This topic is locked
Dear Sir/Madam,
Firstly, let me say thank you in advance for your help in this matter it is most appreciated.
I am running Symantec Endpoint Protection, in Windows XP Service Pack 3 - 32 Bit.
Over the past few days I have seen many Trojan attack warnings from my Anti-Virus software Symantec. Prior to the time when the attacks started the only thing out of the ordinary was that I was
looking at webpages associated with writing web bots using perl. Below are details/samples from the Symantec messages.
First is a windows message I got at start-up. I am also unable to ping my router or access the internet in normal mode. I can access the internet in safe mode with networking. At the bottom of the messages from Symnatec is the OTL output from a Quick Scan - Title: OTL.exe Output in Normal Mode.
Below that I have put the scan output from an Title : OTL.exe Output in Safe Mode.
I am not sure if the OTL output would be different? So, I put both.
Your advice and help is most welcome. Thanks.
Kind regards,
Kiran.
Windows Mesage - Dialogue
**************************
ccApp: ccApp.exe - Entry Point Not Found
The procedure entry point TransmitFile could not be locate in the dynamic link library MS
MSWSOCK.dll
Symantec Messages
********************************************************
Scan type: Auto-Protect Scan
Event: Risk Found!
Security risk detected: Trojan.Gen.2
File: C:\WINDOWS\assembly\GAC\Desktop.ini
Location: C:\WINDOWS\assembly\GAC
Computer: LONPAD-LFX0XQ4J
User: SYSTEM
Action taken: Pending Side Effects Analysis : Access denied
Date found: 25 September 2012 13:18:48
**********************************************
Scan type: Auto-Protect Scan
Event: Risk Found!
Security risk detected: Trojan.Gen
File: C:\RECYCLER\S-1-5-18\$ff2caa1aa22dfcfd966705d0cb61f720\U\00000008.@
Location: C:\RECYCLER\S-1-5-18\$ff2caa1aa22dfcfd966705d0cb61f720\U
Computer: LONPAD-LFX0XQ4J
User: SYSTEM
Action taken: Delete succeeded : Access denied
Date found: 25 September 2012 13:19:20
***********************************************
Scan type: Auto-Protect Scan
Event: Risk Found!
Security risk detected: Backdoor.Trojan
File: C:\RECYCLER\S-1-5-18\$ff2caa1aa22dfcfd966705d0cb61f720\U\80000032.@
Location: C:\RECYCLER\S-1-5-18\$ff2caa1aa22dfcfd966705d0cb61f720\U
Computer: LONPAD-LFX0XQ4J
User: SYSTEM
Action taken: Delete succeeded : Access denied
Date found: 25 September 2012 13:19:20
*******************************************************
Scan type: Auto-Protect Scan
Event: Risk Found!
Security risk detected: Trojan.Gen.2
File: C:\RECYCLER\S-1-5-18\$ff2caa1aa22dfcfd966705d0cb61f720\U\00000004.@
Location: C:\RECYCLER\S-1-5-18\$ff2caa1aa22dfcfd966705d0cb61f720\U
Computer: LONPAD-LFX0XQ4J
User: SYSTEM
Action taken: Delete succeeded : Access denied
Date found: 25 September 2012 13:19:20
**************************************************
Scan type: Auto-Protect Scan
Event: Risk Found!
Security risk detected: Trojan.Zeroaccess.B
File: C:\RECYCLER\S-1-5-18\$ff2caa1aa22dfcfd966705d0cb61f720\U\80000000.@
Location: C:\RECYCLER\S-1-5-18\$ff2caa1aa22dfcfd966705d0cb61f720\U
Computer: LONPAD-LFX0XQ4J
User: SYSTEM
Action taken: Delete succeeded : Access denied
Date found: 25 September 2012 13:19:20
**************************************************
Scan type: Auto-Protect Scan
Event: Risk Found!
Security risk detected: Trojan.Gen
File: C:\RECYCLER\S-1-5-18\$ff2caa1aa22dfcfd966705d0cb61f720\U\00000008.@
Location: C:\RECYCLER\S-1-5-18\$ff2caa1aa22dfcfd966705d0cb61f720\U
Computer: LONPAD-LFX0XQ4J
User: SYSTEM
Action taken: Pending Side Effects Analysis : Access denied
Date found: 25 September 2012 13:19:20
*********************************************************
Scan type: Auto-Protect Scan
Event: Risk Found!
Security risk detected: Trojan.Gen
File: C:\RECYCLER\S-1-5-18\$ff2caa1aa22dfcfd966705d0cb61f720\U\00000008.@
Location: C:\RECYCLER\S-1-5-18\$ff2caa1aa22dfcfd966705d0cb61f720\U
Computer: LONPAD-LFX0XQ4J
User: SYSTEM
Action taken: Pending Side Effects Analysis : Access denied
Date found: 25 September 2012 13:19:20
*********************************************************
Scan type: Auto-Protect Scan
Event: Risk Found!
Security risk detected: Trojan.Zeroaccess.B
File: C:\RECYCLER\S-1-5-18\$ff2caa1aa22dfcfd966705d0cb61f720\U\80000000.@
Location: C:\RECYCLER\S-1-5-18\$ff2caa1aa22dfcfd966705d0cb61f720\U
Computer: LONPAD-LFX0XQ4J
User: SYSTEM
Action taken: Delete failed : Quarantine failed : Access denied
Date found: 25 September 2012 13:18:53
**********************************************************************************************************************
Title: OTL.exe Output in Normal Mode
*************************************
OTL logfile created on: 25/09/2012 13:25:40 - Run 2
OTL by OldTimer - Version 3.2.68.0 Folder = C:\Documents and Settings\kkalidin\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy
3.46 Gb Total Physical Memory | 2.35 Gb Available Physical Memory | 67.98% Memory free
5.29 Gb Paging File | 4.38 Gb Available in Paging File | 82.73% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 147.01 Gb Total Space | 60.84 Gb Free Space | 41.38% Space Free | Partition Type: NTFS
Drive D: | 2.00 Gb Total Space | 1.90 Gb Free Space | 95.06% Space Free | Partition Type: FAT32
Computer Name: LONPAD-LFX0XQ4J | User Name: kkalidin | NOT logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2012/09/25 10:12:10 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\kkalidin\Desktop\OTL.exe
PRC - [2012/09/22 08:45:20 | 000,212,432 | ---- | M] (Google Inc.) -- C:\Documents and Settings\kkalidin\Local Settings\Application Data\Google\Update\1.3.21.123\GoogleCrashHandler.exe
PRC - [2012/09/19 21:00:49 | 000,917,984 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2012/08/13 13:33:30 | 003,064,000 | ---- | M] (Skype Technologies S.A.) -- C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe
PRC - [2012/07/21 21:50:06 | 000,145,552 | ---- | M] (Oracle Corporation) -- C:\Documents and Settings\kkalidin\Start Menu\Programs\Startup\Update Tool Notifier.exe
PRC - [2012/05/04 19:29:46 | 000,161,664 | ---- | M] (Oracle Corporation) -- C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe
PRC - [2012/03/01 08:32:05 | 000,264,536 | ---- | M] (Symantec Corporation) -- C:\Program Files\Altiris\Altiris Agent\AeXAgentUIHost.exe
PRC - [2012/03/01 08:25:16 | 001,534,296 | ---- | M] (Symantec Corporation) -- C:\Program Files\Altiris\Altiris Agent\AeXNSAgent.exe
PRC - [2012/01/20 21:03:48 | 000,719,672 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE
PRC - [2011/07/25 17:40:48 | 000,108,456 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
PRC - [2011/07/25 17:40:46 | 000,115,624 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\ccApp.exe
PRC - [2011/07/25 17:40:41 | 000,644,512 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec\Symantec Endpoint Protection\SymCorpUI.exe
PRC - [2011/07/25 17:40:40 | 001,893,840 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec\Symantec Endpoint Protection\Smc.exe
PRC - [2011/07/25 17:40:40 | 001,459,616 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec\Symantec Endpoint Protection\SmcGui.exe
PRC - [2011/07/25 17:40:40 | 000,353,696 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec\Symantec Endpoint Protection\SescLU.exe
PRC - [2011/07/25 17:40:39 | 000,181,664 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec\Symantec Endpoint Protection\SavUI.exe
PRC - [2011/07/25 17:40:38 | 001,839,888 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec\Symantec Endpoint Protection\Rtvscan.exe
PRC - [2011/06/12 13:15:00 | 031,125,880 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE
PRC - [2011/04/25 04:24:16 | 000,726,976 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files\Citrix\ICA Client\wfcrun32.exe
PRC - [2011/04/25 04:22:40 | 000,305,088 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files\Citrix\ICA Client\concentr.exe
PRC - [2011/03/26 00:26:58 | 000,064,112 | ---- | M] (VMware, Inc.) -- C:\Program Files\VMware\VMware Player\hqtray.exe
PRC - [2011/03/26 00:26:46 | 000,334,448 | ---- | M] (VMware, Inc.) -- C:\WINDOWS\system32\vmnetdhcp.exe
PRC - [2011/03/26 00:26:28 | 000,404,080 | ---- | M] (VMware, Inc.) -- C:\WINDOWS\system32\vmnat.exe
PRC - [2011/03/25 23:27:40 | 000,539,248 | ---- | M] (VMware, Inc.) -- C:\Program Files\Common Files\VMware\USB\vmware-usbarbitrator.exe
PRC - [2011/03/07 19:49:02 | 000,267,016 | ---- | M] (Cisco Systems, Inc.) -- C:\Program Files\Cisco Systems\SSL VPN Client\Agent.exe
PRC - [2010/11/25 13:05:00 | 000,150,928 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Forefront UAG\Endpoint Components\3.1.0\uagqecsvc.exe
PRC - [2010/08/06 11:22:40 | 000,085,528 | ---- | M] (DameWare Development) -- C:\WINDOWS\system32\DWRCST.EXE
PRC - [2010/08/06 11:22:38 | 000,242,200 | ---- | M] (DameWare Development LLC) -- C:\WINDOWS\system32\DWRCS.EXE
PRC - [2010/04/15 00:11:38 | 000,070,968 | ---- | M] (WebEx Communications, Inc.) -- C:\Program Files\WebEx\Productivity Tools\ptSrv.exe
PRC - [2010/04/15 00:11:32 | 000,247,096 | ---- | M] (Cisco WebEx LLC) -- C:\Program Files\WebEx\Productivity Tools\ptoneclk.exe
PRC - [2010/04/15 00:11:02 | 000,271,672 | ---- | M] (WebEx Communications, Inc) -- C:\Program Files\WebEx\Productivity Tools\PTIM.exe
PRC - [2010/01/25 16:28:56 | 000,278,528 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\Apoint.exe
PRC - [2010/01/15 14:49:20 | 000,255,536 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe
PRC - [2010/01/14 22:50:06 | 000,054,568 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\ApMsgFwd.exe
PRC - [2010/01/10 14:01:26 | 000,060,928 | ---- | M] () -- C:\Program Files\STMicroelectronics\AccelerometerP11\InstallFilterService.exe
PRC - [2009/12/17 12:45:18 | 000,812,448 | ---- | M] (Broadcom Corporation) -- C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostControlService.exe
PRC - [2009/12/17 12:45:18 | 000,027,040 | ---- | M] (Broadcom Corporation) -- C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostStorageService.exe
PRC - [2009/12/10 13:07:10 | 000,700,928 | R--- | M] () -- C:\Program Files\Dell\Dell WWAN\WMCore\WMCore.exe
PRC - [2009/12/03 14:30:42 | 000,495,711 | ---- | M] (IDT, Inc.) -- C:\Program Files\IDT\WDM\sttray.exe
PRC - [2009/11/04 17:46:40 | 002,320,920 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel® Management Engine Components\UNS\UNS.exe
PRC - [2009/11/04 17:46:38 | 000,268,824 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel® Management Engine Components\LMS\LMS.exe
PRC - [2009/09/21 16:55:12 | 000,858,384 | ---- | M] (Intel® Corporation) -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe
PRC - [2009/09/21 16:50:04 | 000,364,544 | ---- | M] (Intel® Corporation) -- C:\Program Files\Intel\WiFi\bin\WLKEEPER.exe
PRC - [2009/09/21 16:49:52 | 001,392,640 | ---- | M] (Intel® Corporation) -- C:\Program Files\Intel\WiFi\bin\ZCfgSvc.exe
PRC - [2009/09/21 16:44:48 | 000,954,368 | ---- | M] (Intel® Corporation) -- C:\Program Files\Intel\WiFi\bin\S24EvMon.exe
PRC - [2009/09/21 16:34:44 | 001,206,544 | ---- | M] (Intel® Corporation) -- C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
PRC - [2009/09/21 16:31:36 | 000,473,360 | ---- | M] (Intel® Corporation) -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
PRC - [2009/07/07 04:06:46 | 000,737,280 | ---- | M] (Andrea Electronics Corporation) -- C:\WINDOWS\system32\AESTFltr.exe
PRC - [2009/02/01 02:15:38 | 000,049,152 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\ApntEx.exe
PRC - [2009/02/01 00:43:30 | 000,049,250 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\hidfind.exe
PRC - [2008/09/23 13:20:00 | 000,415,072 | R--- | M] (WinZip Computing, S.L.) -- C:\Program Files\WinZip\WZQKPICK.EXE
PRC - [2008/04/14 14:00:00 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008/04/14 14:00:00 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\inetsrv\inetinfo.exe
PRC - [2007/04/23 06:12:52 | 000,336,944 | ---- | M] (Cisco Systems, Inc.) -- C:\Program Files\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe
PRC - [2002/12/17 14:28:00 | 000,684,032 | ---- | M] (Roxio) -- C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\Directcd.exe
========== Modules (No Company Name) ==========
MOD - [2012/09/19 21:00:48 | 002,244,064 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2012/07/25 20:29:55 | 000,364,032 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\MsDtsSrvr\dbfaaf326d5d6ce6abedda87abf7db9a\MsDtsSrvr.ni.exe
MOD - [2012/07/25 20:29:43 | 000,023,040 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Microsoft.SqlServer#\4ef727ecbe7475a2b8a4125423822a09\Microsoft.SqlServer.DtsServer.Interop.ni.dll
MOD - [2012/07/25 20:27:05 | 000,212,992 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\8b84bb74d7724e147a642a1d5358feb7\System.ServiceProcess.ni.dll
MOD - [2012/07/25 02:00:07 | 000,971,264 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\3d5b7368bde0f65aa15d9f46b498cc89\System.Configuration.ni.dll
MOD - [2012/07/25 01:53:57 | 005,450,752 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\3bba1b8b0b5ef0be238b011cc7a0575e\System.Xml.ni.dll
MOD - [2012/07/25 01:51:59 | 007,953,408 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\e4b5afc4da43b1c576f9322f9f2e1bfe\System.ni.dll
MOD - [2012/07/25 01:51:45 | 011,492,352 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\e337c89bc9f81b69d7237aa70e935900\mscorlib.ni.dll
MOD - [2011/03/26 00:26:48 | 000,970,352 | ---- | M] () -- C:\Program Files\VMware\VMware Player\libxml2.dll
MOD - [2011/03/26 00:26:18 | 000,068,720 | ---- | M] () -- C:\Program Files\VMware\VMware Player\zlib1.dll
MOD - [2011/03/17 00:11:16 | 004,297,568 | ---- | M] () -- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
MOD - [2010/10/20 15:45:26 | 008,801,120 | ---- | M] () -- C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
MOD - [2010/01/10 14:01:26 | 000,060,928 | ---- | M] () -- C:\Program Files\STMicroelectronics\AccelerometerP11\InstallFilterService.exe
MOD - [2009/12/10 13:07:10 | 000,700,928 | R--- | M] () -- C:\Program Files\Dell\Dell WWAN\WMCore\WMCore.exe
MOD - [2009/03/25 22:08:52 | 000,058,880 | R--- | M] () -- C:\Program Files\Dell\Dell WWAN\WMCore\MBMDebug.dll
MOD - [2008/04/14 14:00:00 | 000,059,904 | ---- | M] () -- C:\WINDOWS\system32\devenum.dll
MOD - [2008/04/14 14:00:00 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
MOD - [2007/07/13 00:33:58 | 000,087,552 | ---- | M] () -- C:\WINDOWS\system32\cpwmon2k.dll
========== Services (SafeList) ==========
SRV - File not found [Auto | Stopped] -- C:\Documents and Settings\All Users\Application Data\QuestBrwSearch\questbrowse129.exe C:\Program Files\QuestBrwSearch\questbrwsearch.dll tofumada jefeconuba -- (QuestBrowse Service)
SRV - [2012/09/19 21:00:48 | 000,114,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/08/13 13:33:30 | 003,064,000 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2012/07/21 21:55:44 | 000,030,208 | ---- | M] (Sun Microsystems, Inc.) [Auto | Stopped] -- C:\glassfish3\glassfish\domains\domain1\bin\domain1ServiceService.exe -- (domain1Service)
SRV - [2012/07/13 13:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/05/04 19:29:46 | 000,161,664 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2012/03/01 08:47:28 | 000,408,408 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files\Altiris\Altiris Agent\Agents\WMIProviderAgent\AltirisAgentProvider.exe -- (AltirisAgentProvider)
SRV - [2012/03/01 08:25:16 | 001,534,296 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Altiris\Altiris Agent\AeXNSAgent.exe -- (AeXNSClient)
SRV - [2012/01/16 11:44:56 | 000,487,312 | ---- | M] () [On_Demand | Stopped] -- C:\WINDOWS\DOWNLO~1\DMService.exe -- (DMService)
SRV - [2011/08/13 01:08:50 | 000,229,992 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Altiris\Altiris Agent\Agents\Deployment\Agent\ConfigService.exe -- (ConfigService)
SRV - [2011/07/25 17:40:48 | 000,108,456 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (ccSetMgr)
SRV - [2011/07/25 17:40:48 | 000,108,456 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (ccEvtMgr)
SRV - [2011/07/25 17:40:40 | 001,893,840 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Symantec\Symantec Endpoint Protection\Smc.exe -- (SmcService)
SRV - [2011/07/25 17:40:38 | 001,839,888 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Symantec\Symantec Endpoint Protection\Rtvscan.exe -- (Symantec AntiVirus)
SRV - [2011/07/25 17:40:38 | 000,357,792 | ---- | M] (Symantec Corporation) [Disabled | Stopped] -- C:\Program Files\Symantec\Symantec Endpoint Protection\SNAC.EXE -- (SNAC)
SRV - [2011/06/12 13:15:00 | 031,125,880 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE -- (Microsoft SharePoint Workspace Audit Service)
SRV - [2011/03/26 00:26:46 | 000,334,448 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\WINDOWS\system32\vmnetdhcp.exe -- (VMnetDHCP)
SRV - [2011/03/26 00:26:28 | 000,404,080 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\WINDOWS\system32\vmnat.exe -- (VMware NAT Service)
SRV - [2011/03/26 00:26:16 | 000,113,264 | ---- | M] (VMware, Inc.) [Auto | Stopped] -- C:\Program Files\VMware\VMware Player\vmware-authd.exe -- (VMAuthdService)
SRV - [2011/03/25 23:27:40 | 000,539,248 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Program Files\Common Files\VMware\USB\vmware-usbarbitrator.exe -- (VMUSBArbService)
SRV - [2011/03/07 19:49:02 | 000,267,016 | ---- | M] (Cisco Systems, Inc.) [Auto | Running] -- C:\Program Files\Cisco Systems\SSL VPN Client\Agent.exe -- (STCAgent)
SRV - [2011/02/11 20:01:36 | 000,089,088 | ---- | M] (Misys) [Auto | Stopped] -- C:\Program Files\Misys\Opics Risk 1.2\bin\CreditService.exe -- (CreditService)
SRV - [2011/01/20 00:55:06 | 003,093,944 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files\Symantec\LiveUpdate\LuComServer_3_3.EXE -- (LiveUpdate)
SRV - [2010/11/25 13:05:00 | 000,150,928 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Forefront UAG\Endpoint Components\3.1.0\uagqecsvc.exe -- (uagqecsvc)
SRV - [2010/08/19 14:57:14 | 000,191,024 | ---- | M] (VMware, Inc.) [On_Demand | Stopped] -- C:\Program Files\VMware\VMware Player\vmware-ufad.exe -- (ufad-ws60)
SRV - [2010/08/06 11:22:38 | 000,242,200 | ---- | M] (DameWare Development LLC) [Auto | Running] -- C:\WINDOWS\system32\DWRCS.EXE -- (DWMRCS)
SRV - [2010/01/15 14:49:20 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe -- (McComponentHostService)
SRV - [2010/01/10 14:01:26 | 000,060,928 | ---- | M] () [Auto | Running] -- C:\Program Files\STMicroelectronics\AccelerometerP11\InstallFilterService.exe -- (InstallFilterService)
SRV - [2009/12/17 12:45:18 | 000,812,448 | ---- | M] (Broadcom Corporation) [Auto | Running] -- C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostControlService.exe -- (Credential Vault Host Control Service)
SRV - [2009/12/17 12:45:18 | 000,027,040 | ---- | M] (Broadcom Corporation) [Auto | Running] -- C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostStorageService.exe -- (Credential Vault Host Storage)
SRV - [2009/12/10 13:07:10 | 000,700,928 | R--- | M] () [Auto | Running] -- C:\Program Files\Dell\Dell WWAN\WMCore\WMCore.exe -- (WMCoreService)
SRV - [2009/11/04 17:46:40 | 002,320,920 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2009/11/04 17:46:38 | 000,268,824 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2009/09/21 16:55:12 | 000,858,384 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng)
SRV - [2009/09/21 16:50:04 | 000,364,544 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\WLKEEPER.exe -- (WLANKEEPER)
SRV - [2009/09/21 16:44:48 | 000,954,368 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\S24EvMon.exe -- (S24EventMonitor)
SRV - [2009/09/21 16:31:36 | 000,473,360 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc)
SRV - [2008/07/29 15:10:46 | 003,201,024 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\Remote Debugger\x86\msvsmon.exe -- (msvsmon90)
SRV - [2008/04/14 14:00:00 | 000,015,360 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\inetsrv\inetinfo.exe -- (W3SVC)
SRV - [2008/04/14 14:00:00 | 000,015,360 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\inetsrv\inetinfo.exe -- (SMTPSVC)
SRV - [2008/04/14 14:00:00 | 000,015,360 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\inetsrv\inetinfo.exe -- (IISADMIN)
SRV - [2007/12/11 08:10:00 | 000,094,208 | ---- | M] (IBM Corporation) [On_Demand | Stopped] -- C:\WINDOWS\cwbrxd.exe -- (Cwbrxd)
SRV - [2007/04/23 06:12:52 | 000,336,944 | ---- | M] (Cisco Systems, Inc.) [Auto | Running] -- C:\Program Files\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe -- (vpnagent)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | Boot | Stopped] -- -- (cerc6)
DRV - [2012/09/14 10:00:00 | 001,601,184 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\VirusDefs\20120921.033\NAVEX15.SYS -- (NAVEX15)
DRV - [2012/09/14 10:00:00 | 000,092,704 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\VirusDefs\20120921.033\NAVENG.SYS -- (NAVENG)
DRV - [2012/09/08 05:10:26 | 000,167,936 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wpshelper.sys -- (WpsHelper)
DRV - [2012/08/09 10:00:00 | 000,376,480 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2012/08/09 10:00:00 | 000,106,656 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2011/07/25 17:44:47 | 000,125,488 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2011/07/25 17:40:49 | 000,321,016 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\srtspl.sys -- (SRTSPL)
DRV - [2011/07/25 17:40:49 | 000,043,936 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\WPSDRVnt.sys -- (WPS)
DRV - [2011/07/25 17:40:49 | 000,043,768 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\srtspx.sys -- (SRTSPX)
DRV - [2011/07/25 17:40:48 | 000,287,352 | ---- | M] (Symantec Corporation) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\srtsp.sys -- (SRTSP)
DRV - [2011/07/25 17:40:41 | 000,099,744 | ---- | M] (Symantec Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\SysPlant.sys -- (SysPlant)
DRV - [2011/07/25 17:40:41 | 000,067,520 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Teefer2.sys -- (Teefer2)
DRV - [2011/07/25 17:40:33 | 000,421,424 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys -- (SPBBCDrv)
DRV - [2011/04/25 03:49:16 | 000,065,584 | ---- | M] (Citrix Systems, Inc.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ctxusbm.sys -- (ctxusbm)
DRV - [2011/03/26 00:27:18 | 000,854,256 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\vmx86.sys -- (vmx86)
DRV - [2011/03/26 00:27:16 | 000,070,768 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\vmci.sys -- (vmci)
DRV - [2011/03/26 00:25:46 | 000,024,688 | ---- | M] (VMware, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\VMkbd.sys -- (vmkbd)
DRV - [2011/03/26 00:25:00 | 000,032,752 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\vmnetbridge.sys -- (VMnetBridge)
DRV - [2011/03/26 00:24:56 | 000,026,352 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\vmnetuserif.sys -- (VMnetuserif)
DRV - [2011/03/25 23:27:32 | 000,032,368 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\hcmon.sys -- (hcmon)
DRV - [2011/03/25 21:05:00 | 000,016,560 | ---- | M] (VMware, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\vmnetadapter.sys -- (VMnetAdapter)
DRV - [2011/03/13 14:45:31 | 000,431,672 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sptd.sys -- (sptd)
DRV - [2011/03/07 19:49:02 | 000,022,136 | ---- | M] (Cisco Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\CSVirtA.sys -- (CSVirtA)
DRV - [2011/01/19 16:52:11 | 000,206,464 | ---- | M] (Roxio) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\udfreadr_xp.sys -- (UdfReadr_xp)
DRV - [2011/01/19 16:52:11 | 000,143,834 | ---- | M] (Roxio) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\pwd_2K.sys -- (pwd_2k)
DRV - [2011/01/19 16:52:11 | 000,030,630 | ---- | M] (Roxio) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\Mmc_2k.sys -- (mmc_2K)
DRV - [2011/01/19 16:52:11 | 000,025,898 | ---- | M] (Roxio) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\Dvd_2k.sys -- (dvd_2K)
DRV - [2010/08/31 09:05:49 | 000,188,080 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\symtdi.sys -- (SYMTDI)
DRV - [2010/08/31 09:05:49 | 000,026,416 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\symredrv.sys -- (SYMREDRV)
DRV - [2010/08/31 09:05:48 | 000,023,888 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\COH_Mon.sys -- (COH_Mon)
DRV - [2010/08/19 14:56:38 | 000,022,448 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Program Files\VMware\VMware Player\vstor2-ws60.sys -- (vstor2-ws60)
DRV - [2010/01/28 14:34:32 | 000,102,528 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ewusbmdm.sys -- (hwdatacard)
DRV - [2010/01/28 08:25:06 | 000,058,600 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nvhda32.sys -- (NVHDA)
DRV - [2010/01/22 17:59:24 | 000,239,664 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Apfiltr.sys -- (ApfiltrService)
DRV - [2010/01/18 09:56:26 | 000,042,672 | ---- | M] (ST Microelectronics) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Accelern.sys -- (Acceler)
DRV - [2010/01/18 09:56:26 | 000,017,072 | ---- | M] (ST Microelectronics) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\stdfltn.sys -- (stdflt)
DRV - [2009/12/10 11:33:34 | 000,167,080 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\e1k5132.sys -- (e1kexpress)
DRV - [2009/12/03 14:30:42 | 001,656,246 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sthda.sys -- (STHDA)
DRV - [2009/11/03 18:40:42 | 000,033,832 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\cvusbdrv.sys -- (cvusbdrv)
DRV - [2009/10/28 19:55:00 | 000,047,616 | ---- | M] (REDC) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\risdpe86.sys -- (risdpcie)
DRV - [2009/10/26 22:39:04 | 000,125,696 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Impcd.sys -- (Impcd)
DRV - [2009/09/17 16:54:14 | 000,041,088 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\HECI.sys -- (HECI)
DRV - [2009/09/15 13:34:10 | 005,977,216 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NETw5x32.sys -- (NETw5x32)
DRV - [2009/08/10 02:46:38 | 000,013,952 | ---- | M] (Intel Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\s24trans.sys -- (s24trans)
DRV - [2009/06/25 18:58:00 | 000,048,128 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2009/05/21 11:48:10 | 000,029,184 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbccid.sys -- (USBCCID)
DRV - [2009/04/22 00:13:34 | 000,113,664 | ---- | M] (Andrea Electronics Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AESTAud.sys -- (AESTAud)
DRV - [2009/04/08 12:32:50 | 000,116,224 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\IntcHdmi.sys -- (IntcHdmiAddService)
DRV - [2009/03/30 05:09:28 | 000,239,336 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\RsFx0103.sys -- (RsFx0103)
DRV - [2008/07/10 04:49:14 | 000,242,712 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\RsFx0102.sys -- (RsFx0102)
DRV - [2008/06/04 15:14:00 | 000,026,608 | ---- | M] (Dell Inc) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\PBADRV.sys -- (PBADRV)
DRV - [2008/03/19 16:26:24 | 000,175,104 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\b57xp32.sys -- (b57w2k)
DRV - [2007/04/23 06:09:58 | 000,024,176 | ---- | M] (Cisco Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\vpnva.sys -- (vpnva)
DRV - [2007/02/15 19:00:00 | 000,026,624 | ---- | M] (DameWare) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\dwvkbd.sys -- (dwvkbd)
DRV - [2007/02/07 19:00:00 | 000,003,712 | ---- | M] (DameWare Development, LLC) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\DamewareMini.sys -- (DwMirror)
DRV - [2002/12/17 14:32:58 | 000,061,424 | ---- | M] (Roxio) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\cdr4_xp.sys -- (Cdr4_xp)
DRV - [2002/12/17 14:32:46 | 000,023,436 | ---- | M] (Roxio) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\cdralw2k.sys -- (Cdralw2k)
DRV - [2002/12/17 14:27:32 | 000,241,152 | ---- | M] (Roxio) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\cdudf_xp.sys -- (cdudf_xp)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...ferrer:source?}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://home.insidemi...es/default.aspx
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://home.insidemi...es/default.aspx
IE - HKCU\..\SearchScopes,DefaultScope = {61379D91-5CD9-4E9F-B278-F095B524A519}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{5F970FDE-702B-4ef9-920C-5F2848A5AF26}: "URL" = http://www.astroburn...q={searchTerms}
IE - HKCU\..\SearchScopes\{61379D91-5CD9-4E9F-B278-F095B524A519}: "URL" = http://www.google.co...utputEncoding?}
IE - HKCU\..\SearchScopes\{AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8}: "URL" = http://www.daemon-se...q={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "Web Search"
FF - prefs.js..browser.search.order.1: "Web Search"
FF - prefs.js..browser.search.order.2: "Google"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "http://www.gmail.com/"
FF - prefs.js..extensions.enabledAddons: [email protected]:1.19.1
FF - prefs.js..extensions.enabledItems: [email protected]:1.2
FF - prefs.js..extensions.enabledItems: {4F939292-0EB6-4F55-BC24-ABBB08E53DC7}:1.9.1
FF - prefs.js..extensions.enabledItems: {D9ADB0A8-7BFB-498D-9880-EE78A81CCFA0}:1.0
FF - prefs.js..extensions.enabledItems: [email protected]:3.11.3.100010
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: [email protected]:1.1
FF - prefs.js..extensions.enabledItems: {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}:5.7.0.8773
FF - prefs.js..extensions.enabledItems: [email protected]:1.20.00
FF - prefs.js..network.proxy.type: 0
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_2_202_235.dll ()
FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf: C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.1: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.1: C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\kkalidin\Local Settings\Application Data\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\kkalidin\Local Settings\Application Data\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{4F939292-0EB6-4F55-BC24-ABBB08E53DC7}: C:\Documents and Settings\kkalidin\Local Settings\Application Data\{4F939292-0EB6-4F55-BC24-ABBB08E53DC7} [2011/03/09 19:45:41 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/09/19 21:00:50 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/07/21 22:41:24 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\WebEx\Productivity Tools\ [2012/09/22 09:10:18 | 000,000,000 | ---D | M]
[2011/03/08 16:24:52 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\kkalidin\Application Data\Mozilla\Extensions
[2012/05/02 21:27:39 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\kkalidin\Application Data\Mozilla\Firefox\Profiles\xu2c3e0b.default\extensions
[2011/03/10 12:03:27 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\kkalidin\Application Data\Mozilla\Firefox\Profiles\xu2c3e0b.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2012/04/25 21:54:28 | 000,000,000 | ---D | M] (British English Dictionary) -- C:\Documents and Settings\kkalidin\Application Data\Mozilla\Firefox\Profiles\xu2c3e0b.default\extensions\[email protected]
[2011/11/28 14:13:08 | 000,000,000 | ---D | M] (Yontoo Layers) -- C:\Documents and Settings\kkalidin\Application Data\Mozilla\Firefox\Profiles\xu2c3e0b.default\extensions\[email protected]
[2012/02/03 12:31:07 | 000,000,000 | ---D | M] ("Ask Toolbar") -- C:\Documents and Settings\kkalidin\Application Data\Mozilla\Firefox\Profiles\xu2c3e0b.default\extensions\[email protected]
[2011/03/13 15:01:27 | 000,002,071 | ---- | M] () -- C:\Documents and Settings\kkalidin\Application Data\Mozilla\Firefox\Profiles\xu2c3e0b.default\searchplugins\absearch-search.xml
[2011/03/13 14:45:36 | 000,002,059 | ---- | M] () -- C:\Documents and Settings\kkalidin\Application Data\Mozilla\Firefox\Profiles\xu2c3e0b.default\searchplugins\daemon-search.xml
[2012/09/19 21:00:58 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012/08/29 21:30:23 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2011/03/30 13:03:17 | 000,000,000 | ---D | M] (QuestBrowse) -- C:\Program Files\Mozilla Firefox\extensions\{D9ADB0A8-7BFB-498D-9880-EE78A81CCFA0}
[2012/09/19 21:00:50 | 000,266,720 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011/04/25 03:58:10 | 000,124,864 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files\mozilla firefox\plugins\CCMSDK.dll
[2011/04/25 04:00:08 | 000,071,104 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files\mozilla firefox\plugins\CgpCore.dll
[2011/04/25 03:59:06 | 000,092,096 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files\mozilla firefox\plugins\confmgr.dll
[2011/04/25 03:58:38 | 000,022,976 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files\mozilla firefox\plugins\ctxlogging.dll
[2011/04/25 04:49:00 | 000,485,288 | ---- | M] () -- C:\Program Files\mozilla firefox\plugins\npicaN.dll
[2011/04/25 04:00:04 | 000,024,512 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files\mozilla firefox\plugins\TcpPServ.dll
[2012/09/19 21:00:44 | 000,001,525 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-en-GB.xml
[2012/09/19 21:00:44 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012/09/19 21:00:44 | 000,000,935 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\chambers-en-GB.xml
[2012/09/19 21:00:44 | 000,001,166 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-en-GB.xml
[2012/09/19 21:00:44 | 000,002,253 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml
[2012/09/19 21:00:44 | 000,001,121 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-en-GB.xml
========== Chrome ==========
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - homepage: http://www.google.com/
CHR - plugin: Shockwave Flash (Enabled) = C:\Documents and Settings\kkalidin\Local Settings\Application Data\Google\Chrome\Application\17.0.963.66\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Java Deployment Toolkit 6.0.240.7 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java™ Platform SE 6 U24 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Documents and Settings\kkalidin\Local Settings\Application Data\Google\Chrome\Application\17.0.963.66\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Documents and Settings\kkalidin\Local Settings\Application Data\Google\Chrome\Application\17.0.963.66\pdf.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Google Update (Enabled) = C:\Documents and Settings\kkalidin\Local Settings\Application Data\Google\Update\1.3.21.79\npGoogleUpdate3.dll
CHR - plugin: Foxit Reader Plugin for Mozilla (Enabled) = C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
O1 HOSTS File: ([2011/10/26 20:50:54 | 000,000,797 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 10.80.58.17 maillonfin01
O1 - Hosts: 10.119.200.238 home.insidemisys.com
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (WebEx Productivity Tools) - {90E2BA2E-DD1B-4cde-9134-7A8B86D33CA7} - C:\Program Files\WebEx\Productivity Tools\ptonecli.dll ()
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Yontoo Layers) - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files\Yontoo Layers Runtime\YontooIEClient.dll (Yontoo LLC)
O3 - HKLM\..\Toolbar: (WebEx Productivity Tools) - {90E2BA2E-DD1B-4cde-9134-7A8B86D33CA7} - C:\Program Files\WebEx\Productivity Tools\ptonecli.dll ()
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O4 - HKLM..\Run: [AdaptecDirectCD] C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe (Roxio)
O4 - HKLM..\Run: [AESTFltr] C:\WINDOWS\System32\AESTFltr.exe (Andrea Electronics Corporation)
O4 - HKLM..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe (Alps Electric Co., Ltd.)
O4 - HKLM..\Run: [BCSSync] C:\Program Files\Microsoft Office\Office14\BCSSync.exe (Microsoft Corporation)
O4 - HKLM..\Run: [ccApp] C:\Program Files\Common Files\Symantec Shared\ccApp.exe (Symantec Corporation)
O4 - HKLM..\Run: [Client Access Service] C:\Program Files\IBM\Client Access\cwbsvstr.exe (IBM Corporation)
O4 - HKLM..\Run: [ConnectionCenter] C:\Program Files\Citrix\ICA Client\concentr.exe (Citrix Systems, Inc.)
O4 - HKLM..\Run: [DameWare MRC Agent] C:\WINDOWS\system32\DWRCST.EXE (DameWare Development)
O4 - HKLM..\Run: [IMSS] C:\Program Files\Intel\Intel® Management Engine Components\IMSS\PIconStartup.exe ()
O4 - HKLM..\Run: [IntelWireless] C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe (Intel® Corporation)
O4 - HKLM..\Run: [IntelZeroConfig] C:\Program Files\Intel\WiFi\bin\ZCfgSvc.exe (Intel® Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NVHotkey] C:\WINDOWS\System32\nvhotkey.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray.exe (IDT, Inc.)
O4 - HKLM..\Run: [UniPrint] C:\Program Files\UniPrint\Client\SetDfltSettings.exe (INGENICA UK Ltd.)
O4 - HKLM..\Run: [VMware hqtray] C:\Program Files\VMware\VMware Player\hqtray.exe (VMware, Inc.)
O4 - HKCU..\Run: [OfficeSyncProcess] C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE (Microsoft Corporation)
O4 - HKCU..\Run: [PTIM.exe] C:\Program Files\WebEx\Productivity Tools\PTIM.exe (WebEx Communications, Inc)
O4 - HKCU..\Run: [PTOneClick] C:\Program Files\WebEx\Productivity Tools\ptoneclk.exe (Cisco WebEx LLC)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe (McAfee, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE (WinZip Computing, S.L.)
O4 - Startup: C:\Documents and Settings\kkalidin\Start Menu\Programs\Startup\Dropbox.lnk = C:\Documents and Settings\kkalidin\Application Data\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O4 - Startup: C:\Documents and Settings\kkalidin\Start Menu\Programs\Startup\Microsoft SharePoint Workspace.lnk = C:\Program Files\Microsoft Office\Office14\GROOVE.EXE (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\kkalidin\Start Menu\Programs\Startup\Update Tool Notifier.exe (Oracle Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000022 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000023 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000024 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000025 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000026 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000027 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000028 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000029 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000030 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000031 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000032 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000033 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000034 - C:\Program Files\VMware\VMware Player\vsocklib.dll (VMware, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000035 - C:\Program Files\VMware\VMware Player\vsocklib.dll (VMware, Inc.)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.micr...heckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {264AED84-12F1-4CA1-8AA7-EB939AE58D8D} https://ukra.misys.c...ries/stcweb.cab (STCWeb Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {8D9563A9-8D5F-459B-87F2-BA842255CB9A} https://hosted.fdmgr.../WhlCompMgr.cab (Forefront UAG client components)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} https://misys.webex....bex/ieatgpc.cab (GpcContainer Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = misys.global.ad
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{44875CB9-B5C7-4B80-8204-9ADFB43D37D2}: DhcpNameServer = 10.113.200.16 10.113.200.17
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{51EB6E47-05AF-4746-8753-F9B204995CC0}: DhcpNameServer = 192.168.0.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Filter\application/x-ica {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=euc-jp {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=ISO-8859-1 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=MS936 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=MS949 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=MS950 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=UTF8 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=UTF-8 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=euc-jp {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=ISO-8859-1 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=MS936 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=MS949 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=MS950 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=UTF8 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=UTF-8 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\ica {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O20 - AppInit_DLLs: (AMINIT32.DLL) - C:\WINDOWS\System32\AMInit32.dll (Altiris Inc)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011/01/19 14:18:21 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\##10.80.58.117#Third-party#Microsoft#SQL Server 2005 SP2#Sql Server 32bit\Shell - "" = AutoRun
O33 - MountPoints2\##10.80.58.117#Third-party#Microsoft#SQL Server 2005 SP2#Sql Server 32bit\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\##10.80.58.117#Third-party#Microsoft#SQL Server 2005 SP2#Sql Server 32bit\Shell\AutoRun\command - "" = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL splash.hta
O33 - MountPoints2\{12345b9d-27c9-11e1-9c14-005056c00008}\Shell - "" = AutoRun
O33 - MountPoints2\{12345b9d-27c9-11e1-9c14-005056c00008}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{12345b9d-27c9-11e1-9c14-005056c00008}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{14f61bca-7563-11e0-90b4-005056c00008}\Shell - "" = AutoRun
O33 - MountPoints2\{14f61bca-7563-11e0-90b4-005056c00008}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{14f61bca-7563-11e0-90b4-005056c00008}\Shell\AutoRun\command - "" = H:\AutoRun.exe
O33 - MountPoints2\{14f61bcc-7563-11e0-90b4-005056c00008}\Shell - "" = AutoRun
O33 - MountPoints2\{14f61bcc-7563-11e0-90b4-005056c00008}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{14f61bcc-7563-11e0-90b4-005056c00008}\Shell\AutoRun\command - "" = H:\AutoRun.exe
O33 - MountPoints2\{de0f6349-592f-11e0-9629-005056c00008}\Shell - "" = AutoRun
O33 - MountPoints2\{de0f6349-592f-11e0-9629-005056c00008}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{de0f6349-592f-11e0-9629-005056c00008}\Shell\AutoRun\command - "" = H:\LaunchU3.exe -a
O33 - MountPoints2\{fc3a436f-4afc-11e0-8101-001f3c20604f}\Shell\AutoRun\command - "" = F:\Setup.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
========== Files/Folders - Created Within 30 Days ==========
[2012/09/25 10:12:09 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\kkalidin\Desktop\OTL.exe
[2012/09/25 09:57:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2012/09/25 09:57:03 | 000,000,000 | ---D | C] -- C:\Program Files\SpywareBlaster
[2012/09/25 09:57:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\SpywareBlaster
[2012/09/23 08:11:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Macromedia
[2012/09/23 08:11:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Adobe
[2012/09/23 07:54:48 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2012/09/23 07:33:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\kkalidin\Local Settings\Application Data\PCHealth
[2012/09/21 00:46:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\kkalidin\My Documents\BC
[2012/09/19 21:01:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Mozilla
[2012/09/19 21:00:59 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Maintenance Service
[2012/09/16 20:56:24 | 000,000,000 | ---D | C] -- C:\.cpanm
[2012/09/08 12:23:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\kkalidin\Application Data\TeamViewer
[2012/09/08 12:23:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\TeamViewer 7
[2012/09/08 12:23:02 | 000,000,000 | ---D | C] -- C:\Program Files\TeamViewer
[2012/09/03 23:35:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Media Player - Codec Pack
[2012/09/03 23:35:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\C2MP
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2012/09/25 13:17:12 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012/09/25 13:11:06 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012/09/25 10:46:21 | 000,001,324 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2012/09/25 10:12:10 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\kkalidin\Desktop\OTL.exe
[2012/09/25 09:57:03 | 000,000,754 | ---- | M] () -- C:\Documents and Settings\kkalidin\Desktop\SpywareBlaster.lnk
[2012/09/23 08:05:19 | 000,268,600 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012/09/23 07:50:10 | 000,000,990 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1914378695-1302515424-3380946746-96952UA.job
[2012/09/22 18:07:20 | 000,000,697 | R--- | M] () -- C:\Documents and Settings\kkalidin\My Documents\dataset_hlr.csv
[2012/09/22 17:26:06 | 000,000,604 | ---- | M] () -- C:\WINDOWS\tasks\Cardano_MktImport_Paste_Prod.job
[2012/09/22 17:25:30 | 000,000,516 | ---- | M] () -- C:\WINDOWS\tasks\Microsoft Office Excel 2003.job
[2012/09/22 09:20:15 | 000,000,516 | ---- | M] () -- C:\Documents and Settings\kkalidin\My Documents\RobotUA.pl
[2012/09/22 09:13:04 | 000,000,390 | ---- | M] () -- C:\Documents and Settings\kkalidin\My Documents\RobotUA_OLD.pl
[2012/09/22 08:50:00 | 000,000,938 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1914378695-1302515424-3380946746-96952Core.job
[2012/09/22 08:48:06 | 000,000,293 | ---- | M] () -- C:\Documents and Settings\kkalidin\My Documents\UserAgent.pl
[2012/09/22 08:27:37 | 000,000,742 | ---- | M] () -- C:\Documents and Settings\kkalidin\Desktop\Notepad++.lnk
[2012/09/16 20:46:51 | 000,132,382 | ---- | M] () -- C:\Documents and Settings\kkalidin\My Documents\libwww-perl-6.04.tar.gz
[2012/09/08 12:23:06 | 000,000,815 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\TeamViewer 7.lnk
[2012/09/08 05:10:26 | 000,167,936 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\wpshelper.sys
[2012/09/04 21:47:16 | 000,002,309 | ---- | M] () -- C:\Documents and Settings\kkalidin\Desktop\Google Chrome.lnk
[2012/09/04 21:47:16 | 000,002,287 | ---- | M] () -- C:\Documents and Settings\kkalidin\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2012/09/03 21:32:29 | 000,000,804 | ---- | M] () -- C:\Documents and Settings\kkalidin\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files Created - No Company Name ==========
[2012/09/25 09:57:03 | 000,000,754 | ---- | C] () -- C:\Documents and Settings\kkalidin\Desktop\SpywareBlaster.lnk
[2012/09/22 18:07:32 | 000,000,697 | R--- | C] () -- C:\Documents and Settings\kkalidin\My Documents\dataset_hlr.csv
[2012/09/22 09:12:40 | 000,000,390 | ---- | C] () -- C:\Documents and Settings\kkalidin\My Documents\RobotUA_OLD.pl
[2012/09/22 09:09:21 | 000,000,516 | ---- | C] () -- C:\Documents and Settings\kkalidin\My Documents\RobotUA.pl
[2012/09/22 08:48:06 | 000,000,293 | ---- | C] () -- C:\Documents and Settings\kkalidin\My Documents\UserAgent.pl
[2012/09/22 08:27:37 | 000,000,742 | ---- | C] () -- C:\Documents and Settings\kkalidin\Desktop\Notepad++.lnk
[2012/09/16 20:46:49 | 000,132,382 | ---- | C] () -- C:\Documents and Settings\kkalidin\My Documents\libwww-perl-6.04.tar.gz
[2012/09/08 12:23:06 | 000,000,815 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\TeamViewer 7.lnk
[2012/09/03 21:32:28 | 000,000,804 | ---- | C] () -- C:\Documents and Settings\kkalidin\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk
[2012/08/21 05:15:22 | 003,978,240 | ---- | C] () -- C:\WINDOWS\System32\ffmpeg.dll
[2012/08/21 05:14:04 | 000,112,640 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2012/08/21 05:12:48 | 000,271,360 | ---- | C] () -- C:\WINDOWS\System32\TomsMoComp_ff.dll
[2012/08/21 05:12:34 | 000,099,840 | ---- | C] () -- C:\WINDOWS\System32\ff_wmv9.dll
[2012/08/21 05:12:32 | 000,157,184 | ---- | C] () -- C:\WINDOWS\System32\ff_unrar.dll
[2012/08/21 05:12:30 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\ff_libmad.dll
[2012/08/21 05:12:28 | 001,525,760 | ---- | C] () -- C:\WINDOWS\System32\ff_samplerate.dll
[2012/08/21 05:12:28 | 000,211,968 | ---- | C] () -- C:\WINDOWS\System32\ff_libdts.dll
[2012/08/21 05:12:28 | 000,114,688 | ---- | C] () -- C:\WINDOWS\System32\ff_liba52.dll
[2012/08/21 05:12:24 | 000,330,240 | ---- | C] () -- C:\WINDOWS\System32\ff_libfaad2.dll
[2012/08/01 01:16:50 | 000,000,263 | ---- | C] () -- C:\Documents and Settings\kkalidin\heat.settings
[2012/07/24 01:03:07 | 000,000,008 | RH-- | C] () -- C:\Documents and Settings\kkalidin\hwid
[2012/07/21 21:55:43 | 000,000,108 | ---- | C] () -- C:\Documents and Settings\kkalidin\.asadminpass
[2012/07/19 20:56:08 | 000,172,544 | ---- | C] () -- C:\WINDOWS\System32\libbluray.dll
[2012/07/19 20:56:02 | 006,894,331 | ---- | C] () -- C:\WINDOWS\System32\avcodec-lav-54.dll
[2012/07/19 20:56:02 | 001,111,581 | ---- | C] () -- C:\WINDOWS\System32\avformat-lav-54.dll
[2012/07/19 20:56:02 | 000,401,685 | ---- | C] () -- C:\WINDOWS\System32\swscale-lav-2.dll
[2012/07/19 20:56:02 | 000,232,895 | ---- | C] () -- C:\WINDOWS\System32\avutil-lav-51.dll
[2012/07/19 20:56:02 | 000,162,743 | ---- | C] () -- C:\WINDOWS\System32\avfilter-lav-3.dll
[2012/07/19 20:56:02 | 000,101,820 | ---- | C] () -- C:\WINDOWS\System32\avresample-lav-0.dll
[2012/06/17 23:15:04 | 000,198,144 | ---- | C] () -- C:\WINDOWS\System32\spdif_test.exe
[2012/06/17 23:14:58 | 000,097,792 | ---- | C] () -- C:\WINDOWS\System32\ac3config.exe
[2012/06/17 23:14:42 | 001,021,440 | ---- | C] () -- C:\WINDOWS\System32\ac3filter_intl.dll
[2012/05/13 00:42:16 | 001,272,320 | ---- | C] () -- C:\WINDOWS\System32\avcodec-53.dll
[2012/05/13 00:42:16 | 000,146,432 | ---- | C] () -- C:\WINDOWS\System32\avutil-51.dll
[2012/03/14 12:02:39 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2011/12/26 22:29:37 | 000,601,448 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-S-1-5-21-1914378695-1302515424-3380946746-96952-0.dat
[2011/12/26 22:29:36 | 000,282,662 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat
[2011/12/07 21:32:24 | 000,216,064 | ---- | C] ( ) -- C:\WINDOWS\System32\Lagarith.dll
[2011/12/05 20:22:35 | 000,001,324 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011/10/26 20:50:54 | 000,032,768 | ---- | C] () -- C:\Documents and Settings\kkalidin\WebVpnRegKey6-ukra-misys-com.dll
[2011/09/08 16:00:52 | 000,150,528 | ---- | C] () -- C:\WINDOWS\System32\mkx.dll
[2011/09/08 16:00:48 | 000,142,336 | ---- | C] () -- C:\WINDOWS\System32\mp4.dll
[2011/09/08 16:00:42 | 000,123,392 | ---- | C] () -- C:\WINDOWS\System32\ogm.dll
[2011/09/08 16:00:38 | 000,249,856 | ---- | C] () -- C:\WINDOWS\System32\dxr.dll
[2011/09/08 16:00:34 | 000,113,152 | ---- | C] () -- C:\WINDOWS\System32\dsmux.exe
[2011/09/08 16:00:24 | 000,154,624 | ---- | C] () -- C:\WINDOWS\System32\ts.dll
[2011/09/08 16:00:10 | 000,137,728 | ---- | C] () -- C:\WINDOWS\System32\mkv2vfr.exe
[2011/09/08 16:00:06 | 000,358,400 | ---- | C] () -- C:\WINDOWS\System32\gdsmux.exe
[2011/09/08 15:59:54 | 000,080,384 | ---- | C] () -- C:\WINDOWS\System32\mkzlib.dll
[2011/09/08 15:59:52 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\mkunicode.dll
[2011/09/01 13:14:34 | 000,000,600 | ---- | C] () -- C:\Documents and Settings\kkalidin\Application Data\winscp.rnd
[2011/08/16 11:17:46 | 000,000,600 | ---- | C] () -- C:\Documents and Settings\kkalidin\Local Settings\Application Data\PUTTY.RND
[2011/06/01 12:27:19 | 000,006,268 | ---- | C] () -- C:\Documents and Settings\kkalidin\20110425_IMPORT_EQUITY_DAILY.mkt
[2011/06/01 12:27:19 | 000,005,568 | ---- | C] () -- C:\Documents and Settings\kkalidin\20110425_IMPORT_EQUITY_PRICE.mkt
[2011/06/01 12:27:19 | 000,000,879 | ---- | C] () -- C:\Documents and Settings\kkalidin\20110425_IMPORT_IR.mkt
[2011/06/01 12:27:19 | 000,000,270 | ---- | C] () -- C:\Documents and Settings\kkalidin\20110425_IMPORT_RPI.mkt
[2011/06/01 12:27:18 | 000,001,379 | ---- | C] () -- C:\Documents and Settings\kkalidin\20110425_IMPORT_GILTS.mkt
[2011/06/01 12:27:18 | 000,000,526 | ---- | C] () -- C:\Documents and Settings\kkalidin\20110425_IMPORT_FX_RATE.mkt
[2011/06/01 11:07:03 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\kkalidin\20110601_IMPORT_FX_RATE.mkt
[2011/05/31 19:05:26 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\kkalidin\_IMPORT_FX_RATE.mkt
[2011/05/31 18:34:30 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\kkalidin\20110531_IMPORT_FX_RATE.mkt
[2011/05/30 15:42:50 | 000,240,640 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2011/05/23 09:46:30 | 000,645,632 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2011/05/03 17:36:02 | 000,071,259 | ---- | C] () -- C:\WINDOWS\Huawei ModemsUninstall.exe
[2011/04/15 16:25:14 | 000,005,974 | ---- | C] () -- C:\Documents and Settings\kkalidin\20110331_IMPORT_EQUITY_DAILY.mkt
[2011/04/15 16:25:14 | 000,005,274 | ---- | C] () -- C:\Documents and Settings\kkalidin\20110331_IMPORT_EQUITY_PRICE.mkt
[2011/04/15 16:25:14 | 000,000,893 | ---- | C] () -- C:\Documents and Settings\kkalidin\20110331_IMPORT_IR.mkt
[2011/04/15 16:25:14 | 000,000,270 | ---- | C] () -- C:\Documents and Settings\kkalidin\20110331_IMPORT_RPI.mkt
[2011/04/15 16:25:13 | 000,001,355 | ---- | C] () -- C:\Documents and Settings\kkalidin\20110331_IMPORT_GILTS.mkt
[2011/04/15 16:25:13 | 000,000,472 | ---- | C] () -- C:\Documents and Settings\kkalidin\20110331_IMPORT_FX_RATE.mkt
[2011/04/15 11:44:41 | 000,006,268 | ---- | C] () -- C:\Documents and Settings\kkalidin\20110413_IMPORT_EQUITY_DAILY.mkt
[2011/04/15 11:44:41 | 000,005,568 | ---- | C] () -- C:\Documents and Settings\kkalidin\20110413_IMPORT_EQUITY_PRICE.mkt
[2011/04/15 11:44:41 | 000,000,879 | ---- | C] () -- C:\Documents and Settings\kkalidin\20110413_IMPORT_IR.mkt
[2011/04/15 11:44:41 | 000,000,270 | ---- | C] () -- C:\Documents and Settings\kkalidin\20110413_IMPORT_RPI.mkt
[2011/04/15 11:44:40 | 000,001,379 | ---- | C] () -- C:\Documents and Settings\kkalidin\20110413_IMPORT_GILTS.mkt
[2011/04/15 11:44:40 | 000,000,526 | ---- | C] () -- C:\Documents and Settings\kkalidin\20110413_IMPORT_FX_RATE.mkt
[2011/04/15 11:35:54 | 000,006,268 | ---- | C] () -- C:\Documents and Settings\kkalidin\20110415_IMPORT_EQUITY_DAILY.mkt
[2011/04/15 11:35:54 | 000,005,568 | ---- | C] () -- C:\Documents and Settings\kkalidin\20110415_IMPORT_EQUITY_PRICE.mkt
[2011/04/15 11:35:54 | 000,000,879 | ---- | C] () -- C:\Documents and Settings\kkalidin\20110415_IMPORT_IR.mkt
[2011/04/15 11:35:54 | 000,000,270 | ---- | C] () -- C:\Documents and Settings\kkalidin\20110415_IMPORT_RPI.mkt
[2011/04/15 11:35:53 | 000,001,379 | ---- | C] () -- C:\Documents and Settings\kkalidin\20110415_IMPORT_GILTS.mkt
[2011/04/15 11:35:53 | 000,000,526 | ---- | C] () -- C:\Documents and Settings\kkalidin\20110415_IMPORT_FX_RATE.mkt
[2011/04/15 11:28:24 | 000,005,974 | ---- | C] () -- C:\Documents and Settings\kkalidin\2011_15_04_IMPORT_EQUITY_DAILY.mkt
[2011/04/15 11:28:24 | 000,005,274 | ---- | C] () -- C:\Documents and Settings\kkalidin\2011_15_04_IMPORT_EQUITY_PRICE.mkt
[2011/04/15 11:28:24 | 000,000,893 | ---- | C] () -- C:\Documents and Settings\kkalidin\2011_15_04_IMPORT_IR.mkt
[2011/04/15 11:28:24 | 000,000,270 | ---- | C] () -- C:\Documents and Settings\kkalidin\2011_15_04_IMPORT_RPI.mkt
[2011/04/15 11:28:23 | 000,001,379 | ---- | C] () -- C:\Documents and Settings\kkalidin\2011_15_04_IMPORT_GILTS.mkt
[2011/04/15 11:28:23 | 000,000,472 | ---- | C] () -- C:\Documents and Settings\kkalidin\2011_15_04_IMPORT_FX_RATE.mkt
[2011/04/14 17:12:50 | 000,006,268 | ---- | C] () -- C:\Documents and Settings\kkalidin\20110414_IMPORT_EQUITY_DAILY.mkt
[2011/04/14 17:12:50 | 000,005,568 | ---- | C] () -- C:\Documents and Settings\kkalidin\20110414_IMPORT_EQUITY_PRICE.mkt
[2011/04/14 17:12:50 | 000,000,535 | ---- | C] () -- C:\Documents and Settings\kkalidin\20110414_IMPORT_IR.mkt
[2011/04/14 17:12:50 | 000,000,270 | ---- | C] () -- C:\Documents and Settings\kkalidin\20110414_IMPORT_RPI.mkt
[2011/04/14 17:12:49 | 000,001,407 | ---- | C] () -- C:\Documents and Settings\kkalidin\20110414_IMPORT_GILTS.mkt
[2011/04/14 17:12:49 | 000,000,487 | ---- | C] () -- C:\Documents and Settings\kkalidin\20110414_IMPORT_FX_RATE.mkt
[2011/04/14 12:44:54 | 000,006,268 | ---- | C] () -- C:\Documents and Settings\kkalidin\2011_14_04_IMPORT_EQUITY_DAILY.mkt
[2011/04/14 12:44:54 | 000,005,568 | ---- | C] () -- C:\Documents and Settings\kkalidin\2011_14_04_IMPORT_EQUITY_PRICE.mkt
[2011/04/14 12:44:54 | 000,000,535 | ---- | C] () -- C:\Documents and Settings\kkalidin\2011_14_04_IMPORT_IR.mkt
[2011/04/14 12:44:54 | 000,000,270 | ---- | C] () -- C:\Documents and Settings\kkalidin\2011_14_04_IMPORT_RPI.mkt
[2011/04/14 12:44:52 | 000,001,407 | ---- | C] () -- C:\Documents and Settings\kkalidin\2011_14_04_IMPORT_GILTS.mkt
[2011/04/14 12:44:52 | 000,000,487 | ---- | C] () -- C:\Documents and Settings\kkalidin\2011_14_04_IMPORT_FX_RATE.mkt
[2011/04/13 17:10:18 | 000,001,407 | ---- | C] () -- C:\Documents and Settings\kkalidin\2011_13_04_IMPORT_GILTS.mkt
[2011/04/13 17:10:18 | 000,001,297 | ---- | C] () -- C:\Documents and Settings\kkalidin\2011_13_04_IMPORT_EQUITY_DAILY.mkt
[2011/04/13 17:10:18 | 000,001,187 | ---- | C] () -- C:\Documents and Settings\kkalidin\2011_13_04_IMPORT_EQUITY_PRICE.mkt
[2011/04/13 17:10:18 | 000,000,535 | ---- | C] () -- C:\Documents and Settings\kkalidin\2011_13_04_IMPORT_IR.mkt
[2011/04/13 17:10:18 | 000,000,229 | ---- | C] () -- C:\Documents and Settings\kkalidin\2011_13_04_IMPORT_FX_RATE.mkt
[2011/04/13 17:10:18 | 000,000,134 | ---- | C] () -- C:\Documents and Settings\kkalidin\2011_13_04_IMPORT_RPI.mkt
[2011/03/09 19:45:42 | 000,000,120 | ---- | C] () -- C:\WINDOWS\Mxeyofepoh.dat
[2011/03/09 19:45:42 | 000,000,000 | ---- | C] () -- C:\WINDOWS\Krihup.bin
[2011/03/08 18:49:25 | 000,021,791 | ---- | C] () -- C:\WINDOWS\System32\smtpctrs.ini
[2011/03/08 18:49:25 | 000,001,037 | ---- | C] () -- C:\WINDOWS\System32\ntfsdrct.ini
[2011/03/08 18:49:04 | 000,038,576 | ---- | C] () -- C:\WINDOWS\System32\w3ctrs.ini
[2011/03/08 18:49:04 | 000,010,225 | ---- | C] () -- C:\WINDOWS\System32\axperf.ini
[2011/03/08 18:49:02 | 000,011,435 | ---- | C] () -- C:\WINDOWS\System32\infoctrs.ini
[2011/03/08 16:24:12 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2011/03/07 19:30:13 | 000,035,994 | RHS- | C] () -- C:\Documents and Settings\kkalidin\ntuser.pol
[2011/03/07 19:24:28 | 000,009,644 | RHS- | C] () -- C:\Documents and Settings\All Users\ntuser.pol
[2011/03/07 18:26:33 | 000,982,240 | ---- | C] () -- C:\WINDOWS\System32\igkrng500.bin
[2011/03/07 18:26:32 | 000,004,096 | ---- | C] ( ) -- C:\WINDOWS\System32\IGFXDEVLib.dll
[2011/03/07 18:26:32 | 000,000,151 | ---- | C] () -- C:\WINDOWS\System32\GfxUI.exe.config
[2011/03/07 18:26:31 | 000,439,308 | ---- | C] () -- C:\WINDOWS\System32\igcompkrng500.bin
[2011/03/03 13:39:56 | 000,109,568 | ---- | C] () -- C:\WINDOWS\System32\avi.dll
[2011/03/03 13:38:10 | 000,097,792 | ---- | C] () -- C:\WINDOWS\System32\avs.dll
[2011/03/03 13:37:50 | 000,093,184 | ---- | C] () -- C:\WINDOWS\System32\avss.dll
[2011/01/19 16:57:16 | 000,087,552 | ---- | C] () -- C:\WINDOWS\System32\cpwmon2k.dll
[2011/01/19 16:47:19 | 000,000,497 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2011/01/19 16:29:59 | 000,000,036 | ---- | C] () -- C:\WINDOWS\Webica.ini
[2011/01/19 15:09:22 | 000,308,624 | ---- | C] () -- C:\WINDOWS\System32\brcmbsp.dll
[2011/01/19 15:09:22 | 000,206,216 | ---- | C] () -- C:\WINDOWS\System32\bipbsp.dll
[2011/01/19 15:05:46 | 000,080,368 | ---- | C] () -- C:\WINDOWS\System32\pbadrvdll.dll
[2011/01/19 14:54:04 | 000,031,871 | ---- | C] () -- C:\WINDOWS\System32\nvModes.dat
[2011/01/19 14:51:35 | 001,589,414 | ---- | C] () -- C:\WINDOWS\System32\nvdata.bin
[2011/01/19 14:21:30 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2011/01/19 14:14:32 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2011/01/19 14:05:12 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2011/01/19 14:03:53 | 000,268,600 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
========== ZeroAccess Check ==========
[2012/09/23 00:35:44 | 000,002,048 | -HS- | M] () -- C:\RECYCLER\S-1-5-18\$ff2caa1aa22dfcfd966705d0cb61f720\@
[2012/09/23 00:35:44 | 000,077,312 | -HS- | M] () -- C:\RECYCLER\S-1-5-18\$ff2caa1aa22dfcfd966705d0cb61f720\n
[2012/09/23 00:35:44 | 000,000,000 | -HSD | M] -- C:\RECYCLER\S-1-5-18\$ff2caa1aa22dfcfd966705d0cb61f720\L
[2012/09/25 13:41:05 | 000,000,000 | -HSD | M] -- C:\RECYCLER\S-1-5-18\$ff2caa1aa22dfcfd966705d0cb61f720\U
[2012/09/25 08:47:25 | 000,000,804 | ---- | M] () -- C:\RECYCLER\S-1-5-18\$ff2caa1aa22dfcfd966705d0cb61f720\L\00000004.@
[2011/01/19 15:05:22 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini
[2012/09/25 13:15:19 | 000,005,120 | -HS- | M] () -- C:\WINDOWS\assembly\GAC\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
"ThreadingModel" = Both
"" = C:\RECYCLER\S-1-5-21-1914378695-1302515424-3380946746-96952\$ff2caa1aa22dfcfd966705d0cb61f720\n. -- File not found
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2010/11/05 07:05:36 | 001,510,400 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\RECYCLER\S-1-5-18\$ff2caa1aa22dfcfd966705d0cb61f720\n. -- [2012/09/23 00:35:44 | 000,077,312 | -HS- | M] ()
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll\system32\wbem\wbemess.dll
"ThreadingModel" = Apartment
========== LOP Check ==========
[2011/03/13 15:01:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Astroburn Lite
[2011/12/16 19:04:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Birdstep Technology
[2011/01/19 15:08:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Broadcom
[2011/03/07 19:49:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Cisco
[2012/02/08 14:02:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Citrix
[2011/03/14 11:21:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Lite
[2011/03/08 18:52:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\GroupPolicy
[2011/11/22 18:35:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Hummingbird
[2011/01/19 18:06:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\IBM
[2012/04/25 17:28:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MySQL
[2011/11/28 14:13:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Tarma Installer
[2012/09/25 13:21:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2011/01/19 16:54:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WinZip
[2012/01/05 15:35:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\kkalidin\Application Data\Cisco
[2011/03/13 14:59:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\kkalidin\Application Data\DAEMON Tools Lite
[2012/09/23 00:44:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\kkalidin\Application Data\Dropbox
[2012/03/14 13:36:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\kkalidin\Application Data\FileZilla
[2011/03/15 13:40:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\kkalidin\Application Data\Foxit Software
[2012/08/01 01:17:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\kkalidin\Application Data\ghc
[2011/11/22 19:06:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\kkalidin\Application Data\Hummingbird
[2011/03/07 19:31:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\kkalidin\Application Data\IBM
[2012/02/08 14:01:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\kkalidin\Application Data\ICAClient
[2012/04/18 18:45:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\kkalidin\Application Data\IsolatedStorage
[2012/08/26 10:10:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\kkalidin\Application Data\Notepad++
[2012/07/21 22:43:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\kkalidin\Application Data\Oracle
[2012/01/17 17:45:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\kkalidin\Application Data\Scooter Software
[2011/12/06 13:01:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\kkalidin\Application Data\Snip-It Pro
[2012/09/08 13:49:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\kkalidin\Application Data\TeamViewer
[2011/11/28 14:18:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\kkalidin\Application Data\Trillian
[2012/07/21 21:51:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\kkalidin\Application Data\updatetool
[2012/05/21 15:02:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\kkalidin\Application Data\webex
[2012/01/11 20:04:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\kkalidin\Application Data\Windows Desktop Search
[2012/01/20 11:27:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\kkalidin\Application Data\Windows Search
[2012/08/07 00:23:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\kkalidin\Application Data\WinEdt
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 105 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5C321E34
< End of report >
************************************************************************************************************************
Title : OTL.exe Output in Safe Mode
***********************************
OTL logfile created on: 25/09/2012 10:13:56 - Run 1
OTL by OldTimer - Version 3.2.68.0 Folder = C:\Documents and Settings\kkalidin\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy
3.46 Gb Total Physical Memory | 2.49 Gb Available Physical Memory | 71.95% Memory free
5.30 Gb Paging File | 4.53 Gb Available in Paging File | 85.40% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 147.01 Gb Total Space | 60.96 Gb Free Space | 41.47% Space Free | Partition Type: NTFS
Drive D: | 2.00 Gb Total Space | 1.90 Gb Free Space | 95.06% Space Free | Partition Type: FAT32
Computer Name: LONPAD-LFX0XQ4J | User Name: kkalidin | NOT logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2012/09/25 10:12:10 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\kkalidin\Desktop\OTL.exe
PRC - [2012/09/19 21:00:49 | 000,917,984 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2012/02/06 16:18:40 | 001,389,720 | ---- | M] () -- C:\Program Files\SpywareBlaster\spywareblaster.exe
PRC - [2011/07/25 17:40:48 | 000,108,456 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
PRC - [2011/07/25 17:40:41 | 000,644,512 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec\Symantec Endpoint Protection\SymCorpUI.exe
PRC - [2011/07/25 17:40:38 | 001,839,888 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec\Symantec Endpoint Protection\Rtvscan.exe
PRC - [2011/03/15 13:40:00 | 011,249,144 | ---- | M] (Foxit Corporation) -- C:\Program Files\Foxit Software\Foxit Reader\Foxit Reader.exe
PRC - [2010/11/25 13:05:05 | 000,300,432 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Forefront UAG\Endpoint Components\3.1.0\WhlCach3.exe
PRC - [2008/04/14 14:00:00 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
========== Modules (No Company Name) ==========
MOD - [2012/09/19 21:00:48 | 002,244,064 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2012/08/21 05:13:52 | 003,480,064 | ---- | M] () -- C:\WINDOWS\system32\ffdshow.ax
MOD - [2012/07/19 20:56:08 | 000,172,544 | ---- | M] () -- C:\WINDOWS\system32\libbluray.dll
MOD - [2012/07/19 20:56:02 | 006,894,331 | ---- | M] () -- C:\WINDOWS\system32\avcodec-lav-54.dll
MOD - [2012/07/19 20:56:02 | 001,111,581 | ---- | M] () -- C:\WINDOWS\system32\avformat-lav-54.dll
MOD - [2012/07/19 20:56:02 | 000,232,895 | ---- | M] () -- C:\WINDOWS\system32\avutil-lav-51.dll
MOD - [2012/07/19 20:56:02 | 000,101,820 | ---- | M] () -- C:\WINDOWS\system32\avresample-lav-0.dll
MOD - [2012/06/18 17:24:30 | 000,260,096 | ---- | M] () -- C:\Program Files\Notepad++\NppShell_05.dll
MOD - [2012/06/17 23:14:42 | 001,021,440 | ---- | M] () -- C:\WINDOWS\system32\ac3filter_intl.dll
MOD - [2012/06/17 23:12:10 | 001,406,976 | ---- | M] () -- C:\WINDOWS\system32\ac3filter.ax
MOD - [2012/06/07 10:54:12 | 008,797,856 | ---- | M] () -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_2_202_235.dll
MOD - [2012/05/13 00:42:16 | 001,272,320 | ---- | M] () -- C:\WINDOWS\system32\avcodec-53.dll
MOD - [2012/05/13 00:42:16 | 000,146,432 | ---- | M] () -- C:\WINDOWS\system32\avutil-51.dll
MOD - [2012/05/04 19:29:38 | 000,015,760 | ---- | M] () -- C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2native.dll
MOD - [2012/02/06 16:18:40 | 001,389,720 | ---- | M] () -- C:\Program Files\SpywareBlaster\spywareblaster.exe
MOD - [2011/11/03 17:28:36 | 001,292,288 | ---- | M] () -- C:\WINDOWS\system32\quartz.dll
MOD - [2011/03/17 00:11:16 | 004,297,568 | ---- | M] () -- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
MOD - [2011/03/02 14:40:51 | 000,140,288 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll
MOD - [2010/11/25 15:08:44 | 000,978,832 | ---- | M] () -- C:\WINDOWS\Downloaded Program Files\WhlMgr.dll
MOD - [2010/10/20 15:45:26 | 008,801,120 | ---- | M] () -- C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
MOD - [2010/04/15 00:17:22 | 000,058,680 | ---- | M] () -- C:\Program Files\WebEx\Productivity Tools\ptwbxrm.dll
MOD - [2010/02/19 15:03:12 | 000,473,704 | ---- | M] () -- C:\WINDOWS\system32\nvshell.dll
MOD - [2010/01/28 19:34:48 | 000,417,792 | ---- | M] () -- C:\Program Files\SpywareBlaster\SQLite3SB.dll
MOD - [2008/06/20 18:02:47 | 000,245,248 | ---- | M] () -- \\?\globalroot\systemroot\system32\mswsock.dll
MOD - [2008/06/20 18:02:47 | 000,245,248 | ---- | M] () -- \\.\globalroot\systemroot\system32\mswsock.dll
MOD - [2008/04/14 14:00:00 | 000,059,904 | ---- | M] () -- C:\WINDOWS\system32\devenum.dll
MOD - [2008/04/14 14:00:00 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
========== Services (SafeList) ==========
SRV - File not found [Auto | Stopped] -- C:\Documents and Settings\All Users\Application Data\QuestBrwSearch\questbrowse129.exe C:\Program Files\QuestBrwSearch\questbrwsearch.dll tofumada jefeconuba -- (QuestBrowse Service)
SRV - [2012/09/19 21:00:48 | 000,114,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/08/13 13:33:30 | 003,064,000 | ---- | M] (Skype Technologies S.A.) [Auto | Stopped] -- C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2012/07/21 21:55:44 | 000,030,208 | ---- | M] (Sun Microsystems, Inc.) [Auto | Stopped] -- C:\glassfish3\glassfish\domains\domain1\bin\domain1ServiceService.exe -- (domain1Service)
SRV - [2012/07/13 13:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/05/04 19:29:46 | 000,161,664 | ---- | M] (Oracle Corporation) [Auto | Stopped] -- C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2012/03/01 08:47:28 | 000,408,408 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files\Altiris\Altiris Agent\Agents\WMIProviderAgent\AltirisAgentProvider.exe -- (AltirisAgentProvider)
SRV - [2012/03/01 08:25:16 | 001,534,296 | ---- | M] (Symantec Corporation) [Auto | Stopped] -- C:\Program Files\Altiris\Altiris Agent\AeXNSAgent.exe -- (AeXNSClient)
SRV - [2012/01/16 11:44:56 | 000,487,312 | ---- | M] () [On_Demand | Stopped] -- C:\WINDOWS\DOWNLO~1\DMService.exe -- (DMService)
SRV - [2011/08/13 01:08:50 | 000,229,992 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Altiris\Altiris Agent\Agents\Deployment\Agent\ConfigService.exe -- (ConfigService)
SRV - [2011/07/25 17:40:48 | 000,108,456 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (ccSetMgr)
SRV - [2011/07/25 17:40:48 | 000,108,456 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (ccEvtMgr)
SRV - [2011/07/25 17:40:40 | 001,893,840 | ---- | M] (Symantec Corporation) [Auto | Stopped] -- C:\Program Files\Symantec\Symantec Endpoint Protection\Smc.exe -- (SmcService)
SRV - [2011/07/25 17:40:38 | 001,839,888 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Symantec\Symantec Endpoint Protection\Rtvscan.exe -- (Symantec AntiVirus)
SRV - [2011/07/25 17:40:38 | 000,357,792 | ---- | M] (Symantec Corporation) [Disabled | Stopped] -- C:\Program Files\Symantec\Symantec Endpoint Protection\SNAC.EXE -- (SNAC)
SRV - [2011/06/12 13:15:00 | 031,125,880 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE -- (Microsoft SharePoint Workspace Audit Service)
SRV - [2011/03/26 00:26:46 | 000,334,448 | ---- | M] (VMware, Inc.) [Auto | Stopped] -- C:\WINDOWS\system32\vmnetdhcp.exe -- (VMnetDHCP)
SRV - [2011/03/26 00:26:28 | 000,404,080 | ---- | M] (VMware, Inc.) [Auto | Stopped] -- C:\WINDOWS\system32\vmnat.exe -- (VMware NAT Service)
SRV - [2011/03/26 00:26:16 | 000,113,264 | ---- | M] (VMware, Inc.) [Auto | Stopped] -- C:\Program Files\VMware\VMware Player\vmware-authd.exe -- (VMAuthdService)
SRV - [2011/03/25 23:27:40 | 000,539,248 | ---- | M] (VMware, Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\VMware\USB\vmware-usbarbitrator.exe -- (VMUSBArbService)
SRV - [2011/03/07 19:49:02 | 000,267,016 | ---- | M] (Cisco Systems, Inc.) [Auto | Stopped] -- C:\Program Files\Cisco Systems\SSL VPN Client\Agent.exe -- (STCAgent)
SRV - [2011/02/11 20:01:36 | 000,089,088 | ---- | M] (Misys) [Auto | Stopped] -- C:\Program Files\Misys\Opics Risk 1.2\bin\CreditService.exe -- (CreditService)
SRV - [2011/01/20 00:55:06 | 003,093,944 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files\Symantec\LiveUpdate\LuComServer_3_3.EXE -- (LiveUpdate)
SRV - [2010/11/25 13:05:00 | 000,150,928 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Microsoft Forefront UAG\Endpoint Components\3.1.0\uagqecsvc.exe -- (uagqecsvc)
SRV - [2010/08/19 14:57:14 | 000,191,024 | ---- | M] (VMware, Inc.) [On_Demand | Stopped] -- C:\Program Files\VMware\VMware Player\vmware-ufad.exe -- (ufad-ws60)
SRV - [2010/08/06 11:22:38 | 000,242,200 | ---- | M] (DameWare Development LLC) [Auto | Stopped] -- C:\WINDOWS\system32\DWRCS.EXE -- (DWMRCS)
SRV - [2010/01/15 14:49:20 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe -- (McComponentHostService)
SRV - [2010/01/10 14:01:26 | 000,060,928 | ---- | M] () [Auto | Stopped] -- C:\Program Files\STMicroelectronics\AccelerometerP11\InstallFilterService.exe -- (InstallFilterService)
SRV - [2009/12/17 12:45:18 | 000,812,448 | ---- | M] (Broadcom Corporation) [Auto | Stopped] -- C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostControlService.exe -- (Credential Vault Host Control Service)
SRV - [2009/12/17 12:45:18 | 000,027,040 | ---- | M] (Broadcom Corporation) [Auto | Stopped] -- C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostStorageService.exe -- (Credential Vault Host Storage)
SRV - [2009/12/10 13:07:10 | 000,700,928 | R--- | M] () [Auto | Stopped] -- C:\Program Files\Dell\Dell WWAN\WMCore\WMCore.exe -- (WMCoreService)
SRV - [2009/11/04 17:46:40 | 002,320,920 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Program Files\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2009/11/04 17:46:38 | 000,268,824 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Program Files\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2009/09/21 16:55:12 | 000,858,384 | ---- | M] (Intel® Corporation) [Auto | Stopped] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng)
SRV - [2009/09/21 16:50:04 | 000,364,544 | ---- | M] (Intel® Corporation) [Auto | Stopped] -- C:\Program Files\Intel\WiFi\bin\WLKEEPER.exe -- (WLANKEEPER)
SRV - [2009/09/21 16:44:48 | 000,954,368 | ---- | M] (Intel® Corporation) [Auto | Stopped] -- C:\Program Files\Intel\WiFi\bin\S24EvMon.exe -- (S24EventMonitor)
SRV - [2009/09/21 16:31:36 | 000,473,360 | ---- | M] (Intel® Corporation) [Auto | Stopped] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc)
SRV - [2008/07/29 15:10:46 | 003,201,024 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\Remote Debugger\x86\msvsmon.exe -- (msvsmon90)
SRV - [2008/04/14 14:00:00 | 000,015,360 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\system32\inetsrv\inetinfo.exe -- (W3SVC)
SRV - [2008/04/14 14:00:00 | 000,015,360 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\system32\inetsrv\inetinfo.exe -- (SMTPSVC)
SRV - [2008/04/14 14:00:00 | 000,015,360 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\system32\inetsrv\inetinfo.exe -- (IISADMIN)
SRV - [2007/12/11 08:10:00 | 000,094,208 | ---- | M] (IBM Corporation) [On_Demand | Stopped] -- C:\WINDOWS\cwbrxd.exe -- (Cwbrxd)
SRV - [2007/04/23 06:12:52 | 000,336,944 | ---- | M] (Cisco Systems, Inc.) [Auto | Stopped] -- C:\Program Files\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe -- (vpnagent)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | Boot | Stopped] -- -- (cerc6)
DRV - [2012/09/14 10:00:00 | 001,601,184 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Symantec Shared\VirusDefs\20120921.033\NAVEX15.SYS -- (NAVEX15)
DRV - [2012/09/14 10:00:00 | 000,092,704 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Symantec Shared\VirusDefs\20120921.033\NAVENG.SYS -- (NAVENG)
DRV - [2012/09/08 05:10:26 | 000,167,936 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wpshelper.sys -- (WpsHelper)
DRV - [2012/08/09 10:00:00 | 000,376,480 | ---- | M] (Symantec Corporation) [Kernel | System | Stopped] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2012/08/09 10:00:00 | 000,106,656 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2011/07/25 17:44:47 | 000,125,488 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2011/07/25 17:40:49 | 000,321,016 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\srtspl.sys -- (SRTSPL)
DRV - [2011/07/25 17:40:49 | 000,043,936 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\WPSDRVnt.sys -- (WPS)
DRV - [2011/07/25 17:40:49 | 000,043,768 | ---- | M] (Symantec Corporation) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\srtspx.sys -- (SRTSPX)
DRV - [2011/07/25 17:40:48 | 000,287,352 | ---- | M] (Symantec Corporation) [File_System | System | Stopped] -- C:\WINDOWS\system32\drivers\srtsp.sys -- (SRTSP)
DRV - [2011/07/25 17:40:41 | 000,099,744 | ---- | M] (Symantec Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\SysPlant.sys -- (SysPlant)
DRV - [2011/07/25 17:40:41 | 000,067,520 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Teefer2.sys -- (Teefer2)
DRV - [2011/07/25 17:40:33 | 000,421,424 | ---- | M] (Symantec Corporation) [Kernel | System | Stopped] -- C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys -- (SPBBCDrv)
DRV - [2011/04/25 03:49:16 | 000,065,584 | ---- | M] (Citrix Systems, Inc.) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\ctxusbm.sys -- (ctxusbm)
DRV - [2011/03/26 00:27:18 | 000,854,256 | ---- | M] (VMware, Inc.) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\vmx86.sys -- (vmx86)
DRV - [2011/03/26 00:27:16 | 000,070,768 | ---- | M] (VMware, Inc.) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\vmci.sys -- (vmci)
DRV - [2011/03/26 00:25:46 | 000,024,688 | ---- | M] (VMware, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\VMkbd.sys -- (vmkbd)
DRV - [2011/03/26 00:25:00 | 000,032,752 | ---- | M] (VMware, Inc.) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\vmnetbridge.sys -- (VMnetBridge)
DRV - [2011/03/26 00:24:56 | 000,026,352 | ---- | M] (VMware, Inc.) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\vmnetuserif.sys -- (VMnetuserif)
DRV - [2011/03/25 23:27:32 | 000,032,368 | ---- | M] (VMware, Inc.) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\hcmon.sys -- (hcmon)
DRV - [2011/03/25 21:05:00 | 000,016,560 | ---- | M] (VMware, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\vmnetadapter.sys -- (VMnetAdapter)
DRV - [2011/03/13 14:45:31 | 000,431,672 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sptd.sys -- (sptd)
DRV - [2011/03/07 19:49:02 | 000,022,136 | ---- | M] (Cisco Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\CSVirtA.sys -- (CSVirtA)
DRV - [2011/01/19 16:52:11 | 000,206,464 | ---- | M] (Roxio) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\udfreadr_xp.sys -- (UdfReadr_xp)
DRV - [2011/01/19 16:52:11 | 000,143,834 | ---- | M] (Roxio) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\pwd_2K.sys -- (pwd_2k)
DRV - [2011/01/19 16:52:11 | 000,030,630 | ---- | M] (Roxio) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\Mmc_2k.sys -- (mmc_2K)
DRV - [2011/01/19 16:52:11 | 000,025,898 | ---- | M] (Roxio) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\Dvd_2k.sys -- (dvd_2K)
DRV - [2010/08/31 09:05:49 | 000,188,080 | ---- | M] (Symantec Corporation) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\symtdi.sys -- (SYMTDI)
DRV - [2010/08/31 09:05:49 | 000,026,416 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\symredrv.sys -- (SYMREDRV)
DRV - [2010/08/31 09:05:48 | 000,023,888 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\COH_Mon.sys -- (COH_Mon)
DRV - [2010/08/19 14:56:38 | 000,022,448 | ---- | M] (VMware, Inc.) [Kernel | Auto | Stopped] -- C:\Program Files\VMware\VMware Player\vstor2-ws60.sys -- (vstor2-ws60)
DRV - [2010/01/28 14:34:32 | 000,102,528 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ewusbmdm.sys -- (hwdatacard)
DRV - [2010/01/28 08:25:06 | 000,058,600 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nvhda32.sys -- (NVHDA)
DRV - [2010/01/22 17:59:24 | 000,239,664 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Apfiltr.sys -- (ApfiltrService)
DRV - [2010/01/18 09:56:26 | 000,042,672 | ---- | M] (ST Microelectronics) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Accelern.sys -- (Acceler)
DRV - [2010/01/18 09:56:26 | 000,017,072 | ---- | M] (ST Microelectronics) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\stdfltn.sys -- (stdflt)
DRV - [2009/12/10 11:33:34 | 000,167,080 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\e1k5132.sys -- (e1kexpress)
DRV - [2009/12/03 14:30:42 | 001,656,246 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sthda.sys -- (STHDA)
DRV - [2009/11/03 18:40:42 | 000,033,832 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\cvusbdrv.sys -- (cvusbdrv)
DRV - [2009/10/28 19:55:00 | 000,047,616 | ---- | M] (REDC) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\risdpe86.sys -- (risdpcie)
DRV - [2009/10/26 22:39:04 | 000,125,696 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Impcd.sys -- (Impcd)
DRV - [2009/09/17 16:54:14 | 000,041,088 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\HECI.sys -- (HECI)
DRV - [2009/09/15 13:34:10 | 005,977,216 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NETw5x32.sys -- (NETw5x32)
DRV - [2009/08/10 02:46:38 | 000,013,952 | ---- | M] (Intel Corporation) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\s24trans.sys -- (s24trans)
DRV - [2009/06/25 18:58:00 | 000,048,128 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2009/05/21 11:48:10 | 000,029,184 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbccid.sys -- (USBCCID)
DRV - [2009/04/22 00:13:34 | 000,113,664 | ---- | M] (Andrea Electronics Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\AESTAud.sys -- (AESTAud)
DRV - [2009/04/08 12:32:50 | 000,116,224 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\IntcHdmi.sys -- (IntcHdmiAddService)
DRV - [2009/03/30 05:09:28 | 000,239,336 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\RsFx0103.sys -- (RsFx0103)
DRV - [2008/07/10 04:49:14 | 000,242,712 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\RsFx0102.sys -- (RsFx0102)
DRV - [2008/06/04 15:14:00 | 000,026,608 | ---- | M] (Dell Inc) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\PBADRV.sys -- (PBADRV)
DRV - [2008/03/19 16:26:24 | 000,175,104 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\b57xp32.sys -- (b57w2k)
DRV - [2007/04/23 06:09:58 | 000,024,176 | ---- | M] (Cisco Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\vpnva.sys -- (vpnva)
DRV - [2007/02/15 19:00:00 | 000,026,624 | ---- | M] (DameWare) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\dwvkbd.sys -- (dwvkbd)
DRV - [2007/02/07 19:00:00 | 000,003,712 | ---- | M] (DameWare Development, LLC) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\DamewareMini.sys -- (DwMirror)
DRV - [2002/12/17 14:32:58 | 000,061,424 | ---- | M] (Roxio) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\cdr4_xp.sys -- (Cdr4_xp)
DRV - [2002/12/17 14:32:46 | 000,023,436 | ---- | M] (Roxio) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\cdralw2k.sys -- (Cdralw2k)
DRV - [2002/12/17 14:27:32 | 000,241,152 | ---- | M] (Roxio) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\cdudf_xp.sys -- (cdudf_xp)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...ferrer:source?}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://home.insidemi...es/default.aspx
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://home.insidemi...es/default.aspx
IE - HKCU\..\SearchScopes,DefaultScope = {61379D91-5CD9-4E9F-B278-F095B524A519}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{5F970FDE-702B-4ef9-920C-5F2848A5AF26}: "URL" = http://www.astroburn...q={searchTerms}
IE - HKCU\..\SearchScopes\{61379D91-5CD9-4E9F-B278-F095B524A519}: "URL" = http://www.google.co...utputEncoding?}
IE - HKCU\..\SearchScopes\{AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8}: "URL" = http://www.daemon-se...q={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "Web Search"
FF - prefs.js..browser.search.order.1: "Web Search"
FF - prefs.js..browser.search.order.2: "Google"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "http://www.gmail.com/"
FF - prefs.js..extensions.enabledAddons: [email protected]:1.19.1
FF - prefs.js..extensions.enabledItems: [email protected]:1.2
FF - prefs.js..extensions.enabledItems: {4F939292-0EB6-4F55-BC24-ABBB08E53DC7}:1.9.1
FF - prefs.js..extensions.enabledItems: {D9ADB0A8-7BFB-498D-9880-EE78A81CCFA0}:1.0
FF - prefs.js..extensions.enabledItems: [email protected]:3.11.3.100010
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: [email protected]:1.1
FF - prefs.js..extensions.enabledItems: {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}:5.7.0.8773
FF - prefs.js..extensions.enabledItems: [email protected]:1.20.00
FF - prefs.js..network.proxy.type: 0
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_2_202_235.dll ()
FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf: C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.1: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.1: C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\kkalidin\Local Settings\Application Data\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\kkalidin\Local Settings\Application Data\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{4F939292-0EB6-4F55-BC24-ABBB08E53DC7}: C:\Documents and Settings\kkalidin\Local Settings\Application Data\{4F939292-0EB6-4F55-BC24-ABBB08E53DC7} [2011/03/09 19:45:41 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/09/19 21:00:50 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/07/21 22:41:24 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\WebEx\Productivity Tools\ [2012/09/22 09:10:18 | 000,000,000 | ---D | M]
[2011/03/08 16:24:52 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\kkalidin\Application Data\Mozilla\Extensions
[2012/05/02 21:27:39 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\kkalidin\Application Data\Mozilla\Firefox\Profiles\xu2c3e0b.default\extensions
[2011/03/10 12:03:27 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\kkalidin\Application Data\Mozilla\Firefox\Profiles\xu2c3e0b.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2012/04/25 21:54:28 | 000,000,000 | ---D | M] (British English Dictionary) -- C:\Documents and Settings\kkalidin\Application Data\Mozilla\Firefox\Profiles\xu2c3e0b.default\extensions\[email protected]
[2011/11/28 14:13:08 | 000,000,000 | ---D | M] (Yontoo Layers) -- C:\Documents and Settings\kkalidin\Application Data\Mozilla\Firefox\Profiles\xu2c3e0b.default\extensions\[email protected]
[2012/02/03 12:31:07 | 000,000,000 | ---D | M] ("Ask Toolbar") -- C:\Documents and Settings\kkalidin\Application Data\Mozilla\Firefox\Profiles\xu2c3e0b.default\extensions\[email protected]
[2011/03/13 15:01:27 | 000,002,071 | ---- | M] () -- C:\Documents and Settings\kkalidin\Application Data\Mozilla\Firefox\Profiles\xu2c3e0b.default\searchplugins\absearch-search.xml
[2011/03/13 14:45:36 | 000,002,059 | ---- | M] () -- C:\Documents and Settings\kkalidin\Application Data\Mozilla\Firefox\Profiles\xu2c3e0b.default\searchplugins\daemon-search.xml
[2012/09/19 21:00:58 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012/08/29 21:30:23 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2011/03/30 13:03:17 | 000,000,000 | ---D | M] (QuestBrowse) -- C:\Program Files\Mozilla Firefox\extensions\{D9ADB0A8-7BFB-498D-9880-EE78A81CCFA0}
[2012/09/19 21:00:50 | 000,266,720 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011/04/25 03:58:10 | 000,124,864 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files\mozilla firefox\plugins\CCMSDK.dll
[2011/04/25 04:00:08 | 000,071,104 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files\mozilla firefox\plugins\CgpCore.dll
[2011/04/25 03:59:06 | 000,092,096 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files\mozilla firefox\plugins\confmgr.dll
[2011/04/25 03:58:38 | 000,022,976 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files\mozilla firefox\plugins\ctxlogging.dll
[2011/04/25 04:49:00 | 000,485,288 | ---- | M] () -- C:\Program Files\mozilla firefox\plugins\npicaN.dll
[2011/04/25 04:00:04 | 000,024,512 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files\mozilla firefox\plugins\TcpPServ.dll
[2012/09/19 21:00:44 | 000,001,525 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-en-GB.xml
[2012/09/19 21:00:44 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012/09/19 21:00:44 | 000,000,935 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\chambers-en-GB.xml
[2012/09/19 21:00:44 | 000,001,166 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-en-GB.xml
[2012/09/19 21:00:44 | 000,002,253 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml
[2012/09/19 21:00:44 | 000,001,121 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-en-GB.xml
========== Chrome ==========
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - homepage: http://www.google.com/
CHR - plugin: Shockwave Flash (Enabled) = C:\Documents and Settings\kkalidin\Local Settings\Application Data\Google\Chrome\Application\17.0.963.66\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Java Deployment Toolkit 6.0.240.7 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java™ Platform SE 6 U24 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Documents and Settings\kkalidin\Local Settings\Application Data\Google\Chrome\Application\17.0.963.66\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Documents and Settings\kkalidin\Local Settings\Application Data\Google\Chrome\Application\17.0.963.66\pdf.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Google Update (Enabled) = C:\Documents and Settings\kkalidin\Local Settings\Application Data\Google\Update\1.3.21.79\npGoogleUpdate3.dll
CHR - plugin: Foxit Reader Plugin for Mozilla (Enabled) = C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
O1 HOSTS File: ([2011/10/26 20:50:54 | 000,000,797 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 10.80.58.17 maillonfin01
O1 - Hosts: 10.119.200.238 home.insidemisys.com
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (WebEx Productivity Tools) - {90E2BA2E-DD1B-4cde-9134-7A8B86D33CA7} - C:\Program Files\WebEx\Productivity Tools\ptonecli.dll ()
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Yontoo Layers) - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files\Yontoo Layers Runtime\YontooIEClient.dll (Yontoo LLC)
O3 - HKLM\..\Toolbar: (WebEx Productivity Tools) - {90E2BA2E-DD1B-4cde-9134-7A8B86D33CA7} - C:\Program Files\WebEx\Productivity Tools\ptonecli.dll ()
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O4 - HKLM..\Run: [AdaptecDirectCD] C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe (Roxio)
O4 - HKLM..\Run: [AESTFltr] C:\WINDOWS\System32\AESTFltr.exe (Andrea Electronics Corporation)
O4 - HKLM..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe (Alps Electric Co., Ltd.)
O4 - HKLM..\Run: [BCSSync] C:\Program Files\Microsoft Office\Office14\BCSSync.exe (Microsoft Corporation)
O4 - HKLM..\Run: [ccApp] C:\Program Files\Common Files\Symantec Shared\ccApp.exe (Symantec Corporation)
O4 - HKLM..\Run: [Client Access Service] C:\Program Files\IBM\Client Access\cwbsvstr.exe (IBM Corporation)
O4 - HKLM..\Run: [ConnectionCenter] C:\Program Files\Citrix\ICA Client\concentr.exe (Citrix Systems, Inc.)
O4 - HKLM..\Run: [DameWare MRC Agent] C:\WINDOWS\system32\DWRCST.EXE (DameWare Development)
O4 - HKLM..\Run: [IMSS] C:\Program Files\Intel\Intel® Management Engine Components\IMSS\PIconStartup.exe ()
O4 - HKLM..\Run: [IntelWireless] C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe (Intel® Corporation)
O4 - HKLM..\Run: [IntelZeroConfig] C:\Program Files\Intel\WiFi\bin\ZCfgSvc.exe (Intel® Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NVHotkey] C:\WINDOWS\System32\nvhotkey.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray.exe (IDT, Inc.)
O4 - HKLM..\Run: [UniPrint] C:\Program Files\UniPrint\Client\SetDfltSettings.exe (INGENICA UK Ltd.)
O4 - HKLM..\Run: [VMware hqtray] C:\Program Files\VMware\VMware Player\hqtray.exe (VMware, Inc.)
O4 - HKCU..\Run: [OfficeSyncProcess] C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE (Microsoft Corporation)
O4 - HKCU..\Run: [PTIM.exe] C:\Program Files\WebEx\Productivity Tools\PTIM.exe (WebEx Communications, Inc)
O4 - HKCU..\Run: [PTOneClick] C:\Program Files\WebEx\Productivity Tools\ptoneclk.exe (Cisco WebEx LLC)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe (McAfee, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE (WinZip Computing, S.L.)
O4 - Startup: C:\Documents and Settings\kkalidin\Start Menu\Programs\Startup\Dropbox.lnk = C:\Documents and Settings\kkalidin\Application Data\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O4 - Startup: C:\Documents and Settings\kkalidin\Start Menu\Programs\Startup\Microsoft SharePoint Workspace.lnk = C:\Program Files\Microsoft Office\Office14\GROOVE.EXE (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\kkalidin\Start Menu\Programs\Startup\Update Tool Notifier.exe (Oracle Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000022 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000023 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000024 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000025 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000026 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000027 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000028 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000029 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000030 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000031 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000032 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000033 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000034 - C:\Program Files\VMware\VMware Player\vsocklib.dll (VMware, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000035 - C:\Program Files\VMware\VMware Player\vsocklib.dll (VMware, Inc.)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.micr...heckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {264AED84-12F1-4CA1-8AA7-EB939AE58D8D} https://ukra.misys.c...ries/stcweb.cab (STCWeb Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {8D9563A9-8D5F-459B-87F2-BA842255CB9A} https://hosted.fdmgr.../WhlCompMgr.cab (Forefront UAG client components)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} https://misys.webex....bex/ieatgpc.cab (GpcContainer Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = misys.global.ad
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{44875CB9-B5C7-4B80-8204-9ADFB43D37D2}: DhcpNameServer = 10.113.200.16 10.113.200.17
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{51EB6E47-05AF-4746-8753-F9B204995CC0}: DhcpNameServer = 192.168.0.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Filter\application/x-ica {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=euc-jp {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=ISO-8859-1 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=MS936 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=MS949 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=MS950 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=UTF8 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=UTF-8 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=euc-jp {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=ISO-8859-1 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=MS936 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=MS949 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=MS950 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=UTF8 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=UTF-8 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\ica {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O20 - AppInit_DLLs: (AMINIT32.DLL) - C:\WINDOWS\System32\AMInit32.dll (Altiris Inc)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011/01/19 14:18:21 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\##10.80.58.117#Third-party#Microsoft#SQL Server 2005 SP2#Sql Server 32bit\Shell - "" = AutoRun
O33 - MountPoints2\##10.80.58.117#Third-party#Microsoft#SQL Server 2005 SP2#Sql Server 32bit\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\##10.80.58.117#Third-party#Microsoft#SQL Server 2005 SP2#Sql Server 32bit\Shell\AutoRun\command - "" = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL splash.hta
O33 - MountPoints2\{12345b9d-27c9-11e1-9c14-005056c00008}\Shell - "" = AutoRun
O33 - MountPoints2\{12345b9d-27c9-11e1-9c14-005056c00008}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{12345b9d-27c9-11e1-9c14-005056c00008}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{14f61bca-7563-11e0-90b4-005056c00008}\Shell - "" = AutoRun
O33 - MountPoints2\{14f61bca-7563-11e0-90b4-005056c00008}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{14f61bca-7563-11e0-90b4-005056c00008}\Shell\AutoRun\command - "" = H:\AutoRun.exe
O33 - MountPoints2\{14f61bcc-7563-11e0-90b4-005056c00008}\Shell - "" = AutoRun
O33 - MountPoints2\{14f61bcc-7563-11e0-90b4-005056c00008}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{14f61bcc-7563-11e0-90b4-005056c00008}\Shell\AutoRun\command - "" = H:\AutoRun.exe
O33 - MountPoints2\{de0f6349-592f-11e0-9629-005056c00008}\Shell - "" = AutoRun
O33 - MountPoints2\{de0f6349-592f-11e0-9629-005056c00008}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{de0f6349-592f-11e0-9629-005056c00008}\Shell\AutoRun\command - "" = H:\LaunchU3.exe -a
O33 - MountPoints2\{fc3a436f-4afc-11e0-8101-001f3c20604f}\Shell\AutoRun\command - "" = F:\Setup.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
========== Files/Folders - Created Within 30 Days ==========
[2012/09/25 10:12:09 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\kkalidin\Desktop\OTL.exe
[2012/09/25 09:57:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2012/09/25 09:57:03 | 000,000,000 | ---D | C] -- C:\Program Files\SpywareBlaster
[2012/09/25 09:57:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\SpywareBlaster
[2012/09/23 08:11:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Macromedia
[2012/09/23 08:11:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Adobe
[2012/09/23 07:54:48 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2012/09/23 07:33:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\kkalidin\Local Settings\Application Data\PCHealth
[2012/09/21 00:46:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\kkalidin\My Documents\BC
[2012/09/19 21:01:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Mozilla
[2012/09/19 21:00:59 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Maintenance Service
[2012/09/16 20:56:24 | 000,000,000 | ---D | C] -- C:\.cpanm
[2012/09/08 12:23:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\kkalidin\Application Data\TeamViewer
[2012/09/08 12:23:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\TeamViewer 7
[2012/09/08 12:23:02 | 000,000,000 | ---D | C] -- C:\Program Files\TeamViewer
[2012/09/03 23:35:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Media Player - Codec Pack
[2012/09/03 23:35:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\C2MP
[2012/08/26 10:23:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Spyder
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2012/09/25 10:12:10 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\kkalidin\Desktop\OTL.exe
[2012/09/25 10:10:25 | 000,001,324 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2012/09/25 09:57:03 | 000,000,754 | ---- | M] () -- C:\Documents and Settings\kkalidin\Desktop\SpywareBlaster.lnk
[2012/09/25 08:47:36 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012/09/25 08:46:32 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012/09/23 08:05:19 | 000,268,600 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012/09/23 07:50:10 | 000,000,990 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1914378695-1302515424-3380946746-96952UA.job
[2012/09/22 18:07:20 | 000,000,697 | R--- | M] () -- C:\Documents and Settings\kkalidin\My Documents\dataset_hlr.csv
[2012/09/22 17:26:06 | 000,000,604 | ---- | M] () -- C:\WINDOWS\tasks\Cardano_MktImport_Paste_Prod.job
[2012/09/22 17:25:30 | 000,000,516 | ---- | M] () -- C:\WINDOWS\tasks\Microsoft Office Excel 2003.job
[2012/09/22 09:20:15 | 000,000,516 | ---- | M] () -- C:\Documents and Settings\kkalidin\My Documents\RobotUA.pl
[2012/09/22 09:13:04 | 000,000,390 | ---- | M] () -- C:\Documents and Settings\kkalidin\My Documents\RobotUA_OLD.pl
[2012/09/22 08:50:00 | 000,000,938 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1914378695-1302515424-3380946746-96952Core.job
[2012/09/22 08:48:06 | 000,000,293 | ---- | M] () -- C:\Documents and Settings\kkalidin\My Documents\UserAgent.pl
[2012/09/22 08:27:37 | 000,000,742 | ---- | M] () -- C:\Documents and Settings\kkalidin\Desktop\Notepad++.lnk
[2012/09/16 20:46:51 | 000,132,382 | ---- | M] () -- C:\Documents and Settings\kkalidin\My Documents\libwww-perl-6.04.tar.gz
[2012/09/08 12:23:06 | 000,000,815 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\TeamViewer 7.lnk
[2012/09/08 05:10:26 | 000,167,936 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\wpshelper.sys
[2012/09/04 21:47:16 | 000,002,309 | ---- | M] () -- C:\Documents and Settings\kkalidin\Desktop\Google Chrome.lnk
[2012/09/04 21:47:16 | 000,002,287 | ---- | M] () -- C:\Documents and Settings\kkalidin\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2012/09/03 21:32:29 | 000,000,804 | ---- | M] () -- C:\Documents and Settings\kkalidin\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files Created - No Company Name ==========
[2012/09/25 09:57:03 | 000,000,754 | ---- | C] () -- C:\Documents and Settings\kkalidin\Desktop\SpywareBlaster.lnk
[2012/09/22 18:07:32 | 000,000,697 | R--- | C] () -- C:\Documents and Settings\kkalidin\My Documents\dataset_hlr.csv
[2012/09/22 09:12:40 | 000,000,390 | ---- | C] () -- C:\Documents and Settings\kkalidin\My Documents\RobotUA_OLD.pl
[2012/09/22 09:09:21 | 000,000,516 | ---- | C] () -- C:\Documents and Settings\kkalidin\My Documents\RobotUA.pl
[2012/09/22 08:48:06 | 000,000,293 | ---- | C] () -- C:\Documents and Settings\kkalidin\My Documents\UserAgent.pl
[2012/09/22 08:27:37 | 000,000,742 | ---- | C] () -- C:\Documents and Settings\kkalidin\Desktop\Notepad++.lnk
[2012/09/16 20:46:49 | 000,132,382 | ---- | C] () -- C:\Documents and Settings\kkalidin\My Documents\libwww-perl-6.04.tar.gz
[2012/09/08 12:23:06 | 000,000,815 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\TeamViewer 7.lnk
[2012/09/03 21:32:28 | 000,000,804 | ---- | C] () -- C:\Documents and Settings\kkalidin\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk
[2012/08/21 05:15:22 | 003,978,240 | ---- | C] () -- C:\WINDOWS\System32\ffmpeg.dll
[2012/08/21 05:14:04 | 000,112,640 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2012/08/21 05:12:48 | 000,271,360 | ---- | C] () -- C:\WINDOWS\System32\TomsMoComp_ff.dll
[2012/08/21 05:12:34 | 000,099,840 | ---- | C] () -- C:\WINDOWS\System32\ff_wmv9.dll
[2012/08/21 05:12:32 | 000,157,184 | ---- | C] () -- C:\WINDOWS\System32\ff_unrar.dll
[2012/08/21 05:12:30 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\ff_libmad.dll
[2012/08/21 05:12:28 | 001,525,760 | ---- | C] () -- C:\WINDOWS\System32\ff_samplerate.dll
[2012/08/21 05:12:28 | 000,211,968 | ---- | C] () -- C:\WINDOWS\System32\ff_libdts.dll
[2012/08/21 05:12:28 | 000,114,688 | ---- | C] () -- C:\WINDOWS\System32\ff_liba52.dll
[2012/08/21 05:12:24 | 000,330,240 | ---- | C] () -- C:\WINDOWS\System32\ff_libfaad2.dll
[2012/08/01 01:16:50 | 000,000,263 | ---- | C] () -- C:\Documents and Settings\kkalidin\heat.settings
[2012/07/24 01:03:07 | 000,000,008 | RH-- | C] () -- C:\Documents and Settings\kkalidin\hwid
[2012/07/21 21:55:43 | 000,000,108 | ---- | C] () -- C:\Documents and Settings\kkalidin\.asadminpass
[2012/07/19 20:56:08 | 000,172,544 | ---- | C] () -- C:\WINDOWS\System32\libbluray.dll
[2012/07/19 20:56:02 | 006,894,331 | ---- | C] () -- C:\WINDOWS\System32\avcodec-lav-54.dll
[2012/07/19 20:56:02 | 001,111,581 | ---- | C] () -- C:\WINDOWS\System32\avformat-lav-54.dll
[2012/07/19 20:56:02 | 000,401,685 | ---- | C] () -- C:\WINDOWS\System32\swscale-lav-2.dll
[2012/07/19 20:56:02 | 000,232,895 | ---- | C] () -- C:\WINDOWS\System32\avutil-lav-51.dll
[2012/07/19 20:56:02 | 000,162,743 | ---- | C] () -- C:\WINDOWS\System32\avfilter-lav-3.dll
[2012/07/19 20:56:02 | 000,101,820 | ---- | C] () -- C:\WINDOWS\System32\avresample-lav-0.dll
[2012/06/17 23:15:04 | 000,198,144 | ---- | C] () -- C:\WINDOWS\System32\spdif_test.exe
[2012/06/17 23:14:58 | 000,097,792 | ---- | C] () -- C:\WINDOWS\System32\ac3config.exe
[2012/06/17 23:14:42 | 001,021,440 | ---- | C] () -- C:\WINDOWS\System32\ac3filter_intl.dll
[2012/05/13 00:42:16 | 001,272,320 | ---- | C] () -- C:\WINDOWS\System32\avcodec-53.dll
[2012/05/13 00:42:16 | 000,146,432 | ---- | C] () -- C:\WINDOWS\System32\avutil-51.dll
[2012/03/14 12:02:39 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2011/12/26 22:29:37 | 000,601,448 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-S-1-5-21-1914378695-1302515424-3380946746-96952-0.dat
[2011/12/26 22:29:36 | 000,282,662 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat
[2011/12/07 21:32:24 | 000,216,064 | ---- | C] ( ) -- C:\WINDOWS\System32\Lagarith.dll
[2011/12/05 20:22:35 | 000,001,324 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011/10/26 20:50:54 | 000,032,768 | ---- | C] () -- C:\Documents and Settings\kkalidin\WebVpnRegKey6-ukra-misys-com.dll
[2011/09/08 16:00:52 | 000,150,528 | ---- | C] () -- C:\WINDOWS\System32\mkx.dll
[2011/09/08 16:00:48 | 000,142,336 | ---- | C] () -- C:\WINDOWS\System32\mp4.dll
[2011/09/08 16:00:42 | 000,123,392 | ---- | C] () -- C:\WINDOWS\System32\ogm.dll
[2011/09/08 16:00:38 | 000,249,856 | ---- | C] () -- C:\WINDOWS\System32\dxr.dll
[2011/09/08 16:00:34 | 000,113,152 | ---- | C] () -- C:\WINDOWS\System32\dsmux.exe
[2011/09/08 16:00:24 | 000,154,624 | ---- | C] () -- C:\WINDOWS\System32\ts.dll
[2011/09/08 16:00:10 | 000,137,728 | ---- | C] () -- C:\WINDOWS\System32\mkv2vfr.exe
[2011/09/08 16:00:06 | 000,358,400 | ---- | C] () -- C:\WINDOWS\System32\gdsmux.exe
[2011/09/08 15:59:54 | 000,080,384 | ---- | C] () -- C:\WINDOWS\System32\mkzlib.dll
[2011/09/08 15:59:52 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\mkunicode.dll
[2011/09/01 13:14:34 | 000,000,600 | ---- | C] () -- C:\Documents and Settings\kkalidin\Application Data\winscp.rnd
[2011/08/16 11:17:46 | 000,000,600 | ---- | C] () -- C:\Documents and Settings\kkalidin\Local Settings\Application Data\PUTTY.RND
[2011/06/01 12:27:19 | 000,006,268 | ---- | C] () -- C:\Documents and Settings\kkalidin\20110425_IMPORT_EQUITY_DAILY.mkt
[2011/06/01 12:27:19 | 000,005,568 | ---- | C] () -- C:\Documents and Settings\kkalidin\20110425_IMPORT_EQUITY_PRICE.mkt
[2011/06/01 12:27:19 | 000,000,879 | ---- | C] () -- C:\Documents and Settings\kkalidin\20110425_IMPORT_IR.mkt
[2011/06/01 12:27:19 | 000,000,270 | ---- | C] () -- C:\Documents and Settings\kkalidin\20110425_IMPORT_RPI.mkt
[2011/06/01 12:27:18 | 000,001,379 | ---- | C] () -- C:\Documents and Settings\kkalidin\20110425_IMPORT_GILTS.mkt
[2011/06/01 12:27:18 | 000,000,526 | ---- | C] () -- C:\Documents and Settings\kkalidin\20110425_IMPORT_FX_RATE.mkt
[2011/06/01 11:07:03 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\kkalidin\20110601_IMPORT_FX_RATE.mkt
[2011/05/31 19:05:26 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\kkalidin\_IMPORT_FX_RATE.mkt
[2011/05/31 18:34:30 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\kkalidin\20110531_IMPORT_FX_RATE.mkt
[2011/05/30 15:42:50 | 000,240,640 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2011/05/23 09:46:30 | 000,645,632 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2011/05/03 17:36:02 | 000,071,259 | ---- | C] () -- C:\WINDOWS\Huawei ModemsUninstall.exe
[2011/04/15 16:25:14 | 000,005,974 | ---- | C] () -- C:\Documents and Settings\kkalidin\20110331_IMPORT_EQUITY_DAILY.mkt
[2011/04/15 16:25:14 | 000,005,274 | ---- | C] () -- C:\Documents and Settings\kkalidin\20110331_IMPORT_EQUITY_PRICE.mkt
[2011/04/15 16:25:14 | 000,000,893 | ---- | C] () -- C:\Documents and Settings\kkalidin\20110331_IMPORT_IR.mkt
[2011/04/15 16:25:14 | 000,000,270 | ---- | C] () -- C:\Documents and Settings\kkalidin\20110331_IMPORT_RPI.mkt
[2011/04/15 16:25:13 | 000,001,355 | ---- | C] () -- C:\Documents and Settings\kkalidin\20110331_IMPORT_GILTS.mkt
[2011/04/15 16:25:13 | 000,000,472 | ---- | C] () -- C:\Documents and Settings\kkalidin\20110331_IMPORT_FX_RATE.mkt
[2011/04/15 11:44:41 | 000,006,268 | ---- | C] () -- C:\Documents and Settings\kkalidin\20110413_IMPORT_EQUITY_DAILY.mkt
[2011/04/15 11:44:41 | 000,005,568 | ---- | C] () -- C:\Documents and Settings\kkalidin\20110413_IMPORT_EQUITY_PRICE.mkt
[2011/04/15 11:44:41 | 000,000,879 | ---- | C] () -- C:\Documents and Settings\kkalidin\20110413_IMPORT_IR.mkt
[2011/04/15 11:44:41 | 000,000,270 | ---- | C] () -- C:\Documents and Settings\kkalidin\20110413_IMPORT_RPI.mkt
[2011/04/15 11:44:40 | 000,001,379 | ---- | C] () -- C:\Documents and Settings\kkalidin\20110413_IMPORT_GILTS.mkt
[2011/04/15 11:44:40 | 000,000,526 | ---- | C] () -- C:\Documents and Settings\kkalidin\20110413_IMPORT_FX_RATE.mkt
[2011/04/15 11:35:54 | 000,006,268 | ---- | C] () -- C:\Documents and Settings\kkalidin\20110415_IMPORT_EQUITY_DAILY.mkt
[2011/04/15 11:35:54 | 000,005,568 | ---- | C] () -- C:\Documents and Settings\kkalidin\20110415_IMPORT_EQUITY_PRICE.mkt
[2011/04/15 11:35:54 | 000,000,879 | ---- | C] () -- C:\Documents and Settings\kkalidin\20110415_IMPORT_IR.mkt
[2011/04/15 11:35:54 | 000,000,270 | ---- | C] () -- C:\Documents and Settings\kkalidin\20110415_IMPORT_RPI.mkt
[2011/04/15 11:35:53 | 000,001,379 | ---- | C] () -- C:\Documents and Settings\kkalidin\20110415_IMPORT_GILTS.mkt
[2011/04/15 11:35:53 | 000,000,526 | ---- | C] () -- C:\Documents and Settings\kkalidin\20110415_IMPORT_FX_RATE.mkt
[2011/04/15 11:28:24 | 000,005,974 | ---- | C] () -- C:\Documents and Settings\kkalidin\2011_15_04_IMPORT_EQUITY_DAILY.mkt
[2011/04/15 11:28:24 | 000,005,274 | ---- | C] () -- C:\Documents and Settings\kkalidin\2011_15_04_IMPORT_EQUITY_PRICE.mkt
[2011/04/15 11:28:24 | 000,000,893 | ---- | C] () -- C:\Documents and Settings\kkalidin\2011_15_04_IMPORT_IR.mkt
[2011/04/15 11:28:24 | 000,000,270 | ---- | C] () -- C:\Documents and Settings\kkalidin\2011_15_04_IMPORT_RPI.mkt
[2011/04/15 11:28:23 | 000,001,379 | ---- | C] () -- C:\Documents and Settings\kkalidin\2011_15_04_IMPORT_GILTS.mkt
[2011/04/15 11:28:23 | 000,000,472 | ---- | C] () -- C:\Documents and Settings\kkalidin\2011_15_04_IMPORT_FX_RATE.mkt
[2011/04/14 17:12:50 | 000,006,268 | ---- | C] () -- C:\Documents and Settings\kkalidin\20110414_IMPORT_EQUITY_DAILY.mkt
[2011/04/14 17:12:50 | 000,005,568 | ---- | C] () -- C:\Documents and Settings\kkalidin\20110414_IMPORT_EQUITY_PRICE.mkt
[2011/04/14 17:12:50 | 000,000,535 | ---- | C] () -- C:\Documents and Settings\kkalidin\20110414_IMPORT_IR.mkt
[2011/04/14 17:12:50 | 000,000,270 | ---- | C] () -- C:\Documents and Settings\kkalidin\20110414_IMPORT_RPI.mkt
[2011/04/14 17:12:49 | 000,001,407 | ---- | C] () -- C:\Documents and Settings\kkalidin\20110414_IMPORT_GILTS.mkt
[2011/04/14 17:12:49 | 000,000,487 | ---- | C] () -- C:\Documents and Settings\kkalidin\20110414_IMPORT_FX_RATE.mkt
[2011/04/14 12:44:54 | 000,006,268 | ---- | C] () -- C:\Documents and Settings\kkalidin\2011_14_04_IMPORT_EQUITY_DAILY.mkt
[2011/04/14 12:44:54 | 000,005,568 | ---- | C] () -- C:\Documents and Settings\kkalidin\2011_14_04_IMPORT_EQUITY_PRICE.mkt
[2011/04/14 12:44:54 | 000,000,535 | ---- | C] () -- C:\Documents and Settings\kkalidin\2011_14_04_IMPORT_IR.mkt
[2011/04/14 12:44:54 | 000,000,270 | ---- | C] () -- C:\Documents and Settings\kkalidin\2011_14_04_IMPORT_RPI.mkt
[2011/04/14 12:44:52 | 000,001,407 | ---- | C] () -- C:\Documents and Settings\kkalidin\2011_14_04_IMPORT_GILTS.mkt
[2011/04/14 12:44:52 | 000,000,487 | ---- | C] () -- C:\Documents and Settings\kkalidin\2011_14_04_IMPORT_FX_RATE.mkt
[2011/04/13 17:10:18 | 000,001,407 | ---- | C] () -- C:\Documents and Settings\kkalidin\2011_13_04_IMPORT_GILTS.mkt
[2011/04/13 17:10:18 | 000,001,297 | ---- | C] () -- C:\Documents and Settings\kkalidin\2011_13_04_IMPORT_EQUITY_DAILY.mkt
[2011/04/13 17:10:18 | 000,001,187 | ---- | C] () -- C:\Documents and Settings\kkalidin\2011_13_04_IMPORT_EQUITY_PRICE.mkt
[2011/04/13 17:10:18 | 000,000,535 | ---- | C] () -- C:\Documents and Settings\kkalidin\2011_13_04_IMPORT_IR.mkt
[2011/04/13 17:10:18 | 000,000,229 | ---- | C] () -- C:\Documents and Settings\kkalidin\2011_13_04_IMPORT_FX_RATE.mkt
[2011/04/13 17:10:18 | 000,000,134 | ---- | C] () -- C:\Documents and Settings\kkalidin\2011_13_04_IMPORT_RPI.mkt
[2011/03/09 19:45:42 | 000,000,120 | ---- | C] () -- C:\WINDOWS\Mxeyofepoh.dat
[2011/03/09 19:45:42 | 000,000,000 | ---- | C] () -- C:\WINDOWS\Krihup.bin
[2011/03/08 18:49:25 | 000,021,791 | ---- | C] () -- C:\WINDOWS\System32\smtpctrs.ini
[2011/03/08 18:49:25 | 000,001,037 | ---- | C] () -- C:\WINDOWS\System32\ntfsdrct.ini
[2011/03/08 18:49:04 | 000,038,576 | ---- | C] () -- C:\WINDOWS\System32\w3ctrs.ini
[2011/03/08 18:49:04 | 000,010,225 | ---- | C] () -- C:\WINDOWS\System32\axperf.ini
[2011/03/08 18:49:02 | 000,011,435 | ---- | C] () -- C:\WINDOWS\System32\infoctrs.ini
[2011/03/08 16:24:12 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2011/03/07 19:30:13 | 000,035,994 | RHS- | C] () -- C:\Documents and Settings\kkalidin\ntuser.pol
[2011/03/07 19:24:28 | 000,009,644 | RHS- | C] () -- C:\Documents and Settings\All Users\ntuser.pol
[2011/03/07 18:26:33 | 000,982,240 | ---- | C] () -- C:\WINDOWS\System32\igkrng500.bin
[2011/03/07 18:26:32 | 000,004,096 | ---- | C] ( ) -- C:\WINDOWS\System32\IGFXDEVLib.dll
[2011/03/07 18:26:32 | 000,000,151 | ---- | C] () -- C:\WINDOWS\System32\GfxUI.exe.config
[2011/03/07 18:26:31 | 000,439,308 | ---- | C] () -- C:\WINDOWS\System32\igcompkrng500.bin
[2011/03/03 13:39:56 | 000,109,568 | ---- | C] () -- C:\WINDOWS\System32\avi.dll
[2011/03/03 13:38:10 | 000,097,792 | ---- | C] () -- C:\WINDOWS\System32\avs.dll
[2011/03/03 13:37:50 | 000,093,184 | ---- | C] () -- C:\WINDOWS\System32\avss.dll
[2011/01/19 16:57:16 | 000,087,552 | ---- | C] () -- C:\WINDOWS\System32\cpwmon2k.dll
[2011/01/19 16:47:19 | 000,000,497 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2011/01/19 16:29:59 | 000,000,036 | ---- | C] () -- C:\WINDOWS\Webica.ini
[2011/01/19 15:09:22 | 000,308,624 | ---- | C] () -- C:\WINDOWS\System32\brcmbsp.dll
[2011/01/19 15:09:22 | 000,206,216 | ---- | C] () -- C:\WINDOWS\System32\bipbsp.dll
[2011/01/19 15:05:46 | 000,080,368 | ---- | C] () -- C:\WINDOWS\System32\pbadrvdll.dll
[2011/01/19 14:54:04 | 000,031,871 | ---- | C] () -- C:\WINDOWS\System32\nvModes.dat
[2011/01/19 14:51:35 | 001,589,414 | ---- | C] () -- C:\WINDOWS\System32\nvdata.bin
[2011/01/19 14:21:30 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2011/01/19 14:14:32 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2011/01/19 14:05:12 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2011/01/19 14:03:53 | 000,268,600 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
========== ZeroAccess Check ==========
[2012/09/23 00:35:44 | 000,002,048 | -HS- | M] () -- C:\RECYCLER\S-1-5-18\$ff2caa1aa22dfcfd966705d0cb61f720\@
[2012/09/23 00:35:44 | 000,077,312 | -HS- | M] () -- C:\RECYCLER\S-1-5-18\$ff2caa1aa22dfcfd966705d0cb61f720\n
[2012/09/23 00:35:44 | 000,000,000 | -HSD | M] -- C:\RECYCLER\S-1-5-18\$ff2caa1aa22dfcfd966705d0cb61f720\L
[2012/09/25 08:47:24 | 000,000,000 | -HSD | M] -- C:\RECYCLER\S-1-5-18\$ff2caa1aa22dfcfd966705d0cb61f720\U
[2012/09/25 08:47:25 | 000,000,804 | ---- | M] () -- C:\RECYCLER\S-1-5-18\$ff2caa1aa22dfcfd966705d0cb61f720\L\00000004.@
[2012/09/25 08:47:19 | 000,002,048 | ---- | M] () -- C:\RECYCLER\S-1-5-18\$ff2caa1aa22dfcfd966705d0cb61f720\U\00000004.@
[2012/09/25 08:47:24 | 000,232,960 | ---- | M] () -- C:\RECYCLER\S-1-5-18\$ff2caa1aa22dfcfd966705d0cb61f720\U\00000008.@
[2012/09/25 08:47:19 | 000,001,632 | ---- | M] () -- C:\RECYCLER\S-1-5-18\$ff2caa1aa22dfcfd966705d0cb61f720\U\000000cb.@
[2012/09/23 08:06:26 | 000,013,312 | ---- | M] () -- C:\RECYCLER\S-1-5-18\$ff2caa1aa22dfcfd966705d0cb61f720\U\80000000.@
[2012/09/25 08:47:24 | 000,091,136 | ---- | M] () -- C:\RECYCLER\S-1-5-18\$ff2caa1aa22dfcfd966705d0cb61f720\U\80000032.@
[2011/01/19 15:05:22 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini
[2012/09/25 08:47:15 | 000,005,120 | -HS- | M] () -- C:\WINDOWS\assembly\GAC\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
"ThreadingModel" = Both
"" = C:\RECYCLER\S-1-5-21-1914378695-1302515424-3380946746-96952\$ff2caa1aa22dfcfd966705d0cb61f720\n. -- File not found
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2010/11/05 07:05:36 | 001,510,400 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\RECYCLER\S-1-5-18\$ff2caa1aa22dfcfd966705d0cb61f720\n. -- [2012/09/23 00:35:44 | 000,077,312 | -HS- | M] ()
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll\system32\wbem\wbemess.dll
"ThreadingModel" = Apartment
========== LOP Check ==========
[2011/03/13 15:01:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Astroburn Lite
[2011/12/16 19:04:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Birdstep Technology
[2011/01/19 15:08:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Broadcom
[2011/03/07 19:49:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Cisco
[2012/02/08 14:02:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Citrix
[2011/03/14 11:21:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Lite
[2011/03/08 18:52:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\GroupPolicy
[2011/11/22 18:35:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Hummingbird
[2011/01/19 18:06:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\IBM
[2012/04/25 17:28:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MySQL
[2011/11/28 14:13:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Tarma Installer
[2012/09/25 09:57:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2011/01/19 16:54:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WinZip
[2012/01/05 15:35:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\kkalidin\Application Data\Cisco
[2011/03/13 14:59:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\kkalidin\Application Data\DAEMON Tools Lite
[2012/09/23 00:44:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\kkalidin\Application Data\Dropbox
[2012/03/14 13:36:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\kkalidin\Application Data\FileZilla
[2011/03/15 13:40:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\kkalidin\Application Data\Foxit Software
[2012/08/01 01:17:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\kkalidin\Application Data\ghc
[2011/11/22 19:06:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\kkalidin\Application Data\Hummingbird
[2011/03/07 19:31:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\kkalidin\Application Data\IBM
[2012/02/08 14:01:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\kkalidin\Application Data\ICAClient
[2012/04/18 18:45:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\kkalidin\Application Data\IsolatedStorage
[2012/08/26 10:10:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\kkalidin\Application Data\Notepad++
[2012/07/21 22:43:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\kkalidin\Application Data\Oracle
[2012/01/17 17:45:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\kkalidin\Application Data\Scooter Software
[2011/12/06 13:01:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\kkalidin\Application Data\Snip-It Pro
[2012/09/08 13:49:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\kkalidin\Application Data\TeamViewer
[2011/11/28 14:18:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\kkalidin\Application Data\Trillian
[2012/07/21 21:51:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\kkalidin\Application Data\updatetool
[2012/05/21 15:02:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\kkalidin\Application Data\webex
[2012/01/11 20:04:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\kkalidin\Application Data\Windows Desktop Search
[2012/01/20 11:27:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\kkalidin\Application Data\Windows Search
[2012/08/07 00:23:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\kkalidin\Application Data\WinEdt
========== Purity Check ==========
< End of report >
***********************************
OTL Extras logfile created on: 25/09/2012 10:15:08 - Run 1
OTL by OldTimer - Version 3.2.68.0 Folder = C:\Documents and Settings\kkalidin\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy
3.46 Gb Total Physical Memory | 2.49 Gb Available Physical Memory | 71.95% Memory free
5.30 Gb Paging File | 4.53 Gb Available in Paging File | 85.40% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 147.01 Gb Total Space | 60.96 Gb Free Space | 41.47% Space Free | Partition Type: NTFS
Drive D: | 2.00 Gb Total Space | 1.90 Gb Free Space | 95.06% Space Free | Partition Type: FAT32
Computer Name: LONPAD-LFX0XQ4J | User Name: kkalidin | NOT logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 1
"FirewallDisableNotify" = 1
"UpdatesDisableNotify" = 1
"AntiVirusOverride" = 0
"FirewallOverride" = 0
"AllAlertsDisabled" = 1
"TermService" = 1
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ==========
========== Authorized Applications List ==========
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0003C1E0-E0E7-49BB-A0F6-4AE6D2B09202}" = UPEK TouchChip Fingerprint Reader
"{01C5A10F-AD9B-405B-853A-6659841A1242}" = Microsoft SQL Server 2008 Policies
"{01D2EB2D-0560-3473-8300-7FF46FD7EC85}" = Strawberry Perl
"{06A7EA72-0F00-4D53-A81C-A5D925711141}" = Microsoft SQL Server 2008 Full text search
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{0C5CEAD0-5F85-4337-8FAB-3BF45C6083B3}" = Microsoft SQL Server PowerPivot for Excel (32-bit)
"{1111706F-666A-4037-7777-211328764D10}" = JavaFX 2.1.1
"{164EB883-354E-4290-AD76-67CEE65403A3}" = IBM System i Access for Windows V6R1M0
"{17E1BC18-8B8C-4160-B759-C47294B5A9C2}" = Cisco AnyConnect VPN Client
"{196E77C5-F524-4B50-BD1A-2C21EEE9B8F7}" = Microsoft SQL Server 2008 Common Files
"{2020045B-8DCF-4449-8D5C-EB5BA37440F1}" = Microsoft SQL Server 2008 Management Studio
"{2222706F-666A-4037-7777-211328764D10}" = JavaFX 2.1.1 SDK
"{23170F69-40C1-2701-0920-000001000000}" = 7-Zip 9.20
"{23F70562-02F4-4805-ACF5-6E52BAD167C2}" = Microsoft SQL Server 2008 Reporting Services
"{25F79837-622B-451C-9454-F3C2578E4B83}" = Software Management Solution Plugin
"{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java™ 6 Update 31
"{26A24AE4-039D-4CA4-87B4-2F83217005FF}" = Java™ 7 Update 5
"{275ABBA2-4817-4443-9AB8-ED43CA9AAA17}" = Microsoft SQL Server 2008 BI Development Studio
"{2B818257-E6C7-4841-8C29-C5C9A982BCE5}" = RICOH Media Driver ver.2.11.01.02
"{32A3A4F4-B792-11D6-A78A-00B0D0170050}" = Java SE Development Kit 7 Update 5
"{33AE9E89-47C9-4A0D-9E9D-BDD6966A3804}" = Microsoft SQL Server 2008 RsFx Driver
"{342D4AD7-EC4C-4EC8-AEA6-E70F5905A490}" = SQL Server System CLR Types
"{3431A7A3-6287-46B0-8AF1-BE2452A1FE62}" = Microsoft SQL Server 2008 Books Online (English)
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{35DFFE62-9F48-4236-9249-9EAB5C7123C9}" = Hummingbird Exceed 2006
"{3A9FC03D-C685-4831-94CF-4EDFD3749497}" = Microsoft SQL Server Compact 3.5 SP2 ENU
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{40F34A1C-65A2-4163-98CE-A0D0646CABEF}" = Microsoft SQL Server 2008 Integration Services
"{4112625F-2D38-49EF-924F-48511BC5CD34}" = Microsoft SQL Server 2008 Database Engine Services
"{43507E5B-94A0-4E56-9C7B-FAAAFBDB5904}" = Intel® PROSet/Wireless WiFi Software
"{46F8CF66-AB83-38A7-99B2-A5BE507EE472}" = Microsoft Visual C++ 2010 Express - ENU
"{477C82FC-FC2E-4A48-BA3A-29AA8C7E150A}" = Deployment Solution Agent
"{47C39E4A-28F2-33B1-B9B7-97F24E52D917}" = Microsoft Help Viewer 1.0
"{4815BD99-96A4-49FE-A885-DCF06E9E4E78}" = Microsoft SQL Server 2008 Database Engine Shared
"{49E98741-B7A4-4A44-A536-6AFCA23106FE}" = Microsoft SQL Server 2008 Reporting Services
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A1A484F-58FD-46F5-A3DE-437C65FC2CF1}_is1" = Snip-It Pro
"{4A6F34E2-09E5-4616-B227-4A26A488A6F9}" = Microsoft SQL Server 2008 Common Files
"{4D28EFCF-5999-44D2-8D4E-AC643E76C33F}" = Microsoft SQL Server 2008 Client Tools
"{4F44B5AE-82A6-4A8A-A3E3-E24D489728E3}" = Microsoft SQL Server 2008 Native Client
"{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}" = Microsoft SQL Server Setup Support Files (English)
"{5681D2E0-E49E-4019-B80A-9BA1A8A2B889}" = Cisco Unified Personal Communicator
"{58721EC3-8D4E-4B79-BC51-1054E2DDCD10}" = Microsoft SQL Server 2008 Database Engine Services
"{609F7AC8-C510-11D4-A788-009027ABA5D0}" = Easy CD Creator 5 Basic
"{60D46DEE-5221-47AA-B978-BA25C5D9F560}" = Microsoft SQL Server 2008 Client Tools
"{6249567F-65C3-4EE7-B023-E4FA035B0520}" = Microsoft SQL Server 2008 Analysis Services
"{64CDE8F2-3791-46F5-BAD2-72FFF5252FAB}" = Microsoft SQL Server Compact 3.5 SP1 Query Tools English
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel® Management Engine Components
"{6A7F4379-B2EE-444F-AC4A-C5379B1CF95E}" = Dell ControlVault Host Components Installer
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7170F93F-6B61-4DC1-A664-0E222744CEC7}" = Citrix online plug-in (DV)
"{7293D767-036E-46F2-960C-C017280D589E}" = MySQL Installer
"{789C9644-9F82-44d3-B4CA-AC31F46F5882}" = Python 3.2.3
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{87434D51-51DB-4109-B68F-A829ECDCF380}" = AccelerometerP11
"{889DF117-14D1-44EE-9F31-C5FB5D47F68B}" = Yontoo Layers Runtime 1.10.01
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90140000-0010-0409-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (English) 14
"{90140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010
"{90140000-0015-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010
"{90140000-0016-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010
"{90140000-0018-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010
"{90140000-0019-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010
"{90140000-001A-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010
"{90140000-001B-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUS_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUS_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010
"{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.PROPLUS_{DEA87BE2-FFCC-4F33-9946-FCBE55A1E998}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010
"{90140000-002C-0409-0000-0000000FF1CE}_Office14.PROPLUS_{7CA93DF4-8902-449E-A42E-4C5923CFBDE3}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2010
"{90140000-0044-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010
"{90140000-006E-0409-0000-0000000FF1CE}_Office14.PROPLUS_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010
"{90140000-00A1-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2010
"{90140000-00BA-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010
"{90140000-0115-0409-0000-0000000FF1CE}_Office14.PROPLUS_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010
"{90140000-0117-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{90A66838-7FAD-4B2C-A8EB-FA37E3DA993C}" = Altiris Application Metering Agent
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{96327C3C-96BE-4C7A-A6F7-A71635E5949A}" = Microsoft SQL Server 2005 Backward compatibility
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D583F01-A973-4B04-90BD-FB7886779090}" = Dell Wireless HSPA Mini-Card Drivers
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = Dell Touchpad
"{A1F99DF8-DB0B-4EDA-88E1-44CE388E05C1}" = Patch Management Agent
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A53A11EA-0095-493F-86FA-A15E8A86A405}" = VMware Player
"{A64A5576-D862-44F8-89DC-2B17FCC9B86E}" = Broadcom Gigabit Integrated Controller
"{A8BD5A60-E843-46DC-8271-ABF20756BE0F}" = Microsoft Sync Framework Runtime v1.0 (x86)
"{AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB}" = Microsoft Visual Studio Tools for Applications 2.0 - ENU
"{AAE221D5-C3DD-4FE2-A063-C1368FE730A5}" = Symantec Endpoint Protection
"{AC54DC1F-EDA7-448C-BA4C-218A92F5E985}" = Microsoft SQL Server 2008 BI Development Studio
"{AC76BA86-7AD7-1033-7B44-A93000000001}" = Adobe Reader 9.3
"{AE66F944-596A-4D09-9A1C-DAF3DE836991}" = Citrix online plug-in (HDX)
"{AEB03FAF-90EB-4B4F-BA32-9C4DDE2C9804}" = Microsoft SQL Server 2008 Integration Services
"{AF7E4468-E364-4991-BC2A-6E8293E1055B}" = BioAPI Framework
"{B5153233-9AEE-4CD4-9D2C-4FAAC870DBE2}" = Microsoft SQL Server 2008 Database Engine Services
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{B7E38540-E355-3503-AFD7-635B2F2F76E1}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974
"{B81AE9B5-B23F-4196-9005-A3B96BC73DC6}" = Altiris Inventory Agent
"{B857D868-F8B0-43EE-BC2B-D9E5ED21F237}" = Microsoft SQL Server VSS Writer
"{B8E9F8A1-9F4D-43D5-ABD6-1DF067FAA469}" = Microsoft SQL Server 2008 Database Engine Services
"{BA0C9AAF-1327-3F06-B49C-349B4BE8F740}" = Microsoft Visual Studio 2008 Shell (integrated mode) - ENU
"{BF251EAF-8697-4E89-BF09-C998F97BBC40}" = Microsoft SQL Server Native Client
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C0C31BCC-56FB-42a7-8766-D29E1BD74C7C}" = Python 2.7.3
"{C688457E-03FD-4941-923B-A27F4D42A7DD}" = Microsoft SQL Server 2008 Browser
"{C89B00A2-B72A-4935-96FC-38796E9554EC}" = Microsoft Sync Services for ADO.NET v2.0 (x86)
"{C965F01C-76EA-4BD7-973E-46236AE312D7}" = Sql Server Customer Experience Improvement Program
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CD95F661-A5C4-44F5-A6AA-ECDD91C240B2}" = WinZip 11.2
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}" = Microsoft .NET Framework 4 Multi-Targeting Pack
"{D441BD04-E548-4F8E-97A4-1B66135BAAA8}" = Microsoft SQL Server 2008 Setup Support Files
"{D641760F-FE66-4655-99B9-59A451F2FFAB}" = Citrix online plug-in (USB)
"{D6C630BF-8DBB-4042-8562-DC9A52CB6E7E}" = Intel® Turbo Boost Technology Driver
"{DAA8590D-D93E-4697-9CBE-D96A7590A8E3}" = Microsoft SQL Server 2008 Analysis Services
"{DE002866-428A-4656-A4D3-12505C6DF2CF}" = WebEx Productivity Tools
"{DEB9EDBE-5E45-4E23-B7BE-7BF0D283DC92}" = Opics Risk 1.2
"{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}" = IDT Audio
"{E69A76AA-71D9-4939-8EBB-8FC8BE22428D}" = Files Compare Tool
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel® Graphics Media Accelerator Driver
"{F3494AB6-6900-41C6-AF57-823626827ED8}" = Microsoft SQL Server 2008 Database Engine Shared
"{F9F0C5D5-AAE5-45FA-95C2-CA1EE0FA067A}" = Citrix online plug-in (Web)
"{FA9C3624-C693-4423-8A8B-2BC2B9F607AB}" = Microsoft SQL Server 2008 Management Studio
"{FF1DDCF4-3A28-4F7F-96D8-E3F4BD1C1702}" = Dell Security Device Driver Pack
"{FFD9383C-01D5-4897-A954-43AF599AED30}" = tools-windows
"9512AA21B791B05A54E27065C45BBC417AB282DF" = Windows Driver Package - Dell Inc. PBADRV System (09/11/2009 1.0.1.6)
"ActiveTouchMeetingClient" = WebEx
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"A-PDF Merger_is1" = A-PDF Merger
"Astroburn Lite" = Astroburn Lite
"BeyondCompare3_is1" = Beyond Compare Version 3.3.5
"CCleaner" = CCleaner
"Cisco Systems SSL VPN Client" = Cisco SSL VPN Client
"CitrixOnlinePluginPackWeb" = Citrix online plug-in - web
"CutePDF Writer Installation" = CutePDF Writer 2.7
"FileZilla Client" = FileZilla Client 3.5.1
"Foxit Reader" = Foxit Reader
"HaskellPlatform-2012.2.0.0" = Haskell Platform 2012.2.0.0
"Huawei Modems" = Huawei modem
"ie8" = Windows Internet Explorer 8
"LiveUpdate" = LiveUpdate 3.3 (Symantec Corporation)
"McAfee Security Scan" = McAfee Security Scan Plus
"Media Player - Codec Pack" = Media Player Codec Pack 4.2.2
"MetaFrame Presentation Server Web Client for Win32" = MetaFrame Presentation Server Web Client for Win32
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft Forefront UAG endpoint components 3.1.0" = Microsoft Forefront UAG endpoint components v4.0.0
"Microsoft Help Viewer 1.0" = Microsoft Help Viewer 1.0
"Microsoft SQL Server 10" = Microsoft SQL Server 2008
"Microsoft SQL Server 10 Release" = Microsoft SQL Server 2008
"Microsoft Visual C++ 2010 Express - ENU" = Microsoft Visual C++ 2010 Express - ENU
"MiKTeX 2.9" = MiKTeX 2.9
"Mozilla Firefox 15.0.1 (x86 en-GB)" = Mozilla Firefox 15.0.1 (x86 en-GB)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"nbi-glassfish-mod-3.1.2.23.0" = GlassFish Server Open Source Edition 3.1.2
"nbi-nb-base-7.1.2.0.0" = NetBeans IDE 7.1.2
"Notepad++" = Notepad++
"NVIDIA Drivers" = NVIDIA Drivers
"Office14.PROPLUS" = Microsoft Office Professional Plus 2010
"ProInst" = Intel PROSet Wireless
"PROSet" = Intel® Network Connections Drivers
"PyQt GPL v4.9.4 for Python v2.7 (x86)" = PyQt GPL v4.9.4 for Python v2.7 (x86)
"PyQt GPL v4.9.4 for Python v3.2 (x86)" = PyQt GPL v4.9.4 for Python v3.2 (x86)
"Python 2.7 - spyder 2.1.11" = Python 2.7 - spyder 2.1.11
"R for Windows 2.14.1_is1" = R for Windows 2.14.1
"R for Windows 2.14.2_is1" = R for Windows 2.14.2
"SpywareBlaster_is1" = SpywareBlaster 4.6
"TeamViewer 7" = TeamViewer 7
"Trillian" = Trillian
"UniPrint Client 3.6.0" = UniPrint Client 3.6.0
"VMware_Player" = VMware Player
"Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
"Wdf01009" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
"WinEdt_is1" = WinEdt
"WinRAR archiver" = WinRAR 4.00 (32-bit)
"winscp3_is1" = WinSCP 4.3.4
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Cisco Unified Presenter Add-in 6x5" = Cisco Unified Presenter Add-in 6x5
"Dropbox" = Dropbox
"Google Chrome" = Google Chrome
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 22/09/2012 10:09:39 | Computer Name = LONPAD-LFX0XQ4J | Source = Report Server Windows Service (MSSQLSERVER) | ID = 107
Description = Report Server Windows Service (MSSQLSERVER) cannot connect to the
report server database.
Error - 22/09/2012 10:09:39 | Computer Name = LONPAD-LFX0XQ4J | Source = Report Server Windows Service (MSSQLSERVER) | ID = 136
Description = The evaluation period for this instance of Microsoft SQL Server Reporting
Services has expired. A license is now required.
Error - 22/09/2012 10:10:57 | Computer Name = LONPAD-LFX0XQ4J | Source = Report Server Windows Service (MSSQLSERVER) | ID = 107
Description = Report Server Windows Service (MSSQLSERVER) cannot connect to the
report server database.
Error - 22/09/2012 10:10:57 | Computer Name = LONPAD-LFX0XQ4J | Source = Report Server Windows Service (MSSQLSERVER) | ID = 136
Description = The evaluation period for this instance of Microsoft SQL Server Reporting
Services has expired. A license is now required.
Error - 22/09/2012 10:12:15 | Computer Name = LONPAD-LFX0XQ4J | Source = Report Server Windows Service (MSSQLSERVER) | ID = 107
Description = Report Server Windows Service (MSSQLSERVER) cannot connect to the
report server database.
Error - 22/09/2012 10:12:15 | Computer Name = LONPAD-LFX0XQ4J | Source = Report Server Windows Service (MSSQLSERVER) | ID = 136
Description = The evaluation period for this instance of Microsoft SQL Server Reporting
Services has expired. A license is now required.
Error - 22/09/2012 10:13:32 | Computer Name = LONPAD-LFX0XQ4J | Source = Report Server Windows Service (MSSQLSERVER) | ID = 107
Description = Report Server Windows Service (MSSQLSERVER) cannot connect to the
report server database.
Error - 25/09/2012 02:33:25 | Computer Name = LONPAD-LFX0XQ4J | Source = STCAgent | ID = 50331650
Description = Termination reason code 10 [FAST_USER_SWITCH]
Error - 25/09/2012 02:34:07 | Computer Name = LONPAD-LFX0XQ4J | Source = Userenv | ID = 1054
Description = Windows cannot obtain the domain controller name for your computer
network. (The specified domain either does not exist or could not be contacted.
). Group Policy processing aborted.
Error - 25/09/2012 02:34:12 | Computer Name = LONPAD-LFX0XQ4J | Source = AutoEnrollment | ID = 15
Description = Automatic certificate enrollment for local system failed to contact
the active directory (0x8007054b). The specified domain either does not exist
or could not be contacted. Enrollment will not be performed.
[ Cisco AnyConnect VPN Client Events ]
Error - 04/01/2012 14:30:56 | Computer Name = LONPAD-LFX0XQ4J | Source = vpnagent | ID = 50331649
Description = Function: WaitForSingleObject Return code: 6 File: C:\temp\build\thehoff\release0.662121392113-Mon-23-Apr-2007-10-08-48\release\Agent\Agent.cpp
Line:
606 Description: The handle is invalid.
Error - 05/01/2012 13:56:03 | Computer Name = LONPAD-LFX0XQ4J | Source = vpnagent | ID = 50331649
Description = Function: WaitForSingleObject Return code: 6 File: C:\temp\build\thehoff\release0.662121392113-Mon-23-Apr-2007-10-08-48\release\Agent\Agent.cpp
Line:
606 Description: The handle is invalid.
Error - 08/03/2012 15:43:50 | Computer Name = LONPAD-LFX0XQ4J | Source = vpnagent | ID = 50331649
Description = Function: WaitForSingleObject Return code: 6 File: C:\temp\build\thehoff\release0.662121392113-Mon-23-Apr-2007-10-08-48\release\Agent\Agent.cpp
Line:
606 Description: The handle is invalid.
Error - 29/03/2012 16:24:41 | Computer Name = LONPAD-LFX0XQ4J | Source = vpnagent | ID = 50331649
Description = Function: WaitForSingleObject Return code: 6 File: C:\temp\build\thehoff\release0.662121392113-Mon-23-Apr-2007-10-08-48\release\Agent\Agent.cpp
Line:
606 Description: The handle is invalid.
Error - 18/05/2012 03:08:09 | Computer Name = LONPAD-LFX0XQ4J | Source = vpnagent | ID = 50331649
Description = Function: WaitForSingleObject Return code: 6 File: C:\temp\build\thehoff\release0.662121392113-Mon-23-Apr-2007-10-08-48\release\Agent\Agent.cpp
Line:
606 Description: The handle is invalid.
Error - 31/05/2012 12:27:52 | Computer Name = LONPAD-LFX0XQ4J | Source = vpnagent | ID = 50331649
Description = Function: WaitForSingleObject Return code: 6 File: C:\temp\build\thehoff\release0.662121392113-Mon-23-Apr-2007-10-08-48\release\Agent\Agent.cpp
Line:
606 Description: The handle is invalid.
Error - 27/06/2012 18:50:09 | Computer Name = LONPAD-LFX0XQ4J | Source = vpnagent | ID = 50331649
Description = Function: WaitForSingleObject Return code: 6 File: C:\temp\build\thehoff\release0.662121392113-Mon-23-Apr-2007-10-08-48\release\Agent\Agent.cpp
Line:
606 Description: The handle is invalid.
Error - 29/07/2012 07:00:58 | Computer Name = LONPAD-LFX0XQ4J | Source = vpnagent | ID = 50331649
Description = Function: WaitForSingleObject Return code: 6 File: C:\temp\build\thehoff\release0.662121392113-Mon-23-Apr-2007-10-08-48\release\Agent\Agent.cpp
Line:
606 Description: The handle is invalid.
Error - 22/09/2012 01:49:47 | Computer Name = LONPAD-LFX0XQ4J | Source = vpnagent | ID = 50331649
Description = Function: WaitForSingleObject Return code: 6 File: C:\temp\build\thehoff\release0.662121392113-Mon-23-Apr-2007-10-08-48\release\Agent\Agent.cpp
Line:
606 Description: The handle is invalid.
Error - 23/09/2012 02:03:37 | Computer Name = LONPAD-LFX0XQ4J | Source = vpnagent | ID = 50331649
Description = Function: WaitForSingleObject Return code: 6 File: C:\temp\build\thehoff\release0.662121392113-Mon-23-Apr-2007-10-08-48\release\Agent\Agent.cpp
Line:
606 Description: The handle is invalid.
[ System Events ]
Error - 25/09/2012 03:47:23 | Computer Name = LONPAD-LFX0XQ4J | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service DMService with
arguments "-Service" in order to run the server: {A43FC529-2A0A-4E55-A4AE-83AACA5523C2}
Error - 25/09/2012 03:47:24 | Computer Name = LONPAD-LFX0XQ4J | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service DMService with
arguments "-Service" in order to run the server: {A43FC529-2A0A-4E55-A4AE-83AACA5523C2}
Error - 25/09/2012 03:47:24 | Computer Name = LONPAD-LFX0XQ4J | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service DMService with
arguments "-Service" in order to run the server: {A43FC529-2A0A-4E55-A4AE-83AACA5523C2}
Error - 25/09/2012 03:47:24 | Computer Name = LONPAD-LFX0XQ4J | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service DMService with
arguments "-Service" in order to run the server: {A43FC529-2A0A-4E55-A4AE-83AACA5523C2}
Error - 25/09/2012 03:47:24 | Computer Name = LONPAD-LFX0XQ4J | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service DMService with
arguments "-Service" in order to run the server: {A43FC529-2A0A-4E55-A4AE-83AACA5523C2}
Error - 25/09/2012 03:56:35 | Computer Name = LONPAD-LFX0XQ4J | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service LiveUpdate
with arguments "" in order to run the server: {03E0E6C2-363B-11D3-B536-00902771A435}
Error - 25/09/2012 03:56:35 | Computer Name = LONPAD-LFX0XQ4J | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service LiveUpdate
with arguments "" in order to run the server: {03E0E6C2-363B-11D3-B536-00902771A435}
Error - 25/09/2012 03:58:15 | Computer Name = LONPAD-LFX0XQ4J | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service MDM with arguments
"" in order to run the server: {0C0A3666-30C9-11D0-8F20-00805F2CD064}
Error - 25/09/2012 03:58:31 | Computer Name = LONPAD-LFX0XQ4J | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service MDM with arguments
"" in order to run the server: {0C0A3666-30C9-11D0-8F20-00805F2CD064}
Error - 25/09/2012 04:15:06 | Computer Name = LONPAD-LFX0XQ4J | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service MDM with arguments
"" in order to run the server: {0C0A3666-30C9-11D0-8F20-00805F2CD064}
< End of report >
Sign In
Create Account
