Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Serious Error -c:/ not accessible, memory low, paginating error,IE7 & Firefox closes instantly


  • This topic is locked This topic is locked
2 replies to this topic

#1 mustali

mustali

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:07:49 AM

Posted 10 May 2009 - 11:46 AM

Hello Great Friends!
posting the DDS & OTListIT & GMER log file.... cant figure out what has gone wrong.....
but i hope the topic suggests what kind of serious error i am facing...
as soon as i click on c: in explorer a memory low & paginating error pop-up shows up and my laptop hangs....need to shutdown it by long press of power key and reboot again.....this happens each time i try to access c: by double its icon...
really need your help...


DDS (Ver_09-03-16.01) - NTFSx86
Run by Mustali at 22:01:55.43 on Sun 05/10/2009
Internet Explorer: 7.0.5730.13 BrowserJavaVersion: 1.6.0_13
Microsoft Windows XP Home Edition 5.1.2600.3.1256.1.1025.18.1014.459 [GMT 5.5:30]

AV: AVG Internet Security *On-access scanning enabled* (Updated)

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
svchost.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
svchost.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\WINDOWS\system32\crypserv.exe
C:\PROGRA~1\AVG\AVG8\avgam.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\WINDOWS\system32\svchost.exe -k hpdevmgmt
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\system32\CNAB4RPK.EXE
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\HP\QuickPlay\QPService.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\PROGRA~1\WIDCOMM\BLUETO~1\BTSTAC~1.EXE
C:\Documents and Settings\Mustali.PC327926515751\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Mustali.PC327926515751\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Mustali.PC327926515751\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Mustali.PC327926515751\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Mustali.PC327926515751\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Mustali.PC327926515751\Local Settings\Application Data\Google\Google Talk Plugin\googletalkplugin.exe
C:\Documents and Settings\Mustali.PC327926515751\My Documents\Any Video Converter\dds.pif

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.google.co.in/
uSearch Page = hxxp://www.google.com
uSearch Bar = hxxp://www.google.com/ie
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uSearchURL,(Default) = hxxp://www.google.com/keyword/%s
mSearchAssistant = hxxp://www.google.com/ie
uURLSearchHooks: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} -
mWinlogon: Userinit=c:\windows\system32\userinit.exe
BHO: IDMIEHlprObj Class: {0055c089-8582-441b-a0bf-17b458c2a3a8} - c:\program files\internet download manager\IDMIECC.dll
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - c:\program files\real\realplayer\rpbrowserrecordplugin.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg8\avgssie.dll
BHO: Encarta Web Companion Helper Object: {955be0b8-bc85-4caf-856e-8e0d8b610560} - c:\program files\common files\microsoft shared\encarta web companion\2007\ENCWCBAR.DLL
BHO: Adobe PDF Conversion Toolbar Helper: {ae7cd045-e861-484f-8273-0445ee161910} - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
EB: Adobe PDF: {182ec0be-5110-49c8-a062-beb1d02a220b} - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
mRun: [Cpqset] c:\program files\hpq\default settings\cpqset.exe
mRun: [RecGuard] c:\windows\sminst\RecGuard.exe
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
mRun: [QPService] "c:\program files\hp\quickplay\QPService.exe"
mRun: [AVG8_TRAY] c:\progra~1\avg\avg8\avgtray.exe
mRun: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
mRun: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe"
dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
mExplorerRun: [status] present
StartupFolder: c:\docume~1\alluse~1\a007~1\7d39~1\d51d~1\blueto~1.lnk - c:\program files\widcomm\bluetooth software\BTTray.exe
uPolicies-explorer: NoViewOnDrive = 0 (0x0)
IE: Append to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert link target to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert link target to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert selected links to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert selected links to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Convert selection to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert selection to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Download all links with IDM - c:\program files\internet download manager\IEGetAll.htm
IE: Download FLV video content with IDM - c:\program files\internet download manager\IEGetVL.htm
IE: Download with IDM - c:\program files\internet download manager\IEExt.htm
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000
IE: Send To &Bluetooth - c:\program files\widcomm\bluetooth software\btsendto_ie_ctx.htm
IE: {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe
IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\program files\widcomm\bluetooth software\btsendto_ie.htm
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - c:\progra~1\mi3aa1~1\INetRepl.dll
IE: {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - c:\progra~1\mi3aa1~1\INetRepl.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL
IE: {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - {552781AF-37E4-4FEE-920A-CED9E648EADD} - c:\program files\common files\microsoft shared\encarta search bar\ENCSBAR.DLL
LSP: c:\windows\system32\idmmbc.dll
Trusted Zone: bobibanking.com\www
DPF: {233C1507-6A77-46A4-9443-F871F945D258} - hxxp://fpdownload.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {33564D57-0000-0010-8000-00AA00389B71} - hxxp://download.microsoft.com/download/F/6/E/F6E491A6-77E1-4E20-9F5F-94901338C922/wmv9VCM.CAB
DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} - hxxp://download.bitdefender.com/resources/scan8/oscan8.cab
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1174633325046
DPF: {814EA0DA-E0D9-4AA4-833C-A1A6D38E79E9} - hxxp://das.microsoft.com/activate/cab/x86/i486/NTANSI/retail/DASAct.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab
DPF: {C9386579-3C0F-4713-82C6-5BA8088C7C8D} - hxxp://shared.live.com/0AWo70tq93pEHO1WfbbTIA/etc/Microsoft.Live.Folders.RichUpload.cab
DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab
DPF: {CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_11-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab
TCP: NameServer = 85.255.112.202,85.255.112.190
TCP: {4F7C0611-0610-47AF-A9BA-EED1000F3833} = 85.255.112.202,85.255.112.190
TCP: {CC401A48-A5AA-4A4F-98B5-7018FA41E318} = 85.255.112.202,85.255.112.190
TCP: {E9EAB7DF-E675-422E-80AC-D591AC3C7F7A} = 85.255.112.202,85.255.112.190
Handler: ic32pp - {BBCA9F81-8F4F-11D2-90FF-0080C83D3571} - c:\windows\wc98pp.dll
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg8\avgpp.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
Notify: avgrsstarter - avgrsstx.dll
Notify: igfxcui - igfxdev.dll
AppInit_DLLs: c:\progra~1\google\google~3\goec62~1.dll,c:\progra~1\kasper~1\kasper~1\kloehk.dll,avgrsstx.dll c:\progra~1\google\google~3\GOEC62~1.DLL
SEH: Microsoft AntiMalware ShellExecuteHook: {091eb208-39dd-417d-a5dd-7e2c2d8fb9cb} - c:\progra~1\wifd1f~1\MpShHook.dll

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\mustal~1.pc3\applic~1\mozilla\firefox\profiles\fnb6dqvd.mustali new\
FF - component: c:\documents and settings\mustali.pc327926515751\application data\idm\idmmzcc2\components\idmmzcc.dll
FF - component: c:\program files\avg\avg8\firefox\components\avgssff.dll
FF - component: c:\program files\mozilla firefox\components\GoogleDesktopMozilla.dll
FF - plugin: c:\documents and settings\mustali.pc327926515751\application data\mozilla\plugins\npgoogletalk.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npyaxmpb.dll

============= SERVICES / DRIVERS ===============

R0 AvgRkx86;avgrkx86.sys;c:\windows\system32\drivers\avgrkx86.sys [2008-8-5 12552]
R1 AvgLdx86;AVG AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2008-8-5 325640]
R1 AvgMfx86;AVG On-access Scanner Minifilter Driver x86;c:\windows\system32\drivers\avgmfx86.sys [2008-8-5 27656]
R1 AvgTdiX;AVG8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2008-8-5 108552]
R2 avg8wd;AVG8 WatchDog;c:\progra~1\avg\avg8\avgwdsvc.exe [2008-8-5 298264]
R2 BTCAP;Bluetooth, WDM Video Capture;c:\windows\system32\drivers\BTCap.sys [2007-6-27 276620]
R2 U3SHLPDR200;U3SHLPDR200;c:\windows\system32\drivers\U3SHLPDR200.SYS [2007-11-24 4518]
S2 dgcyzvh;Shell Universal;c:\windows\system32\svchost.exe -k netsvcs [2004-8-5 14336]
S2 duwkdnl;Network Config;c:\windows\system32\svchost.exe -k netsvcs [2004-8-5 14336]
S2 ekdba;Center Microsoft;c:\windows\system32\svchost.exe -k netsvcs [2004-8-5 14336]
S2 ieuqpfo;Microsoft Manager;c:\windows\system32\svchost.exe -k netsvcs [2004-8-5 14336]
S2 opimo;Security Microsoft;c:\windows\system32\svchost.exe -k netsvcs [2004-8-5 14336]
S2 tedrwjrd;Manager Windows;c:\windows\system32\svchost.exe -k netsvcs [2004-8-5 14336]
S2 teqkomu;Support Monitor;c:\windows\system32\svchost.exe -k netsvcs [2004-8-5 14336]
S2 wfrhzngo;pboqqgsv;c:\windows\system32\svchost.exe -k netsvcs [2004-8-5 14336]
S2 zzsmdrcv;Security Windows;c:\windows\system32\svchost.exe -k netsvcs [2004-8-5 14336]
S3 BTCAMDRV;Mobiola Web Camera driver;c:\windows\system32\drivers\BTCamDrv.sys [2007-4-5 219264]
S3 CA561B;ICatch 561B PC CAMERA;c:\windows\system32\drivers\spca561b.sys --> c:\windows\system32\drivers\SPCA561B.SYS [?]
S3 epmntdrv;epmntdrv;c:\windows\system32\epmntdrv.sys [2009-3-22 8704]
S3 EuGdiDrv;EuGdiDrv;c:\windows\system32\EuGdiDrv.sys [2009-3-22 3072]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [2008-6-7 138112]
S3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsuc.sys [2008-6-7 8320]
S3 sit_bus;SIT_1x_usbmodem Device;c:\windows\system32\drivers\sit_bus.sys [2008-3-27 22144]
S3 sit_flt;SUNGIL USB Filter Service;c:\windows\system32\drivers\sit_flt.sys [2008-3-27 4352]
S3 sit_mdm;SIT_1x_usbmodem ;c:\windows\system32\drivers\sit_mdm.sys [2008-3-27 39680]
S3 sit_prt;SIT_1x_usbmodem Port;c:\windows\system32\drivers\sit_prt.sys [2008-3-27 38656]
S4 GoogleDesktopManager-061008-081103;Google Desktop Manager 5.7.806.10245;c:\program files\google\google desktop search\GoogleDesktop.exe [2007-5-27 29744]
S4 Symantec Core LC;Symantec Core LC;c:\program files\common files\symantec shared\ccpd-lc\symlcsvc.exe [2006-5-23 1174152]
S4 WinDefend;Windows Defender;c:\program files\windows defender\MsMpEng.exe [2006-11-3 13592]

=============== Created Last 30 ================

2009-05-10 21:18 <DIR> --d----- c:\program files\Trend Micro
2009-05-09 20:36 255 ---shr-- C:\autorun.inf
2009-05-09 19:03 <DIR> --d----- c:\program files\Autorun Eater
2009-05-08 12:43 <DIR> --d----- c:\program files\VirtualFem
2009-05-08 12:36 <DIR> --d----- c:\program files\Erosgames
2009-05-08 12:00 <DIR> --d----- c:\docume~1\mustal~1.pc3\applic~1\MozillaControl
2009-05-08 11:58 <DIR> --d----- c:\program files\'Full Speed' Internet Booster + Performance Tests
2009-05-03 16:23 <DIR> --d----- c:\docume~1\mustal~1.pc3\applic~1\HotzAdam
2009-04-25 15:34 4,566 a------- c:\windows\imsins.BAK
2009-04-24 23:24 <DIR> --d----- c:\program files\Arab
2009-04-19 09:28 227,840 -------- c:\windows\system32\dllcache\wmiprvse.exe
2009-04-19 09:28 283,136 -------- c:\windows\system32\dllcache\pdh.dll
2009-04-19 09:28 110,592 -------- c:\windows\system32\dllcache\services.exe
2009-04-19 09:28 723,456 -------- c:\windows\system32\dllcache\lsasrv.dll
2009-04-19 09:28 681,472 -------- c:\windows\system32\dllcache\advapi32.dll
2009-04-19 09:28 473,600 -------- c:\windows\system32\dllcache\fastprox.dll
2009-04-19 09:28 401,408 -------- c:\windows\system32\dllcache\rpcss.dll
2009-04-19 09:28 35,328 -------- c:\windows\system32\dllcache\sc.exe
2009-04-19 09:28 693,760 -------- c:\windows\system32\dllcache\ntdll.dll
2009-04-19 09:28 453,120 -------- c:\windows\system32\dllcache\wmiprvsd.dll
2009-04-18 12:48 <DIR> --d----- c:\program files\Freelang Dictionary
2009-04-17 23:07 1,203,922 -------- c:\windows\system32\dllcache\sysmain.sdb
2009-04-17 23:07 215,040 -------- c:\windows\system32\dllcache\wordpad.exe
2009-04-17 02:18 <DIR> --d----- c:\program files\Ontrack
2009-04-14 02:00 870 a---hr-- c:\windows\EPMBatch.ept
2009-04-13 09:31 838,144 a------- c:\windows\WATERYDS.SCR
2009-04-13 09:31 69,120 a------- c:\windows\WateryDesktop_vista.dll
2009-04-13 09:31 53,248 a------- c:\windows\WateryDesktop_xp.dll
2009-04-13 09:31 <DIR> --d----- c:\program files\PUSH Entertainment

==================== Find3M ====================

2009-05-10 21:29 374,118 a------- c:\windows\system32\perfh001.dat
2009-05-10 21:29 70,244 a------- c:\windows\system32\perfc001.dat
2009-04-09 12:47 161,904 a------- c:\windows\Al Kanz ver 3.0 Uninstaller.exe
2009-04-09 11:29 152,358 a------- c:\windows\HPHins15.dat
2009-03-26 01:19 325,640 a------- c:\windows\system32\drivers\avgldx86.sys
2009-03-26 01:19 10,520 a------- c:\windows\system32\avgrsstx.dll
2009-03-26 01:18 12,552 a------- c:\windows\system32\drivers\avgrkx86.sys
2009-03-26 01:18 108,552 a------- c:\windows\system32\drivers\avgtdix.sys
2009-03-21 19:38 1,357,824 -------- c:\windows\system32\dllcache\kernel32.dll
2009-03-09 05:19 410,984 a------- c:\windows\system32\deploytk.dll
2009-03-06 19:50 283,136 a------- c:\windows\system32\pdh.dll
2009-03-03 05:36 826,368 a------- c:\windows\system32\wininet.dll
2009-03-03 05:36 826,368 -------- c:\windows\system32\dllcache\wininet.dll
2009-02-28 10:24 636,072 -------- c:\windows\system32\dllcache\iexplore.exe
2009-02-20 15:50 70,656 -------- c:\windows\system32\dllcache\ie4uinit.exe
2009-02-20 15:50 13,824 -------- c:\windows\system32\dllcache\ieudinit.exe
2009-02-20 10:44 161,792 -------- c:\windows\system32\dllcache\ieakui.dll
2009-02-10 19:03 2,067,584 -------- c:\windows\system32\dllcache\ntkrnlpa.exe
2007-04-09 15:58 10,534 a------- c:\program files\common files\acpiec.sys
2008-09-09 10:48 32,768 a--sh--- c:\windows\system32\config\systemprofile\local settings\history\history.ie5\mshist012008090920080910\index.dat

============= FINISH: 22:02:34.40 ===============

OTListIT log-

OTListIt logfile created on: 10/05/2009 10:27:09 PM - Run 1
OTListIt2 by OldTimer - Version 2.0.15.6 Folder = C:\Documents and Settings\Mustali.PC327926515751\My Documents\Any Video Converter
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: | Country: الولايات المتحدة | Language: ENU | Date Format:

1014.04 Mb Total Physical Memory | 394.25 Mb Available Physical Memory | 38.88% Memory free
2.38 Gb Paging File | 1.87 Gb Available in Paging File | 78.29% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 84.53 Gb Total Space | 13.95 Gb Free Space | 16.50% Space Free | Partition Type: NTFS
Drive D: | 7.60 Gb Total Space | 1.29 Gb Free Space | 16.93% Space Free | Partition Type: FAT32
E: Drive not present or media not loaded
Drive F: | 1.00 Gb Total Space | 1.00 Gb Free Space | 99.44% Space Free | Partition Type: NTFS
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Drive M: | 7.81 Mb Total Space | 5.23 Mb Free Space | 67.00% Space Free | Partition Type: NTFS

Computer Name: MUSTALI
Current User Name: Mustali
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Output = Standard
File Age = 30 Days
Company Name Whitelist: On

========== Processes (SafeList) ==========

PRC - [2009/03/26 01:18:54 | 00,298,264 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgwdsvc.exe
PRC - [2006/02/27 16:55:44 | 00,258,103 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
PRC - [2002/10/25 07:47:54 | 00,065,536 | ---- | M] (Kenonic Controls Ltd.) -- C:\WINDOWS\system32\crypserv.exe
PRC - [2009/03/26 01:18:59 | 00,832,792 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgam.exe
PRC - [2009/03/26 01:19:01 | 00,485,144 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgrsx.exe
PRC - [2009/03/26 01:18:58 | 00,593,176 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgnsx.exe
PRC - [2009/03/09 05:19:15 | 00,152,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe
PRC - [2003/06/19 23:25:00 | 00,322,120 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
PRC - [2005/01/28 13:44:28 | 00,038,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wdfmgr.exe
PRC - [2004/11/29 20:30:00 | 00,057,344 | ---- | M] (CANON INC.) -- C:\WINDOWS\system32\CNAB4RPK.EXE
PRC - [2008/04/14 21:29:52 | 01,031,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Explorer.EXE
PRC - [2006/03/04 11:16:48 | 00,761,948 | ---- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
PRC - [2006/03/07 16:08:14 | 00,131,072 | ---- | M] ( Hewlett-Packard Development Company, L.P.) -- C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe
PRC - [2006/08/14 14:41:28 | 00,114,688 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\hkcmd.exe
PRC - [2006/08/14 14:38:08 | 00,094,208 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\igfxpers.exe
PRC - [2006/08/22 10:54:10 | 00,102,400 | ---- | M] (CyberLink Corp.) -- C:\Program Files\HP\QuickPlay\QPService.exe
PRC - [2009/03/26 01:18:56 | 01,932,568 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgtray.exe
PRC - [2009/03/09 05:19:17 | 00,148,888 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jusched.exe
PRC - [2006/02/27 17:02:06 | 00,581,693 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
PRC - [2006/02/27 17:00:58 | 01,265,748 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
PRC - [2008/12/10 08:42:02 | 00,766,960 | ---- | M] (Google Inc.) -- C:\Documents and Settings\Mustali.PC327926515751\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
PRC - [2008/12/10 08:42:02 | 00,766,960 | ---- | M] (Google Inc.) -- C:\Documents and Settings\Mustali.PC327926515751\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
PRC - [2008/12/10 08:42:02 | 00,766,960 | ---- | M] (Google Inc.) -- C:\Documents and Settings\Mustali.PC327926515751\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
PRC - [2008/12/10 08:42:02 | 00,766,960 | ---- | M] (Google Inc.) -- C:\Documents and Settings\Mustali.PC327926515751\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
PRC - [2008/12/10 08:42:02 | 00,766,960 | ---- | M] (Google Inc.) -- C:\Documents and Settings\Mustali.PC327926515751\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
PRC - [2008/12/02 16:04:18 | 00,083,440 | ---- | M] (Google) -- C:\Documents and Settings\Mustali.PC327926515751\Local Settings\Application Data\Google\Google Talk Plugin\googletalkplugin.exe
PRC - [2008/12/10 08:42:02 | 00,766,960 | ---- | M] (Google Inc.) -- C:\Documents and Settings\Mustali.PC327926515751\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
PRC - [2008/12/10 08:42:02 | 00,766,960 | ---- | M] (Google Inc.) -- C:\Documents and Settings\Mustali.PC327926515751\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
PRC - [2009/05/10 22:26:07 | 00,501,248 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Mustali.PC327926515751\My Documents\Any Video Converter\OTListIt2.exe

========== Win32 Services (SafeList) ==========

SRV - [2007/03/03 08:07:22 | 00,072,704 | ---- | M] (Adobe Systems) -- C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe -- (Adobe LM Service [Disabled | Stopped])
SRV - [2007/10/24 01:47:22 | 00,033,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe -- (aspnet_state [On_Demand | Stopped])
SRV - [2008/05/09 19:53:26 | 00,074,360 | ---- | M] (Autodesk, Inc.) -- C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe -- (Autodesk Licensing Service [Disabled | Stopped])
SRV - [2009/03/26 01:18:54 | 00,298,264 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgwdsvc.exe -- (avg8wd [Auto | Running])
SRV - [2006/02/27 16:55:44 | 00,258,103 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe -- (btwdins [Auto | Running])
SRV - [2007/10/24 01:47:40 | 00,070,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32 [On_Demand | Stopped])
SRV - File not found -- -- (CLTNetCnService [Disabled | Stopped])
SRV - [2002/10/25 07:47:54 | 00,065,536 | ---- | M] (Kenonic Controls Ltd.) -- C:\WINDOWS\system32\crypserv.exe -- (Crypkey License [Auto | Running])
SRV - [2007/09/22 15:02:02 | 00,654,848 | ---- | M] (Macrovision Europe Ltd.) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service [On_Demand | Stopped])
SRV - [2006/10/20 21:21:24 | 00,036,864 | ---- | M] (Microsoft Corporation) -- c:\WINDOWS\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe -- (FontCache3.0.0.0 [Disabled | Stopped])
SRV - [2008/11/22 10:27:16 | 00,029,744 | ---- | M] (Google) -- C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe -- (GoogleDesktopManager-061008-081103 [Disabled | Stopped])
SRV - [2007/11/28 19:19:21 | 00,138,680 | ---- | M] (Google) -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc [Disabled | Stopped])
SRV - [2008/04/14 21:29:40 | 00,038,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll -- (helpsvc [Auto | Running])
SRV - [2007/03/11 21:24:50 | 00,217,088 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll -- (hpqcxs08 [On_Demand | Running])
SRV - [2007/03/11 22:02:52 | 00,131,072 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll -- (hpqddsvc [Auto | Running])
SRV - [2006/05/02 15:41:28 | 00,135,168 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe -- (hpqwmiex [Disabled | Stopped])
SRV - [2005/04/04 00:41:10 | 00,069,632 | ---- | M] (Macrovision Corporation) -- C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe -- (IDriverT [On_Demand | Stopped])
SRV - [2006/10/30 03:33:58 | 00,741,376 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe -- (idsvc [Unknown | Stopped])
SRV - [2008/04/14 21:29:36 | 00,027,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\irmon.dll -- (Irmon [Disabled | Stopped])
SRV - [2006/09/06 06:22:26 | 00,079,496 | ---- | M] (Symantec Corporation) -- C:\Program Files\Norton AntiVirus\isPwdSvc.exe -- (ISPwdSvc [Disabled | Stopped])
SRV - [2009/03/09 05:19:15 | 00,152,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe -- (JavaQuickStarterService [Auto | Running])
SRV - [2006/02/17 17:56:32 | 00,073,728 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe -- (LightScribeService [Disabled | Stopped])
SRV - [2003/06/19 23:25:00 | 00,322,120 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE -- (MDM [Auto | Running])
SRV - [2006/10/30 03:34:02 | 00,122,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing [Disabled | Stopped])
SRV - [2003/07/28 12:28:22 | 00,089,136 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose [On_Demand | Stopped])
SRV - [2008/08/07 11:17:30 | 00,575,488 | ---- | M] (Nokia.) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer [On_Demand | Stopped])
SRV - [2007/03/22 15:39:30 | 01,174,152 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe -- (Symantec Core LC [Disabled | Stopped])
SRV - [2005/01/28 13:44:28 | 00,038,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wdfmgr.exe -- (UMWdf [Auto | Running])
SRV - [2006/11/03 18:19:58 | 00,013,592 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend [Disabled | Stopped])

========== Driver Services (SafeList) ==========

DRV - [2001/08/18 00:21:56 | 00,005,248 | ---- | M] (Acer Laboratories Inc.) -- C:\WINDOWS\system32\DRIVERS\aliide.sys -- (AliIde [Boot | Running])
DRV - [2008/04/14 00:06:39 | 00,043,008 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\WINDOWS\system32\DRIVERS\amdagp.sys -- (amdagp [Disabled | Stopped])
DRV - [2001/08/18 00:22:00 | 00,026,496 | ---- | M] (Advanced System Products, Inc.) -- C:\WINDOWS\system32\DRIVERS\asc.sys -- (asc [Disabled | Stopped])
DRV - [2001/08/18 00:21:58 | 00,014,848 | ---- | M] (Advanced System Products, Inc.) -- C:\WINDOWS\system32\DRIVERS\asc3550.sys -- (asc3550 [Disabled | Stopped])
DRV - [2009/03/26 01:19:01 | 00,325,640 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\Drivers\avgldx86.sys -- (AvgLdx86 [System | Running])
DRV - [2009/03/26 01:19:01 | 00,027,656 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\Drivers\avgmfx86.sys -- (AvgMfx86 [System | Running])
DRV - [2009/03/26 01:18:59 | 00,012,552 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\Drivers\avgrkx86.sys -- (AvgRkx86 [Boot | Running])
DRV - [2009/03/26 01:18:58 | 00,108,552 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\Drivers\avgtdix.sys -- (AvgTdiX [System | Running])
DRV - [2006/02/27 16:48:20 | 00,401,664 | ---- | M] (Broadcom Corporation.) -- C:\WINDOWS\system32\drivers\btaudio.sys -- (btaudio [On_Demand | Running])
DRV - [2006/11/01 18:45:14 | 00,219,264 | ---- | M] (Windows ® 2000 DDK provider) -- C:\WINDOWS\system32\DRIVERS\BTCamDrv.sys -- (BTCAMDRV [On_Demand | Stopped])
DRV - [2006/08/07 15:22:00 | 00,276,620 | ---- | M] (MOTECH) -- C:\WINDOWS\system32\DRIVERS\BTCap.sys -- (BTCAP [Auto | Running])
DRV - [2006/02/27 16:43:44 | 00,030,363 | ---- | M] (Broadcom Corporation.) -- C:\WINDOWS\system32\DRIVERS\btport.sys -- (BTDriver [On_Demand | Running])
DRV - [2006/02/27 16:45:48 | 01,342,602 | ---- | M] (Broadcom Corporation.) -- C:\WINDOWS\system32\DRIVERS\btkrnl.sys -- (BTKRNL [On_Demand | Running])
DRV - [2006/02/27 16:40:16 | 00,148,168 | ---- | M] (Broadcom Corporation.) -- C:\WINDOWS\system32\DRIVERS\btwdndis.sys -- (BTWDNDIS [On_Demand | Running])
DRV - [2006/02/27 16:43:36 | 00,030,189 | ---- | M] (Broadcom Corporation.) -- C:\WINDOWS\system32\DRIVERS\btwmodem.sys -- (btwmodem [On_Demand | Running])
DRV - [2006/02/27 16:43:06 | 00,057,096 | ---- | M] (Broadcom Corporation.) -- C:\WINDOWS\System32\Drivers\btwusb.sys -- (BTWUSB [On_Demand | Running])
DRV - [2001/09/19 00:04:24 | 00,006,656 | ---- | M] (CMD Technology, Inc.) -- C:\WINDOWS\system32\DRIVERS\cmdide.sys -- (CmdIde [Disabled | Stopped])
DRV - [2001/08/18 00:22:16 | 00,179,584 | ---- | M] (Mylex Corporation) -- C:\WINDOWS\system32\DRIVERS\dac2w2k.sys -- (dac2w2k [Disabled | Stopped])
DRV - [2004/10/27 17:00:36 | 00,124,672 | ---- | M] (eMPIA Technology, Inc.) -- C:\WINDOWS\system32\DRIVERS\emDevice.sys -- (DCamUSBEMPIA [On_Demand | Stopped])
DRV - [2005/11/03 14:01:38 | 00,157,696 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\DRIVERS\e100b325.sys -- (E100B [On_Demand | Running])
DRV - [2005/09/19 15:53:52 | 00,007,808 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\WINDOWS\system32\DRIVERS\eabfiltr.sys -- (eabfiltr [System | Running])
DRV - [2005/09/19 15:54:20 | 00,005,760 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\WINDOWS\system32\DRIVERS\eabusb.sys -- (eabusb [On_Demand | Stopped])
DRV - [2008/05/15 17:21:16 | 00,385,072 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl [System | Running])
DRV - [2008/11/25 17:18:26 | 00,008,704 | ---- | M] () -- C:\WINDOWS\system32\epmntdrv.sys -- (epmntdrv [On_Demand | Stopped])
DRV - [2008/11/25 17:18:22 | 00,003,072 | ---- | M] () -- C:\WINDOWS\system32\EuGdiDrv.sys -- (EuGdiDrv [On_Demand | Stopped])
DRV - [2006/10/07 13:04:00 | 00,009,600 | ---- | M] (eMPIA Technology, Inc.) -- C:\WINDOWS\system32\DRIVERS\emFilter.sys -- (FiltUSBEMPIA [On_Demand | Stopped])
DRV - [2005/09/19 15:54:10 | 00,009,344 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\WINDOWS\system32\DRIVERS\cpqbttn.sys -- (HBtnKey [On_Demand | Running])
DRV - [2007/05/01 02:11:54 | 00,630,272 | ---- | M] (Conexant Systems Inc.) -- C:\WINDOWS\system32\drivers\CHDAud.sys -- (HdAudAddService [On_Demand | Running])
DRV - [2008/04/13 22:06:05 | 00,144,384 | ---- | M] (Windows ® Server 2003 DDK provider) -- C:\WINDOWS\system32\DRIVERS\HDAudBus.sys -- (HDAudBus [On_Demand | Running])
DRV - [2005/08/22 20:36:16 | 00,201,600 | ---- | M] (Conexant Systems, Inc.) -- C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys -- (HSFHWAZL [On_Demand | Running])
DRV - [2005/08/22 20:37:00 | 01,035,008 | ---- | M] (Conexant Systems, Inc.) -- C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys -- (HSF_DPV [On_Demand | Running])
DRV - [2006/08/14 16:00:24 | 01,109,568 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\DRIVERS\igxpmp32.sys -- (ialm [On_Demand | Running])
DRV - [2005/10/13 14:37:12 | 00,874,240 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\DRIVERS\iaStor.sys -- (iaStor [Boot | Running])
DRV - [2007/11/03 11:21:02 | 00,068,096 | ---- | M] (EZB Systems, Inc.) -- C:\Program Files\UltraISO\drivers\ISODrive.sys -- (ISODrive [System | Running])
DRV - [2006/02/15 16:27:46 | 00,012,672 | ---- | M] (Conexant) -- C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys -- (mdmxsdk [Auto | Running])
DRV - [2001/08/18 00:22:12 | 00,017,280 | ---- | M] (American Megatrends Inc.) -- C:\WINDOWS\system32\DRIVERS\mraid35x.sys -- (mraid35x [Disabled | Stopped])
DRV - [2008/03/13 03:25:36 | 02,530,176 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\DRIVERS\NETw4x32.sys -- (NETw4x32 [On_Demand | Running])
DRV - [2003/10/01 19:21:42 | 00,029,414 | ---- | M] () -- C:\WINDOWS\system32\ckldrv.sys -- (NetworkX [System | Running])
DRV - [2008/02/01 15:17:12 | 00,138,112 | ---- | M] (Nokia) -- C:\WINDOWS\system32\drivers\nmwcdnsu.sys -- (nmwcdnsu [On_Demand | Stopped])
DRV - [2008/02/01 15:17:06 | 00,008,320 | ---- | M] (Nokia) -- C:\WINDOWS\system32\drivers\nmwcdnsuc.sys -- (nmwcdnsuc [On_Demand | Stopped])
DRV - [2007/09/17 15:53:26 | 00,021,632 | ---- | M] (Nokia) -- C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys -- (pccsmcfd [On_Demand | Stopped])
DRV - [2005/11/02 16:47:26 | 00,010,368 | R--- | M] (Padus, Inc.) -- C:\WINDOWS\system32\drivers\pfc.sys -- (pfc [On_Demand | Running])
DRV - [2004/08/05 02:30:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) -- C:\WINDOWS\system32\DRIVERS\ptilink.sys -- (Ptilink [On_Demand | Running])
DRV - [2006/09/28 03:23:22 | 00,036,560 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\System32\Drivers\PxHelp20.sys -- (PxHelp20 [Boot | Running])
DRV - [2001/08/18 00:22:20 | 00,040,320 | ---- | M] (QLogic Corporation) -- C:\WINDOWS\system32\DRIVERS\ql1080.sys -- (ql1080 [Disabled | Stopped])
DRV - [2001/08/18 00:22:20 | 00,045,312 | ---- | M] (QLogic Corporation) -- C:\WINDOWS\system32\DRIVERS\ql12160.sys -- (ql12160 [Disabled | Stopped])
DRV - [2001/08/18 00:22:18 | 00,049,024 | ---- | M] (QLogic Corporation) -- C:\WINDOWS\system32\DRIVERS\ql1280.sys -- (ql1280 [Disabled | Stopped])
DRV - [2004/08/05 02:30:00 | 00,005,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\Drivers\RootMdm.sys -- (ROOTMODEM [On_Demand | Running])
DRV - [2004/08/04 12:01:34 | 00,020,992 | ---- | M] (Realtek Semiconductor Corporation) -- C:\WINDOWS\system32\DRIVERS\RTL8139.SYS -- (rtl8139 [On_Demand | Stopped])
DRV - [2004/10/27 17:00:28 | 00,005,120 | ---- | M] (eMPIA Technology, Inc.) -- C:\WINDOWS\system32\DRIVERS\emScan.sys -- (ScanUSBEMPIA [On_Demand | Stopped])
DRV - [2007/11/13 15:55:52 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- C:\WINDOWS\system32\DRIVERS\secdrv.sys -- (Secdrv [On_Demand | Stopped])
DRV - [2008/04/14 00:06:39 | 00,040,960 | ---- | M] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\system32\DRIVERS\sisagp.sys -- (sisagp [Disabled | Stopped])
DRV - [2007/04/17 12:21:26 | 00,022,144 | ---- | M] (SUNGIL) -- C:\WINDOWS\System32\Drivers\sit_bus.sys -- (sit_bus [On_Demand | Stopped])
DRV - [2007/04/18 15:57:32 | 00,004,352 | ---- | M] (SUNGIL Corporation) -- C:\WINDOWS\system32\DRIVERS\sit_flt.sys -- (sit_flt [On_Demand | Stopped])
DRV - [2007/04/17 14:52:22 | 00,039,680 | ---- | M] (SUNGIL) -- C:\WINDOWS\System32\Drivers\sit_mdm.sys -- (sit_mdm [On_Demand | Stopped])
DRV - [2007/04/17 12:28:08 | 00,038,656 | ---- | M] (SUNGIL) -- C:\WINDOWS\System32\Drivers\sit_prt.sys -- (sit_prt [On_Demand | Stopped])
DRV - [2001/08/18 00:37:44 | 00,019,072 | ---- | M] (Adaptec, Inc.) -- C:\WINDOWS\system32\DRIVERS\sparrow.sys -- (Sparrow [Disabled | Stopped])
DRV - [2001/08/17 13:49:10 | 00,026,624 | ---- | M] (SigmaTel, Inc.) -- C:\WINDOWS\system32\DRIVERS\irstusb.sys -- (STIrUsb [On_Demand | Stopped])
DRV - [2001/08/18 00:37:34 | 00,016,256 | ---- | M] (Symbios Logic Inc.) -- C:\WINDOWS\system32\DRIVERS\symc810.sys -- (symc810 [Disabled | Stopped])
DRV - [2001/08/18 00:37:36 | 00,032,640 | ---- | M] (LSI Logic) -- C:\WINDOWS\system32\DRIVERS\symc8xx.sys -- (symc8xx [Disabled | Stopped])
DRV - [2006/05/23 02:12:26 | 00,010,344 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\system32\drivers\symlcbrd.sys -- (symlcbrd [Auto | Running])
DRV - [2001/08/18 00:37:40 | 00,028,384 | ---- | M] (LSI Logic) -- C:\WINDOWS\system32\DRIVERS\sym_hi.sys -- (sym_hi [Disabled | Stopped])
DRV - [2001/08/18 00:37:42 | 00,030,688 | ---- | M] (LSI Logic) -- C:\WINDOWS\system32\DRIVERS\sym_u3.sys -- (sym_u3 [Disabled | Stopped])
DRV - [2006/03/04 11:01:48 | 00,192,736 | ---- | M] (Synaptics, Inc.) -- C:\WINDOWS\system32\DRIVERS\SynTP.sys -- (SynTP [On_Demand | Running])
DRV - [2006/07/06 13:44:10 | 00,168,448 | ---- | M] (Texas Instruments) -- C:\WINDOWS\system32\drivers\tifm21.sys -- (tifm21 [On_Demand | Running])
DRV - [2007/11/24 22:09:12 | 00,004,518 | ---- | M] () -- C:\WINDOWS\System32\Drivers\U3SHLPDR200.SYS -- (U3SHLPDR200 [Auto | Running])
DRV - [2001/08/18 00:22:22 | 00,036,736 | ---- | M] (Promise Technology, Inc.) -- C:\WINDOWS\system32\DRIVERS\ultra.sys -- (ultra [Disabled | Stopped])
DRV - [2008/04/14 00:26:49 | 00,012,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\DRIVERS\usb8023x.sys -- (usb_rndisx [On_Demand | Stopped])
DRV - [2006/03/14 23:32:54 | 01,428,480 | ---- | M] (Intel® Corporation) -- C:\WINDOWS\system32\DRIVERS\w39n51.sys -- (w39n51 [On_Demand | Stopped])
DRV - [2005/08/22 20:36:10 | 00,718,464 | ---- | M] (Conexant Systems, Inc.) -- C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys -- (winachsf [On_Demand | Running])
DRV - [2008/04/02 21:26:36 | 00,035,363 | ---- | M] () -- C:\WINDOWS\system32\windrvNT.sys -- (windrvNT [Auto | Running])

========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie


IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://securityresponse.symantec.com/avcenter/fix_homepage
IE - HKU\.DEFAULT\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://securityresponse.symantec.com/avcenter/fix_homepage
IE - HKU\S-1-5-18\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://securityresponse.symantec.com/avcenter/fix_homepage

IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://securityresponse.symantec.com/avcenter/fix_homepage
IE - HKU\S-1-5-20\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-1888621901-3740887602-1906341463-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKU\S-1-5-21-1888621901-3740887602-1906341463-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Page_Transitions = 1
IE - HKU\S-1-5-21-1888621901-3740887602-1906341463-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\S-1-5-21-1888621901-3740887602-1906341463-1006\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKU\S-1-5-21-1888621901-3740887602-1906341463-1006\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchTerm...tf8&oe=utf8
IE - HKU\S-1-5-21-1888621901-3740887602-1906341463-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.in/
IE - URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Reg Error: Key error. File not found
IE - HKU\S-1-5-21-1888621901-3740887602-1906341463-1006\S-1-5-21-1888621901-3740887602-1906341463-1006\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://en-us.start.mozilla.com/firefox?client=firefox-a&rls=org.mozilla:en-US:official"

FF - HKLM\software\mozilla\Firefox\Extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\PROGRAM FILES\AVG\AVG8\FIREFOX [2009/03/26 10:11:40 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\PROGRAM FILES\REAL\REALPLAYER\BROWSERRECORD [2009/02/04 13:05:21 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\jqs@sun.com: C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF [2009/03/13 13:20:18 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.10\extensions\\Components: C:\PROGRAM FILES\MOZILLA FIREFOX\COMPONENTS [2009/05/05 09:21:20 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.10\extensions\\Plugins: C:\PROGRAM FILES\MOZILLA FIREFOX\PLUGINS [2009/05/05 09:21:20 | 00,000,000 | ---D | M]

[2009/04/06 15:25:56 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Mustali.PC327926515751\Application Data\mozilla\Extensions
[2008/08/13 13:25:29 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Mustali.PC327926515751\Application Data\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2009/04/06 15:25:56 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Mustali.PC327926515751\Application Data\mozilla\Extensions\mozswing@mozswing.org
[2009/05/09 06:07:05 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Mustali.PC327926515751\Application Data\mozilla\Firefox\Profiles\fnb6dqvd.Mustali New\extensions
[2008/08/13 12:40:21 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Mustali.PC327926515751\Application Data\mozilla\Firefox\Profiles\fnb6dqvd.Mustali New\extensions\{0538E3E3-7E9B-4d49-8831-A227C80A7AD3}
[2009/05/03 15:17:52 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Mustali.PC327926515751\Application Data\mozilla\Firefox\Profiles\fnb6dqvd.Mustali New\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2009/05/09 06:07:05 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Mustali.PC327926515751\Application Data\mozilla\Firefox\Profiles\fnb6dqvd.Mustali New\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}
[2008/05/22 17:11:58 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Mustali.PC327926515751\Application Data\mozilla\Firefox\Profiles\y4f3fl0p.default\extensions
[2008/05/02 09:40:23 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Mustali.PC327926515751\Application Data\mozilla\Firefox\Profiles\y4f3fl0p.default\extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}
[2008/03/04 10:18:58 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Mustali.PC327926515751\Application Data\mozilla\Firefox\Profiles\y4f3fl0p.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2009/05/08 20:36:09 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions
[2009/05/05 09:21:20 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2007/07/26 11:46:17 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}
[2008/04/22 09:34:53 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}
[2009/05/06 09:55:56 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}
[2009/05/05 09:21:14 | 00,023,032 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browserdirprovider.dll
[2009/05/05 09:21:14 | 00,134,648 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\brwsrcmp.dll
[2009/04/06 14:51:22 | 00,001,394 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom.xml
[2009/04/06 14:51:22 | 00,002,193 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\answers.xml
[2009/04/06 14:51:22 | 00,001,534 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\creativecommons.xml
[2009/04/06 14:51:22 | 00,002,343 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay.xml
[2009/04/06 14:51:23 | 00,001,706 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\google.xml
[2008/11/22 10:27:16 | 00,000,686 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\GoogleDesktopMozilla.png
[2008/11/22 10:27:16 | 00,000,531 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\GoogleDesktopMozilla.src
[2009/04/06 14:51:23 | 00,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia.xml
[2009/04/06 14:51:23 | 00,000,792 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo.xml

O1 HOSTS File: (734 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (IDMIEHlprObj Class) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll (Tonec Inc.)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Encarta Web Companion Helper Object) - {955BE0B8-BC85-4CAF-856E-8E0D8B610560} - C:\Program Files\Common Files\Microsoft Shared\Encarta Web Companion\2007\ENCWCBAR.DLL (Microsoft Corporation)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O3 - HKU\S-1-5-21-1888621901-3740887602-1906341463-1006\..\Toolbar\ShellBrowser: (no name) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent (Microsoft Corporation)
O4 - HKLM..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\cpqset.exe ()
O4 - HKLM..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe (Intel Corporation)
O4 - HKLM..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe (Intel Corporation)
O4 - HKLM..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k File not found
O4 - HKLM..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe (Intel Corporation)
O4 - HKLM..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start ( Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe" (CyberLink Corp.)
O4 - HKLM..\Run: [RecGuard] C:\Windows\SMINST\RecGuard.exe ()
O4 - HKLM..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\قائمة ابدأ\البرامج\بدء التشغيل\Bluetooth.lnk = C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run: status = present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1888621901-3740887602-1906341463-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1888621901-3740887602-1906341463-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\S-1-5-21-1888621901-3740887602-1906341463-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoViewOnDrive = 0
O7 - HKU\S-1-5-21-1888621901-3740887602-1906341463-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NofolderOptions = 0
O7 - HKU\S-1-5-21-1888621901-3740887602-1906341463-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O8 - Extra context menu item: Append to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html (Adobe Systems Incorporated)
O8 - Extra context menu item: Download all links with IDM - C:\Program Files\Internet Download Manager\IEGetAll.htm ()
O8 - Extra context menu item: Download FLV video content with IDM - C:\Program Files\Internet Download Manager\IEGetVL.htm ()
O8 - Extra context menu item: Download with IDM - C:\Program Files\Internet Download Manager\IEExt.htm ()
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 (Microsoft Corporation)
O8 - Extra context menu item: Send To &Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O9 - Extra Button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe ()
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: Encarta Search Bar - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Common Files\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL (Microsoft Corporation)
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (Microsoft Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [Bluetooth Namespace] - C:\WINDOWS\system32\wshbth.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\system32\idmmbc.dll (Tonec Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\WINDOWS\system32\idmmbc.dll (Tonec Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\WINDOWS\system32\idmmbc.dll (Tonec Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\WINDOWS\system32\idmmbc.dll (Tonec Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\WINDOWS\system32\idmmbc.dll (Tonec Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\WINDOWS\system32\idmmbc.dll (Tonec Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\WINDOWS\system32\idmmbc.dll (Tonec Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\WINDOWS\system32\idmmbc.dll (Tonec Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\WINDOWS\system32\idmmbc.dll (Tonec Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\WINDOWS\system32\idmmbc.dll (Tonec Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\WINDOWS\system32\idmmbc.dll (Tonec Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\WINDOWS\system32\idmmbc.dll (Tonec Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\WINDOWS\system32\idmmbc.dll (Tonec Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\WINDOWS\system32\idmmbc.dll (Tonec Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\WINDOWS\system32\idmmbc.dll (Tonec Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\WINDOWS\system32\idmmbc.dll (Tonec Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\WINDOWS\system32\idmmbc.dll (Tonec Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\WINDOWS\system32\idmmbc.dll (Tonec Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\WINDOWS\system32\idmmbc.dll (Tonec Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\WINDOWS\system32\idmmbc.dll (Tonec Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - C:\WINDOWS\system32\idmmbc.dll (Tonec Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000022 - C:\WINDOWS\system32\idmmbc.dll (Tonec Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000023 - C:\WINDOWS\system32\idmmbc.dll (Tonec Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000024 - C:\WINDOWS\system32\idmmbc.dll (Tonec Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000025 - C:\WINDOWS\system32\idmmbc.dll (Tonec Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000026 - C:\WINDOWS\system32\idmmbc.dll (Tonec Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000027 - C:\WINDOWS\system32\idmmbc.dll (Tonec Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000028 - C:\WINDOWS\system32\idmmbc.dll (Tonec Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000029 - C:\WINDOWS\system32\idmmbc.dll (Tonec Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000030 - C:\WINDOWS\system32\idmmbc.dll (Tonec Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000031 - C:\WINDOWS\system32\idmmbc.dll (Tonec Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000032 - C:\WINDOWS\system32\idmmbc.dll (Tonec Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000033 - C:\WINDOWS\system32\idmmbc.dll (Tonec Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000034 - C:\WINDOWS\system32\idmmbc.dll (Tonec Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000035 - C:\WINDOWS\system32\idmmbc.dll (Tonec Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000036 - C:\WINDOWS\system32\idmmbc.dll (Tonec Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000037 - C:\WINDOWS\system32\idmmbc.dll (Tonec Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000038 - C:\WINDOWS\system32\idmmbc.dll (Tonec Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000039 - C:\WINDOWS\system32\idmmbc.dll (Tonec Inc.)
O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKU\S-1-5-21-1888621901-3740887602-1906341463-1006\..Trusted Domains: bobibanking.com ([www] http in Trusted sites)
O15 - HKU\S-1-5-21-1888621901-3740887602-1906341463-1006\..Trusted Domains: bobibanking.com ([www] https in Trusted sites)
O15 - HKU\S-1-5-21-1888621901-3740887602-1906341463-1006\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://fpdownload.macromedia.com/pub/shock...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {33564D57-0000-0010-8000-00AA00389B71} http://download.microsoft.com/download/F/6...922/wmv9VCM.CAB (Reg Error: Key error.)
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} http://download.bitdefender.com/resources/scan8/oscan8.cab (BDSCANONLINE Control)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.microsoft.com/windowsupdate/...b?1174633325046 (WUWebControl Class)
O16 - DPF: {814EA0DA-E0D9-4AA4-833C-A1A6D38E79E9} http://das.microsoft.com/activate/cab/x86/...tail/DASAct.cab (DASWebDownload Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {C9386579-3C0F-4713-82C6-5BA8088C7C8D} http://shared.live.com/0AWo70tq93pEHO1Wfbb....RichUpload.cab (Windows Live SkyDrive Upload Tool)
O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_13)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.112.202,85.255.112.190
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Interfaces\{4F7C0611-0610-47AF-A9BA-EED1000F3833}\\NameServer = 85.255.112.202,85.255.112.190
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Interfaces\{CC401A48-A5AA-4A4F-98B5-7018FA41E318}\\NameServer = 85.255.112.202,85.255.112.190
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Interfaces\{E9EAB7DF-E675-422E-80AC-D591AC3C7F7A}\\NameServer = 85.255.112.202,85.255.112.190
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ic32pp {BBCA9F81-8F4F-11D2-90FF-0080C83D3571} - C:\WINDOWS\wc98pp.dll ()
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files\Common Files\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files\Common Files\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Filter: - text/xml - C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL) - C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - AppInit_DLLs: (C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll) - C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll File not found
O20 - AppInit_DLLs: (avgrsstx.dll) - C:\WINDOWS\system32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL) - C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\Explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\avgrsstarter: DllName - avgrsstx.dll - C:\WINDOWS\system32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
O24 - Desktop Components:0 (الصفحة الرئيسية الحالية) - About:Home
O28 - HKLM ShellExecuteHooks: {091EB208-39DD-417D-A5DD-7E2C2D8FB9CB} - C:\Program Files\Windows Defender\MpShHook.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/05/10 20:14:35 | 00,000,255 | RHS- | M] () - C:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2001/07/27 12:07:38 | 00,000,000 | -HS- | M] () - D:\AUTOEXEC.BAT -- [ FAT32 ]
O32 - AutoRun File - [2009/05/10 20:14:36 | 00,000,406 | RHS- | M] () - D:\autorun.inf -- [ FAT32 ]
O32 - AutoRun File - [2009/05/10 20:14:35 | 00,000,345 | RHS- | M] () - F:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2009/05/10 20:14:35 | 00,000,270 | RHS- | M] () - M:\autorun.inf -- [ NTFS ]
O33 - MountPoints2\{076d7c28-f8cb-11dc-8cd3-0016d40f2e1b}\Shell - "" = AutoRun
O33 - MountPoints2\{076d7c28-f8cb-11dc-8cd3-0016d40f2e1b}\Shell\Auto\command - "" = WINDOWS
O33 - MountPoints2\{076d7c2b-f8cb-11dc-8cd3-0016d40f2e1b}\Shell\AutoRun\command - "" = m1t8ta.com
O33 - MountPoints2\{076d7c2b-f8cb-11dc-8cd3-0016d40f2e1b}\Shell\explore\Command - "" = m1t8ta.com
O33 - MountPoints2\{076d7c2b-f8cb-11dc-8cd3-0016d40f2e1b}\Shell\open\Command - "" = m1t8ta.com
O33 - MountPoints2\{076d7c2c-f8cb-11dc-8cd3-0016d40f2e1b}\Shell\AutoRun\command - "" = m1t8ta.com
O33 - MountPoints2\{076d7c2c-f8cb-11dc-8cd3-0016d40f2e1b}\Shell\explore\Command - "" = m1t8ta.com
O33 - MountPoints2\{076d7c2c-f8cb-11dc-8cd3-0016d40f2e1b}\Shell\open\Command - "" = m1t8ta.com
O33 - MountPoints2\{076d7c2d-f8cb-11dc-8cd3-0016d40f2e1b}\Shell\AutoRun\command - "" = m1t8ta.com
O33 - MountPoints2\{076d7c2d-f8cb-11dc-8cd3-0016d40f2e1b}\Shell\explore\Command - "" = m1t8ta.com
O33 - MountPoints2\{076d7c2d-f8cb-11dc-8cd3-0016d40f2e1b}\Shell\open\Command - "" = m1t8ta.com
O33 - MountPoints2\{076d7c2e-f8cb-11dc-8cd3-0016d40f2e1b}\Shell\AutoRun\command - "" = m1t8ta.com
O33 - MountPoints2\{076d7c2e-f8cb-11dc-8cd3-0016d40f2e1b}\Shell\explore\Command - "" = m1t8ta.com
O33 - MountPoints2\{076d7c2e-f8cb-11dc-8cd3-0016d40f2e1b}\Shell\open\Command - "" = m1t8ta.com
O33 - MountPoints2\{076d7c2f-f8cb-11dc-8cd3-0016d40f2e1b}\Shell\AutoRun\command - "" = m1t8ta.com
O33 - MountPoints2\{076d7c2f-f8cb-11dc-8cd3-0016d40f2e1b}\Shell\explore\Command - "" = m1t8ta.com
O33 - MountPoints2\{076d7c2f-f8cb-11dc-8cd3-0016d40f2e1b}\Shell\open\Command - "" = m1t8ta.com
O33 - MountPoints2\{076d7c30-f8cb-11dc-8cd3-0016d40f2e1b}\Shell\AutoRun\command - "" = m1t8ta.com
O33 - MountPoints2\{076d7c30-f8cb-11dc-8cd3-0016d40f2e1b}\Shell\explore\Command - "" = m1t8ta.com
O33 - MountPoints2\{076d7c30-f8cb-11dc-8cd3-0016d40f2e1b}\Shell\open\Command - "" = m1t8ta.com
O33 - MountPoints2\{076d7c3a-f8cb-11dc-8cd3-0016d40f2e1b}\Shell - "" = AutoRun
O33 - MountPoints2\{076d7c46-f8cb-11dc-8cd3-0016d40f2e1b}\Shell\Auto\command - "" = H:\RavMonE.exe -- File not found
O33 - MountPoints2\{076d7c53-f8cb-11dc-8cd3-0016d40f2e1b}\Shell\AutoRun\command - "" = H:\m1t8ta.com -- File not found
O33 - MountPoints2\{076d7c53-f8cb-11dc-8cd3-0016d40f2e1b}\Shell\explore\Command - "" = H:\m1t8ta.com -- File not found
O33 - MountPoints2\{076d7c53-f8cb-11dc-8cd3-0016d40f2e1b}\Shell\open\Command - "" = H:\m1t8ta.com -- File not found
O33 - MountPoints2\{0bff809b-85eb-11dc-8c86-0016d40f2e1b}\Shell - "" = AutoRun
O33 - MountPoints2\{0bff809b-85eb-11dc-8c86-0016d40f2e1b}\Shell\Auto\command - "" = H:\MicrosoftPowerPoint.exe -- File not found
O33 - MountPoints2\{0ea0a76c-ceef-11dc-8cba-0016d40f2e1b}\Shell - "" = AutoRun
O33 - MountPoints2\{0ea0a76c-ceef-11dc-8cba-0016d40f2e1b}\Shell\Auto\command - "" = H:\MicrosoftPowerPoint.exe -- File not found
O33 - MountPoints2\{1286ae73-356c-11de-8597-0016417ec649}\Shell - "" = AutoRun
O33 - MountPoints2\{1286ae73-356c-11de-8597-0016417ec649}\Shell\Auto\command - "" = H:\WINDOWS
O33 - MountPoints2\{15fbffff-f3b3-11db-8c3a-c8b04ce52ee7}\Shell\Auto\command - "" = RavMonE.exe e
O33 - MountPoints2\{2ccbe508-e403-11db-8c1b-0016d40f2e1b}\Shell - "" = AutoRun
O33 - MountPoints2\{2ccbe508-e403-11db-8c1b-0016d40f2e1b}\Shell\AutoRun\command - "" = H:\loaderw.exe -- File not found
O33 - MountPoints2\{2ccbe517-e403-11db-8c1b-0016d40f2e1b}\Shell\AutoRun\command - "" = .\Recycled\Driveinfo.exe
O33 - MountPoints2\{2ccbe517-e403-11db-8c1b-0016d40f2e1b}\Shell\Open\Command - "" = .\Recycled\Driveinfo.exe
O33 - MountPoints2\{3131d7e4-e663-11db-8c21-00116725af83}\Shell\AutoRun\command - "" = RavMon.exe
O33 - MountPoints2\{3469ac4d-762d-11dc-8c7b-0016d40f2e1b}\Shell - "" = AutoRun
O33 - MountPoints2\{3469ac4d-762d-11dc-8c7b-0016d40f2e1b}\Shell\Auto\command - "" = H:\MicrosoftPowerPoint.exe -- File not found
O33 - MountPoints2\{38f07754-ea9d-11dd-be85-0016d40f2e1b}\Shell\AutoRun\command - "" = H:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\windowsupdate.com -- File not found
O33 - MountPoints2\{38f07754-ea9d-11dd-be85-0016d40f2e1b}\Shell\open\command - "" = H:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\windowsupdate.com -- File not found
O33 - MountPoints2\{4d2b460a-11e2-11de-be95-0016d40f2e1b}\Shell - "" = Autorun
O33 - MountPoints2\{4d2b460a-11e2-11de-be95-0016d40f2e1b}\Shell\Open\command - "" = regsvr.exe
O33 - MountPoints2\{4fd5110a-09ea-11dd-8ce4-0016d40f2e1b}\Shell\auto\command - "" = H:\Thumbs.com -- File not found
O33 - MountPoints2\{5f1a0398-7b14-11dc-8c7e-0016d40f2e1b}\Shell - "" = Autorun
O33 - MountPoints2\{6ebdd360-309e-11de-8592-0016417ec649}\Shell - "" = AutoRun
O33 - MountPoints2\{7d64e4f9-8077-11dc-8c82-0016d40f2e1b}\Shell - "" = AutoRun
O33 - MountPoints2\{7d64e4f9-8077-11dc-8c82-0016d40f2e1b}\Shell\Auto\command - "" = J:\MicrosoftPowerPoint.exe -- File not found
O33 - MountPoints2\{8156abe1-44a9-11dc-8c6b-0016417ec649}\Shell - "" = AutoRun
O33 - MountPoints2\{8156abe1-44a9-11dc-8c6b-0016417ec649}\Shell\1\Command - "" = I:\.\RECYCLER\RECYCLER\autorun.exe -- File not found
O33 - MountPoints2\{8156abe1-44a9-11dc-8c6b-0016417ec649}\Shell\2\Command - "" = I:\.\RECYCLER\RECYCLER\autorun.exe -- File not found
O33 - MountPoints2\{8511f65a-7a3c-11dd-be4d-0016417ec649}\Shell\AutoRun\command - "" = H:\System\DriveGuard\DriveProtect.exe -- File not found
O33 - MountPoints2\{8511f65a-7a3c-11dd-be4d-0016417ec649}\Shell\Explore\Command - "" = H:\System\DriveGuard\DriveProtect.exe -- File not found
O33 - MountPoints2\{8511f65a-7a3c-11dd-be4d-0016417ec649}\Shell\Open\Command - "" = H:\System\DriveGuard\DriveProtect.exe -- File not found
O33 - MountPoints2\{8622ad6a-6de3-11dd-be42-0016d40f2e1b}\Shell\AutoRun\command - "" = H:\yg.cmd -- File not found
O33 - MountPoints2\{8622ad6a-6de3-11dd-be42-0016d40f2e1b}\Shell\explore\Command - "" = H:\yg.cmd -- File not found
O33 - MountPoints2\{8622ad6a-6de3-11dd-be42-0016d40f2e1b}\Shell\open\Command - "" = H:\yg.cmd -- File not found
O33 - MountPoints2\{9cc7b41f-186b-11de-be98-0016417ec649}\Shell - "" = AutoRun
O33 - MountPoints2\{9cc7b41f-186b-11de-be98-0016417ec649}\Shell\Auto\command - "" = WINDOWS
O33 - MountPoints2\{9fd5cba4-28a3-11de-bb53-806d6172696f}\Shell - "" = Autorun
O33 - MountPoints2\{9fd5cba4-28a3-11de-bb53-806d6172696f}\Shell\Open\command - "" = F:\RECYCLER\S-1-2-15-100021846-100015063-100013057-1390.com -- [2009/05/08 22:01:26 | 00,083,456 | RHS- | M] ()
O33 - MountPoints2\{a7ee1598-16be-11de-be97-0016d40f2e1b}\Shell - "" = Autorun
O33 - MountPoints2\{a7ee1598-16be-11de-be97-0016d40f2e1b}\Shell\Open\command - "" = M:\RECYCLER\S-1-2-15-100021846-100015063-100013057-1390.com -- [2009/05/08 22:01:26 | 00,083,456 | RHS- | M] ()
O33 - MountPoints2\{a7ee234b-16be-11de-be97-0016d40f2e1b}\Shell - "" = AutoRun
O33 - MountPoints2\{c44b9dba-fcb4-11dc-8cd5-0016d40f2e1b}\Shell - "" = AutoRun
O33 - MountPoints2\{c44b9dbf-fcb4-11dc-8cd5-0016d40f2e1b}\Shell\AutoRun\command - "" = H:\m1t8ta.com -- File not found
O33 - MountPoints2\{c44b9dbf-fcb4-11dc-8cd5-0016d40f2e1b}\Shell\explore\Command - "" = H:\m1t8ta.com -- File not found
O33 - MountPoints2\{c44b9dbf-fcb4-11dc-8cd5-0016d40f2e1b}\Shell\open\Command - "" = H:\m1t8ta.com -- File not found
O33 - MountPoints2\{c44b9dc4-fcb4-11dc-8cd5-0016d40f2e1b}\Shell - "" = AutoRun
O33 - MountPoints2\{df7cf263-2215-11dc-8c59-0016d40f2e1b}\Shell - "" = AutoRun
O33 - MountPoints2\{df7cf263-2215-11dc-8c59-0016d40f2e1b}\Shell\Auto\command - "" = H:\MicrosoftPowerPoint.exe -- File not found
O33 - MountPoints2\{e35280f0-e770-11db-8c24-0016417ec649}\Shell\AutoRun\command - "" = H:\setupSNK.exe -- File not found
O33 - MountPoints2\{f1e870f2-d861-11db-873e-806d6172696f}\Shell - "" = Autorun
O33 - MountPoints2\{f1e870f2-d861-11db-873e-806d6172696f}\Shell\Open\command - "" = C:\RECYCLER\S-1-2-15-100021846-100015063-100013057-1390.com -- [2009/05/08 22:01:26 | 00,083,456 | RHS- | M] ()
O33 - MountPoints2\{f1e870f3-d861-11db-873e-806d6172696f}\Shell - "" = Autorun
O33 - MountPoints2\{f1e870f3-d861-11db-873e-806d6172696f}\Shell\Open\command - "" = D:\RECYCLER\S-1-2-15-100021846-100015063-100013057-1390.com -- [2009/05/08 22:01:26 | 00,083,456 | RHS- | M] ()
O33 - MountPoints2\{f8ff31ec-edc0-11dc-8cd1-0016d40f2e1b}\Shell\AutoRun\command - "" = H:\m1t8ta.com -- File not found
O33 - MountPoints2\{f8ff31ec-edc0-11dc-8cd1-0016d40f2e1b}\Shell\explore\Command - "" = H:\m1t8ta.com -- File not found
O33 - MountPoints2\{f8ff31ec-edc0-11dc-8cd1-0016d40f2e1b}\Shell\open\Command - "" = H:\m1t8ta.com -- File not found
O33 - MountPoints2\C\Shell - "" = Autorun
O33 - MountPoints2\C\Shell\Open\command - "" = C:\RECYCLER\S-1-2-15-100021846-100015063-100013057-1390.com -- [2009/05/08 22:01:26 | 00,083,456 | RHS- | M] ()
O33 - MountPoints2\D\Shell - "" = Autorun
O33 - MountPoints2\D\Shell\Open\command - "" = D:\RECYCLER\S-1-2-15-100021846-100015063-100013057-1390.com -- [2009/05/08 22:01:26 | 00,083,456 | RHS- | M] ()
O33 - MountPoints2\F\Shell - "" = Autorun
O33 - MountPoints2\F\Shell\Open\command - "" = F:\RECYCLER\S-1-2-15-100021846-100015063-100013057-1390.com -- [2009/05/08 22:01:26 | 00,083,456 | RHS- | M] ()
O33 - MountPoints2\M\Shell - "" = Autorun
O33 - MountPoints2\M\Shell\Open\command - "" = M:\RECYCLER\S-1-2-15-100021846-100015063-100013057-1390.com -- [2009/05/08 22:01:26 | 00,083,456 | RHS- | M] ()
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\WINDOWS\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (/p) - File not found
O34 - HKLM BootExecute: (\??\C:) - File not found
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\WINDOWS\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - File not found

========== Files/Folders - Created Within 30 Days ==========

[1 C:\Documents and Settings\Mustali.PC327926515751\سطح المكتب\*.tmp files]
[2009/05/10 21:52:22 | 10,633,74848 | -HS- | C] () -- C:\hiberfil.sys
[2009/05/10 21:18:43 | 00,001,741 | ---- | C] () -- C:\Documents and Settings\Mustali.PC327926515751\سطح المكتب\HijackThis.lnk
[2009/05/10 21:18:43 | 00,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2009/05/09 20:36:46 | 00,000,255 | RHS- | C] () -- C:\autorun.inf
[2009/05/09 19:03:32 | 00,000,677 | ---- | C] () -- C:\Documents and Settings\All Users\سطح المكتب\Autorun Eater.lnk
[2009/05/09 19:03:31 | 00,000,000 | ---D | C] -- C:\Program Files\Autorun Eater
[2009/05/09 19:03:15 | 01,335,310 | ---- | C] (Old McDonald's Farm) -- C:\Documents and Settings\Mustali.PC327926515751\سطح المكتب\aesetup2.3.exe
[2009/05/09 16:45:34 | 00,000,082 | ---- | C] () -- C:\Documents and Settings\Mustali.PC327926515751\My Documents\Sakina.KUN
[2009/05/09 16:37:09 | 00,118,784 | ---- | C] (Microsoft Corporation) -- C:\Documents and Settings\Mustali.PC327926515751\سطح المكتب\msstdfmt.dll
[2009/05/09 11:38:06 | 00,081,051 | ---- | C] () -- C:\Documents and Settings\Mustali.PC327926515751\My Documents\sevencreations.asp.htm
[2009/05/09 11:38:06 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Mustali.PC327926515751\My Documents\sevencreations.asp_files
[2009/05/09 06:23:35 | 00,007,190 | ---- | C] () -- C:\Documents and Settings\Mustali.PC327926515751\My Documents\Update_Patch_1.2.dld
[2009/05/08 13:00:04 | 00,012,917 | ---- | C] () -- C:\Documents and Settings\Mustali.PC327926515751\سطح المكتب\Adobe_Indesign_CS4_ME.4728403.TPB.torrent
[2009/05/08 12:43:54 | 00,000,000 | ---D | C] -- C:\Program Files\VirtualFem
[2009/05/08 12:36:40 | 00,000,000 | ---D | C] -- C:\Program Files\Erosgames
[2009/05/08 12:00:00 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Mustali.PC327926515751\Application Data\MozillaControl
[2009/05/08 11:58:07 | 00,000,000 | ---D | C] -- C:\Program Files\'Full Speed' Internet Booster + Performance Tests
[2009/05/07 18:45:25 | 00,049,664 | ---- | C] () -- C:\Documents and Settings\Mustali.PC327926515751\سطح المكتب\mumbai tkt.doc
[2009/05/07 16:27:16 | 00,013,824 | ---- | C] () -- C:\Documents and Settings\Mustali.PC327926515751\سطح المكتب\BHOPAL.xls
[2009/05/07 11:53:02 | 00,312,665 | ---- | C] () -- C:\Documents and Settings\Mustali.PC327926515751\سطح المكتب\Bhopal Madrasa1.jpg
[2009/05/07 11:51:53 | 00,276,737 | ---- | C] () -- C:\Documents and Settings\Mustali.PC327926515751\سطح المكتب\Bhopal Madrasa.jpg
[2009/05/07 11:46:26 | 00,181,865 | ---- | C] () -- C:\Documents and Settings\Mustali.PC327926515751\سطح المكتب\1234.jpg
[2009/05/07 11:32:23 | 00,200,143 | ---- | C] () -- C:\Documents and Settings\Mustali.PC327926515751\سطح المكتب\new member in existing comm.jpg
[2009/05/07 06:29:43 | 00,230,400 | ---- | C] () -- C:\Documents and Settings\Mustali.PC327926515751\سطح المكتب\CS4_KeyGen.exe
[2009/05/03 16:23:22 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Mustali.PC327926515751\Application Data\HotzAdam
[2009/05/03 15:45:19 | 00,070,278 | ---- | C] () -- C:\Documents and Settings\Mustali.PC327926515751\سطح المكتب\misal 133.jpg
[2009/05/03 15:26:25 | 00,044,032 | ---- | C] () -- C:\Documents and Settings\Mustali.PC327926515751\سطح المكتب\Faculty_Load_rev_1.xls
[2009/05/03 15:26:09 | 00,025,600 | ---- | C] () -- C:\Documents and Settings\Mustali.PC327926515751\سطح المكتب\Report on New Session 2009.doc
[2009/05/02 15:14:16 | 02,590,123 | ---- | C] () -- C:\Documents and Settings\Mustali.PC327926515751\سطح المكتب\Tulul Umr.jpg
[2009/05/01 04:22:40 | 00,015,592 | ---- | C] () -- C:\Documents and Settings\Mustali.PC327926515751\سطح المكتب\Nisaab Border1.wmf
[2009/05/01 01:19:57 | 02,537,710 | ---- | C] () -- C:\Documents and Settings\All Users\Documents\Calender30-31.pdf
[2009/04/30 21:15:07 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Documents\semi finals only
[2009/04/30 21:14:10 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Mustali.PC327926515751\سطح المكتب\semi finals only
[2009/04/30 21:10:51 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Mustali.PC327926515751\سطح المكتب\Teachers text_letter Size_checked files
[2009/04/30 21:10:03 | 00,146,432 | ---- | C] () -- C:\Documents and Settings\Mustali.PC327926515751\سطح المكتب\Takhteet 5 to 10 1430.xls
[2009/04/30 17:12:53 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Documents\ver-6
[2009/04/30 02:33:12 | 00,261,056 | ---- | C] () -- C:\Documents and Settings\All Users\Documents\Malaf CP].jpg
[2009/04/30 01:55:44 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Mustali.PC327926515751\سطح المكتب\version-6
[2009/04/30 01:31:28 | 00,823,920 | ---- | C] (PUSH Entertainment ) -- C:\Documents and Settings\All Users\Documents\WateryDesktop3D_setup.exe
[2009/04/29 19:51:28 | 01,415,680 | ---- | C] () -- C:\Documents and Settings\All Users\Documents\10 th-teacher-ver5.doc
[2009/04/29 14:49:51 | 00,021,045 | ---- | C] () -- C:\Documents and Settings\Mustali.PC327926515751\سطح المكتب\Picture5.jpg
[2009/04/29 14:48:59 | 00,373,792 | ---- | C] () -- C:\Documents and Settings\Mustali.PC327926515751\سطح المكتب\Picture4.emf
[2009/04/29 14:47:25 | 00,250,928 | ---- | C] () -- C:\Documents and Settings\Mustali.PC327926515751\سطح المكتب\Picture3.wmf
[2009/04/29 14:46:33 | 00,019,645 | ---- | C] () -- C:\Documents and Settings\Mustali.PC327926515751\سطح المكتب\Picture2.jpg
[2009/04/29 14:45:28 | 00,373,744 | ---- | C] () -- C:\Documents and Settings\Mustali.PC327926515751\سطح المكتب\Picture1.wmf
[2009/04/29 12:56:44 | 00,668,160 | ---- | C] () -- C:\Documents and Settings\All Users\Documents\10 th-ver4 without- suwaal update.doc
[2009/04/29 12:11:04 | 00,081,920 | ---- | C] () -- C:\Documents and Settings\Mustali.PC327926515751\سطح المكتب\Assessment Criteria 5 to 10 1430.doc
[2009/04/29 11:18:06 | 00,774,144 | ---- | C] () -- C:\Documents and Settings\Mustali.PC327926515751\سطح المكتب\10 th-ver3.doc
[2009/04/29 11:07:51 | 00,977,920 | ---- | C] () -- C:\Documents and Settings\Mustali.PC327926515751\سطح المكتب\Ashera_Adab_only.doc
[2009/04/29 03:17:10 | 00,144,384 | ---- | C] () -- C:\Documents and Settings\Mustali.PC327926515751\سطح المكتب\نسخ من Takhteet 5 to 10 1430.xls
[2009/04/29 02:31:04 | 02,056,704 | ---- | C] () -- C:\Documents and Settings\Mustali.PC327926515751\سطح المكتب\نسخ (2) من 8th-Teacher-ver5-Correction_Checked.doc
[2009/04/29 02:10:47 | 01,857,536 | ---- | C] () -- C:\Documents and Settings\Mustali.PC327926515751\سطح المكتب\نسخ من 8th-Teacher-ver5-Correction_Checked.doc
[2009/04/29 02:01:24 | 00,000,253 | ---- | C] () -- C:\Documents and Settings\Mustali.PC327926515751\سطح المكتب\clip_image002.gif
[2009/04/29 01:36:56 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Mustali.PC327926515751\سطح المكتب\AHDAAF1_10
[2009/04/29 01:33:46 | 00,000,162 | -H-- | C] () -- C:\Documents and Settings\Mustali.PC327926515751\سطح المكتب\~$h-Teacher-ver5-Correction_Checked.doc
[2009/04/29 01:33:42 | 02,089,472 | ---- | C] () -- C:\Documents and Settings\Mustali.PC327926515751\سطح المكتب\8th-Teacher-ver5-Correction_Checked.doc
[2009/04/29 01:33:08 | 01,803,264 | ---- | C] () -- C:\Documents and Settings\Mustali.PC327926515751\سطح المكتب\Tasea_child_ver2.doc
[2009/04/29 01:33:05 | 02,482,176 | ---- | C] () -- C:\Documents and Settings\Mustali.PC327926515751\سطح المكتب\Samena_child_ver2.doc
[2009/04/29 01:23:48 | 00,034,816 | ---- | C] () -- C:\Documents and Settings\Mustali.PC327926515751\سطح المكتب\10fehris-akhbaar.doc
[2009/04/28 16:48:48 | 00,018,292 | ---- | C] () -- C:\Documents and Settings\All Users\Documents\mohd_workshop.pdf
[2009/04/28 16:48:36 | 13,552,358 | ---- | C] () -- C:\Documents and Settings\All Users\Documents\7th-teacher-ver5.pdf
[2009/04/28 16:45:03 | 13,552,358 | ---- | C] () -- C:\Documents and Settings\Mustali.PC327926515751\سطح المكتب\7th-teacher-ver5.pdf
[2009/04/28 13:09:33 | 00,042,496 | ---- | C] () -- C:\Documents and Settings\All Users\Documents\عزاداران حسين.doc
[2009/04/28 12:34:50 | 00,157,393 | ---- | C] () -- C:\Documents and Settings\Mustali.PC327926515751\سطح المكتب\Output.pdf
[2009/04/28 11:30:10 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Mustali.PC327926515751\سطح المكتب\from sh moiz bhai
[2009/04/27 13:12:33 | 17,136,197 | ---- | C] () -- C:\Documents and Settings\All Users\Documents\6th-teacher-ver5.pdf
[2009/04/27 13:10:48 | 17,136,197 | ---- | C] () -- C:\Documents and Settings\Mustali.PC327926515751\سطح المكتب\6th-teacher-ver5.pdf
[2009/04/27 10:49:19 | 01,008,128 | ---- | C] () -- C:\Documents and Settings\Mustali.PC327926515751\سطح المكتب\Sabea LD Very New.doc
[2009/04/26 22:30:06 | 17,654,338 | ---- | C] () -- C:\Documents and Settings\All Users\Documents\5th-teacher-ver5.pdf
[2009/04/26 22:07:51 | 17,654,338 | ---- | C] () -- C:\Documents and Settings\Mustali.PC327926515751\سطح المكتب\5th-teacher-ver5.pdf
[2009/04/26 21:03:29 | 00,551,336 | ---- | C] () -- C:\Documents and Settings\All Users\Documents\flashlite2_1_symbian_s60V3.SIS
[2009/04/26 16:35:05 | 01,701,376 | ---- | C] () -- C:\Documents and Settings\Mustali.PC327926515751\سطح المكتب\Sabea_adab check.doc
[2009/04/26 16:23:49 | 00,000,162 | -H-- | C] () -- C:\Documents and Settings\All Users\Documents\~$ris ni riwayat.doc
[2009/04/26 16:17:33 | 00,035,328 | ---- | C] () -- C:\Documents and Settings\All Users\Documents\haris ni riwayat.doc
[2009/04/26 16:13:08 | 01,104,896 | ---- | C] () -- C:\Documents and Settings\Mustali.PC327926515751\سطح المكتب\clipatrs.doc
[2009/04/26 15:43:15 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Mustali.PC327926515751\سطح المكتب\husainkarjat
[2009/04/26 11:37:26 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Mustali.PC327926515751\سطح المكتب\to sh moiz bhai
[2009/04/26 09:59:48 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Documents\Version-5
[2009/04/26 01:57:55 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Mustali.PC327926515751\سطح المكتب\نسخ من Version-5
[2009/04/25 22:08:52 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Mustali.PC327926515751\سطح المكتب\Version-5
[2009/04/25 21:31:40 | 00,001,769 | ---- | C] () -- C:\Documents and Settings\All Users\سطح المكتب\Adobe Audition 2.0.lnk
[2009/04/25 15:34:33 | 00,004,566 | ---- | C] () -- C:\WINDOWS\imsins.BAK
[2009/04/25 14:26:30 | 02,593,684 | ---- | C] () -- C:\Documents and Settings\All Users\Documents\7th lisaan.pdf
[2009/04/25 13:30:46 | 05,161,001 | ---- | C] () -- C:\Documents and Settings\All Users\Documents\5th- lisaan.pdf
[2009/04/25 10:48:42 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Mustali.PC327926515751\سطح المكتب\lisanu dawat 5,6,7 new
[2009/04/25 10:46:48 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Mustali.PC327926515751\سطح المكتب\question checked
[2009/04/25 10:41:01 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Documents\question checked
[2009/04/25 09:41:12 | 00,063,488 | ---- | C] () -- C:\Documents and Settings\All Users\Documents\ملف مؤقت.shs
[2009/04/25 09:11:58 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Documents\lisanu dawat 5,6,7 new
[2009/04/24 23:24:03 | 00,000,687 | ---- | C] () -- C:\Documents and Settings\Mustali.PC327926515751\سطح المكتب\Effel's Arabic Dictionary.lnk
[2009/04/24 23:24:02 | 00,000,000 | ---D | C] -- C:\Program Files\Arab
[2009/04/24 22:24:10 | 00,595,456 | ---- | C] () -- C:\Documents and Settings\All Users\Documents\10 th-ver3.doc
[2009/04/24 17:29:13 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Documents\Attalim Fonts
[2009/04/24 17:28:17 | 00,111,984 | ---- | C] () -- C:\Documents and Settings\All Users\Documents\burhani.ttf
[2009/04/24 12:14:55 | 00,159,281 | ---- | C] () -- C:\Documents and Settings\All Users\Documents\zikr ud dukhul bin nisa.pdf
[2009/04/24 10:18:08 | 00,000,540 | ---- | C] () -- C:\Documents and Settings\Mustali.PC327926515751\سطح المكتب\Husain bhai baramati wala على 192.168.1.22.lnk
[2009/04/24 10:17:05 | 00,030,208 | ---- | C] () -- C:\Documents and Settings\Mustali.PC327926515751\سطح المكتب\Tuffah Zikr for Huzefa bs.doc
[2009/04/24 09:54:22 | 00,051,200 | ---- | C] () -- C:\Documents and Settings\All Users\Documents\Document Scrap 'مولانا علي...'.shs
[2009/04/23 16:44:36 | 00,159,281 | ---- | C] () -- C:\Documents and Settings\Mustali.PC327926515751\سطح المكتب\zikr ud dukhul bin nisa.pdf
[2009/04/23 00:15:40 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Documents\sabea
[2009/04/22 20:49:26 | 04,324,638 | ---- | C] () -- C:\Documents and Settings\Mustali.PC327926515751\سطح المكتب\5th-45to79.pdf
[2009/04/22 00:15:46 | 01,946,624 | ---- | C] () -- C:\Documents and Settings\All Users\Documents\Sadesa.doc
[2009/04/21 21:39:31 | 00,029,696 | ---- | C] () -- C:\Documents and Settings\Mustali.PC327926515751\سطح المكتب\syedna dawood riwayat.doc
[2009/04/20 23:36:40 | 00,000,623 | ---- | C] () -- C:\Documents and Settings\Mustali.PC327926515751\سطح المكتب\NetMeeting.lnk
[2009/04/20 16:10:46 | 04,600,033 | ---- | C] () -- C:\Documents and Settings\Mustali.PC327926515751\سطح المكتب\8th-teacher-ver-4.rar
[2009/04/20 15:35:20 | 00,000,000 | R--D | C] -- C:\Documents and Settings\Mustali.PC327926515751\سطح المكتب\ATTALIM على abdulmalku (Abdulmalku)
[2009/04/20 14:06:13 | 15,520,355 | ---- | C] () -- C:\Documents and Settings\Mustali.PC327926515751\سطح المكتب\8th-teacher-ver-4.pdf
[2009/04/19 20:37:41 | 00,080,570 | ---- | C] () -- C:\Documents and Settings\Mustali.PC327926515751\سطح المكتب\Madeh by Mansoorali Hashmi.pdf
[2009/04/19 20:08:25 | 00,040,448 | ---- | C] () -- C:\Documents and Settings\Mustali.PC327926515751\سطح المكتب\فخر تقدیر ھے.doc
[2009/04/19 20:08:25 | 00,038,912 | ---- | C] () -- C:\Documents and Settings\Mustali.PC327926515751\سطح المكتب\Backup of فخر تقدیر ھے.wbk
[2009/04/19 09:28:47 | 00,227,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiprvse.exe
[2009/04/19 09:28:46 | 00,283,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pdh.dll
[2009/04/19 09:28:46 | 00,110,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\services.exe
[2009/04/19 09:28:45 | 00,723,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lsasrv.dll
[2009/04/19 09:28:45 | 00,681,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\advapi32.dll
[2009/04/19 09:28:45 | 00,473,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fastprox.dll
[2009/04/19 09:28:45 | 00,401,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rpcss.dll
[2009/04/19 09:28:45 | 00,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sc.exe
[2009/04/19 09:28:44 | 00,693,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntdll.dll
[2009/04/19 09:28:44 | 00,453,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiprvsd.dll
[2009/04/18 18:03:08 | 00,002,112 | ---- | C] () -- C:\Documents and Settings\Mustali.PC327926515751\My Documents\shajarat syedna qutbuddin RA.gno
[2009/04/18 12:48:58 | 00,000,000 | ---D | C] -- C:\Program Files\Freelang Dictionary
[2009/04/17 23:07:28 | 01,203,922 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sysmain.sdb
[2009/04/17 23:07:28 | 00,215,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wordpad.exe
[2009/04/17 22:55:39 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Documents\Std VI
[2009/04/17 22:55:05 | 00,026,112 | ---- | C] () -- C:\Documents and Settings\All Users\Documents\Document Scrap 'خيال راكهسس_...'.shs
[2009/04/17 20:16:22 | 02,537,710 | ---- | C] () -- C:\Documents and Settings\Mustali.PC327926515751\سطح المكتب\Calender30-31.pdf
[2009/04/17 19:47:23 | 00,037,620 | ---- | C] () -- C:\Documents and Settings\Mustali.PC327926515751\سطح المكتب\calendr.pdf
[2009/04/17 02:18:57 | 00,000,365 | ---- | C] () -- C:\Documents and Settings\Mustali.PC327926515751\سطح المكتب\EasyRecovery Professional.lnk
[2009/04/17 02:18:41 | 00,000,000 | ---D | C] -- C:\Program Files\Ontrack
[2009/04/14 02:00:28 | 00,000,870 | RH-- | C] () -- C:\WINDOWS\EPMBatch.ept
[2009/04/13 09:31:54 | 00,001,972 | ---- | C] () -- C:\Documents and Settings\All Users\سطح المكتب\Watery Desktop 3D.lnk
[2009/04/13 09:31:53 | 00,838,144 | ---- | C] () -- C:\WINDOWS\WATERYDS.SCR
[2009/04/13 09:31:53 | 00,069,120 | ---- | C] (PUSH Entertainment) -- C:\WINDOWS\WateryDesktop_vista.dll
[2009/04/13 09:31:53 | 00,053,248 | ---- | C] (PUSH Entertainment) -- C:\WINDOWS\WateryDesktop_xp.dll
[2009/04/13 09:31:53 | 00,000,000 | ---D | C] -- C:\Program Files\PUSH Entertainment
[2009/04/11 17:09:02 | 00,287,232 | ---- | C] () -- C:\Documents and Settings\All Users\Documents\6-teacher-formatted.doc
[2009/03/22 14:33:49 | 00,472,064 | ---- | C] () -- C:\WINDOWS\System32\NTFSFormat.dll
[2009/03/22 14:33:49 | 00,180,736 | ---- | C] () -- C:\WINDOWS\System32\DeviceManager.dll
[2009/03/22 14:33:49 | 00,139,776 | ---- | C] () -- C:\WINDOWS\System32\NTFSCopy.dll
[2009/03/22 14:33:49 | 00,093,184 | ---- | C] () -- C:\WINDOWS\System32\Partition.dll
[2009/03/22 14:33:49 | 00,086,528 | ---- | C] () -- C:\WINDOWS\System32\NTFSLib.dll
[2009/03/22 14:33:49 | 00,086,016 | ---- | C] () -- C:\WINDOWS\System32\ResizeNTFS.dll
[2009/03/22 14:33:49 | 00,068,096 | ---- | C] () -- C:\WINDOWS\System32\Device.dll
[2009/03/22 14:33:49 | 00,065,536 | ---- | C] () -- C:\WINDOWS\System32\FatCopy.dll
[2009/03/22 14:33:49 | 00,061,952 | ---- | C] () -- C:\WINDOWS\System32\FatResizeMove.dll
[2009/03/22 14:33:49 | 00,045,568 | ---- | C] () -- C:\WINDOWS\System32\FileSystemCheck.dll
[2009/03/22 14:33:49 | 00,031,744 | ---- | C] () -- C:\WINDOWS\System32\FatLib.dll
[2009/03/22 14:33:49 | 00,025,088 | ---- | C] () -- C:\WINDOWS\System32\FATFileSystemAnalyser.dll
[2009/03/22 14:33:49 | 00,024,576 | ---- | C] () -- C:\WINDOWS\System32\NTFSFileSystemAnalyser.dll
[2009/03/22 14:33:49 | 00,022,016 | ---- | C] () -- C:\WINDOWS\System32\FatFormat.dll
[2009/03/22 14:33:49 | 00,021,504 | ---- | C] () -- C:\WINDOWS\System32\Fixup.dll
[2009/03/22 14:33:49 | 00,017,920 | ---- | C] () -- C:\WINDOWS\System32\SectorCopy.dll
[2009/03/22 14:33:49 | 00,014,848 | ---- | C] () -- C:\WINDOWS\System32\FileSystemAnalyser.dll
[2009/03/22 14:33:49 | 00,014,848 | ---- | C] () -- C:\WINDOWS\System32\EuEpmGdi.dll
[2009/03/22 14:33:49 | 00,010,752 | ---- | C] () -- C:\WINDOWS\System32\DeviceAdapter.dll
[2009/03/22 14:33:49 | 00,008,704 | ---- | C] () -- C:\WINDOWS\System32\epmntdrv.sys
[2009/03/22 14:33:49 | 00,006,656 | ---- | C] () -- C:\WINDOWS\System32\CallbackOperator.dll
[2009/03/22 14:33:49 | 00,003,072 | ---- | C] () -- C:\WINDOWS\System32\EuGdiDrv.sys
[2008/08/19 17:56:35 | 00,000,000 | RHS- | C] () -- C:\WINDOWS\System32\setting.ini
[2008/08/19 17:18:26 | 00,000,096 | RHS- | C] () -- C:\WINDOWS\System32\setup.ini
[2008/05/31 15:11:22 | 00,000,145 | ---- | C] () -- C:\WINDOWS\Eudcedit.ini
[2008/05/30 07:11:00 | 00,034,308 | ---- | C] () -- C:\WINDOWS\System32\bassmod.dll
[2008/05/06 18:03:14 | 00,124,675 | ---- | C] () -- C:\WINDOWS\System32\toilet2.dll
[2008/04/02 21:26:36 | 00,053,248 | ---- | C] () -- C:\WINDOWS\System32\suppdll.dll
[2008/04/02 21:26:36 | 00,035,363 | ---- | C] () -- C:\WINDOWS\System32\windrvNT.sys
[2008/03/27 09:37:17 | 00,106,496 | ---- | C] () -- C:\WINDOWS\System32\VSHP1020.DLL
[2008/03/21 14:32:12 | 00,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2008/01/26 10:39:08 | 00,040,960 | ---- | C] () -- C:\WINDOWS\System32\IPPCPUID.DLL
[2008/01/26 10:38:45 | 00,011,776 | ---- | C] () -- C:\WINDOWS\System32\pmsbfn32.dll
[2008/01/26 10:37:31 | 00,000,419 | ---- | C] () -- C:\WINDOWS\MAXLINK.INI
[2008/01/26 10:19:19 | 00,000,332 | ---- | C] () -- C:\WINDOWS\System32\CNCMFP23.INI
[2007/11/24 22:09:12 | 00,004,518 | ---- | C] () -- C:\WINDOWS\System32\drivers\U3SHLPDR200.SYS
[2007/10/25 10:26:48 | 00,000,453 | ---- | C] () -- C:\WINDOWS\bdoscandellang.ini
[2007/07/02 11:43:40 | 00,051,712 | ---- | C] () -- C:\WINDOWS\wc98pp.dll
[2007/06/30 17:34:31 | 00,007,680 | ---- | C] () -- C:\WINDOWS\System32\CNMVS6e.DLL
[2007/06/18 19:54:26 | 00,118,784 | ---- | C] () -- C:\WINDOWS\System32\pdfmona.dll
[2007/06/18 19:54:26 | 00,051,716 | ---- | C] () -- C:\WINDOWS\System32\pdf995mon.dll
[2007/04/05 22:18:50 | 00,053,248 | ---- | C] () -- C:\WINDOWS\System32\zlib.dll
[2007/04/01 22:25:42 | 00,000,008 | ---- | C] () -- C:\WINDOWS\ctrdmrd3.ini
[2007/04/01 22:21:03 | 00,000,008 | ---- | C] () -- C:\WINDOWS\spobuffx.ini
[2007/04/01 16:54:29 | 00,000,009 | ---- | C] () -- C:\WINDOWS\winxfigt.ini
[2007/03/29 23:00:40 | 00,203,264 | R--- | C] () -- C:\WINDOWS\System32\CddbCdda.dll
[2007/03/22 19:34:22 | 00,176,235 | ---- | C] () -- C:\WINDOWS\System32\Primomonnt.dll
[2007/03/22 19:34:22 | 00,000,268 | ---- | C] () -- C:\WINDOWS\primopdf.ini
[2007/03/22 18:19:13 | 00,131,072 | ---- | C] () -- C:\WINDOWS\System32\P2SODBC.DLL
[2007/03/22 18:19:13 | 00,054,272 | ---- | C] () -- C:\WINDOWS\System32\P2IRDAO.DLL
[2007/03/22 18:19:13 | 00,050,176 | ---- | C] () -- C:\WINDOWS\System32\P2CTDAO.DLL
[2007/03/22 18:19:13 | 00,036,352 | ---- | C] () -- C:\WINDOWS\System32\P2BBND.DLL
[2007/03/22 18:19:13 | 00,018,944 | ---- | C] ( ) -- C:\WINDOWS\System32\IMPLODE.DLL
[2007/03/22 18:19:08 | 00,193,024 | ---- | C] () -- C:\WINDOWS\System32\CO2C40EN.DLL
[2007/03/22 16:07:18 | 00,192,512 | ---- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4670.dll
[2007/03/22 15:14:45 | 00,172,032 | ---- | C] () -- C:\WINDOWS\System32\tifmicon.dll
[2007/03/19 11:47:48 | 00,000,000 | ---- | C] () -- C:\WINDOWS\CPC10QA4.INI
[2007/03/16 15:13:10 | 00,000,004 | ---- | C] () -- C:\WINDOWS\info147.sys
[2007/03/16 14:51:16 | 00,001,005 | ---- | C] () -- C:\WINDOWS\ARPR.INI
[2007/03/14 11:42:32 | 00,003,469 | ---- | C] () -- C:\WINDOWS\e-diary.ini
[2007/03/03 20:40:16 | 00,000,176 | ---- | C] () -- C:\WINDOWS\CTReg.ini
[2007/03/03 15:36:40 | 00,000,107 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2007/02/13 12:49:45 | 00,000,000 | ---- | C] () -- C:\WINDOWS\nsrex.INI
[2007/02/12 18:14:21 | 00,000,182 | ---- | C] () -- C:\WINDOWS\3DHOME.INI
[2007/02/10 18:00:49 | 00,000,000 | ---- | C] () -- C:\WINDOWS\aeditor.INI
[2007/02/10 18:00:33 | 00,000,330 | ---- | C] () -- C:\WINDOWS\ULEAD32.INI
[2007/02/10 17:58:31 | 00,000,087 | ---- | C] () -- C:\WINDOWS\dswplug.ini
[2007/02/09 21:23:34 | 00,001,555 | ---- | C] () -- C:\WINDOWS\ata live update.ini
[2007/02/08 13:58:00 | 00,049,540 | ---- | C] () -- C:\WINDOWS\rxvcrt.dll
[2007/02/04 00:22:16 | 00,000,029 | ---- | C] () -- C:\WINDOWS\baby.ini
[2007/02/04 00:18:56 | 00,000,085 | ---- | C] () -- C:\WINDOWS\SYMGAMES.INI
[2007/02/04 00:09:29 | 00,000,368 | ---- | C] () -- C:\WINDOWS\EMICLOCK.INI
[2007/02/04 00:03:10 | 00,000,137 | ---- | C] () -- C:\WINDOWS\iridium.ini
[2007/01/30 18:05:55 | 00,000,049 | ---- | C] () -- C:\WINDOWS\wpd99.drv
[2007/01/30 18:05:42 | 00,000,028 | ---- | C] () -- C:\WINDOWS\pdf995.ini
[2007/01/20 16:24:18 | 00,001,745 | ---- | C] () -- C:\WINDOWS\quran.ini
[2006/11/22 08:24:17 | 00,000,093 | ---- | C] () -- C:\WINDOWS\HOMUTIL.INI
[2006/11/20 08:15:35 | 00,000,207 | ---- | C] () -- C:\WINDOWS\POD.INI
[2006/11/19 19:52:32 | 00,000,000 | ---- | C] () -- C:\WINDOWS\drgprop.INI
[2006/11/19 18:23:39 | 00,000,000 | ---- | C] () -- C:\WINDOWS\PROTOCOL.INI
[2006/11/19 18:23:08 | 00,000,794 | ---- | C] () -- C:\WINDOWS\Classic.ini
[2006/11/19 17:38:00 | 00,000,775 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2006/11/17 11:34:40 | 00,091,848 | ---- | C] () -- C:\WINDOWS\HPBroker.dll
[2006/11/16 15:20:17 | 00,000,145 | ---- | C] () -- C:\WINDOWS\Crypkey.ini
[2006/11/16 15:20:04 | 00,018,432 | ---- | C] () -- C:\WINDOWS\Setup_ck.dll
[2006/11/15 17:14:01 | 00,000,027 | ---- | C] () -- C:\WINDOWS\SmartAudio.INI
[2006/10/11 14:05:08 | 00,221,184 | ---- | C] () -- C:\WINDOWS\System32\GTTunerCard.dll
[2006/05/23 02:03:30 | 00,027,186 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2006/03/28 09:38:52 | 00,000,227 | ---- | C] () -- C:\WINDOWS\system.ini
[2006/03/28 07:47:00 | 00,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2006/03/28 07:10:14 | 00,000,056 | ---- | C] () -- C:\WINDOWS\WININIT.INI
[2006/03/28 06:49:08 | 00,001,199 | ---- | C] () -- C:\WINDOWS\win.ini
[2006/02/27 16:51:36 | 00,090,112 | ---- | C] () -- C:\WINDOWS\System32\btprn2k.dll
[2005/12/02 23:39:10 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2004/12/05 13:30:20 | 00,081,920 | ---- | C] () -- C:\WINDOWS\System32\Hijri32.dll
[2003/10/01 19:21:42 | 00,029,414 | ---- | C] () -- C:\WINDOWS\System32\CKLDRV.SYS
[2003/06/28 14:34:20 | 00,069,707 | ---- | C] () -- C:\WINDOWS\System32\DISP_OPT1.dll
[2003/01/07 15:05:08 | 00,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2002/12/24 15:51:00 | 01,533,952 | ---- | C] () -- C:\WINDOWS\System32\Klk79.dll
[2002/12/24 15:51:00 | 00,818,688 | ---- | C] () -- C:\WINDOWS\System32\K2KLOC.dll
[2002/12/24 15:51:00 | 00,741,888 | ---- | C] () -- C:\WINDOWS\System32\K2KRMT.dll
[2002/05/15 22:29:04 | 00,000,607 | ---- | C] () -- C:\WINDOWS\System32\BTNeighborhood.dll.manifest
[2001/12/18 11:10:40 | 00,000,651 | ---- | C] () -- C:\WINDOWS\wafi2000.ini
[2001/11/23 17:18:00 | 00,000,597 | ---- | C] () -- C:\WINDOWS\System32\btcss.dll.manifest
[2001/11/14 12:56:00 | 01,802,240 | ---- | C] () -- C:\WINDOWS\System32\lcppn21.dll
[1996/02/24 03:04:48 | 00,014,629 | ---- | C] () -- C:\WINDOWS\System32\Declw.dll
[1996/02/23 00:39:20 | 00,032,256 | ---- | C] () -- C:\WINDOWS\System32\Decln.dll

========== Files - Modified Within 30 Days ==========

[23 C:\WINDOWS\System32\*.tmp files]
[2 C:\WINDOWS\*.tmp files]
[1 C:\Documents and Settings\Mustali.PC327926515751\سطح المكتب\*.tmp files]
[2009/05/10 21:53:59 | 00,001,803 | ---- | M] () -- C:\hpqp.ini
[2009/05/10 21:53:57 | 00,000,040 | ---- | M] () -- C:\XP_TV.ini
[2009/05/10 21:53:38 | 00,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2009/05/10 21:53:31 | 00,000,062 | -HS- | M] () -- C:\Documents and Settings\Mustali.PC327926515751\Local Settings\desktop.ini
[2009/05/10 21:52:36 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009/05/10 21:52:25 | 00,803,784 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2009/05/10 21:52:22 | 10,633,74848 | -HS- | M] () -- C:\hiberfil.sys
[2009/05/10 21:39:34 | 00,086,528 | -HS- | M] () -- C:\Documents and Settings\Mustali.PC327926515751\سطح المكتب\Thumbs.db
[2009/05/10 21:39:32 | 00,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2009/05/10 21:29:10 | 00,965,612 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2009/05/10 21:29:10 | 00,438,576 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2009/05/10 21:29:10 | 00,374,118 | ---- | M] () -- C:\WINDOWS\System32\perfh001.dat
[2009/05/10 21:29:10 | 00,070,254 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2009/05/10 21:29:10 | 00,070,244 | ---- | M] () -- C:\WINDOWS\System32\perfc001.dat
[2009/05/10 21:28:54 | 00,004,566 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2009/05/10 21:18:43 | 00,001,741 | ---- | M] () -- C:\Documents and Settings\Mustali.PC327926515751\سطح المكتب\HijackThis.lnk
[2009/05/10 20:14:35 | 00,000,255 | RHS- | M] () -- C:\autorun.inf
[2009/05/09 22:53:56 | 00,000,012 | ---- | M] () -- C:\WINDOWS\bthservsdp.dat
[2009/05/09 19:03:32 | 00,000,677 | ---- | M] () -- C:\Documents and Settings\All Users\سطح المكتب\Autorun Eater.lnk
[2009/05/09 16:45:34 | 00,000,082 | ---- | M] () -- C:\Documents and Settings\Mustali.PC327926515751\My Documents\Sakina.KUN
[2009/05/09 12:51:34 | 35,920,469 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\incavi.avm
[2009/05/09 12:51:34 | 00,051,123 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\microavi.avg
[2009/05/09 11:38:12 | 00,081,051 | ---- | M] () -- C:\Documents and Settings\Mustali.PC327926515751\My Documents\sevencreations.asp.htm
[2009/05/09 06:37:51 | 00,007,190 | ---- | M] () -- C:\Documents and Settings\Mustali.PC327926515751\My Documents\Update_Patch_1.2.dld
[2009/05/08 13:00:09 | 00,012,917 | ---- | M] () -- C:\Documents and Settings\Mustali.PC327926515751\سطح المكتب\Adobe_Indesign_CS4_ME.4728403.TPB.torrent
[2009/05/07 18:45:25 | 00,049,664 | ---- | M] () -- C:\Documents and Settings\Mustali.PC327926515751\سطح المكتب\mumbai tkt.doc
[2009/05/07 16:27:19 | 00,013,824 | ---- | M] () -- C:\Documents and Settings\Mustali.PC327926515751\سطح المكتب\BHOPAL.xls
[2009/05/07 14:32:40 | 00,001,199 | ---- | M] () -- C:\WINDOWS\win.ini
[2009/05/07 14:32:40 | 00,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
[2009/05/07 14:32:40 | 00,000,211 | RHS- | M] () -- C:\boot.ini
[2009/05/07 11:53:15 | 00,312,665 | ---- | M] () -- C:\Documents and Settings\Mustali.PC327926515751\سطح المكتب\Bhopal Madrasa1.jpg
[2009/05/07 11:52:04 | 00,276,737 | ---- | M] () -- C:\Documents and Settings\Mustali.PC327926515751\سطح المكتب\Bhopal Madrasa.jpg
[2009/05/07 11:46:35 | 00,181,865 | ---- | M] () -- C:\Documents and Settings\Mustali.PC327926515751\سطح المكتب\1234.jpg
[2009/05/07 11:32:29 | 00,200,143 | ---- | M] () -- C:\Documents and Settings\Mustali.PC327926515751\سطح المكتب\new member in existing comm.jpg
[2009/05/07 06:29:45 | 00,230,400 | ---- | M] () -- C:\Documents and Settings\Mustali.PC327926515751\سطح المكتب\CS4_KeyGen.exe
[2009/05/03 15:45:24 | 00,070,278 | ---- | M] () -- C:\Documents and Settings\Mustali.PC327926515751\سطح المكتب\misal 133.jpg
[2009/05/03 15:26:26 | 00,044,032 | ---- | M] () -- C:\Documents and Settings\Mustali.PC327926515751\سطح المكتب\Faculty_Load_rev_1.xls
[2009/05/03 15:26:13 | 00,025,600 | ---- | M] () -- C:\Documents and Settings\Mustali.PC327926515751\سطح المكتب\Report on New Session 2009.doc
[2009/05/01 23:01:52 | 00,000,651 | ---- | M] () -- C:\WINDOWS\wafi2000.ini
[2009/05/01 22:35:33 | 00,001,555 | ---- | M] () -- C:\WINDOWS\ata live update.ini
[2009/04/30 17:23:42 | 00,146,432 | ---- | M] () -- C:\Documents and Settings\Mustali.PC327926515751\سطح المكتب\Takhteet 5 to 10 1430.xls
[2009/04/30 02:31:37 | 00,261,056 | ---- | M] () -- C:\Documents and Settings\All Users\Documents\Malaf CP].jpg
[2009/04/30 01:28:20 | 01,415,680 | ---- | M] () -- C:\Documents and Settings\All Users\Documents\10 th-teacher-ver5.doc
[2009/04/29 14:49:51 | 00,021,045 | ---- | M] () -- C:\Documents and Settings\Mustali.PC327926515751\سطح المكتب\Picture5.jpg
[2009/04/29 14:48:59 | 00,373,792 | ---- | M] () -- C:\Documents and Settings\Mustali.PC327926515751\سطح المكتب\Picture4.emf
[2009/04/29 14:47:25 | 00,250,928 | ---- | M] () -- C:\Documents and Settings\Mustali.PC327926515751\سطح المكتب\Picture3.wmf
[2009/04/29 14:46:33 | 00,019,645 | ---- | M] () -- C:\Documents and Settings\Mustali.PC327926515751\سطح المكتب\Picture2.jpg
[2009/04/29 14:45:28 | 00,373,744 | ---- | M] () -- C:\Documents and Settings\Mustali.PC327926515751\سطح المكتب\Picture1.wmf
[2009/04/29 13:10:59 | 02,089,472 | ---- | M] () -- C:\Documents and Settings\Mustali.PC327926515751\سطح المكتب\8th-Teacher-ver5-Correction_Checked.doc
[2009/04/29 13:07:17 | 00,668,160 | ---- | M] () -- C:\Documents and Settings\All Users\Documents\10 th-ver4 without- suwaal update.doc
[2009/04/29 12:26:10 | 00,015,592 | ---- | M] () -- C:\Documents and Settings\Mustali.PC327926515751\سطح المكتب\Nisaab Border1.wmf
[2009/04/29 12:07:20 | 00,081,920 | ---- | M] () -- C:\Documents and Settings\Mustali.PC327926515751\سطح المكتب\Assessment Criteria 5 to 10 1430.doc
[2009/04/29 11:18:06 | 00,774,144 | ---- | M] () -- C:\Documents and Settings\Mustali.PC327926515751\سطح المكتب\10 th-ver3.doc
[2009/04/29 02:29:34 | 02,056,704 | ---- | M] () -- C:\Documents and Settings\Mustali.PC327926515751\سطح المكتب\نسخ (2) من 8th-Teacher-ver5-Correction_Checked.doc
[2009/04/29 02:09:14 | 00,144,384 | ---- | M] () -- C:\Documents and Settings\Mustali.PC327926515751\سطح المكتب\نسخ من Takhteet 5 to 10 1430.xls
[2009/04/29 02:01:06 | 00,000,253 | ---- | M] () -- C:\Documents and Settings\Mustali.PC327926515751\سطح المكتب\clip_image002.gif
[2009/04/29 01:33:46 | 00,000,162 | -H-- | M] () -- C:\Documents and Settings\Mustali.PC327926515751\سطح المكتب\~$h-Teacher-ver5-Correction_Checked.doc
[2009/04/29 01:23:49 | 00,034,816 | ---- | M] () -- C:\Documents and Settings\Mustali.PC327926515751\سطح المكتب\10fehris-akhbaar.doc
[2009/04/29 00:02:39 | 00,157,393 | ---- | M] () -- C:\Documents and Settings\Mustali.PC327926515751\سطح المكتب\Output.pdf
[2009/04/28 23:21:58 | 01,857,536 | ---- | M] () -- C:\Documents and Settings\Mustali.PC327926515751\سطح المكتب\نسخ من 8th-Teacher-ver5-Correction_Checked.doc
[2009/04/28 22:59:34 | 02,482,176 | ---- | M] () -- C:\Documents and Settings\Mustali.PC327926515751\سطح المكتب\Samena_child_ver2.doc
[2009/04/28 16:45:03 | 13,552,358 | ---- | M] () -- C:\Documents and Settings\Mustali.PC327926515751\سطح المكتب\7th-teacher-ver5.pdf
[2009/04/28 16:45:03 | 13,552,358 | ---- | M] () -- C:\Documents and Settings\All Users\Documents\7th-teacher-ver5.pdf
[2009/04/28 16:42:20 | 00,018,292 | ---- | M] () -- C:\Documents and Settings\All Users\Documents\mohd_workshop.pdf
[2009/04/28 13:09:33 | 00,042,496 | ---- | M] () -- C:\Documents and Settings\All Users\Documents\عزاداران حسين.doc
[2009/04/28 01:22:44 | 01,803,264 | ---- | M] () -- C:\Documents and Settings\Mustali.PC327926515751\سطح المكتب\Tasea_child_ver2.doc
[2009/04/27 13:10:48 | 17,136,197 | ---- | M] () -- C:\Documents and Settings\Mustali.PC327926515751\سطح المكتب\6th-teacher-ver5.pdf
[2009/04/27 13:10:48 | 17,136,197 | ---- | M] () -- C:\Documents and Settings\All Users\Documents\6th-teacher-ver5.pdf
[2009/04/27 09:37:52 | 01,008,128 | ---- | M] () -- C:\Documents and Settings\Mustali.PC327926515751\سطح المكتب\Sabea LD Very New.doc
[2009/04/26 22:07:51 | 17,654,338 | ---- | M] () -- C:\Documents and Settings\Mustali.PC327926515751\سطح المكتب\5th-teacher-ver5.pdf
[2009/04/26 22:07:51 | 17,654,338 | ---- | M] () -- C:\Documents and Settings\All Users\Documents\5th-teacher-ver5.pdf
[2009/04/26 21:39:07 | 00,035,328 | ---- | M] () -- C:\Documents and Settings\All Users\Documents\haris ni riwayat.doc
[2009/04/26 16:23:49 | 00,000,162 | -H-- | M] () -- C:\Documents and Settings\All Users\Documents\~$ris ni riwayat.doc
[2009/04/26 16:13:08 | 01,104,896 | ---- | M] () -- C:\Documents and Settings\Mustali.PC327926515751\سطح المكتب\clipatrs.doc
[2009/04/26 14:51:09 | 01,701,376 | ---- | M] () -- C:\Documents and Settings\Mustali.PC327926515751\سطح المكتب\Sabea_adab check.doc
[2009/04/25 21:42:07 | 00,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx
[2009/04/25 21:41:19 | 00,001,769 | ---- | M] () -- C:\Documents and Settings\All Users\سطح المكتب\Adobe Audition 2.0.lnk
[2009/04/25 14:26:30 | 02,593,684 | ---- | M] () -- C:\Documents and Settings\All Users\Documents\7th lisaan.pdf
[2009/04/25 13:30:46 | 05,161,001 | ---- | M] () -- C:\Documents and Settings\All Users\Documents\5th- lisaan.pdf
[2009/04/25 11:57:16 | 00,977,920 | ---- | M] () -- C:\Documents and Settings\Mustali.PC327926515751\سطح المكتب\Ashera_Adab_only.doc
[2009/04/25 09:41:13 | 00,063,488 | ---- | M] () -- C:\Documents and Settings\All Users\Documents\ملف مؤقت.shs
[2009/04/25 01:04:23 | 00,595,456 | ---- | M] () -- C:\Documents and Settings\All Users\Documents\10 th-ver3.doc
[2009/04/24 23:24:03 | 00,000,687 | ---- | M] () -- C:\Documents and Settings\Mustali.PC327926515751\سطح المكتب\Effel's Arabic Dictionary.lnk
[2009/04/24 10:18:08 | 00,000,540 | ---- | M] () -- C:\Documents and Settings\Mustali.PC327926515751\سطح المكتب\Husain bhai baramati wala على 192.168.1.22.lnk
[2009/04/24 09:54:22 | 00,051,200 | ---- | M] () -- C:\Documents and Settings\All Users\Documents\Document Scrap 'مولانا علي...'.shs
[2009/04/24 09:37:23 | 00,030,208 | ---- | M] () -- C:\Documents and Settings\Mustali.PC327926515751\سطح المكتب\Tuffah Zikr for Huzefa bs.doc
[2009/04/23 16:44:36 | 00,159,281 | ---- | M] () -- C:\Documents and Settings\Mustali.PC327926515751\سطح المكتب\zikr ud dukhul bin nisa.pdf
[2009/04/23 16:44:36 | 00,159,281 | ---- | M] () -- C:\Documents and Settings\All Users\Documents\zikr ud dukhul bin nisa.pdf
[2009/04/22 20:49:26 | 04,324,638 | ---- | M] () -- C:\Documents and Settings\Mustali.PC327926515751\سطح المكتب\5th-45to79.pdf
[2009/04/21 21:39:51 | 00,029,696 | ---- | M] () -- C:\Documents and Settings\Mustali.PC327926515751\سطح المكتب\syedna dawood riwayat.doc
[2009/04/20 23:36:40 | 00,000,623 | ---- | M] () -- C:\Documents and Settings\Mustali.PC327926515751\سطح المكتب\NetMeeting.lnk
[2009/04/20 16:11:28 | 04,600,033 | ---- | M] () -- C:\Documents and Settings\Mustali.PC327926515751\سطح المكتب\8th-teacher-ver-4.rar
[2009/04/20 14:06:13 | 15,520,355 | ---- | M] () -- C:\Documents and Settings\Mustali.PC327926515751\سطح المكتب\8th-teacher-ver-4.pdf
[2009/04/20 12:25:18 | 00,000,330 | -H-- | M] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2009/04/20 10:02:22 | 01,946,624 | ---- | M] () -- C:\Documents and Settings\All Users\Documents\Sadesa.doc
[2009/04/19 20:38:54 | 00,040,448 | ---- | M] () -- C:\Documents and Settings\Mustali.PC327926515751\سطح المكتب\فخر تقدیر ھے.doc
[2009/04/19 20:37:41 | 00,080,570 | ---- | M] () -- C:\Documents and Settings\Mustali.PC327926515751\سطح المكتب\Madeh by Mansoorali Hashmi.pdf
[2009/04/19 20:15:27 | 00,038,912 | ---- | M] () -- C:\Documents and Settings\Mustali.PC327926515751\سطح المكتب\Backup of فخر تقدیر ھے.wbk
[2009/04/18 18:03:08 | 00,002,112 | ---- | M] () -- C:\Documents and Settings\Mustali.PC327926515751\My Documents\shajarat syedna qutbuddin RA.gno
[2009/04/18 12:41:37 | 00,434,673 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\miniavi.avg
[2009/04/17 22:55:11 | 00,026,112 | ---- | M] () -- C:\Documents and Settings\All Users\Documents\Document Scrap 'خيال راكهسس_...'.shs
[2009/04/17 20:16:23 | 02,537,710 | ---- | M] () -- C:\Documents and Settings\Mustali.PC327926515751\سطح المكتب\Calender30-31.pdf
[2009/04/17 20:16:23 | 02,537,710 | ---- | M] () -- C:\Documents and Settings\All Users\Documents\Calender30-31.pdf
[2009/04/17 19:47:23 | 00,037,620 | ---- | M] () -- C:\Documents and Settings\Mustali.PC327926515751\سطح المكتب\calendr.pdf
[2009/04/17 02:18:57 | 00,000,365 | ---- | M] () -- C:\Documents and Settings\Mustali.PC327926515751\سطح المكتب\EasyRecovery Professional.lnk
[2009/04/14 08:53:41 | 00,000,870 | RH-- | M] () -- C:\WINDOWS\EPMBatch.ept
[2009/04/13 09:31:54 | 00,001,972 | ---- | M] () -- C:\Documents and Settings\All Users\سطح المكتب\Watery Desktop 3D.lnk
[2009/04/11 16:55:26 | 00,287,232 | ---- | M] () -- C:\Documents and Settings\All Users\Documents\6-teacher-formatted.doc

========== Alternate Data Streams ==========

@Alternate Data Stream - 98 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2
@Alternate Data Stream - 184 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:0CE7F3C9
@Alternate Data Stream - 117 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:0F8F5844
@Alternate Data Stream - 107 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:F664613B
@Alternate Data Stream - 101 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:661DFA1C
< End of report >


GMER 1.0.15.14972 - http://www.gmer.net
Rootkit scan 2009-05-10 22:46:36
Windows 5.1.2600 Service Pack 3


---- System - GMER 1.0.15 ----

SSDT \??\C:\WINDOWS\system32\windrvNT.sys ZwCreateFile [0xF79BA36A]
SSDT \??\C:\WINDOWS\system32\windrvNT.sys ZwOpenFile [0xF79BACD8]
SSDT \??\C:\WINDOWS\system32\windrvNT.sys ZwQueryDirectoryFile [0xF79BA842]
SSDT \??\C:\WINDOWS\system32\windrvNT.sys ZwQueryInformationProcess [0xF79B71E0]
SSDT \??\C:\WINDOWS\system32\windrvNT.sys ZwSetInformationFile [0xF79BB142]

Code 86548978 ZwEnumerateKey
Code 86548908 ZwFlushInstructionCache
Code 865489E6 IofCallDriver
Code 86547146 IofCompleteRequest

---- Kernel code sections - GMER 1.0.15 ----

.text ntkrnlpa.exe!IofCallDriver 804EF1A6 5 Bytes JMP 865489EB
.text ntkrnlpa.exe!IofCompleteRequest 804EF236 5 Bytes JMP 8654714B
PAGE ntkrnlpa.exe!ZwFlushInstructionCache 805B6812 5 Bytes JMP 8654890C
PAGE ntkrnlpa.exe!ZwEnumerateKey 80623FF0 5 Bytes JMP 8654897C

---- User code sections - GMER 1.0.15 ----

.text C:\Documents and Settings\Mustali.PC327926515751\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3004] ntdll.dll!NtCreateFile + 6 7C95D0B4 4 Bytes [25, 00, 17, 00]
.text C:\Documents and Settings\Mustali.PC327926515751\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3004] ntdll.dll!NtCreateFile + B 7C95D0B9 1 Byte [E2]
.text C:\Documents and Settings\Mustali.PC327926515751\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3004] ntdll.dll!NtMapViewOfSection + 6 7C95D524 1 Byte [25]
.text C:\Documents and Settings\Mustali.PC327926515751\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3004] ntdll.dll!NtMapViewOfSection + 6 7C95D524 4 Bytes [25, 03, 17, 00]
.text C:\Documents and Settings\Mustali.PC327926515751\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3004] ntdll.dll!NtMapViewOfSection + B 7C95D529 1 Byte [E2]
.text C:\Documents and Settings\Mustali.PC327926515751\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3004] ntdll.dll!NtOpenFile + 6 7C95D5A4 4 Bytes [65, 00, 17, 00]
.text C:\Documents and Settings\Mustali.PC327926515751\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3004] ntdll.dll!NtOpenFile + B 7C95D5A9 1 Byte [E2]
.text C:\Documents and Settings\Mustali.PC327926515751\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3004] ntdll.dll!NtOpenProcess + 6 7C95D604 4 Bytes [A5, 01, 17, 00]
.text C:\Documents and Settings\Mustali.PC327926515751\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3004] ntdll.dll!NtOpenProcess + B 7C95D609 1 Byte [E2]
.text C:\Documents and Settings\Mustali.PC327926515751\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3004] ntdll.dll!NtOpenProcessToken + 6 7C95D614 4 Bytes [E5, 01, 17, 00]
.text C:\Documents and Settings\Mustali.PC327926515751\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3004] ntdll.dll!NtOpenProcessToken + B 7C95D619 1 Byte [E2]
.text C:\Documents and Settings\Mustali.PC327926515751\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3004] ntdll.dll!NtOpenProcessTokenEx + 6 7C95D624 4 Bytes [A5, 02, 17, 00]
.text C:\Documents and Settings\Mustali.PC327926515751\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3004] ntdll.dll!NtOpenProcessTokenEx + B 7C95D629 1 Byte [E2]
.text C:\Documents and Settings\Mustali.PC327926515751\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3004] ntdll.dll!NtOpenThread + 6 7C95D664 4 Bytes [65, 01, 17, 00]
.text C:\Documents and Settings\Mustali.PC327926515751\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3004] ntdll.dll!NtOpenThread + B 7C95D669 1 Byte [E2]
.text C:\Documents and Settings\Mustali.PC327926515751\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3004] ntdll.dll!NtOpenThreadToken + 6 7C95D674 4 Bytes [65, 02, 17, 00]
.text C:\Documents and Settings\Mustali.PC327926515751\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3004] ntdll.dll!NtOpenThreadToken + B 7C95D679 1 Byte [E2]
.text C:\Documents and Settings\Mustali.PC327926515751\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3004] ntdll.dll!NtOpenThreadTokenEx + 6 7C95D684 4 Bytes [E5, 02, 17, 00]
.text C:\Documents and Settings\Mustali.PC327926515751\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3004] ntdll.dll!NtOpenThreadTokenEx + B 7C95D689 1 Byte [E2]
.text C:\Documents and Settings\Mustali.PC327926515751\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3004] ntdll.dll!NtQueryAttributesFile + 6 7C95D714 4 Bytes [A5, 00, 17, 00]
.text C:\Documents and Settings\Mustali.PC327926515751\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3004] ntdll.dll!NtQueryAttributesFile + B 7C95D719 1 Byte [E2]
.text C:\Documents and Settings\Mustali.PC327926515751\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3004] ntdll.dll!NtQueryFullAttributesFile + 6 7C95D7B4 4 Bytes [E5, 00, 17, 00]
.text C:\Documents and Settings\Mustali.PC327926515751\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3004] ntdll.dll!NtQueryFullAttributesFile + B 7C95D7B9 1 Byte [E2]
.text C:\Documents and Settings\Mustali.PC327926515751\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3004] ntdll.dll!NtSetInformationFile + 6 7C95DC64 4 Bytes [25, 01, 17, 00]
.text C:\Documents and Settings\Mustali.PC327926515751\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3004] ntdll.dll!NtSetInformationFile + B 7C95DC69 1 Byte [E2]
.text C:\Documents and Settings\Mustali.PC327926515751\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3004] ntdll.dll!NtSetInformationThread + 6 7C95DCB4 4 Bytes [25, 02, 17, 00]
.text C:\Documents and Settings\Mustali.PC327926515751\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3004] ntdll.dll!NtSetInformationThread + B 7C95DCB9 1 Byte [E2]
.text C:\Documents and Settings\Mustali.PC327926515751\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3004] ntdll.dll!NtUnmapViewOfSection + 6 7C95DF14 1 Byte [65]
.text C:\Documents and Settings\Mustali.PC327926515751\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3004] ntdll.dll!NtUnmapViewOfSection + 6 7C95DF14 4 Bytes [65, 03, 17, 00]
.text C:\Documents and Settings\Mustali.PC327926515751\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3004] ntdll.dll!NtUnmapViewOfSection + B 7C95DF19 1 Byte [E2]
.text C:\Documents and Settings\Mustali.PC327926515751\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3276] ntdll.dll!NtCreateFile + 6 7C95D0B4 4 Bytes [25, 00, 17, 00]
.text C:\Documents and Settings\Mustali.PC327926515751\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3276] ntdll.dll!NtCreateFile + B 7C95D0B9 1 Byte [E2]
.text C:\Documents and Settings\Mustali.PC327926515751\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3276] ntdll.dll!NtMapViewOfSection + 6 7C95D524 1 Byte [25]
.text C:\Documents and Settings\Mustali.PC327926515751\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3276] ntdll.dll!NtMapViewOfSection + 6 7C95D524 4 Bytes [25, 03, 17, 00]
.text C:\Documents and Settings\Mustali.PC327926515751\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3276] ntdll.dll!NtMapViewOfSection + B 7C95D529 1 Byte [E2]
.text C:\Documents and Settings\Mustali.PC327926515751\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3276] ntdll.dll!NtOpenFile + 6 7C95D5A4 4 Bytes [65, 00, 17, 00]
.text C:\Documents and Settings\Mustali.PC327926515751\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3276] ntdll.dll!NtOpenFile + B 7C95D5A9 1 Byte [E2]
.text C:\Documents and Settings\Mustali.PC327926515751\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3276] ntdll.dll!NtOpenProcess + 6 7C95D604 4 Bytes [A5, 01, 17, 00]
.text C:\Documents and Settings\Mustali.PC327926515751\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3276] ntdll.dll!NtOpenProcess + B 7C95D609 1 Byte [E2]
.text C:\Documents and Settings\Mustali.PC327926515751\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3276] ntdll.dll!NtOpenProcessToken + 6 7C95D614 4 Bytes [E5, 01, 17, 00]
.text C:\Documents and Settings\Mustali.PC327926515751\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3276] ntdll.dll!NtOpenProcessToken + B 7C95D619 1 Byte [E2]
.text C:\Documents and Settings\Mustali.PC327926515751\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3276] ntdll.dll!NtOpenProcessTokenEx + 6 7C95D624 4 Bytes [A5, 02, 17, 00]
.text C:\Documents and Settings\Mustali.PC327926515751\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3276] ntdll.dll!NtOpenProcessTokenEx + B 7C95D629 1 Byte [E2]
.text C:\Documents and Settings\Mustali.PC327926515751\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3276] ntdll.dll!NtOpenThread + 6 7C95D664 4 Bytes [65, 01, 17, 00]
.text C:\Documents and Settings\Mustali.PC327926515751\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3276] ntdll.dll!NtOpenThread + B 7C95D669 1 Byte [E2]
.text C:\Documents and Settings\Mustali.PC327926515751\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3276] ntdll.dll!NtOpenThreadToken + 6 7C95D674 4 Bytes [65, 02, 17, 00]
.text C:\Documents and Settings\Mustali.PC327926515751\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3276] ntdll.dll!NtOpenThreadToken + B 7C95D679 1 Byte [E2]
.text C:\Documents and Settings\Mustali.PC327926515751\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3276] ntdll.dll!NtOpenThreadTokenEx + 6 7C95D684 4 Bytes [E5, 02, 17, 00]
.text C:\Documents and Settings\Mustali.PC327926515751\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3276] ntdll.dll!NtOpenThreadTokenEx + B 7C95D689 1 Byte [E2]
.text C:\Documents and Settings\Mustali.PC327926515751\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3276] ntdll.dll!NtQueryAttributesFile + 6 7C95D714 4 Bytes [A5, 00, 17, 00]
.text C:\Documents and Settings\Mustali.PC327926515751\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3276] ntdll.dll!NtQueryAttributesFile + B 7C95D719 1 Byte [E2]
.text C:\Documents and Settings\Mustali.PC327926515751\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3276] ntdll.dll!NtQueryFullAttributesFile + 6 7C95D7B4 4 Bytes [E5, 00, 17, 00]
.text C:\Documents and Settings\Mustali.PC327926515751\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3276] ntdll.dll!NtQueryFullAttributesFile + B 7C95D7B9 1 Byte [E2]
.text C:\Documents and Settings\Mustali.PC327926515751\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3276] ntdll.dll!NtSetInformationFile + 6 7C95DC64 4 Bytes [25, 01, 17, 00]
.text C:\Documents and Settings\Mustali.PC327926515751\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3276] ntdll.dll!NtSetInformationFile + B 7C95DC69 1 Byte [E2]
.text C:\Documents and Settings\Mustali.PC327926515751\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3276] ntdll.dll!NtSetInformationThread + 6 7C95DCB4 4 Bytes [25, 02, 17, 00]
.text C:\Documents and Settings\Mustali.PC327926515751\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3276] ntdll.dll!NtSetInformationThread + B 7C95DCB9 1 Byte [E2]
.text C:\Documents and Settings\Mustali.PC327926515751\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3276] ntdll.dll!NtUnmapViewOfSection + 6 7C95DF14 1 Byte [65]
.text C:\Documents and Settings\Mustali.PC327926515751\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3276] ntdll.dll!NtUnmapViewOfSection + 6 7C95DF14 4 Bytes [65, 03, 17, 00]
.text C:\Documents and Settings\Mustali.PC327926515751\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3276] ntdll.dll!NtUnmapViewOfSection + B 7C95DF19 1 Byte [E2]

---- Devices - GMER 1.0.15 ----

AttachedDevice \Driver\Tcpip \Device\Ip avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 SynTP.sys (Synaptics Touchpad Driver/Synaptics, Inc.)
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 eabfiltr.sys (QLB PS/2 Keyboard filter driver/Hewlett-Packard Development Company, L.P.)
AttachedDevice \Driver\Tcpip \Device\Tcp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \Driver\Tcpip \Device\Udp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \Driver\Tcpip \Device\RawIp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \FileSystem\Fastfat \Fat fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)
AttachedDevice \FileSystem\Fastfat \Fat fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)

---- EOF - GMER 1.0.15 ----

Attached Files


Edited by mustali, 10 May 2009 - 12:18 PM.


BC AdBot (Login to Remove)

 


#2 Orange Blossom

Orange Blossom

    OBleepin Investigator


  • Moderator
  • 36,805 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Bloomington, IN
  • Local time:10:19 PM

Posted 26 May 2009 - 01:07 AM

Hello and welcome to Bleeping Computer

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help.

If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine.

If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.

Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.

If you have already posted a DDS log, please do so again, as your situation may have changed.
Use the 'Add Reply' and add the new log to this thread.

Thanks and again sorry for the delay.

We need to see some information about what is happening in your machine. Please perform the following scan:
  • Download DDS by sUBs from one of the following links. Save it to your desktop.
  • Double click on the DDS icon, allow it to run.
  • A small box will open, with an explanation about the tool. No input is needed, the scan is running.
  • Notepad will open with the results, click no to the Optional_Scan
  • Follow the instructions that pop up for posting the results.
  • Close the program window, and delete the program from your desktop.
Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet. You can find information on A/V control HERE

Orange Blossom :thumbup2:
Help us help you. If HelpBot replies, you MUST follow step 1 in its reply so we know you need help.

Orange Blossom

An ounce of prevention is worth a pound of cure

SpywareBlaster, WinPatrol Plus, ESET Smart Security, Malwarebytes' Anti-Malware, NoScript Firefox ext., Norton noscript

#3 Orange Blossom

Orange Blossom

    OBleepin Investigator


  • Moderator
  • 36,805 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Bloomington, IN
  • Local time:10:19 PM

Posted 05 June 2009 - 07:03 PM

Due to the lack of feedback, this Topic is now closed.

In case you still have problems, please start a new topic.
Help us help you. If HelpBot replies, you MUST follow step 1 in its reply so we know you need help.

Orange Blossom

An ounce of prevention is worth a pound of cure

SpywareBlaster, WinPatrol Plus, ESET Smart Security, Malwarebytes' Anti-Malware, NoScript Firefox ext., Norton noscript




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users