012/01/31 03:36:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\twain_32
[2012/01/31 03:36:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\Temp
[2012/01/31 03:36:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\system32
[2012/01/31 03:36:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\system
[2012/01/31 03:36:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\spool
[2012/01/31 03:36:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ShellExt
[2012/01/31 03:36:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Setup
[2012/01/31 03:36:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\security
[2012/01/31 03:36:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\scripting
[2012/01/31 03:36:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\Resources
[2012/01/31 03:36:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\repair
[2012/01/31 03:36:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ras
[2012/01/31 03:36:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\Provisioning
[2012/01/31 03:36:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\PeerNet
[2012/01/31 03:36:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\pchealth
[2012/01/31 03:36:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\oobe
[2012/01/31 03:36:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\npp
[2012/01/31 03:36:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\Network Diagnostic
[2012/01/31 03:36:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\mui
[2012/01/31 03:36:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\mui
[2012/01/31 03:36:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\msapps
[2012/01/31 03:36:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\msagent
[2012/01/31 03:36:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\Media
[2012/01/31 03:36:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\L2Schemas
[2012/01/31 03:36:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\java
[2012/01/31 03:36:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\inetsrv
[2012/01/31 03:36:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\IME
[2012/01/31 03:36:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\ime
[2012/01/31 03:36:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\icsxml
[2012/01/31 03:36:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ias
[2012/01/31 03:36:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\Help
[2012/01/31 03:36:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\export
[2012/01/31 03:36:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\etc
[2012/01/31 03:36:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\en
[2012/01/31 03:36:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\ehome
[2012/01/31 03:36:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers
[2012/01/31 03:36:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\Driver Cache
[2012/01/31 03:36:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\disdn
[2012/01/31 03:36:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\dhcp
[2012/01/31 03:36:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\Debug
[2012/01/31 03:36:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\Cursors
[2012/01/31 03:36:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\Connection Wizard
[2012/01/31 03:36:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\config
[2012/01/31 03:36:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\Config
[2012/01/31 03:36:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\AppPatch
[2012/01/31 03:36:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\addins
[2012/01/31 03:36:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\3com_dmi
[2012/01/31 03:36:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\3076
[2012/01/31 03:36:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\2052
[2012/01/31 03:36:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1054
[2012/01/31 03:36:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1042
[2012/01/31 03:36:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1041
[2012/01/31 03:36:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1037
[2012/01/31 03:36:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1033
[2012/01/31 03:36:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1031
[2012/01/31 03:36:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1028
[2012/01/31 03:36:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1025
[2012/01/31 00:21:17 | 000,000,000 | R--D | C] -- C:\Documents and Settings\harsh\My Documents\My Videos
[2012/01/31 00:18:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\harsh\Application Data\WinRAR
[2012/01/30 23:51:51 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2012/01/30 23:36:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\harsh\Application Data\Skype
[2012/01/30 23:36:13 | 000,000,000 | R--D | C] -- C:\Program Files\Skype
[2012/01/30 23:36:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Skype
[2012/01/30 23:36:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Skype
[2012/01/30 23:20:33 | 000,273,920 | ---- | C] (Task Manager Fix) -- C:\Documents and Settings\harsh\Desktop\TaskManagerFix.exe
[2012/01/30 23:19:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\harsh\Application Data\IDM
[2012/01/30 23:19:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\harsh\Application Data\DMCache
[2012/01/30 23:19:08 | 000,000,000 | ---D | C] -- C:\Program Files\Internet Download Manager
[2012/01/30 23:19:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\harsh\Start Menu\Programs\Internet Download Manager
[2012/01/30 23:19:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Internet Download Manager
[2012/01/30 23:16:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\harsh\Application Data\Macromedia
[2012/01/30 23:16:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\harsh\Application Data\Adobe
[2012/01/30 23:16:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\harsh\My Documents\Downloads
[2012/01/30 23:14:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\harsh\Start Menu\Programs\Google Chrome
[2012/01/30 23:14:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\harsh\Local Settings\Application Data\Google
[2012/01/30 23:11:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\NVIDIA Corporation
[2012/01/30 23:11:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\NVIDIA
[2012/01/30 23:11:07 | 000,061,440 | ---- | C] (Khronos Group) -- C:\WINDOWS\System32\OpenCL.dll
[2012/01/30 23:10:52 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation
[2012/01/30 23:10:24 | 000,000,000 | ---D | C] -- C:\NVIDIA
[2012/01/30 23:09:54 | 000,000,000 | ---D | C] -- C:\Program Files\Connector
[2012/01/30 23:05:44 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Lang
[2012/01/30 23:04:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\RTCOM
[2012/01/30 23:02:53 | 002,808,832 | R--- | C] (RealTek Semicoductor Corp.) -- C:\WINDOWS\alcwzrd.exe
[2012/01/30 23:02:52 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek
[2012/01/30 23:02:51 | 000,000,000 | -H-D | C] -- C:\Program Files\InstallShield Installation Information
[2012/01/30 23:02:42 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\InstallShield
[2012/01/30 22:56:37 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ReinstallBackups
[2012/01/30 22:56:36 | 000,000,000 | ---D | C] -- C:\Program Files\Intel
[2012/01/30 22:56:18 | 000,000,000 | ---D | C] -- C:\Program Files\MSXML 4.0
[2012/01/30 22:54:48 | 000,000,000 | ---D | C] -- C:\TempEI4
[2012/01/30 22:51:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\harsh\Application Data\Identities
[2012/01/30 22:51:34 | 000,000,000 | -H-D | C] -- C:\Program Files\Uninstall Information
[2012/01/30 22:51:32 | 000,000,000 | R--D | C] -- C:\Documents and Settings\harsh\My Documents\My Pictures
[2012/01/30 22:51:32 | 000,000,000 | R--D | C] -- C:\Documents and Settings\harsh\My Documents\My Music
[2012/01/30 22:51:29 | 000,000,000 | --SD | C] -- C:\Documents and Settings\harsh\Application Data\Microsoft
[2012/01/30 22:51:29 | 000,000,000 | --SD | C] -- C:\Documents and Settings\harsh\Cookies
[2012/01/30 22:51:29 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\harsh\SendTo
[2012/01/30 22:51:29 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\harsh\Recent
[2012/01/30 22:51:29 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\harsh\Application Data
[2012/01/30 22:51:29 | 000,000,000 | R--D | C] -- C:\Documents and Settings\harsh\Start Menu\Programs\Startup
[2012/01/30 22:51:29 | 000,000,000 | R--D | C] -- C:\Documents and Settings\harsh\Start Menu
[2012/01/30 22:51:29 | 000,000,000 | R--D | C] -- C:\Documents and Settings\harsh\My Documents
[2012/01/30 22:51:29 | 000,000,000 | R--D | C] -- C:\Documents and Settings\harsh\Favorites
[2012/01/30 22:51:29 | 000,000,000 | R--D | C] -- C:\Documents and Settings\harsh\Start Menu\Programs\Accessories
[2012/01/30 22:51:29 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\harsh\Templates
[2012/01/30 22:51:29 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\harsh\PrintHood
[2012/01/30 22:51:29 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\harsh\NetHood
[2012/01/30 22:51:29 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\harsh\Local Settings
[2012/01/30 22:51:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\harsh\Local Settings\Application Data\Microsoft
[2012/01/30 22:51:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\harsh\Desktop
[2012/01/30 22:50:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\SoftwareDistribution
[2012/01/30 22:50:55 | 000,000,000 | --SD | C] -- C:\WINDOWS\System32\Microsoft
[2012/01/30 22:50:55 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2012/01/30 22:50:51 | 000,000,000 | --SD | C] -- C:\Documents and Settings\LocalService\Application Data\Microsoft
[2012/01/30 22:50:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft
[2012/01/30 22:40:40 | 000,000,000 | --SD | C] -- C:\Documents and Settings\NetworkService\Application Data\Microsoft
[2012/01/30 22:40:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft
[2012/01/30 22:38:01 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia330.dll
[2012/01/30 22:38:01 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia001.dll
[2012/01/30 22:38:01 | 000,029,184 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rw330ext.dll
[2012/01/30 22:35:37 | 000,054,528 | ---- | C] (Philips Semiconductors GmbH) -- C:\WINDOWS\System32\dllcache\cap7146.sys
[2012/01/30 22:34:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\xircom
[2012/01/30 22:34:41 | 000,000,000 | ---D | C] -- C:\Program Files\xerox
[2012/01/30 22:34:41 | 000,000,000 | ---D | C] -- C:\Program Files\microsoft frontpage
[2012/01/30 22:32:39 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\All Users\DRM
[2012/01/30 22:32:18 | 000,000,000 | --SD | C] -- C:\WINDOWS\Downloaded Program Files
[2012/01/30 22:32:18 | 000,000,000 | R--D | C] -- C:\WINDOWS\Offline Web Pages
[2012/01/30 22:31:55 | 000,000,000 | -H-D | C] -- C:\Program Files\WindowsUpdate
[2012/01/30 22:31:27 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\DirectX
[2012/01/30 22:31:03 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Services
[2012/01/30 22:30:59 | 000,000,000 | --SD | C] -- C:\WINDOWS\Tasks
[2012/01/30 22:30:57 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\MSSoap
[2012/01/30 22:30:51 | 000,000,000 | ---D | C] -- C:\WINDOWS\srchasst
[2012/01/30 22:30:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Macromed
[2012/01/30 22:30:39 | 000,000,000 | ---D | C] -- C:\Program Files\Movie Maker
[2012/01/30 22:30:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Restore
[2012/01/30 22:30:02 | 000,000,000 | ---D | C] -- C:\Program Files\NetMeeting
[2012/01/30 22:29:57 | 000,000,000 | ---D | C] -- C:\Program Files\Outlook Express
[2012/01/30 22:29:47 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\System
[2012/01/30 22:29:45 | 000,000,000 | ---D | C] -- C:\Program Files\Internet Explorer
[2012/01/30 22:29:43 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\My Pictures
[2012/01/30 22:29:12 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Games
[2012/01/30 22:28:59 | 000,000,000 | ---D | C] -- C:\Program Files\ComPlus Applications
[2012/01/30 22:28:50 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Administrative Tools
[2012/01/30 22:28:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\Registration
[2012/01/30 22:28:37 | 000,000,000 | ---D | C] -- C:\Program Files\Online Services
[2012/01/30 22:28:21 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Media Connect 2
[2012/01/30 22:28:20 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Media Player
[2012/01/30 22:28:18 | 000,000,000 | ---D | C] -- C:\Program Files\Messenger
[2012/01/30 22:28:13 | 000,000,000 | ---D | C] -- C:\Program Files\MSN Gaming Zone
[2012/01/30 22:26:42 | 000,000,000 | ---D | C] -- C:\Program Files\MSN
[2012/01/30 22:26:41 | 000,281,088 | ---- | C] (Cinematronics) -- C:\WINDOWS\System32\dllcache\pinball.exe
[2012/01/30 22:26:40 | 000,000,000 | ---D | C] -- C:\Program Files\Windows NT
[2012/01/30 22:26:38 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\en-US
[2012/01/30 22:26:33 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\MsDtc
[2012/01/30 22:26:29 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Com
[2012/01/30 22:26:11 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\My Videos
[2012/01/30 22:25:48 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Accessories
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/02/04 17:09:31 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012/02/04 15:55:26 | 000,001,612 | ---- | M] () -- C:\Documents and Settings\harsh\Application Data\Microsoft\Internet Explorer\Quick Launch\Samsung Kies.lnk
[2012/02/04 15:54:19 | 000,442,830 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012/02/04 15:54:19 | 000,069,738 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012/02/04 15:28:48 | 000,000,548 | ---- | M] () -- C:\Documents and Settings\harsh\Desktop\Total Commander.lnk
[2012/02/04 13:11:59 | 000,000,211 | -HS- | M] () -- C:\boot.ini
[2012/02/03 16:04:28 | 000,013,528 | ---- | M] () -- C:\Documents and Settings\harsh\Desktop\430535_163077993803407_100003036220358_228035_562683593_n.jpg
[2012/02/03 15:51:54 | 000,007,314 | ---- | M] () -- C:\Documents and Settings\harsh\Desktop\animated-gifs-cigars-003.gif
[2012/02/03 13:54:50 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012/02/03 00:02:53 | 000,000,742 | ---- | M] () -- C:\Documents and Settings\harsh\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2012/02/03 00:02:53 | 000,000,724 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2012/02/02 18:34:28 | 000,000,724 | ---- | M] () -- C:\Documents and Settings\harsh\Application Data\Microsoft\Internet Explorer\Quick Launch\PhotoScape.lnk
[2012/02/02 18:34:28 | 000,000,706 | ---- | M] () -- C:\Documents and Settings\harsh\Desktop\PhotoScape.lnk
[2012/02/02 16:31:32 | 000,041,472 | ---- | M] () -- C:\Documents and Settings\harsh\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/02/01 23:50:44 | 000,000,664 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Steam.lnk
[2012/02/01 23:40:45 | 000,001,734 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader X.lnk
[2012/02/01 16:09:40 | 000,000,719 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\VLC media player.lnk
[2012/01/31 22:39:07 | 000,000,815 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\TeamViewer 7.lnk
[2012/01/31 15:13:40 | 000,000,630 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\µTorrent.lnk
