Jump to content

Suba

Members
  • Content Count

    3
  • Joined

  • Last visited

About Suba

  • Rank
    Newbie
  1. File:- Extras.txt OTL Extras logfile created on: 4/10/2011 3:00:20 PM - Run 1 OTL by OldTimer - Version 3.2.22.3 Folder = C:\Documents and Settings\sunikar\Desktop Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 1,014.00 Mb Total Physical Memory | 93.00 Mb Available Physical Memory | 9.00% Memory free 2.00 Gb Paging File | 1.00 Gb Available in Paging File | 58.00% Paging File free Paging file location(s): C:\pagefile.sys 1524 3048 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 62.48 Gb Total Space | 1.62 Gb Free Space | 2.59% Space Free | Partition Type: NTFS Drive D: | 10.00 Gb Total Space | 9.36 Gb Free Space | 93.60% Space Free | Partition Type: NTFS Computer Name: SUNISHKAR | User Name: sunikar | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Quick Scan Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* .url [@ = InternetShortcut] -- rundll32.exe shdocvw.dll,OpenURL %l [HKEY_USERS\S-1-5-21-2025429265-963894560-1801674531-1004\SOFTWARE\Classes\<extension>] .html [@ = htmlfile] -- Reg Error: Key error. File not found ========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* exefile [open] -- "%1" %* InternetShortcut [open] -- rundll32.exe shdocvw.dll,OpenURL %l piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "FirstRunDisabled" = 1 "AntiVirusDisableNotify" = 0 "FirewallDisableNotify" = 0 "UpdatesDisableNotify" = 0 "AntiVirusOverride" = 0 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall] ========== System Restore Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore] "DisableSR" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr] "Start" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService] "Start" = 2 ========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 1 "DoNotAllowExceptions" = 0 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] "135:TCP" = 135:TCP:*:Enabled:DCOM ========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] "C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe" = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger -- (Logitech Inc.) [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe" = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger -- (Logitech Inc.) "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" = C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger -- (Yahoo! Inc.) "C:\Program Files\NETGEAR\MA521 Configuration Utility\wlancfg5.exe" = C:\Program Files\NETGEAR\MA521 Configuration Utility\wlancfg5.exe:*:Enabled:MA521 Configuration Utility -- () "C:\Documents and Settings\sunikar\Local Settings\Application Data\Google\Google Talk Plugin\googletalkplugin.dll" = C:\Documents and Settings\sunikar\Local Settings\Application Data\Google\Google Talk Plugin\googletalkplugin.dll:*:Enabled:Google Talk Plugin -- (Google) "C:\Documents and Settings\sunikar\Local Settings\Application Data\Google\Google Talk Plugin\googletalkplugin.exe" = C:\Documents and Settings\sunikar\Local Settings\Application Data\Google\Google Talk Plugin\googletalkplugin.exe:*:Enabled:Google Talk Plugin -- (Google) "C:\Program Files\Vuze\Azureus.exe" = C:\Program Files\Vuze\Azureus.exe:*:Enabled:Azureus "C:\Program Files\Mercury Interactive\QuickTest Professional\bin\AQTRmtAgent.exe" = C:\Program Files\Mercury Interactive\QuickTest Professional\bin\AQTRmtAgent.exe:*:Enabled:AQT Remote Agent "C:\Program Files\Google\Google Talk\googletalk.exe" = C:\Program Files\Google\Google Talk\googletalk.exe:*:Enabled:Google Talk -- (Google) "C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe" = C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe:LocalSubNet:Disabled:Intuit Update Shared Downloads Server -- (Intuit Inc.) ========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{005F78AF-110D-398A-8430-BE98950A1E22}" = Google Talk Plugin "{01558B00-3F19-4E26-8B56-11CA9F97E81C}" = MA521 Configuration Utility "{035400A4-29BD-3723-BEED-E2718A68CDE0}" = Microsoft Visual Studio 2010 Office Developer Tools (x86) "{05BDC796-3451-4F81-B91D-E98F7ADA76C2}" = TurboTax 2010 WinPerTaxSupport "{06BE8AFD-A8E2-4B63-BAE7-287016D16ACB}" = mSSO "{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended "{0C34B801-6AEC-4667-B053-03A67E2D0415}" = Apple Application Support "{0DDCEC37-369C-484B-B16D-B4413FD42FB9}" = Microsoft SQL Server 2008 R2 Data-Tier Application Framework "{0E2B0B41-7E08-4F9F-B21F-41C4133F43B7}" = mLogView "{0E794924-17AC-4565-96C7-960D40F8B61E}" = TurboTax 2010 wcoiper "{0F37D969-1260-419E-B308-EF7D29ABDE20}" = Web Deployment Tool "{112C23F2-C036-4D40-BED4-0CB47BF5555C}" = Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 ENU "{14DD7530-CCD2-3798-B37D-3839ED6A441C}" = Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools "{1803A630-3C38-4D2B-9B9A-0CB37243539C}" = Microsoft ASP.NET MVC 2 "{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer "{196E77C5-F524-4B50-BD1A-2C21EEE9B8F7}" = Microsoft SQL Server 2008 Common Files "{2012098D-EEE9-4769-8DD3-B038050854D4}" = Microsoft Silverlight 3 SDK "{226b64e8-dc75-4eea-a6c8-abcb496320f2}-Google Talk" = Google Talk (remove only) "{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer "{232DB76D-4751-41A9-9EC2-CDC0DAC1FAB6}" = WD SmartWare "{23FB368F-1399-4EAC-817C-4B83ECBE3D83}" = mProSafe "{26A24AE4-039D-4CA4-87B4-2F83216013FF}" = Java 6 Update 13 "{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com "{29521505-F489-4822-ADFA-32C6DEE4F114}" = TurboTax 2008 WinPerUserEducation "{2A2F3AE8-246A-4252-BB26-1BEB45627074}" = Microsoft SQL Server System CLR Types "{2D9FEBEE-F1B7-344F-BFDF-760E18332D96}" = Microsoft Visual Studio 2010 SharePoint Developer Tools "{33AE9E89-47C9-4A0D-9E9D-BDD6966A3804}" = Microsoft SQL Server 2008 RsFx Driver "{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP "{35725FBC-A136-4A46-9F29-091759D9BB93}" = MVision "{360EDFB0-EAA2-012B-AD16-000000000000}" = TurboTax 2009 wcaiper "{3782EC09-4000-475E-8A59-9CABD6F03B4C}" = TurboTax 2010 WinPerFedFormset "{37EBB600-EAA2-012B-AD89-000000000000}" = TurboTax 2009 wiliper "{3881DB80-EAA2-012B-ADAE-000000000000}" = TurboTax 2009 WinPerFedFormset "{38975F50-EAA2-012B-ADB4-000000000000}" = TurboTax 2009 WinPerReleaseEngine "{38A34630-EAA2-012B-ADB6-000000000000}" = TurboTax 2009 WinPerTaxSupport "{3A9FC03D-C685-4831-94CF-4EDFD3749497}" = Microsoft SQL Server Compact 3.5 SP2 ENU "{3BB19A2B-B9C5-3872-8FDF-3047CC9F9841}" = Microsoft Visual Studio 2010 Tools for Office Runtime (x86) "{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile "{3C5A81D0-EAA2-012B-AE9F-000000000000}" = TurboTax 2009 wrapper "{3E9D596A-61D4-4239-BD19-2DB984D2A16F}" = mIWA "{40416836-56CC-4C0E-A6AF-5C34BADCE483}" = Microsoft ASP.NET MVC 2 - Visual Studio 2010 Tools "{4402084F-61EE-48B2-AFCB-AC1EC2454C79}" = MySQL Server 5.1 "{4781569D-5404-1F26-4B2B-6DF444441031}" = Nero 7 Ultra Edition "{47C39E4A-28F2-33B1-B9B7-97F24E52D917}" = Microsoft Help Viewer 1.0 "{4815BD99-96A4-49FE-A885-DCF06E9E4E78}" = Microsoft SQL Server 2008 Database Engine Shared "{497A1721-088F-41EF-8876-B43C9DA5528B}" = ArcSoft Software Suite "{49D687E5-6784-431B-A0A2-2F23B8CC5A1B}" = mHlpDell "{4A6F34E2-09E5-4616-B227-4A26A488A6F9}" = Microsoft SQL Server 2008 Common Files "{4E968D9C-21A7-4915-B698-F7AEB913541D}" = Microsoft SQL Server 2008 R2 Management Objects "{4F2FCCCF-29F3-44B9-886F-6D16F8417522}" = TurboTax 2010 wrapper "{4F44B5AE-82A6-4A8A-A3E3-E24D489728E3}" = Microsoft SQL Server 2008 Native Client "{52504CE6-E909-4113-B232-4AFEC6543A61}" = Broadcom 440x 10/100 Integrated Controller "{578145B3-3831-4D85-BB53-4A9D90F821DE}" = WebEx Recorder and Player "{58721EC3-8D4E-4B79-BC51-1054E2DDCD10}" = Microsoft SQL Server 2008 Database Engine Services "{5B30AA25-BF39-4BE4-8FEE-51938BAB214D}" = TurboTax 2008 wcaiper "{63DB9CCD-2B56-4217-9A3D-507AC78320CA}" = mWMI "{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update "{6A86554B-8928-30E4-A53C-D7337689134D}" = Microsoft Visual C++ 2010 x86 Runtime - 10.0.30319 "{6CDEAD7E-F8D8-37F7-AB6F-1E22716E30F3}" = Microsoft Visual Studio Macro Tools "{6ED37A91-7710-3183-BE50-AB043FF6689E}" = Microsoft Team Foundation Server 2010 Object Model - ENU "{70632C41-BDAC-4128-9FBF-287F9FF53DE5}" = TurboTax 2010 wiliper "{71C97545-E547-4A8B-B0C8-61FF853270AC}" = PaperPort "{729A3000-BC8A-3B74-BA5D-5068FE12D70C}" = Microsoft Visual F# 2.0 Runtime "{7570F1CA-016D-46AC-B586-CD74645EFB52}" = TurboTax 2008 WinPerFedFormset "{78C3657E-742C-40B1-9F53-E5A921D40F17}" = Microsoft SQL Server 2008 R2 Transact-SQL Language Service "{829CD169-E692-48E8-9BDE-A3E8D8B65538}" = mSCfg "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{87FF0E39-8490-4EB4-A557-FF12F712EF7E}" = TurboTax 2010 wcaiper "{88214092-836F-4E22-A5AC-569AC9EE6A0F}" = TurboTax 2008 WinPerReleaseEngine "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8B928BA1-EDEC-4227-A2DA-DD83026C36F5}" = mPfMgr "{900B1197-53F5-4F46-A882-2CFFFE2EEDCB}" = Logitech Desktop Messenger "{90B0D222-8C21-4B35-9262-53B042F18AF9}" = mPfWiz "{91130409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Basic Edition 2003 "{9455959E-D588-EFAE-329C-F66CC797F32A}" = Adobe Media Player "{94658027-9F16-4509-BBD7-A59FE57C3023}" = mZConfig "{95120000-0052-0409-0000-0000000FF1CE}" = Microsoft Office Visio Viewer 2007 "{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting "{97CE8B73-AA5A-4987-A1BE-50DD1A187478}" = Microsoft Sync Framework SDK v1.0 SP1 "{9932886E-7874-4BA1-A1AA-E61EA5A9352D}" = Logitech QuickCam "{9A9DBEBC-C800-4776-A970-D76D6AA405B1}" = PHOTOfunSTUDIO -viewer- "{A0F925BF-5C55-44C2-A4E7-5A4C59791C29}" = mDriver "{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR "{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2 "{A4089B20-34E1-4331-BB0F-2FC76D0F3EB4}" = Quest Software Toad for MySQL Freeware 5.0 "{A429C2AE-EBF1-4F81-A221-1C115CAADDAD}" = QuickTime "{A462213D-EED4-42C2-9A60-7BDD4D4B0B17}" = SigmaTel Audio "{A525E00B-6609-442E-9DCD-64453C233E8D}" = TurboTax 2010 WinPerReleaseEngine "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{AADEA55D-C834-4BCB-98A3-4B8D1C18F4EE}" = Apple Mobile Device Support "{AC41D924-8C68-4BD5-A7A1-0AE4176C31A6}" = Crystal Reports for Visual Studio "{AC76BA86-7AD7-1033-7B44-A93000000001}" = Adobe Reader 9.3.2 "{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9 "{ACE28263-76A4-4BF5-B6F4-8BD719595969}" = Microsoft SQL Server Database Publishing Wizard 1.4 "{B1102A25-3AA3-446B-AA0F-A699B07A02FD}" = Garmin USB Drivers "{B1DB1AD8-C07E-4052-81A1-D2930232BA70}" = TurboTax 2008 wrapper "{B23726CF-68BF-41A6-A4EB-72F12F87FE05}" = TurboTax 2008 WinPerTaxSupport "{B3C9A441-C34D-40F3-9D3B-00EDDDAC74F1}" = Garmin Communicator Plugin "{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy "{B5153233-9AEE-4CD4-9D2C-4FAAC870DBE2}" = Microsoft SQL Server 2008 Database Engine Services "{B7E38540-E355-3503-AFD7-635B2F2F76E1}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974 "{B857D868-F8B0-43EE-BC2B-D9E5ED21F237}" = Microsoft SQL Server VSS Writer "{BEF726DD-4037-4214-8C6A-E625C02D2870}" = Logitech Audio Echo Cancellation Component "{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2 "{C688457E-03FD-4941-923B-A27F4D42A7DD}" = Microsoft SQL Server 2008 Browser "{C6DD625F-4B61-4561-8286-87CA0275CEA1}" = Microsoft Sync Framework Runtime v1.0 SP1 (x86) "{C965F01C-76EA-4BD7-973E-46236AE312D7}" = Sql Server Customer Experience Improvement Program "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{CF40ACC5-E1BB-4aff-AC72-04C2F616BCA7}" = getPlus® for Adobe "{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}" = Microsoft .NET Framework 4 Multi-Targeting Pack "{D441BD04-E548-4F8E-97A4-1B66135BAAA8}" = Microsoft SQL Server 2008 Setup Support Files "{D6B15AE6-B052-363E-B6BB-C4714CBA6509}" = Microsoft Visual Studio 2010 Professional - ENU "{D78653C3-A8FF-415F-92E6-D774E634FF2D}" = Dell ResourceCD "{D87149B3-7A1D-4548-9CBF-032B791E5908}" = Desktop Doctor "{DA34FE93-5DC5-48E0-ACC8-A5389E05BB51}" = iTunes "{DC3D6AFB-78B4-489F-81D7-30B66E0C2417}" = Microsoft Sync Services for ADO.NET v2.0 SP1 (x86) "{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}" = Ad-Aware "{E0783143-EAE2-4047-A8D6-E155523C594C}" = Garmin WebUpdater "{E5AE9031-79A5-4627-9641-BEFA82819B08}" = Microsoft SQL Server 2008 R2 Data-Tier Application Project "{E6B87DC4-2B3D-4483-ADFF-E483BF718991}" = OpenOffice.org 3.1 "{E6D9BC25-0DBC-4368-8E4A-7DEE80661CD9}" = TurboTax 2008 WinPerProgramHelp "{E81667C6-2856-46D6-ABEA-6A2F42166779}" = mCore "{EA516024-D84D-41F1-814F-83175A6188F2}" = Logitech Video Enumerator "{F0BFC7EF-9CF8-44EE-91B0-158884CD87C5}" = mMHouse "{F0F563C4-D4AD-41C4-A8A6-26664C027D11}" = Brother MFL-Pro Suite "{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729) "{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01 "{F3494AB6-6900-41C6-AF57-823626827ED8}" = Microsoft SQL Server 2008 Database Engine Shared "{F4F4F84E-804F-4E9A-84D7-C34283F0088F}" = RealUpgrade 1.0 "{F6090A17-0967-4A8A-B3C3-422A1B514D49}" = mDrWiFi "{F990B526-8F7C-46E0-B1F1-6C893A8B478F}" = Microsoft Sync Framework Services v1.0 SP1 (x86) "{FCA651F3-5BDA-4DDA-9E4A-5D87D6914CC4}" = mWlsSafe "4569969E1360D2854474C661EF9B4D54F143EB16" = Windows Driver Package - Ricoh Company (rimsptsk) hdc (11/14/2006 6.00.01.04) "45A7283175C62FAC673F913C1F532C5361F97841" = Windows Driver Package - Garmin (grmnusb) GARMIN Devices (03/08/2007 2.2.1.0) "Ad-Aware" = Ad-Aware "Adobe AIR" = Adobe AIR "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "Adobe Shockwave Player" = Adobe Shockwave Player 11.5 "Coupon Printer for Windows5.0.0.0" = Coupon Printer for Windows "GoToAssist" = GoToAssist 8.0.0.514 "HDMI" = Intel® Graphics Media Accelerator Driver "IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs "IE4Dev" = Microsoft Script Debugger "ie7" = Windows Internet Explorer 7 "ie8" = Windows Internet Explorer 8 "InstallShield_{52504CE6-E909-4113-B232-4AFEC6543A61}" = Broadcom 440x 10/100 Integrated Controller "Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended "Microsoft Help Viewer 1.0" = Microsoft Help Viewer 1.0 "Microsoft SQL Server 10" = Microsoft SQL Server 2008 "Microsoft SQL Server 10 Release" = Microsoft SQL Server 2008 "Microsoft Team Foundation Server 2010 Object Model - ENU" = Microsoft Team Foundation Server 2010 Object Model - ENU "Microsoft Visual Studio 2010 Professional - ENU" = Microsoft Visual Studio 2010 Professional - ENU "Microsoft Visual Studio 2010 Tools for Office Runtime (x86)" = Microsoft Visual Studio 2010 Tools for Office Runtime (x86) "Microsoft Visual Studio Macro Tools" = Microsoft Visual Studio Macro Tools "Mozilla Firefox (2.0.0.20)" = Mozilla Firefox (2.0.0.20) "NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs "NSS" = Norton Security Scan "NST" = Norton Safe Web Lite "Picasa 3" = Picasa 3 "ProInst" = Intel® PROSet/Wireless Software "QcDrv" = Logitech® Camera Driver "RealPlayer 12.0" = RealPlayer "SynTPDeinstKey" = Synaptics Pointing Device Driver "The Weather Channel Desktop 6" = The Weather Channel Desktop 6 "TurboTax 2008" = TurboTax 2008 "TurboTax 2009" = TurboTax 2009 "TurboTax 2010" = TurboTax 2010 "Uninstall_is1" = Uninstall 1.0.0.1 "Windows XP Service Pack" = Windows XP Service Pack 3 "Yahoo! Companion" = Yahoo! Toolbar "Yahoo! Messenger" = Yahoo! Messenger "Yahoo! Software Update" = Yahoo! Software Update ========== HKEY_USERS Uninstall List ========== [HKEY_USERS\S-1-5-21-2025429265-963894560-1801674531-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "Google Chrome" = Google Chrome ========== Last 10 Event Log Errors ========== [ Application Events ] Error - 4/4/2011 1:13:26 AM | Computer Name = SUNISHKAR | Source = Application Hang | ID = 1002 Description = Hanging application bdi.exe, version 0.0.0.0, hang module hungapp, version 0.0.0.0, hang address 0x00000000. Error - 4/4/2011 1:14:46 AM | Computer Name = SUNISHKAR | Source = Application Hang | ID = 1002 Description = Hanging application bdi.exe, version 0.0.0.0, hang module hungapp, version 0.0.0.0, hang address 0x00000000. Error - 4/4/2011 1:20:16 AM | Computer Name = SUNISHKAR | Source = Application Hang | ID = 1002 Description = Hanging application bdi.exe, version 0.0.0.0, hang module hungapp, version 0.0.0.0, hang address 0x00000000. Error - 4/5/2011 12:55:32 AM | Computer Name = SUNISHKAR | Source = Application Hang | ID = 1002 Description = Hanging application bdi.exe, version 0.0.0.0, hang module hungapp, version 0.0.0.0, hang address 0x00000000. Error - 4/9/2011 6:08:27 PM | Computer Name = SUNISHKAR | Source = crypt32 | ID = 131083 Description = Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file. Error - 4/9/2011 6:08:27 PM | Computer Name = SUNISHKAR | Source = crypt32 | ID = 131083 Description = Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file. Error - 4/9/2011 6:43:33 PM | Computer Name = SUNISHKAR | Source = Lavasoft Ad-Aware Service | ID = 0 Description = Error - 4/9/2011 6:43:45 PM | Computer Name = SUNISHKAR | Source = Lavasoft Ad-Aware Service | ID = 0 Description = Error - 4/9/2011 9:02:09 PM | Computer Name = SUNISHKAR | Source = Lavasoft Ad-Aware Service | ID = 0 Description = Error - 4/10/2011 5:51:06 PM | Computer Name = SUNISHKAR | Source = Application Hang | ID = 1002 Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module hungapp, version 0.0.0.0, hang address 0x00000000. [ System Events ] Error - 4/9/2011 1:51:18 PM | Computer Name = SUNISHKAR | Source = DCOM | ID = 10005 Description = DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF} Error - 4/9/2011 2:45:46 PM | Computer Name = SUNISHKAR | Source = DCOM | ID = 10005 Description = DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF} Error - 4/9/2011 2:46:46 PM | Computer Name = SUNISHKAR | Source = Service Control Manager | ID = 7026 Description = The following boot-start or system-start driver(s) failed to load: Fips intelppm mfehidk OMCI Error - 4/9/2011 3:04:28 PM | Computer Name = SUNISHKAR | Source = DCOM | ID = 10005 Description = DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF} Error - 4/9/2011 3:05:50 PM | Computer Name = SUNISHKAR | Source = DCOM | ID = 10005 Description = DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF} Error - 4/9/2011 3:06:55 PM | Computer Name = SUNISHKAR | Source = Service Control Manager | ID = 7026 Description = The following boot-start or system-start driver(s) failed to load: Fips intelppm mfehidk ohci1394 OMCI Error - 4/9/2011 4:41:32 PM | Computer Name = SUNISHKAR | Source = DCOM | ID = 10005 Description = DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF} Error - 4/9/2011 11:37:54 PM | Computer Name = SUNISHKAR | Source = Service Control Manager | ID = 7026 Description = The following boot-start or system-start driver(s) failed to load: Fips intelppm mfehidk OMCI SASDIFSV SASKUTIL Error - 4/9/2011 11:41:51 PM | Computer Name = SUNISHKAR | Source = DCOM | ID = 10005 Description = DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF} Error - 4/10/2011 10:56:24 AM | Computer Name = SUNISHKAR | Source = DCOM | ID = 10005 Description = DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF} < End of report >
  2. OTL file :- OTL logfile created on: 4/10/2011 3:00:20 PM - Run 1 OTL by OldTimer - Version 3.2.22.3 Folder = C:\Documents and Settings\sunikar\Desktop Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 1,014.00 Mb Total Physical Memory | 93.00 Mb Available Physical Memory | 9.00% Memory free 2.00 Gb Paging File | 1.00 Gb Available in Paging File | 58.00% Paging File free Paging file location(s): C:\pagefile.sys 1524 3048 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 62.48 Gb Total Space | 1.62 Gb Free Space | 2.59% Space Free | Partition Type: NTFS Drive D: | 10.00 Gb Total Space | 9.36 Gb Free Space | 93.60% Space Free | Partition Type: NTFS Computer Name: SUNISHKAR | User Name: sunikar | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Quick Scan Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2011/04/10 14:56:46 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\sunikar\Desktop\OTL.exe PRC - [2011/04/07 00:58:47 | 001,192,240 | ---- | M] (Lavasoft Limited) -- C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe PRC - [2011/04/07 00:58:39 | 001,753,048 | ---- | M] (Lavasoft Limited) -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe PRC - [2011/01/25 18:42:10 | 000,083,440 | ---- | M] (Google) -- C:\Documents and Settings\sunikar\Local Settings\Application Data\Google\Google Talk Plugin\googletalkplugin.exe PRC - [2010/11/23 19:21:18 | 000,130,000 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton Safe Web Lite\Engine\1.2.0.7\ccSvcHst.exe PRC - [2010/10/27 20:17:52 | 000,207,424 | ---- | M] (ArcSoft Inc.) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe PRC - [2010/10/19 12:27:33 | 000,134,808 | ---- | M] (Google Inc.) -- C:\Documents and Settings\sunikar\Local Settings\Application Data\Google\Update\1.2.183.39\GoogleCrashHandler.exe PRC - [2010/08/25 11:27:44 | 000,309,824 | -H-- | M] (ArcSoft Inc.) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac PRC - [2010/08/23 21:21:40 | 000,013,672 | ---- | M] (Intuit Inc.) -- C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe PRC - [2010/04/16 11:25:18 | 000,818,288 | ---- | M] (The Weather Channel Interactive, Inc.) -- C:\Program Files\The Weather Channel FW\Desktop\DesktopWeather.exe PRC - [2010/03/18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe PRC - [2010/03/12 11:54:41 | 000,202,256 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Common Files\Real\Update_OB\realsched.exe PRC - [2010/01/21 17:27:44 | 009,136,960 | ---- | M] (Western Digital) -- C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe PRC - [2010/01/21 17:27:42 | 002,057,536 | ---- | M] (WDC) -- C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe PRC - [2010/01/21 17:24:08 | 000,110,592 | ---- | M] (WDC) -- C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe PRC - [2009/06/16 09:58:08 | 000,020,480 | ---- | M] (Memeo) -- C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe PRC - [2008/11/09 13:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe PRC - [2008/05/27 19:35:30 | 000,040,960 | ---- | M] (Matsushita Electric Industrial Co., Ltd.) -- C:\Program Files\Panasonic\PHOTOfunSTUDIO -viewer-\PhAutoRun.exe PRC - [2008/04/24 11:26:18 | 000,202,560 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\Comcast\Desktop Doctor\bin\sprtsvc.exe PRC - [2008/04/24 11:25:22 | 000,202,560 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\Comcast\Desktop Doctor\bin\sprtcmd.exe PRC - [2008/04/13 17:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2007/10/08 15:18:04 | 000,995,328 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\ZCfgSvc.exe PRC - [2007/10/08 15:15:50 | 000,356,352 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\WLKEEPER.exe PRC - [2007/10/08 15:13:36 | 001,101,824 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\iFrmewrk.exe PRC - [2007/10/08 15:09:26 | 000,659,456 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe PRC - [2007/05/10 11:23:50 | 000,094,208 | ---- | M] (SigmaTel, Inc.) -- C:\Program Files\SigmaTel\C-Major Audio\DellXPM_5515v131\WDM\stacsv.exe PRC - [2007/02/13 11:42:50 | 000,109,344 | ---- | M] (Logitech Inc.) -- c:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe PRC - [2007/01/01 14:22:02 | 003,739,648 | ---- | M] (Google) -- C:\Program Files\Google\Google Talk\googletalk.exe PRC - [2005/09/08 11:06:20 | 000,094,208 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe PRC - [2003/05/29 19:18:42 | 000,380,928 | ---- | M] () -- C:\Program Files\NETGEAR\MA521 Configuration Utility\wlancfg5.exe PRC - [1999/02/28 02:32:52 | 000,124,200 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mdm.exe ========== Modules (SafeList) ========== MOD - [2011/04/10 14:56:46 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\sunikar\Desktop\OTL.exe MOD - [2010/08/23 09:12:02 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll MOD - [2007/04/19 12:21:40 | 000,116,264 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\Comcast\Desktop Doctor\bin\sprthook.dll MOD - [2007/02/13 11:42:38 | 000,092,960 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcInj.dll ========== Win32 Services (SafeList) ========== SRV - File not found [On_Demand | Stopped] -- -- (AppMgmt) SRV - [2011/04/07 00:58:39 | 001,753,048 | ---- | M] (Lavasoft Limited) [Auto | Running] -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe -- (Lavasoft Ad-Aware Service) SRV - [2010/11/23 19:21:18 | 000,130,000 | R--- | M] (Symantec Corporation) [unknown | Running] -- C:\Program Files\Norton Safe Web Lite\Engine\1.2.0.7\ccSvcHst.exe -- (NSL) SRV - [2010/08/23 21:21:40 | 000,013,672 | ---- | M] (Intuit Inc.) [Auto | Running] -- C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe -- (IntuitUpdateService) SRV - [2010/03/18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [Auto | Running] -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon) SRV - [2010/01/21 17:24:08 | 000,110,592 | ---- | M] (WDC) [Auto | Running] -- C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe -- (WDDMService) SRV - [2009/12/17 15:37:00 | 000,067,360 | ---- | M] (NOS Microsystems Ltd.) [On_Demand | Stopped] -- C:\Program Files\NOS\bin\getPlus_Helper.dll -- (getPlusHelper) getPlus® SRV - [2009/06/16 09:58:08 | 000,020,480 | ---- | M] (Memeo) [Auto | Running] -- C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe -- (WDSmartWareBackgroundService) SRV - [2009/03/18 11:54:08 | 000,016,680 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) [Disabled | Stopped] -- C:\Program Files\Citrix\GoToAssist\514\g2aservice.exe -- (GoToAssist) SRV - [2008/11/09 13:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService) SRV - [2008/04/24 11:26:18 | 000,202,560 | ---- | M] (SupportSoft, Inc.) [Auto | Running] -- C:\Program Files\Comcast\Desktop Doctor\bin\sprtsvc.exe -- (sprtsvc_ddoctorv2) SupportSoft Sprocket Service (ddoctorv2) SRV - [2007/10/08 15:15:50 | 000,356,352 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Wireless\Bin\WLKEEPER.exe -- (WLANKEEPER) Intel® SRV - [2007/05/10 11:23:50 | 000,094,208 | ---- | M] (SigmaTel, Inc.) [Auto | Running] -- C:\Program Files\SigmaTel\C-Major Audio\DellXPM_5515v131\WDM\stacsv.exe -- (STacSV) SRV - [2007/02/13 11:44:34 | 000,105,248 | ---- | M] (Logitech Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe -- (LVSrvLauncher) SRV - [2007/02/13 11:42:50 | 000,109,344 | ---- | M] (Logitech Inc.) [Auto | Running] -- c:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe -- (LVPrcSrv) ========== Driver Services (SafeList) ========== DRV - [2011/04/01 00:22:02 | 000,064,512 | ---- | M] (Lavasoft AB) [File_System | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\Lbd.sys -- (Lbd) DRV - [2011/04/01 00:22:01 | 000,015,232 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Program Files\Lavasoft\Ad-Aware\kernexplorer.sys -- (Lavasoft Kernexplorer) DRV - [2010/05/10 11:41:30 | 000,067,656 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Documents and Settings\sunikar\Local Settings\Temp\SAS_SelfExtract\saskutil.sys -- (SASKUTIL) DRV - [2010/04/30 15:09:44 | 000,020,096 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Motive\MRESP50.sys -- (MRESP50) DRV - [2010/04/30 15:09:22 | 000,021,248 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Motive\MREMP50.sys -- (MREMP50) DRV - [2010/02/17 11:25:48 | 000,012,872 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Documents and Settings\sunikar\Local Settings\Temp\SAS_SelfExtract\sasdifsv.sys -- (SASDIFSV) DRV - [2009/09/16 08:22:48 | 000,214,664 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\mfehidk.sys -- (mfehidk) DRV - [2009/09/16 08:22:48 | 000,079,816 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mfeavfk.sys -- (mfeavfk) DRV - [2009/09/16 08:22:48 | 000,040,552 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mfesmfk.sys -- (mfesmfk) DRV - [2009/09/16 08:22:48 | 000,035,272 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mfebopk.sys -- (mfebopk) DRV - [2009/09/16 08:22:14 | 000,034,248 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mferkdk.sys -- (mferkdk) DRV - [2009/03/30 03:09:28 | 000,239,336 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\RsFx0103.sys -- (RsFx0103) DRV - [2009/02/13 12:02:52 | 000,011,520 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wdcsam.sys -- (WDC_SAM) DRV - [2007/09/26 07:01:32 | 002,236,032 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NETw4x32.sys -- (NETw4x32) Intel® DRV - [2007/08/27 12:10:36 | 000,012,288 | ---- | M] (Intel Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\s24trans.sys -- (s24trans) DRV - [2007/05/10 11:24:34 | 001,222,840 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sthda.sys -- (STHDA) DRV - [2007/02/13 11:42:28 | 000,025,632 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LVPr2Mon.sys -- (LVPr2Mon) DRV - [2007/02/13 11:42:04 | 001,964,064 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LVMVdrv.sys -- (LVMVDrv) DRV - [2007/02/13 11:39:54 | 001,691,808 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Lvckap.sys -- (LVcKap) DRV - [2007/02/09 00:24:00 | 001,939,488 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\lvuvc.sys -- (LVUVC) QuickCam for Dell Notebooks(UVC) DRV - [2007/02/09 00:24:00 | 000,041,504 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LVUSBSta.sys -- (LVUSBSta) DRV - [2007/02/09 00:24:00 | 000,022,560 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\lvuvcflt.sys -- (FilterService) DRV - [2007/02/09 00:23:00 | 000,066,848 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\lvselsus.sys -- (lvselsus) DRV - [2007/02/09 00:22:00 | 001,507,232 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lvpopflt.sys -- (lvpopflt) DRV - [2006/11/15 01:16:24 | 000,032,256 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\rimmptsk.sys -- (rimmptsk) DRV - [2006/11/14 20:42:46 | 000,043,520 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\rimsptsk.sys -- (rimsptsk) DRV - [2006/11/14 18:35:20 | 000,037,376 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\rixdptsk.sys -- (rismxdp) DRV - [2005/02/23 14:58:56 | 000,011,776 | ---- | M] (Arcsoft, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\afc.sys -- (Afc) DRV - [2004/05/26 16:18:18 | 000,044,928 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\bcm4sbxp.sys -- (bcm4sbxp) DRV - [2001/08/22 09:42:58 | 000,013,632 | ---- | M] (Dell Computer Corporation) [Kernel | System | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\OMCI.SYS -- (OMCI) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-2025429265-963894560-1801674531-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie'>http://www.google.com/ie IE - HKU\S-1-5-21-2025429265-963894560-1801674531-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com IE - HKU\S-1-5-21-2025429265-963894560-1801674531-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.att.net IE - HKU\S-1-5-21-2025429265-963894560-1801674531-1004\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie'>http://www.google.com/ie IE - HKU\S-1-5-21-2025429265-963894560-1801674531-1004\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie'>http://www.google.com/ie IE - HKU\S-1-5-21-2025429265-963894560-1801674531-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1 ========== FireFox ========== FF - HKLM\software\mozilla\Firefox\extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2010/03/12 11:56:06 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Firefox\extensions\\{E5886C91-CDD7-4832-B32D-0830705A9C60}: C:\WINDOWS\system32\5011 [2011/03/10 20:35:53 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Firefox\extensions\\{203FB6B2-2E1E-4474-863B-4C483ECCE78E}: C:\Documents and Settings\All Users\Application Data\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_1.2.0.7\coFFNST\ [2011/04/09 15:08:50 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 2.0.0.20\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/03/22 17:28:49 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 2.0.0.20\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/02/19 10:04:21 | 000,000,000 | ---D | M] [2009/06/10 12:41:15 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\sunikar\Application Data\Mozilla\Extensions [2011/02/20 18:09:13 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\sunikar\Application Data\Mozilla\Firefox\Profiles\vguevptr.default\extensions [2009/08/16 07:04:07 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\sunikar\Application Data\Mozilla\Firefox\Profiles\vguevptr.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2011/02/20 18:09:12 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Documents and Settings\sunikar\Application Data\Mozilla\Firefox\Profiles\vguevptr.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c} [2009/03/18 17:28:08 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Documents and Settings\sunikar\Application Data\Mozilla\Firefox\Profiles\vguevptr.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1} [2009/04/13 10:51:43 | 000,000,000 | ---D | M] (XHTML Mobile Profile) -- C:\Documents and Settings\sunikar\Application Data\Mozilla\Firefox\Profiles\vguevptr.default\extensions\{8ea9957e-2953-402f-80e0-bceb5f169d6f} [2009/12/24 20:19:56 | 000,000,000 | ---D | M] (wmlbrowser) -- C:\Documents and Settings\sunikar\Application Data\Mozilla\Firefox\Profiles\vguevptr.default\extensions\{c4dc572a-3295-40eb-b30f-b54aa4cdc4b7} [2009/03/18 14:42:49 | 000,000,000 | ---D | M] (Adobe DLM (powered by getPlus®)) -- C:\Documents and Settings\sunikar\Application Data\Mozilla\Firefox\Profiles\vguevptr.default\extensions\{CF40ACC5-E1BB-4aff-AC72-04C2F616BCA7} [2009/04/13 10:51:44 | 000,000,000 | ---D | M] (EWOQ Mobile Setup extension) -- C:\Documents and Settings\sunikar\Application Data\Mozilla\Firefox\Profiles\vguevptr.default\extensions\{f035aa18-ee32-4e6e-81d2-57e32867f8a7} [2011/02/06 00:30:02 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions [2009/09/14 06:23:13 | 000,000,000 | ---D | M] (Talkback) -- C:\Program Files\Mozilla Firefox\extensions\talkback@mozilla.org [2010/03/12 11:56:06 | 000,000,000 | ---D | M] (RealPlayer Browser Record Plugin) -- C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\REAL\REALPLAYER\BROWSERRECORDPLUGIN\FIREFOX\EXT [2009/03/26 12:19:16 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF [2011/03/10 20:35:53 | 000,000,000 | ---D | M] (Java String Helper) -- C:\WINDOWS\SYSTEM32\5011 [2008/12/17 14:59:30 | 000,067,688 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\jar50.dll [2008/12/17 14:59:31 | 000,054,368 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\jsd3250.dll [2008/12/17 14:59:32 | 000,034,944 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\myspell.dll [2008/12/17 14:59:33 | 000,046,712 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\spellchk.dll [2008/12/17 14:59:35 | 000,172,136 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\xpinstal.dll [2009/11/19 15:16:28 | 000,091,552 | ---- | M] (Coupons, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npCouponPrinter.dll [2009/11/19 15:16:29 | 000,091,552 | ---- | M] (Coupons, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npMozCouponPrinter.dll Hosts file not found O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.) O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer) O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.6209.1142\swg.dll (Google Inc.) O2 - BHO: (Norton Safe Web Lite BHO) - {F0DA78E9-6B60-42fb-BC26-EF2CFB8C8FF3} - C:\Program Files\Norton Safe Web Lite\Engine\1.2.0.7\CoIEPlg.dll (Symantec Corporation) O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (Yahoo! Inc) O3 - HKLM\..\Toolbar: (Norton Safe Web Lite) - {30CEEEA2-3742-40e4-85DD-812BF1CBB83D} - C:\Program Files\Norton Safe Web Lite\Engine\1.2.0.7\CoIEPlg.dll (Symantec Corporation) O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.) O3 - HKU\S-1-5-21-2025429265-963894560-1801674531-1004\..\Toolbar\WebBrowser: (Norton Safe Web Lite) - {30CEEEA2-3742-40E4-85DD-812BF1CBB83D} - C:\Program Files\Norton Safe Web Lite\Engine\1.2.0.7\CoIEPlg.dll (Symantec Corporation) O3 - HKU\S-1-5-21-2025429265-963894560-1801674531-1004\..\Toolbar\WebBrowser: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.) O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.) O4 - HKLM..\Run: [ddoctorv2] C:\Program Files\Comcast\Desktop Doctor\bin\sprtcmd.exe (SupportSoft, Inc.) O4 - HKLM..\Run: [googletalk] C:\Program Files\Google\Google Talk\googletalk.exe (Google) O4 - HKLM..\Run: [intelWireless] C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe (Intel Corporation) O4 - HKLM..\Run: [intelZeroConfig] C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe (Intel Corporation) O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh) O4 - HKLM..\Run: [NWEReboot] File not found O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.) O4 - HKU\S-1-5-21-2025429265-963894560-1801674531-1004..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe (Nero AG) O4 - HKU\S-1-5-21-2025429265-963894560-1801674531-1004..\Run: [Desktop Software] File not found O4 - HKU\S-1-5-21-2025429265-963894560-1801674531-1004..\Run: [DW6] C:\Program Files\The Weather Channel FW\Desktop\DesktopWeather.exe (The Weather Channel Interactive, Inc.) O4 - HKU\S-1-5-21-2025429265-963894560-1801674531-1004..\Run: [Messenger (Yahoo!)] C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.) O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\MA521 Configuration Utility.lnk = C:\Program Files\NETGEAR\MA521 Configuration Utility\wlancfg5.exe () O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\PHOTOfunSTUDIO -viewer-.lnk = C:\Program Files\Panasonic\PHOTOfunSTUDIO -viewer-\PhAutoRun.exe (Matsushita Electric Industrial Co., Ltd.) O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\WDDMStatus.lnk = C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe (WDC) O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\WDSmartWare.lnk = C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe (Western Digital) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: EnableShellExecuteHooks = 1 O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Recovery present O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Recovery present O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Recovery present O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Recovery present O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-2025429265-963894560-1801674531-1004\Software\Policies\Microsoft\Internet Explorer\Recovery present O7 - HKU\S-1-5-21-2025429265-963894560-1801674531-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.) O15 - HKU\S-1-5-21-2025429265-963894560-1801674531-1004\..Trusted Domains: intuit.com ([ttlc] https in Trusted sites) O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab (Facebook Photo Uploader 5 Control) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13) O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.) O16 - DPF: {A1662FB6-39BE-41BB-ACDC-0448FB1B5817} http://images3.pnimedia.com/ProductAssets/costcous/activex/v3_0_0_5/PhotoCenter_ActiveX_Control.cab (Photo Upload Plugin Class) O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13) O16 - DPF: {E0FEE963-BB53-4215-81AD-B28C77384644} https://pattcw.att.motive.com/wizlet/DSLActivation/static/installer/ATTInternetInstaller.cab (WebBrowserType Class) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.10.1 O18 - Protocol\Handler\bwfile-8876480 {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll (Logitech Inc.) O18 - Protocol\Handler\HTLFP {03B7A5D4-96B0-4316-95F8-072D326A58F1} - Reg Error: Key error. File not found O18 - Protocol\Handler\vfsp - No CLSID value found O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - Winlogon\Notify\GoToAssist: DllName - C:\Program Files\Citrix\GoToAssist\514\G2AWinLogon.dll - C:\Program Files\Citrix\GoToAssist\514\g2awinlogon.dll (Citrix Online, a division of Citrix Systems, Inc.) O28 - HKLM ShellExecuteHooks: {A5949E07-8536-4625-A3D0-2DD83F559990} - File not found O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009/03/18 11:57:56 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O33 - MountPoints2\{ee3b5ce4-fb56-11df-a819-00188bca0ea8}\Shell - "" = AutoRun O33 - MountPoints2\{ee3b5ce4-fb56-11df-a819-00188bca0ea8}\Shell\AutoRun - "" = Auto&Play O33 - MountPoints2\{ee3b5ce4-fb56-11df-a819-00188bca0ea8}\Shell\AutoRun\command - "" = "F:\WD SmartWare.exe" autoplay=true O34 - HKLM BootExecute: (autocheck autochk *) - File not found O34 - HKLM BootExecute: (lsdelete) - C:\WINDOWS\System32\lsdelete.exe () O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* NetSvcs: 6to4 - File not found NetSvcs: AppMgmt - File not found NetSvcs: Ias - File not found NetSvcs: Iprip - File not found NetSvcs: Irmon - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: WmdmPmSp - File not found Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation) Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS) Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.) Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.) Drivers32: MSVideo - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation) Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation) Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.) Drivers32: VIDC.I420 - C:\WINDOWS\System32\lvcodec2.dll (Logitech Inc.) Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll () Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll () Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation) Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation) CREATERESTOREPOINT Restore point Set: OTL Restore Point (17746478449557504) ========== Files/Folders - Created Within 30 Days ========== [2011/04/10 14:56:44 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\sunikar\Desktop\OTL.exe [2011/04/09 18:02:27 | 000,064,512 | ---- | C] (Lavasoft AB) -- C:\WINDOWS\System32\drivers\Lbd.sys [2011/04/09 18:01:05 | 000,098,392 | ---- | C] (Sunbelt Software) -- C:\WINDOWS\System32\drivers\SBREDrv.sys [2011/04/09 15:56:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\sunikar\Application Data\SUPERAntiSpyware.com [2011/04/09 15:56:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com [2011/04/09 15:44:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\sunikar\Local Settings\Application Data\Sunbelt Software [2011/04/09 15:37:37 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Application Data\{6A395471-4AA3-4072-AE1B-9B69A97AD164} [2011/04/09 15:35:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Lavasoft [2011/04/09 15:35:06 | 000,000,000 | ---D | C] -- C:\Program Files\Lavasoft [2011/04/09 15:35:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Lavasoft [2011/04/09 15:08:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\NST [2011/04/09 15:08:11 | 000,000,000 | ---D | C] -- C:\Program Files\Norton Safe Web Lite [2011/04/09 15:08:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\NST\0102000.007 [2011/04/09 11:21:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Google Talk [2011/04/09 11:18:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\sunikar\Application Data\Dealio [2011/04/09 11:18:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\MySQL [2011/04/09 11:18:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Quest Software [2011/04/09 11:16:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\DVDVideoSoft [2011/04/09 10:58:35 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\sunikar\Recent [2011/04/09 08:56:01 | 000,000,000 | ---D | C] -- C:\Config.Msi [2011/04/04 08:32:32 | 000,000,000 | ---D | C] -- C:\Qoobox [2011/04/01 21:57:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\bDk06504oKdKp06504 [2011/04/01 20:36:15 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Live Safety Center [2011/03/28 16:15:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\sunikar\Desktop\US trip [5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [1 C:\WINDOWS\System32\drivers\*.tmp files -> C:\WINDOWS\System32\drivers\*.tmp -> ] [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [1 C:\Documents and Settings\sunikar\My Documents\*.tmp files -> C:\Documents and Settings\sunikar\My Documents\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2011/04/10 14:56:46 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\sunikar\Desktop\OTL.exe [2011/04/10 14:49:34 | 000,000,472 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job [2011/04/10 14:49:01 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job [2011/04/10 14:49:01 | 000,000,282 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-2025429265-963894560-1801674531-1004.job [2011/04/10 14:49:00 | 000,000,280 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-2025429265-963894560-1801674531-1005.job [2011/04/10 14:48:52 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2011/04/10 14:48:33 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\drivers\lvuvc.hs [2011/04/10 08:27:08 | 000,000,290 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-2025429265-963894560-1801674531-1004.job [2011/04/10 00:55:45 | 000,001,324 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat [2011/04/09 20:36:23 | 000,562,804 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2011/04/09 20:36:22 | 000,110,212 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2011/04/09 20:32:00 | 000,000,986 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-2025429265-963894560-1801674531-1004UA.job [2011/04/09 19:37:01 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job [2011/04/09 18:00:58 | 000,098,392 | ---- | M] (Sunbelt Software) -- C:\WINDOWS\System32\drivers\SBREDrv.sys [2011/04/09 15:37:31 | 000,000,885 | ---- | M] () -- C:\Documents and Settings\sunikar\Application Data\Microsoft\Internet Explorer\Quick Launch\Ad-Aware.lnk [2011/04/09 15:37:31 | 000,000,867 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Ad-Aware.lnk [2011/04/09 14:39:43 | 000,000,474 | -H-- | M] () -- C:\WINDOWS\tasks\Norton Security Scan for sunikar.job [2011/04/09 10:12:07 | 000,000,136 | -H-- | M] () -- C:\Documents and Settings\All Users\Application Data\~19783476r [2011/04/09 10:12:07 | 000,000,104 | -H-- | M] () -- C:\Documents and Settings\All Users\Application Data\~19783476 [2011/04/09 10:11:59 | 000,000,336 | -H-- | M] () -- C:\Documents and Settings\All Users\Application Data\19783476 [2011/04/09 08:33:52 | 000,013,294 | -HS- | M] () -- C:\Documents and Settings\All Users\Application Data\jcl665ep0rnlp562hps [2011/04/09 08:32:54 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2011/04/07 00:59:03 | 000,016,432 | ---- | M] () -- C:\WINDOWS\System32\lsdelete.exe [2011/04/04 22:45:28 | 000,013,404 | -HS- | M] () -- C:\Documents and Settings\sunikar\Local Settings\Application Data\jcl665ep0rnlp562hps [2011/04/04 08:30:28 | 003,894,702 | -H-- | M] () -- C:\Documents and Settings\sunikar\Desktop\ComboFix.zip [2011/04/03 12:32:00 | 000,000,934 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-2025429265-963894560-1801674531-1004Core.job [2011/04/01 22:33:23 | 001,228,854 | ---- | M] () -- C:\fsqwr.bmp [2011/04/01 00:22:02 | 000,064,512 | ---- | M] (Lavasoft AB) -- C:\WINDOWS\System32\drivers\Lbd.sys [2011/03/30 13:07:37 | 000,002,577 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT [2011/03/30 08:09:33 | 000,000,136 | -H-- | M] () -- C:\Documents and Settings\All Users\Application Data\~19980084 [2011/03/30 08:09:32 | 000,000,152 | -H-- | M] () -- C:\Documents and Settings\All Users\Application Data\~19980084r [2011/03/30 08:09:22 | 000,000,336 | -H-- | M] () -- C:\Documents and Settings\All Users\Application Data\19980084 [2011/03/28 20:42:17 | 000,011,258 | -H-- | M] () -- C:\Documents and Settings\sunikar\Desktop\images.jpg [2011/03/24 10:22:18 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK [2011/03/24 06:22:54 | 000,000,678 | ---- | M] () -- C:\WINDOWS\System32\jsaddons.ini [2011/03/24 06:03:47 | 000,000,288 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-2025429265-963894560-1801674531-1005.job [2011/03/20 18:41:38 | 000,002,393 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\TurboTax 2010.lnk [5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [1 C:\WINDOWS\System32\drivers\*.tmp files -> C:\WINDOWS\System32\drivers\*.tmp -> ] [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [1 C:\Documents and Settings\sunikar\My Documents\*.tmp files -> C:\Documents and Settings\sunikar\My Documents\*.tmp -> ] ========== Files Created - No Company Name ========== [2011/04/10 01:56:12 | 000,016,432 | ---- | C] () -- C:\WINDOWS\System32\lsdelete.exe [2011/04/09 16:14:30 | 000,000,472 | ---- | C] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job [2011/04/09 15:37:31 | 000,000,885 | ---- | C] () -- C:\Documents and Settings\sunikar\Application Data\Microsoft\Internet Explorer\Quick Launch\Ad-Aware.lnk [2011/04/09 15:37:31 | 000,000,867 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Ad-Aware.lnk [2011/04/09 15:08:11 | 000,000,172 | ---- | C] () -- C:\WINDOWS\System32\drivers\NST\0102000.007\isolate.ini [2011/04/09 10:12:07 | 000,000,136 | -H-- | C] () -- C:\Documents and Settings\All Users\Application Data\~19783476r [2011/04/09 10:12:06 | 000,000,104 | -H-- | C] () -- C:\Documents and Settings\All Users\Application Data\~19783476 [2011/04/09 10:11:59 | 000,000,336 | -H-- | C] () -- C:\Documents and Settings\All Users\Application Data\19783476 [2011/04/04 08:58:07 | 003,894,702 | -H-- | C] () -- C:\Documents and Settings\sunikar\Desktop\ComboFix.zip [2011/04/02 09:55:24 | 000,013,404 | -HS- | C] () -- C:\Documents and Settings\sunikar\Local Settings\Application Data\jcl665ep0rnlp562hps [2011/04/02 09:55:24 | 000,013,294 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\jcl665ep0rnlp562hps [2011/04/01 22:33:23 | 001,228,854 | ---- | C] () -- C:\fsqwr.bmp [2011/03/30 08:09:32 | 000,000,152 | -H-- | C] () -- C:\Documents and Settings\All Users\Application Data\~19980084r [2011/03/30 08:09:32 | 000,000,136 | -H-- | C] () -- C:\Documents and Settings\All Users\Application Data\~19980084 [2011/03/30 08:09:22 | 000,000,336 | -H-- | C] () -- C:\Documents and Settings\All Users\Application Data\19980084 [2011/03/28 20:42:22 | 000,011,258 | -H-- | C] () -- C:\Documents and Settings\sunikar\Desktop\images.jpg [2011/03/21 21:16:11 | 000,849,608 | -H-- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat [2011/03/02 11:37:54 | 000,000,277 | ---- | C] () -- C:\WINDOWS\System32\vbaddons.ini [2011/03/02 11:16:41 | 000,000,678 | ---- | C] () -- C:\WINDOWS\System32\jsaddons.ini [2011/03/02 11:16:19 | 000,073,728 | ---- | C] () -- C:\WINDOWS\System32\zlib1.dll [2010/12/11 23:17:54 | 000,000,126 | ---- | C] () -- C:\WINDOWS\wininit.ini [2010/12/08 05:25:22 | 000,001,161 | -H-- | C] () -- C:\Documents and Settings\All Users\Application Data\827008272.dat [2010/03/07 21:53:41 | 000,000,151 | ---- | C] () -- C:\WINDOWS\PhotoSnapViewer.INI [2009/11/25 15:59:32 | 000,001,324 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat [2009/08/06 10:16:24 | 000,000,401 | ---- | C] () -- C:\WINDOWS\cdplayer.ini [2009/07/01 06:21:23 | 000,000,000 | ---- | C] () -- C:\WINDOWS\flight4b.INI [2009/07/01 06:19:39 | 000,001,025 | ---- | C] () -- C:\WINDOWS\System32\sysprs7.dll [2009/07/01 06:19:39 | 000,000,205 | ---- | C] () -- C:\WINDOWS\System32\lsprst7.dll [2009/06/29 17:34:00 | 000,000,000 | ---- | C] () -- C:\WINDOWS\flight4a.INI [2009/06/29 16:24:50 | 000,000,083 | ---- | C] () -- C:\WINDOWS\wlrun.ini [2009/06/29 16:24:11 | 000,007,127 | ---- | C] () -- C:\WINDOWS\wrun.ini [2009/06/29 16:17:44 | 000,000,023 | ---- | C] () -- C:\WINDOWS\AQTProductInfo.INI [2009/06/29 15:28:55 | 000,001,370 | ---- | C] () -- C:\WINDOWS\mercury.ini [2009/06/26 17:28:14 | 000,111,932 | ---- | C] () -- C:\WINDOWS\System32\EPPICPrinterDB.dat [2009/06/26 17:28:14 | 000,031,053 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern131.dat [2009/06/26 17:28:14 | 000,027,417 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern121.dat [2009/06/26 17:28:14 | 000,026,154 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern1.dat [2009/06/26 17:28:14 | 000,024,903 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern3.dat [2009/06/26 17:28:14 | 000,021,390 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern5.dat [2009/06/26 17:28:14 | 000,020,148 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern2.dat [2009/06/26 17:28:14 | 000,011,811 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern4.dat [2009/06/26 17:28:14 | 000,004,943 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern6.dat [2009/06/26 17:28:14 | 000,001,146 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_DU.dat [2009/06/26 17:28:14 | 000,001,139 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_PT.dat [2009/06/26 17:28:14 | 000,001,139 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_BP.dat [2009/06/26 17:28:14 | 000,001,136 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_ES.dat [2009/06/26 17:28:14 | 000,001,129 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_FR.dat [2009/06/26 17:28:14 | 000,001,129 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_CF.dat [2009/06/26 17:28:14 | 000,001,120 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_IT.dat [2009/06/26 17:28:14 | 000,001,107 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_GE.dat [2009/06/26 17:28:14 | 000,001,104 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_EN.dat [2009/06/26 17:28:14 | 000,000,097 | ---- | C] () -- C:\WINDOWS\System32\PICSDK.ini [2009/06/12 18:56:50 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini [2009/06/06 11:14:02 | 000,005,120 | ---- | C] () -- C:\Documents and Settings\sunikar\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2009/03/18 17:52:24 | 000,000,419 | ---- | C] () -- C:\WINDOWS\BRWMARK.INI [2009/03/18 17:52:24 | 000,000,027 | ---- | C] () -- C:\WINDOWS\BRPP2KA.INI [2009/03/18 17:51:24 | 000,000,214 | ---- | C] () -- C:\WINDOWS\Brpfx04a.ini [2009/03/18 17:51:24 | 000,000,093 | ---- | C] () -- C:\WINDOWS\brpcfx.ini [2009/03/18 17:51:24 | 000,000,050 | ---- | C] () -- C:\WINDOWS\System32\bridf06a.dat [2009/03/18 17:50:23 | 000,106,496 | ---- | C] () -- C:\WINDOWS\System32\BrMuSNMP.dll [2009/03/18 17:50:23 | 000,000,000 | ---- | C] () -- C:\WINDOWS\brdfxspd.dat [2009/03/18 17:49:23 | 000,027,019 | ---- | C] () -- C:\WINDOWS\maxlink.ini [2009/03/18 16:54:53 | 000,000,488 | ---- | C] () -- C:\WINDOWS\ODBC.INI [2009/03/18 16:07:09 | 000,001,172 | ---- | C] () -- C:\WINDOWS\mozver.dat [2009/03/18 13:11:21 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat [2009/03/18 12:59:20 | 000,051,370 | ---- | C] () -- C:\WINDOWS\System32\lvcoinst.ini [2009/03/18 12:32:58 | 000,376,832 | ---- | C] () -- C:\WINDOWS\System32\AegisI5Installer.exe [2009/03/18 12:11:19 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4814.dll [2009/03/18 12:04:33 | 000,016,480 | ---- | C] () -- C:\WINDOWS\System32\rixdicon.dll [2009/03/18 12:00:06 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat [2009/03/18 11:55:03 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat [2009/03/17 21:54:30 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI [2009/03/17 21:53:15 | 000,148,400 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2007/02/13 11:42:28 | 000,025,632 | ---- | C] () -- C:\WINDOWS\System32\drivers\LVPr2Mon.sys [2007/02/13 11:39:54 | 001,691,808 | ---- | C] () -- C:\WINDOWS\System32\drivers\Lvckap.sys [2005/03/22 13:48:43 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin [2005/03/22 13:48:43 | 000,004,627 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat [2004/08/04 05:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat [2004/08/04 05:00:00 | 000,562,804 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat [2004/08/04 05:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat [2004/08/04 05:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat [2004/08/04 05:00:00 | 000,110,212 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat [2004/08/04 05:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin [2004/08/04 05:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat [2004/08/04 05:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat [2004/08/04 05:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin [2004/08/04 05:00:00 | 000,001,025 | ---- | C] () -- C:\WINDOWS\System32\snngbzg.dll [2004/08/04 05:00:00 | 000,001,025 | ---- | C] () -- C:\WINDOWS\System32\clauth2.dll [2004/08/04 05:00:00 | 000,001,025 | ---- | C] () -- C:\WINDOWS\System32\clauth1.dll [2004/08/04 05:00:00 | 000,001,024 | ---- | C] () -- C:\WINDOWS\System32\grcauth2.dll [2004/08/04 05:00:00 | 000,001,024 | ---- | C] () -- C:\WINDOWS\System32\grcauth1.dll [2004/08/04 05:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat [2004/08/04 05:00:00 | 000,000,342 | ---- | C] () -- C:\WINDOWS\System32\g0r8jf2.dll [2004/08/04 05:00:00 | 000,000,101 | ---- | C] () -- C:\WINDOWS\System32\prsgrc.dll [2004/08/04 05:00:00 | 000,000,073 | ---- | C] () -- C:\WINDOWS\System32\ssprs.dll [2004/08/04 05:00:00 | 000,000,016 | -H-- | C] () -- C:\WINDOWS\System32\u6gfg65.dll [2004/08/04 05:00:00 | 000,000,016 | -H-- | C] () -- C:\WINDOWS\System32\mfcl7iz.dll [2004/08/04 05:00:00 | 000,000,016 | -H-- | C] () -- C:\WINDOWS\System32\lrue84c.dll [2004/08/04 05:00:00 | 000,000,016 | -H-- | C] () -- C:\WINDOWS\System32\a9m32e5.dll [2003/01/07 16:05:08 | 000,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI [2002/03/04 11:16:34 | 000,110,592 | R--- | C] () -- C:\WINDOWS\System32\Jpeg32.dll ========== LOP Check ========== [2009/06/04 00:32:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Azureus [2011/04/09 11:16:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\bDk06504oKdKp06504 [2009/03/18 11:54:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Citrix [2009/10/08 13:46:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MySQL [2010/11/17 11:17:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Quest Software [2009/03/18 17:48:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ScanSoft [2009/08/31 14:59:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SupportSoft [2010/11/28 23:10:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WD_SmartWareCommon [2010/11/28 23:07:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Western Digital [2011/04/09 15:37:52 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{6A395471-4AA3-4072-AE1B-9B69A97AD164} [2009/10/09 13:29:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD} [2009/09/05 10:09:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\guest1\Application Data\Panasonic [2010/12/11 23:24:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\guest1\Application Data\Western Digital [2011/04/10 14:49:34 | 000,000,472 | ---- | M] () -- C:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job ========== Purity Check ========== ========== Custom Scans ========== < %SYSTEMDRIVE%\*.* > [2011/04/10 14:48:43 | 000,001,286 | ---- | M] () -- C:\aaw7boot.log [2009/03/18 11:57:56 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT [2009/03/28 08:54:12 | 000,000,211 | -HS- | M] () -- C:\boot.ini [2009/03/18 17:52:16 | 000,000,025 | ---- | M] () -- C:\Brxpinst.log [2009/03/18 11:57:56 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS [2011/04/01 22:33:23 | 001,228,854 | ---- | M] () -- C:\fsqwr.bmp [2009/03/18 11:57:56 | 000,000,000 | RHS- | M] () -- C:\IO.SYS [2009/03/18 11:57:56 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS [2004/08/04 05:00:00 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM [2009/03/21 10:09:12 | 000,250,048 | RHS- | M] () -- C:\ntldr [2011/04/10 14:48:44 | 1598,029,824 | -HS- | M] () -- C:\pagefile.sys [2010/12/11 22:06:51 | 000,047,494 | ---- | M] () -- C:\TDSSKiller.2.4.11.0_11.12.2010_21.05.46_log.txt [2009/06/26 19:04:35 | 000,000,026 | ---- | M] () -- C:\UpdaterforApp.ini [2009/04/12 22:27:34 | 000,001,876 | ---- | M] () -- C:\WirelessDiagLog.csv < %systemroot%\Fonts\*.com > [2006/04/18 13:39:28 | 000,026,040 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalMonospace.CompositeFont [2006/06/29 12:53:56 | 000,026,489 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalSansSerif.CompositeFont [2006/04/18 13:39:28 | 000,029,779 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalSerif.CompositeFont [2006/06/29 12:58:52 | 000,030,808 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalUserInterface.CompositeFont < %systemroot%\Fonts\*.dll > < %systemroot%\Fonts\*.ini > [2009/03/18 11:57:35 | 000,000,067 | -HS- | M] () -- C:\WINDOWS\Fonts\desktop.ini < %systemroot%\Fonts\*.ini2 > < %systemroot%\Fonts\*.exe > < %systemroot%\system32\spool\prtprocs\w32x86\*.* > [2008/07/06 05:06:10 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll [2003/06/18 18:31:48 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\mdippr.dll [2001/11/20 15:37:28 | 000,047,616 | R--- | M] (Black Ice Software) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\ppbiPr.dll [2008/07/06 03:50:03 | 000,597,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\printfilterpipelinesvc.exe < %systemroot%\REPAIR\*.bak1 > < %systemroot%\REPAIR\*.ini > < %systemroot%\system32\*.jpg > < %systemroot%\*.jpg > < %systemroot%\*.png > < %systemroot%\*.scr > < %systemroot%\*._sy > < %APPDATA%\Adobe\Update\*.* > < %ALLUSERSPROFILE%\Favorites\*.* > < %APPDATA%\Microsoft\*.* > < %PROGRAMFILES%\*.* > [2010/11/17 11:10:30 | 000,000,161 | -H-- | M] () -- C:\Program Files\INSTALL.LOG < %APPDATA%\Update\*.* > < %systemroot%\*. /mp /s > < %systemroot%\System32\config\*.sav > [2009/03/17 21:52:28 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav [2009/03/17 21:52:28 | 000,634,880 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav [2009/03/17 21:52:27 | 000,897,024 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav < %PROGRAMFILES%\bak. /s > < %systemroot%\system32\bak. /s > < %ALLUSERSPROFILE%\Start Menu\*.lnk /x > [2009/03/21 10:18:34 | 000,000,272 | -HS- | M] () -- C:\Documents and Settings\All Users\Start Menu\desktop.ini < %systemroot%\system32\config\systemprofile\*.dat /x > < %systemroot%\*.config > < %systemroot%\system32\*.db > < %PROGRAMFILES%\Internet Explorer\*.dat > < %APPDATA%\Microsoft\Internet Explorer\Quick Launch\*.lnk /x > [2009/03/18 12:21:21 | 000,000,119 | -HS- | M] () -- C:\Documents and Settings\sunikar\Application Data\Microsoft\Internet Explorer\Quick Launch\desktop.ini [2009/03/18 12:21:20 | 000,000,079 | -H-- | M] () -- C:\Documents and Settings\sunikar\Application Data\Microsoft\Internet Explorer\Quick Launch\Show Desktop.scf < %USERPROFILE%\Desktop\*.exe > [2010/02/14 20:38:42 | 000,316,680 | ---- | M] (Dassault Systèmes) -- C:\Documents and Settings\sunikar\Desktop\3DVIA_player_installer.exe [2009/03/18 14:35:17 | 043,083,040 | ---- | M] ( ) -- C:\Documents and Settings\sunikar\Desktop\AdbeRdr910_en_US_Std.exe [2009/09/19 08:22:02 | 007,218,536 | ---- | M] () -- C:\Documents and Settings\sunikar\Desktop\CommunicatorPlugin_281.exe [2009/08/18 15:16:38 | 001,606,064 | ---- | M] () -- C:\Documents and Settings\sunikar\Desktop\googletalk-setup.exe [2009/10/15 14:08:06 | 000,570,032 | ---- | M] (Google Inc.) -- C:\Documents and Settings\sunikar\Desktop\GoogleVoiceAndVideoSetup(2).exe [2009/03/18 14:49:44 | 059,264,920 | ---- | M] (Symantec Corporation) -- C:\Documents and Settings\sunikar\Desktop\NAV09EN.exe [2009/07/06 14:19:47 | 155,255,392 | ---- | M] () -- C:\Documents and Settings\sunikar\Desktop\OOo_3.1.0_Win32Intel_install_wJRE_en-US.exe [2009/10/08 10:08:01 | 216,933,372 | ---- | M] (Oracle Corporation ) -- C:\Documents and Settings\sunikar\Desktop\OracleXEUniv.exe [2011/04/10 14:56:46 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\sunikar\Desktop\OTL.exe [2009/03/25 14:46:17 | 021,878,064 | ---- | M] (Apple Inc.) -- C:\Documents and Settings\sunikar\Desktop\QuickTimeInstaller.exe [2009/09/19 08:06:40 | 006,321,440 | ---- | M] () -- C:\Documents and Settings\sunikar\Desktop\WebUpdaterforWindows_242.exe [2009/06/05 11:44:38 | 000,367,240 | ---- | M] (Digital River, Inc.) -- C:\Documents and Settings\sunikar\Desktop\X12-30196-DLM.exe < %PROGRAMFILES%\Common Files\*.* > < %systemroot%\*.src > < %systemroot%\install\*.* > < %systemroot%\system32\DLL\*.* > < %systemroot%\system32\HelpFiles\*.* > < %systemroot%\system32\rundll\*.* > < %systemroot%\winn32\*.* > < %systemroot%\Java\*.* > < %systemroot%\system32\test\*.* > < %systemroot%\system32\Rundll32\*.* > < %systemroot%\AppPatch\Custom\*.* > < HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU > < HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs > HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2011-04-09 20:49:27 < Update\Results\Install|LastSuccessTime /rs > < > < > < End of report >
  3. Trojan - didn't go after running superantispyware , malaware bytes , Spybot search and destroy ,ad aware . I don't know any other option to try . My Nephews have downloaded this virus by visiting some games websites. Initially , I was not able to access any browsers including IE in the beginning . So i had to do system restore in the safe mode . Then i was able to download Ad aware , superantispyware . I run all the application in both safe mode , normal mode . But still the virus doesn't seems to go . Virus name : Fake Microsoft security essential . How ever the warning message that i was getting went away . But still i am unable to use any web browsers besides IE . When i do Google search on IE and click on some link , it re-directs me to some other spam websites . I really need some help in fixing this virus ...as i don't want to format my system. Appreciate your help . Thanks .
×
×
  • Create New...