Machine: i3 laptop running WinXP SP3. use avast home edition and sygate firewall by way of security.
Problem: Subscribed to an equity data service last week. Each time I run the downloader, at the start where it says 'validating registration', it throws up an error message that win23(or some other two digit number or a number and/or a letter).tmp.exe has encountered a problem and needs to close (screenshot copy attached). It asks whether to send an error report to Microsoft or not. Once I click out of this box, the program launches normally. At each launch of the program two files are created - one in Windows\system 32 directory and the other in 'prefetch' directory. Deletion of these files is of no help since, at the next launch, new files are created. When I checked with the data vendor, they had a look and said the problem did not lie with their software but that my machine was infected. My machine seems otherwise ok, except (in hindsight) the very slightly erratic browsing for the last little while and occasional inability to burn CDs using Nero. Not having the remotest pretensions of being tech-savvy, I don't know if these two niggles are somehow linked to the win*.tmp.exe problem.
Steps I took to remedy the problem: Googled it - went through historical fixes like in http://www.geekstogo...iles resolved/ (of 2006 vintage variety) and http://www.spyware-r...popups-removal. Installed and ran AVG anti-spyware and super anti-spyware - didn't help. Installed and ran Hijackthis log - hoping to find a win???32.dll in line 020 that I could rename with a .txt at the end to get rid of the problem (as made out in certain posts), but didn't find any such file.
Many thanks in advance for your help. The OTL log is appended below:
alphabetagamma
OTL logfile created on: 22-Sep-12 4:31:51 PM - Run 1
OTL by OldTimer - Version 3.2.65.1 Folder = C:\Documents and Settings\KK\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: dd-MMM-yy
2.87 Gb Total Physical Memory | 2.22 Gb Available Physical Memory | 77.29% Memory free
4.71 Gb Paging File | 4.18 Gb Available in Paging File | 88.83% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 150.34 Gb Total Space | 121.42 Gb Free Space | 80.77% Space Free | Partition Type: NTFS
Drive D: | 150.34 Gb Total Space | 122.26 Gb Free Space | 81.33% Space Free | Partition Type: NTFS
Drive E: | 150.34 Gb Total Space | 150.03 Gb Free Space | 99.79% Space Free | Partition Type: NTFS
Drive F: | 1.62 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: CDFS
Computer Name: HOME_NOTEBOOK | User Name: KK | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2012-09-22 16:29:52 | 000,600,576 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\KK\Desktop\OTL.exe
PRC - [2012-08-30 08:28:46 | 001,229,848 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
PRC - [2012-08-21 14:42:26 | 004,282,728 | ---- | M] (AVAST Software) -- C:\Program Files\Avast\AvastUI.exe
PRC - [2012-08-21 14:42:25 | 000,044,808 | ---- | M] (AVAST Software) -- C:\Program Files\Avast\AvastSvc.exe
PRC - [2012-07-12 00:24:49 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SASCore.exe
PRC - [2011-10-03 05:06:18 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java RE 6.24\bin\jqs.exe
PRC - [2010-03-29 15:39:54 | 001,822,600 | ---- | M] (ELAN Microelectronics Corp.) -- C:\Program Files\Elantech\ETDCtrl.exe
PRC - [2010-03-15 20:32:54 | 001,599,368 | ---- | M] (ELAN Microelectronics Corp.) -- C:\Program Files\Elantech\ETDCtrlHelper.exe
PRC - [2009-12-18 12:28:30 | 004,464,640 | ---- | M] (Lenovo(Beijing)Limited) -- C:\Program Files\Lenovo\Energy Management\utility.exe
PRC - [2009-12-09 16:48:26 | 002,320,920 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel® Management Engine Components\UNS\UNS.exe
PRC - [2009-12-09 16:48:24 | 000,268,824 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel® Management Engine Components\LMS\LMS.exe
PRC - [2009-09-15 18:31:30 | 000,536,576 | ---- | M] (Vimicro) -- C:\Program Files\USB Camera2\VM332_STI.EXE
PRC - [2009-08-14 11:48:52 | 001,455,480 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\Lenovo Bluetooth Software\BTStackServer.exe
PRC - [2009-08-14 11:48:52 | 000,607,584 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\Lenovo Bluetooth Software\BTTray.exe
PRC - [2009-08-14 11:48:52 | 000,349,528 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\Lenovo Bluetooth Software\bin\btwdins.exe
PRC - [2009-07-20 02:32:16 | 002,713,144 | ---- | M] (Conexant Systems, Inc.) -- C:\Program Files\CONEXANT\SmartAudio\SmAudio.exe
PRC - [2008-04-14 10:12:20 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007-09-21 09:25:52 | 000,344,064 | ---- | M] () -- C:\Program Files\Microtek\ScanWizard 5\ScannerFinder.exe
PRC - [2007-06-11 14:55:42 | 006,731,312 | ---- | M] (GRISOFT s.r.o.) -- C:\Program Files\AVG Anti-Spyware 7.5\avgas.exe
PRC - [2007-05-30 18:01:10 | 000,312,880 | ---- | M] (GRISOFT s.r.o.) -- C:\Program Files\AVG Anti-Spyware 7.5\guard.exe
PRC - [2003-12-24 14:44:56 | 002,344,160 | ---- | M] (Sygate Technologies, Inc.) -- C:\Program Files\Sygate\Smc.exe
PRC - [2002-08-01 03:49:54 | 000,049,152 | ---- | M] (ScanSoft, Inc.) -- C:\Program Files\ScanSoft\OmniPagePro12.0\opware12.exe
========== Modules (No Company Name) ==========
MOD - [2012-09-21 13:42:20 | 001,811,968 | ---- | M] () -- C:\Program Files\Avast\defs\12092100\algo.dll
MOD - [2012-08-30 08:28:45 | 000,442,392 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\21.0.1180.89\ppgooglenaclpluginchrome.dll
MOD - [2012-08-30 08:28:44 | 012,237,336 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\21.0.1180.89\PepperFlash\pepflashplayer.dll
MOD - [2012-08-30 08:28:42 | 003,997,720 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\21.0.1180.89\pdf.dll
MOD - [2012-08-30 08:27:15 | 000,144,424 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\21.0.1180.89\avutil-51.dll
MOD - [2012-08-30 08:27:13 | 000,266,792 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\21.0.1180.89\avformat-54.dll
MOD - [2012-08-30 08:27:12 | 002,480,680 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\21.0.1180.89\avcodec-54.dll
MOD - [2009-08-14 11:47:34 | 002,854,976 | ---- | M] () -- C:\WINDOWS\system32\btwicons.dll
MOD - [2009-08-14 11:45:04 | 000,069,697 | ---- | M] () -- C:\Program Files\Lenovo Bluetooth Software\BTKeyInd.dll
MOD - [2008-05-21 17:33:22 | 000,045,056 | ---- | M] () -- C:\Program Files\Lenovo\Energy Management\KbdHook.dll
MOD - [2008-04-14 10:12:00 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
MOD - [2008-04-14 10:11:52 | 000,059,904 | ---- | M] () -- C:\WINDOWS\system32\devenum.dll
MOD - [2007-09-21 09:25:52 | 000,344,064 | ---- | M] () -- C:\Program Files\Microtek\ScanWizard 5\ScannerFinder.exe
MOD - [2006-05-14 09:53:40 | 000,138,752 | ---- | M] () -- C:\Program Files\7-Zip\7-zip.dll
========== Services (SafeList) ==========
SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ)
SRV - [2012-09-03 09:10:23 | 000,250,568 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012-08-21 14:42:25 | 000,044,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2012-07-12 00:24:49 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCore.exe -- (!SASCORE)
SRV - [2011-10-03 05:06:18 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) [Auto | Running] -- C:\Program Files\Java RE 6.24\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2009-12-09 16:48:26 | 002,320,920 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2009-12-09 16:48:24 | 000,268,824 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2009-08-14 11:48:52 | 000,349,528 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Program Files\Lenovo Bluetooth Software\bin\btwdins.exe -- (btwdins)
SRV - [2007-05-30 18:01:10 | 000,312,880 | ---- | M] (GRISOFT s.r.o.) [Auto | Running] -- C:\Program Files\AVG Anti-Spyware 7.5\guard.exe -- (AVG Anti-Spyware Guard)
SRV - [2003-12-24 14:44:56 | 002,344,160 | ---- | M] (Sygate Technologies, Inc.) [Auto | Running] -- C:\Program Files\Sygate\Smc.exe -- (SmcService)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\cmusbser.sys -- (qcusbser)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | Auto | Stopped] -- -- (ASPI32)
DRV - [2012-08-21 14:43:15 | 000,729,752 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2012-08-21 14:43:15 | 000,355,632 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2012-08-21 14:43:15 | 000,054,232 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2012-08-21 14:43:14 | 000,097,608 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2012-08-21 14:43:14 | 000,035,928 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2012-08-21 14:43:13 | 000,025,256 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2012-08-21 14:43:13 | 000,021,256 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2012-03-07 05:32:43 | 000,024,408 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswKbd.sys -- (aswKbd)
DRV - [2011-07-22 21:57:02 | 000,012,880 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2011-07-13 03:25:22 | 000,067,664 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2010-07-16 13:17:46 | 001,930,368 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\CHDAU32.sys -- (CnxtHdAudService)
DRV - [2010-06-18 13:42:46 | 002,967,168 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\BCMWL5.SYS -- (BCM43XX)
DRV - [2010-02-26 16:31:22 | 000,132,480 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Impcd.sys -- (Impcd)
DRV - [2010-01-19 05:50:10 | 000,235,520 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\IntcDAud.sys -- (IntcDAud)
DRV - [2009-12-11 16:24:36 | 000,182,304 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV - [2009-12-03 10:07:08 | 000,185,072 | ---- | M] (Vimicro Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\vm332avs.sys -- (vm332avs)
DRV - [2009-09-17 12:54:14 | 000,041,088 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HECI.sys -- (HECI)
DRV - [2009-09-03 16:27:50 | 000,040,704 | ---- | M] (Lenovo Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AcpiVpc.sys -- (ACPIVPC)
DRV - [2009-08-17 14:00:26 | 000,533,152 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btaudio.sys -- (btaudio)
DRV - [2009-07-28 16:55:00 | 000,143,360 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp)
DRV - [2009-07-09 12:45:00 | 000,991,264 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btkrnl.sys -- (BTKRNL)
DRV - [2009-06-21 09:56:14 | 000,045,984 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btwusb.sys -- (BTWUSB)
DRV - [2008-07-24 17:37:10 | 000,156,816 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btwdndis.sys -- (BTWDNDIS)
DRV - [2008-02-04 17:57:44 | 000,037,160 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btport.sys -- (BTDriver)
DRV - [2008-02-04 17:57:30 | 000,037,032 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btwmodem.sys -- (btwmodem)
DRV - [2007-05-30 17:40:42 | 000,011,000 | ---- | M] () [Kernel | System | Running] -- C:\Program Files\AVG Anti-Spyware 7.5\guard.sys -- (AVG Anti-Spyware Driver)
DRV - [2007-05-30 17:40:42 | 000,010,872 | ---- | M] (GRISOFT, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AvgAsCln.sys -- (AvgAsCln)
DRV - [2003-12-24 14:34:38 | 000,018,515 | ---- | M] (Sygate Technologies, Inc.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\wpsdrvnt.sys -- (wpsdrvnt)
DRV - [2003-12-24 14:32:14 | 000,056,400 | ---- | M] (Sygate Technologies, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\Teefer.sys -- (Teefer)
DRV - [2003-12-24 14:30:18 | 000,011,914 | ---- | M] (Sygate Technologies, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\wg3n.sys -- (wg3n)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...ferrer:source?}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.in/
IE - HKCU\..\SearchScopes,DefaultScope = {1D84549F-527B-4AC3-916A-6C048ED13AA0}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylo...000002682e24081
IE - HKCU\..\SearchScopes\{1D84549F-527B-4AC3-916A-6C048ED13AA0}: "URL" = http://www.google.co...utputEncoding?}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "Search the web (Babylon)"
FF - prefs.js..browser.search.order.1: "Search the web (Babylon)"
FF - prefs.js..browser.search.selectedEngine: ""
FF - prefs.js..browser.startup.homepage: "http://www.google.com/"
FF - prefs.js..extensions.enabledAddons: [email protected]:1.0
FF - prefs.js..extensions.enabledAddons: [email protected]:1.2.0
FF - prefs.js..extensions.enabledAddons: [email protected]:7.0.1466
FF - prefs.js..keyword.URL: "http://search.babylo...02682e24081&q="
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java RE 6.24\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.11.2088: C:\Program Files\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=1.0.2.2146: C:\Program Files\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.1069: C:\Program Files\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\[email protected]: C:\Program Files\Java RE 6.24\lib\deploy\jqs\ff [2011-03-07 17:52:59 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\[email protected]: C:\Program Files\AVAST\WebRep\FF [2012-08-31 09:12:39 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011-11-05 12:36:49 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
[2011-11-05 12:37:03 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\KK\Application Data\Mozilla\Extensions
[2012-04-07 12:42:52 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\KK\Application Data\Mozilla\Firefox\Profiles\rq7m0lq3.default\extensions
[2012-04-07 12:42:54 | 000,000,000 | ---D | M] (Babylon) -- C:\Documents and Settings\KK\Application Data\Mozilla\Firefox\Profiles\rq7m0lq3.default\extensions\[email protected]
[2011-11-05 12:36:48 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012-08-31 09:12:39 | 000,000,000 | ---D | M] (avast! WebRep) -- C:\PROGRAM FILES\AVAST\WEBREP\FF
[2011-03-07 17:52:59 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA RE 6.24\LIB\DEPLOY\JQS\FF
[2011-09-29 12:23:40 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011-09-29 05:56:50 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
========== Chrome ==========
CHR - homepage: http://google.com/
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}
CHR - homepage: http://google.com/
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\21.0.1180.89\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\21.0.1180.89\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\21.0.1180.89\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Documents and Settings\KK\Local Settings\Application Data\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Acrobat 6.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.290.11 (Enabled) = C:\Program Files\Java RE 6.24\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java Platform SE 6 U29 (Enabled) = C:\Program Files\Java RE 6.24\bin\new_plugin\npjp2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll
CHR - plugin: RealPlayer G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files\RealPlayer\Netscape6\nppl3260.dll
CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files\RealPlayer\Netscape6\nprpjplug.dll
CHR - plugin: RealJukebox NS Plugin (Enabled) = C:\Program Files\RealPlayer\Netscape6\nprjplug.dll
CHR - Extension: YouTube = C:\Documents and Settings\KK\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google Search = C:\Documents and Settings\KK\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: avast! WebRep = C:\Documents and Settings\KK\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1466_0\
CHR - Extension: Gmail = C:\Documents and Settings\KK\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
O1 HOSTS File: ([2007-08-11 12:28:33 | 000,000,768 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 mpa.one.microsoft.com
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java RE 6.24\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java RE 6.24\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Avast\aswWebRepIE.dll (AVAST Software)
O4 - HKLM..\Run: [!AVG Anti-Spyware] C:\Program Files\AVG Anti-Spyware 7.5\avgas.exe (GRISOFT s.r.o.)
O4 - HKLM..\Run: [332BigDog] C:\Program Files\USB Camera2\VM332_STI.EXE (Vimicro)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [EnergyUtility] C:\Program Files\Lenovo\Energy Management\utility.exe (Lenovo(Beijing)Limited)
O4 - HKLM..\Run: [ETDWare] C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronics Corp.)
O4 - HKLM..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k File not found
O4 - HKLM..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [Opware12] C:\Program Files\ScanSoft\OmniPagePro12.0\Opware12.exe (ScanSoft, Inc.)
O4 - HKLM..\Run: [SmartAudio] C:\Program Files\CONEXANT\SMARTAUDIO\SMAUDIO.EXE (Conexant Systems, Inc.)
O4 - HKLM..\Run: [SmcService] C:\Program Files\Sygate\Smc.exe (Sygate Technologies, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Bluetooth.lnk = C:\Program Files\Lenovo Bluetooth Software\BTTray.exe (Broadcom Corporation.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Microtek Scanner Finder.lnk = C:\Program Files\Microtek\ScanWizard 5\ScannerFinder.exe ()
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\Lenovo Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Send To Bluetooth - C:\Program Files\Lenovo Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Lenovo Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Lenovo Bluetooth Software\btsendto_ie.htm ()
O15 - HKCU\..Trusted Domains: religare.in ([crn] http in Trusted sites)
O15 - HKCU\..Trusted Domains: religare.in ([files] ftp in Trusted sites)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.micros...b?1299502970375 (WUWebControl Class)
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} http://security.syma...n/bin/cabsa.cab (Symantec RuFSI Utility Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{96FF19CA-A816-4ACB-9EED-4FC55D8F82BE}: DhcpNameServer = 192.168.1.1
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {57B86673-276A-48B2-BAE7-C6DBB3020EB8} - C:\Program Files\AVG Anti-Spyware 7.5\shellexecutehook.dll (GRISOFT s.r.o.)
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011-02-25 20:08:48 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{3899a87f-6cc2-11e1-a275-002682e24081}\Shell - "" = AutoRun
O33 - MountPoints2\{3899a87f-6cc2-11e1-a275-002682e24081}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{3899a87f-6cc2-11e1-a275-002682e24081}\Shell\AutoRun\command - "" = G:\autorun.exe
O33 - MountPoints2\{3899a881-6cc2-11e1-a275-002682e24081}\Shell - "" = AutoRun
O33 - MountPoints2\{3899a881-6cc2-11e1-a275-002682e24081}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{3899a881-6cc2-11e1-a275-002682e24081}\Shell\AutoRun\command - "" = G:\autorun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
========== Files/Folders - Created Within 30 Days ==========
[2012-09-22 16:29:46 | 000,600,576 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\KK\Desktop\OTL.exe
[2012-09-21 13:10:03 | 000,388,608 | ---- | C] (Trend Micro Inc.) -- C:\Documents and Settings\KK\Desktop\HijackThis.exe
[2012-09-21 12:21:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\KK\Application Data\Grisoft
[2012-09-21 12:21:31 | 000,010,872 | ---- | C] (GRISOFT, s.r.o.) -- C:\WINDOWS\System32\drivers\AvgAsCln.sys
[2012-09-21 12:21:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Grisoft
[2012-09-21 12:21:26 | 000,000,000 | ---D | C] -- C:\Program Files\AVG Anti-Spyware 7.5
[2012-09-21 10:08:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\KK\Application Data\SUPERAntiSpyware.com
[2012-09-21 10:08:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\SUPERAntiSpyware
[2012-09-21 10:08:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
[2012-09-21 10:08:20 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2012-09-21 10:08:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SUPERSetup
[2012-09-21 10:06:27 | 020,549,528 | ---- | C] (SUPERAntiSpyware.com) -- C:\Documents and Settings\KK\Desktop\SUPERAntiSpyware.exe
[2012-09-20 00:50:51 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\KK\Recent
[2012-09-18 16:37:49 | 000,000,000 | -HSD | C] -- C:\WINDOWS\System32\AI_RecycleBin
[2012-09-18 16:37:44 | 000,000,000 | ---D | C] -- C:\Program Files\CoreTrade
[2012-09-18 16:37:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\CoreTrade
[2012-09-18 15:11:53 | 248,614,244 | ---- | C] (Igor Pavlov) -- C:\Documents and Settings\KK\Desktop\isseod.exe
[9 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2012-09-22 16:29:52 | 000,600,576 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\KK\Desktop\OTL.exe
[2012-09-22 16:18:01 | 000,000,900 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2012-09-22 15:53:58 | 000,463,832 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012-09-22 15:53:58 | 000,079,106 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012-09-22 15:50:00 | 000,000,286 | -H-- | M] () -- C:\WINDOWS\tasks\avast! Emergency Update.job
[2012-09-22 15:49:23 | 000,000,896 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2012-09-22 15:49:19 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012-09-22 15:49:17 | 3077,464,064 | -HS- | M] () -- C:\hiberfil.sys
[2012-09-21 17:44:00 | 000,000,830 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2012-09-21 17:25:10 | 000,023,545 | ---- | M] () -- C:\Documents and Settings\KK\Application Data\folidx1
[2012-09-21 17:25:10 | 000,002,955 | ---- | M] () -- C:\Documents and Settings\KK\Application Data\sbg.xml
[2012-09-21 12:21:34 | 000,000,749 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\AVG Anti-Spyware.lnk
[2012-09-21 12:18:35 | 012,413,440 | ---- | M] () -- C:\Documents and Settings\KK\Desktop\avgas-setup-7.5.1.43.exe
[2012-09-21 12:02:44 | 000,388,608 | ---- | M] (Trend Micro Inc.) -- C:\Documents and Settings\KK\Desktop\HijackThis.exe
[2012-09-21 10:42:24 | 000,001,678 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\SUPERAntiSpyware Free Edition.lnk
[2012-09-21 10:06:28 | 020,549,528 | ---- | M] (SUPERAntiSpyware.com) -- C:\Documents and Settings\KK\Desktop\SUPERAntiSpyware.exe
[2012-09-20 21:26:26 | 000,059,858 | ---- | M] () -- C:\Documents and Settings\KK\Desktop\CN_20120920_SA638_NSEF607880_0.htm
[2012-09-20 11:37:58 | 000,002,513 | ---- | M] () -- C:\Documents and Settings\KK\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Office Excel 2003.lnk
[2012-09-20 00:52:31 | 000,002,515 | ---- | M] () -- C:\Documents and Settings\KK\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Office Word 2003.lnk
[2012-09-18 22:54:14 | 000,062,906 | ---- | M] () -- C:\Documents and Settings\KK\Desktop\CN_20120918_SA638_NSEF602701_0.htm
[2012-09-18 17:38:11 | 000,001,650 | ---- | M] () -- C:\Documents and Settings\KK\Application Data\Microsoft\Internet Explorer\Quick Launch\CoreTrade.lnk
[2012-09-17 22:22:28 | 000,065,953 | ---- | M] () -- C:\Documents and Settings\KK\Desktop\CN_20120917_SA638_NSEF597333_0.htm
[2012-09-14 01:01:30 | 000,061,887 | ---- | M] () -- C:\Documents and Settings\KK\Desktop\CN_20120913_SA638_NSEF585258_0.htm
[2012-09-13 08:43:51 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012-09-12 23:48:22 | 000,061,891 | ---- | M] () -- C:\Documents and Settings\KK\Desktop\CN_20120912_SA638_NSEF580812_0.htm
[2012-09-12 15:11:03 | 248,614,244 | ---- | M] (Igor Pavlov) -- C:\Documents and Settings\KK\Desktop\isseod.exe
[2012-09-12 00:14:52 | 000,063,915 | ---- | M] () -- C:\Documents and Settings\KK\Desktop\CN_20120911_SA638_NSEF575929_0.htm
[2012-09-10 22:53:06 | 000,062,911 | ---- | M] () -- C:\Documents and Settings\KK\Desktop\CN_20120910_SA638_NSEF571558_0.htm
[2012-09-10 09:38:10 | 000,002,135 | ---- | M] () -- C:\Documents and Settings\KK\Application Data\Microsoft\Internet Explorer\Quick Launch\StocksUP DayTrader Update Past.lnk
[2012-09-09 13:59:09 | 000,248,887 | ---- | M] () -- C:\Documents and Settings\KK\Desktop\Insurance.pdf
[2012-09-09 13:57:54 | 000,855,137 | ---- | M] () -- C:\Documents and Settings\KK\Desktop\Sec Mkts basic.pdf
[2012-09-09 13:43:27 | 000,966,127 | ---- | M] () -- C:\Documents and Settings\KK\Desktop\Sec. Mkts - Adv..pdf
[2012-09-09 13:36:31 | 000,244,137 | ---- | M] () -- C:\Documents and Settings\KK\Desktop\Fin Mkts - beginner.pdf
[2012-09-07 12:32:58 | 000,464,828 | ---- | M] () -- C:\Documents and Settings\KK\Desktop\GATS ex jurisint.org.pdf
[2012-09-07 11:49:10 | 014,919,628 | ---- | M] () -- C:\Documents and Settings\KK\Desktop\IPR in Indian context.pdf
[2012-09-07 11:45:42 | 015,055,207 | ---- | M] () -- C:\Documents and Settings\KK\Desktop\Dispute resolution under WTO.pdf
[2012-09-05 09:20:48 | 000,001,813 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Google Chrome.lnk
[2012-09-04 18:33:44 | 000,096,101 | ---- | M] () -- C:\Documents and Settings\KK\Desktop\2176456_lk5nb055vlqayamoqsywzj55.pdf
[2012-08-31 09:13:29 | 000,002,616 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[9 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
========== Files Created - No Company Name ==========
[2012-09-21 17:15:23 | 3077,464,064 | -HS- | C] () -- C:\hiberfil.sys
[2012-09-21 12:21:34 | 000,000,749 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\AVG Anti-Spyware.lnk
[2012-09-21 12:17:29 | 012,413,440 | ---- | C] () -- C:\Documents and Settings\KK\Desktop\avgas-setup-7.5.1.43.exe
[2012-09-21 10:08:26 | 000,001,678 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\SUPERAntiSpyware Free Edition.lnk
[2012-09-20 21:26:26 | 000,059,858 | ---- | C] () -- C:\Documents and Settings\KK\Desktop\CN_20120920_SA638_NSEF607880_0.htm
[2012-09-18 22:54:14 | 000,062,906 | ---- | C] () -- C:\Documents and Settings\KK\Desktop\CN_20120918_SA638_NSEF602701_0.htm
[2012-09-18 17:38:11 | 000,001,650 | ---- | C] () -- C:\Documents and Settings\KK\Application Data\Microsoft\Internet Explorer\Quick Launch\CoreTrade.lnk
[2012-09-18 16:53:15 | 000,002,955 | ---- | C] () -- C:\Documents and Settings\KK\Application Data\sbg.xml
[2012-09-18 16:49:07 | 000,023,545 | ---- | C] () -- C:\Documents and Settings\KK\Application Data\folidx1
[2012-09-17 22:22:28 | 000,065,953 | ---- | C] () -- C:\Documents and Settings\KK\Desktop\CN_20120917_SA638_NSEF597333_0.htm
[2012-09-14 01:01:30 | 000,061,887 | ---- | C] () -- C:\Documents and Settings\KK\Desktop\CN_20120913_SA638_NSEF585258_0.htm
[2012-09-12 23:48:22 | 000,061,891 | ---- | C] () -- C:\Documents and Settings\KK\Desktop\CN_20120912_SA638_NSEF580812_0.htm
[2012-09-12 00:14:52 | 000,063,915 | ---- | C] () -- C:\Documents and Settings\KK\Desktop\CN_20120911_SA638_NSEF575929_0.htm
[2012-09-10 22:53:06 | 000,062,911 | ---- | C] () -- C:\Documents and Settings\KK\Desktop\CN_20120910_SA638_NSEF571558_0.htm
[2012-09-09 13:59:19 | 000,248,887 | ---- | C] () -- C:\Documents and Settings\KK\Desktop\Insurance.pdf
[2012-09-09 13:58:16 | 000,855,137 | ---- | C] () -- C:\Documents and Settings\KK\Desktop\Sec Mkts basic.pdf
[2012-09-09 13:43:50 | 000,966,127 | ---- | C] () -- C:\Documents and Settings\KK\Desktop\Sec. Mkts - Adv..pdf
[2012-09-09 13:36:46 | 000,244,137 | ---- | C] () -- C:\Documents and Settings\KK\Desktop\Fin Mkts - beginner.pdf
[2012-09-07 12:33:24 | 000,464,828 | ---- | C] () -- C:\Documents and Settings\KK\Desktop\GATS ex jurisint.org.pdf
[2012-09-07 11:49:27 | 014,919,628 | ---- | C] () -- C:\Documents and Settings\KK\Desktop\IPR in Indian context.pdf
[2012-09-07 11:46:05 | 015,055,207 | ---- | C] () -- C:\Documents and Settings\KK\Desktop\Dispute resolution under WTO.pdf
[2012-09-04 18:33:54 | 000,096,101 | ---- | C] () -- C:\Documents and Settings\KK\Desktop\2176456_lk5nb055vlqayamoqsywzj55.pdf
[2012-08-16 15:13:16 | 000,000,563 | ---- | C] () -- C:\WINDOWS\MAXLINK.INI
[2012-08-16 15:07:04 | 000,000,000 | ---- | C] () -- C:\WINDOWS\setscan.ini
[2012-04-10 09:52:35 | 000,029,378 | ---- | C] () -- C:\WINDOWS\Pkunzip.exe
[2012-04-09 10:14:30 | 000,000,285 | ---- | C] () -- C:\WINDOWS\winros.ini
[2012-03-14 12:09:34 | 000,393,216 | ---- | C] () -- C:\WINDOWS\System32\MetaLib.dll
[2012-03-05 19:04:32 | 000,000,136 | ---- | C] () -- C:\Documents and Settings\KK\Local Settings\Application Data\fusioncache.dat
[2012-03-05 19:03:34 | 000,000,000 | ---- | C] () -- C:\WINDOWS\regset.INI
[2012-03-05 19:02:10 | 000,164,864 | ---- | C] () -- C:\WINDOWS\System32\patchw32.dll
[2012-03-05 19:02:10 | 000,148,480 | ---- | C] () -- C:\WINDOWS\System32\dbcapi.dll
[2012-03-05 19:02:09 | 000,158,720 | ---- | C] () -- C:\WINDOWS\System32\LFCMP61N.DLL
[2012-03-05 19:02:09 | 000,110,080 | ---- | C] () -- C:\WINDOWS\System32\Lfpng61n.dll
[2012-03-05 19:02:09 | 000,043,008 | ---- | C] () -- C:\WINDOWS\System32\LTFIL61N.DLL
[2012-03-05 19:02:09 | 000,017,920 | ---- | C] () -- C:\WINDOWS\System32\MSWTHK32.DLL
[2012-03-05 19:02:09 | 000,017,920 | ---- | C] () -- C:\WINDOWS\System32\IMPLODE.DLL
[2012-03-05 19:02:09 | 000,003,360 | ---- | C] () -- C:\WINDOWS\System32\MSWTHK16.DLL
[2011-09-27 13:22:35 | 000,000,035 | ---- | C] () -- C:\WINDOWS\Ulead32.INI
[2011-09-27 13:02:05 | 000,044,491 | ---- | C] () -- C:\WINDOWS\System32\MiiIniFile13.ini
[2011-09-27 13:02:00 | 000,285,216 | ---- | C] () -- C:\WINDOWS\System32\drivers\Onsio.sys
[2011-09-27 13:02:00 | 000,007,680 | ---- | C] () -- C:\WINDOWS\System32\drivers\Onsreged.sys
[2011-08-29 19:36:01 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\KK\Local Settings\Application Data\{775FAB5F-8909-4007-A2DF-0D79F8301DFC}
[2011-08-01 19:36:02 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\KK\Local Settings\Application Data\{F5D43B68-2EAA-4985-B68A-31D7D1BC0484}
[2011-06-14 20:15:25 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\KK\Local Settings\Application Data\{B2D1400A-2469-4B11-9C95-6B588D5F440B}
[2011-04-11 14:37:29 | 000,307,084 | ---- | C] () -- C:\Documents and Settings\KK\U_010311_009_002799_015844.pdf
[2011-03-24 11:21:52 | 000,020,480 | ---- | C] () -- C:\Documents and Settings\KK\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011-03-23 17:33:12 | 000,001,024 | R--- | C] () -- C:\WINDOWS\System32\NT00INJ.DLL
[2011-03-23 17:33:12 | 000,001,024 | R--- | C] () -- C:\WINDOWS\DK00VSYS.DLL
[2011-03-23 17:24:07 | 000,019,083 | ---- | C] () -- C:\WINDOWS\Deltree.exe
[2011-03-07 18:15:27 | 000,864,256 | ---- | C] () -- C:\WINDOWS\System32\libeay32.dll
[2011-03-07 18:15:27 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\glut32.dll
[2011-03-07 18:15:27 | 000,159,744 | ---- | C] () -- C:\WINDOWS\System32\ssleay32.dll
[2011-03-07 17:59:14 | 000,314,880 | ---- | C] () -- C:\WINDOWS\System32\Tx32.dll
[2011-03-07 17:02:11 | 000,442,368 | R--- | C] () -- C:\WINDOWS\System32\zshp1020.exe
[2011-03-07 17:02:11 | 000,106,496 | R--- | C] () -- C:\WINDOWS\System32\vshp1020.dll
[2011-03-07 16:47:52 | 000,001,387 | ---- | C] () -- C:\WINDOWS\Bringer.INI
[2011-03-03 17:53:56 | 000,000,114 | ---- | C] () -- C:\Documents and Settings\KK\default.pls
[2011-03-01 13:06:08 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2011-02-28 15:30:12 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2011-02-28 13:38:30 | 000,001,308 | ---- | C] () -- C:\WINDOWS\vm332Rmv.ini
[2011-02-28 13:08:33 | 000,870,560 | ---- | C] () -- C:\WINDOWS\System32\igkrng575.bin
[2011-02-28 13:08:33 | 000,127,868 | ---- | C] () -- C:\WINDOWS\System32\igcompkrng575.bin
[2011-02-28 13:08:33 | 000,004,096 | ---- | C] ( ) -- C:\WINDOWS\System32\IGFXDEVLib.dll
[2011-02-28 13:08:29 | 000,000,151 | ---- | C] () -- C:\WINDOWS\System32\GfxUI.exe.config
[2011-02-28 12:08:15 | 000,073,728 | ---- | C] () -- C:\WINDOWS\System32\RtNicProp32.dll
[2011-02-26 01:28:14 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2011-02-26 01:26:56 | 000,149,200 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011-02-25 20:12:07 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2011-02-25 20:05:33 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
========== ZeroAccess Check ==========
[2012-03-05 18:52:03 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini
========== LOP Check ==========
[2012-04-03 15:50:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AMMYY
[2012-03-05 19:41:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVAST Software
[2012-04-07 12:42:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Babylon
[2012-03-05 19:21:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Equis
[2012-09-21 12:21:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Grisoft
[2011-02-26 08:27:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\LightScribe
[2012-03-24 10:25:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PassMark
[2012-08-16 15:14:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ScanSoft
[2012-08-16 15:22:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SSScanAppDataDir
[2012-08-16 15:22:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SSScanWizard
[2012-09-21 10:08:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SUPERSetup
[2012-03-24 14:18:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2012-04-07 12:42:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\KK\Application Data\Babylon
[2012-09-21 12:21:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\KK\Application Data\Grisoft
[2011-06-27 12:15:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\KK\Application Data\NesterSoft
[2011-04-01 16:33:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\KK\Application Data\Opera
[2012-08-16 15:13:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\KK\Application Data\ScanSoft
[2011-03-30 09:54:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\KK\Application Data\TeamViewer
[2011-03-07 16:44:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\KK\Application Data\Xanadu Tools
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 116 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:BC359956
< End of report >