[2012/01/31 14:02:07 | 000,000,611 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Last.fm.lnk
[2012/01/31 14:00:36 | 000,000,654 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Winamp.lnk
[2012/01/31 03:47:19 | 000,004,444 | ---- | M] () -- C:\WINDOWS\System32\pid.PNF
[2012/01/31 02:02:00 | 261,409,280 | ---- | M] () -- C:\Documents and Settings\harsh\Desktop\Purumod v1.0 Mega Edition.tar
[2012/01/31 00:21:10 | 000,000,800 | ---- | M] () -- C:\Documents and Settings\harsh\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk
[2012/01/30 23:20:50 | 000,273,920 | ---- | M] (Task Manager Fix) -- C:\Documents and Settings\harsh\Desktop\TaskManagerFix.exe
[2012/01/30 23:14:53 | 000,002,262 | ---- | M] () -- C:\Documents and Settings\harsh\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2012/01/30 23:14:52 | 000,002,284 | ---- | M] () -- C:\Documents and Settings\harsh\Desktop\Google Chrome.lnk
[2012/01/30 23:11:17 | 000,280,276 | ---- | M] () -- C:\WINDOWS\System32\nvdrsdb0.bin
[2012/01/30 23:11:17 | 000,000,001 | ---- | M] () -- C:\WINDOWS\System32\nvdrssel.bin
[2012/01/30 23:11:14 | 000,280,276 | ---- | M] () -- C:\WINDOWS\System32\nvdrsdb1.bin
[2012/01/30 23:11:14 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\nvdrswr.lk
[2012/01/30 23:09:54 | 000,000,714 | ---- | M] () -- C:\Documents and Settings\harsh\Desktop\IPConnect.lnk
[2012/01/30 23:05:44 | 000,940,794 | ---- | M] () -- C:\WINDOWS\System32\LoopyMusic.wav
[2012/01/30 23:05:44 | 000,146,650 | ---- | M] () -- C:\WINDOWS\System32\BuzzingBee.wav
[2012/01/30 22:51:46 | 000,000,779 | ---- | M] () -- C:\Documents and Settings\harsh\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2012/01/30 22:51:45 | 000,000,079 | ---- | M] () -- C:\Documents and Settings\harsh\Application Data\Microsoft\Internet Explorer\Quick Launch\Show Desktop.scf
[2012/01/30 22:40:43 | 000,008,192 | ---- | M] () -- C:\WINDOWS\REGLOCS.OLD
[2012/01/30 22:40:33 | 000,090,296 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012/01/30 22:39:39 | 000,000,283 | ---- | M] () -- C:\WINDOWS\System32\$winnt$.inf
[2012/01/30 22:34:17 | 000,002,577 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2012/01/30 22:34:17 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2012/01/30 22:34:17 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2012/01/30 22:34:17 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2012/01/30 22:34:17 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2012/01/30 22:34:07 | 000,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb
[2012/01/30 22:34:07 | 000,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb
[2012/01/30 22:34:05 | 000,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx
[2012/01/30 22:33:52 | 000,004,161 | ---- | M] () -- C:\WINDOWS\ODBCINST.INI
[2012/01/30 22:29:10 | 000,021,640 | ---- | M] () -- C:\WINDOWS\System32\emptyregdb.dat
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/02/04 15:55:26 | 000,001,612 | ---- | C] () -- C:\Documents and Settings\harsh\Application Data\Microsoft\Internet Explorer\Quick Launch\Samsung Kies.lnk
[2012/02/04 15:28:48 | 000,000,548 | ---- | C] () -- C:\Documents and Settings\harsh\Desktop\Total Commander.lnk
[2012/02/04 15:28:46 | 000,000,545 | ---- | C] () -- C:\WINDOWS\UC.PIF
[2012/02/04 15:28:46 | 000,000,545 | ---- | C] () -- C:\WINDOWS\RAR.PIF
[2012/02/04 15:28:46 | 000,000,545 | ---- | C] () -- C:\WINDOWS\PKZIP.PIF
[2012/02/04 15:28:46 | 000,000,545 | ---- | C] () -- C:\WINDOWS\PKUNZIP.PIF
[2012/02/04 15:28:46 | 000,000,545 | ---- | C] () -- C:\WINDOWS\NOCLOSE.PIF
[2012/02/04 15:28:46 | 000,000,545 | ---- | C] () -- C:\WINDOWS\LHA.PIF
[2012/02/04 15:28:46 | 000,000,545 | ---- | C] () -- C:\WINDOWS\ARJ.PIF
[2012/02/04 15:25:03 | 261,409,280 | ---- | C] () -- C:\Documents and Settings\harsh\Desktop\Purumod v1.0 Mega Edition.tar
[2012/02/03 16:04:30 | 000,013,528 | ---- | C] () -- C:\Documents and Settings\harsh\Desktop\430535_163077993803407_100003036220358_228035_562683593_n.jpg
[2012/02/03 15:51:55 | 000,007,314 | ---- | C] () -- C:\Documents and Settings\harsh\Desktop\animated-gifs-cigars-003.gif
[2012/02/03 00:02:53 | 000,000,742 | ---- | C] () -- C:\Documents and Settings\harsh\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2012/02/03 00:02:53 | 000,000,730 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Mozilla Firefox.lnk
[2012/02/03 00:02:53 | 000,000,724 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2012/02/02 18:34:28 | 000,000,724 | ---- | C] () -- C:\Documents and Settings\harsh\Application Data\Microsoft\Internet Explorer\Quick Launch\PhotoScape.lnk
[2012/02/02 18:34:28 | 000,000,706 | ---- | C] () -- C:\Documents and Settings\harsh\Desktop\PhotoScape.lnk
[2012/02/01 23:50:44 | 000,000,664 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Steam.lnk
[2012/02/01 23:40:45 | 000,001,804 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Adobe Reader X.lnk
[2012/02/01 23:40:45 | 000,001,734 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader X.lnk
[2012/02/01 16:09:40 | 000,000,719 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\VLC media player.lnk
[2012/01/31 23:27:42 | 000,041,472 | ---- | C] () -- C:\Documents and Settings\harsh\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/01/31 22:39:07 | 000,000,815 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\TeamViewer 7.lnk
[2012/01/31 15:13:40 | 000,000,630 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\µTorrent.lnk
[2012/01/31 14:02:07 | 000,000,611 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Last.fm.lnk
[2012/01/31 14:00:36 | 000,000,654 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Winamp.lnk
[2012/01/31 03:47:19 | 000,004,444 | ---- | C] () -- C:\WINDOWS\System32\pid.PNF
[2012/01/31 03:47:10 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2012/01/31 03:47:05 | 001,685,606 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sam.spd
[2012/01/31 03:47:05 | 000,605,050 | ---- | C] () -- C:\WINDOWS\System32\dllcache\r1033tts.lxa
[2012/01/31 03:47:05 | 000,000,888 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sam.sdf
[2012/01/31 03:47:04 | 000,643,717 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ltts1033.lxa
[2012/01/31 03:46:43 | 000,001,688 | ---- | C] () -- C:\WINDOWS\System32\AUTOEXEC.NT
[2012/01/31 03:46:25 | 000,144,484 | ---- | C] () -- C:\WINDOWS\System32\dllcache\netfx.cat
[2012/01/31 03:46:25 | 000,112,918 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tabletpc.cat
[2012/01/31 03:46:25 | 000,037,484 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MW770.CAT
[2012/01/31 03:46:25 | 000,034,747 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mediactr.cat
[2012/01/31 03:46:25 | 000,026,991 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msn7.cat
[2012/01/31 03:46:25 | 000,014,433 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msn9.cat
[2012/01/31 03:46:25 | 000,013,472 | ---- | C] () -- C:\WINDOWS\System32\dllcache\HPCRDP.CAT
[2012/01/31 03:46:25 | 000,010,027 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MSTSWEB.CAT
[2012/01/31 03:46:25 | 000,008,574 | ---- | C] () -- C:\WINDOWS\System32\dllcache\IASNT4.CAT
[2012/01/31 03:46:25 | 000,007,382 | ---- | C] () -- C:\WINDOWS\System32\dllcache\OEMBIOS.CAT
[2012/01/31 03:46:25 | 000,007,334 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmerrenu.cat
[2012/01/31 03:46:24 | 001,296,669 | ---- | C] () -- C:\WINDOWS\System32\dllcache\SP3.CAT
[2012/01/31 03:46:24 | 000,797,189 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5IIS.CAT
[2012/01/31 03:46:24 | 000,399,645 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MAPIMIG.CAT
[2012/01/31 03:46:24 | 000,034,063 | ---- | C] () -- C:\WINDOWS\System32\dllcache\FP4.CAT
[2012/01/31 03:46:24 | 000,016,535 | ---- | C] () -- C:\WINDOWS\System32\dllcache\IMS.CAT
[2012/01/31 03:46:24 | 000,012,363 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MSMSGS.CAT
[2012/01/31 03:46:23 | 002,144,487 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5.CAT
[2012/01/31 03:46:23 | 000,522,220 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5INF.CAT
[2012/01/31 03:45:26 | 000,090,296 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012/01/31 03:44:25 | 000,000,211 | -HS- | C] () -- C:\boot.ini
[2012/01/31 03:44:18 | 000,000,283 | ---- | C] () -- C:\WINDOWS\System32\$winnt$.inf
[2012/01/31 00:21:10 | 000,000,800 | ---- | C] () -- C:\Documents and Settings\harsh\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk
[2012/01/30 23:14:53 | 000,002,262 | ---- | C] () -- C:\Documents and Settings\harsh\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2012/01/30 23:14:52 | 000,002,284 | ---- | C] () -- C:\Documents and Settings\harsh\Desktop\Google Chrome.lnk
[2012/01/30 23:11:14 | 000,280,276 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb1.bin
[2012/01/30 23:11:14 | 000,280,276 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb0.bin
[2012/01/30 23:11:14 | 000,000,001 | ---- | C] () -- C:\WINDOWS\System32\nvdrssel.bin
[2012/01/30 23:11:14 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\nvdrswr.lk
[2012/01/30 23:11:07 | 000,003,249 | ---- | C] () -- C:\WINDOWS\System32\nvinfo.pb
[2012/01/30 23:11:06 | 002,128,778 | ---- | C] () -- C:\WINDOWS\System32\nvdata.data
[2012/01/30 23:09:54 | 000,000,714 | ---- | C] () -- C:\Documents and Settings\harsh\Desktop\IPConnect.lnk
[2012/01/30 23:05:44 | 000,940,794 | ---- | C] () -- C:\WINDOWS\System32\LoopyMusic.wav
[2012/01/30 23:05:44 | 000,146,650 | ---- | C] () -- C:\WINDOWS\System32\BuzzingBee.wav
[2012/01/30 23:04:16 | 000,049,152 | R--- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2012/01/30 22:59:56 | 000,001,904 | ---- | C] () -- C:\WINDOWS\System32\SetupBD.din
[2012/01/30 22:59:53 | 000,005,456 | R--- | C] () -- C:\WINDOWS\System32\e100b325.din
[2012/01/30 22:51:45 | 000,000,079 | ---- | C] () -- C:\Documents and Settings\harsh\Application Data\Microsoft\Internet Explorer\Quick Launch\Show Desktop.scf
[2012/01/30 22:51:36 | 000,000,738 | ---- | C] () -- C:\Documents and Settings\harsh\Start Menu\Programs\Outlook Express.lnk
[2012/01/30 22:51:34 | 000,000,779 | ---- | C] () -- C:\Documents and Settings\harsh\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2012/01/30 22:51:34 | 000,000,767 | ---- | C] () -- C:\Documents and Settings\harsh\Start Menu\Programs\Internet Explorer.lnk
[2012/01/30 22:51:29 | 000,001,599 | ---- | C] () -- C:\Documents and Settings\harsh\Start Menu\Programs\Remote Assistance.lnk
[2012/01/30 22:51:29 | 000,000,788 | ---- | C] () -- C:\Documents and Settings\harsh\Start Menu\Programs\Windows Media Player.lnk
[2012/01/30 22:40:43 | 000,008,192 | ---- | C] () -- C:\WINDOWS\REGLOCS.OLD
[2012/01/30 22:39:39 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2012/01/30 22:37:51 | 000,175,104 | ---- | C] () -- C:\WINDOWS\System32\dllcache\pintlcsa.dll
[2012/01/30 22:37:10 | 001,158,818 | ---- | C] () -- C:\WINDOWS\System32\dllcache\korwbrkr.lex
[2012/01/30 22:36:39 | 000,059,392 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imscinst.exe
[2012/01/30 22:36:38 | 000,196,665 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imjpinst.exe
[2012/01/30 22:36:35 | 000,134,339 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imekr.lex
[2012/01/30 22:36:20 | 013,463,552 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hwxjpn.dll
[2012/01/30 22:36:13 | 000,108,827 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hanja.lex
[2012/01/30 22:36:06 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\dllcache\fpencode.dll
[2012/01/30 22:35:40 | 000,173,568 | ---- | C] () -- C:\WINDOWS\System32\dllcache\chtskf.dll
[2012/01/30 22:34:17 | 000,002,577 | ---- | C] () -- C:\WINDOWS\System32\CONFIG.NT
[2012/01/30 22:34:17 | 000,000,000 | RHS- | C] () -- C:\MSDOS.SYS
[2012/01/30 22:34:17 | 000,000,000 | RHS- | C] () -- C:\IO.SYS
[2012/01/30 22:34:17 | 000,000,000 | ---- | C] () -- C:\CONFIG.SYS
[2012/01/30 22:34:17 | 000,000,000 | ---- | C] () -- C:\AUTOEXEC.BAT
[2012/01/30 22:34:07 | 000,023,392 | ---- | C] () -- C:\WINDOWS\System32\nscompat.tlb
[2012/01/30 22:34:07 | 000,016,832 | ---- | C] () -- C:\WINDOWS\System32\amcompat.tlb
[2012/01/30 22:34:05 | 000,316,640 | ---- | C] () -- C:\WINDOWS\WMSysPr9.prx
[2012/01/30 22:31:54 | 000,000,786 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Windows Movie Maker.lnk
[2012/01/30 22:31:38 | 004,399,505 | ---- | C] () -- C:\WINDOWS\System32\dllcache\nls302en.lex
[2012/01/30 22:31:14 | 000,048,680 | -HS- | C] () -- C:\WINDOWS\winnt256.bmp
[2012/01/30 22:31:14 | 000,048,680 | -HS- | C] () -- C:\WINDOWS\winnt.bmp
[2012/01/30 22:31:06 | 000,000,984 | ---- | C] () -- C:\WINDOWS\System32\dllcache\srframe.mmf
[2012/01/30 22:30:11 | 000,376,832 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msinfo.dll
[2012/01/30 22:29:12 | 000,000,609 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Windows Messenger.lnk
[2012/01/30 22:29:10 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2012/01/30 22:28:37 | 000,001,986 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\MSN.lnk
[2012/01/30 22:27:33 | 000,009,522 | ---- | C] () -- C:\WINDOWS\Zapotec.bmp
[2012/01/30 22:27:32 | 000,065,954 | ---- | C] () -- C:\WINDOWS\Prairie Wind.bmp
[2012/01/30 22:27:32 | 000,065,832 | ---- | C] () -- C:\WINDOWS\Santa Fe Stucco.bmp
[2012/01/30 22:27:32 | 000,026,680 | ---- | C] () -- C:\WINDOWS\River Sumida.bmp
[2012/01/30 22:27:32 | 000,026,582 | ---- | C] () -- C:\WINDOWS\Greenstone.bmp
[2012/01/30 22:27:32 | 000,017,362 | ---- | C] () -- C:\WINDOWS\Rhododendron.bmp
[2012/01/30 22:27:32 | 000,017,336 | ---- | C] () -- C:\WINDOWS\Gone Fishing.bmp
[2012/01/30 22:27:32 | 000,017,062 | ---- | C] () -- C:\WINDOWS\Coffee Bean.bmp
[2012/01/30 22:27:32 | 000,016,730 | ---- | C] () -- C:\WINDOWS\FeatherTexture.bmp
[2012/01/30 22:27:31 | 000,065,978 | ---- | C] () -- C:\WINDOWS\Soap Bubbles.bmp
[2012/01/30 22:27:31 | 000,001,272 | ---- | C] () -- C:\WINDOWS\Blue Lace 16.bmp
[2012/01/30 22:27:07 | 000,003,286 | ---- | C] () -- C:\WINDOWS\System32\tslabels.h
[2012/01/30 22:27:07 | 000,001,161 | ---- | C] () -- C:\WINDOWS\System32\usrlogon.cmd
[2012/01/30 22:27:05 | 000,000,768 | ---- | C] () -- C:\WINDOWS\System32\msdtcprf.h
[2012/01/30 22:26:56 | 000,063,488 | ---- | C] () -- C:\WINDOWS\System32\wmimgmt.msc
[2011/07/26 17:26:48 | 000,030,568 | ---- | C] () -- C:\WINDOWS\MusiccityDownload.exe
[2011/07/26 17:26:46 | 000,974,848 | ---- | C] () -- C:\WINDOWS\System32\cis-2.4.dll
[2011/07/26 17:26:46 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\issacapi_bs-2.3.dll
[2011/07/26 17:26:46 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\issacapi_pe-2.3.dll
[2011/07/26 17:26:46 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\issacapi_se-2.3.dll
[2008/04/14 11:25:28 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin
[2006/12/31 13:27:08 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2001/08/23 17:30:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2001/08/23 17:30:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2001/08/23 17:30:00 | 000,442,830 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2001/08/23 17:30:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2001/08/23 17:30:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2001/08/23 17:30:00 | 000,069,738 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2001/08/23 17:30:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2001/08/23 17:30:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2001/08/23 17:30:00 | 000,004,463 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2001/08/23 17:30:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat

========== LOP Check ==========

[2012/01/31 14:02:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Last.fm
[2012/02/04 15:55:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Samsung
[2012/02/04 16:55:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\harsh\Application Data\DMCache
[2012/02/04 15:28:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\harsh\Application Data\GHISLER
[2012/02/01 15:40:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\harsh\Application Data\IDM
[2012/02/02 18:47:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\harsh\Application Data\PhotoScape
[2012/02/04 15:54:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\harsh\Application Data\Samsung
[2012/01/31 22:52:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\harsh\Application Data\TeamViewer
[2012/02/04 00:06:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\harsh\Application Data\uTorrent

========== Purity Check ==========



< End of report >
  • 0

#3
smoker05

smoker05

    New Member

  • Topic Starter
  • Member
  • Pip
  • 6 posts
OTL Extras logfile created on: 2/4/2012 5:37:28 PM - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Documents and Settings\harsh\My Documents\Downloads\Programs
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 1.22 Gb Available Physical Memory | 61.20% Memory free
3.85 Gb Paging File | 3.13 Gb Available in Paging File | 81.36% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 48.83 Gb Total Space | 33.83 Gb Free Space | 69.29% Space Free | Partition Type: NTFS
Drive D: | 48.83 Gb Total Space | 19.45 Gb Free Space | 39.83% Space Free | Partition Type: NTFS
Drive E: | 48.83 Gb Total Space | 47.34 Gb Free Space | 96.95% Space Free | Partition Type: NTFS
Drive F: | 48.83 Gb Total Space | 48.25 Gb Free Space | 98.83% Space Free | Partition Type: NTFS
Drive G: | 37.57 Gb Total Space | 37.25 Gb Free Space | 99.17% Space Free | Partition Type: NTFS

Computer Name: HARSH-A1EC9736B | User Name: harsh | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.url [@ = InternetShortcut] -- rundll32.exe shdocvw.dll,OpenURL %l

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
InternetShortcut [open] -- rundll32.exe shdocvw.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 1
"FirewallDisableNotify" = 1
"UpdatesDisableNotify" = 1
"AntiVirusOverride" = 1
"FirewallOverride" = 1
"UacDisableNotify" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 1
"AntiVirusDisableNotify" = 1
"FirewallDisableNotify" = 1
"FirewallOverride" = 1
"UpdatesDisableNotify" = 1
"UacDisableNotify" = 1

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe" = C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe:*:Enabled:Daemonu.exe -- (NVIDIA Corporation)
"E:\chrome_installer.exe" = E:\chrome_installer.exe:*:Enabled:ipsec -- (Google Inc.)
"C:\Program Files\Internet Download Manager\IDMan.exe" = C:\Program Files\Internet Download Manager\IDMan.exe:*:Enabled:ipsec -- (Tonec Inc.)
"C:\Documents and Settings\harsh\Local Settings\Application Data\Google\Chrome\Application\chrome.exe" = C:\Documents and Settings\harsh\Local Settings\Application Data\Google\Chrome\Application\chrome.exe:*:Enabled:ipsec -- (Google Inc.)
"C:\Program Files\Last.fm\LastFM.exe" = C:\Program Files\Last.fm\LastFM.exe:*:Enabled:ipsec -- (Last.fm)
"C:\WINDOWS\ALCMTR.EXE" = C:\WINDOWS\ALCMTR.EXE:*:Enabled:ipsec -- (Realtek Semiconductor Corp.)
"C:\Program Files\uTorrent\uTorrent.exe" = C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.)
"C:\Program Files\TeamViewer\Version7\TeamViewer.exe" = C:\Program Files\TeamViewer\Version7\TeamViewer.exe:*:Enabled:Teamviewer Remote Control Application -- (TeamViewer GmbH)
"C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe" = C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe:*:Enabled:Teamviewer Remote Control Service -- (TeamViewer GmbH)
"C:\Program Files\NVIDIA Corporation\nView\nwiz.exe" = C:\Program Files\NVIDIA Corporation\nView\nwiz.exe:*:Enabled:ipsec -- ()
"C:\Program Files\Connector\Connector.exe" = C:\Program Files\Connector\Connector.exe:*:Enabled:ipsec -- ()
"C:\Program Files\Steam\Steam.exe" = C:\Program Files\Steam\Steam.exe:*:Enabled:Steam -- (Valve Corporation)
"C:\Program Files\Google\Google Talk\googletalk.exe" = C:\Program Files\Google\Google Talk\googletalk.exe:*:Enabled:ipsec -- (Google)
"C:\WINDOWS\Explorer.EXE" = C:\WINDOWS\Explorer.EXE:*:Enabled:ipsec -- (Microsoft Corporation)
"C:\WINDOWS\system32\netsh.exe" = C:\WINDOWS\system32\netsh.exe:*:Enabled:ipsec -- (Microsoft Corporation)
"C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe" = C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe:*:Enabled:ipsec -- (Adobe Systems Incorporated)
"C:\Program Files\NVIDIA Corporation\Installer2\NVIDIA.Update.0\ComUpdatus.exe" = C:\Program Files\NVIDIA Corporation\Installer2\NVIDIA.Update.0\ComUpdatus.exe:*:Enabled:ipsec -- (NVIDIA Corporation)
"C:\Program Files\Internet Download Manager\IEMonitor.exe" = C:\Program Files\Internet Download Manager\IEMonitor.exe:*:Enabled:ipsec -- (Tonec Inc.)
"C:\WINDOWS\system32\muzapp.exe" = C:\WINDOWS\system32\muzapp.exe:*:Enabled:MUZ AOD APP player -- (Musiccity Co.Ltd.)
"C:\WINDOWS\system32\userinit.exe" = C:\WINDOWS\system32\userinit.exe:*:Enabled:ipsec -- (Microsoft Corporation)
"C:\Documents and Settings\harsh\Desktop\TaskManagerFix.exe" = C:\Documents and Settings\harsh\Desktop\TaskManagerFix.exe:*:Enabled:ipsec -- (Task Manager Fix)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{2222B364-0854-4265-B32E-A142DB9DC7BB}" = Intel® PRO Network Connections 11.2.0.69
"{226b64e8-dc75-4eea-a6c8-abcb496320f2}-Google Talk" = Google Talk (remove only)
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"{AA59DDE4-B672-4621-A016-4C248204957A}" = Skype™ 5.5
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.1)
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 280.26
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Graphics Driver 280.26
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NView" = NVIDIA nView 135.94
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX System Software 9.10.0514
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.4.28
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}" = NVIDIA PhysX
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"InstallShield_{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"Internet Download Manager" = Internet Download Manager
"LastFM_is1" = Last.fm 1.5.4.27091
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Mozilla Firefox 10.0 (x86 en-US)" = Mozilla Firefox 10.0 (x86 en-US)
"NVIDIA nView Desktop Manager" = NVIDIA nView Desktop Manager
"PhotoScape" = PhotoScape
"TeamViewer 7" = TeamViewer 7
"Totalcmd" = Total Commander (Remove or Repair)
"uTorrent" = µTorrent
"VLC media player" = VLC media player 1.1.11
"Winamp" = Winamp
"WinRAR archiver" = WinRAR 4.10 (32-bit)

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 1/30/2012 1:49:04 PM | Computer Name = HARSH-A1EC9736B | Source = Application Error | ID = 1000
Description = Faulting application googletalk-setup.exe, version 0.0.0.0, faulting
module googletalk-setup.exe, version 0.0.0.0, fault address 0x0003b47d.

