Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Infected with Spyware and virus, computer is slow.


  • Please log in to reply

#16
kahdah

kahdah

    GeekU Teacher

  • Retired Staff
  • 15,822 posts
How are things running?
  • 0

Advertisements


#17
sumd

sumd

    Member

  • Topic Starter
  • Member
  • PipPip
  • 14 posts
Hi,

Thanks a lot. You are awesome!

Still slow at start up. May be because of McAfee.

Haven't browsed in 3 days except checking for your replies. Too scared to browse. :-)

I still don't understand, I've windows defender and McAfee. How did I get this mess?

Do you think I should change my antivirus protection?

Thanks again,
sumd
  • 0

#18
kahdah

kahdah

    GeekU Teacher

  • Retired Staff
  • 15,822 posts
Go ahead and browse where you want to see if all is normal again.
Then let me know how things are.
You can change your antivirus if you wish.
I recommend one of the below.
AVG free 8.0
Note this is free antispyware protection and Antivirus protection.

or

Antivir
this is just antivirus protection.

AVira would be the better choice only because it is less resource heavy than AVG.

Let me know if all is normal again and we will wrap it up.
  • 0

#19
sumd

sumd

    Member

  • Topic Starter
  • Member
  • PipPip
  • 14 posts
Hi,

Thanks again. Everything looks good.

I'm assuming that it's OK to delete Qoobox, _OTListIt folders, Rooter.exe, OTListIt2.exe and ComboFix.exe.

Could I just disable McAfee and try AVG or do I need to uninstall McAfee before installing AVG?

sumd.

Edited by sumd, 23 March 2009 - 04:20 PM.

  • 0

#20
kahdah

kahdah

    GeekU Teacher

  • Retired Staff
  • 15,822 posts
Get rid of Mcafee it is lame.
Doing the following steps will get rid of what we used.


Cleanup:

Please download OT CLeanit from Here save it to your desktop.
Double click on OT Clean it to run it.
Then click on Clean up.
Restart your computer when prompted.
This will remove what tools we used.
===============
Delete\uninstall anything else that we have used.


System Restore
Then I will need you to reset your System Restore points.
The link below shows how to create a clean restore point.
How to Turn On and Turn Off System Restore in Windows XP
http://support.micro...kb/310405/en-us

If you are using Vista then see this link > http://www.bleepingc...143.html#manual
=====================================
After that your log is clean. :)


The following are some articles and a Windows Update link that I like to suggest to people to prevent malware and general PC maintenance.

Windows Updates - It is very important to make sure that both Internet Explorer and Windows are kept current with the latest critical security patches from Microsoft. To do this just start Internet Explorer and select Tools > Windows Update, and follow the online instructions from there.

Prevention article To find out more information about how you got infected in the first place and some great guidelines to follow to prevent future infections please read the Prevention artice by Miekiemoes.

If your computer is slow Is a tutorial on what you can do if your computer is slow.
======================
You are welcome :)


Since this issue appears to be resolved ... this Topic has been closed. Glad we could help. :)

If your the topic starter, and need this topic reopened, please contact me via pm with the address of the thread.

Everyone else please begin a New Topic.
  • 0

#21
kahdah

kahdah

    GeekU Teacher

  • Retired Staff
  • 15,822 posts
Topic re-opened.

  • Download OTListIt2 to your desktop.
  • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
  • When the window appears, underneath Output at the top change it to Minimal Output.
  • Under the Standard Registry box change it to All.
  • Check the boxes beside LOP Check and Purity Check.
  • Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  • When the scan completes, it will open two notepad windows. OTListIt.Txt and Extras.Txt. These are saved in the same location as OTListIt2.
  • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post it with your next reply.

  • 0

#22
sumd

sumd

    Member

  • Topic Starter
  • Member
  • PipPip
  • 14 posts
OTList2.exe didn't generate Extras.txt, just the OTList.txt

=================
OTList.txt
=================

OTListIt logfile created on: 4/2/2009 8:59:58 AM - Run 6
OTListIt2 by OldTimer - Version 2.0.9.0 Folder = C:\Documents and Settings\jyothiv\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

510.92 Mb Total Physical Memory | 310.68 Mb Available Physical Memory | 60.81% Memory free
1.22 Gb Paging File | 0.74 Gb Available in Paging File | 60.86% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536;

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 51.30 Gb Total Space | 21.70 Gb Free Space | 42.31% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: JYOTHI
Current User Name: jyothiv
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Output = Minimal
File Age = 30 Days
Company Name Whitelist: On

========== Processes (SafeList) ==========

PRC - C:\WINDOWS\system32\ibmpmsvc.exe (Lenovo)
PRC - C:\Program Files\Windows Defender\MsMpEng.exe (Microsoft Corporation)
PRC - C:\WINDOWS\system32\S24EvMon.exe (Intel Corporation )
PRC - C:\Program Files\Google\Update\GoogleUpdate.exe (Google Inc.)
PRC - C:\WINDOWS\Explorer.EXE (Microsoft Corporation)
PRC - C:\Program Files\AVG\AVG8\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\IBM\IBM Rapid Restore Ultra\rrpcsb.exe ()
PRC - C:\Program Files\AVG\AVG8\avgrsx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\Java\jre6\bin\jqs.exe (Sun Microsystems, Inc.)
PRC - c:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe (Microsoft Corporation)
PRC - C:\WINDOWS\System32\QCONSVC.EXE (IBM Corp.)
PRC - C:\Program Files\Synaptics\SynTP\SynTPLpr.exe (Synaptics, Inc.)
PRC - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics, Inc.)
PRC - C:\WINDOWS\system32\TpShocks.exe (IBM Corp.)
PRC - C:\WINDOWS\system32\RegSrvc.exe (Intel Corporation)
PRC - C:\Program Files\ThinkPad\PkgMgr\HOTKEY\TPHKMGR.exe ()
PRC - C:\Program Files\ThinkPad\Utilities\EzEjMnAp.Exe (IBM Corp.)
PRC - C:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe (Lenovo Group Limited)
PRC - C:\WINDOWS\system32\dla\tfswctrl.exe (Sonic Solutions)
PRC - C:\Program Files\IBM\Messages By IBM\ibmmessages.exe (IBM)
PRC - C:\IBMTOOLS\UTILS\ibmprc.exe (IBM Corp.)
PRC - C:\Program Files\ThinkPad\ConnectUtilities\QCTRAY.EXE (IBM Corp.)
PRC - C:\Program Files\ThinkPad\ConnectUtilities\QCWLICON.EXE (IBM Corp.)
PRC - C:\WINDOWS\system32\TpKmpSVC.exe ()
PRC - C:\Program Files\ThinkPad\PkgMgr\HOTKEY\TPONSCR.exe ()
PRC - C:\Program Files\ThinkPad\PkgMgr\HOTKEY_1\TpScrex.exe (Lenovo Group Limited)
PRC - C:\Program Files\Common Files\Lenovo\Scheduler\tvtsched.exe (Lenovo Group Limited)
PRC - C:\Program Files\AVG\AVG8\avgtray.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
PRC - C:\Program Files\Microsoft ActiveSync\wcescomm.exe (Microsoft Corporation)
PRC - C:\Program Files\Microsoft ActiveSync\rapimgr.exe (Microsoft Corporation)
PRC - C:\Program Files\Digital Line Detect\DLG.exe (BVRP Software)
PRC - c:\program files\lenovo\system update\suservice.exe (Lenovo Group Limited)
PRC - C:\Program Files\AVG\AVG8\avgnsx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\Adobe\Reader 8.0\Reader\AcroRd32.exe (Adobe Systems Incorporated)
PRC - C:\android\android-sdk-windows-1.1_r1\tools\adb.exe ()
PRC - C:\Documents and Settings\jyothiv\Desktop\OTListIt2.exe (OldTimer Tools)

========== Win32 Services (SafeList) ==========

SRV - (aawservice [Disabled | Stopped]) -- File not found
SRV - (aspnet_state [On_Demand | Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (Microsoft Corporation)
SRV - (Ati HotKey Poller [On_Demand | Stopped]) -- C:\WINDOWS\system32\Ati2evxx.exe ()
SRV - (avg8wd [Auto | Running]) -- C:\Program Files\AVG\AVG8\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
SRV - (clr_optimization_v2.0.50727_32 [On_Demand | Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (CVPND [On_Demand | Stopped]) -- C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe (Cisco Systems, Inc.)
SRV - (FontCache3.0.0.0 [On_Demand | Stopped]) -- c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe (Microsoft Corporation)
SRV - (gupdate1c90d21bf9b15b0 [Auto | Stopped]) -- C:\Program Files\Google\Update\GoogleUpdate.exe (Google Inc.)
SRV - (helpsvc [Auto | Running]) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll (Microsoft Corporation)
SRV - (IBM Rapid Restore Ultra Service [Auto | Running]) -- C:\Program Files\IBM\IBM Rapid Restore Ultra\rrpcsb.exe ()
SRV - (IBMPMSVC [Auto | Running]) -- C:\WINDOWS\system32\ibmpmsvc.exe (Lenovo)
SRV - (IDriverT [On_Demand | Stopped]) -- C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe (Macrovision Corporation)
SRV - (idsvc [Unknown | Stopped]) -- c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe (Microsoft Corporation)
SRV - (Irmon [Auto | Running]) -- C:\WINDOWS\System32\irmon.dll (Microsoft Corporation)
SRV - (JavaQuickStarterService [Auto | Running]) -- C:\Program Files\Java\jre6\bin\jqs.exe (Sun Microsystems, Inc.)
SRV - (MDM [Auto | Running]) -- c:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe (Microsoft Corporation)
SRV - (NetTcpPortSharing [Disabled | Stopped]) -- c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe (Microsoft Corporation)
SRV - (ose [On_Demand | Stopped]) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)
SRV - (PsaSrv [On_Demand | Stopped]) -- C:\WINDOWS\System32\drivers\psasrv.exe ()
SRV - (QCONSVC [Auto | Running]) -- C:\WINDOWS\System32\QCONSVC.EXE (IBM Corp.)
SRV - (RegSrvc [Auto | Running]) -- C:\WINDOWS\system32\RegSrvc.exe (Intel Corporation)
SRV - (S24EventMonitor [Auto | Running]) -- C:\WINDOWS\system32\S24EvMon.exe (Intel Corporation )
SRV - (ServiceLayer [On_Demand | Stopped]) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe (Nokia.)
SRV - (SUService [Auto | Running]) -- c:\program files\lenovo\system update\suservice.exe (Lenovo Group Limited)
SRV - (ThinkVantage Registry Monitor Service [Auto | Running]) -- C:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe (Lenovo Group Limited)
SRV - (TpKmpSVC [Auto | Running]) -- C:\WINDOWS\system32\TpKmpSVC.exe ()
SRV - (TVT Scheduler [Auto | Running]) -- C:\Program Files\Common Files\Lenovo\Scheduler\tvtsched.exe (Lenovo Group Limited)
SRV - (WinDefend [Auto | Running]) -- C:\Program Files\Windows Defender\MsMpEng.exe (Microsoft Corporation)
SRV - (WMPNetworkSvc [On_Demand | Stopped]) -- C:\Program Files\Windows Media Player\WMPNetwk.exe (Microsoft Corporation)

========== Driver Services (SafeList) ==========

DRV - (ac97intc [On_Demand | Stopped]) -- C:\WINDOWS\system32\drivers\ac97intc.sys (Intel Corporation)
DRV - (aeaudio [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\aeaudio.sys (Andrea Electronics Corporation)
DRV - (AegisP [Auto | Running]) -- C:\WINDOWS\system32\DRIVERS\AegisP.sys (Meetinghouse Data Communications)
DRV - (AliIde [Disabled | Stopped]) -- C:\WINDOWS\System32\DRIVERS\aliide.sys (Acer Laboratories Inc.)
DRV - (amdagp [Disabled | Stopped]) -- C:\WINDOWS\System32\DRIVERS\amdagp.sys (Advanced Micro Devices, Inc.)
DRV - (ANC [System | Running]) -- C:\WINDOWS\System32\drivers\ANC.SYS (IBM Corp.)
DRV - (asc [Disabled | Stopped]) -- C:\WINDOWS\System32\DRIVERS\asc.sys (Advanced System Products, Inc.)
DRV - (asc3550 [Disabled | Stopped]) -- C:\WINDOWS\System32\DRIVERS\asc3550.sys (Advanced System Products, Inc.)
DRV - (ati2mtag [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\ati2mtag.sys (ATI Technologies Inc.)
DRV - (AvgLdx86 [System | Running]) -- C:\WINDOWS\System32\Drivers\avgldx86.sys (AVG Technologies CZ, s.r.o.)
DRV - (AvgMfx86 [System | Running]) -- C:\WINDOWS\System32\Drivers\avgmfx86.sys (AVG Technologies CZ, s.r.o.)
DRV - (AvgTdiX [System | Running]) -- C:\WINDOWS\System32\Drivers\avgtdix.sys (AVG Technologies CZ, s.r.o.)
DRV - (CmdIde [On_Demand | Stopped]) -- C:\WINDOWS\System32\DRIVERS\cmdide.sys (CMD Technology, Inc.)
DRV - (COH_Mon [On_Demand | Stopped]) -- C:\WINDOWS\system32\Drivers\COH_Mon.sys (Symantec Corporation)
DRV - (CVirtA [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\CVirtA.sys (Cisco Systems, Inc.)
DRV - (CVPNDRVA [Auto | Running]) -- C:\WINDOWS\system32\Drivers\CVPNDRVA.sys (Cisco Systems, Inc.)
DRV - (dac2w2k [Disabled | Stopped]) -- C:\WINDOWS\System32\DRIVERS\dac2w2k.sys (Mylex Corporation)
DRV - (DNE [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\dne2000.sys (Deterministic Networks, Inc.)
DRV - (drvmcdb [Boot | Running]) -- C:\WINDOWS\system32\drivers\drvmcdb.sys (Sonic Solutions)
DRV - (drvnddm [Auto | Running]) -- C:\WINDOWS\system32\drivers\drvnddm.sys (Sonic Solutions)
DRV - (E1000 [On_Demand | Running]) -- C:\WINDOWS\System32\DRIVERS\e1000325.sys (Intel Corporation)
DRV - (E100B [On_Demand | Stopped]) -- C:\WINDOWS\System32\DRIVERS\e100b325.sys (Intel Corporation)
DRV - (EGATHDRV [Auto | Running]) -- C:\WINDOWS\SYSTEM32\EGATHDRV.SYS (IBM Corporation)
DRV - (HSFHWICH [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\HSFHWICH.sys (Conexant Systems, Inc.)
DRV - (HSF_DP [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\HSF_DP.sys (Conexant Systems, Inc.)
DRV - (ibmfilter [Auto | Running]) -- C:\WINDOWS\system32\drivers\ibmfilter.sys (IBM)
DRV - (IBMPMDRV [On_Demand | Running]) -- C:\WINDOWS\System32\DRIVERS\ibmpmdrv.sys (Lenovo.)
DRV - (IBMTPCHK [System | Running]) -- C:\WINDOWS\System32\drivers\IBMBLDID.SYS ()
DRV - (kwkxusb [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\kwusb2k.sys (Kyocera Wireless Corporation)
DRV - (ltmodem5 [On_Demand | Stopped]) -- C:\WINDOWS\System32\DRIVERS\ltmdmnt.sys (LT)
DRV - (mdmxsdk [Auto | Running]) -- C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys (Conexant)
DRV - (MfeAVFK [On_Demand | Stopped]) -- C:\WINDOWS\system32\drivers\MfeAVFK.sys (McAfee, Inc.)
DRV - (MfeBOPK [On_Demand | Stopped]) -- C:\WINDOWS\system32\drivers\MfeBOPK.sys (McAfee, Inc.)
DRV - (mfehidk [System | Running]) -- C:\WINDOWS\system32\drivers\mfehidk.sys (McAfee, Inc.)
DRV - (MfeRKDK [On_Demand | Stopped]) -- C:\WINDOWS\system32\drivers\MfeRKDK.sys (McAfee, Inc.)
DRV - (mfetdik [System | Running]) -- C:\WINDOWS\system32\drivers\mfetdik.sys (McAfee, Inc.)
DRV - (misalign [On_Demand | Stopped]) -- C:\WINDOWS\system32\drivers\misalign.sys (QUALCOMM Incorporated.)
DRV - (mraid35x [Disabled | Stopped]) -- C:\WINDOWS\System32\DRIVERS\mraid35x.sys (American Megatrends Inc.)
DRV - (Multi-ICE [Auto | Running]) -- C:\WINDOWS\system32\drivers\multiice.sys ()
DRV - (nmwcd [On_Demand | Stopped]) -- C:\WINDOWS\system32\drivers\ccdcmb.sys (Nokia)
DRV - (nmwcdc [On_Demand | Stopped]) -- C:\WINDOWS\system32\drivers\ccdcmbo.sys (Nokia)
DRV - (NSCIRDA [On_Demand | Running]) -- C:\WINDOWS\System32\DRIVERS\nscirda.sys (National Semiconductor Corporation)
DRV - (pccsmcfd [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys (Nokia)
DRV - (PMEM [Auto | Running]) -- C:\WINDOWS\SYSTEM32\Drivers\PMEMNT.SYS (Microsoft Corporation)
DRV - (psadd [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\psadd.sys (Lenovo (United States) Inc.)
DRV - (Ptilink [On_Demand | Running]) -- C:\WINDOWS\System32\DRIVERS\ptilink.sys (Parallel Technologies, Inc.)
DRV - (PxHelp20 [Boot | Running]) -- C:\WINDOWS\System32\Drivers\PxHelp20.sys (Sonic Solutions)
DRV - (QCNDISIF [On_Demand | Stopped]) -- C:\WINDOWS\System32\drivers\qcndisif.SYS (IBM Corporation.)
DRV - (ql1080 [Disabled | Stopped]) -- C:\WINDOWS\System32\DRIVERS\ql1080.sys (QLogic Corporation)
DRV - (ql12160 [Disabled | Stopped]) -- C:\WINDOWS\System32\DRIVERS\ql12160.sys (QLogic Corporation)
DRV - (ql1280 [Disabled | Stopped]) -- C:\WINDOWS\System32\DRIVERS\ql1280.sys (QLogic Corporation)
DRV - (s24trans [Auto | Running]) -- C:\WINDOWS\system32\DRIVERS\s24trans.sys (Intel Corporation)
DRV - (S3SSavage [On_Demand | Stopped]) -- C:\WINDOWS\System32\DRIVERS\s3ssavm.sys (S3 Graphics, Inc.)
DRV - (Ser2pl [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\ser2pl.sys (Prolific Technology Inc.)
DRV - (ShockMgr [System | Running]) -- C:\WINDOWS\System32\drivers\ShockMgr.sys (IBM Corporation)
DRV - (Shockprf [Boot | Running]) -- C:\WINDOWS\System32\drivers\shockprf.sys (IBM Corporation)
DRV - (sisagp [Disabled | Stopped]) -- C:\WINDOWS\System32\DRIVERS\sisagp.sys (Silicon Integrated Systems Corporation)
DRV - (Smapint [System | Running]) -- C:\WINDOWS\System32\drivers\Smapint.sys (Microsoft Corporation)
DRV - (smwdm [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\smwdm.sys (Analog Devices, Inc.)
DRV - (Sparrow [Disabled | Stopped]) -- C:\WINDOWS\System32\DRIVERS\sparrow.sys (Adaptec, Inc.)
DRV - (sscdbhk5 [System | Running]) -- C:\WINDOWS\system32\drivers\sscdbhk5.sys (Sonic Solutions)
DRV - (sscdbus [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\sscdbus.sys (MCCI)
DRV - (sscdmdfl [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\sscdmdfl.sys (MCCI)
DRV - (sscdmdm [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\sscdmdm.sys (MCCI)
DRV - (sscdserd [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\sscdserd.sys (MCCI)
DRV - (ssrtln [System | Running]) -- C:\WINDOWS\system32\drivers\ssrtln.sys (Sonic Solutions)
DRV - (symc810 [Disabled | Stopped]) -- C:\WINDOWS\System32\DRIVERS\symc810.sys (Symbios Logic Inc.)
DRV - (symc8xx [Disabled | Stopped]) -- C:\WINDOWS\System32\DRIVERS\symc8xx.sys (LSI Logic)
DRV - (SymEvent [On_Demand | Stopped]) -- C:\WINDOWS\system32\Drivers\SYMEVENT.SYS (Symantec Corporation)
DRV - (sym_hi [Disabled | Stopped]) -- C:\WINDOWS\System32\DRIVERS\sym_hi.sys (LSI Logic)
DRV - (sym_u3 [Disabled | Stopped]) -- C:\WINDOWS\System32\DRIVERS\sym_u3.sys (LSI Logic)
DRV - (SynTP [On_Demand | Running]) -- C:\WINDOWS\System32\DRIVERS\SynTP.sys (Synaptics, Inc.)
DRV - (TDSMAPI [System | Running]) -- C:\WINDOWS\System32\drivers\TDSMAPI.SYS ()
DRV - (tfsnboio [Auto | Running]) -- C:\WINDOWS\system32\dla\tfsnboio.sys (Sonic Solutions)
DRV - (tfsncofs [Auto | Running]) -- C:\WINDOWS\system32\dla\tfsncofs.sys (Sonic Solutions)
DRV - (tfsndrct [Auto | Running]) -- C:\WINDOWS\system32\dla\tfsndrct.sys (Sonic Solutions)
DRV - (tfsndres [Auto | Running]) -- C:\WINDOWS\system32\dla\tfsndres.sys (Sonic Solutions)
DRV - (tfsnifs [Auto | Running]) -- C:\WINDOWS\system32\dla\tfsnifs.sys (Sonic Solutions)
DRV - (tfsnopio [Auto | Running]) -- C:\WINDOWS\system32\dla\tfsnopio.sys (Sonic Solutions)
DRV - (tfsnpool [Auto | Running]) -- C:\WINDOWS\system32\dla\tfsnpool.sys (Sonic Solutions)
DRV - (tfsnudf [Auto | Running]) -- C:\WINDOWS\system32\dla\tfsnudf.sys (Sonic Solutions)
DRV - (tfsnudfa [Auto | Running]) -- C:\WINDOWS\system32\dla\tfsnudfa.sys (Sonic Solutions)
DRV - (TPHKDRV [System | Running]) -- C:\WINDOWS\System32\drivers\TPHKDRV.sys (IBM Corporation)
DRV - (TPPWR [System | Running]) -- C:\WINDOWS\System32\drivers\Tppwr.sys (IBM Corp.)
DRV - (TSMAPIP [System | Running]) -- C:\WINDOWS\System32\drivers\TSMAPIP.SYS ()
DRV - (TwoTrack [On_Demand | Stopped]) -- C:\WINDOWS\System32\DRIVERS\TwoTrack.sys (IBM Corporation)
DRV - (ultra [Disabled | Stopped]) -- C:\WINDOWS\System32\DRIVERS\ultra.sys (Promise Technology, Inc.)
DRV - (upperdev [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys (Windows ® Codename Longhorn DDK provider)
DRV - (usbbus [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\lgusbbus.sys (LG Electronics Inc.)
DRV - (UsbDiag [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\lgusbdiag.sys (LG Electronics Inc.)
DRV - (USBModem [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\lgusbmodem.sys (LG Electronics Inc.)
DRV - (usbser [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\usbser.sys (Microsoft Corporation)
DRV - (UsbserFilt [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys (Windows ® Codename Longhorn DDK provider)
DRV - (usb_rndisx [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\usb8023x.sys (Microsoft Corporation)
DRV - (VPCAppSv [Auto | Running]) -- C:\WINDOWS\system32\DRIVERS\VPCAppSv.sys (Connectix Corporation)
DRV - (vsdatant [On_Demand | Stopped]) -- C:\WINDOWS\system32\vsdatant.sys (Zone Labs LLC)
DRV - (w22n51 [On_Demand | Running]) -- C:\WINDOWS\System32\DRIVERS\w22n51.sys (Intel® Corporation)
DRV - (wceusbsh [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\wceusbsh.sys (Microsoft Corporation)
DRV - (winachsf [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys (Conexant Systems, Inc.)
DRV - (xpvcom [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\XPVCOM.sys ()
DRV - (androidusb [On_Demand | Stopped]) -- C:\WINDOWS\System32\Drivers\androidusb.sys (Google Inc)

========== Standard Registry (All) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn...st/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomSearch = http://us.rd.yahoo.c...rch/search.html
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn...st/srchasst.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...amp;ar=iesearch
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Yahoo! Search
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://search.yahoo....e...-8&fr=b1ie7
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://my.yahoo.com/index.html
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Yahoo"
FF - prefs.js..browser.search.defaulturl: "http://search.yahoo....-8&fr=slv5-&p="
FF - prefs.js..browser.search.selectedEngine: "Yahoo"
FF - prefs.js..browser.startup.homepage: "http://my.yahoo.com/?.home=ytff"
FF - prefs.js..keyword.URL: "http://search.yahoo....fr=slv5-ab-&p="

FF - HKLM\software\mozilla\Firefox\Extensions\\[email protected]: C:\PROGRAM FILES\NOKIA\NOKIA PC SUITE 7\BKMRKSYNC\ [2009/01/26 16:15:39 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION\ [2009/03/11 12:46:10 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\PROGRAM FILES\AVG\AVG8\FIREFOX [2009/03/25 21:07:44 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{1d5287d1-8a92-0001-1f31-1cec198018d8}: C:\PROGRAM FILES\AVG\AVG8\TOOLBARFF [2009/03/25 21:07:44 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\[email protected]: C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF [2009/03/26 10:12:51 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.8\extensions\\Components: C:\PROGRAM FILES\MOZILLA FIREFOX\COMPONENTS [2009/04/02 08:57:44 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.8\extensions\\Plugins: C:\PROGRAM FILES\MOZILLA FIREFOX\PLUGINS [2009/03/29 19:20:54 | 00,000,000 | ---D | M]

[2009/01/11 21:39:30 | 00,000,000 | ---D | M] -- C:\Documents and Settings\jyothiv\Application Data\mozilla\Extensions
[2009/01/11 21:39:30 | 00,000,000 | ---D | M] -- C:\Documents and Settings\jyothiv\Application Data\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2009/04/01 13:17:41 | 00,000,000 | ---D | M] -- C:\Documents and Settings\jyothiv\Application Data\mozilla\Firefox\Profiles\6ha8upok.Default User\extensions
[2009/02/23 10:58:42 | 00,000,000 | ---D | M] -- C:\Documents and Settings\jyothiv\Application Data\mozilla\Firefox\Profiles\6ha8upok.Default User\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2005/08/02 23:44:01 | 00,000,000 | ---D | M] -- C:\Documents and Settings\jyothiv\Application Data\mozilla\Firefox\Profiles\b6zi5d49.default\extensions
[2005/08/02 23:44:02 | 00,000,000 | ---D | M] -- C:\Documents and Settings\jyothiv\Application Data\mozilla\Firefox\Profiles\b6zi5d49.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2005/08/02 10:10:59 | 00,000,000 | ---D | M] -- C:\Documents and Settings\jyothiv\Application Data\mozilla\Firefox\Profiles\b6zi5d49.default\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2009/04/01 13:17:40 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions
[2009/03/29 19:20:54 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2009/03/26 10:13:27 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}
[2009/03/29 19:20:35 | 00,023,032 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browserdirprovider.dll
[2009/03/29 19:20:35 | 00,134,648 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\brwsrcmp.dll
[2009/01/11 21:38:29 | 00,001,394 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom.xml
[2009/01/11 21:38:29 | 00,002,193 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\answers.xml
[2009/01/11 21:38:29 | 00,001,534 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\creativecommons.xml
[2009/01/11 21:38:29 | 00,002,343 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay.xml
[2009/01/11 21:38:29 | 00,001,706 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\google.xml
[2009/01/11 21:38:29 | 00,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia.xml
[2009/01/11 21:38:29 | 00,000,792 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo.xml

O1 HOSTS File: (27 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Yahoo! Toolbar Helper) - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn3\yt.dll (Yahoo! Inc.)
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Yahoo! IE Services Button) - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll (Yahoo! Inc.)
O2 - BHO: (DriveLetterAccess) - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll (Sonic Solutions)
O2 - BHO: (AVG Security Toolbar) - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\Program Files\AVG\AVG8\avgtoolbar.dll ([[[COMPANYNAME]]]----------------------------)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O3 - HKLM\..\Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - Reg Error: Key error. File not found
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\Program Files\AVG\AVG8\avgtoolbar.dll ([[[COMPANYNAME]]]----------------------------)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn3\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\System32\browseui.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\System32\browseui.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\SHELL32.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - Reg Error: Key error. File not found
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\Program Files\AVG\AVG8\avgtoolbar.dll ([[[COMPANYNAME]]]----------------------------)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn3\yt.dll (Yahoo! Inc.)
O4 - HKLM..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe (ATI Technologies, Inc.)
O4 - HKLM..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [BLOG] rundll32.exe C:\PROGRA~1\ThinkPad\UTILIT~1\BatLogEx.DLL,StartBattLog ()
O4 - HKLM..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent (Microsoft Corporation)
O4 - HKLM..\Run: [BMMGAG] RunDll32 C:\PROGRA~1\ThinkPad\UTILIT~1\pwrmonit.dll,StartPwrMonitor (IBM Corp.)
O4 - HKLM..\Run: [BMMLREF] C:\Program Files\ThinkPad\Utilities\BMMLREF.EXE ()
O4 - HKLM..\Run: [BMMMONWND] rundll32.exe C:\PROGRA~1\ThinkPad\UTILIT~1\BatInfEx.dll,BMMAutonomicMonitor ()
O4 - HKLM..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe (Sonic Solutions)
O4 - HKLM..\Run: [EZEJMNAP] C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe (IBM Corp.)
O4 - HKLM..\Run: [ibmmessages] C:\Program Files\IBM\Messages By IBM\\ibmmessages.exe (IBM)
O4 - HKLM..\Run: [IBMPRC] C:\IBMTOOLS\UTILS\ibmprc.exe (IBM Corp.)
O4 - HKLM..\Run: [QCTRAY] C:\Program Files\ThinkPad\ConnectUtilities\QCTRAY.EXE (IBM Corp.)
O4 - HKLM..\Run: [QCWLICON] C:\Program Files\ThinkPad\ConnectUtilities\QCWLICON.EXE (IBM Corp.)
O4 - HKLM..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics, Inc.)
O4 - HKLM..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe (Synaptics, Inc.)
O4 - HKLM..\Run: [TP4EX] tp4ex.exe (IBM Corporation)
O4 - HKLM..\Run: [TPHOTKEY] C:\PROGRA~1\ThinkPad\PkgMgr\HOTKEY\TPHKMGR.exe ()
O4 - HKLM..\Run: [TPKMAPHELPER] C:\Program Files\ThinkPad\Utilities\TpKmapAp.exe -helper (IBM Corp.)
O4 - HKLM..\Run: [TpShocks] TpShocks.exe (IBM Corp.)
O4 - HKLM..\Run: [UpdateManager] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r (Sonic Solutions)
O4 - HKCU..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation)
O4 - HKCU..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (Microsoft Corporation)
O4 - HKCU..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe" (Microsoft Corporation)
O4 - HKCU..\Run: [ibmmessages] C:\Program Files\IBM\Messages By IBM\ibmmessages.exe (IBM)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Digital Line Detect.lnk = C:\Program Files\Digital Line Detect\DLG.exe (BVRP Software)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm
O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htm
O9 - Extra Button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INetRepl.dll (Microsoft Corporation)
O9 - Extra Button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll (Yahoo! Inc.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: Software Installer - {D1A4DEBD-C2EE-449f-B9FB-E8409F9A0BC5} - C:\Program Files\ThinkPad\PkgMgr\PkgMgr.exe (Lenovo Group Limited)
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (Microsoft Corporation)
O9 - Extra Button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
O9 - Extra 'Tools' menuitem : Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [Tcpip] - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [NTDS] - C:\WINDOWS\System32\winrnr.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [Network Location Awareness (NLA) Namespace] - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [Bluetooth Namespace] - C:\WINDOWS\system32\wshbth.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000022 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000023 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000024 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000025 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000026 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000027 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000028 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000029 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000030 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000031 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000032 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000033 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000034 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000035 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000036 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000037 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000038 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000039 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000040 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000041 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000042 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000043 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O15 - HKLM\..Trusted Domains: 49 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKCU\..Trusted Sites: ([]msn in My Computer)
O15 - HKCU\..Trusted Domains: 51 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://go.microsoft....k/?linkid=39204 (Windows Genuine Advantage Validation Tool)
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} http://security.syma...bin/AvSniff.cab (Symantec AntiVirus scanner)
O16 - DPF: {493ACF15-5CD9-4474-82A6-91670C3DD66E} http://www.linkedin....nderControl.cab (LinkedIn ContactFinderControl)
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} http://security.syma...n/bin/cabsa.cab (Symantec RuFSI Utility Class)
O16 - DPF: {6824D897-F7E1-4E41-B84B-B1D3FA4BF1BD} http://utilities.pcp...opAntiVirus.dll (PCPitstop AntiVirus)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {9600F64D-755F-11D4-A47F-0001023E6D5A} http://web1.shutterf...ds/Uploader.cab (Shutterfly Picture Upload Plugin)
O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} http://ax.emsisoft.com/asquared.cab (a-squared Scanner)
O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {E001C731-5E37-4538-A5CB-8168736A2360} http://quickscan.bit...ActiveQscan.cab (Confirmation)
O18 - Protocol\Filter: - application/octet-stream - C:\WINDOWS\system32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter: - application/x-complus - C:\WINDOWS\system32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter: - application/x-msdownload - C:\WINDOWS\system32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter: - Class Install Handler - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter: - deflate - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter: - gzip - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter: - lzdhtml - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter: - text/webviewhtml - C:\WINDOWS\system32\SHELL32.dll (Microsoft Corporation)
O18 - Protocol\Filter: - text/xml - C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\Explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UIHost - (logonui.exe) - C:\WINDOWS\system32\logonui.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (rundll32 shell32) - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") - C:\WINDOWS\system32\sysdm.cpl (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\system32\Ati2evxx.dll ()
O20 - Winlogon\Notify\avgrsstarter: DllName - avgrsstx.dll - C:\WINDOWS\system32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
O20 - Winlogon\Notify\crypt32chain: DllName - crypt32.dll - C:\WINDOWS\system32\crypt32.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cryptnet: DllName - cryptnet.dll - C:\WINDOWS\system32\cryptnet.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cscdll: DllName - cscdll.dll - C:\WINDOWS\system32\cscdll.dll (Microsoft Corporation)
O20 - Winlogon\Notify\dimsntfy: DllName - %SystemRoot%\System32\dimsntfy.dll - C:\WINDOWS\System32\dimsntfy.dll (Microsoft Corporation)
O20 - Winlogon\Notify\QConGina: DllName - QConGina.dll - C:\WINDOWS\system32\QConGina.dll (IBM Corp.)
O20 - Winlogon\Notify\ScCertProp: DllName - wlnotify.dll - C:\WINDOWS\system32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\Schedule: DllName - wlnotify.dll - C:\WINDOWS\system32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\sclgntfy: DllName - sclgntfy.dll - C:\WINDOWS\system32\sclgntfy.dll (Microsoft Corporation)
O20 - Winlogon\Notify\SensLogn: DllName - WlNotify.dll - C:\WINDOWS\system32\WlNotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\termsrv: DllName - wlnotify.dll - C:\WINDOWS\system32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\tpfnf2: DllName - notifyf2.dll - C:\WINDOWS\system32\notifyf2.dll ()
O20 - Winlogon\Notify\tphotkey: DllName - tphklock.dll - C:\WINDOWS\system32\tphklock.dll ()
O20 - Winlogon\Notify\WgaLogon: DllName - WgaLogon.dll - C:\WINDOWS\system32\WgaLogon.dll (Microsoft Corporation)
O20 - Winlogon\Notify\wlballoon: DllName - wlnotify.dll - C:\WINDOWS\system32\wlnotify.dll (Microsoft Corporation)
O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - C:\WINDOWS\system32\SHELL32.dll (Microsoft Corporation)
O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - C:\WINDOWS\system32\SHELL32.dll (Microsoft Corporation)
O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - C:\WINDOWS\system32\stobject.dll (Microsoft Corporation)
O21 - SSODL: UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - C:\WINDOWS\system32\upnpui.dll (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\WINDOWS\system32\webcheck.dll (Microsoft Corporation)
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {438755C2-A8BA-11D1-B96B-00A0C90312E1} - Browseui preloader - C:\WINDOWS\System32\browseui.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Component Categories cache daemon - C:\WINDOWS\System32\browseui.dll (Microsoft Corporation)
O24 - Desktop Components:0 (My Current Home Page) - About:Home
O27 - HKLM IFEO\Your Image File Name Here without a path: Debugger - C:\WINDOWS\System32\ntsd.exe (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {091EB208-39DD-417D-A5DD-7E2C2D8FB9CB} - C:\Program Files\Windows Defender\MpShHook.dll (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (msapsspc.dll) - C:\WINDOWS\system32\msapsspc.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - ( schannel.dll) - C:\WINDOWS\system32\schannel.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - ( digest.dll) - C:\WINDOWS\system32\digest.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - ( msnsspc.dll) - C:\WINDOWS\system32\msnsspc.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\WINDOWS\System32\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\WINDOWS\System32\wdigest.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - Autorun File - C:\AUTOEXEC.BAT () - [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found

========== Files/Folders - Created Within 30 Days ==========

[13 C:\WINDOWS\System32\*.tmp files]
[2 C:\WINDOWS\*.tmp files]
[2009/04/02 08:54:44 | 00,500,224 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\jyothiv\Desktop\OTListIt2.exe
[2009/04/01 14:59:25 | 00,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_androidusb_01005.Wdf
[2009/04/01 14:52:57 | 00,000,000 | ---D | C] -- C:\WINDOWS\LastGood
[2009/03/31 10:10:50 | 00,000,000 | ---D | C] -- C:\Documents and Settings\jyothiv\Application Data\Subversion
[2009/03/26 11:02:36 | 00,000,000 | ---D | C] -- C:\Documents and Settings\jyothiv\Local Settings\Application Data\Android
[2009/03/26 10:35:36 | 00,000,000 | ---D | C] -- C:\ec
[2009/03/26 10:13:53 | 00,000,000 | ---D | C] -- C:\Program Files\Sun
[2009/03/26 10:00:54 | 00,000,617 | ---- | C] () -- C:\Documents and Settings\jyothiv\Desktop\Shortcut to eclipse.exe.lnk
[2009/03/25 22:32:57 | 00,000,000 | -H-D | C] -- C:\$AVG8.VAULT$
[2009/03/25 21:08:27 | 00,001,518 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\AVG Free 8.5.lnk
[2009/03/25 21:08:26 | 00,010,520 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\avgrsstx.dll
[2009/03/25 21:08:25 | 00,107,912 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgtdix.sys
[2009/03/25 21:08:20 | 00,325,640 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgldx86.sys
[2009/03/25 21:08:18 | 00,027,656 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgmfx86.sys
[2009/03/25 21:08:10 | 34,771,699 | ---- | C] () -- C:\WINDOWS\System32\drivers\Avg\incavi.avm
[2009/03/25 21:08:10 | 00,081,660 | ---- | C] () -- C:\WINDOWS\System32\drivers\Avg\microavi.avg
[2009/03/25 21:08:09 | 06,061,540 | ---- | C] () -- C:\WINDOWS\System32\drivers\Avg\avi7.avg
[2009/03/25 21:08:09 | 00,401,372 | ---- | C] () -- C:\WINDOWS\System32\drivers\Avg\miniavi.avg
[2009/03/25 21:08:09 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\Avg
[2009/03/25 21:08:09 | 00,000,000 | ---D | C] -- C:\Documents and Settings\jyothiv\Application Data\AVGTOOLBAR
[2009/03/25 21:07:43 | 00,000,000 | ---D | C] -- C:\Program Files\AVG
[2009/03/25 21:07:41 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\avg8
[2009/03/24 16:37:29 | 01,419,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wdfcoinstaller01005.dll
[2009/03/24 14:19:00 | 00,000,000 | ---D | C] -- C:\android
[2009/03/20 15:47:49 | 00,000,000 | -HSD | C] -- C:\RECYCLER
[2009/03/19 20:22:01 | 53,581,0048 | -HS- | C] () -- C:\hiberfil.sys
[2009/03/19 19:28:37 | 00,000,000 | ---D | C] -- C:\Program Files\ERUNT
[2009/03/19 15:33:15 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2009/03/19 12:59:42 | 00,001,494 | ---- | C] () -- C:\Documents and Settings\jyothiv\Desktop\On-Screen Keyboard.lnk
[2009/03/19 10:08:39 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
[2009/03/19 09:34:19 | 00,000,000 | ---D | C] -- C:\Documents and Settings\jyothiv\Application Data\QuickScan
[2009/03/19 08:40:09 | 00,000,000 | ---D | C] -- C:\Program Files\PCPitstop
[2009/03/17 12:35:05 | 00,000,707 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2009/03/17 12:35:04 | 00,015,504 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2009/03/17 12:35:00 | 00,038,496 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2009/03/17 12:34:57 | 00,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2009/03/12 07:54:24 | 01,089,593 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ntprint.cat
[2009/03/11 12:42:33 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\XPSViewer
[2009/03/11 12:41:32 | 00,000,000 | ---D | C] -- C:\Program Files\Reference Assemblies
[2009/03/11 12:38:45 | 00,117,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\prntvpt.dll
[2009/03/11 12:38:45 | 00,089,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\filterpipelineprintproc.dll
[2009/03/11 12:38:44 | 00,597,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\printfilterpipelinesvc.exe
[2009/03/11 12:38:43 | 00,575,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xpsshhdr.dll
[2009/03/11 12:38:43 | 00,575,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xpsshhdr.dll
[2009/03/11 12:38:42 | 01,676,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xpssvcs.dll
[2009/03/11 12:38:42 | 01,676,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xpssvcs.dll
[2009/03/11 12:38:40 | 00,000,000 | ---D | C] -- C:\111df31f55a89164b5fd
[2009/03/11 12:35:41 | 00,000,000 | ---D | C] -- C:\WINDOWS\SxsCaPendDel

========== Files - Modified Within 30 Days ==========

[13 C:\WINDOWS\System32\*.tmp files]
[2 C:\WINDOWS\*.tmp files]
[2009/04/02 08:55:29 | 00,500,224 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\jyothiv\Desktop\OTListIt2.exe
[2009/04/01 22:04:46 | 34,771,699 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\incavi.avm
[2009/04/01 22:04:46 | 00,081,660 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\microavi.avg
[2009/04/01 15:49:38 | 00,002,278 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2009/04/01 14:59:25 | 00,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_androidusb_01005.Wdf
[2009/04/01 08:43:12 | 00,000,330 | -H-- | M] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2009/04/01 08:40:11 | 00,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachine.job
[2009/04/01 08:40:04 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009/04/01 08:39:37 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009/04/01 08:39:29 | 53,581,0048 | -HS- | M] () -- C:\hiberfil.sys
[2009/03/31 12:32:37 | 00,107,912 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgtdix.sys
[2009/03/26 16:49:56 | 00,038,496 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2009/03/26 16:49:50 | 00,015,504 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2009/03/26 10:00:54 | 00,000,617 | ---- | M] () -- C:\Documents and Settings\jyothiv\Desktop\Shortcut to eclipse.exe.lnk
[2009/03/25 21:08:27 | 00,001,518 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\AVG Free 8.5.lnk
[2009/03/25 21:08:26 | 00,010,520 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\avgrsstx.dll
[2009/03/25 21:08:20 | 00,325,640 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgldx86.sys
[2009/03/25 21:08:18 | 00,027,656 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgmfx86.sys
[2009/03/25 21:08:10 | 00,401,372 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\miniavi.avg
[2009/03/25 21:08:09 | 06,061,540 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\avi7.avg
[2009/03/24 16:00:17 | 00,000,849 | ---- | M] () -- C:\WINDOWS\win.ini
[2009/03/24 16:00:17 | 00,000,281 | RHS- | M] () -- C:\BOOT.INI
[2009/03/24 16:00:17 | 00,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
[2009/03/21 15:37:41 | 00,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2009/03/19 12:59:46 | 00,001,494 | ---- | M] () -- C:\Documents and Settings\jyothiv\Desktop\On-Screen Keyboard.lnk
[2009/03/17 12:35:05 | 00,000,707 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2009/03/12 08:02:23 | 00,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2009/03/11 13:26:04 | 00,320,336 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2009/03/11 12:55:35 | 00,540,974 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2009/03/11 12:55:35 | 00,469,488 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2009/03/11 12:55:35 | 00,080,216 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2009/03/10 22:18:20 | 01,482,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\LegitCheckControl.dll
[2009/03/10 22:18:14 | 00,934,792 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\WgaTray.exe
[2009/03/10 22:18:14 | 00,934,792 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\WgaTray.exe
[2009/03/10 22:18:00 | 00,239,496 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\WgaLogon.dll
[2009/03/10 22:18:00 | 00,239,496 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wgaLogon.dll

========== LOP Check ==========

[2009/03/31 12:25:05 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\All Users\Application Data
[2008/12/25 10:14:06 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Adobe
[2009/03/31 12:25:07 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\avg8
[2008/03/04 22:40:11 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\IBM
[2009/01/26 16:08:11 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Installations
[2006/10/11 15:28:48 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Macromedia
[2008/12/25 16:59:59 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2009/03/25 20:42:41 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\McAfee
[2009/01/23 16:57:25 | 00,000,000 | --SD | M] -- C:\Documents and Settings\All Users\Application Data\Microsoft
[2008/09/12 09:19:45 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Microsoft Help
[2005/06/18 13:53:09 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MSN6
[2009/01/23 16:53:32 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Suite
[2006/08/28 13:25:58 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PreEmptive Solutions
[2003/02/20 09:33:00 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SBSI
[2009/03/25 20:44:34 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SiteAdvisor
[2009/03/24 14:12:19 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
[2008/12/28 09:36:04 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Symantec
[2009/03/19 16:40:37 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2005/10/27 21:19:54 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Trymedia
[2005/12/20 11:39:33 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
[2006/09/07 12:49:37 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\yahoo!
[2006/10/02 19:26:53 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Yahoo! Companion
[2009/03/31 10:10:50 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\jyothiv\Application Data
[2005/08/12 10:32:18 | 00,000,000 | ---D | M] -- C:\Documents and Settings\jyothiv\Application Data\ActiveState
[2009/03/19 13:10:54 | 00,000,000 | ---D | M] -- C:\Documents and Settings\jyothiv\Application Data\Adobe
[2007/07/22 16:25:29 | 00,000,000 | ---D | M] -- C:\Documents and Settings\jyothiv\Application Data\AdobeAUM
[2006/03/07 10:49:07 | 00,000,000 | ---D | M] -- C:\Documents and Settings\jyothiv\Application Data\AdobeUM
[2009/03/25 21:15:11 | 00,000,000 | ---D | M] -- C:\Documents and Settings\jyothiv\Application Data\AVGTOOLBAR
[2008/01/17 16:11:42 | 00,000,000 | ---D | M] -- C:\Documents and Settings\jyothiv\Application Data\CellularEmulator
[2009/02/23 12:25:45 | 00,000,000 | ---D | M] -- C:\Documents and Settings\jyothiv\Application Data\CoreFTP
[2005/05/28 18:51:27 | 00,000,000 | ---D | M] -- C:\Documents and Settings\jyothiv\Application Data\Help
[2005/06/04 23:03:09 | 00,000,000 | ---D | M] -- C:\Documents and Settings\jyothiv\Application Data\IBM
[2003/02/20 09:20:50 | 00,000,000 | ---D | M] -- C:\Documents and Settings\jyothiv\Application Data\Identities
[2006/02/12 21:28:30 | 00,000,000 | ---D | M] -- C:\Documents and Settings\jyothiv\Application Data\IDMComp
[2008/10/29 13:17:10 | 00,000,000 | ---D | M] -- C:\Documents and Settings\jyothiv\Application Data\InstallShield
[2005/06/20 20:51:12 | 00,000,000 | ---D | M] -- C:\Documents and Settings\jyothiv\Application Data\InterVideo
[2008/02/20 22:37:39 | 00,000,000 | ---D | M] -- C:\Documents and Settings\jyothiv\Application Data\LinkedIn
[2007/08/23 12:02:21 | 00,000,000 | ---D | M] -- C:\Documents and Settings\jyothiv\Application Data\Macromedia
[2008/12/25 17:00:04 | 00,000,000 | ---D | M] -- C:\Documents and Settings\jyothiv\Application Data\Malwarebytes
[2009/01/06 10:13:50 | 00,000,000 | --SD | M] -- C:\Documents and Settings\jyothiv\Application Data\Microsoft
[2009/01/11 21:39:30 | 00,000,000 | ---D | M] -- C:\Documents and Settings\jyothiv\Application Data\Mozilla
[2009/01/26 16:24:58 | 00,000,000 | ---D | M] -- C:\Documents and Settings\jyothiv\Application Data\Nokia
[2009/02/13 13:11:10 | 00,000,000 | ---D | M] -- C:\Documents and Settings\jyothiv\Application Data\PC Suite
[2009/03/19 15:20:59 | 00,000,000 | ---D | M] -- C:\Documents and Settings\jyothiv\Application Data\QuickScan
[2007/03/02 10:18:15 | 00,000,000 | ---D | M] -- C:\Documents and Settings\jyothiv\Application Data\Real
[2005/09/07 12:54:11 | 00,000,000 | ---D | M] -- C:\Documents and Settings\jyothiv\Application Data\Scooter Software
[2005/07/28 08:54:29 | 00,000,000 | ---D | M] -- C:\Documents and Settings\jyothiv\Application Data\Seven Zip
[2008/04/15 09:54:52 | 00,000,000 | ---D | M] -- C:\Documents and Settings\jyothiv\Application Data\Snapfish
[2005/04/09 07:29:40 | 00,000,000 | ---D | M] -- C:\Documents and Settings\jyothiv\Application Data\Sonic
[2009/03/31 10:10:50 | 00,000,000 | ---D | M] -- C:\Documents and Settings\jyothiv\Application Data\Subversion
[2005/06/30 10:46:27 | 00,000,000 | ---D | M] -- C:\Documents and Settings\jyothiv\Application Data\Sun
[2006/09/24 10:43:04 | 00,000,000 | ---D | M] -- C:\Documents and Settings\jyothiv\Application Data\Talkback
[2006/08/22 14:37:10 | 00,000,000 | ---D | M] -- C:\Documents and Settings\jyothiv\Application Data\TextPad
[2008/01/20 14:42:13 | 00,000,000 | ---D | M] -- C:\Documents and Settings\jyothiv\Application Data\vlc
[2006/09/07 16:22:59 | 00,000,000 | ---D | M] -- C:\Documents and Settings\jyothiv\Application Data\Yahoo!
[2005/06/11 19:22:26 | 00,000,000 | ---D | M] -- C:\Documents and Settings\jyothiv\Application Data\Yahoo! Messenger
[2008/04/01 10:24:30 | 00,000,302 | ---- | M] () -- C:\WINDOWS\Tasks\BMMTask.job
[2001/08/18 02:00:00 | 00,000,065 | RH-- | M] () -- C:\WINDOWS\Tasks\desktop.ini
[2009/04/01 08:40:11 | 00,000,882 | ---- | M] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachine.job
[2009/04/01 08:43:12 | 00,000,330 | -H-- | M] () -- C:\WINDOWS\Tasks\MP Scheduled Scan.job
[2009/04/01 08:40:04 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\Tasks\SA.DAT

========== Purity Check ==========


========== Alternate Data Streams ==========

@Alternate Data Stream - 756 bytes -> C:\WINDOWS\System32\drivers\hxmuanct.sys:changelist
@Alternate Data Stream - 556 bytes -> C:\WINDOWS\System32\drivers\ducaoehe.sys:changelist
@Alternate Data Stream - 116 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:D1B5B4F1
@Alternate Data Stream - 110 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2
< End of report >


Thanks,
sumd
  • 0

#23
kahdah

kahdah

    GeekU Teacher

  • Retired Staff
  • 15,822 posts
The are are 2 files that look suspicious that I noticed before but I can't find any information on whatsoever.
I will have the files moved and if it causes any problems we can move them back into place.

Run OTList2.exe
  • Under the Custom Scans/Fixes box at the bottom, paste in the following
    :files
    C:\WINDOWS\System32\drivers\hxmuanct.sys
    C:\WINDOWS\System32\drivers\ducaoehe.sys
    
    :Commands
    [emptytemp]
  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot when it is done
  • It will produce a log for you on reboot, please post that log in your next reply.
===================
  • Double click on Otlistit to run it. Make sure all other windows are closed and to let it run uninterrupted.
  • When the window appears, underneath Output at the top change it to Minimal Output.
  • Under the Standard Registry box change it to All.
  • Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  • When the scan completes, it will open one notepad window. OTListIt.Txt a This is saved in the same location as OTListIt2.
  • Please copy (Edit->Select All, Edit->Copy) the contents of this file and post it with your next reply.

  • 0

#24
sumd

sumd

    Member

  • Topic Starter
  • Member
  • PipPip
  • 14 posts
===============
Run fix log
===============
========== FILES ==========
C:\WINDOWS\System32\drivers\hxmuanct.sys moved successfully.
C:\WINDOWS\System32\drivers\ducaoehe.sys moved successfully.
========== COMMANDS ==========
File delete failed. C:\Documents and Settings\jyothiv\Local Settings\temp\adb.log scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\jyothiv\Local Settings\temp\etilqs_Dg6KZkSj8CUoiILJfumU scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\jyothiv\Local Settings\temp\etilqs_Dg6KZkSj8CUoiILJfumU-journal scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\jyothiv\Local Settings\temp\etilqs_ygMecmY2fPcx9RNsuGZ2 scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\jyothiv\Local Settings\temp\Parent Newsletter.pdf scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\jyothiv\Local Settings\temp\WCESLog.log scheduled to be deleted on reboot.
User's Temp folder emptied.
User's Internet Explorer cache folder emptied.
File delete failed. C:\Documents and Settings\jyothiv\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
User's Temporary Internet Files folder emptied.
Local Service Temp folder emptied.
File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
Local Service Temporary Internet Files folder emptied.
Network Service Temp folder emptied.
Network Service Temporary Internet Files folder emptied.
File delete failed. C:\WINDOWS\temp\Perflib_Perfdata_208.dat scheduled to be deleted on reboot.
Windows Temp folder emptied.
Java cache emptied.
File delete failed. C:\Documents and Settings\jyothiv\Local Settings\Application Data\Mozilla\Firefox\Profiles\6ha8upok.Default User\XUL.mfl scheduled to be deleted on reboot.
FireFox cache emptied.
Temp folders emptied.

OTListIt2 by OldTimer - Version 2.0.9.0 log created on 04032009_202332

Files moved on Reboot...
C:\Documents and Settings\jyothiv\Local Settings\temp\adb.log moved successfully.
File C:\Documents and Settings\jyothiv\Local Settings\temp\etilqs_Dg6KZkSj8CUoiILJfumU not found!
File C:\Documents and Settings\jyothiv\Local Settings\temp\etilqs_Dg6KZkSj8CUoiILJfumU-journal not found!
File C:\Documents and Settings\jyothiv\Local Settings\temp\etilqs_ygMecmY2fPcx9RNsuGZ2 not found!
File C:\Documents and Settings\jyothiv\Local Settings\temp\Parent Newsletter.pdf not found!
C:\Documents and Settings\jyothiv\Local Settings\temp\WCESLog.log moved successfully.
File C:\WINDOWS\temp\Perflib_Perfdata_208.dat not found!
C:\Documents and Settings\jyothiv\Local Settings\Application Data\Mozilla\Firefox\Profiles\6ha8upok.Default User\XUL.mfl moved successfully.

Registry entries deleted on Reboot...


===============
OTList.txt
===============

OTListIt logfile created on: 4/3/2009 8:37:07 PM - Run 7
OTListIt2 by OldTimer - Version 2.0.9.0 Folder = C:\Documents and Settings\jyothiv\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

510.92 Mb Total Physical Memory | 38.70 Mb Available Physical Memory | 7.57% Memory free
1.22 Gb Paging File | 0.66 Gb Available in Paging File | 54.18% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536;

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 51.30 Gb Total Space | 21.75 Gb Free Space | 42.39% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: JYOTHI
Current User Name: jyothiv
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Output = Minimal
File Age = 30 Days
Company Name Whitelist: On

========== Processes (SafeList) ==========

PRC - C:\WINDOWS\system32\ibmpmsvc.exe (Lenovo)
PRC - C:\Program Files\Windows Defender\MsMpEng.exe (Microsoft Corporation)
PRC - C:\WINDOWS\system32\S24EvMon.exe (Intel Corporation )
PRC - C:\Program Files\Google\Update\GoogleUpdate.exe (Google Inc.)
PRC - C:\WINDOWS\Explorer.EXE (Microsoft Corporation)
PRC - C:\Program Files\AVG\AVG8\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG8\avgrsx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\IBM\IBM Rapid Restore Ultra\rrpcsb.exe ()
PRC - C:\Program Files\AVG\AVG8\avgnsx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\Java\jre6\bin\jqs.exe (Sun Microsystems, Inc.)
PRC - c:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe (Microsoft Corporation)
PRC - C:\WINDOWS\System32\QCONSVC.EXE (IBM Corp.)
PRC - C:\WINDOWS\system32\RegSrvc.exe (Intel Corporation)
PRC - C:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe (Lenovo Group Limited)
PRC - C:\WINDOWS\system32\TpKmpSVC.exe ()
PRC - C:\Program Files\Common Files\Lenovo\Scheduler\tvtsched.exe (Lenovo Group Limited)
PRC - c:\program files\lenovo\system update\suservice.exe (Lenovo Group Limited)
PRC - C:\Program Files\Synaptics\SynTP\SynTPLpr.exe (Synaptics, Inc.)
PRC - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics, Inc.)
PRC - C:\WINDOWS\system32\TpShocks.exe (IBM Corp.)
PRC - C:\Program Files\ThinkPad\PkgMgr\HOTKEY\TPHKMGR.exe ()
PRC - C:\Program Files\ThinkPad\Utilities\EzEjMnAp.Exe (IBM Corp.)
PRC - C:\Program Files\ThinkPad\PkgMgr\HOTKEY\TPONSCR.exe ()
PRC - C:\Program Files\ThinkPad\PkgMgr\HOTKEY_1\TpScrex.exe (Lenovo Group Limited)
PRC - C:\WINDOWS\system32\dla\tfswctrl.exe (Sonic Solutions)
PRC - C:\Program Files\IBM\Messages By IBM\ibmmessages.exe (IBM)
PRC - C:\IBMTOOLS\UTILS\ibmprc.exe (IBM Corp.)
PRC - C:\Program Files\ThinkPad\ConnectUtilities\QCTRAY.EXE (IBM Corp.)
PRC - C:\Program Files\ThinkPad\ConnectUtilities\QCWLICON.EXE (IBM Corp.)
PRC - C:\Program Files\AVG\AVG8\avgtray.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
PRC - C:\Program Files\Microsoft ActiveSync\wcescomm.exe (Microsoft Corporation)
PRC - C:\Program Files\Digital Line Detect\DLG.exe (BVRP Software)
PRC - C:\Program Files\Microsoft ActiveSync\rapimgr.exe (Microsoft Corporation)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Documents and Settings\jyothiv\Desktop\OTListIt2.exe (OldTimer Tools)

========== Win32 Services (SafeList) ==========

SRV - (aawservice [Disabled | Stopped]) -- File not found
SRV - (aspnet_state [On_Demand | Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (Microsoft Corporation)
SRV - (Ati HotKey Poller [On_Demand | Stopped]) -- C:\WINDOWS\system32\Ati2evxx.exe ()
SRV - (avg8wd [Auto | Running]) -- C:\Program Files\AVG\AVG8\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
SRV - (clr_optimization_v2.0.50727_32 [On_Demand | Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (CVPND [On_Demand | Stopped]) -- C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe (Cisco Systems, Inc.)
SRV - (FontCache3.0.0.0 [On_Demand | Stopped]) -- c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe (Microsoft Corporation)
SRV - (gupdate1c90d21bf9b15b0 [Auto | Stopped]) -- C:\Program Files\Google\Update\GoogleUpdate.exe (Google Inc.)
SRV - (helpsvc [Auto | Running]) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll (Microsoft Corporation)
SRV - (IBM Rapid Restore Ultra Service [Auto | Running]) -- C:\Program Files\IBM\IBM Rapid Restore Ultra\rrpcsb.exe ()
SRV - (IBMPMSVC [Auto | Running]) -- C:\WINDOWS\system32\ibmpmsvc.exe (Lenovo)
SRV - (IDriverT [On_Demand | Stopped]) -- C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe (Macrovision Corporation)
SRV - (idsvc [Unknown | Stopped]) -- c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe (Microsoft Corporation)
SRV - (Irmon [Auto | Running]) -- C:\WINDOWS\System32\irmon.dll (Microsoft Corporation)
SRV - (JavaQuickStarterService [Auto | Running]) -- C:\Program Files\Java\jre6\bin\jqs.exe (Sun Microsystems, Inc.)
SRV - (MDM [Auto | Running]) -- c:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe (Microsoft Corporation)
SRV - (NetTcpPortSharing [Disabled | Stopped]) -- c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe (Microsoft Corporation)
SRV - (ose [On_Demand | Stopped]) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)
SRV - (PsaSrv [On_Demand | Stopped]) -- C:\WINDOWS\System32\drivers\psasrv.exe ()
SRV - (QCONSVC [Auto | Running]) -- C:\WINDOWS\System32\QCONSVC.EXE (IBM Corp.)
SRV - (RegSrvc [Auto | Running]) -- C:\WINDOWS\system32\RegSrvc.exe (Intel Corporation)
SRV - (S24EventMonitor [Auto | Running]) -- C:\WINDOWS\system32\S24EvMon.exe (Intel Corporation )
SRV - (ServiceLayer [On_Demand | Stopped]) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe (Nokia.)
SRV - (SUService [Auto | Running]) -- c:\program files\lenovo\system update\suservice.exe (Lenovo Group Limited)
SRV - (ThinkVantage Registry Monitor Service [Auto | Running]) -- C:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe (Lenovo Group Limited)
SRV - (TpKmpSVC [Auto | Running]) -- C:\WINDOWS\system32\TpKmpSVC.exe ()
SRV - (TVT Scheduler [Auto | Running]) -- C:\Program Files\Common Files\Lenovo\Scheduler\tvtsched.exe (Lenovo Group Limited)
SRV - (WinDefend [Auto | Running]) -- C:\Program Files\Windows Defender\MsMpEng.exe (Microsoft Corporation)
SRV - (WMPNetworkSvc [On_Demand | Stopped]) -- C:\Program Files\Windows Media Player\WMPNetwk.exe (Microsoft Corporation)

========== Driver Services (SafeList) ==========

DRV - (ac97intc [On_Demand | Stopped]) -- C:\WINDOWS\system32\drivers\ac97intc.sys (Intel Corporation)
DRV - (aeaudio [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\aeaudio.sys (Andrea Electronics Corporation)
DRV - (AegisP [Auto | Running]) -- C:\WINDOWS\system32\DRIVERS\AegisP.sys (Meetinghouse Data Communications)
DRV - (AliIde [Disabled | Stopped]) -- C:\WINDOWS\System32\DRIVERS\aliide.sys (Acer Laboratories Inc.)
DRV - (amdagp [Disabled | Stopped]) -- C:\WINDOWS\System32\DRIVERS\amdagp.sys (Advanced Micro Devices, Inc.)
DRV - (ANC [System | Running]) -- C:\WINDOWS\System32\drivers\ANC.SYS (IBM Corp.)
DRV - (androidusb [On_Demand | Stopped]) -- C:\WINDOWS\System32\Drivers\androidusb.sys (Google Inc)
DRV - (asc [Disabled | Stopped]) -- C:\WINDOWS\System32\DRIVERS\asc.sys (Advanced System Products, Inc.)
DRV - (asc3550 [Disabled | Stopped]) -- C:\WINDOWS\System32\DRIVERS\asc3550.sys (Advanced System Products, Inc.)
DRV - (ati2mtag [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\ati2mtag.sys (ATI Technologies Inc.)
DRV - (AvgLdx86 [System | Running]) -- C:\WINDOWS\System32\Drivers\avgldx86.sys (AVG Technologies CZ, s.r.o.)
DRV - (AvgMfx86 [System | Running]) -- C:\WINDOWS\System32\Drivers\avgmfx86.sys (AVG Technologies CZ, s.r.o.)
DRV - (AvgTdiX [System | Running]) -- C:\WINDOWS\System32\Drivers\avgtdix.sys (AVG Technologies CZ, s.r.o.)
DRV - (CmdIde [On_Demand | Stopped]) -- C:\WINDOWS\System32\DRIVERS\cmdide.sys (CMD Technology, Inc.)
DRV - (COH_Mon [On_Demand | Stopped]) -- C:\WINDOWS\system32\Drivers\COH_Mon.sys (Symantec Corporation)
DRV - (CVirtA [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\CVirtA.sys (Cisco Systems, Inc.)
DRV - (CVPNDRVA [Auto | Running]) -- C:\WINDOWS\system32\Drivers\CVPNDRVA.sys (Cisco Systems, Inc.)
DRV - (dac2w2k [Disabled | Stopped]) -- C:\WINDOWS\System32\DRIVERS\dac2w2k.sys (Mylex Corporation)
DRV - (DNE [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\dne2000.sys (Deterministic Networks, Inc.)
DRV - (drvmcdb [Boot | Running]) -- C:\WINDOWS\system32\drivers\drvmcdb.sys (Sonic Solutions)
DRV - (drvnddm [Auto | Running]) -- C:\WINDOWS\system32\drivers\drvnddm.sys (Sonic Solutions)
DRV - (E1000 [On_Demand | Running]) -- C:\WINDOWS\System32\DRIVERS\e1000325.sys (Intel Corporation)
DRV - (E100B [On_Demand | Stopped]) -- C:\WINDOWS\System32\DRIVERS\e100b325.sys (Intel Corporation)
DRV - (EGATHDRV [Auto | Running]) -- C:\WINDOWS\SYSTEM32\EGATHDRV.SYS (IBM Corporation)
DRV - (HSFHWICH [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\HSFHWICH.sys (Conexant Systems, Inc.)
DRV - (HSF_DP [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\HSF_DP.sys (Conexant Systems, Inc.)
DRV - (ibmfilter [Auto | Running]) -- C:\WINDOWS\system32\drivers\ibmfilter.sys (IBM)
DRV - (IBMPMDRV [On_Demand | Running]) -- C:\WINDOWS\System32\DRIVERS\ibmpmdrv.sys (Lenovo.)
DRV - (IBMTPCHK [System | Running]) -- C:\WINDOWS\System32\drivers\IBMBLDID.SYS ()
DRV - (kwkxusb [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\kwusb2k.sys (Kyocera Wireless Corporation)
DRV - (ltmodem5 [On_Demand | Stopped]) -- C:\WINDOWS\System32\DRIVERS\ltmdmnt.sys (LT)
DRV - (mdmxsdk [Auto | Running]) -- C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys (Conexant)
DRV - (MfeAVFK [On_Demand | Stopped]) -- C:\WINDOWS\system32\drivers\MfeAVFK.sys (McAfee, Inc.)
DRV - (MfeBOPK [On_Demand | Stopped]) -- C:\WINDOWS\system32\drivers\MfeBOPK.sys (McAfee, Inc.)
DRV - (mfehidk [System | Running]) -- C:\WINDOWS\system32\drivers\mfehidk.sys (McAfee, Inc.)
DRV - (MfeRKDK [On_Demand | Stopped]) -- C:\WINDOWS\system32\drivers\MfeRKDK.sys (McAfee, Inc.)
DRV - (mfetdik [System | Running]) -- C:\WINDOWS\system32\drivers\mfetdik.sys (McAfee, Inc.)
DRV - (misalign [On_Demand | Stopped]) -- C:\WINDOWS\system32\drivers\misalign.sys (QUALCOMM Incorporated.)
DRV - (mraid35x [Disabled | Stopped]) -- C:\WINDOWS\System32\DRIVERS\mraid35x.sys (American Megatrends Inc.)
DRV - (Multi-ICE [Auto | Running]) -- C:\WINDOWS\system32\drivers\multiice.sys ()
DRV - (nmwcd [On_Demand | Stopped]) -- C:\WINDOWS\system32\drivers\ccdcmb.sys (Nokia)
DRV - (nmwcdc [On_Demand | Stopped]) -- C:\WINDOWS\system32\drivers\ccdcmbo.sys (Nokia)
DRV - (NSCIRDA [On_Demand | Running]) -- C:\WINDOWS\System32\DRIVERS\nscirda.sys (National Semiconductor Corporation)
DRV - (pccsmcfd [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys (Nokia)
DRV - (PMEM [Auto | Running]) -- C:\WINDOWS\SYSTEM32\Drivers\PMEMNT.SYS (Microsoft Corporation)
DRV - (psadd [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\psadd.sys (Lenovo (United States) Inc.)
DRV - (Ptilink [On_Demand | Running]) -- C:\WINDOWS\System32\DRIVERS\ptilink.sys (Parallel Technologies, Inc.)
DRV - (PxHelp20 [Boot | Running]) -- C:\WINDOWS\System32\Drivers\PxHelp20.sys (Sonic Solutions)
DRV - (QCNDISIF [On_Demand | Stopped]) -- C:\WINDOWS\System32\drivers\qcndisif.SYS (IBM Corporation.)
DRV - (ql1080 [Disabled | Stopped]) -- C:\WINDOWS\System32\DRIVERS\ql1080.sys (QLogic Corporation)
DRV - (ql12160 [Disabled | Stopped]) -- C:\WINDOWS\System32\DRIVERS\ql12160.sys (QLogic Corporation)
DRV - (ql1280 [Disabled | Stopped]) -- C:\WINDOWS\System32\DRIVERS\ql1280.sys (QLogic Corporation)
DRV - (s24trans [Auto | Running]) -- C:\WINDOWS\system32\DRIVERS\s24trans.sys (Intel Corporation)
DRV - (S3SSavage [On_Demand | Stopped]) -- C:\WINDOWS\System32\DRIVERS\s3ssavm.sys (S3 Graphics, Inc.)
DRV - (Ser2pl [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\ser2pl.sys (Prolific Technology Inc.)
DRV - (ShockMgr [System | Running]) -- C:\WINDOWS\System32\drivers\ShockMgr.sys (IBM Corporation)
DRV - (Shockprf [Boot | Running]) -- C:\WINDOWS\System32\drivers\shockprf.sys (IBM Corporation)
DRV - (sisagp [Disabled | Stopped]) -- C:\WINDOWS\System32\DRIVERS\sisagp.sys (Silicon Integrated Systems Corporation)
DRV - (Smapint [System | Running]) -- C:\WINDOWS\System32\drivers\Smapint.sys (Microsoft Corporation)
DRV - (smwdm [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\smwdm.sys (Analog Devices, Inc.)
DRV - (Sparrow [Disabled | Stopped]) -- C:\WINDOWS\System32\DRIVERS\sparrow.sys (Adaptec, Inc.)
DRV - (sscdbhk5 [System | Running]) -- C:\WINDOWS\system32\drivers\sscdbhk5.sys (Sonic Solutions)
DRV - (sscdbus [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\sscdbus.sys (MCCI)
DRV - (sscdmdfl [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\sscdmdfl.sys (MCCI)
DRV - (sscdmdm [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\sscdmdm.sys (MCCI)
DRV - (sscdserd [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\sscdserd.sys (MCCI)
DRV - (ssrtln [System | Running]) -- C:\WINDOWS\system32\drivers\ssrtln.sys (Sonic Solutions)
DRV - (symc810 [Disabled | Stopped]) -- C:\WINDOWS\System32\DRIVERS\symc810.sys (Symbios Logic Inc.)
DRV - (symc8xx [Disabled | Stopped]) -- C:\WINDOWS\System32\DRIVERS\symc8xx.sys (LSI Logic)
DRV - (SymEvent [On_Demand | Stopped]) -- C:\WINDOWS\system32\Drivers\SYMEVENT.SYS (Symantec Corporation)
DRV - (sym_hi [Disabled | Stopped]) -- C:\WINDOWS\System32\DRIVERS\sym_hi.sys (LSI Logic)
DRV - (sym_u3 [Disabled | Stopped]) -- C:\WINDOWS\System32\DRIVERS\sym_u3.sys (LSI Logic)
DRV - (SynTP [On_Demand | Running]) -- C:\WINDOWS\System32\DRIVERS\SynTP.sys (Synaptics, Inc.)
DRV - (TDSMAPI [System | Running]) -- C:\WINDOWS\System32\drivers\TDSMAPI.SYS ()
DRV - (tfsnboio [Auto | Running]) -- C:\WINDOWS\system32\dla\tfsnboio.sys (Sonic Solutions)
DRV - (tfsncofs [Auto | Running]) -- C:\WINDOWS\system32\dla\tfsncofs.sys (Sonic Solutions)
DRV - (tfsndrct [Auto | Running]) -- C:\WINDOWS\system32\dla\tfsndrct.sys (Sonic Solutions)
DRV - (tfsndres [Auto | Running]) -- C:\WINDOWS\system32\dla\tfsndres.sys (Sonic Solutions)
DRV - (tfsnifs [Auto | Running]) -- C:\WINDOWS\system32\dla\tfsnifs.sys (Sonic Solutions)
DRV - (tfsnopio [Auto | Running]) -- C:\WINDOWS\system32\dla\tfsnopio.sys (Sonic Solutions)
DRV - (tfsnpool [Auto | Running]) -- C:\WINDOWS\system32\dla\tfsnpool.sys (Sonic Solutions)
DRV - (tfsnudf [Auto | Running]) -- C:\WINDOWS\system32\dla\tfsnudf.sys (Sonic Solutions)
DRV - (tfsnudfa [Auto | Running]) -- C:\WINDOWS\system32\dla\tfsnudfa.sys (Sonic Solutions)
DRV - (TPHKDRV [System | Running]) -- C:\WINDOWS\System32\drivers\TPHKDRV.sys (IBM Corporation)
DRV - (TPPWR [System | Running]) -- C:\WINDOWS\System32\drivers\Tppwr.sys (IBM Corp.)
DRV - (TSMAPIP [System | Running]) -- C:\WINDOWS\System32\drivers\TSMAPIP.SYS ()
DRV - (TwoTrack [On_Demand | Stopped]) -- C:\WINDOWS\System32\DRIVERS\TwoTrack.sys (IBM Corporation)
DRV - (ultra [Disabled | Stopped]) -- C:\WINDOWS\System32\DRIVERS\ultra.sys (Promise Technology, Inc.)
DRV - (upperdev [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys (Windows ® Codename Longhorn DDK provider)
DRV - (usbbus [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\lgusbbus.sys (LG Electronics Inc.)
DRV - (UsbDiag [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\lgusbdiag.sys (LG Electronics Inc.)
DRV - (USBModem [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\lgusbmodem.sys (LG Electronics Inc.)
DRV - (usbser [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\usbser.sys (Microsoft Corporation)
DRV - (UsbserFilt [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys (Windows ® Codename Longhorn DDK provider)
DRV - (usb_rndisx [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\usb8023x.sys (Microsoft Corporation)
DRV - (VPCAppSv [Auto | Running]) -- C:\WINDOWS\system32\DRIVERS\VPCAppSv.sys (Connectix Corporation)
DRV - (vsdatant [On_Demand | Stopped]) -- C:\WINDOWS\system32\vsdatant.sys (Zone Labs LLC)
DRV - (w22n51 [On_Demand | Running]) -- C:\WINDOWS\System32\DRIVERS\w22n51.sys (Intel® Corporation)
DRV - (wceusbsh [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\wceusbsh.sys (Microsoft Corporation)
DRV - (winachsf [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys (Conexant Systems, Inc.)
DRV - (xpvcom [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\XPVCOM.sys ()

========== Standard Registry (All) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn...st/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomSearch = http://us.rd.yahoo.c...rch/search.html
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn...st/srchasst.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...amp;ar=iesearch
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Yahoo! Search
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://search.yahoo....e...-8&fr=b1ie7
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://my.yahoo.com/index.html
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Yahoo"
FF - prefs.js..browser.search.defaulturl: "http://search.yahoo....-8&fr=slv5-&p="
FF - prefs.js..browser.search.selectedEngine: "Yahoo"
FF - prefs.js..browser.startup.homepage: "http://my.yahoo.com/?.home=ytff"
FF - prefs.js..keyword.URL: "http://search.yahoo....fr=slv5-ab-&p="

FF - HKLM\software\mozilla\Firefox\Extensions\\[email protected]: C:\PROGRAM FILES\NOKIA\NOKIA PC SUITE 7\BKMRKSYNC\ [2009/01/26 16:15:39 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION\ [2009/03/11 12:46:10 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\PROGRAM FILES\AVG\AVG8\FIREFOX [2009/03/25 21:07:44 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{1d5287d1-8a92-0001-1f31-1cec198018d8}: C:\PROGRAM FILES\AVG\AVG8\TOOLBARFF [2009/03/25 21:07:44 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\[email protected]: C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF [2009/03/26 10:12:51 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.8\extensions\\Components: C:\PROGRAM FILES\MOZILLA FIREFOX\COMPONENTS [2009/04/02 08:57:44 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.8\extensions\\Plugins: C:\PROGRAM FILES\MOZILLA FIREFOX\PLUGINS [2009/03/29 19:20:54 | 00,000,000 | ---D | M]

[2009/01/11 21:39:30 | 00,000,000 | ---D | M] -- C:\Documents and Settings\jyothiv\Application Data\mozilla\Extensions
[2009/01/11 21:39:30 | 00,000,000 | ---D | M] -- C:\Documents and Settings\jyothiv\Application Data\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2009/04/03 20:17:32 | 00,000,000 | ---D | M] -- C:\Documents and Settings\jyothiv\Application Data\mozilla\Firefox\Profiles\6ha8upok.Default User\extensions
[2009/02/23 10:58:42 | 00,000,000 | ---D | M] -- C:\Documents and Settings\jyothiv\Application Data\mozilla\Firefox\Profiles\6ha8upok.Default User\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2005/08/02 23:44:01 | 00,000,000 | ---D | M] -- C:\Documents and Settings\jyothiv\Application Data\mozilla\Firefox\Profiles\b6zi5d49.default\extensions
[2005/08/02 23:44:02 | 00,000,000 | ---D | M] -- C:\Documents and Settings\jyothiv\Application Data\mozilla\Firefox\Profiles\b6zi5d49.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2005/08/02 10:10:59 | 00,000,000 | ---D | M] -- C:\Documents and Settings\jyothiv\Application Data\mozilla\Firefox\Profiles\b6zi5d49.default\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2009/04/03 20:17:28 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions
[2009/03/29 19:20:54 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2009/03/26 10:13:27 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}
[2009/03/29 19:20:35 | 00,023,032 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browserdirprovider.dll
[2009/03/29 19:20:35 | 00,134,648 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\brwsrcmp.dll
[2009/01/11 21:38:29 | 00,001,394 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom.xml
[2009/01/11 21:38:29 | 00,002,193 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\answers.xml
[2009/01/11 21:38:29 | 00,001,534 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\creativecommons.xml
[2009/01/11 21:38:29 | 00,002,343 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay.xml
[2009/01/11 21:38:29 | 00,001,706 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\google.xml
[2009/01/11 21:38:29 | 00,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia.xml
[2009/01/11 21:38:29 | 00,000,792 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo.xml

O1 HOSTS File: (27 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Yahoo! Toolbar Helper) - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn3\yt.dll (Yahoo! Inc.)
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Yahoo! IE Services Button) - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll (Yahoo! Inc.)
O2 - BHO: (DriveLetterAccess) - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll (Sonic Solutions)
O2 - BHO: (AVG Security Toolbar) - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\Program Files\AVG\AVG8\avgtoolbar.dll ([[[COMPANYNAME]]]----------------------------)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O3 - HKLM\..\Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - Reg Error: Key error. File not found
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\Program Files\AVG\AVG8\avgtoolbar.dll ([[[COMPANYNAME]]]----------------------------)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn3\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\System32\browseui.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\System32\browseui.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\SHELL32.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - Reg Error: Key error. File not found
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\Program Files\AVG\AVG8\avgtoolbar.dll ([[[COMPANYNAME]]]----------------------------)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn3\yt.dll (Yahoo! Inc.)
O4 - HKLM..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe (ATI Technologies, Inc.)
O4 - HKLM..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [BLOG] rundll32.exe C:\PROGRA~1\ThinkPad\UTILIT~1\BatLogEx.DLL,StartBattLog ()
O4 - HKLM..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent (Microsoft Corporation)
O4 - HKLM..\Run: [BMMGAG] RunDll32 C:\PROGRA~1\ThinkPad\UTILIT~1\pwrmonit.dll,StartPwrMonitor (IBM Corp.)
O4 - HKLM..\Run: [BMMLREF] C:\Program Files\ThinkPad\Utilities\BMMLREF.EXE ()
O4 - HKLM..\Run: [BMMMONWND] rundll32.exe C:\PROGRA~1\ThinkPad\UTILIT~1\BatInfEx.dll,BMMAutonomicMonitor ()
O4 - HKLM..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe (Sonic Solutions)
O4 - HKLM..\Run: [EZEJMNAP] C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe (IBM Corp.)
O4 - HKLM..\Run: [ibmmessages] C:\Program Files\IBM\Messages By IBM\\ibmmessages.exe (IBM)
O4 - HKLM..\Run: [IBMPRC] C:\IBMTOOLS\UTILS\ibmprc.exe (IBM Corp.)
O4 - HKLM..\Run: [QCTRAY] C:\Program Files\ThinkPad\ConnectUtilities\QCTRAY.EXE (IBM Corp.)
O4 - HKLM..\Run: [QCWLICON] C:\Program Files\ThinkPad\ConnectUtilities\QCWLICON.EXE (IBM Corp.)
O4 - HKLM..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics, Inc.)
O4 - HKLM..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe (Synaptics, Inc.)
O4 - HKLM..\Run: [TP4EX] tp4ex.exe (IBM Corporation)
O4 - HKLM..\Run: [TPHOTKEY] C:\PROGRA~1\ThinkPad\PkgMgr\HOTKEY\TPHKMGR.exe ()
O4 - HKLM..\Run: [TPKMAPHELPER] C:\Program Files\ThinkPad\Utilities\TpKmapAp.exe -helper (IBM Corp.)
O4 - HKLM..\Run: [TpShocks] TpShocks.exe (IBM Corp.)
O4 - HKLM..\Run: [UpdateManager] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r (Sonic Solutions)
O4 - HKCU..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation)
O4 - HKCU..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (Microsoft Corporation)
O4 - HKCU..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe" (Microsoft Corporation)
O4 - HKCU..\Run: [ibmmessages] C:\Program Files\IBM\Messages By IBM\ibmmessages.exe (IBM)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Digital Line Detect.lnk = C:\Program Files\Digital Line Detect\DLG.exe (BVRP Software)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm
O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htm
O9 - Extra Button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INetRepl.dll (Microsoft Corporation)
O9 - Extra Button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll (Yahoo! Inc.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: Software Installer - {D1A4DEBD-C2EE-449f-B9FB-E8409F9A0BC5} - C:\Program Files\ThinkPad\PkgMgr\PkgMgr.exe (Lenovo Group Limited)
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (Microsoft Corporation)
O9 - Extra Button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
O9 - Extra 'Tools' menuitem : Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [Tcpip] - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [NTDS] - C:\WINDOWS\System32\winrnr.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [Network Location Awareness (NLA) Namespace] - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [Bluetooth Namespace] - C:\WINDOWS\system32\wshbth.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000022 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000023 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000024 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000025 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000026 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000027 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000028 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000029 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000030 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000031 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000032 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000033 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000034 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000035 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000036 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000037 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000038 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000039 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000040 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000041 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000042 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000043 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O15 - HKLM\..Trusted Domains: 49 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKCU\..Trusted Sites: ([]msn in My Computer)
O15 - HKCU\..Trusted Domains: 51 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://go.microsoft....k/?linkid=39204 (Windows Genuine Advantage Validation Tool)
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} http://security.syma...bin/AvSniff.cab (Symantec AntiVirus scanner)
O16 - DPF: {493ACF15-5CD9-4474-82A6-91670C3DD66E} http://www.linkedin....nderControl.cab (LinkedIn ContactFinderControl)
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} http://security.syma...n/bin/cabsa.cab (Symantec RuFSI Utility Class)
O16 - DPF: {6824D897-F7E1-4E41-B84B-B1D3FA4BF1BD} http://utilities.pcp...opAntiVirus.dll (PCPitstop AntiVirus)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {9600F64D-755F-11D4-A47F-0001023E6D5A} http://web1.shutterf...ds/Uploader.cab (Shutterfly Picture Upload Plugin)
O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} http://ax.emsisoft.com/asquared.cab (a-squared Scanner)
O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {E001C731-5E37-4538-A5CB-8168736A2360} http://quickscan.bit...ActiveQscan.cab (Confirmation)
O18 - Protocol\Filter: - application/octet-stream - C:\WINDOWS\system32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter: - application/x-complus - C:\WINDOWS\system32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter: - application/x-msdownload - C:\WINDOWS\system32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter: - Class Install Handler - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter: - deflate - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter: - gzip - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter: - lzdhtml - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter: - text/webviewhtml - C:\WINDOWS\system32\SHELL32.dll (Microsoft Corporation)
O18 - Protocol\Filter: - text/xml - C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\Explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UIHost - (logonui.exe) - C:\WINDOWS\system32\logonui.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (rundll32 shell32) - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") - C:\WINDOWS\system32\sysdm.cpl (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\system32\Ati2evxx.dll ()
O20 - Winlogon\Notify\avgrsstarter: DllName - avgrsstx.dll - C:\WINDOWS\system32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
O20 - Winlogon\Notify\crypt32chain: DllName - crypt32.dll - C:\WINDOWS\system32\crypt32.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cryptnet: DllName - cryptnet.dll - C:\WINDOWS\system32\cryptnet.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cscdll: DllName - cscdll.dll - C:\WINDOWS\system32\cscdll.dll (Microsoft Corporation)
O20 - Winlogon\Notify\dimsntfy: DllName - %SystemRoot%\System32\dimsntfy.dll - C:\WINDOWS\System32\dimsntfy.dll (Microsoft Corporation)
O20 - Winlogon\Notify\QConGina: DllName - QConGina.dll - C:\WINDOWS\system32\QConGina.dll (IBM Corp.)
O20 - Winlogon\Notify\ScCertProp: DllName - wlnotify.dll - C:\WINDOWS\system32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\Schedule: DllName - wlnotify.dll - C:\WINDOWS\system32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\sclgntfy: DllName - sclgntfy.dll - C:\WINDOWS\system32\sclgntfy.dll (Microsoft Corporation)
O20 - Winlogon\Notify\SensLogn: DllName - WlNotify.dll - C:\WINDOWS\system32\WlNotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\termsrv: DllName - wlnotify.dll - C:\WINDOWS\system32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\tpfnf2: DllName - notifyf2.dll - C:\WINDOWS\system32\notifyf2.dll ()
O20 - Winlogon\Notify\tphotkey: DllName - tphklock.dll - C:\WINDOWS\system32\tphklock.dll ()
O20 - Winlogon\Notify\WgaLogon: DllName - WgaLogon.dll - C:\WINDOWS\system32\WgaLogon.dll (Microsoft Corporation)
O20 - Winlogon\Notify\wlballoon: DllName - wlnotify.dll - C:\WINDOWS\system32\wlnotify.dll (Microsoft Corporation)
O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - C:\WINDOWS\system32\SHELL32.dll (Microsoft Corporation)
O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - C:\WINDOWS\system32\SHELL32.dll (Microsoft Corporation)
O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - C:\WINDOWS\system32\stobject.dll (Microsoft Corporation)
O21 - SSODL: UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - C:\WINDOWS\system32\upnpui.dll (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\WINDOWS\system32\webcheck.dll (Microsoft Corporation)
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {438755C2-A8BA-11D1-B96B-00A0C90312E1} - Browseui preloader - C:\WINDOWS\System32\browseui.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Component Categories cache daemon - C:\WINDOWS\System32\browseui.dll (Microsoft Corporation)
O24 - Desktop Components:0 (My Current Home Page) - About:Home
O27 - HKLM IFEO\Your Image File Name Here without a path: Debugger - C:\WINDOWS\System32\ntsd.exe (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {091EB208-39DD-417D-A5DD-7E2C2D8FB9CB} - C:\Program Files\Windows Defender\MpShHook.dll (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (msapsspc.dll) - C:\WINDOWS\system32\msapsspc.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - ( schannel.dll) - C:\WINDOWS\system32\schannel.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - ( digest.dll) - C:\WINDOWS\system32\digest.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - ( msnsspc.dll) - C:\WINDOWS\system32\msnsspc.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\WINDOWS\System32\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\WINDOWS\System32\wdigest.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - Autorun File - C:\AUTOEXEC.BAT () - [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found

========== Files/Folders - Created Within 30 Days ==========

[13 C:\WINDOWS\System32\*.tmp files]
[2 C:\WINDOWS\*.tmp files]
[2009/04/03 20:23:32 | 00,000,000 | ---D | C] -- C:\_OTListIt
[2009/04/03 14:21:18 | 00,001,822 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Hex Editor Neo.lnk
[2009/04/03 14:21:07 | 00,000,000 | ---D | C] -- C:\Setup
[2009/04/03 14:21:05 | 00,000,000 | ---D | C] -- C:\Program Files\HHD Software
[2009/04/02 08:54:44 | 00,500,224 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\jyothiv\Desktop\OTListIt2.exe
[2009/04/01 14:59:25 | 00,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_androidusb_01005.Wdf
[2009/03/31 10:10:50 | 00,000,000 | ---D | C] -- C:\Documents and Settings\jyothiv\Application Data\Subversion
[2009/03/26 11:02:36 | 00,000,000 | ---D | C] -- C:\Documents and Settings\jyothiv\Local Settings\Application Data\Android
[2009/03/26 10:35:36 | 00,000,000 | ---D | C] -- C:\ec
[2009/03/26 10:13:53 | 00,000,000 | ---D | C] -- C:\Program Files\Sun
[2009/03/26 10:00:54 | 00,000,617 | ---- | C] () -- C:\Documents and Settings\jyothiv\Desktop\Shortcut to eclipse.exe.lnk
[2009/03/25 22:32:57 | 00,000,000 | -H-D | C] -- C:\$AVG8.VAULT$
[2009/03/25 21:08:27 | 00,001,518 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\AVG Free 8.5.lnk
[2009/03/25 21:08:26 | 00,010,520 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\avgrsstx.dll
[2009/03/25 21:08:25 | 00,108,552 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgtdix.sys
[2009/03/25 21:08:20 | 00,325,640 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgldx86.sys
[2009/03/25 21:08:18 | 00,027,656 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgmfx86.sys
[2009/03/25 21:08:10 | 34,841,319 | ---- | C] () -- C:\WINDOWS\System32\drivers\Avg\incavi.avm
[2009/03/25 21:08:10 | 00,084,967 | ---- | C] () -- C:\WINDOWS\System32\drivers\Avg\microavi.avg
[2009/03/25 21:08:09 | 06,061,540 | ---- | C] () -- C:\WINDOWS\System32\drivers\Avg\avi7.avg
[2009/03/25 21:08:09 | 00,401,372 | ---- | C] () -- C:\WINDOWS\System32\drivers\Avg\miniavi.avg
[2009/03/25 21:08:09 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\Avg
[2009/03/25 21:08:09 | 00,000,000 | ---D | C] -- C:\Documents and Settings\jyothiv\Application Data\AVGTOOLBAR
[2009/03/25 21:07:43 | 00,000,000 | ---D | C] -- C:\Program Files\AVG
[2009/03/25 21:07:41 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\avg8
[2009/03/24 16:37:29 | 01,419,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wdfcoinstaller01005.dll
[2009/03/24 14:19:00 | 00,000,000 | ---D | C] -- C:\android
[2009/03/20 15:47:49 | 00,000,000 | -HSD | C] -- C:\RECYCLER
[2009/03/19 20:22:01 | 53,581,0048 | -HS- | C] () -- C:\hiberfil.sys
[2009/03/19 19:28:37 | 00,000,000 | ---D | C] -- C:\Program Files\ERUNT
[2009/03/19 15:33:15 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2009/03/19 12:59:42 | 00,001,494 | ---- | C] () -- C:\Documents and Settings\jyothiv\Desktop\On-Screen Keyboard.lnk
[2009/03/19 10:08:39 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
[2009/03/19 09:34:19 | 00,000,000 | ---D | C] -- C:\Documents and Settings\jyothiv\Application Data\QuickScan
[2009/03/19 08:40:09 | 00,000,000 | ---D | C] -- C:\Program Files\PCPitstop
[2009/03/17 12:35:05 | 00,000,707 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2009/03/17 12:35:04 | 00,015,504 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2009/03/17 12:35:00 | 00,038,496 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2009/03/17 12:34:57 | 00,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2009/03/12 07:54:24 | 01,089,593 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ntprint.cat
[2009/03/11 12:42:33 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\XPSViewer
[2009/03/11 12:41:32 | 00,000,000 | ---D | C] -- C:\Program Files\Reference Assemblies
[2009/03/11 12:38:45 | 00,117,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\prntvpt.dll
[2009/03/11 12:38:45 | 00,089,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\filterpipelineprintproc.dll
[2009/03/11 12:38:44 | 00,597,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\printfilterpipelinesvc.exe
[2009/03/11 12:38:43 | 00,575,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xpsshhdr.dll
[2009/03/11 12:38:43 | 00,575,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xpsshhdr.dll
[2009/03/11 12:38:42 | 01,676,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xpssvcs.dll
[2009/03/11 12:38:42 | 01,676,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xpssvcs.dll
[2009/03/11 12:38:40 | 00,000,000 | ---D | C] -- C:\111df31f55a89164b5fd
[2009/03/11 12:35:41 | 00,000,000 | ---D | C] -- C:\WINDOWS\SxsCaPendDel

========== Files - Modified Within 30 Days ==========

[13 C:\WINDOWS\System32\*.tmp files]
[2 C:\WINDOWS\*.tmp files]
[2009/04/03 20:33:26 | 00,000,330 | -H-- | M] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2009/04/03 20:31:26 | 00,002,278 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2009/04/03 20:30:09 | 00,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachine.job
[2009/04/03 20:29:57 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009/04/03 20:29:35 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009/04/03 20:29:27 | 53,581,0048 | -HS- | M] () -- C:\hiberfil.sys
[2009/04/03 14:21:19 | 00,001,822 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Hex Editor Neo.lnk
[2009/04/03 08:48:33 | 00,084,967 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\microavi.avg
[2009/04/03 08:48:32 | 34,841,319 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\incavi.avm
[2009/04/03 08:46:52 | 00,108,552 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgtdix.sys
[2009/04/02 08:55:29 | 00,500,224 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\jyothiv\Desktop\OTListIt2.exe
[2009/04/01 14:59:25 | 00,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_androidusb_01005.Wdf
[2009/03/26 16:49:56 | 00,038,496 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2009/03/26 16:49:50 | 00,015,504 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2009/03/26 10:00:54 | 00,000,617 | ---- | M] () -- C:\Documents and Settings\jyothiv\Desktop\Shortcut to eclipse.exe.lnk
[2009/03/25 21:08:27 | 00,001,518 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\AVG Free 8.5.lnk
[2009/03/25 21:08:26 | 00,010,520 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\avgrsstx.dll
[2009/03/25 21:08:20 | 00,325,640 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgldx86.sys
[2009/03/25 21:08:18 | 00,027,656 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgmfx86.sys
[2009/03/25 21:08:10 | 00,401,372 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\miniavi.avg
[2009/03/25 21:08:09 | 06,061,540 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\avi7.avg
[2009/03/24 16:00:17 | 00,000,849 | ---- | M] () -- C:\WINDOWS\win.ini
[2009/03/24 16:00:17 | 00,000,281 | RHS- | M] () -- C:\BOOT.INI
[2009/03/24 16:00:17 | 00,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
[2009/03/21 15:37:41 | 00,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2009/03/19 12:59:46 | 00,001,494 | ---- | M] () -- C:\Documents and Settings\jyothiv\Desktop\On-Screen Keyboard.lnk
[2009/03/17 12:35:05 | 00,000,707 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2009/03/12 08:02:23 | 00,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2009/03/11 13:26:04 | 00,320,336 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2009/03/11 12:55:35 | 00,540,974 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2009/03/11 12:55:35 | 00,469,488 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2009/03/11 12:55:35 | 00,080,216 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2009/03/10 22:18:20 | 01,482,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\LegitCheckControl.dll
[2009/03/10 22:18:14 | 00,934,792 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\WgaTray.exe
[2009/03/10 22:18:14 | 00,934,792 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\WgaTray.exe
[2009/03/10 22:18:00 | 00,239,496 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\WgaLogon.dll
[2009/03/10 22:18:00 | 00,239,496 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wgaLogon.dll

========== Alternate Data Streams ==========

@Alternate Data Stream - 116 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:D1B5B4F1
@Alternate Data Stream - 110 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2
< End of report >

Thanks,
sumd
  • 0

#25
kahdah

kahdah

    GeekU Teacher

  • Retired Staff
  • 15,822 posts
Ok log looks ok still go for a few days and monitor the way the computer runs and post back here in a few days and let me know if all is well and we will wrap it up.
  • 0

Advertisements


#26
sumd

sumd

    Member

  • Topic Starter
  • Member
  • PipPip
  • 14 posts
Hi,

Every couple of weeks, I'm running ATF cleaner and cleanmgr.exe.

Then my computer runs fine for couple of weeks. Again it slows down.

I ran Kaspersky online scanner. Didn't find anything. I'm using AVG free edition.

This morning, I noticed wmiprvse.exe in task manager and searched for it in c:\windows. Found the file under
C:\WINDOWS\system32\wbem - 223k,
C:\WINDOWS\system32\dllcache - 223k,
C:\WINDOWS\ServicePackFiles\i386 - 213k,
C:\WINDOWS\$NtUninstallKB956572$ - 213k,
C:\WINDOWS\$NtServicePackUninstall$ - 213k,
C:\WINDOWS\$hf_mig$\KB956572\SP3QFE - 223k


Submitted the files to online file scanners:
Jotti File Scan
VirusTotal File Scan

Jotti file scan Report
======================
for file under wbem and dllcache, CPSecure found BackDoor.W32.Agent.afqs

VirusTotal File Scan
====================
for file under wbem, dllcache,C:\WINDOWS\$hf_mig$\KB956572\SP3QFE(files with 223k size)

McAfee-GW-Edition 6.7.6 2009.06.05 Win32.LooksLike.Virut


Do you suspect virus still there or is it a false one?

Thanks,
sumd

Edited by sumd, 05 June 2009 - 12:20 PM.

  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP