Didn't forget - the scan took a long time, so I went to bed and was going to post them this morning ;-)
Internet is running alright now. Still have a black screen, though, which reverts to it each time the computer boots up.
Last OTL
This has disappeared overnight? It's not in the _otl folder.
I'll run it again.
[EDIT]
It was on the desktop. Here t'is
OTL logfile created on: 08/03/2012 22:56:47 - Run 4
OTL by OldTimer - Version 3.2.33.1 Folder = C:\Documents and Settings\Gitanjali\Desktop
Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy
1013.98 Mb Total Physical Memory | 328.82 Mb Available Physical Memory | 32.43% Memory free
2.39 Gb Paging File | 1.82 Gb Available in Paging File | 76.29% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 55.89 Gb Total Space | 36.65 Gb Free Space | 65.57% Space Free | Partition Type: NTFS
Computer Name: YOUR-E659457A65 | User Name: Gitanjali | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ========== PRC - [2012/03/08 14:28:54 | 001,049,072 | ---- | M] (Google Inc.) -- C:\Documents and Settings\Gitanjali\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
PRC - [2012/03/04 14:51:43 | 000,180,648 | ---- | M] (Google Inc.) -- C:\Documents and Settings\Gitanjali\Local Settings\Application Data\Google\Update\1.3.21.99\GoogleCrashHandler.exe
PRC - [2012/03/04 14:40:07 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
PRC - [2012/03/04 14:40:06 | 004,617,600 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
PRC - [2012/02/22 19:19:40 | 000,583,168 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Gitanjali\Desktop\OTL.scr
PRC - [2012/01/13 14:53:18 | 000,652,360 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2008/04/14 00:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/07/16 11:58:02 | 001,524,512 | ---- | M] (Cisco Systems, Inc.) -- C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
PRC - [2007/02/04 14:26:17 | 001,174,152 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
PRC - [2006/08/25 12:47:12 | 000,356,352 | ---- | M] (TOSHIBA) -- C:\Program Files\Toshiba\TOSHIBA Applet\THotkey.exe
PRC - [2006/07/25 18:03:42 | 000,100,032 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
PRC - [2006/05/19 19:13:38 | 000,798,720 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\Toshiba\ConfigFree\CFSServ.exe
PRC - [2006/03/16 20:58:50 | 000,974,848 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\Toshiba\ConfigFree\NDSTray.exe
PRC - [2006/03/02 22:50:52 | 000,151,552 | ---- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\Toshiba.exe
PRC - [2006/02/07 15:30:40 | 000,035,840 | ---- | M] (TOSHIBA Corp.) -- C:\Program Files\Toshiba\TOSHIBA Applet\TAPPSRV.exe
PRC - [2006/02/02 11:11:38 | 000,073,728 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\Toshiba\Tvs\TvsTray.exe
PRC - [2005/05/12 09:31:38 | 000,118,784 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\Toshiba\TOSHIBA Zooming Utility\SmoothView.exe
PRC - [2005/04/11 10:26:06 | 000,065,536 | ---- | M] (TOSHIBA) -- C:\Program Files\Toshiba\TOSCDSPD\TOSCDSPD.exe
PRC - [2005/01/17 23:38:38 | 000,040,960 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\Toshiba\ConfigFree\CFSvcs.exe
PRC - [2004/06/10 12:48:04 | 000,286,720 | ---- | M] () -- C:\WINDOWS\vsnpstd.exe
========== Modules (No Company Name) ========== MOD - [2012/03/08 14:28:52 | 000,429,040 | ---- | M] () -- C:\Documents and Settings\Gitanjali\Local Settings\Application Data\Google\Chrome\Application\17.0.963.78\ppgooglenaclpluginchrome.dll
MOD - [2012/03/08 14:28:51 | 003,772,912 | ---- | M] () -- C:\Documents and Settings\Gitanjali\Local Settings\Application Data\Google\Chrome\Application\17.0.963.78\pdf.dll
MOD - [2012/03/08 14:27:26 | 000,122,880 | ---- | M] () -- C:\Documents and Settings\Gitanjali\Local Settings\Application Data\Google\Chrome\Application\17.0.963.78\avutil-51.dll
MOD - [2012/03/08 14:27:24 | 000,220,672 | ---- | M] () -- C:\Documents and Settings\Gitanjali\Local Settings\Application Data\Google\Chrome\Application\17.0.963.78\avformat-53.dll
MOD - [2012/03/08 14:27:23 | 001,747,456 | ---- | M] () -- C:\Documents and Settings\Gitanjali\Local Settings\Application Data\Google\Chrome\Application\17.0.963.78\avcodec-53.dll
MOD - [2012/03/08 09:39:20 | 008,593,056 | ---- | M] () -- C:\Documents and Settings\Gitanjali\Local Settings\Application Data\Google\Chrome\Application\17.0.963.78\gcswf32.dll
MOD - [2007/07/16 11:58:10 | 000,197,408 | ---- | M] () -- C:\WINDOWS\system32\vpnapi.dll
MOD - [2006/01/04 17:14:36 | 000,049,152 | ---- | M] () -- C:\Program Files\Toshiba\TOSHIBA Applet\TouchPad_ONOFF.dll
MOD - [2004/07/20 16:04:00 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\TosBtHcrpAPI.dll
MOD - [2004/06/10 12:48:04 | 000,286,720 | ---- | M] () -- C:\WINDOWS\vsnpstd.exe
========== Win32 Services (SafeList) ========== SRV - [2012/03/04 14:40:07 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCORE.EXE -- (!SASCORE)
SRV - [2012/01/13 14:53:18 | 000,652,360 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2011/06/26 06:45:56 | 000,256,000 | R--- | M] () [Auto | Stopped] -- C:\ComboFix\pev.3XE -- (PEVSystemStart)
SRV - [2009/01/07 18:21:00 | 000,026,144 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\system32\spupdsvc.exe -- (spupdsvc)
SRV - [2007/07/16 11:58:02 | 001,524,512 | ---- | M] (Cisco Systems, Inc.) [Auto | Running] -- C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe -- (CVPND)
SRV - [2007/02/04 14:26:17 | 001,174,152 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe -- (Symantec Core LC)
SRV - [2006/07/25 18:03:42 | 002,119,360 | ---- | M] (Symantec Corporation) [Disabled | Stopped] -- C:\Program Files\Symantec\LiveUpdate\LuComServer_3_0.EXE -- (LiveUpdate)
SRV - [2006/07/25 18:03:42 | 000,100,032 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe -- (Automatic LiveUpdate Scheduler)
SRV - [2006/02/07 15:30:40 | 000,035,840 | ---- | M] (TOSHIBA Corp.) [Auto | Running] -- C:\Program Files\Toshiba\TOSHIBA Applet\TAPPSRV.exe -- (TAPPSRV)
SRV - [2005/01/17 23:38:38 | 000,040,960 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files\Toshiba\ConfigFree\CFSvcs.exe -- (CFSvcs)
SRV - [2001/11/12 12:31:48 | 000,020,480 | ---- | M] (X10) [Disabled | Stopped] -- C:\Program Files\Common Files\X10\Common\X10nets.exe -- (x10nets)
========== Driver Services (SafeList) ========== DRV - [2012/03/04 14:40:02 | 000,067,664 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2012/03/04 14:40:01 | 000,012,880 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS -- (SASDIFSV)
DRV - [2012/03/04 14:38:14 | 000,012,872 | ---- | M] ( SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | On_Demand | Stopped] -- C:\Program Files\SUPERAntiSpyware\SASENUM.SYS -- (SASENUM)
DRV - [2011/12/10 15:24:06 | 000,020,464 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2008/12/08 00:02:43 | 000,032,768 | ---- | M] () [Kernel | Boot | Stopped] -- C:\WINDOWS\System32\Drivers\ati0dkxx.sys -- (ati0dkxx)
DRV - [2007/07/16 11:57:12 | 000,306,299 | ---- | M] (Cisco Systems, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\CVPNDRVA.sys -- (CVPNDRVA)
DRV - [2007/02/06 09:00:00 | 000,383,800 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2007/01/31 13:45:06 | 000,127,376 | ---- | M] (Deterministic Networks, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\dne2000.sys -- (DNE)
DRV - [2007/01/18 15:28:02 | 000,005,275 | ---- | M] (Cisco Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\CVirtA.sys -- (CVirtA)
DRV - [2006/09/14 11:19:03 | 000,010,344 | ---- | M] (Symantec Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\symlcbrd.sys -- (symlcbrd)
DRV - [2006/05/30 15:42:52 | 000,045,696 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Tvs.sys -- (Tvs)
DRV - [2006/05/05 14:13:52 | 004,271,616 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.Sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2006/04/02 00:46:28 | 000,471,264 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ar5211.sys -- (AR5211)
DRV - [2006/03/22 06:56:24 | 001,522,688 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2005/12/13 16:08:44 | 001,124,097 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2005/11/30 17:12:00 | 000,162,560 | ---- | M] (Texas Instruments) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tifm21.sys -- (tifm21)
DRV - [2005/11/28 09:45:16 | 000,007,040 | ---- | M] (X10 Wireless Technology, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\x10hid.sys -- (X10Hid)
DRV - [2005/10/20 13:03:42 | 000,006,144 | ---- | M] (Toshiba Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NBSMI.sys -- (TVALD)
DRV - [2005/10/06 04:20:00 | 000,094,332 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAUDFAM.SYS -- (DLAUDFAM)
DRV - [2005/10/06 04:20:00 | 000,087,036 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAUDF_M.SYS -- (DLAUDF_M)
DRV - [2005/10/06 04:20:00 | 000,086,524 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAIFS_M.SYS -- (DLAIFS_M)
DRV - [2005/10/06 04:20:00 | 000,025,628 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLABOIOM.SYS -- (DLABOIOM)
DRV - [2005/10/06 04:20:00 | 000,014,684 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAOPIOM.SYS -- (DLAOPIOM)
DRV - [2005/10/06 04:20:00 | 000,006,364 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAPoolM.SYS -- (DLAPoolM)
DRV - [2005/10/06 04:20:00 | 000,002,496 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLADResN.SYS -- (DLADResN)
DRV - [2005/09/09 13:47:10 | 000,009,344 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tosrfec.sys -- (tosrfec)
DRV - [2005/08/25 11:16:52 | 000,005,628 | ---- | M] (Sonic Solutions) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\DLACDBHM.SYS -- (DLACDBHM)
DRV - [2005/08/25 11:16:16 | 000,022,684 | ---- | M] (Sonic Solutions) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\DLARTL_N.SYS -- (DLARTL_N)
DRV - [2005/01/26 09:22:20 | 000,280,344 | ---- | M] (Zone Labs LLC) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\vsdatant.sys -- (vsdatant)
DRV - [2004/06/11 09:31:00 | 000,330,880 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\snpstd.sys -- (snpstd)
DRV - [2004/03/08 12:55:50 | 000,013,567 | ---- | M] (B.H.A Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\CDRBSDRV.SYS -- (cdrbsdrv)
DRV - [2003/09/19 00:47:00 | 000,010,368 | ---- | M] (Padus, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\pfc.sys -- (Pfc)
DRV - [2003/01/29 21:35:00 | 000,012,032 | ---- | M] (TOSHIBA Corporation.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\Netdevio.sys -- (Netdevio)
========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar =
http://uk.red.client...fo/bt_side.htmlIE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomSearch =
http://uk.red.client...fo/bt_side.html IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://www.google.com/ieIE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Yahoo! Search
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL =
http://search.yahoo....=utf-8&fr=b1ie7IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://www.yahoo.co.uk/IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL =
http://www.google.com/ieIE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =
http://www.google.comIE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ========== FF - prefs.js..browser.startup.homepage: "
http://uk.yahoo.com"FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:1.0
FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:1.5.2.20080717
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Content Upload Plugin,version=1.0.0: C:\Program Files\DivX\DivX Content Uploader\npUpload.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll (DivX, Inc)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.3: C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.69: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=1.0.3.69: C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.69: C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@veoh.com/VeohPlayer: C:\Program Files\Veoh Networks\Veoh\Plugins\noreg\NPVeohVersion.dll (Veoh Networks Inc)
FF - HKCU\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\Gitanjali\Local Settings\Application Data\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\Gitanjali\Local Settings\Application Data\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Program Files\Real\RealPlayer\browserrecord [2008/10/05 19:50:52 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.0.5\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2009/01/16 22:10:56 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.0.5\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2008/12/30 19:31:03 | 000,000,000 | ---D | M]
[2008/08/30 21:09:14 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Gitanjali\Application Data\Mozilla\Extensions
[2012/03/03 18:31:00 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Gitanjali\Application Data\Mozilla\Firefox\Profiles\qk17jzoj.default\extensions
[2008/09/02 07:42:39 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Documents and Settings\Gitanjali\Application Data\Mozilla\Firefox\Profiles\qk17jzoj.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2008/09/02 08:06:34 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2008/10/05 19:50:52 | 000,000,000 | ---D | M] (RealPlayer Browser Record Plugin) -- C:\PROGRAM FILES\REAL\REALPLAYER\BROWSERRECORD
[2007/06/11 13:34:00 | 002,115,816 | ---- | M] () -- C:\Program Files\mozilla firefox\plugins\NPSWF32.dll
[2008/12/30 19:31:00 | 000,001,538 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-en-GB.xml
[2008/12/30 19:31:00 | 000,000,947 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\chambers-en-GB.xml
[2008/12/30 19:31:00 | 000,000,759 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-en-GB.xml
[2008/12/30 19:31:00 | 000,000,831 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-en-GB.xml
========== Chrome ========== CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Documents and Settings\Gitanjali\Local Settings\Application Data\Google\Chrome\Application\17.0.963.78\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Documents and Settings\Gitanjali\Local Settings\Application Data\Google\Chrome\Application\17.0.963.78\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Documents and Settings\Gitanjali\Local Settings\Application Data\Google\Chrome\Application\17.0.963.78\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Mozilla Firefox\plugins\NPSWF32.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Acrobat 7.0\Reader\Browser\nppdf32.dll
CHR - plugin: DivX Web Player (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npdivx32.dll
CHR - plugin: DivX Player Netscape Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npDivxPlayerPlugin.dll
CHR - plugin: RealPlayer G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nppl3260.dll
CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nprpjplug.dll
CHR - plugin: RealJukebox NS Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nprjplug.dll
CHR - plugin: Google Update (Enabled) = C:\Documents and Settings\Gitanjali\Local Settings\Application Data\Google\Update\1.3.21.99\npGoogleUpdate3.dll
CHR - plugin: DivX\u00AE Content Upload Plugin (Enabled) = C:\Program Files\DivX\DivX Content Uploader\npUpload.dll
CHR - plugin: NPVeohVersion4 plugin (Enabled) = C:\Program Files\Veoh Networks\Veoh\Plugins\noreg\NPVeohVersion.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: YouTube = C:\Documents and Settings\Gitanjali\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google Search = C:\Documents and Settings\Gitanjali\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.17_0\
CHR - Extension: Gmail = C:\Documents and Settings\Gitanjali\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
O1 HOSTS File: ([2012/03/04 12:00:56 | 000,000,098 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKLM\..\Toolbar: (MSN Search Toolbar) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\msntb.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (Veoh Browser Plug-in) - {D0943516-5076-4020-A3B5-AEFAF26AB263} - C:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll (Veoh Networks Inc)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (MSN Search Toolbar) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\msntb.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O4 - HKLM..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe" File not found
O4 - HKLM..\Run: [CFSServ.exe] CFSServ.exe -NoClient File not found
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [NDSTray.exe] NDSTray.exe File not found
O4 - HKLM..\Run: [SmoothView] C:\Program Files\Toshiba\TOSHIBA Zooming Utility\SmoothView.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [snpstd] C:\WINDOWS\vsnpstd.exe ()
O4 - HKLM..\Run: [THotkey] C:\Program Files\Toshiba\TOSHIBA Applet\THotkey.exe (TOSHIBA)
O4 - HKLM..\Run: [Tvs] C:\Program Files\Toshiba\Tvs\TvsTray.exe (TOSHIBA Corporation)
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE (SUPERAntiSpyware.com)
O4 - HKCU..\Run: [TOSCDSPD] C:\Program Files\Toshiba\TOSCDSPD\TOSCDSPD.exe (TOSHIBA)
O4 - HKCU..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
O4 - HKLM..\RunOnce: [NoIE4StubProcessing] C:\WINDOWS\system32\reg.exe DELETE "HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components" /v "NoIE4StubProcessing" /f File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallVisualStyle = C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles (Microsoft)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallTheme = C:\WINDOWS\Resources\Themes\Royale.theme ()
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: &MSN Search - C:\Program Files\MSN Toolbar Suite\msntb.dll (Microsoft Corporation)
O8 - Extra context menu item: Open in new background tab - C:\Program Files\MSN Toolbar Suite\en-gb\msntabres.dll.mui (Microsoft Corporation)
O8 - Extra context menu item: Open in new foreground tab - C:\Program Files\MSN Toolbar Suite\en-gb\msntabres.dll.mui (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\NPJPI150_06.dll (Sun Microsystems, Inc.)
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B}
http://www.apple.com...ex/qtplugin.cab (QuickTime Object)
O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A}
http://housecall65.t...ivex/hcImpl.cab (Trend Micro ActiveX Scan Agent 6.6)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\yinsthelper.dll (YInstStarter Class)
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24}
http://messenger.zon...1/GAME_UNO1.cab (UnoCtrl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0_06)
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1}
http://acs.pandasoft...free/asinst.cab (ActiveScan Installer Class)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072}
http://messenger.zon...nt.cab56907.cab (MessengerStatsClient Class)
O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0_06)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0_06)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000}
http://download.macr...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48}
http://messenger.zon...er.cab56986.cab (Minesweeper Flags Class)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{23ACFFD4-5923-4153-96CB-CA88E2D6379C}: DhcpNameServer = 192.168.0.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - (C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL) - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop WallPaper:
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/13 14:00:59 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{541346ae-6cea-11dc-8048-0018de7dc467}\Shell - "" = AutoRun
O33 - MountPoints2\{541346ae-6cea-11dc-8048-0018de7dc467}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{541346ae-6cea-11dc-8048-0018de7dc467}\Shell\AutoRun\command - "" = E:\LaunchU3.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (stera)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKCU\...com [@ = comfile] -- Reg Error: Key error. File not found
MsConfig - Services: "x10nets"
MsConfig - Services: "LiveUpdate"
MsConfig - StartUpFolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe - (Adobe Systems Incorporated)
MsConfig - StartUpFolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office\OSA9.EXE - (Microsoft Corporation)
MsConfig - StartUpFolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Picture Package Menu.lnk - C:\Program Files\Sony Corporation\Picture Package\Picture Package Menu\SonyTray.exe - (Sony Corporation)
MsConfig - StartUpFolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Picture Package VCD Maker.lnk - C:\Program Files\Sony Corporation\Picture Package\Picture Package Applications\Residence.exe - (Sony Corporation.)
MsConfig - StartUpFolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^VPN Client.lnk - C:\WINDOWS\Installer\{14FCFE7C-AB86-428A-9D2E-BFB6F5A7AA6E}\Icon3E5562ED7.ico - ()
MsConfig - StartUpFolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Windows Desktop Search.lnk - C:\Program Files\Windows Desktop Search\WindowsSearch.exe - (Microsoft Corporation)
MsConfig - StartUpFolder: C:^Documents and Settings^Gitanjali^Start Menu^Programs^Startup^Microsoft Office OneNote 2003 Quick Launch.lnk - C:\Program Files\Microsoft Office\OFFICE11\ONENOTEM.EXE - (Microsoft Corporation)
MsConfig - StartUpReg:
AGRSMMSG - hkey= - key= - C:\WINDOWS\agrsmmsg.exe (Agere Systems)
MsConfig - StartUpReg:
Alcmtr - hkey= - key= - C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.)
MsConfig - StartUpReg:
Antispyware - hkey= - key= - File not found
MsConfig - StartUpReg:
Antivirus Pro 2009 - hkey= - key= - File not found
MsConfig - StartUpReg:
AVG7_CC - hkey= - key= - File not found
MsConfig - StartUpReg:
brastk - hkey= - key= - File not found
MsConfig - StartUpReg:
ctfmon.exe - hkey= - key= - File not found
MsConfig - StartUpReg:
DLA - hkey= - key= - File not found
MsConfig - StartUpReg:
ehTray - hkey= - key= - C:\WINDOWS\ehome\ehtray.exe (Microsoft Corporation)
MsConfig - StartUpReg:
eyeBeam SIP Client - hkey= - key= - File not found
MsConfig - StartUpReg:
msnmsgr - hkey= - key= - C:\Program Files\MSN Messenger\msnmsgr.exe (Microsoft Corporation)
MsConfig - StartUpReg:
Picasa Media Detector - hkey= - key= - C:\Program Files\Picasa2\PicasaMediaDetector.exe (Google Inc.)
MsConfig - StartUpReg:
QuickTime Task - hkey= - key= - C:\Program Files\QuickTime\qttask.exe (Apple Inc.)
MsConfig - StartUpReg:
RTHDCPL - hkey= - key= - C:\WINDOWS\RTHDCPL.exe (Realtek Semiconductor Corp.)
MsConfig - StartUpReg:
Skype - hkey= - key= - C:\Program Files\Skype\Phone\Skype.exe (Skype Technologies S.A.)
MsConfig - StartUpReg:
SUPERAntiSpyware - hkey= - key= - C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE (SUPERAntiSpyware.com)
MsConfig - StartUpReg:
TFncKy - hkey= - key= - File not found
MsConfig - StartUpReg:
TkBellExe - hkey= - key= - C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
MsConfig - StartUpReg:
TPSMain - hkey= - key= - File not found
MsConfig - StartUpReg:
UserFaultCheck - hkey= - key= - File not found
MsConfig - StartUpReg:
Veoh - hkey= - key= - C:\Program Files\Veoh Networks\Veoh\VeohClient.exe (Veoh Networks)
MsConfig - StartUpReg:
Yahoo! Pager - hkey= - key= - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
MsConfig - State: "system.ini" - 0
MsConfig - State: "win.ini" - 0
MsConfig - State: "bootini" - 0
MsConfig - State: "services" - 2
MsConfig - State: "startup" - 2
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
========== Files/Folders - Created Within 30 Days ========== [2012/03/08 22:04:52 | 000,000,000 | ---D | C] -- C:\WINDOWS\ie8updates
[2012/03/08 22:04:26 | 000,743,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iedvtool.dll
[2012/03/08 22:01:46 | 000,000,000 | -H-D | C] -- C:\WINDOWS\ie8
[2012/03/08 21:50:16 | 000,000,000 | ---D | C] -- C:\WINDOWS\LastGood
[2012/03/07 10:23:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Gitanjali\My Documents\Downloads
[2012/03/07 08:18:16 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2012/03/06 16:52:31 | 000,953,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mfc40u.dll
[2012/03/06 16:51:42 | 000,617,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comctl32.dll
[2012/03/06 16:51:26 | 000,471,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aclayers.dll
[2012/03/06 16:50:04 | 000,744,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\helpsvc.exe
[2012/03/06 16:49:44 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ndproxy.sys
[2012/03/06 16:48:53 | 000,119,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\t2embed.dll
[2012/03/06 16:48:53 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fontsub.dll
[2012/03/06 16:46:44 | 000,139,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdpwd.sys
[2012/03/06 16:46:40 | 000,105,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mup.sys
[2012/03/06 16:33:38 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\browserchoice.exe
[2012/03/06 16:25:36 | 003,558,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\moviemk.exe
[2012/03/06 16:22:13 | 000,010,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ndistapi.sys
[2012/03/06 16:21:33 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wab.exe
[2012/03/06 16:19:18 | 000,590,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rpcrt4.dll
[2012/03/04 15:40:25 | 000,000,000 | --SD | C] -- C:\ComboFix
[2012/03/04 15:17:41 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2012/03/04 15:11:27 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2012/03/04 14:58:47 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\scripting
[2012/03/04 14:58:46 | 000,000,000 | ---D | C] -- C:\WINDOWS\l2schemas
[2012/03/04 14:58:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\en
[2012/03/04 14:58:44 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\bits
[2012/03/04 14:54:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Gitanjali\Start Menu\Programs\Google Chrome
[2012/03/04 14:54:09 | 000,000,000 | ---D | C] -- C:\WINDOWS\ServicePackFiles
[2012/03/04 14:44:59 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$NtServicePackUninstall$
[2012/03/04 13:01:27 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2012/03/04 12:52:19 | 000,000,000 | ---D | C] -- C:\WINDOWS\temp
[2012/03/04 12:19:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012/03/04 12:19:13 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2012/03/04 12:17:45 | 000,020,464 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2012/03/04 12:17:30 | 009,502,424 | ---- | C] (Malwarebytes Corporation ) -- C:\Documents and Settings\Gitanjali\Desktop\mbam--setup-1.60.1.1000-1.exe
[2012/02/26 09:58:28 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2009/01/15 20:23:23 | 002,149,870 | -H-- | C] () -- C:\Documents and Settings\Gitanjali\Local Settings\Application Data\IconCache.db
[2009/01/14 21:01:43 | 000,009,758 | ---- | C] () -- C:\Documents and Settings\Gitanjali\Application Data\update_sp2v1.cab
[2009/01/13 23:04:57 | 000,006,714 | ---- | C] () -- C:\Documents and Settings\Gitanjali\Application Data\update_sp2v2.cab
[2009/01/10 14:24:50 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Gitanjali\Application Data\update_sp1v2.cab
[2009/01/10 14:24:39 | 000,051,322 | ---- | C] () -- C:\Documents and Settings\Gitanjali\Application Data\update_sp1v1.cab
[2008/11/05 23:56:14 | 000,018,291 | ---- | C] () -- C:\Documents and Settings\Gitanjali\Local Settings\Application Data\amisudy.bin
[2008/11/05 23:56:14 | 000,013,391 | ---- | C] () -- C:\Documents and Settings\Gitanjali\Local Settings\Application Data\cevebe.vbs
[2008/11/05 23:56:14 | 000,010,968 | ---- | C] () -- C:\Documents and Settings\Gitanjali\Local Settings\Application Data\emusivyfu.lib
[2008/11/05 23:56:14 | 000,010,898 | ---- | C] () -- C:\Documents and Settings\Gitanjali\Local Settings\Application Data\pawagulowu.db
[2007/10/26 16:05:04 | 000,000,022 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\60a7806a-0eea-424c-a464-20f4730cd631
[2007/07/25 20:12:40 | 000,000,606 | ---- | C] () -- C:\Documents and Settings\Gitanjali\Application Data\wklnhst.dat
[2007/06/10 18:11:10 | 000,014,848 | ---- | C] () -- C:\Documents and Settings\Gitanjali\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2006/12/10 15:40:53 | 000,001,112 | ---- | C] () -- C:\Documents and Settings\Gitanjali\Application Data\ViewerApp.dat
[2006/11/19 18:25:59 | 000,034,680 | ---- | C] () -- C:\Documents and Settings\Gitanjali\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2006/11/19 18:25:59 | 000,000,132 | ---- | C] () -- C:\Documents and Settings\Gitanjali\Local Settings\Application Data\fusioncache.dat
[44 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[29 C:\WINDOWS\System32\dllcache\*.tmp files -> C:\WINDOWS\System32\dllcache\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
========== Files - Modified Within 30 Days ========== [2012/03/08 22:56:01 | 000,000,994 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1117873250-2043491756-2107761034-1005UA.job
[2012/03/08 22:07:04 | 000,001,355 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2012/03/08 22:04:17 | 000,000,949 | ---- | M] () -- C:\WINDOWS\System32\spupdsvc.inf
[2012/03/08 21:58:23 | 000,002,316 | ---- | M] () -- C:\Documents and Settings\Gitanjali\Desktop\Google Chrome.lnk
[2012/03/08 21:58:23 | 000,002,294 | ---- | M] () -- C:\Documents and Settings\Gitanjali\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2012/03/08 21:53:14 | 000,409,772 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012/03/08 21:53:14 | 000,065,846 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012/03/08 21:49:09 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012/03/08 21:48:22 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012/03/08 21:48:15 | 1063,309,312 | -HS- | M] () -- C:\hiberfil.sys
[2012/03/07 14:56:00 | 000,000,942 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1117873250-2043491756-2107761034-1005Core.job
[2012/03/07 08:46:04 | 000,230,392 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012/03/07 08:17:39 | 002,001,466 | ---- | M] () -- C:\WINDOWS\iis6.BAK
[2012/03/04 15:17:49 | 000,000,325 | RHS- | M] () -- C:\boot.ini
[2012/03/04 14:49:52 | 000,250,048 | RHS- | M] () -- C:\ntldr
[2012/03/04 14:00:28 | 004,425,722 | R--- | M] (Swearware) -- C:\Documents and Settings\Gitanjali\Desktop\ComboFix.exe
[2012/03/04 13:13:10 | 009,502,424 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\Gitanjali\Desktop\mbam--setup-1.60.1.1000-1.exe
[2012/03/04 12:19:16 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2012/03/04 12:00:56 | 000,000,098 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\Hosts
[2012/03/04 11:54:30 | 000,337,137 | ---- | M] () -- C:\Documents and Settings\Gitanjali\Desktop\FSS.exe
[2012/02/23 22:05:56 | 001,251,328 | ---- | M] () -- C:\Documents and Settings\Gitanjali\Desktop\RogueKiller.exe
[2012/02/22 19:19:40 | 000,583,168 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Gitanjali\Desktop\OTL.scr
[2012/02/22 18:30:34 | 000,318,369 | ---- | M] () -- C:\Documents and Settings\Gitanjali\Desktop\HiJackThis.zip
[44 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[29 C:\WINDOWS\System32\dllcache\*.tmp files -> C:\WINDOWS\System32\dllcache\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
========== Files Created - No Company Name ========== [2012/03/08 21:53:04 | 000,000,949 | ---- | C] () -- C:\WINDOWS\System32\spupdsvc.inf
[2012/03/06 16:22:11 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2012/03/06 16:22:11 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\dllcache\iacenc.dll
[2012/03/04 15:17:49 | 000,000,209 | ---- | C] () -- C:\Boot.bak
[2012/03/04 15:17:44 | 000,260,272 | RHS- | C] () -- C:\cmldr
[2012/03/04 14:55:00 | 000,002,316 | ---- | C] () -- C:\Documents and Settings\Gitanjali\Desktop\Google Chrome.lnk
[2012/03/04 14:55:00 | 000,002,294 | ---- | C] () -- C:\Documents and Settings\Gitanjali\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2012/03/04 14:51:50 | 000,000,994 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1117873250-2043491756-2107761034-1005UA.job
[2012/03/04 14:51:48 | 000,000,942 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1117873250-2043491756-2107761034-1005Core.job
[2012/03/04 13:45:42 | 1063,309,312 | -HS- | C] () -- C:\hiberfil.sys
[2012/03/04 12:19:16 | 000,000,784 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2012/03/04 12:00:32 | 000,337,137 | ---- | C] () -- C:\Documents and Settings\Gitanjali\Desktop\FSS.exe
[2012/02/26 09:58:28 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2012/02/26 09:58:28 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
========== Custom Scans ========== < etsvcs > < %SYSTEMDRIVE%\*.* >[2006/09/13 14:00:59 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2009/01/19 00:43:39 | 000,000,209 | ---- | M] () -- C:\Boot.bak
[2012/03/04 15:17:49 | 000,000,325 | RHS- | M] () -- C:\boot.ini
[2004/08/03 23:00:00 | 000,260,272 | RHS- | M] () -- C:\cmldr
[2006/09/13 14:00:59 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2007/02/04 22:37:27 | 000,000,000 | ---- | M] () -- C:\DBS.TXT
[2012/03/08 21:48:15 | 1063,309,312 | -HS- | M] () -- C:\hiberfil.sys
[2008/10/12 16:51:54 | 000,921,624 | ---- | M] () -- C:\img1-001.raw
[2006/09/13 14:00:59 | 000,000,000 | R-S- | M] () -- C:\IO.SYS
[2006/11/27 17:33:08 | 000,000,327 | ---- | M] () -- C:\IPH.PH
[2006/09/13 14:00:59 | 000,000,000 | R-S- | M] () -- C:\MSDOS.SYS
[2004/08/10 12:00:00 | 000,047,564 | R-S- | M] () -- C:\NTDETECT.COM
[2012/03/04 14:49:52 | 000,250,048 | RHS- | M] () -- C:\ntldr
[2012/03/08 21:48:14 | 1598,029,824 | -HS- | M] () -- C:\pagefile.sys
[2009/02/01 23:15:11 | 000,030,720 | ---- | M] () -- C:\r.doc
[2007/04/14 13:42:43 | 000,000,268 | ---- | M] () -- C:\sqmdata00.sqm
[2007/04/22 17:32:10 | 000,000,304 | ---- | M] () -- C:\sqmdata01.sqm
[2007/04/27 00:54:57 | 000,000,268 | ---- | M] () -- C:\sqmdata02.sqm
[2007/04/27 06:19:11 | 000,000,268 | ---- | M] () -- C:\sqmdata03.sqm
[2007/04/27 13:32:07 | 000,000,268 | ---- | M] () -- C:\sqmdata04.sqm
[2007/04/27 15:07:52 | 000,000,268 | ---- | M] () -- C:\sqmdata05.sqm
[2007/04/28 02:34:57 | 000,000,268 | ---- | M] () -- C:\sqmdata06.sqm
[2007/05/18 21:09:35 | 000,000,268 | ---- | M] () -- C:\sqmdata07.sqm
[2007/05/21 14:50:46 | 000,000,268 | ---- | M] () -- C:\sqmdata08.sqm
[2007/08/28 21:07:34 | 000,000,268 | ---- | M] () -- C:\sqmdata09.sqm
[2008/02/24 01:32:29 | 000,000,232 | ---- | M] () -- C:\sqmdata10.sqm
[2008/03/27 20:01:13 | 000,000,232 | ---- | M] () -- C:\sqmdata11.sqm
[2008/03/27 20:01:41 | 000,000,232 | ---- | M] () -- C:\sqmdata12.sqm
[2008/03/27 20:03:18 | 000,000,232 | ---- | M] () -- C:\sqmdata13.sqm
[2008/03/27 20:07:48 | 000,000,232 | ---- | M] () -- C:\sqmdata14.sqm
[2007/03/12 21:39:29 | 000,000,232 | ---- | M] () -- C:\sqmdata15.sqm
[2007/03/12 21:39:29 | 000,000,232 | ---- | M] () -- C:\sqmdata16.sqm
[2007/03/12 21:39:29 | 000,000,232 | ---- | M] () -- C:\sqmdata17.sqm
[2007/03/13 01:08:39 | 000,000,268 | ---- | M] () -- C:\sqmdata18.sqm
[2007/04/14 12:22:38 | 000,000,268 | ---- | M] () -- C:\sqmdata19.sqm
[2007/04/14 13:42:43 | 000,000,244 | ---- | M] () -- C:\sqmnoopt00.sqm
[2007/04/22 17:32:10 | 000,000,244 | ---- | M] () -- C:\sqmnoopt01.sqm
[2007/04/27 00:54:57 | 000,000,244 | ---- | M] () -- C:\sqmnoopt02.sqm
[2007/04/27 06:19:11 | 000,000,244 | ---- | M] () -- C:\sqmnoopt03.sqm
[2007/04/27 13:32:07 | 000,000,244 | ---- | M] () -- C:\sqmnoopt04.sqm
[2007/04/27 15:07:52 | 000,000,244 | ---- | M] () -- C:\sqmnoopt05.sqm
[2007/04/28 02:34:57 | 000,000,244 | ---- | M] () -- C:\sqmnoopt06.sqm
[2007/05/18 21:09:35 | 000,000,244 | ---- | M] () -- C:\sqmnoopt07.sqm
[2007/05/21 14:50:46 | 000,000,244 | ---- | M] () -- C:\sqmnoopt08.sqm
[2007/08/28 21:07:34 | 000,000,244 | ---- | M] () -- C:\sqmnoopt09.sqm
[2007/08/28 21:07:34 | 000,000,244 | ---- | M] () -- C:\sqmnoopt10.sqm
[2008/02/24 01:32:29 | 000,000,244 | ---- | M] () -- C:\sqmnoopt11.sqm
[2008/03/27 20:01:13 | 000,000,244 | ---- | M] () -- C:\sqmnoopt12.sqm
[2008/03/27 20:01:41 | 000,000,244 | ---- | M] () -- C:\sqmnoopt13.sqm
[2008/03/27 20:03:18 | 000,000,244 | ---- | M] () -- C:\sqmnoopt14.sqm
[2008/03/27 20:07:48 | 000,000,244 | ---- | M] () -- C:\sqmnoopt15.sqm
[2007/03/12 21:39:29 | 000,000,244 | ---- | M] () -- C:\sqmnoopt16.sqm
[2007/03/12 21:39:29 | 000,000,244 | ---- | M] () -- C:\sqmnoopt17.sqm
[2007/03/13 01:08:39 | 000,000,244 | ---- | M] () -- C:\sqmnoopt18.sqm
[2007/04/14 12:22:38 | 000,000,244 | ---- | M] () -- C:\sqmnoopt19.sqm
[2009/02/01 23:15:22 | 000,022,016 | ---- | M] () -- C:\Summary of arguments.doc
[2006/09/21 00:34:59 | 000,000,388 | ---- | M] () -- C:\SWSTAMP.TXT
[2009/01/20 00:12:12 | 000,000,135 | ---- | M] () -- C:\VundoFix.txt
[2008/08/25 23:17:38 | 000,000,146 | ---- | M] () -- C:\YServer.txt
< %systemdrive%\drivers\*.exe > < %systemroot%\system32\drivers\*.* /90 >[2011/12/10 15:24:06 | 000,020,464 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\system32\drivers\mbam.sys
< %PROGRAMFILES%\*.* > < MD5 for: EXPLORER.EXE >[2008/04/14 00:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\explorer.exe
[2008/04/14 00:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe
[2008/04/14 00:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\explorer.exe
[2007/06/13 11:26:03 | 001,033,216 | ---- | M] (Microsoft Corporation) MD5=7712DF0CDDE3A5AC89843E61CD5B3658 -- C:\WINDOWS\$hf_mig$\KB938828\SP2QFE\explorer.exe
[2007/06/13 10:23:07 | 001,033,216 | ---- | M] (Microsoft Corporation) MD5=97BD6515465659FF8F3B7BE375B2EA87 -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe
[2004/08/10 12:00:00 | 001,032,192 | ---- | M] (Microsoft Corporation) MD5=A0732187050030AE399B241436565E64 -- C:\WINDOWS\$NtUninstallKB938828$\explorer.exe
< MD5 for: SVCHOST.EXE >[2008/04/14 00:12:36 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\WINDOWS\ServicePackFiles\i386\svchost.exe
[2008/04/14 00:12:36 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\svchost.exe
[2008/04/14 00:12:36 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\WINDOWS\system32\svchost.exe
[2012/01/13 14:53:20 | 000,182,856 | ---- | M] () MD5=63EEC8A8B221AB79045E776E5F592868 -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\svchost.exe
[2009/01/17 21:30:23 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=8F078AE4ED187AAABC0A305146DE6716 -- C:\WINDOWS\$NtServicePackUninstall$\svchost.exe
< MD5 for: USERINIT.EXE >[2004/08/10 12:00:00 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=39B1FFB03C2296323832ACBAE50D2AFF -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe
[2008/04/14 00:12:38 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008/04/14 00:12:38 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\userinit.exe
[2008/04/14 00:12:38 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\system32\userinit.exe
< MD5 for: WINLOGON.EXE >[2004/08/10 12:00:00 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=01C3346C241652F43AED8E2149881BFE -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2012/01/13 14:53:20 | 000,182,856 | ---- | M] () MD5=63EEC8A8B221AB79045E776E5F592868 -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2008/04/14 00:12:39 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008/04/14 00:12:39 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\winlogon.exe
[2008/04/14 00:12:39 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\system32\winlogon.exe
< C:\Windows\assembly\tmp\U /s > < HKLM\SOFTWARE\CLIENTS\Startmenuinternet|command /rs >HKEY_LOCAL_MACHINE\SOFTWARE\CLIENTS\Startmenuinternet\chrome.exe\shell\open\command\\: "C:\Documents and Settings\Gitanjali\Local Settings\Application Data\Google\Chrome\Application\chrome.exe" [2012/03/08 14:28:54 | 001,049,072 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\SOFTWARE\CLIENTS\Startmenuinternet\FIREFOX.EXE\InstallInfo\\HideIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /HideShortcuts [2008/12/30 19:31:00 | 000,509,528 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\SOFTWARE\CLIENTS\Startmenuinternet\FIREFOX.EXE\InstallInfo\\ShowIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /ShowShortcuts [2008/12/30 19:31:00 | 000,509,528 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\SOFTWARE\CLIENTS\Startmenuinternet\FIREFOX.EXE\InstallInfo\\ReinstallCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [2008/12/30 19:31:00 | 000,509,528 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\SOFTWARE\CLIENTS\Startmenuinternet\FIREFOX.EXE\shell\open\command\\: C:\Program Files\Mozilla Firefox\firefox.exe [2008/12/30 19:30:56 | 000,307,704 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\SOFTWARE\CLIENTS\Startmenuinternet\FIREFOX.EXE\shell\properties\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -preferences [2008/12/30 19:30:56 | 000,307,704 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\SOFTWARE\CLIENTS\Startmenuinternet\FIREFOX.EXE\shell\safemode\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -safe-mode [2008/12/30 19:30:56 | 000,307,704 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\SOFTWARE\CLIENTS\Startmenuinternet\Google Chrome\InstallInfo\\ShowIconsCommand: "C:\Documents and Settings\Gitanjali\Local Settings\Application Data\Google\Chrome\Application\chrome.exe" --show-icons [2012/03/08 14:28:54 | 001,049,072 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\SOFTWARE\CLIENTS\Startmenuinternet\Google Chrome\InstallInfo\\HideIconsCommand: "C:\Documents and Settings\Gitanjali\Local Settings\Application Data\Google\Chrome\Application\chrome.exe" --hide-icons [2012/03/08 14:28:54 | 001,049,072 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\SOFTWARE\CLIENTS\Startmenuinternet\Google Chrome\InstallInfo\\ReinstallCommand: "C:\Documents and Settings\Gitanjali\Local Settings\Application Data\Google\Chrome\Application\chrome.exe" --make-default-browser [2012/03/08 14:28:54 | 001,049,072 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\SOFTWARE\CLIENTS\Startmenuinternet\Google Chrome\shell\open\command\\: "C:\Documents and Settings\Gitanjali\Local Settings\Application Data\Google\Chrome\Application\chrome.exe" [2012/03/08 14:28:54 | 001,049,072 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\SOFTWARE\CLIENTS\Startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\WINDOWS\system32\ie4uinit.exe" -reinstall [2011/12/16 12:23:08 | 000,174,080 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\SOFTWARE\CLIENTS\Startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -hide [2011/12/16 12:23:08 | 000,174,080 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\SOFTWARE\CLIENTS\Startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -show [2011/12/16 12:23:08 | 000,174,080 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\SOFTWARE\CLIENTS\Startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" -extoff [2011/12/16 11:00:16 | 000,634,680 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\SOFTWARE\CLIENTS\Startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\Program Files\Internet Explorer\iexplore.exe [2011/12/16 11:00:16 | 000,634,680 | ---- | M] (Microsoft Corporation)
< HKLM\SOFTWARE\CLIENTS\Startmenuinternet|command /64 /rs >HKEY_LOCAL_MACHINE\SOFTWARE\CLIENTS\Startmenuinternet\chrome.exe\shell\open\command\\: "C:\Documents and Settings\Gitanjali\Local Settings\Application Data\Google\Chrome\Application\chrome.exe" [2012/03/08 14:28:54 | 001,049,072 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\SOFTWARE\CLIENTS\Startmenuinternet\FIREFOX.EXE\InstallInfo\\HideIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /HideShortcuts [2008/12/30 19:31:00 | 000,509,528 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\SOFTWARE\CLIENTS\Startmenuinternet\FIREFOX.EXE\InstallInfo\\ShowIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /ShowShortcuts [2008/12/30 19:31:00 | 000,509,528 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\SOFTWARE\CLIENTS\Startmenuinternet\FIREFOX.EXE\InstallInfo\\ReinstallCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [2008/12/30 19:31:00 | 000,509,528 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\SOFTWARE\CLIENTS\Startmenuinternet\FIREFOX.EXE\shell\open\command\\: C:\Program Files\Mozilla Firefox\firefox.exe [2008/12/30 19:30:56 | 000,307,704 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\SOFTWARE\CLIENTS\Startmenuinternet\FIREFOX.EXE\shell\properties\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -preferences [2008/12/30 19:30:56 | 000,307,704 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\SOFTWARE\CLIENTS\Startmenuinternet\FIREFOX.EXE\shell\safemode\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -safe-mode [2008/12/30 19:30:56 | 000,307,704 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\SOFTWARE\CLIENTS\Startmenuinternet\Google Chrome\InstallInfo\\ShowIconsCommand: "C:\Documents and Settings\Gitanjali\Local Settings\Application Data\Google\Chrome\Application\chrome.exe" --show-icons [2012/03/08 14:28:54 | 001,049,072 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\SOFTWARE\CLIENTS\Startmenuinternet\Google Chrome\InstallInfo\\HideIconsCommand: "C:\Documents and Settings\Gitanjali\Local Settings\Application Data\Google\Chrome\Application\chrome.exe" --hide-icons [2012/03/08 14:28:54 | 001,049,072 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\SOFTWARE\CLIENTS\Startmenuinternet\Google Chrome\InstallInfo\\ReinstallCommand: "C:\Documents and Settings\Gitanjali\Local Settings\Application Data\Google\Chrome\Application\chrome.exe" --make-default-browser [2012/03/08 14:28:54 | 001,049,072 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\SOFTWARE\CLIENTS\Startmenuinternet\Google Chrome\shell\open\command\\: "C:\Documents and Settings\Gitanjali\Local Settings\Application Data\Google\Chrome\Application\chrome.exe" [2012/03/08 14:28:54 | 001,049,072 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\SOFTWARE\CLIENTS\Startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\WINDOWS\system32\ie4uinit.exe" -reinstall [2011/12/16 12:23:08 | 000,174,080 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\SOFTWARE\CLIENTS\Startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -hide [2011/12/16 12:23:08 | 000,174,080 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\SOFTWARE\CLIENTS\Startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -show [2011/12/16 12:23:08 | 000,174,080 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\SOFTWARE\CLIENTS\Startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" -extoff [2011/12/16 11:00:16 | 000,634,680 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\SOFTWARE\CLIENTS\Startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\Program Files\Internet Explorer\iexplore.exe [2011/12/16 11:00:16 | 000,634,680 | ---- | M] (Microsoft Corporation)
< End of report >
FSS Log:
Farbar Service Scanner Version: 01-03-2012
Ran by Gitanjali (administrator) on 09-03-2012 at 07:14:32
Running from "C:\Documents and Settings\Gitanjali\Desktop"
Microsoft Windows XP Professional Service Pack 3 (X86)
Boot Mode: Normal
****************************************************************
Internet Services:
============
Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Yahoo IP is accessible.
Windows Firewall:
=============
Firewall Disabled Policy:
==================
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall"=DWORD:0
System Restore:
============
System Restore Disabled Policy:
========================
Security Center:
============
Windows Update:
============
File Check:
========
C:\WINDOWS\system32\dhcpcsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\afd.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\netbt.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\tcpip.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\ipsec.sys => MD5 is legit
C:\WINDOWS\system32\dnsrslvr.dll => MD5 is legit
C:\WINDOWS\system32\ipnathlp.dll => MD5 is legit
C:\WINDOWS\system32\netman.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\srsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\sr.sys => MD5 is legit
C:\WINDOWS\system32\wscsvc.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\wuauserv.dll => MD5 is legit
C:\WINDOWS\system32\qmgr.dll => MD5 is legit
C:\WINDOWS\system32\es.dll => MD5 is legit
C:\WINDOWS\system32\cryptsvc.dll => MD5 is legit
C:\WINDOWS\system32\svchost.exe => MD5 is legit
C:\WINDOWS\system32\rpcss.dll => MD5 is legit
C:\WINDOWS\system32\services.exe => MD5 is legit
Extra List:
=======
DNE(9) Gpc(6) IPSec(4) NetBT(5) PSched(7) Tcpip(3)
0x09000000040000000100000002000000030000000800000006000000070000000500000009000000
IpSec Tag value is correct.
**** End of log ****
Edited by lawtel32, 09 March 2012 - 01:18 AM.