[ System Events ]
Error - 1/30/2012 1:36:31 PM | Computer Name = HARSH-A1EC9736B | Source = W32Time | ID = 39452689
Description = Time Provider NtpClient: An error occurred during DNS lookup of the
manually configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup
again in 15 minutes. The error was: A socket operation was attempted to an unreachable
host. (0x80072751)

Error - 1/30/2012 1:36:31 PM | Computer Name = HARSH-A1EC9736B | Source = W32Time | ID = 39452701
Description = The time provider NtpClient is configured to acquire time from one
or more time sources, however none of the sources are currently accessible. No attempt
to contact a source will be made for 14 minutes. NtpClient has no source of accurate
time.

Error - 1/30/2012 1:36:34 PM | Computer Name = HARSH-A1EC9736B | Source = W32Time | ID = 39452689
Description = Time Provider NtpClient: An error occurred during DNS lookup of the
manually configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup
again in 15 minutes. The error was: A socket operation was attempted to an unreachable
host. (0x80072751)

Error - 1/30/2012 1:36:34 PM | Computer Name = HARSH-A1EC9736B | Source = W32Time | ID = 39452701
Description = The time provider NtpClient is configured to acquire time from one
or more time sources, however none of the sources are currently accessible. No attempt
to contact a source will be made for 15 minutes. NtpClient has no source of accurate
time.

Error - 1/30/2012 1:36:51 PM | Computer Name = HARSH-A1EC9736B | Source = atapi | ID = 262153
Description = The device, \Device\Ide\IdePort1, did not respond within the timeout
period.

Error - 1/30/2012 2:34:11 PM | Computer Name = HARSH-A1EC9736B | Source = MRxSmb | ID = 8003
Description = The master browser has received a server announcement from the computer
USER that believes that it is the master browser for the domain on transport NetBT_Tcpip_{98FF0CF6-27A8-4D4B-97D4.
The
master browser is stopping or an election is being forced.

Error - 2/2/2012 12:27:36 PM | Computer Name = HARSH-A1EC9736B | Source = MRxSmb | ID = 8003
Description = The master browser has received a server announcement from the computer
USER that believes that it is the master browser for the domain on transport NetBT_Tcpip_{98FF0CF6-27A8-4D4B-97D4.
The
master browser is stopping or an election is being forced.

Error - 2/3/2012 12:56:37 PM | Computer Name = HARSH-A1EC9736B | Source = DCOM | ID = 10001
Description = Unable to start a DCOM Server: {88F5E7B2-09B9-471E-895A-25247585905C}
as /. The error: "%32" Happened while starting this command: "C:\Program Files\NVIDIA
Corporation\Installer2\NVIDIA.Update.0\ComUpdatus.exe" -Embedding

Error - 2/4/2012 7:36:56 AM | Computer Name = HARSH-A1EC9736B | Source = DCOM | ID = 10010
Description = The server {46986115-84D6-459C-8F95-52DD653E532E} did not register
with DCOM within the required timeout.

Error - 2/4/2012 7:41:12 AM | Computer Name = HARSH-A1EC9736B | Source = DCOM | ID = 10010
Description = The server {88F5E7B2-09B9-471E-895A-25247585905C} did not register
with DCOM within the required timeout.


< End of report >
  • 0

#4
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Hi there lets look a bit deeper and see what that reveals

Warning This fix is only relevant for this system and no other, using on another computer may cause problems

Be advised that when the fix commences it will shut down all running processes and you may lose the desktop and icons, they will return on reboot

If you have Malwarebytes 1.6 or better installed please disable it for the duration of this run

Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following

    :OTL
    SRV - [2001/08/24 23:30:00 | 000,036,352 | --S- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\svchost.exe -- (PowerManager)
    O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 1
    O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 1

    :Files
    ipconfig /flushdns /c

    :Commands
    [purity]
    [resethosts]
    [emptytemp]
    [CREATERESTOREPOINT]
    [Reboot]

  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done
  • Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.

THEN

Download aswMBR.exe ( 4.1mb ) to your desktop.
Double click the aswMBR.exe to run it Click the "Scan" button to start scan

Posted Image

On completion of the scan click save log, save it to your desktop and post in your next reply

Posted Image
  • 0

#5
smoker05

smoker05

    New Member

  • Topic Starter
  • Member
  • Pip
  • 6 posts

Hi there lets look a bit deeper and see what that reveals

Warning This fix is only relevant for this system and no other, using on another computer may cause problems

Be advised that when the fix commences it will shut down all running processes and you may lose the desktop and icons, they will return on reboot

If you have Malwarebytes 1.6 or better installed please disable it for the duration of this run

Run OTL

  • Under the Custom Scans/Fixes box at the bottom, paste in the following

    :OTL
    SRV - [2001/08/24 23:30:00 | 000,036,352 | --S- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\svchost.exe -- (PowerManager)
    O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 1
    O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 1

    :Files
    ipconfig /flushdns /c

    :Commands
    [purity]
    [resethosts]
    [emptytemp]
    [CREATERESTOREPOINT]
    [Reboot]

  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done
  • Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.

THEN

Download aswMBR.exe ( 4.1mb ) to your desktop.
Double click the aswMBR.exe to run it Click the "Scan" button to start scan

Posted Image

On completion of the scan click save log, save it to your desktop and post in your next reply

Posted Image

This is the LOG after running the Custom/Scan Fixes

OTL logfile created on: 2/4/2012 7:32:54 PM - Run 2
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Documents and Settings\harsh\My Documents\Downloads\Programs
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 1.52 Gb Available Physical Memory | 75.91% Memory free
3.85 Gb Paging File | 3.47 Gb Available in Paging File | 90.30% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 48.83 Gb Total Space | 35.49 Gb Free Space | 72.68% Space Free | Partition Type: NTFS
Drive D: | 48.83 Gb Total Space | 19.45 Gb Free Space | 39.83% Space Free | Partition Type: NTFS
Drive E: | 48.83 Gb Total Space | 47.20 Gb Free Space | 96.66% Space Free | Partition Type: NTFS
Drive F: | 48.83 Gb Total Space | 48.25 Gb Free Space | 98.83% Space Free | Partition Type: NTFS
Drive G: | 37.57 Gb Total Space | 37.25 Gb Free Space | 99.17% Space Free | Partition Type: NTFS

Computer Name: HARSH-A1EC9736B | User Name: harsh | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/02/04 17:36:14 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\harsh\My Documents\Downloads\Programs\OTL.exe
PRC - [2012/01/25 03:26:53 | 001,216,496 | ---- | M] (Google Inc.) -- C:\Documents and Settings\harsh\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
PRC - [2011/11/07 20:02:02 | 000,659,456 | ---- | M] () -- C:\Program Files\Connector\Connector.exe
PRC - [2011/08/22 16:12:52 | 003,580,816 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
PRC - [2011/08/03 17:19:00 | 002,255,464 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
PRC - [2011/08/02 15:17:34 | 000,063,488 | ---- | M] () -- C:\Program Files\Samsung\USB Drivers\26_VIA_driver2\x86\VIAService.exe
PRC - [2011/07/18 18:41:22 | 003,483,032 | ---- | M] (Tonec Inc.) -- C:\Program Files\Internet Download Manager\IDMan.exe
PRC - [2010/05/25 19:58:58 | 000,263,600 | ---- | M] (Tonec Inc.) -- C:\Program Files\Internet Download Manager\IEMonitor.exe
PRC - [2008/04/14 11:12:30 | 000,086,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netsh.exe
PRC - [2008/04/14 11:12:20 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/01/02 02:52:02 | 003,739,648 | ---- | M] (Google) -- C:\Program Files\Google\Google Talk\googletalk.exe


========== Modules (No Company Name) ==========

MOD - [2012/01/25 03:26:51 | 000,441,328 | ---- | M] () -- C:\Documents and Settings\harsh\Local Settings\Application Data\Google\Chrome\Application\18.0.1017.2\ppgooglenaclpluginchrome.dll
MOD - [2012/01/25 03:26:50 | 003,889,648 | ---- | M] () -- C:\Documents and Settings\harsh\Local Settings\Application Data\Google\Chrome\Application\18.0.1017.2\pdf.dll
MOD - [2012/01/25 03:25:26 | 000,122,880 | ---- | M] () -- C:\Documents and Settings\harsh\Local Settings\Application Data\Google\Chrome\Application\18.0.1017.2\avutil-51.dll
MOD - [2012/01/25 03:25:25 | 000,222,208 | ---- | M] () -- C:\Documents and Settings\harsh\Local Settings\Application Data\Google\Chrome\Application\18.0.1017.2\avformat-53.dll
MOD - [2012/01/25 03:25:23 | 001,746,432 | ---- | M] () -- C:\Documents and Settings\harsh\Local Settings\Application Data\Google\Chrome\Application\18.0.1017.2\avcodec-53.dll
MOD - [2012/01/09 19:44:20 | 000,166,912 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll
MOD - [2011/11/07 20:02:02 | 000,659,456 | ---- | M] () -- C:\Program Files\Connector\Connector.exe
MOD - [2011/08/02 15:17:34 | 000,063,488 | ---- | M] () -- C:\Program Files\Samsung\USB Drivers\26_VIA_driver2\x86\VIAService.exe
MOD - [2011/07/05 10:08:34 | 000,355,432 | ---- | M] () -- C:\Program Files\NVIDIA Corporation\nView\nvShell.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- -- (HidServ)
SRV - [2011/08/03 17:19:00 | 002,255,464 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService)
SRV - [2011/08/02 15:17:34 | 000,063,488 | ---- | M] () [Auto | Running] -- C:\Program Files\Samsung\USB Drivers\26_VIA_driver2\x86\VIAService.exe -- (CDMA Device Service)
SRV - [2011/03/16 10:42:06 | 000,485,160 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Running] -- -- (abp470n5)
DRV - [2011/07/18 09:54:42 | 000,014,920 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sscdmdfl.sys -- (sscdmdfl)
DRV - [2011/07/18 09:54:40 | 000,132,424 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sscdmdm.sys -- (sscdmdm)
DRV - [2011/07/18 09:54:40 | 000,104,648 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sscdbus.sys -- (sscdbus) SAMSUNG USB Composite Device driver (WDM)
DRV - [2011/07/18 09:54:08 | 000,136,808 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssadmdm.sys -- (ssadmdm)
DRV - [2011/07/18 09:54:08 | 000,121,064 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssadbus.sys -- (ssadbus) SAMSUNG Android USB Composite Device driver (WDM)
DRV - [2011/07/18 09:54:08 | 000,012,776 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssadmdfl.sys -- (ssadmdfl) SAMSUNG Android USB Modem (Filter)
DRV - [2011/07/06 20:44:42 | 000,101,616 | ---- | M] (Tonec Inc.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\idmtdi.sys -- (IDMTDI)
DRV - [2007/03/13 12:32:20 | 004,474,368 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========


FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=1.1.11: C:\Program Files\VideoLAN\VLC\npvlc.dll (the VideoLAN Team)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/02/03 00:02:52 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Documents and Settings\harsh\Application Data\IDM\idmmzcc5 [2012/01/30 23:19:12 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\SeaMonkey\Extensions\\[email protected]: C:\Documents and Settings\harsh\Application Data\IDM\idmmzcc5 [2012/01/30 23:19:12 | 000,000,000 | ---D | M]

[2012/02/03 00:02:59 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\harsh\Application Data\Mozilla\Extensions
[2012/02/03 00:02:59 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\harsh\Application Data\Mozilla\Firefox\Profiles\d7kkcky7.default\extensions
[2012/02/03 00:02:52 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012/02/03 00:02:52 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\distribution\extensions
() (No name found) -- C:\DOCUMENTS AND SETTINGS\HARSH\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\D7KKCKY7.DEFAULT\EXTENSIONS\[email protected]
[2012/01/24 19:02:18 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012/01/24 16:51:10 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012/01/24 16:51:10 | 000,002,040 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms},
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Documents and Settings\harsh\Local Settings\Application Data\Google\Chrome\Application\18.0.1017.2\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Documents and Settings\harsh\Local Settings\Application Data\Google\Chrome\Application\18.0.1017.2\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Documents and Settings\harsh\Local Settings\Application Data\Google\Chrome\Application\18.0.1017.2\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Documents and Settings\harsh\Local Settings\Application Data\Google\Chrome\User Data\PepperFlash\11.1.31.203\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: VLC Multimedia Plug-in (Enabled) = C:\Program Files\VideoLAN\VLC\npvlc.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: Turn Off the Lights = C:\Documents and Settings\harsh\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\bfbmjmiodbnnpllbbbfblcplfjjepjdn\2.0.0.46_0\
CHR - Extension: YouTube = C:\Documents and Settings\harsh\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.3_0\
CHR - Extension: Google Search = C:\Documents and Settings\harsh\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.16_0\
CHR - Extension: The Times of India = C:\Documents and Settings\harsh\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\hkifncilkifgngmpmnmokphicplifhnn\1.0.4_0\
CHR - Extension: Facebook video player = C:\Documents and Settings\harsh\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jkfcaefgomacelijlinohbdfiecabhig\0.1.2_0\
CHR - Extension: Google Dictionary (by Google) = C:\Documents and Settings\harsh\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\mgijmajocgfcbeboacabfgobmjgjcoja\3.0.10_0\
CHR - Extension: Gmail = C:\Documents and Settings\harsh\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2012/02/04 19:28:31 | 000,000,098 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (IDM integration (IDMIEHlprObj Class)) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll (Internet Download Manager, Tonec Inc.)
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [googletalk] C:\Program Files\Google\Google Talk\googletalk.exe (Google)
O4 - HKLM..\Run: [KiesHelper] C:\Program Files\Samsung\Kies\KiesHelper.exe (Samsung)
O4 - HKLM..\Run: [KiesTrayAgent] C:\Program Files\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\nvmctray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe ()
O4 - HKCU..\Run: [Connector] C:\Program Files\Connector\Connector.exe ()
O4 - HKCU..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe (Tonec Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 1
O8 - Extra context menu item: Download all links with IDM - C:\Program Files\Internet Download Manager\IEGetAll.htm ()
O8 - Extra context menu item: Download with IDM - C:\Program Files\Internet Download Manager\IEExt.htm ()
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{98FF0CF6-27A8-4D4B-97D4-B2B98E200A76}: NameServer = 208.67.222.222,208.67.220.220
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2012/01/30 22:34:17 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2012/02/04 19:28:28 | 000,000,000 | ---D | C] -- C:\_OTL
[2012/02/04 17:05:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\harsh\Start Menu\Programs\WinRAR
[2012/02/04 17:05:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\WinRAR
[2012/02/04 17:05:09 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR
[2012/02/04 15:57:23 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\LogFiles
[2012/02/04 15:56:07 | 000,136,808 | ---- | C] (MCCI Corporation) -- C:\WINDOWS\System32\drivers\ssadmdm.sys
[2012/02/04 15:56:07 | 000,121,064 | ---- | C] (MCCI Corporation) -- C:\WINDOWS\System32\drivers\ssadbus.sys
[2012/02/04 15:56:07 | 000,012,776 | ---- | C] (MCCI Corporation) -- C:\WINDOWS\System32\drivers\ssadmdfl.sys
[2012/02/04 15:56:07 | 000,010,472 | ---- | C] (MCCI Corporation) -- C:\WINDOWS\System32\drivers\ssadcmnt.sys
[2012/02/04 15:56:07 | 000,010,472 | ---- | C] (MCCI Corporation) -- C:\WINDOWS\System32\drivers\ssadcm.sys
[2012/02/04 15:56:07 | 000,010,344 | ---- | C] (MCCI Corporation) -- C:\WINDOWS\System32\drivers\ssadwhnt.sys
[2012/02/04 15:56:07 | 000,010,344 | ---- | C] (MCCI Corporation) -- C:\WINDOWS\System32\drivers\ssadwh.sys
[2012/02/04 15:55:58 | 000,132,424 | ---- | C] (MCCI Corporation) -- C:\WINDOWS\System32\drivers\sscdmdm.sys
[2012/02/04 15:55:58 | 000,104,648 | ---- | C] (MCCI Corporation) -- C:\WINDOWS\System32\drivers\sscdbus.sys
[2012/02/04 15:55:58 | 000,014,920 | ---- | C] (MCCI Corporation) -- C:\WINDOWS\System32\drivers\sscdmdfl.sys
[2012/02/04 15:55:58 | 000,012,616 | ---- | C] (MCCI Corporation) -- C:\WINDOWS\System32\drivers\sscdcmnt.sys
[2012/02/04 15:55:58 | 000,012,616 | ---- | C] (MCCI Corporation) -- C:\WINDOWS\System32\drivers\sscdcm.sys
[2012/02/04 15:55:58 | 000,012,488 | ---- | C] (MCCI Corporation) -- C:\WINDOWS\System32\drivers\sscdwhnt.sys
[2012/02/04 15:55:58 | 000,012,488 | ---- | C] (MCCI Corporation) -- C:\WINDOWS\System32\drivers\sscdwh.sys
[2012/02/04 15:55:55 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\DRVSTORE
[2012/02/04 15:55:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Samsung
[2012/02/04 15:55:23 | 004,659,712 | ---- | C] (Dmitry Streblechenko) -- C:\WINDOWS\System32\Redemption.dll
[2012/02/04 15:55:12 | 000,821,824 | ---- | C] (Devguru Co., Ltd.) -- C:\WINDOWS\System32\dgderapi.dll
[2012/02/04 15:55:12 | 000,020,032 | ---- | C] (Devguru Co., Ltd) -- C:\WINDOWS\System32\drivers\dgderdrv.sys
[2012/02/04 15:55:12 | 000,000,000 | ---D | C] -- C:\Program Files\MarkAny
[2012/02/04 15:54:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\harsh\Application Data\Samsung
[2012/02/04 15:54:40 | 000,000,000 | ---D | C] -- C:\Program Files\Samsung
[2012/02/04 15:54:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Samsung
[2012/02/04 15:50:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\harsh\Local Settings\Application Data\Downloaded Installations
[2012/02/04 15:40:33 | 000,000,000 | ---D | C] -- C:\WINDOWS\assembly
[2012/02/04 15:39:59 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET
[2012/02/04 15:39:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\Microsoft.NET
[2012/02/04 15:28:46 | 000,000,000 | ---D | C] -- C:\totalcmd
[2012/02/04 15:28:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\harsh\Start Menu\Programs\Total Commander
[2012/02/04 15:28:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\harsh\Application Data\GHISLER
[2012/02/04 15:25:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\harsh\Desktop\Flashing Tools
[2012/02/04 13:11:48 | 000,000,000 | ---D | C] -- C:\WINDOWS\pss
[2012/02/03 00:02:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\harsh\Local Settings\Application Data\Mozilla
[2012/02/03 00:02:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\harsh\Application Data\Mozilla
[2012/02/03 00:02:51 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2012/02/02 18:40:49 | 000,000,000 | ---D | C] -- C:\output
[2012/02/02 18:34:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\harsh\Application Data\PhotoScape
[2012/02/02 18:34:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\PhotoScape
[2012/02/02 18:34:21 | 000,000,000 | ---D | C] -- C:\Program Files\PhotoScape
[2012/02/01 23:59:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Google Talk
[2012/02/01 23:58:26 | 000,000,000 | ---D | C] -- C:\Program Files\Google
[2012/02/01 23:50:43 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Steam
[2012/02/01 23:50:42 | 000,000,000 | ---D | C] -- C:\Program Files\Steam
[2012/02/01 23:50:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Steam
[2012/02/01 23:41:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\harsh\Local Settings\Application Data\Temp
[2012/02/01 23:41:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\harsh\Local Settings\Application Data\Adobe
[2012/02/01 23:40:27 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2012/02/01 23:40:27 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe
[2012/02/01 23:39:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Adobe
[2012/02/01 16:10:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\harsh\Application Data\vlc
[2012/02/01 16:09:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\VideoLAN
[2012/02/01 16:09:17 | 000,000,000 | ---D | C] -- C:\Program Files\VideoLAN
[2012/01/31 22:39:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\harsh\Application Data\TeamViewer
[2012/01/31 22:39:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\TeamViewer 7
[2012/01/31 22:39:03 | 000,000,000 | ---D | C] -- C:\Program Files\TeamViewer
[2012/01/31 15:13:40 | 000,000,000 | ---D | C] -- C:\Program Files\uTorrent
[2012/01/31 15:13:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\harsh\Application Data\uTorrent
[2012/01/31 14:02:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Last.fm
[2012/01/31 14:02:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\harsh\Local Settings\Application Data\Last.fm
[2012/01/31 14:02:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Last.fm
[2012/01/31 14:02:04 | 000,000,000 | ---D | C] -- C:\Program Files\Last.fm
[2012/01/31 14:00:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Winamp
[2012/01/31 14:00:30 | 000,000,000 | ---D | C] -- C:\WINDOWS\Logs
[2012/01/31 13:59:33 | 000,000,000 | ---D | C] -- C:\Program Files\Winamp
[2012/01/31 13:59:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\harsh\Application Data\Winamp
[2012/01/31 03:47:43 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\My Music
[2012/01/31 03:47:11 | 000,000,000 | -HSD | C] -- C:\WINDOWS\Installer
[2012/01/31 03:47:10 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ODBC
[2012/01/31 03:47:04 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\SpeechEngines
[2012/01/31 03:47:04 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Microsoft Shared
[2012/01/31 03:47:03 | 000,000,000 | R--D | C] -- C:\Program Files
[2012/01/31 03:47:03 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files
[2012/01/31 03:46:27 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup
[2012/01/31 03:46:27 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Start Menu
[2012/01/31 03:46:27 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents
[2012/01/31 03:46:27 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Templates
[2012/01/31 03:46:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Favorites
[2012/01/31 03:46:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Desktop
[2012/01/31 03:46:04 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot2
[2012/01/31 03:46:04 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot
[2012/01/31 03:45:58 | 000,000,000 | --SD | C] -- C:\Documents and Settings\All Users\Application Data\Microsoft
[2012/01/31 03:45:58 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\All Users\Application Data
[2012/01/31 03:45:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings
[2012/01/31 03:42:57 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2012/01/31 03:36:10 | 000,000,000 | R-SD | C] -- C:\WINDOWS\Fonts
[2012/01/31 03:36:10 | 000,000,000 | RHSD | C] -- C:\WINDOWS\System32\dllcache
[2012/01/31 03:36:10 | 000,000,000 | R--D | C] -- C:\WINDOWS\Web
[2012/01/31 03:36:10 | 000,000,000 | -H-D | C] -- C:\WINDOWS\inf
[2012/01/31 03:36:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\WinSxS
[2012/01/31 03:36:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\wins
[2012/01/31 03:36:10 | 000,000,000 | ---D | C] -- C:\WINDOWS
[2012/01/31 03:36:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\wbem
[2012/01/31 03:36:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\usmt
[2012/01/31 03:36:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\UMDF
[2012/01/31 03:36:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\twain_32
[2012/01/31 03:36:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\Temp
[2012/01/31 03:36:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\system32
[2012/01/31 03:36:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\system
[2012/01/31 03:36:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\spool
[2012/01/31 03:36:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ShellExt
[2012/01/31 03:36:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Setup
[2012/01/31 03:36:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\security
[2012/01/31 03:36:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\scripting
[2012/01/31 03:36:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\Resources
[2012/01/31 03:36:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\repair
[2012/01/31 03:36:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ras
[2012/01/31 03:36:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\Provisioning
[2012/01/31 03:36:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\PeerNet
[2012/01/31 03:36:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\pchealth
[2012/01/31 03:36:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\oobe
[2012/01/31 03:36:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\npp
[2012/01/31 03:36:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\Network Diagnostic
[2012/01/31 03:36:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\mui
[2012/01/31 03:36:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\mui
[2012/01/31 03:36:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\msapps
[2012/01/31 03:36:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\msagent
[2012/01/31 03:36:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\Media
[2012/01/31 03:36:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\L2Schemas
[2012/01/31 03:36:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\java
[2012/01/31 03:36:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\inetsrv
[2012/01/31 03:36:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\IME
[2012/01/31 03:36:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\ime
[2012/01/31 03:36:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\icsxml
[2012/01/31 03:36:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ias
[2012/01/31 03:36:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\Help
[2012/01/31 03:36:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\export
[2012/01/31 03:36:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\etc
[2012/01/31 03:36:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\en
[2012/01/31 03:36:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\ehome
[2012/01/31 03:36:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers
[2012/01/31 03:36:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\Driver Cache
[2012/01/31 03:36:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\disdn
[2012/01/31 03:36:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\dhcp
[2012/01/31 03:36:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\Debug
[2012/01/31 03:36:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\Cursors
[2012/01/31 03:36:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\Connection Wizard
[2012/01/31 03:36:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\config
[2012/01/31 03:36:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\Config
[2012/01/31 03:36:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\AppPatch
[2012/01/31 03:36:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\addins
[2012/01/31 03:36:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\3com_dmi
[2012/01/31 03:36:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\3076
[2012/01/31 03:36:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\2052
[2012/01/31 03:36:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1054
[2012/01/31 03:36:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1042
[2012/01/31 03:36:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1041
[2012/01/31 03:36:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1037
[2012/01/31 03:36:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1033
[2012/01/31 03:36:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1031
[2012/01/31 03:36:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1028
[2012/01/31 03:36:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1025
[2012/01/31 00:21:17 | 000,000,000 | R--D | C] -- C:\Documents and Settings\harsh\My Documents\My Videos
[2012/01/31 00:18:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\harsh\Application Data\WinRAR
[2012/01/30 23:51:51 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2012/01/30 23:36:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\harsh\Application Data\Skype
[2012/01/30 23:36:13 | 000,000,000 | R--D | C] -- C:\Program Files\Skype
[2012/01/30 23:36:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Skype
[2012/01/30 23:36:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Skype
[2012/01/30 23:20:33 | 000,273,920 | ---- | C] (Task Manager Fix) -- C:\Documents and Settings\harsh\Desktop\TaskManagerFix.exe
[2012/01/30 23:19:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\harsh\Application Data\IDM
[2012/01/30 23:19:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\harsh\Application Data\DMCache
[2012/01/30 23:19:08 | 000,000,000 | ---D | C] -- C:\Program Files\Internet Download Manager
[2012/01/30 23:19:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\harsh\Start Menu\Programs\Internet Download Manager
[2012/01/30 23:19:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Internet Download Manager
[2012/01/30 23:16:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\harsh\Application Data\Macromedia
[2012/01/30 23:16:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\harsh\Application Data\Adobe
[2012/01/30 23:16:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\harsh\My Documents\Downloads
[2012/01/30 23:14:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\harsh\Start Menu\Programs\Google Chrome
[2012/01/30 23:14:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\harsh\Local Settings\Application Data\Google
[2012/01/30 23:11:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\NVIDIA Corporation
[2012/01/30 23:11:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\NVIDIA
[2012/01/30 23:11:07 | 000,061,440 | ---- | C] (Khronos Group) -- C:\WINDOWS\System32\OpenCL.dll
[2012/01/30 23:10:52 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation
[2012/01/30 23:10:24 | 000,000,000 | ---D | C] -- C:\NVIDIA
[2012/01/30 23:09:54 | 000,000,000 | ---D | C] -- C:\Program Files\Connector
[2012/01/30 23:05:44 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Lang
[2012/01/30 23:04:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\RTCOM
[2012/01/30 23:02:53 | 002,808,832 | R--- | C] (RealTek Semicoductor Corp.) -- C:\WINDOWS\alcwzrd.exe
[2012/01/30 23:02:52 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek
[2012/01/30 23:02:51 | 000,000,000 | -H-D | C] -- C:\Program Files\InstallShield Installation Information
[2012/01/30 23:02:42 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\InstallShield
[2012/01/30 22:56:37 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ReinstallBackups
[2012/01/30 22:56:36 | 000,000,000 | ---D | C] -- C:\Program Files\Intel
[2012/01/30 22:56:18 | 000,000,000 | ---D | C] -- C:\Program Files\MSXML 4.0
[2012/01/30 22:54:48 | 000,000,000 | ---D | C] -- C:\TempEI4
[2012/01/30 22:51:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\harsh\Application Data\Identities
[2012/01/30 22:51:34 | 000,000,000 | -H-D | C] -- C:\Program Files\Uninstall Information
[2012/01/30 22:51:32 | 000,000,000 | R--D | C] -- C:\Documents and Settings\harsh\My Documents\My Pictures
[2012/01/30 22:51:32 | 000,000,000 | R--D | C] -- C:\Documents and Settings\harsh\My Documents\My Music
[2012/01/30 22:51:29 | 000,000,000 | --SD | C] -- C:\Documents and Settings\harsh\Application Data\Microsoft
[2012/01/30 22:51:29 | 000,000,000 | --SD | C] -- C:\Documents and Settings\harsh\Cookies
[2012/01/30 22:51:29 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\harsh\SendTo
[2012/01/30 22:51:29 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\harsh\Recent
[2012/01/30 22:51:29 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\harsh\Application Data
[2012/01/30 22:51:29 | 000,000,000 | R--D | C] -- C:\Documents and Settings\harsh\Start Menu\Programs\Startup
[2012/01/30 22:51:29 | 000,000,000 | R--D | C] -- C:\Documents and Settings\harsh\Start Menu
[2012/01/30 22:51:29 | 000,000,000 | R--D | C] -- C:\Documents and Settings\harsh\My Documents
[2012/01/30 22:51:29 | 000,000,000 | R--D | C] -- C:\Documents and Settings\harsh\Favorites
[2012/01/30 22:51:29 | 000,000,000 | R--D | C] -- C:\Documents and Settings\harsh\Start Menu\Programs\Accessories
[2012/01/30 22:51:29 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\harsh\Templates
[2012/01/30 22:51:29 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\harsh\PrintHood
[2012/01/30 22:51:29 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\harsh\NetHood
[2012/01/30 22:51:29 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\harsh\Local Settings
[2012/01/30 22:51:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\harsh\Local Settings\Application Data\Microsoft
[2012/01/30 22:51:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\harsh\Desktop
[2012/01/30 22:50:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\SoftwareDistribution
[2012/01/30 22:50:55 | 000,000,000 | --SD | C] -- C:\WINDOWS\System32\Microsoft
[2012/01/30 22:50:55 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2012/01/30 22:50:51 | 000,000,000 | --SD | C] -- C:\Documents and Settings\LocalService\Application Data\Microsoft
[2012/01/30 22:50:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft
[2012/01/30 22:40:40 | 000,000,000 | --SD | C] -- C:\Documents and Settings\NetworkService\Application Data\Microsoft
[2012/01/30 22:40:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft
[2012/01/30 22:38:01 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia330.dll
[2012/01/30 22:38:01 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia001.dll
[2012/01/30 22:38:01 | 000,029,184 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rw330ext.dll
[2012/01/30 22:35:37 | 000,054,528 | ---- | C] (Philips Semiconductors GmbH) -- C:\WINDOWS\System32\dllcache\cap7146.sys
[2012/01/30 22:34:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\xircom
[2012/01/30 22:34:41 | 000,000,000 | ---D | C] -- C:\Program Files\xerox
[2012/01/30 22:34:41 | 000,000,000 | ---D | C] -- C:\Program Files\microsoft frontpage
[2012/01/30 22:32:39 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\All Users\DRM
[2012/01/30 22:32:18 | 000,000,000 | --SD | C] -- C:\WINDOWS\Downloaded Program Files
[2012/01/30 22:32:18 | 000,000,000 | R--D | C] -- C:\WINDOWS\Offline Web Pages
[2012/01/30 22:31:55 | 000,000,000 | -H-D | C] -- C:\Program Files\WindowsUpdate
[2012/01/30 22:31:27 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\DirectX
[2012/01/30 22:31:03 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Services
[2012/01/30 22:30:59 | 000,000,000 | --SD | C] -- C:\WINDOWS\Tasks
[2012/01/30 22:30:57 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\MSSoap
[2012/01/30 22:30:51 | 000,000,000 | ---D | C] -- C:\WINDOWS\srchasst
[2012/01/30 22:30:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Macromed
[2012/01/30 22:30:39 | 000,000,000 | ---D | C] -- C:\Program Files\Movie Maker
[2012/01/30 22:30:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Restore
[2012/01/30 22:30:02 | 000,000,000 | ---D | C] -- C:\Program Files\NetMeeting
[2012/01/30 22:29:57 | 000,000,000 | ---D | C] -- C:\Program Files\Outlook Express
[2012/01/30 22:29:47 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\System
[2012/01/30 22:29:45 | 000,000,000 | ---D | C] -- C:\Program Files\Internet Explorer
[2012/01/30 22:29:43 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\My Pictures
[2012/01/30 22:29:12 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Games
[2012/01/30 22:28:59 | 000,000,000 | ---D | C] -- C:\Program Files\ComPlus Applications
[2012/01/30 22:28:50 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Administrative Tools
[2012/01/30 22:28:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\Registration
[2012/01/30 22:28:37 | 000,000,000 | ---D | C] -- C:\Program Files\Online Services
[2012/01/30 22:28:21 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Media Connect 2
[2012/01/30 22:28:20 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Media Player
[2012/01/30 22:28:18 | 000,000,000 | ---D | C] -- C:\Program Files\Messenger
[2012/01/30 22:28:13 | 000,000,000 | ---D | C] -- C:\Program Files\MSN Gaming Zone
[2012/01/30 22:26:42 | 000,000,000 | ---D | C] -- C:\Program Files\MSN
[2012/01/30 22:26:41 | 000,281,088 | ---- | C] (Cinematronics) -- C:\WINDOWS\System32\dllcache\pinball.exe
[2012/01/30 22:26:40 | 000,000,000 | ---D | C] -- C:\Program Files\Windows NT
[2012/01/30 22:26:38 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\en-US
[2012/01/30 22:26:33 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\MsDtc
[2012/01/30 22:26:29 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Com
[2012/01/30 22:26:11 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\My Videos
[2012/01/30 22:25:48 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Accessories
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/02/04 19:30:20 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012/02/04 19:28:31 | 000,000,098 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\Hosts
[2012/02/04 15:55:26 | 000,001,612 | ---- | M] () -- C:\Documents and Settings\harsh\Application Data\Microsoft\Internet Explorer\Quick Launch\Samsung Kies.lnk
[2012/02/04 15:54:19 | 000,442,830 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012/02/04 15:54:19 | 000,069,738 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012/02/04 15:28:48 | 000,000,548 | ---- | M] () -- C:\Documents and Settings\harsh\Desktop\Total Commander.lnk
[2012/02/04 13:11:59 | 000,000,211 | -HS- | M] () -- C:\boot.ini
[2012/02/03 16:04:28 | 000,013,528 | ---- | M] () -- C:\Documents and Settings\harsh\Desktop\430535_163077993803407_100003036220358_228035_562683593_n.jpg
[2012/02/03 15:51:54 | 000,007,314 | ---- | M] () -- C:\Documents and Settings\harsh\Desktop\animated-gifs-cigars-003.gif
[2012/02/03 13:54:50 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012/02/03 00:02:53 | 000,000,742 | ---- | M] () -- C:\Documents and Settings\harsh\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2012/02/03 00:02:53 | 000,000,724 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2012/02/02 18:34:28 | 000,000,724 | ---- | M] () -- C:\Documents and Settings\harsh\Application Data\Microsoft\Internet Explorer\Quick Launch\PhotoScape.lnk
[2012/02/02 18:34:28 | 000,000,706 | ---- | M] () -- C:\Documents and Settings\harsh\Desktop\PhotoScape.lnk
[2012/02/02 16:31:32 | 000,041,472 | ---- | M] () -- C:\Documents and Settings\harsh\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/02/01 23:50:44 | 000,000,664 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Steam.lnk
[2012/02/01 23:40:45 | 000,001,734 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader X.lnk
[2012/02/01 16:09:40 | 000,000,719 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\VLC media player.lnk
[2012/01/31 22:39:07 | 000,000,815 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\TeamViewer 7.lnk
[2012/01/31 15:13:40 | 000,000,630 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\µTorrent.lnk
[2012/01/31 14:02:07 | 000,000,611 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Last.fm.lnk
[2012/01/31 14:00:36 | 000,000,654 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Winamp.lnk
[2012/01/31 03:47:19 | 000,004,444 | ---- | M] () -- C:\WINDOWS\System32\pid.PNF
[2012/01/31 02:02:00 | 261,409,280 | ---- | M] () -- C:\Documents and Settings\harsh\Desktop\Purumod v1.0 Mega Edition.tar
[2012/01/31 00:21:10 | 000,000,800 | ---- | M] () -- C:\Documents and Settings\harsh\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk
[2012/01/30 23:20:50 | 000,273,920 | ---- | M] (Task Manager Fix) -- C:\Documents and Settings\harsh\Desktop\TaskManagerFix.exe
[2012/01/30 23:14:53 | 000,002,262 | ---- | M] () -- C:\Documents and Settings\harsh\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2012/01/30 23:14:52 | 000,002,284 | ---- | M] () -- C:\Documents and Settings\harsh\Desktop\Google Chrome.lnk
[2012/01/30 23:11:17 | 000,280,276 | ---- | M] () -- C:\WINDOWS\System32\nvdrsdb0.bin
[2012/01/30 23:11:17 | 000,000,001 | ---- | M] () -- C:\WINDOWS\System32\nvdrssel.bin
[2012/01/30 23:11:14 | 000,280,276 | ---- | M] () -- C:\WINDOWS\System32\nvdrsdb1.bin
[2012/01/30 23:11:14 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\nvdrswr.lk
[2012/01/30 23:09:54 | 000,000,714 | ---- | M] () -- C:\Documents and Settings\harsh\Desktop\IPConnect.lnk
[2012/01/30 23:05:44 | 000,940,794 | ---- | M] () -- C:\WINDOWS\System32\LoopyMusic.wav
[2012/01/30 23:05:44 | 000,146,650 | ---- | M] () -- C:\WINDOWS\System32\BuzzingBee.wav
[2012/01/30 22:51:46 | 000,000,779 | ---- | M] () -- C:\Documents and Settings\harsh\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2012/01/30 22:51:45 | 000,000,079 | ---- | M] () -- C:\Documents and Settings\harsh\Application Data\Microsoft\Internet Explorer\Quick Launch\Show Desktop.scf
[2012/01/30 22:40:43 | 000,008,192 | ---- | M] () -- C:\WINDOWS\REGLOCS.OLD
[2012/01/30 22:40:33 | 000,090,296 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012/01/30 22:39:39 | 000,000,283 | ---- | M] () -- C:\WINDOWS\System32\$winnt$.inf
[2012/01/30 22:34:17 | 000,002,577 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2012/01/30 22:34:17 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2012/01/30 22:34:17 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2012/01/30 22:34:17 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2012/01/30 22:34:17 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2012/01/30 22:34:07 | 000,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb
[2012/01/30 22:34:07 | 000,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb
[2012/01/30 22:34:05 | 000,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx
[2012/01/30 22:33:52 | 000,004,161 | ---- | M] () -- C:\WINDOWS\ODBCINST.INI
[2012/01/30 22:29:10 | 000,021,640 | ---- | M] () -- C:\WINDOWS\System32\emptyregdb.dat
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/02/04 15:55:26 | 000,001,612 | ---- | C] () -- C:\Documents and Settings\harsh\Application Data\Microsoft\Internet Explorer\Quick Launch\Samsung Kies.lnk
[2012/02/04 15:28:48 | 000,000,548 | ---- | C] () -- C:\Documents and Settings\harsh\Desktop\Total Commander.lnk
[2012/02/04 15:28:46 | 000,000,545 | ---- | C] () -- C:\WINDOWS\UC.PIF
[2012/02/04 15:28:46 | 000,000,545 | ---- | C] () -- C:\WINDOWS\RAR.PIF
[2012/02/04 15:28:46 | 000,000,545 | ---- | C] () -- C:\WINDOWS\PKZIP.PIF
[2012/02/04 15:28:46 | 000,000,545 | ---- | C] () -- C:\WINDOWS\PKUNZIP.PIF
[2012/02/04 15:28:46 | 000,000,545 | ---- | C] () -- C:\WINDOWS\NOCLOSE.PIF
[2012/02/04 15:28:46 | 000,000,545 | ---- | C] () -- C:\WINDOWS\LHA.PIF
[2012/02/04 15:28:46 | 000,000,545 | ---- | C] () -- C:\WINDOWS\ARJ.PIF
[2012/02/04 15:25:03 | 261,409,280 | ---- | C] () -- C:\Documents and Settings\harsh\Desktop\Purumod v1.0 Mega Edition.tar
[2012/02/03 16:04:30 | 000,013,528 | ---- | C] () -- C:\Documents and Settings\harsh\Desktop\430535_163077993803407_100003036220358_228035_562683593_n.jpg
[2012/02/03 15:51:55 | 000,007,314 | ---- | C] () -- C:\Documents and Settings\harsh\Desktop\animated-gifs-cigars-003.gif
[2012/02/03 00:02:53 | 000,000,742 | ---- | C] () -- C:\Documents and Settings\harsh\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2012/02/03 00:02:53 | 000,000,730 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Mozilla Firefox.lnk
[2012/02/03 00:02:53 | 000,000,724 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2012/02/02 18:34:28 | 000,000,724 | ---- | C] () -- C:\Documents and Settings\harsh\Application Data\Microsoft\Internet Explorer\Quick Launch\PhotoScape.lnk
[2012/02/02 18:34:28 | 000,000,706 | ---- | C] () -- C:\Documents and Settings\harsh\Desktop\PhotoScape.lnk
[2012/02/01 23:50:44 | 000,000,664 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Steam.lnk
[2012/02/01 23:40:45 | 000,001,804 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Adobe Reader X.lnk
[2012/02/01 23:40:45 | 000,001,734 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader X.lnk
[2012/02/01 16:09:40 | 000,000,719 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\VLC media player.lnk
[2012/01/31 23:27:42 | 000,041,472 | ---- | C] () -- C:\Documents and Settings\harsh\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/01/31 22:39:07 | 000,000,815 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\TeamViewer 7.lnk
[2012/01/31 15:13:40 | 000,000,630 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\µTorrent.lnk
[2012/01/31 14:02:07 | 000,000,611 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Last.fm.lnk
[2012/01/31 14:00:36 | 000,000,654 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Winamp.lnk
[2012/01/31 03:47:19 | 000,004,444 | ---- | C] () -- C:\WINDOWS\System32\pid.PNF
[2012/01/31 03:47:10 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2012/01/31 03:47:05 | 001,685,606 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sam.spd
[2012/01/31 03:47:05 | 000,605,050 | ---- | C] () -- C:\WINDOWS\System32\dllcache\r1033tts.lxa
[2012/01/31 03:47:05 | 000,000,888 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sam.sdf
[2012/01/31 03:47:04 | 000,643,717 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ltts1033.lxa
[2012/01/31 03:46:43 | 000,001,688 | ---- | C] () -- C:\WINDOWS\System32\AUTOEXEC.NT
[2012/01/31 03:46:25 | 000,144,484 | ---- | C] () -- C:\WINDOWS\System32\dllcache\netfx.cat
[2012/01/31 03:46:25 | 000,112,918 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tabletpc.cat
[2012/01/31 03:46:25 | 000,037,484 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MW770.CAT
[2012/01/31 03:46:25 | 000,034,747 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mediactr.cat
[2012/01/31 03:46:25 | 000,026,991 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msn7.cat
[2012/01/31 03:46:25 | 000,014,433 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msn9.cat
[2012/01/31 03:46:25 | 000,013,472 | ---- | C] () -- C:\WINDOWS\System32\dllcache\HPCRDP.CAT
[2012/01/31 03:46:25 | 000,010,027 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MSTSWEB.CAT
[2012/01/31 03:46:25 | 000,008,574 | ---- | C] () -- C:\WINDOWS\System32\dllcache\IASNT4.CAT
[2012/01/31 03:46:25 | 000,007,382 | ---- | C] () -- C:\WINDOWS\System32\dllcache\OEMBIOS.CAT
[2012/01/31 03:46:25 | 000,007,334 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmerrenu.cat
[2012/01/31 03:46:24 | 001,296,669 | ---- | C] () -- C:\WINDOWS\System32\dllcache\SP3.CAT
[2012/01/31 03:46:24 | 000,797,189 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5IIS.CAT
[2012/01/31 03:46:24 | 000,399,645 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MAPIMIG.CAT
[2012/01/31 03:46:24 | 000,034,063 | ---- | C] () -- C:\WINDOWS\System32\dllcache\FP4.CAT
[2012/01/31 03:46:24 | 000,016,535 | ---- | C] () -- C:\WINDOWS\System32\dllcache\IMS.CAT
[2012/01/31 03:46:24 | 000,012,363 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MSMSGS.CAT
[2012/01/31 03:46:23 | 002,144,487 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5.CAT
[2012/01/31 03:46:23 | 000,522,220 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5INF.CAT
[2012/01/31 03:45:26 | 000,090,296 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012/01/31 03:44:25 | 000,000,211 | -HS- | C] () -- C:\boot.ini
[2012/01/31 03:44:18 | 000,000,283 | ---- | C] () -- C:\WINDOWS\System32\$winnt$.inf
[2012/01/31 00:21:10 | 000,000,800 | ---- | C] () -- C:\Documents and Settings\harsh\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk
[2012/01/30 23:14:53 | 000,002,262 | ---- | C] () -- C:\Documents and Settings\harsh\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2012/01/30 23:14:52 | 000,002,284 | ---- | C] () -- C:\Documents and Settings\harsh\Desktop\Google Chrome.lnk
[2012/01/30 23:11:14 | 000,280,276 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb1.bin
[2012/01/30 23:11:14 | 000,280,276 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb0.bin
[2012/01/30 23:11:14 | 000,000,001 | ---- | C] () -- C:\WINDOWS\System32\nvdrssel.bin
[2012/01/30 23:11:14 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\nvdrswr.lk
[2012/01/30 23:11:07 | 000,003,249 | ---- | C] () -- C:\WINDOWS\System32\nvinfo.pb
[2012/01/30 23:11:06 | 002,128,778 | ---- | C] () -- C:\WINDOWS\System32\nvdata.data
[2012/01/30 23:09:54 | 000,000,714 | ---- | C] () -- C:\Documents and Settings\harsh\Desktop\IPConnect.lnk
[2012/01/30 23:05:44 | 000,940,794 | ---- | C] () -- C:\WINDOWS\System32\LoopyMusic.wav
[2012/01/30 23:05:44 | 000,146,650 | ---- | C] () -- C:\WINDOWS\System32\BuzzingBee.wav
[2012/01/30 23:04:16 | 000,049,152 | R--- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2012/01/30 22:59:56 | 000,001,904 | ---- | C] () -- C:\WINDOWS\System32\SetupBD.din
[2012/01/30 22:59:53 | 000,005,456 | R--- | C] () -- C:\WINDOWS\System32\e100b325.din
[2012/01/30 22:51:45 | 000,000,079 | ---- | C] () -- C:\Documents and Settings\harsh\Application Data\Microsoft\Internet Explorer\Quick Launch\Show Desktop.scf
[2012/01/30 22:51:36 | 000,000,738 | ---- | C] () -- C:\Documents and Settings\harsh\Start Menu\Programs\Outlook Express.lnk
[2012/01/30 22:51:34 | 000,000,779 | ---- | C] () -- C:\Documents and Settings\harsh\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2012/01/30 22:51:34 | 000,000,767 | ---- | C] () -- C:\Documents and Settings\harsh\Start Menu\Programs\Internet Explorer.lnk
[2012/01/30 22:51:29 | 000,001,599 | ---- | C] () -- C:\Documents and Settings\harsh\Start Menu\Programs\Remote Assistance.lnk
[2012/01/30 22:51:29 | 000,000,788 | ---- | C] () -- C:\Documents and Settings\harsh\Start Menu\Programs\Windows Media Player.lnk
[2012/01/30 22:40:43 | 000,008,192 | ---- | C] () -- C:\WINDOWS\REGLOCS.OLD
[2012/01/30 22:39:39 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2012/01/30 22:37:51 | 000,175,104 | ---- | C] () -- C:\WINDOWS\System32\dllcache\pintlcsa.dll
[2012/01/30 22:37:10 | 001,158,818 | ---- | C] () -- C:\WINDOWS\System32\dllcache\korwbrkr.lex
[2012/01/30 22:36:39 | 000,059,392 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imscinst.exe
[2012/01/30 22:36:38 | 000,196,665 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imjpinst.exe
[2012/01/30 22:36:35 | 000,134,339 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imekr.lex
[2012/01/30 22:36:20 | 013,463,552 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hwxjpn.dll
[2012/01/30 22:36:13 | 000,108,827 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hanja.lex
[2012/01/30 22:36:06 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\dllcache\fpencode.dll
[2012/01/30 22:35:40 | 000,173,568 | ---- | C] () -- C:\WINDOWS\System32\dllcache\chtskf.dll
[2012/01/30 22:34:17 | 000,002,577 | ---- | C] () -- C:\WINDOWS\System32\CONFIG.NT
[2012/01/30 22:34:17 | 000,000,000 | RHS- | C] () -- C:\MSDOS.SYS
[2012/01/30 22:34:17 | 000,000,000 | RHS- | C] () -- C:\IO.SYS
[2012/01/30 22:34:17 | 000,000,000 | ---- | C] () -- C:\CONFIG.SYS
[2012/01/30 22:34:17 | 000,000,000 | ---- | C] () -- C:\AUTOEXEC.BAT
[2012/01/30 22:34:07 | 000,023,392 | ---- | C] () -- C:\WINDOWS\System32\nscompat.tlb
[2012/01/30 22:34:07 | 000,016,832 | ---- | C] () -- C:\WINDOWS\System32\amcompat.tlb
[2012/01/30 22:34:05 | 000,316,640 | ---- | C] () -- C:\WINDOWS\WMSysPr9.prx
[2012/01/30 22:31:54 | 000,000,786 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Windows Movie Maker.lnk
[2012/01/30 22:31:38 | 004,399,505 | ---- | C] () -- C:\WINDOWS\System32\dllcache\nls302en.lex
[2012/01/30 22:31:14 | 000,048,680 | -HS- | C] () -- C:\WINDOWS\winnt256.bmp
[2012/01/30 22:31:14 | 000,048,680 | -HS- | C] () -- C:\WINDOWS\winnt.bmp
[2012/01/30 22:31:06 | 000,000,984 | ---- | C] () -- C:\WINDOWS\System32\dllcache\srframe.mmf
[2012/01/30 22:30:11 | 000,376,832 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msinfo.dll
[2012/01/30 22:29:12 | 000,000,609 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Windows Messenger.lnk
[2012/01/30 22:29:10 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2012/01/30 22:28:37 | 000,001,986 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\MSN.lnk
[2012/01/30 22:27:33 | 000,009,522 | ---- | C] () -- C:\WINDOWS\Zapotec.bmp
[2012/01/30 22:27:32 | 000,065,954 | ---- | C] () -- C:\WINDOWS\Prairie Wind.bmp
[2012/01/30 22:27:32 | 000,065,832 | ---- | C] () -- C:\WINDOWS\Santa Fe Stucco.bmp
[2012/01/30 22:27:32 | 000,026,680 | ---- | C] () -- C:\WINDOWS\River Sumida.bmp
[2012/01/30 22:27:32 | 000,026,582 | ---- | C] () -- C:\WINDOWS\Greenstone.bmp
[2012/01/30 22:27:32 | 000,017,362 | ---- | C] () -- C:\WINDOWS\Rhododendron.bmp
[2012/01/30 22:27:32 | 000,017,336 | ---- | C] () -- C:\WINDOWS\Gone Fishing.bmp
[2012/01/30 22:27:32 | 000,017,062 | ---- | C] () -- C:\WINDOWS\Coffee Bean.bmp
[2012/01/30 22:27:32 | 000,016,730 | ---- | C] () -- C:\WINDOWS\FeatherTexture.bmp
[2012/01/30 22:27:31 | 000,065,978 | ---- | C] () -- C:\WINDOWS\Soap Bubbles.bmp
[2012/01/30 22:27:31 | 000,001,272 | ---- | C] () -- C:\WINDOWS\Blue Lace 16.bmp
[2012/01/30 22:27:07 | 000,003,286 | ---- | C] () -- C:\WINDOWS\System32\tslabels.h
[2012/01/30 22:27:07 | 000,001,161 | ---- | C] () -- C:\WINDOWS\System32\usrlogon.cmd
[2012/01/30 22:27:05 | 000,000,768 | ---- | C] () -- C:\WINDOWS\System32\msdtcprf.h
[2012/01/30 22:26:56 | 000,063,488 | ---- | C] () -- C:\WINDOWS\System32\wmimgmt.msc
[2011/07/26 17:26:48 | 000,030,568 | ---- | C] () -- C:\WINDOWS\MusiccityDownload.exe
[2011/07/26 17:26:46 | 000,974,848 | ---- | C] () -- C:\WINDOWS\System32\cis-2.4.dll
[2011/07/26 17:26:46 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\issacapi_bs-2.3.dll
[2011/07/26 17:26:46 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\issacapi_pe-2.3.dll
[2011/07/26 17:26:46 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\issacapi_se-2.3.dll
[2008/04/14 11:25:28 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin
[2006/12/31 13:27:08 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2001/08/23 17:30:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2001/08/23 17:30:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2001/08/23 17:30:00 | 000,442,830 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2001/08/23 17:30:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2001/08/23 17:30:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2001/08/23 17:30:00 | 000,069,738 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2001/08/23 17:30:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2001/08/23 17:30:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2001/08/23 17:30:00 | 000,004,463 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2001/08/23 17:30:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat

========== LOP Check ==========

[2012/01/31 14:02:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Last.fm
[2012/02/04 15:55:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Samsung
[2012/02/04 19:32:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\harsh\Application Data\DMCache
[2012/02/04 15:28:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\harsh\Application Data\GHISLER
[2012/02/01 15:40:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\harsh\Application Data\IDM
[2012/02/02 18:47:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\harsh\Application Data\PhotoScape
[2012/02/04 15:54:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\harsh\Application Data\Samsung
[2012/01/31 22:52:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\harsh\Application Data\TeamViewer
[2012/02/04 00:06:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\harsh\Application Data\uTorrent

========== Purity Check ==========



< End of report >


And this is the LOG of aswMBR.exe

aswMBR version 0.9.9.1532 Copyright© 2011 AVAST Software
Run date: 2012-02-04 19:37:49
-----------------------------
19:37:49.750 OS Version: Windows 5.1.2600 Service Pack 3
19:37:49.750 Number of processors: 2 586 0x605
19:37:49.750 ComputerName: HARSH-A1EC9736B UserName: harsh
19:37:50.234 Initialize success
19:39:16.296 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP1T0L0-6
19:39:16.296 Disk 0 Vendor: ST3250310AS 3.AAC Size: 238474MB BusType: 3
19:39:16.312 Disk 0 MBR read successfully
19:39:16.312 Disk 0 MBR scan
19:39:16.312 Disk 0 Windows XP default MBR code
19:39:16.312 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 49999 MB offset 63
19:39:16.312 Disk 0 Partition - 00 0F Extended LBA 188465 MB offset 102398310
19:39:16.328 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 49999 MB offset 102398373
19:39:16.328 Disk 0 Partition - 00 05 Extended 49999 MB offset 204796620
19:39:16.375 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 49999 MB offset 204796683
19:39:16.375 Disk 0 Partition - 00 05 Extended 49999 MB offset 409593240
19:39:16.390 Disk 0 Partition 4 00 07 HPFS/NTFS NTFS 49999 MB offset 307194993
19:39:16.390 Disk 0 Partition - 00 05 Extended 38468 MB offset 614389860
19:39:16.421 Disk 0 Partition 5 00 07 HPFS/NTFS NTFS 38468 MB offset 409593303
19:39:16.421 Disk 0 scanning sectors +488376000
19:39:16.484 Disk 0 scanning C:\WINDOWS\system32\drivers
19:39:19.500 Service scanning
19:39:20.359 Modules scanning
19:39:24.046 Disk 0 trace - called modules:
19:39:24.062
19:39:24.062 Scan finished successfully
19:39:29.093 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\harsh\Desktop\MBR.dat"
19:39:29.093 The log file has been saved successfully to "C:\Documents and Settings\harsh\Desktop\aswMBR.txt"



  • 0

#6
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
The registry blocks have re-appeared so I will need to look elsewhere on the computer

Download AVPTool from Here to your desktop

Run the programme you have just downloaded to your desktop (it will be randomly named )

First we will run a virus scan

Click the cog in the upper right
Posted Image


Select down to and including your main drive, once done select the Automatic scan tab and press Start Scan
Posted Image

Allow AVP to delete all infections found
Once it has finished select report tab (last tab)
Select Detected threats report from the left and press Save button
Save it to your desktop and attach to your next post


Now the Analysis

Rerun AVP and select the Manual Disinfection tab and press Start Gathering System Information

Posted Image

On completion click the link to locate the zip file to upload and attach to your next post

Posted Image
Megaupload
  • 0

#7
smoker05

smoker05

    New Member

  • Topic Starter
  • Member
  • Pip
  • 6 posts

The registry blocks have re-appeared so I will need to look elsewhere on the computer

Download AVPTool from Here to your desktop

Run the programme you have just downloaded to your desktop (it will be randomly named )

First we will run a virus scan

Click the cog in the upper right
Posted Image


Select down to and including your main drive, once done select the Automatic scan tab and press Start Scan
Posted Image

Allow AVP to delete all infections found
Once it has finished select report tab (last tab)
Select Detected threats report from the left and press Save button
Save it to your desktop and attach to your next post


Now the Analysis

Rerun AVP and select the Manual Disinfection tab and press Start Gathering System Information

Posted Image

On completion click the link to locate the zip file to upload and attach to your next post

Posted Image
Megaupload


after click on the link that you gave , it is actually not opening.. it is showing something like this:
Posted Image
And when i tried to click on " Try reloading: devbuilds.­kaspersky-­labs.­com/­devbuilds/­AVPTool/­ ", Still not opening.
Can you provide another link or you can upload the file somewhere.

  • 0

#8
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
OK I will use a different programme first and revisit this if necessary

Download and Install Combofix

Download ComboFix from one of the following locations:
Link 1
Link 2

VERY IMPORTANT !!! Save ComboFix.exe to your Desktop

* IMPORTANT - Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. If you have difficulty properly disabling your protective programs, refer to this link here
  • Double click on ComboFix.exe & follow the prompts.
  • Accept the disclaimer and allow to update if it asks
  • Allow the installation of the recovery console

    Posted Image

    Posted Image
  • When finished, it shall produce a log for you.
  • Please include the C:\ComboFix.txt in your next reply.

Notes:
1. Do not mouse-click Combofix's window while it is running. That may cause it to stall.
2. Do not "re-run" Combofix. If you have a problem, reply back for further instructions.
3. If after the reboot you get errors about programmes being marked for deletion then reboot, that will cure it.



Please make sure you include the combo fix log in your next reply as well as describe how your computer is running now
  • 0

#9
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP