Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Laptop crashes! Help!


  • This topic is locked This topic is locked
23 replies to this topic

#1 creativegd

creativegd

  • Members
  • 73 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Atlanta
  • Local time:03:53 AM

Posted 10 November 2009 - 12:36 PM

This problem has been going on for a while and is getting progressively worse. The HP laptop will just unexpectedly crash without warning, completely shutting down. At firt I thought it was a hardware issue of over-heating but I have seen it crash within 5 mins of starting up now. I have tried many solutions like virus scans, antispyware, registry cleaners, speeding up computer software, uninstalling software I am at a loss. I have noticed the CPU will be running high or full just before each crash. I have checked the Task Manager to see what is using all the CPU and several programs are listed: searchfilterhost.exe, systemidleprocess, csrss.exe, sometimes searchrotocolhost.exe, searchindexer.exe. If I need to reinstall windows and reformat the harddrive I will, but I am hoping there is some solution to this problem. I have included the hijackthis log for review.

Thank you

Attached Files



BC AdBot (Login to Remove)

 


#2 myrti

myrti

    Sillyberry


  • Malware Study Hall Admin
  • 33,766 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:At home
  • Local time:09:53 AM

Posted 16 November 2009 - 09:44 AM

Hello and welcome to Bleeping Computer

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine.

Please include a clear description of the problems you're having, along with any steps you may have performed so far.

Please refrain from running tools or applying updates other than those we suggest while we are cleaning up your computer. The reason for this is so we know what is going on with the machine at any time. Some programs can interfere with others and hamper the recovery process.

Even if you have already provided information about your PC, we need a new log to see what has changed since you originally posted your problem.
  • Please download OTL from following mirror:
  • Save it to your desktop.
  • Double click on the Posted Image icon on your desktop.
  • Click the "Scan All Users" checkbox.
  • Push the Posted Image button.
  • Two reports will open, copy and paste them in a reply here:
    • OTL.txt <-- Will be opened
    • Extra.txt <-- Will be minimized
In the upper right hand corner of the topic you will see a button called Options. If you click on this in the drop-down menu you can choose Track this topic. I suggest you do this and select Immediate E-Mail notification and click on Proceed. This way you will be advised when we respond to your topic and facilitate the cleaning of your machine.

After 5 days if a topic is not replied to we assume it has been abandoned and it is closed.

regards myrti

is that a bird?  a plane? nooo it's the flying blueberry!

If I have been helping you and haven't replied in 2 days, feel free to shoot me a PM! Please don't send help request via PM, unless I am already helping you. Use the forums!

 

Follow BleepingComputer on: Facebook | Twitter | Google+


#3 creativegd

creativegd
  • Topic Starter

  • Members
  • 73 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Atlanta
  • Local time:03:53 AM

Posted 21 November 2009 - 10:33 PM

Hi, I am trying to do the scans but the computer has crashed during the scan. I may see if it can be done in safe mode as i do not usually have any trouble when it is in safe mode. I will see if I can post the scan results tonight.

#4 creativegd

creativegd
  • Topic Starter

  • Members
  • 73 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Atlanta
  • Local time:03:53 AM

Posted 21 November 2009 - 10:38 PM

Here is the OTL scan:

OTL logfile created on: 11/21/2009 10:22:23 PM - Run 1
OTL by OldTimer - Version 3.1.6.1 Folder = C:\Documents and Settings\Srila Gurudeva\Desktop\Software
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18372)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 1.14 Gb Available Physical Memory | 57.02% Memory free
3.85 Gb Paging File | 3.07 Gb Available in Paging File | 79.92% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 111.78 Gb Total Space | 18.41 Gb Free Space | 16.47% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: SRIGURU
Current User Name: Srila Gurudeva
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2009/11/21 09:42:53 | 00,528,896 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Srila Gurudeva\Desktop\Software\OTL.exe
PRC - [2009/11/12 16:33:10 | 00,141,600 | ---- | M] (Apple Inc.) -- C:\Program Files\iTunes\iTunesHelper.exe
PRC - [2009/11/12 16:33:00 | 00,545,568 | ---- | M] (Apple Inc.) -- C:\Program Files\iPod\bin\iPodService.exe
PRC - [2009/11/10 23:08:18 | 00,417,792 | ---- | M] (Apple Inc.) -- C:\Program Files\QuickTime\QTTask.exe
PRC - [2009/11/03 09:21:12 | 02,028,312 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgtray.exe
PRC - [2009/10/27 22:04:06 | 00,261,392 | ---- | M] () -- C:\Program Files\USB Safely Remove\USBSRService.exe
PRC - [2009/10/27 22:04:04 | 01,513,744 | ---- | M] () -- C:\Program Files\USB Safely Remove\USBSafelyRemove.exe
PRC - [2009/09/14 21:48:14 | 02,531,376 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\Setup\avast.setup
PRC - [2009/08/17 11:07:23 | 00,081,000 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashDisp.exe
PRC - [2009/08/17 11:07:17 | 00,138,680 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe
PRC - [2009/08/17 11:07:01 | 00,254,040 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
PRC - [2009/08/17 11:04:21 | 00,352,920 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
PRC - [2009/08/17 10:58:55 | 00,018,752 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
PRC - [2009/07/31 21:53:18 | 00,595,736 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgnsx.exe
PRC - [2009/07/31 21:53:18 | 00,486,680 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgrsx.exe
PRC - [2009/07/31 21:53:08 | 00,297,752 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgwdsvc.exe
PRC - [2009/05/29 12:41:26 | 00,144,712 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
PRC - [2009/03/04 01:46:25 | 00,152,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe
PRC - [2009/02/06 04:41:05 | 00,227,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmiprvse.exe
PRC - [2009/02/06 04:41:05 | 00,227,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmiprvse.exe
PRC - [2009/01/15 16:17:36 | 01,830,128 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
PRC - [2008/12/12 10:17:38 | 00,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe
PRC - [2008/10/15 00:04:34 | 00,039,792 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
PRC - [2007/06/13 05:23:07 | 01,033,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2006/07/31 04:28:12 | 04,102,656 | ---- | M] () -- C:\Program Files\Qlock\qlock.exe
PRC - [2006/04/15 17:26:00 | 00,143,427 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvsvc32.exe
PRC - [2006/03/31 16:01:48 | 00,761,946 | ---- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
PRC - [2006/03/23 11:38:38 | 00,131,072 | ---- | M] ( Hewlett-Packard Development Company, L.P.) -- C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
PRC - [2006/03/15 15:28:32 | 00,135,168 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
PRC - [2006/02/27 17:02:06 | 00,581,693 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
PRC - [2006/02/27 17:00:58 | 01,265,748 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
PRC - [2006/02/27 16:55:44 | 00,258,103 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
PRC - [2006/02/14 10:49:22 | 00,454,656 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files\HPQ\HP Wireless Assistant\HP Wireless Assistant.exe
PRC - [2005/07/15 16:48:33 | 00,479,232 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Gmail Notifier\gnotify.exe
PRC - [2003/06/19 22:25:00 | 00,322,120 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
PRC - [2003/04/07 01:42:52 | 00,217,190 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe


========== Modules (SafeList) ==========

MOD - [2009/11/21 09:42:53 | 00,528,896 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Srila Gurudeva\Desktop\Software\OTL.exe
MOD - [2006/08/25 10:45:55 | 01,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
MOD - [2006/02/28 07:00:00 | 00,185,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\framedyn.dll
MOD - [2006/02/28 07:00:00 | 00,025,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mslbui.dll


========== Win32 Services (SafeList) ==========

SRV - [2009/11/12 16:33:00 | 00,545,568 | ---- | M] (Apple Inc.) -- C:\Program Files\iPod\bin\iPodService.exe -- (iPod Service)
SRV - [2009/10/27 22:04:06 | 00,261,392 | ---- | M] () -- C:\Program Files\USB Safely Remove\USBSRService.exe -- (USBSafelyRemoveService)
SRV - [2009/08/17 11:07:17 | 00,138,680 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe -- (avast! Antivirus)
SRV - [2009/08/17 11:07:01 | 00,254,040 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe -- (avast! Mail Scanner)
SRV - [2009/08/17 11:04:21 | 00,352,920 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe -- (avast! Web Scanner)
SRV - [2009/08/17 10:58:55 | 00,018,752 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe -- (aswUpdSv)
SRV - [2009/07/31 21:53:08 | 00,297,752 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgwdsvc.exe -- (avg8wd)
SRV - [2009/05/29 12:41:26 | 00,144,712 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2009/03/04 01:46:25 | 00,152,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2008/12/12 10:17:38 | 00,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe -- (Bonjour Service)
SRV - [2008/10/25 22:39:33 | 00,168,432 | ---- | M] (Google) -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc)
SRV - [2008/07/29 20:10:04 | 00,046,104 | ---- | M] (Microsoft Corporation) -- c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe -- (FontCache3.0.0.0)
SRV - [2008/07/29 18:24:50 | 00,881,664 | ---- | M] (Microsoft Corporation) -- c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe -- (idsvc)
SRV - [2008/07/29 18:16:38 | 00,132,096 | ---- | M] (Microsoft Corporation) -- c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing)
SRV - [2008/07/25 10:17:02 | 00,069,632 | ---- | M] (Microsoft Corporation) -- c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008/07/25 10:16:40 | 00,034,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe -- (aspnet_state)
SRV - [2008/07/23 19:09:40 | 00,110,200 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2007/02/25 16:53:51 | 00,266,240 | ---- | M] () -- C:\Program Files\Letterhead Fonts\LHFService.exe -- (Letterhead Fonts Service)
SRV - [2006/10/30 18:58:58 | 00,072,704 | ---- | M] (Adobe Systems) -- C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe -- (Adobe LM Service)
SRV - [2006/10/18 20:05:24 | 00,913,408 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\WMPNetwk.exe -- (WMPNetworkSvc)
SRV - [2006/04/15 17:26:00 | 00,143,427 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvsvc32.exe -- (NVSvc)
SRV - [2006/03/15 15:28:32 | 00,135,168 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe -- (hpqwmiex)
SRV - [2006/02/28 07:00:00 | 00,038,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll -- (helpsvc)
SRV - [2006/02/27 16:55:44 | 00,258,103 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe -- (btwdins)
SRV - [2004/10/22 03:24:18 | 00,073,728 | ---- | M] (Macrovision Corporation) -- C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe -- (IDriverT)
SRV - [2003/07/28 11:28:22 | 00,089,136 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
SRV - [2003/06/19 22:25:00 | 00,322,120 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE -- (MDM)


========== Driver Services (SafeList) ==========

DRV - [2009/08/17 11:06:43 | 00,094,160 | ---- | M] (ALWIL Software) -- C:\WINDOWS\system32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2009/08/17 11:05:52 | 00,114,768 | ---- | M] (ALWIL Software) -- C:\WINDOWS\system32\drivers\aswSP.sys -- (aswSP)
DRV - [2009/08/17 11:05:37 | 00,020,560 | ---- | M] (ALWIL Software) -- C:\WINDOWS\system32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2009/08/17 11:04:40 | 00,051,376 | ---- | M] (ALWIL Software) -- C:\WINDOWS\system32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2009/08/17 11:04:29 | 00,023,152 | ---- | M] (ALWIL Software) -- C:\WINDOWS\system32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2009/08/17 11:03:21 | 00,026,944 | ---- | M] (ALWIL Software) -- C:\WINDOWS\system32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2009/07/31 21:53:54 | 00,108,552 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\Drivers\avgtdix.sys -- (AvgTdiX)
DRV - [2009/07/31 21:53:48 | 00,335,240 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\Drivers\avgldx86.sys -- (AvgLdx86)
DRV - [2009/07/31 21:53:47 | 00,027,784 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\Drivers\avgmfx86.sys -- (AvgMfx86)
DRV - [2009/05/18 14:17:00 | 00,026,600 | ---- | M] (GEAR Software Inc.) -- C:\WINDOWS\system32\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV - [2009/01/15 16:17:42 | 00,007,408 | R--- | M] ( SUPERAdBlocker.com and SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SASENUM.SYS -- (SASENUM)
DRV - [2009/01/15 16:17:40 | 00,008,944 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2009/01/15 16:17:38 | 00,055,024 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2008/06/19 16:24:30 | 00,028,544 | ---- | M] (Panda Security, S.L.) -- C:\WINDOWS\system32\drivers\pavboot.sys -- (pavboot)
DRV - [2008/02/22 21:38:33 | 00,043,872 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\System32\Drivers\PxHelp20.sys -- (PxHelp20)
DRV - [2007/11/13 05:25:53 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- C:\WINDOWS\system32\drivers\secdrv.sys -- (Secdrv)
DRV - [2007/10/31 14:09:14 | 00,030,464 | ---- | M] (Apple, Inc.) -- C:\WINDOWS\system32\drivers\usbaapl.sys -- (USBAAPL)
DRV - [2007/06/15 14:35:30 | 00,082,432 | R--- | M] (Sierra Wireless Inc.) -- C:\WINDOWS\system32\drivers\swnc8u20.sys -- (SWNC8U20)
DRV - [2007/06/15 14:35:30 | 00,066,304 | R--- | M] (Sierra Wireless Inc.) -- C:\WINDOWS\system32\drivers\swumx20.sys -- (SWUMX20)
DRV - [2007/06/14 12:59:26 | 00,032,160 | ---- | M] (PCTEL Inc.) -- C:\WINDOWS\system32\PCTINDIS5.sys -- (PCTINDIS5)
DRV - [2006/11/27 00:36:21 | 00,039,264 | ---- | M] (VSO Software) -- C:\WINDOWS\system32\drivers\Pcouffin.sys -- (Pcouffin)
DRV - [2006/10/20 09:28:04 | 00,026,368 | R--- | M] (Research in Motion Ltd) -- C:\WINDOWS\system32\drivers\RimSerial.sys -- (RimVSerPort)
DRV - [2006/10/04 21:42:42 | 00,002,560 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\drivers\cdralw2k.sys -- (Cdralw2k)
DRV - [2006/10/04 21:42:42 | 00,002,432 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\drivers\cdr4_xp.sys -- (Cdr4_xp)
DRV - [2006/09/28 19:23:34 | 01,709,696 | ---- | M] (Intel® Corporation) -- C:\WINDOWS\system32\drivers\NETw3x32.sys -- (NETw3x32)
DRV - [2006/06/02 14:02:36 | 00,572,928 | ---- | M] (Conexant Systems Inc.) -- C:\WINDOWS\system32\drivers\CHDAud.sys -- (HdAudAddService)
DRV - [2006/04/15 17:26:00 | 03,658,528 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2006/04/12 15:40:56 | 00,013,849 | ---- | M] (Waytech Development, Inc.) -- C:\WINDOWS\system32\drivers\BtFltr.sys -- (BtFltr)
DRV - [2006/03/31 15:41:40 | 00,193,056 | ---- | M] (Synaptics, Inc.) -- C:\WINDOWS\system32\drivers\SynTP.sys -- (SynTP)
DRV - [2006/02/28 07:00:00 | 00,088,448 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\nwlnkipx.sys -- (NwlnkIpx)
DRV - [2006/02/28 07:00:00 | 00,063,232 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\nwlnknb.sys -- (NwlnkNb)
DRV - [2006/02/28 07:00:00 | 00,055,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\nwlnkspx.sys -- (NwlnkSpx)
DRV - [2006/02/28 07:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) -- C:\WINDOWS\system32\drivers\ptilink.sys -- (Ptilink)
DRV - [2006/02/28 07:00:00 | 00,005,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\rootmdm.sys -- (ROOTMODEM)
DRV - [2006/02/27 16:48:20 | 00,401,664 | ---- | M] (Broadcom Corporation.) -- C:\WINDOWS\system32\drivers\btaudio.sys -- (btaudio)
DRV - [2006/02/27 16:45:48 | 01,342,602 | ---- | M] (Broadcom Corporation.) -- C:\WINDOWS\system32\drivers\btkrnl.sys -- (BTKRNL)
DRV - [2006/02/27 16:43:44 | 00,030,363 | ---- | M] (Broadcom Corporation.) -- C:\WINDOWS\system32\drivers\btport.sys -- (BTDriver)
DRV - [2006/02/27 16:43:36 | 00,030,189 | ---- | M] (Broadcom Corporation.) -- C:\WINDOWS\system32\drivers\btwmodem.sys -- (btwmodem)
DRV - [2006/02/27 16:43:06 | 00,057,096 | ---- | M] (Broadcom Corporation.) -- C:\WINDOWS\system32\drivers\btwusb.sys -- (BTWUSB)
DRV - [2006/02/27 16:40:16 | 00,148,168 | ---- | M] (Broadcom Corporation.) -- C:\WINDOWS\system32\drivers\btwdndis.sys -- (BTWDNDIS)
DRV - [2006/02/27 16:39:08 | 00,044,163 | ---- | M] (Broadcom Corporation.) -- C:\WINDOWS\system32\drivers\btwhid.sys -- (btwhid)
DRV - [2006/02/14 19:57:46 | 00,012,672 | ---- | M] (Conexant) -- C:\WINDOWS\system32\drivers\mdmxsdk.sys -- (mdmxsdk)
DRV - [2005/11/22 19:50:02 | 00,874,240 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\DRIVERS\iaStor.sys -- (iaStor)
DRV - [2005/11/03 08:31:52 | 00,157,696 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\drivers\e100b325.sys -- (E100B)
DRV - [2005/09/20 10:30:56 | 00,162,432 | ---- | M] (Texas Instruments) -- C:\WINDOWS\system32\drivers\tifm21.sys -- (tifm21)
DRV - [2005/09/19 14:24:20 | 00,005,760 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\WINDOWS\system32\drivers\EabUsb.sys -- (eabusb)
DRV - [2005/09/19 14:24:10 | 00,009,344 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\WINDOWS\system32\drivers\CPQBttn.sys -- (HBtnKey)
DRV - [2005/09/19 14:23:52 | 00,007,808 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\WINDOWS\system32\drivers\eabfiltr.sys -- (eabfiltr)
DRV - [2005/08/22 00:07:00 | 01,035,008 | ---- | M] (Conexant Systems, Inc.) -- C:\WINDOWS\system32\drivers\HSF_DPV.sys -- (HSF_DPV)
DRV - [2005/08/22 00:06:16 | 00,201,600 | ---- | M] (Conexant Systems, Inc.) -- C:\WINDOWS\system32\drivers\HSFHWAZL.sys -- (HSFHWAZL)
DRV - [2005/08/22 00:06:10 | 00,718,464 | ---- | M] (Conexant Systems, Inc.) -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2005/03/14 14:01:38 | 00,041,984 | ---- | M] (DeviceGuys, Inc.) -- C:\WINDOWS\system32\drivers\DGIVECP.SYS -- (DgiVecp)
DRV - [2005/01/07 17:07:18 | 00,138,752 | ---- | M] (Windows ® Server 2003 DDK provider) -- C:\WINDOWS\system32\drivers\Hdaudbus.sys -- (HDAudBus)
DRV - [2004/10/11 11:28:18 | 00,009,856 | ---- | M] (Padus, Inc.) -- C:\WINDOWS\system32\drivers\pfc.sys -- (pfc)
DRV - [2004/07/20 00:41:48 | 00,016,877 | ---- | M] (Adaptec) -- C:\WINDOWS\system32\drivers\ASPI32.SYS -- (Aspi32)
DRV - [2004/01/27 23:40:26 | 00,284,928 | ---- | M] (Roxio) -- C:\WINDOWS\system32\drivers\Cdudf_xp.sys -- (cdudf_xp)
DRV - [2004/01/27 23:39:56 | 00,023,680 | ---- | M] (Roxio) -- C:\WINDOWS\system32\drivers\dvd_2k.sys -- (dvd_2K)
DRV - [2004/01/27 23:34:56 | 00,140,416 | ---- | M] (Windows ® 2000 DDK provider) -- C:\WINDOWS\system32\drivers\DVDVRRdr_xp.sys -- (DVDVRRdr_xp)
DRV - [2004/01/27 23:29:44 | 00,023,680 | ---- | M] (Roxio) -- C:\WINDOWS\system32\drivers\mmc_2k.sys -- (mmc_2K)
DRV - [2004/01/27 23:29:40 | 00,197,632 | ---- | M] (Roxio) -- C:\WINDOWS\system32\drivers\Udfreadr.sys -- (UDFReadr)
DRV - [2004/01/27 23:16:38 | 00,117,248 | ---- | M] (Roxio) -- C:\WINDOWS\system32\drivers\Pwd_2k.sys -- (pwd_2k)
DRV - [2001/08/17 13:56:16 | 00,007,552 | ---- | M] (Sony Corporation) -- C:\WINDOWS\system32\drivers\SONYPVU1.SYS -- (SONYPVU1)
DRV - [1998/02/19 13:54:58 | 00,088,064 | ---- | M] (///FAST Software Security) -- C:\WINDOWS\system32\drivers\Hardlock.sys -- (Hardlock)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Local Page = http://www.iesearch.com/
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm


IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?p...&ar=msnhome
IE - HKU\.DEFAULT\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\.DEFAULT\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>

IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?p...&ar=msnhome
IE - HKU\S-1-5-18\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>



IE - HKU\S-1-5-21-839522115-57989841-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKU\S-1-5-21-839522115-57989841-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKU\S-1-5-21-839522115-57989841-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Page_Transitions = 1
IE - HKU\S-1-5-21-839522115-57989841-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch
IE - HKU\S-1-5-21-839522115-57989841-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKU\S-1-5-21-839522115-57989841-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchTerm...tf8&oe=utf8
IE - HKU\S-1-5-21-839522115-57989841-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKU\S-1-5-21-839522115-57989841-725345543-1003\..\URLSearchHook: *{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - Reg Error: Key error. File not found
IE - HKU\S-1-5-21-839522115-57989841-725345543-1003\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll ()
IE - HKU\S-1-5-21-839522115-57989841-725345543-1003\S-1-5-21-839522115-57989841-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-839522115-57989841-725345543-1003\S-1-5-21-839522115-57989841-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>;*.local

========== FireFox ==========



FF - HKLM\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2009/06/25 04:00:49 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\Program Files\AVG\AVG8\Firefox [2009/11/03 09:24:47 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\avg@igeared: C:\Program Files\AVG\AVG8\Toolbar\Firefox\avg@igeared [2009/10/07 18:19:16 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.13\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2009/11/21 09:26:01 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.13\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2009/11/21 09:26:00 | 00,000,000 | ---D | M]

[2008/11/21 10:47:05 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Srila Gurudeva\Application Data\Mozilla\Extensions
[2008/11/21 10:47:05 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Srila Gurudeva\Application Data\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2009/08/24 11:13:32 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Srila Gurudeva\Application Data\Mozilla\Firefox\Profiles\86vw6dxx.default\extensions
[2009/06/27 20:23:42 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Srila Gurudeva\Application Data\Mozilla\Firefox\Profiles\86vw6dxx.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2009/01/09 19:07:10 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Srila Gurudeva\Application Data\Mozilla\Firefox\Profiles\86vw6dxx.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2009/07/26 12:20:58 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Srila Gurudeva\Application Data\Mozilla\Firefox\Profiles\86vw6dxx.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2008/01/05 18:21:42 | 00,001,208 | ---- | M] () -- C:\Documents and Settings\Srila Gurudeva\Application Data\Mozilla\Firefox\Profiles\86vw6dxx.default\searchplugins\FireSearch.xml
[2009/08/24 11:13:32 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2009/02/10 09:40:34 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\{92D227A1-8A94-4D05-9A88-09D457B7F49D}
[2009/08/24 23:09:21 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2009/03/04 01:46:46 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}
[2007/08/23 16:35:34 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\google-cjk@partners.mozilla.com
[2009/08/24 23:09:14 | 00,023,032 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\browserdirprovider.dll
[2009/08/24 23:09:14 | 00,134,648 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\brwsrcmp.dll
[2008/08/06 15:22:02 | 00,114,688 | ---- | M] (Adobe Systems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\np32dsw.dll
[2009/03/04 01:46:26 | 00,410,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeploytk.dll
[2009/08/24 23:09:16 | 00,065,528 | ---- | M] (mozilla.org) -- C:\Program Files\Mozilla Firefox\plugins\npnul32.dll
[2007/03/22 18:23:30 | 00,017,248 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Mozilla Firefox\plugins\NPOFFICE.DLL
[2008/10/14 20:33:30 | 00,095,600 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\Mozilla Firefox\plugins\nppdf32.dll
[2008/10/30 19:11:44 | 00,144,984 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\nppl3260.dll
[2009/11/21 09:25:57 | 00,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
[2009/11/21 09:25:58 | 00,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
[2009/11/21 09:25:58 | 00,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
[2009/11/21 09:25:58 | 00,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
[2009/11/21 09:25:58 | 00,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
[2009/11/21 09:25:59 | 00,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
[2009/11/21 09:25:59 | 00,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
[2009/11/21 09:25:59 | 00,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin8.dll
[2008/10/30 19:12:07 | 00,008,192 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\nprjplug.dll
[2008/10/30 19:11:34 | 00,094,208 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\nprpjplug.dll
[2008/08/25 21:44:58 | 00,221,184 | ---- | M] (CNN) -- C:\Program Files\Mozilla Firefox\plugins\NPTURNMED.dll
[2007/08/21 19:42:32 | 00,057,344 | ---- | M] (America Online, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npunagi2.dll
[2009/05/01 16:33:44 | 00,001,394 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazondotcom.xml
[2009/05/01 16:33:44 | 00,002,193 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\answers.xml
[2009/07/31 22:15:28 | 00,001,490 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\avg_igeared.xml
[2009/05/01 16:33:44 | 00,001,534 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\creativecommons.xml
[2009/05/01 16:33:44 | 00,002,343 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay.xml
[2009/05/01 16:33:44 | 00,001,706 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\google.xml
[2009/05/01 16:33:44 | 00,001,178 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia.xml

O1 HOSTS File: (687 bytes) - C:\WINDOWS\system32\drivers\etc\HOSTS
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Windows Live Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (AVG Security Toolbar BHO) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll ()
O2 - BHO: (AcroIEToolbarHelper Class) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll ()
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll ()
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll ()
O3 - HKU\S-1-5-21-839522115-57989841-725345543-1003\..\Toolbar\ShellBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll ()
O3 - HKU\S-1-5-21-839522115-57989841-725345543-1003\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll ()
O3 - HKU\S-1-5-21-839522115-57989841-725345543-1003\..\Toolbar\WebBrowser: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll ()
O4 - HKLM..\Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] C:\Program Files\Google\Gmail Notifier\gnotify.exe (Google Inc.)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avast!] C:\Program Files\Alwil Software\Avast4\ashDisp.exe (ALWIL Software)
O4 - HKLM..\Run: [AVG8_TRAY] C:\Program Files\AVG\AVG8\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\Cpqset.exe ()
O4 - HKLM..\Run: [High Definition Audio Property Page Shortcut] C:\WINDOWS\System32\CHDAudPropShortcut.exe (Windows ® Server 2003 DDK provider)
O4 - HKLM..\Run: [hpWirelessAssistant] C:\Program Files\HPQ\HP Wireless Assistant\HP Wireless Assistant.exe (Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [IMJPMIG8.1] C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [QlbCtrl] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe ( Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime\QTTask.exe (Apple Inc.)
O4 - HKLM..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics, Inc.)
O4 - HKU\S-1-5-21-839522115-57989841-725345543-1003..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
O4 - HKU\S-1-5-21-839522115-57989841-725345543-1003..\Run: [USB Safely Remove] C:\Program Files\USB Safely Remove\USBSafelyRemove.exe ()
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\StartUp\Acrobat Assistant.lnk = C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe (Adobe Systems Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\StartUp\Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\StartUp\Bluetooth.lnk = C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
O4 - Startup: C:\Documents and Settings\Srila Gurudeva\Start Menu\Programs\StartUp\qlock.lnk = C:\Program Files\Qlock\qlock.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: CDRAutoRun = 0
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: CDRAutoRun = 0
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19_Classes\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20_Classes\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-839522115-57989841-725345543-1003\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-839522115-57989841-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-839522115-57989841-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O7 - HKU\S-1-5-21-839522115-57989841-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\S-1-5-21-839522115-57989841-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-839522115-57989841-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O7 - HKU\S-1-5-21-839522115-57989841-725345543-1003_Classes\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\OFFICE11\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Send To &Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\network diagnostic\xpnetdiag.exe (Microsoft Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKLM\..Trusted Domains: aol.com ([objects] * is out of zone range - 5)
O15 - HKLM\..Trusted Domains: 49 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKU\.DEFAULT\..Trusted Domains: 48 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKU\S-1-5-18\..Trusted Domains: 48 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKU\S-1-5-21-839522115-57989841-725345543-1003\..Trusted Domains: 46 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {01016526-5E80-11D8-9E86-0007E96C65AE} https://install.charter.com/diskless/bin/ssctlsma.dll (SmartAccess Ctl Class)
O16 - DPF: {01113300-3E00-11D2-8470-0060089874ED} https://install.charter.com/diskless/bin/tgctlcm.cab (Support.com Configuration Class)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://fpdownload.macromedia.com/pub/shock...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {1B00725B-C455-4DE6-BFB6-AD540AD427CD} http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab (Reg Error: Key error.)
O16 - DPF: {200B3EE9-7242-4EFD-B1E4-D97EE825BA53} http://h20270.www2.hp.com/ediags/gmn/insta...staller_gmn.cab (VerifyGMN Class)
O16 - DPF: {238F6F83-B8B4-11CF-8771-00A024541EE3} https://ids.southeasterntech.edu/Citrix/Met...ca32/wficat.cab (Reg Error: Value error.)
O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} http://www.eset.eu/buxus/docs/OnlineScanner.cab (OnlineScanner Control)
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} http://download.bitdefender.com/resources/scan8/oscan8.cab (BDSCANONLINE Control)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.microsoft.com/microsoftupdat...b?1168308030671 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_12)
O16 - DPF: {95D88B35-A521-472B-A182-BB1A98356421} http://asp.mathxl.com/books/_Players/PearsonInstallAsst2.cab (Pearson Installation Assistant 2)
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} http://acs.pandasoftware.com/activescan/as5free/asinst.cab (ActiveScan Installer Class)
O16 - DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} https://h17000.www1.hp.com/ewfrf-JAVA/Secur...loadManager.ocx (Get_ActiveX Control)
O16 - DPF: {B7D07999-2ADB-4AEB-997E-F61CB7B2E2CD} http://www.trendsecure.com/easy_install/_a...asyInstallX.CAB (TSEasyInstallX Control)
O16 - DPF: {CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_12)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_12)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shockwa...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E6D23284-0E9B-417D-A782-03E4487FC947} http://asp.mathxl.com/books/_Players/MathPlayer.cab (Pearson MathXL Player)
O16 - DPF: {FFBB3F3B-0A5A-4106-BE53-DFE1E2340CB1} http://dlm.tools.akamai.com/dlmanager/vers...vex-2.2.1.6.cab (DownloadManager Control)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\cdo {CD00020A-8B95-11D1-82DB-00C04FB1625D} - Reg Error: Value error. File not found
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\MSITSS.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files\Common Files\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files\Common Files\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\avgrsstarter: DllName - avgrsstx.dll - C:\WINDOWS\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
O24 - Desktop Components:0 (My Current Home Page) - About:Home
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/10/27 17:44:04 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\E\Shell\AutoRun\command - "" = E:\Seagate\Installer\InstallSeagateManager.exe -- File not found
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\WINDOWS\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - File not found
O35 - comfile [open] -- "%1" %* File not found
O35 - exefile [open] -- "%1" %* File not found

========== Files/Folders - Created Within 30 Days ==========

[2009/11/21 09:42:42 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Srila Gurudeva\Desktop\Software
[2009/11/21 09:30:23 | 00,000,000 | ---D | C] -- C:\Program Files\iPod
[2009/11/21 09:30:02 | 00,000,000 | ---D | C] -- C:\Program Files\iTunes
[2009/11/21 09:30:02 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2009/11/17 13:43:08 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Srila Gurudeva\Desktop\AOL Saved PFC
[2009/11/10 23:08:24 | 00,094,208 | ---- | C] (Apple Inc.) -- C:\WINDOWS\System32\QuickTimeVR.qtx
[2009/11/10 23:08:24 | 00,069,632 | ---- | C] (Apple Inc.) -- C:\WINDOWS\System32\QuickTime.qts
[9 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2009/11/21 22:27:32 | 00,002,187 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Safari.lnk
[2009/11/21 22:20:39 | 00,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2009/11/21 22:19:17 | 00,050,868 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2009/11/21 22:19:04 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009/11/21 22:19:03 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009/11/21 22:18:59 | 21,455,05280 | -HS- | M] () -- C:\hiberfil.sys
[2009/11/21 10:15:26 | 14,680,064 | ---- | M] () -- C:\Documents and Settings\Srila Gurudeva\ntuser.dat
[2009/11/21 09:31:22 | 00,001,804 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2009/11/21 09:25:44 | 00,001,604 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\QuickTime Player.lnk
[2009/11/21 08:19:22 | 45,542,064 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\incavi.avm
[2009/11/21 08:19:22 | 00,098,480 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\microavi.avg
[2009/11/21 07:41:02 | 00,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2009/11/21 06:00:00 | 00,000,398 | ---- | M] () -- C:\WINDOWS\tasks\XoftSpy.job
[2009/11/20 21:45:08 | 09,541,632 | ---- | M] () -- C:\Documents and Settings\Srila Gurudeva\Desktop\collection costs.xls
[2009/11/20 21:44:58 | 09,541,632 | ---- | M] () -- C:\Documents and Settings\Srila Gurudeva\Desktop\collection costs (version 1).xls
[2009/11/20 20:34:38 | 00,536,637 | ---- | M] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu207-1.pdf
[2009/11/20 15:00:00 | 00,000,410 | ---- | M] () -- C:\WINDOWS\tasks\Norton Security Scan.job
[2009/11/20 13:10:25 | 01,629,137 | ---- | M] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\gopaljiu catalog_magazines_09.pdf
[2009/11/20 13:06:11 | 01,930,059 | ---- | M] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\gopaljiu catalog_books_09.pdf
[2009/11/20 12:31:37 | 00,547,189 | ---- | M] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu214.pdf
[2009/11/20 12:31:32 | 00,516,039 | ---- | M] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu213.pdf
[2009/11/20 12:31:28 | 00,573,200 | ---- | M] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu212.pdf
[2009/11/20 12:31:25 | 00,480,457 | ---- | M] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu211.pdf
[2009/11/20 12:29:34 | 00,464,019 | ---- | M] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu210.pdf
[2009/11/20 12:29:31 | 00,495,620 | ---- | M] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu209.pdf
[2009/11/20 12:29:28 | 00,441,437 | ---- | M] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu208.pdf
[2009/11/20 12:29:24 | 00,536,637 | ---- | M] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu207.pdf
[2009/11/20 12:29:16 | 00,442,333 | ---- | M] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu206.pdf
[2009/11/20 12:29:11 | 00,463,192 | ---- | M] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu205.pdf
[2009/11/20 12:29:06 | 00,462,620 | ---- | M] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu204.pdf
[2009/11/20 12:29:01 | 00,487,278 | ---- | M] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu203.pdf
[2009/11/20 12:28:55 | 00,384,724 | ---- | M] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu202.pdf
[2009/11/20 12:28:50 | 00,265,125 | ---- | M] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu201.pdf
[2009/11/20 12:28:45 | 00,371,997 | ---- | M] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu200.pdf
[2009/11/20 12:28:40 | 00,293,797 | ---- | M] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu199.pdf
[2009/11/20 12:28:35 | 00,313,614 | ---- | M] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu198.pdf
[2009/11/20 12:28:24 | 00,134,819 | ---- | M] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu197.pdf
[2009/11/20 12:28:18 | 00,134,584 | ---- | M] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu196.pdf
[2009/11/20 12:28:13 | 00,133,440 | ---- | M] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu195.pdf
[2009/11/20 12:28:03 | 00,313,361 | ---- | M] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu194.pdf
[2009/11/20 12:27:55 | 00,171,103 | ---- | M] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu193.pdf
[2009/11/20 12:27:50 | 00,172,333 | ---- | M] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu192.pdf
[2009/11/20 12:27:45 | 00,192,090 | ---- | M] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu191.pdf
[2009/11/20 12:27:40 | 00,179,156 | ---- | M] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu190.pdf
[2009/11/20 12:27:31 | 00,180,536 | ---- | M] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu189.pdf
[2009/11/20 12:27:24 | 00,174,674 | ---- | M] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu188.pdf
[2009/11/20 12:27:19 | 00,193,994 | ---- | M] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu187.pdf
[2009/11/20 12:27:13 | 00,190,730 | ---- | M] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu186.pdf
[2009/11/20 12:27:07 | 00,125,637 | ---- | M] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu185.pdf
[2009/11/20 12:27:00 | 00,155,321 | ---- | M] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu184.pdf
[2009/11/20 12:26:56 | 00,196,543 | ---- | M] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu183.pdf
[2009/11/20 12:26:52 | 00,117,767 | ---- | M] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu182.pdf
[2009/11/20 12:26:48 | 00,160,854 | ---- | M] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu181.pdf
[2009/11/20 12:24:50 | 00,157,792 | ---- | M] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu180.pdf
[2009/11/20 12:24:46 | 00,178,077 | ---- | M] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu179.pdf
[2009/11/20 12:24:40 | 00,167,098 | ---- | M] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu178.pdf
[2009/11/20 12:24:37 | 00,165,025 | ---- | M] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu177.pdf
[2009/11/20 12:24:33 | 00,162,669 | ---- | M] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu176.pdf
[2009/11/20 12:24:27 | 00,157,575 | ---- | M] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu175.pdf
[2009/11/20 12:24:23 | 00,151,666 | ---- | M] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu174.pdf
[2009/11/20 12:24:19 | 00,114,780 | ---- | M] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu173.pdf
[2009/11/20 12:24:11 | 00,102,268 | ---- | M] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu172.pdf
[2009/11/20 12:24:07 | 00,109,744 | ---- | M] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu171.pdf
[2009/11/20 12:24:01 | 00,108,314 | ---- | M] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu170.pdf
[2009/11/20 12:23:51 | 00,127,454 | ---- | M] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu169.pdf
[2009/11/20 12:23:47 | 00,131,195 | ---- | M] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu168.pdf
[2009/11/20 12:23:43 | 00,134,554 | ---- | M] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu167.pdf
[2009/11/20 12:23:33 | 00,150,332 | ---- | M] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu166.pdf
[2009/11/20 12:23:25 | 00,146,067 | ---- | M] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu165.pdf
[2009/11/20 12:23:19 | 00,140,325 | ---- | M] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu164.pdf
[2009/11/20 12:23:15 | 00,133,902 | ---- | M] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu163.pdf
[2009/11/20 12:23:09 | 00,128,320 | ---- | M] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu162.pdf
[2009/11/20 12:23:05 | 00,128,447 | ---- | M] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu161.pdf
[2009/11/20 12:22:56 | 00,143,039 | ---- | M] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu160.pdf
[2009/11/20 12:22:51 | 00,133,355 | ---- | M] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu159.pdf
[2009/11/20 12:22:47 | 00,134,403 | ---- | M] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu158.pdf
[2009/11/20 12:22:40 | 00,141,712 | ---- | M] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu157.pdf
[2009/11/20 12:22:35 | 00,161,518 | ---- | M] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu156.pdf
[2009/11/20 12:22:31 | 00,110,827 | ---- | M] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu155.pdf
[2009/11/20 12:22:25 | 00,338,155 | ---- | M] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu154.pdf
[2009/11/20 12:22:19 | 00,201,777 | ---- | M] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu153.pdf
[2009/11/20 12:22:15 | 00,440,895 | ---- | M] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu152.pdf
[2009/11/20 12:22:10 | 00,142,842 | ---- | M] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu151.pdf
[2009/11/20 12:21:12 | 00,139,448 | ---- | M] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu149.pdf
[2009/11/20 12:21:06 | 00,147,610 | ---- | M] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu150.pdf
[2009/11/20 12:20:58 | 00,141,075 | ---- | M] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu148.pdf
[2009/11/20 12:20:51 | 00,142,291 | ---- | M] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu147.pdf
[2009/11/20 12:20:43 | 00,097,804 | ---- | M] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu146.pdf
[2009/11/20 12:20:38 | 00,094,474 | ---- | M] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu145.pdf
[2009/11/20 12:20:33 | 00,099,097 | ---- | M] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu144.pdf
[2009/11/20 12:20:26 | 00,099,024 | ---- | M] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu143.pdf
[2009/11/20 12:20:21 | 00,096,480 | ---- | M] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu142.pdf
[2009/11/20 12:20:15 | 00,095,923 | ---- | M] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu141.pdf
[2009/11/20 12:20:10 | 00,094,045 | ---- | M] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu140.pdf
[2009/11/20 12:20:03 | 00,096,046 | ---- | M] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu139.pdf
[2009/11/20 11:23:51 | 00,002,497 | ---- | M] () -- C:\Documents and Settings\Srila Gurudeva\Desktop\Microsoft Office Word 2003.lnk
[2009/11/19 19:09:34 | 00,000,178 | -HS- | M] () -- C:\Documents and Settings\Srila Gurudeva\ntuser.ini
[2009/11/17 18:53:00 | 00,000,282 | ---- | M] () -- C:\WINDOWS\tasks\Uniblue SpyEraser Nag.job
[2009/11/17 13:44:27 | 00,000,654 | ---- | M] () -- C:\WINDOWS\win.ini
[2009/11/17 13:43:59 | 00,000,006 | ---- | M] () -- C:\WINDOWS\msoffice.ini
[2009/11/17 11:23:52 | 00,049,457 | ---- | M] () -- C:\Documents and Settings\Srila Gurudeva\Desktop\Tamoharadasa 78 Nayapalli Orissa.jpg
[2009/11/17 11:23:43 | 00,039,167 | ---- | M] () -- C:\Documents and Settings\Srila Gurudeva\Desktop\Bhub '78.jpg
[2009/11/17 11:23:37 | 00,037,473 | ---- | M] () -- C:\Documents and Settings\Srila Gurudeva\Desktop\Bhub '78_close.jpg
[2009/11/17 11:23:25 | 00,009,630 | ---- | M] () -- C:\Documents and Settings\Srila Gurudeva\Desktop\Bhub '78_closerr.jpg
[2009/11/17 11:22:53 | 00,067,108 | ---- | M] () -- C:\Documents and Settings\Srila Gurudeva\Desktop\Bhub '78_NEW.jpg
[2009/11/11 11:30:14 | 00,045,372 | ---- | M] () -- C:\Documents and Settings\Srila Gurudeva\Desktop\Carmax Payment 10.27.09.webarchive
[2009/11/11 05:23:55 | 06,310,936 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2009/11/10 23:08:24 | 00,094,208 | ---- | M] (Apple Inc.) -- C:\WINDOWS\System32\QuickTimeVR.qtx
[2009/11/10 23:08:24 | 00,069,632 | ---- | M] (Apple Inc.) -- C:\WINDOWS\System32\QuickTime.qts
[2009/11/05 12:36:21 | 26,768,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\MRT.exe
[2009/11/02 12:11:45 | 00,555,502 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2009/11/02 12:11:45 | 00,465,364 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2009/11/02 12:11:45 | 00,080,070 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2009/10/31 08:26:17 | 06,021,032 | ---- | M] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\Pelvic_clock_jaw_p1.wma
[2009/10/31 08:26:16 | 09,936,801 | ---- | M] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\Pelvic_clock_jaw_p2.wma
[2009/10/31 08:25:06 | 01,877,092 | ---- | M] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\NLP_2_med.wma
[9 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2009/11/21 09:31:22 | 00,001,804 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2009/11/21 09:25:44 | 00,001,604 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\QuickTime Player.lnk
[2009/11/20 20:34:37 | 00,536,637 | ---- | C] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu207-1.pdf
[2009/11/20 13:10:25 | 01,629,137 | ---- | C] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\gopaljiu catalog_magazines_09.pdf
[2009/11/20 13:06:11 | 01,930,059 | ---- | C] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\gopaljiu catalog_books_09.pdf
[2009/11/20 12:31:37 | 00,547,189 | ---- | C] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu214.pdf
[2009/11/20 12:31:32 | 00,516,039 | ---- | C] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu213.pdf
[2009/11/20 12:31:28 | 00,573,200 | ---- | C] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu212.pdf
[2009/11/20 12:31:25 | 00,480,457 | ---- | C] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu211.pdf
[2009/11/20 12:29:34 | 00,464,019 | ---- | C] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu210.pdf
[2009/11/20 12:29:31 | 00,495,620 | ---- | C] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu209.pdf
[2009/11/20 12:29:28 | 00,441,437 | ---- | C] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu208.pdf
[2009/11/20 12:29:24 | 00,536,637 | ---- | C] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu207.pdf
[2009/11/20 12:29:16 | 00,442,333 | ---- | C] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu206.pdf
[2009/11/20 12:29:11 | 00,463,192 | ---- | C] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu205.pdf
[2009/11/20 12:29:06 | 00,462,620 | ---- | C] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu204.pdf
[2009/11/20 12:29:01 | 00,487,278 | ---- | C] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu203.pdf
[2009/11/20 12:28:55 | 00,384,724 | ---- | C] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu202.pdf
[2009/11/20 12:28:50 | 00,265,125 | ---- | C] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu201.pdf
[2009/11/20 12:28:45 | 00,371,997 | ---- | C] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu200.pdf
[2009/11/20 12:28:40 | 00,293,797 | ---- | C] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu199.pdf
[2009/11/20 12:28:35 | 00,313,614 | ---- | C] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu198.pdf
[2009/11/20 12:28:23 | 00,134,819 | ---- | C] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu197.pdf
[2009/11/20 12:28:18 | 00,134,584 | ---- | C] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu196.pdf
[2009/11/20 12:28:13 | 00,133,440 | ---- | C] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu195.pdf
[2009/11/20 12:28:03 | 00,313,361 | ---- | C] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu194.pdf
[2009/11/20 12:27:55 | 00,171,103 | ---- | C] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu193.pdf
[2009/11/20 12:27:50 | 00,172,333 | ---- | C] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu192.pdf
[2009/11/20 12:27:45 | 00,192,090 | ---- | C] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu191.pdf
[2009/11/20 12:27:40 | 00,179,156 | ---- | C] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu190.pdf
[2009/11/20 12:27:31 | 00,180,536 | ---- | C] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu189.pdf
[2009/11/20 12:27:24 | 00,174,674 | ---- | C] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu188.pdf
[2009/11/20 12:27:19 | 00,193,994 | ---- | C] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu187.pdf
[2009/11/20 12:27:13 | 00,190,730 | ---- | C] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu186.pdf
[2009/11/20 12:27:07 | 00,125,637 | ---- | C] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu185.pdf
[2009/11/20 12:27:00 | 00,155,321 | ---- | C] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu184.pdf
[2009/11/20 12:26:56 | 00,196,543 | ---- | C] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu183.pdf
[2009/11/20 12:26:52 | 00,117,767 | ---- | C] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu182.pdf
[2009/11/20 12:26:48 | 00,160,854 | ---- | C] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu181.pdf
[2009/11/20 12:24:50 | 00,157,792 | ---- | C] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu180.pdf
[2009/11/20 12:24:46 | 00,178,077 | ---- | C] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu179.pdf
[2009/11/20 12:24:40 | 00,167,098 | ---- | C] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu178.pdf
[2009/11/20 12:24:36 | 00,165,025 | ---- | C] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu177.pdf
[2009/11/20 12:24:33 | 00,162,669 | ---- | C] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu176.pdf
[2009/11/20 12:24:27 | 00,157,575 | ---- | C] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu175.pdf
[2009/11/20 12:24:23 | 00,151,666 | ---- | C] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu174.pdf
[2009/11/20 12:24:19 | 00,114,780 | ---- | C] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu173.pdf
[2009/11/20 12:24:11 | 00,102,268 | ---- | C] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu172.pdf
[2009/11/20 12:24:07 | 00,109,744 | ---- | C] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu171.pdf
[2009/11/20 12:24:01 | 00,108,314 | ---- | C] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu170.pdf
[2009/11/20 12:23:51 | 00,127,454 | ---- | C] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu169.pdf
[2009/11/20 12:23:47 | 00,131,195 | ---- | C] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu168.pdf
[2009/11/20 12:23:43 | 00,134,554 | ---- | C] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu167.pdf
[2009/11/20 12:23:33 | 00,150,332 | ---- | C] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu166.pdf
[2009/11/20 12:23:24 | 00,146,067 | ---- | C] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu165.pdf
[2009/11/20 12:23:19 | 00,140,325 | ---- | C] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu164.pdf
[2009/11/20 12:23:15 | 00,133,902 | ---- | C] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu163.pdf
[2009/11/20 12:23:09 | 00,128,320 | ---- | C] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu162.pdf
[2009/11/20 12:23:05 | 00,128,447 | ---- | C] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu161.pdf
[2009/11/20 12:22:56 | 00,143,039 | ---- | C] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu160.pdf
[2009/11/20 12:22:51 | 00,133,355 | ---- | C] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu159.pdf
[2009/11/20 12:22:47 | 00,134,403 | ---- | C] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu158.pdf
[2009/11/20 12:22:40 | 00,141,712 | ---- | C] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu157.pdf
[2009/11/20 12:22:35 | 00,161,518 | ---- | C] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu156.pdf
[2009/11/20 12:22:31 | 00,110,827 | ---- | C] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu155.pdf
[2009/11/20 12:22:25 | 00,338,155 | ---- | C] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu154.pdf
[2009/11/20 12:22:19 | 00,201,777 | ---- | C] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu153.pdf
[2009/11/20 12:22:15 | 00,440,895 | ---- | C] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu152.pdf
[2009/11/20 12:22:10 | 00,142,842 | ---- | C] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu151.pdf
[2009/11/20 12:21:12 | 00,139,448 | ---- | C] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu149.pdf
[2009/11/20 12:21:06 | 00,147,610 | ---- | C] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu150.pdf
[2009/11/20 12:20:58 | 00,141,075 | ---- | C] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu148.pdf
[2009/11/20 12:20:51 | 00,142,291 | ---- | C] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu147.pdf
[2009/11/20 12:20:43 | 00,097,804 | ---- | C] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu146.pdf
[2009/11/20 12:20:38 | 00,094,474 | ---- | C] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu145.pdf
[2009/11/20 12:20:33 | 00,099,097 | ---- | C] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu144.pdf
[2009/11/20 12:20:26 | 00,099,024 | ---- | C] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu143.pdf
[2009/11/20 12:20:21 | 00,096,480 | ---- | C] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu142.pdf
[2009/11/20 12:20:15 | 00,095,923 | ---- | C] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu141.pdf
[2009/11/20 12:20:10 | 00,094,045 | ---- | C] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu140.pdf
[2009/11/20 12:20:03 | 00,096,046 | ---- | C] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu139.pdf
[2009/11/17 14:04:32 | 09,541,632 | ---- | C] () -- C:\Documents and Settings\Srila Gurudeva\Desktop\collection costs (version 1).xls
[2009/11/17 13:43:08 | 00,000,006 | ---- | C] () -- C:\WINDOWS\msoffice.ini
[2009/11/17 11:23:51 | 00,049,457 | ---- | C] () -- C:\Documents and Settings\Srila Gurudeva\Desktop\Tamoharadasa 78 Nayapalli Orissa.jpg
[2009/11/17 11:23:43 | 00,039,167 | ---- | C] () -- C:\Documents and Settings\Srila Gurudeva\Desktop\Bhub '78.jpg
[2009/11/17 11:23:37 | 00,037,473 | ---- | C] () -- C:\Documents and Settings\Srila Gurudeva\Desktop\Bhub '78_close.jpg
[2009/11/17 11:23:25 | 00,009,630 | ---- | C] () -- C:\Documents and Settings\Srila Gurudeva\Desktop\Bhub '78_closerr.jpg
[2009/11/17 11:22:52 | 00,067,108 | ---- | C] () -- C:\Documents and Settings\Srila Gurudeva\Desktop\Bhub '78_NEW.jpg
[2009/11/11 11:30:14 | 00,045,372 | ---- | C] () -- C:\Documents and Settings\Srila Gurudeva\Desktop\Carmax Payment 10.27.09.webarchive
[2009/11/10 10:56:12 | 09,541,632 | ---- | C] () -- C:\Documents and Settings\Srila Gurudeva\Desktop\collection costs.xls
[2009/11/06 12:58:30 | 21,455,05280 | -HS- | C] () -- C:\hiberfil.sys
[2009/10/31 08:25:14 | 06,021,032 | ---- | C] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\Pelvic_clock_jaw_p1.wma
[2009/10/31 08:25:07 | 09,936,801 | ---- | C] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\Pelvic_clock_jaw_p2.wma
[2009/10/31 08:25:05 | 01,877,092 | ---- | C] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\NLP_2_med.wma
[2009/02/14 01:34:53 | 12,385,064 | -H-- | C] () -- C:\Documents and Settings\Srila Gurudeva\Local Settings\Application Data\IconCache.db
[2009/02/10 09:24:01 | 00,000,000 | ---- | C] () -- C:\WINDOWS\PROTOCOL.INI
[2009/02/10 09:07:20 | 00,000,000 | ---- | C] () -- C:\Documents and Settings\Srila Gurudeva\Local Settings\Application Data\imageCache7.db
[2008/11/30 20:14:21 | 00,000,000 | ---- | C] () -- C:\Documents and Settings\Srila Gurudeva\Local Settings\Application Data\FnF4.txt
[2008/11/16 20:36:22 | 00,000,256 | ---- | C] () -- C:\WINDOWS\System32\42upd.dll
[2008/11/14 00:02:36 | 00,000,256 | ---- | C] () -- C:\WINDOWS\System32\41upd.dll
[2008/10/30 08:57:50 | 00,000,256 | ---- | C] () -- C:\WINDOWS\System32\40upd.dll
[2008/02/11 08:39:26 | 00,253,952 | ---- | C] () -- C:\WINDOWS\System32\OnlineScannerDLLA.dll
[2008/02/11 08:39:18 | 00,237,568 | ---- | C] () -- C:\WINDOWS\System32\OnlineScannerDLLW.dll
[2008/02/08 12:53:46 | 00,110,592 | ---- | C] () -- C:\WINDOWS\System32\OnlineScannerLang.dll
[2008/01/14 14:02:48 | 00,011,776 | ---- | C] () -- C:\WINDOWS\System32\pmsbfn32.dll
[2008/01/09 15:01:48 | 00,000,453 | ---- | C] () -- C:\WINDOWS\bdoscandellang.ini
[2007/12/26 00:29:33 | 00,000,133 | ---- | C] () -- C:\Program Files\AutoUpdate.dat
[2007/11/22 13:24:38 | 00,000,165 | ---- | C] () -- C:\WINDOWS\QUICKEN.INI
[2007/11/14 13:58:36 | 00,000,388 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI
[2007/10/23 21:12:13 | 00,001,751 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2007/09/27 09:51:02 | 00,020,698 | ---- | C] () -- C:\WINDOWS\System32\idxcntrs.ini
[2007/09/27 09:48:48 | 00,030,628 | ---- | C] () -- C:\WINDOWS\System32\gsrvctr.ini
[2007/09/27 09:48:28 | 00,031,698 | ---- | C] () -- C:\WINDOWS\System32\gthrctr.ini
[2007/07/27 13:49:02 | 00,225,355 | ---- | C] () -- C:\WINDOWS\System32\lnod32apiW.dll
[2007/07/27 13:49:02 | 00,196,683 | ---- | C] () -- C:\WINDOWS\System32\lnod32apiA.dll
[2007/07/19 11:31:55 | 00,000,034 | ---- | C] () -- C:\WINDOWS\webica.ini
[2007/05/08 18:59:45 | 00,005,632 | ---- | C] () -- C:\Documents and Settings\Srila Gurudeva\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007/05/03 12:01:11 | 00,191,624 | ---- | C] () -- C:\Documents and Settings\Srila Gurudeva\Application Data\GDIPFONTCACHEV1.DAT
[2007/04/12 15:30:19 | 00,000,075 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2006/11/30 14:28:50 | 00,000,027 | ---- | C] () -- C:\WINDOWS\SmartAudio.INI
[2006/11/27 01:05:18 | 00,000,023 | ---- | C] () -- C:\WINDOWS\AudiMovie.INI
[2006/11/27 01:03:31 | 00,761,856 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2006/11/27 01:03:31 | 00,180,224 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2006/11/27 01:03:30 | 03,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2006/11/27 00:57:09 | 00,000,067 | ---- | C] () -- C:\WINDOWS\#1 DVD Audio Ripper.INI
[2006/11/27 00:36:25 | 00,000,000 | ---- | C] () -- C:\WINDOWS\AudioDVD.INI
[2006/11/21 19:41:47 | 00,000,014 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\DragToDiscUserNameD.txt
[2006/11/21 08:58:45 | 00,208,008 | ---- | C] () -- C:\Documents and Settings\Srila Gurudeva\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2006/11/19 10:35:58 | 00,000,058 | ---- | C] () -- C:\WINDOWS\System32\EAL32.INI
[2006/11/19 10:35:53 | 00,000,066 | ---- | C] () -- C:\WINDOWS\ESPR200.ini
[2006/10/31 16:23:08 | 00,000,022 | ---- | C] () -- C:\WINDOWS\System32\PICSDK.ini
[2006/10/31 16:19:07 | 00,096,768 | ---- | C] () -- C:\WINDOWS\SlantAdj.dll
[2006/10/31 16:19:07 | 00,000,072 | ---- | C] () -- C:\WINDOWS\System32\epDPE.ini
[2006/10/31 16:18:01 | 00,000,043 | ---- | C] () -- C:\WINDOWS\EP4180.ini
[2006/10/30 22:22:36 | 00,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2006/10/30 21:30:18 | 00,000,000 | ---- | C] () -- C:\Documents and Settings\Srila Gurudeva\Local Settings\Application Data\QSwitch.txt
[2006/10/30 21:30:18 | 00,000,000 | ---- | C] () -- C:\Documents and Settings\Srila Gurudeva\Local Settings\Application Data\DSwitch.txt
[2006/10/30 21:30:18 | 00,000,000 | ---- | C] () -- C:\Documents and Settings\Srila Gurudeva\Local Settings\Application Data\AtStart.txt
[2006/10/27 17:50:56 | 00,000,062 | -HS- | C] () -- C:\Documents and Settings\Srila Gurudeva\Application Data\desktop.ini
[2006/10/27 13:29:40 | 00,000,062 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\desktop.ini
[2006/06/29 13:58:52 | 00,030,808 | ---- | C] () -- C:\WINDOWS\Fonts\GlobalUserInterface.CompositeFont
[2006/06/29 13:53:56 | 00,026,489 | ---- | C] () -- C:\WINDOWS\Fonts\GlobalSansSerif.CompositeFont
[2006/04/18 14:39:28 | 00,029,779 | ---- | C] () -- C:\WINDOWS\Fonts\GlobalSerif.CompositeFont
[2006/04/18 14:39:28 | 00,026,040 | ---- | C] () -- C:\WINDOWS\Fonts\GlobalMonospace.CompositeFont
[2006/04/15 17:26:00 | 01,662,976 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2006/04/15 17:26:00 | 01,466,368 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2006/04/15 17:26:00 | 01,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2006/04/15 17:26:00 | 00,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2006/04/15 17:26:00 | 00,098,304 | ---- | C] () -- C:\WINDOWS\System32\nvapi.dll
[2006/02/28 07:00:00 | 00,000,654 | ---- | C] () -- C:\WINDOWS\win.ini
[2006/02/28 07:00:00 | 00,000,227 | ---- | C] () -- C:\WINDOWS\system.ini
[2006/02/27 16:51:36 | 00,090,112 | ---- | C] () -- C:\WINDOWS\System32\btprn2k.dll
[2005/12/05 18:25:22 | 00,139,264 | ---- | C] () -- C:\WINDOWS\System32\lnod32umc.dll
[2005/12/05 11:37:10 | 00,106,496 | ---- | C] () -- C:\WINDOWS\System32\lnod32upd.dll
[2003/01/07 15:05:08 | 00,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2002/05/15 22:29:04 | 00,000,607 | ---- | C] () -- C:\WINDOWS\System32\BTNeighborhood.dll.manifest
[2001/11/23 17:18:00 | 00,000,597 | ---- | C] () -- C:\WINDOWS\System32\btcss.dll.manifest
[2001/11/14 12:56:00 | 01,802,240 | ---- | C] () -- C:\WINDOWS\System32\lcppn21.dll

========== Alternate Data Streams ==========

@Alternate Data Stream - 8168 bytes -> C:\Program Files\Common Files:

 
 

  
 


@Alternate Data Stream - 8168 bytes -> C:\Program Files\Common Files:
    
  

 

@Alternate Data Stream - 8168 bytes -> C:\Program Files\Common Files:
      

  

@Alternate Data Stream - 8168 bytes -> C:\Program Files\Common Files:

 

 
  


@Alternate Data Stream - 8168 bytes -> C:\Program Files\Common Files:
   

 
   


@Alternate Data Stream - 8168 bytes -> C:\Program Files\Common Files:
  
 

 
@Alternate Data Stream - 8168 bytes -> C:\Program Files\Common Files:
  
   
 


@Alternate Data Stream - 8168 bytes -> C:\Program Files\Common Files:
     
  


 

@Alternate Data Stream - 8168 bytes -> C:\Program Files\Common Files:

   



 

    
@Alternate Data Stream - 8168 bytes -> C:\Program Files\Common Files:
 



  
 
  

@Alternate Data Stream - 8168 bytes -> C:\Program Files\Common Files:


  
 
   
@Alternate Data Stream - 8168 bytes -> C:\Program Files\Common Files:

 


      
@Alternate Data Stream - 8168 bytes -> C:\Program Files\Common Files:

 
  
 
    
@Alternate Data Stream - 8168 bytes -> C:\Program Files\Common Files:

 
   
  
@Alternate Data Stream - 8168 bytes -> C:\Program Files\Common Files:


   
 

 

 
 
 

@Alternate Data Stream - 8168 bytes -> C:\Program Files\Common Files:



  
  
   
@Alternate Data Stream - 8168 bytes -> C:\Program Files\Common Files:
 


   

  



@Alternate Data Stream - 8168 bytes -> C:\Program Files\Common Files:
 


 

       
 
@Alternate Data Stream - 8168 bytes -> C:\Program Files\Common Files:
   


   

  
  
@Alternate Data Stream - 8168 bytes -> C:\Program Files\Common Files:
  

 

 
    

@Alternate Data Stream - 8168 bytes -> C:\Program Files\Common Files: 
 



 


@Alternate Data Stream - 8168 bytes -> C:\Program Files\Common Files: 
  

@Alternate Data Stream - 8168 bytes -> C:\Program Files\Common Files:
 
   
 
  
@Alternate Data Stream - 8168 bytes -> C:\Program Files\Common Files: 
  
   

 
@Alternate Data Stream - 8168 bytes -> C:\Program Files\Common Files: 
    
 
 
   
@Alternate Data Stream - 8168 bytes -> C:\Program Files\Common Files: 


   
@Alternate Data Stream - 8168 bytes -> C:\Program Files\Common Files: 
       



@Alternate Data Stream - 8168 bytes -> C:\Program Files\Common Files:  
  
 
  
@Alternate Data Stream - 8168 bytes -> C:\Program Files\Common Files:    


  


 
@Alternate Data Stream - 8168 bytes -> C:\Program Files\Common Files:   
 
  

 

@Alternate Data Stream - 8168 bytes -> C:\Program Files\Common Files:    



 
 

@Alternate Data Stream - 8168 bytes -> C:\Program Files\Common Files:       




 

  
   

@Alternate Data Stream - 8168 bytes -> C:\Program Files\Common Files:   

  
   
 


@Alternate Data Stream - 8168 bytes -> C:\Program Files\Common Files:  

    

    
@Alternate Data Stream - 8168 bytes -> C:\Program Files\Common Files: 


 
 


 
  

 
@Alternate Data Stream - 8168 bytes -> C:\Program Files\Common Files: 
  
 








  
@Alternate Data Stream - 8168 bytes -> C:\Program Files\Common Files:     
  
@Alternate Data Stream - 8168 bytes -> C:\Program Files\Common Files:  

  

  
 
@Alternate Data Stream - 8168 bytes -> C:\Program Files\Common Files:  

  

    
@Alternate Data Stream - 8168 bytes -> C:\Program Files\Common Files:  

  
@Alternate Data Stream - 8168 bytes -> C:\Program Files\Common Files:     
  


@Alternate Data Stream - 8168 bytes -> C:\Program Files\Common Files: 



 
 
  
@Alternate Data Stream - 8168 bytes -> C:\Program Files\Common Files: 
 
 
  
 
  


 
@Alternate Data Stream - 8168 bytes -> C:\Program Files\Common Files: 
   
 
       
@Alternate Data Stream - 8168 bytes -> C:\Program Files\Common Files:       
 

 

@Alternate Data Stream - 8168 bytes -> C:\Program Files\Common Files:   
  

   
@Alternate Data Stream - 8168 bytes -> C:\Program Files\Common Files:   
  

 
 
 
@Alternate Data Stream - 8168 bytes -> C:\Program Files\Common Files: 
   
   
 

@Alternate Data Stream - 8168 bytes -> C:\Program Files\Common Files: 

   


 


@Alternate Data Stream - 8168 bytes -> C:\Program Files\Common Files: 

    
    
@Alternate Data Stream - 8168 bytes -> C:\Program Files\Common Files: 
 
  
 

 
@Alternate Data Stream - 8168 bytes -> C:\Program Files\Common Files:   
  
 
 


  

 
@Alternate Data Stream - 8168 bytes -> C:\Program Files\Common Files:  

  
 

@Alternate Data Stream - 8168 bytes -> C:\Program Files\Common Files: 
  
  

   
 

@Alternate Data Stream - 8168 bytes -> C:\Program Files\Common Files:   
 

  


 
@Alternate Data Stream - 8168 bytes -> C:\Program Files\Common Files:   
   

 

@Alternate Data Stream - 8168 bytes -> C:\Program Files\Common Files:         
   

 
@Alternate Data Stream - 8168 bytes -> C:\Program Files\Common Files:    


   
 


    
@Alternate Data Stream - 8168 bytes -> C:\Program Files\Common Files:  





  
  

@Alternate Data Stream - 8168 bytes -> C:\Program Files\Common Files:  

   



 
@Alternate Data Stream - 8168 bytes -> C:\Program Files\Common Files:   
 


  
 
 

@Alternate Data Stream - 8168 bytes -> C:\Program Files\Common Files: 



 


    

@Alternate Data Stream - 8168 bytes -> C:\Program Files\Common Files:

  



  

 
@Alternate Data Stream - 8168 bytes -> C:\Program Files\Common Files: 
 

  



 
@Alternate Data Stream - 8168 bytes -> C:\Program Files\Common Files: 
 


 

 
@Alternate Data Stream - 8168 bytes -> C:\Program Files\Common Files: 

    


  


@Alternate Data Stream - 8168 bytes -> C:\Program Files\Common Files: 


    
  
@Alternate Data Stream - 8168 bytes -> C:\Program Files\Common Files: 
            

  
@Alternate Data Stream - 8168 bytes -> C:\Program Files\Common Files: 

    

 
 
 
  

@Alternate Data Stream - 8168 bytes -> C:\Program Files\Common Files:   
 
   
 
 
 
@Alternate Data Stream - 8168 bytes -> C:\Program Files\Common Files:   



 

 
   
@Alternate Data Stream - 8168 bytes -> C:\Program Files\Common Files:     
  


 


@Alternate Data Stream - 8168 bytes -> C:\Program Files\Common Files: 

  

  


   
@Alternate Data Stream - 8168 bytes -> C:\Program Files\Common Files:  
 
 



 
 
@Alternate Data Stream - 8168 bytes -> C:\Program Files\Common Files:


     

  
 
@Alternate Data Stream - 8168 bytes -> C:\Program Files\Common Files:
 
 
          


@Alternate Data Stream - 8168 bytes -> C:\Program Files\Common Files:




  
  
 
@Alternate Data Stream - 8168 bytes -> C:\Program Files\Common Files:
 


 



   
@Alternate Data Stream - 8168 bytes -> C:\Program Files\Common Files:
 
 
   

   
@Alternate Data Stream - 8168 bytes -> C:\Program Files\Common Files:
  


    


@Alternate Data Stream - 8168 bytes -> C:\Program Files\Common Files:

     

 
 
  

 

@Alternate Data Stream - 8168 bytes -> C:\Program Files\Common Files:

   


 
  
  
@Alternate Data Stream - 8168 bytes -> C:\Program Files\Common Files:

  

   

@Alternate Data Stream - 8168 bytes -> C:\Program Files\Common Files:

     

 
   


@Alternate Data Stream - 8168 bytes -> C:\Program Files\Common Files:



      
@Alternate Data Stream - 8168 bytes -> C:\Program Files\Common Files:

   
  


 
  

  

@Alternate Data Stream - 8168 bytes -> C:\Program Files\Common Files:

   

      

@Alternate Data Stream - 8168 bytes -> C:\Program Files\Common Files: 
 
  
    


@Alternate Data Stream - 8168 bytes -> C:\Program Files\Common Files: 
 

 
    
 


@Alternate Data Stream - 8168 bytes -> C:\Program Files\Common Files:

        

@Alternate Data Stream - 8168 bytes -> C:\Program Files\Common Files: 

 

    

@Alternate Data Stream - 8168 bytes -> C:\Program Files\Common Files:  
  
 


     
@Alternate Data Stream - 8168 bytes -> C:\Program Files\Common Files:     
   
    
@Alternate Data Stream - 8168 bytes -> C:\Program Files\Common Files:  
 
      


 

@Alternate Data Stream - 8168 bytes -> C:\Program Files\Common Files:    



 

   
@Alternate Data Stream - 8168 bytes -> C:\Program Files\Common Files:  
 


   

  
 
@Alternate Data Stream - 8168 bytes -> C:\Program Files\Common Files:   


 
    
@Alternate Data Stream - 8168 bytes -> C:\Program Files\Common Files: 
 

 


@Alternate Data Stream - 8168 bytes -> C:\Program Files\Common Files:   


 
@Alternate Data Stream - 8168 bytes -> C:\Program Files\Common Files: 
 
  
   
 




@Alternate Data Stream - 8168 bytes -> C:\Program Files\Common Files:


 


    
 
  
  
@Alternate Data Stream - 8168 bytes -> C:\Program Files\Common Files: 


  


   
 
@Alternate Data Stream - 8168 bytes -> C:\Program Files\Common Files: 
      
@Alternate Data Stream - 8168 bytes -> C:\Program Files\Common Files:   
  
    
 
@Alternate Data Stream - 8168 bytes -> C:\Program Files\Common Files: 

   
 

   

@Alternate Data Stream - 29624 bytes -> C:\Program Files\Common Files:

   
 


 
@Alternate Data Stream - 29624 bytes -> C:\Program Files\Common Files:



 
   

   
@Alternate Data Stream - 29624 bytes -> C:\Program Files\Common Files:
  


 

  





@Alternate Data Stream - 29624 bytes -> C:\Program Files\Common Files:
  




 
 
 

@Alternate Data Stream - 29624 bytes -> C:\Program Files\Common Files:
 
  
    
   
@Alternate Data Stream - 29624 bytes -> C:\Program Files\Common Files:


 



 


  
@Alternate Data Stream - 29624 bytes -> C:\Program Files\Common Files:
  

 



  

@Alternate Data Stream - 29624 bytes -> C:\Program Files\Common Files:
  
    
   


@Alternate Data Stream - 29624 bytes -> C:\Program Files\Common Files:
    

  

 
 
@Alternate Data Stream - 29624 bytes -> C:\Program Files\Common Files:



  
   
 
@Alternate Data Stream - 29624 bytes -> C:\Program Files\Common Files:
 

 
  
@Alternate Data Stream - 29624 bytes -> C:\Program Files\Common Files:

 
 
    
 
 

@Alternate Data Stream - 29624 bytes -> C:\Program Files\Common Files:
 


  



 

@Alternate Data Stream - 29624 bytes -> C:\Program Files\Common Files:
  
  

  
   
@Alternate Data Stream - 29624 bytes -> C:\Program Files\Common Files:
    
 
 
 
@Alternate Data Stream - 29624 bytes -> C:\Program Files\Common Files:
 
   



     


@Alternate Data Stream - 29624 bytes -> C:\Program Files\Common Files:
 


 
     

@Alternate Data Stream - 29624 bytes -> C:\Program Files\Common Files: 

 


   

@Alternate Data Stream - 29624 bytes -> C:\Program Files\Common Files: 

 
 
 
 


@Alternate Data Stream - 29624 bytes -> C:\Program Files\Common Files: 

    
@Alternate Data Stream - 29624 bytes -> C:\Program Files\Common Files: 
  

 


  
  
@Alternate Data Stream - 29624 bytes -> C:\Program Files\Common Files: 

  
 
  

   
@Alternate Data Stream - 29624 bytes -> C:\Program Files\Common Files: 
  
 
 

   
 
@Alternate Data Stream - 29624 bytes -> C:\Program Files\Common Files:   

 

@Alternate Data Stream - 29624 bytes -> C:\Program Files\Common Files:  
 

  
     
  
@Alternate Data Stream - 29624 bytes -> C:\Program Files\Common Files:  
 
  

@Alternate Data Stream - 29624 bytes -> C:\Program Files\Common Files:     

  

  

@Alternate Data Stream - 29624 bytes -> C:\Program Files\Common Files:    

 


 
  
 
 
  

@Alternate Data Stream - 29624 bytes -> C:\Program Files\Common Files:  
  
   


 



 
@Alternate Data Stream - 29624 bytes -> C:\Program Files\Common Files: 


 


 


 
   

@Alternate Data Stream - 29624 bytes -> C:\Program Files\Common Files:      


 


@Alternate Data Stream - 29624 bytes -> C:\Program Files\Common Files:   
    


@Alternate Data Stream - 29624 bytes -> C:\Program Files\Common Files: 

 

 

 
    
@Alternate Data Stream - 29624 bytes -> C:\Program Files\Common Files: 



  
 

 

@Alternate Data Stream - 29624 bytes -> C:\Program Files\Common Files: 
   

  

  
@Alternate Data Stream - 29624 bytes -> C:\Program Files\Common Files: 
 

 
 

 

@Alternate Data Stream - 29624 bytes -> C:\Program Files\Common Files: 

      

  

@Alternate Data Stream - 29624 bytes -> C:\Program Files\Common Files: 

 
  


   
@Alternate Data Stream - 29624 bytes -> C:\Program Files\Common Files: 


  
  
  


 


 
@Alternate Data Stream - 29624 bytes -> C:\Program Files\Common Files: 
   
       

 
@Alternate Data Stream - 29624 bytes -> C:\Program Files\Common Files: 
     
  


@Alternate Data Stream - 29624 bytes -> C:\Program Files\Common Files:   

 
 
    

 
@Alternate Data Stream - 29624 bytes -> C:\Program Files\Common Files:  
     



@Alternate Data Stream - 29624 bytes -> C:\Program Files\Common Files:    
  







@Alternate Data Stream - 29624 bytes -> C:\Program Files\Common Files:  

 
  
  

@Alternate Data Stream - 29624 bytes -> C:\Program Files\Common Files:   
 
 
   
    
@Alternate Data Stream - 29624 bytes -> C:\Program Files\Common Files:   

  



 


 


@Alternate Data Stream - 29624 bytes -> C:\Program Files\Common Files:  


 
   




 
@Alternate Data Stream - 29624 bytes -> C:\Program Files\Common Files:   
 


   
@Alternate Data Stream - 29624 bytes -> C:\Program Files\Common Files: 

  
 

  

@Alternate Data Stream - 29624 bytes -> C:\Program Files\Common Files:      









@Alternate Data Stream - 29624 bytes -> C:\Program Files\Common Files:    

    
 

@Alternate Data Stream - 29624 bytes -> C:\Program Files\Common Files: 
  

 
 
 
   
@Alternate Data Stream - 29624 bytes -> C:\Program Files\Common Files: 
 

 

 
@Alternate Data Stream - 29624 bytes -> C:\Program Files\Common Files: 
 
 
@Alternate Data Stream - 29624 bytes -> C:\Program Files\Common Files: 
  

    
    


@Alternate Data Stream - 29624 bytes -> C:\Program Files\Common Files:   
  






@Alternate Data Stream - 29624 bytes -> C:\Program Files\Common Files:   

     
 
@Alternate Data Stream - 29624 bytes -> C:\Program Files\Common Files:   
  


      
 
@Alternate Data Stream - 29624 bytes -> C:\Program Files\Common Files:  
   
  


@Alternate Data Stream - 29624 bytes -> C:\Program Files\Common Files:  

 
 

   
 
@Alternate Data Stream - 29624 bytes -> C:\Program Files\Common Files:  
      
 


 
@Alternate Data Stream - 29624 bytes -> C:\Program Files\Common Files:   
    

 




@Alternate Data Stream - 29624 bytes -> C:\Program Files\Common Files:



 
    


 
@Alternate Data Stream - 29624 bytes -> C:\Program Files\Common Files:

 






   

@Alternate Data Stream - 29624 bytes -> C:\Program Files\Common Files:

 


 

 
  
@Alternate Data Stream - 29624 bytes -> C:\Program Files\Common Files:


 
  

   
@Alternate Data Stream - 29624 bytes -> C:\Program Files\Common Files:


  
 



  
@Alternate Data Stream - 29624 bytes -> C:\Program Files\Common Files:


    
   

 


@Alternate Data Stream - 29624 bytes -> C:\Program Files\Common Files:

   
 

@Alternate Data Stream - 29624 bytes -> C:\Program Files\Common Files:

 

  

  

 

@Alternate Data Stream - 29624 bytes -> C:\Program Files\Common Files:
 
       

@Alternate Data Stream - 29624 bytes -> C:\Program Files\Common Files:
 
 

 
 
@Alternate Data Stream - 29624 bytes -> C:\Program Files\Common Files:
  



 
 

 
 
 

@Alternate Data Stream - 29624 bytes -> C:\Program Files\Common Files:
 
  

  
    
@Alternate Data Stream - 29624 bytes -> C:\Program Files\Common Files:
 
 
  

 



@Alternate Data Stream - 29624 bytes -> C:\Program Files\Common Files:
   
 
   
  
@Alternate Data Stream - 29624 bytes -> C:\Program Files\Common Files:


     


  
@Alternate Data Stream - 29624 bytes -> C:\Program Files\Common Files:

   


@Alternate Data Stream - 29624 bytes -> C:\Program Files\Common Files:
   
   

 
@Alternate Data Stream - 29624 bytes -> C:\Program Files\Common Files:
  
  



 

@Alternate Data Stream - 29624 bytes -> C:\Program Files\Common Files:
   


 
 

  

 

@Alternate Data Stream - 29624 bytes -> C:\Program Files\Common Files:
 
      


@Alternate Data Stream - 29624 bytes -> C:\Program Files\Common Files: 

 

 
 


@Alternate Data Stream - 29624 bytes -> C:\Program Files\Common Files:



   

    



 
 
@Alternate Data Stream - 29624 bytes -> C:\Program Files\Common Files: 

 
 

  
 





 
 


@Alternate Data Stream - 29624 bytes -> C:\Program Files\Common Files: 

   

    
 
@Alternate Data Stream - 29624 bytes -> C:\Program Files\Common Files: 
  


     
@Alternate Data Stream - 29624 bytes -> C:\Program Files\Common Files: 
  

 
 
 
@Alternate Data Stream - 29624 bytes -> C:\Program Files\Common Files: 
   
 
 
@Alternate Data Stream - 29624 bytes -> C:\Program Files\Common Files:    
  







@Alternate Data Stream - 29624 bytes -> C:\Program Files\Common Files:     


 

  


@Alternate Data Stream - 29624 bytes -> C:\Program Files\Common Files:  

   
@Alternate Data Stream - 29624 bytes -> C:\Program Files\Common Files:  
 
  
 
 

@Alternate Data Stream - 29624 bytes -> C:\Program Files\Common Files:   
   
   

  
@Alternate Data Stream - 29624 bytes -> C:\Program Files\Common Files: 


 

     
@Alternate Data Stream - 29624 bytes -> C:\Program Files\Common Files: 

 

 


 
 
@Alternate Data Stream - 29624 bytes -> C:\Program Files\Common Files:
   
 
 
@Alternate Data Stream - 29624 bytes -> C:\Program Files\Common Files: 
 





 
@Alternate Data Stream - 29624 bytes -> C:\Program Files\Common Files: 
     
  

@Alternate Data Stream - 29624 bytes -> C:\Program Files\Common Files:
    
   

   



@Alternate Data Stream - 29624 bytes -> C:\Program Files\Common Files: 







    


@Alternate Data Stream - 29624 bytes -> C:\Program Files\Common Files: 


 



 
@Alternate Data Stream - 29624 bytes -> C:\Program Files\Common Files: 



 


 
    
@Alternate Data Stream - 29624 bytes -> C:\Program Files\Common Files: 


 
    



  
@Alternate Data Stream - 29624 bytes -> C:\Program Files\Common Files: 
 








 

  
@Alternate Data Stream - 29624 bytes -> C:\Program Files\Common Files: 

 


 

 

@Alternate Data Stream - 29624 bytes -> C:\Program Files\Common Files:     
   
  
@Alternate Data Stream - 29624 bytes -> C:\Program Files\Common Files: 
   

  
  

@Alternate Data Stream - 104 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2

< End of report >

#5 creativegd

creativegd
  • Topic Starter

  • Members
  • 73 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Atlanta
  • Local time:03:53 AM

Posted 21 November 2009 - 10:40 PM

Here is the Extras scan:

OTL Extras logfile created on: 11/21/2009 10:22:23 PM - Run 1
OTL by OldTimer - Version 3.1.6.1 Folder = C:\Documents and Settings\Srila Gurudeva\Desktop\Software
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18372)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 1.14 Gb Available Physical Memory | 57.02% Memory free
3.85 Gb Paging File | 3.07 Gb Available in Paging File | 79.92% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 111.78 Gb Total Space | 18.41 Gb Free Space | 16.47% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: SRIGURU
Current User Name: Srila Gurudeva
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

[HKEY_USERS\S-1-5-21-839522115-57989841-725345543-1003\SOFTWARE\Classes\<extension>]
.html [@ = SafariHTML] -- C:\Program Files\Safari\Safari.exe (Apple Inc.)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
http [open] -- Reg Error: Key error.
https [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
jsfile [edit] -- "C:\Program Files\Macromedia\Dreamweaver 8\dreamweaver.exe" "%1" (Macromedia, Inc.)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 1
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 1
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
"3389:TCP" = 3389:TCP:*:Enabled:@xpsp2res.dll,-22009

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"3389:TCP" = 3389:TCP:*:Enabled:@xpsp2res.dll,-22009

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\America Online 9.0\waol.exe" = C:\Program Files\America Online 9.0\waol.exe:*:Enabled:America Online 9.0 -- File not found
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"C:\Program Files\TESTOUT\Cmi\Navigator.exe" = C:\Program Files\TESTOUT\Cmi\Navigator.exe:*:Disabled:TestOut Navigator -- File not found
"C:\Program Files\AOL 9.0\waol.exe" = C:\Program Files\AOL 9.0\waol.exe:*:Enabled:AOL 9.0 -- File not found
"C:\Program Files\AOL 9.1\waol.exe" = C:\Program Files\AOL 9.1\waol.exe:*:Enabled:AOL 9.1 -- File not found

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\JungleDisk\junglediskmonitor.exe" = C:\Program Files\JungleDisk\junglediskmonitor.exe:*:Enabled:Jungle Disk Monitor -- (Jungle Disk, Inc.)
"C:\Program Files\Real\RealPlayer\realplay.exe" = C:\Program Files\Real\RealPlayer\realplay.exe:*:Enabled:RealPlayer -- (RealNetworks, Inc.)
"C:\Program Files\Bonjour\mDNSResponder.exe" = C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour -- (Apple Inc.)
"C:\Documents and Settings\Srila Gurudeva\Application Data\Macromedia\Flash Player\www.macromedia.com\bin\octoshape\octoshape.exe" = C:\Documents and Settings\Srila Gurudeva\Application Data\Macromedia\Flash Player\www.macromedia.com\bin\octoshape\octoshape.exe:*:Enabled:Octoshape add-in for Adobe Flash Player -- (Octoshape ApS)
"C:\Program Files\AOL 9.1\waol.exe" = C:\Program Files\AOL 9.1\waol.exe:*:Enabled:AOL 9.1 -- File not found
"C:\Program Files\AVG\AVG8\avgupd.exe" = C:\Program Files\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG8\avgnsx.exe" = C:\Program Files\AVG\AVG8\avgnsx.exe:*:Enabled:avgnsx.exe -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\Mozilla Firefox\firefox.exe" = C:\Program Files\Mozilla Firefox\firefox.exe:*:Disabled:Firefox -- (Mozilla Corporation)
"C:\Program Files\iTunes\iTunes.exe" = C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0228e555-4f9c-4e35-a3ec-b109a192b4c2}" = Google Gmail Notifier
"{055FEF8E-4B86-400F-A5C6-8FAC0042DCD9}" = NVIDIA DVD Decoder
"{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour
"{0837A661-FEC3-48B3-876C-91E7D32048A9}" = Macromedia Dreamweaver 8
"{09D8492A-C8E2-421E-927D-46800FB327A3}" = Wireless Home Network Setup
"{0ABC556A-5A27-4708-9021-B72FB0F8B1F6}" = Canon MF4200 Series
"{0D499481-22C6-4B25-8AC2-6D3F6C885FB9}" = OpenOffice.org Installer 1.0
"{132CA5D9-C745-4B0B-A3B2-8C7A6EC3EE7E}" = Canon MF Toolbox 4.9.1.1.mf06
"{13515135-48BB-4184-8C1F-2FAE0138E200}" = TBS WMP Plug-in
"{1451DE6B-ABE1-4F62-BE9A-B363A17588A2}" = QuickTime
"{1BCEA516-B4C5-4B2D-BFA0-AB7910BAD862}" = Adobe ExtendScript Toolkit 2
"{236BB7C4-4419-42FD-0409-1E257A25E34D}" = Adobe Photoshop CS2
"{23EFDB58-0874-4883-9810-EDA510B19FAE}" =
"{26A24AE4-039D-4CA4-87B4-2F83216012FF}" = Java™ 6 Update 12
"{2A780209-2A41-4C75-932A-F6F0390D430A}" = Adobe Photoshop CS2 Functional Content
"{2BB79C8D-9DCC-4861-8A23-AE1B0B45E2B6}" =
"{2BD5C305-1B27-4D41-B690-7A61172D2FEB}" = Macromedia Flash 8
"{34D2AB40-150D-475D-AE32-BD23FB5EE355}" = HP Quick Launch Buttons 6.00 G2
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3B0F52AC-EF5C-4831-B221-06C782E41280}" = Quicken 2008
"{3BDDF462-8A95-4C50-86DA-4D41F3483EA5}" = Canon MF Toolbox 4.9.1.1.mf06
"{3F4EC965-28EF-45C3-B063-04B25D4E9679}" = HP Integrated Module with Bluetooth wireless technology
"{3F92ABBB-6BBF-11D5-B229-002078017FBF}" = NetWaiting
"{3FA365DF-2D68-45ED-8F83-8C8A33E65143}" = Apple Application Support
"{4302B2DD-D958-40E3-BAF3-B07FFE1978CE}" = HP Wireless Assistant 2.00 E1
"{48EB9208-593D-4DC7-B613-9C5A210D87BA}" = Sony Sound Forge 8.0b
"{5546CDB5-2CE2-498B-B059-5B3BF81FC41F}" = Macromedia Extension Manager
"{56582EEA-3AEF-4D84-8B9D-C87A3CD9250F}" = GetDataBack for NTFS
"{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}" = Microsoft Office Live Add-in 1.3
"{5AF8C46D-A141-4E69-9EB5-76A43ED29281}" = Charter High Speed Internet Self-Installation Wizard
"{5D1A81AA-ED90-11D6-86D3-00055DF3561E}" =
"{5E25514E-8FD5-4023-B9E3-8ECD5B0270B5}" = AT&T Communication Manager
"{64C1FA9A-FA94-4B6E-B3E4-8573738E4AD1}" = Adobe Setup
"{666CF041-77BE-414E-9A9D-0A227E9B48F8}" =
"{67EDD823-135A-4D59-87BD-950616D6E857}" = EPSON Copy Utility 3
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6C11D561-620B-47DA-A693-4C597F3CDF40}" = EPSON Smart Panel
"{6D4AC5A4-4CF9-4F90-8111-B9B53CE257BF}" = Adobe Color Common Settings
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7B6CF9EB-CB2B-4A1A-81A9-BE1A9044690A}" = TIPCI
"{7F4C8163-F259-49A0-A018-2857A90578BC}" = Adobe InDesign CS2
"{83021AC3-086F-4B77-ACCD-1BD7C9AB211E}" =
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8BF2C401-02CE-424D-BC26-6C4F9FB446B6}" = Macromedia Flash 8 Video Encoder
"{8EDBA74D-0686-4C99-BFDD-F894678E5102}" = Adobe Common File Installer
"{8FFC924C-ED06-44CB-8867-3CA778ECE903}" = Adobe Help Center 2.0
"{90110409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90170409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office FrontPage 2003
"{90280409-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Professional with FrontPage
"{92C5DB3D-9D6F-4324-BB11-57825F4C2635}" = DVD Decoder Pak for Windows XP
"{9422C8EA-B0C6-4197-B8FC-DC797658CA00}" = Windows Live Sign-in Assistant
"{943D534F-B17D-4D52-9AC4-AE8DE38D3BF4}" = Canon MF Toolbox 4.9.1.1.mf06
"{94FB906A-CF42-4128-A509-D353026A607E}" = REALTEK Gigabit and Fast Ethernet NIC Driver
"{9579E862-5FC7-4337-B1CC-5E37451524C5}" =
"{98613C99-1399-416C-A07C-1EE1C585D872}" = SeaTools for Windows
"{9B73D612-E2E8-4216-B3E5-F9EF4617AB38}" = ErrorKiller
"{A26B749D-CAB4-4652-A418-DEB6723362B7}" = Canon MF Toolbox 4.9.1.1.mf06
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A4D7B764-4140-11D4-88EB-0050DA3579C0}" = Nero - Burning Rom
"{A674C836-BA6A-C1E0-068F-F9972D013A11}" = MyFonts Order M743838
"{A6FDF86A-F541-4E7B-AEA0-8849A2A700D5}" = iTunes
"{AAB061B3-99A6-4EE5-93F4-6EB1F60295C4}" = Adobe Production Studio
"{AADEA55D-C834-4BCB-98A3-4B8D1C18F4EE}" = Apple Mobile Device Support
"{AC76BA86-1033-0000-7760-000000000001}" = Adobe Acrobat 6.0 Professional
"{AC76BA86-7AD7-1033-7B44-A81300000003}" = Adobe Reader 8.1.3
"{B14F9B26-D695-4C4A-8B11-0FE6CDCC797B}" =
"{B2F5D08C-7E79-4FCD-AAF4-57AD35FF0601}" = Adobe Illustrator CS2
"{B3B7836C-A1AD-4A56-811C-C18ABDE5EAAD}" = Adobe Video Suite Extras
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B74D4E10-0000-0000-0000-EDED00000102}" = Adobe ExtendScript Toolkit 1.0
"{B74D4E10-0000-0000-0000-EDED00000103}" = Adobe ExtendScript Toolkit 1.0
"{B74D4E10-6884-0000-0000-000000000103}" = Adobe Bridge 1.0
"{BCE72AED-3332-4863-9567-C5DCB9052CA2}" = Netflix Movie Viewer
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CB4544EA-C189-41FE-9E3A-76591DDB852B}" = Roxio Easy Media Creator 7
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D504303A-717D-414C-BA9F-FE01093E2EF8}" = Adobe Setup
"{D6E4E5D6-7693-4BB4-95BA-21F38FAFEE90}" = Safari
"{DBCC73BA-C69A-4BF5-B4BF-F07501EE7039}" = AnswerWorks 5.0 English Runtime
"{DD929BD3-5D41-4407-BE04-119B4A631869}" = Canon MF Toolbox 4.9.1.1.mf06
"{E213C271-AEFA-481D-A9B4-914D88925B8D}" =
"{E5431FB5-B3EB-46C8-8275-F6447131C98A}" = Norton Security Scan
"{E63E34A7-E552-412B-9E40-FD6FC5227ABA}_is1" = Uniblue RegistryBooster 2009
"{EE0D5DCD-2B97-4473-98DF-E93C0BD92F7A}" = Adobe Stock Photos 1.0
"{F1BA3CD5-89DC-4273-8603-A75F33E9B335}" = Nokia Connectivity Adapter Cable DKU-5
"{FAD9402A-1A9B-4ABE-A410-393A3622FA5A}" =
"53F13DB4D9611FD63BE580F06F0729BF236ABE68" = Windows Driver Package - Advanced Micro Devices (AmdK8) Processor (05/27/2006 1.3.2.0)
"ABBYY FineReader 5.0 Sprint" =
"ActiveScan 2.0" = Panda ActiveScan 2.0
"Ad-Aware SE Personal" = Ad-Aware SE Personal
"AddressBook" =
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Illustrator CS2" =
"Adobe InDesign CS2 - {7F4C8163-F259-49A0-A018-2857A90578BC}" = Adobe InDesign CS2
"Adobe Photoshop CS2 - {236BB7C4-4419-42FD-0409-1E257A25E34D}" =
"Adobe Shockwave Player" = Adobe Shockwave Player 11
"Adobe SVG Viewer" = Adobe SVG Viewer 3.0
"Adobe_5bc0f8414ec36c555a3e7e5ec2e225e" = Adobe ExtendScript Toolkit 2
"Adobe_6c8e2cb4fd241c55406016127a6ab2e" = Adobe Color Common Settings
"AdwarePro" = AdwarePro 1.0
"AolCoach" = AOL Coach Version 1.0(Build:20030807.3)
"AudiMovie" = AudiMovie
"Audio DVD Creator_is1" = Audio DVD Creator 1.9.1.0
"avast!" = avast! Antivirus
"AVG8Uninstall" = AVG Free 8.5
"Bee Icons_is1" = Bee Icons v 4.0.3
"Branding" =
"Broadcom 802.11b Network Adapter" = Broadcom 802.11 Wireless LAN Adapter
"CCleaner" = CCleaner (remove only)
"Citrix ICA Web Client" = MetaFrame Presentation Server Web Client for Win32
"CNXT_HDAUDIO" = Conexant HD Audio
"CNXT_MODEM_HDAUDIO_CPL30A5m" = HDAUDIO Soft Data Fax Modem with SmartCP
"Connection Manager" =
"Diacritic Fonts" = Diacritic Fonts
"DirectAnimation" =
"DirectDrawEx" =
"DVD Audio Ripper 4" = DVD Audio Ripper 4
"DXM_Runtime" =
"EPSON Printer and Utilities" = EPSON Printer Software
"EPSON Scanner" = EPSON Scan
"ERUNT_is1" = ERUNT 1.1j
"EsetOnlineScanner" = ESET Online Scanner
"FileZilla" = FileZilla (remove only)
"Folder Marker_is1" = Folder Marker v 1.4
"Fontcore" =
"GMailFS" = GMail Drive Shell Extension
"Graboid Video" = Graboid Video 1.65
"Group Mail" = Group Mail
"Hardlock Patch Files" = Hardlock Patch Files
"HijackThis" = HijackThis 2.0.2
"ICW" =
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"IE40" =
"IE4Data" =
"IE5BAKEX" =
"ie7" = Windows Internet Explorer 7
"ie8" = Windows Internet Explorer 8 Release Candidate 1
"IEData" =
"InstallShield Uninstall Information" =
"InstallShield_{13515135-48BB-4184-8C1F-2FAE0138E200}" = TBS WMP Plug-in
"InstallShield_{7B6CF9EB-CB2B-4A1A-81A9-BE1A9044690A}" = Texas Instruments PCIxx21/x515/xx12 drivers.
"Jungle Disk for Windows" = Jungle Disk for Windows
"Letterhead Fonts" = Letterhead Fonts
"LimeWire" = LimeWire PRO 4.10.3
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"MobileOptionPack" =
"Mozilla ActiveX Control v1.7.12" = Mozilla ActiveX Control v1.7.12
"Mozilla Firefox (3.0.13)" = Mozilla Firefox (3.0.13)
"MP3 to SWF Converter" = MP3 to SWF Converter 2.6 build 918
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"MSI30a-KB884016" =
"MSI30-Beta1" =
"MSI30-Beta2" =
"MSI30-KB884016" =
"MSI30-RC1" =
"MSI30-RC2" =
"MSI31-Beta" =
"MSI31-RC1" =
"NetMeeting" =
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"NVIDIA Drivers" = NVIDIA Drivers
"OutlookExpress" =
"PCHealth" =
"Picasa2" = Picasa 2
"PROSet" = Intel® PRO Network Connections Drivers
"Qlock" = Qlock Lite
"RealPlayer 6.0" = RealPlayer
"Registry Mechanic_is1" = Registry Mechanic 6.0
"Samsung ML-2010 Series" = Samsung ML-2010 Series
"SchedulingAgent" =
"Shockwave" =
"SpeedUpMyPC_is1" = Uniblue SpeedUpMyPC 3
"SpyEraser_is1" = Uniblue SpyEraser
"ST6UNST #1" = ScreenPrint32 v3.5
"StreetPlugin" = Learn2 Player (Uninstall Only)
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"Targus BT Mouse" = Targus BT Mouse 1.00.01 (Build 1000)
"Uninstall Presto! BizCard 4.0 Eng" =
"USB Safely Remove_is1" = USB Safely Remove 4.2
"VLC media player" = VideoLAN VLC media player 0.8.6d
"WIC" = Windows Imaging Component
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"WinRAR archiver" = WinRAR archiver
"WMCSetup" =
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"XoftSpy" = XoftSpy

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-839522115-57989841-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Move Networks Player - IE" = Move Networks Media Player for Internet Explorer
"Octoshape add-in for Adobe Flash Player" = Octoshape add-in for Adobe Flash Player

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 11/18/2009 2:05:50 PM | Computer Name = SRIGURU | Source = MBAMService | ID = 131073
Description =

Error - 11/19/2009 12:40:29 PM | Computer Name = SRIGURU | Source = MBAMService | ID = 131073
Description =

Error - 11/19/2009 12:40:29 PM | Computer Name = SRIGURU | Source = MBAMService | ID = 131073
Description =

Error - 11/19/2009 8:41:01 PM | Computer Name = SRIGURU | Source = MBAMService | ID = 131073
Description =

Error - 11/19/2009 8:41:01 PM | Computer Name = SRIGURU | Source = MBAMService | ID = 131073
Description =

Error - 11/20/2009 12:52:28 PM | Computer Name = SRIGURU | Source = Application Error | ID = 1000
Description = Faulting application views.exe, version 4.11.100.0, faulting module
nfomgr4.dll, version 4.11.100.0, fault address 0x0000e20c.

Error - 11/21/2009 11:17:03 AM | Computer Name = SRIGURU | Source = MBAMService | ID = 131073
Description =

Error - 11/21/2009 11:17:04 AM | Computer Name = SRIGURU | Source = MBAMService | ID = 131073
Description =

Error - 11/21/2009 11:20:52 PM | Computer Name = SRIGURU | Source = MBAMService | ID = 131073
Description =

Error - 11/21/2009 11:20:52 PM | Computer Name = SRIGURU | Source = MBAMService | ID = 131073
Description =

[ System Events ]
Error - 11/17/2009 1:07:11 PM | Computer Name = SRIGURU | Source = Service Control Manager | ID = 7032
Description = The Service Control Manager tried to take a corrective action (Restart
the service) after the unexpected termination of the Windows Search service, but
this action failed with the following error: %%1056

Error - 11/17/2009 1:07:58 PM | Computer Name = SRIGURU | Source = Service Control Manager | ID = 7031
Description = The Apple Mobile Device service terminated unexpectedly. It has done
this 2 time(s). The following corrective action will be taken in 60000 milliseconds:
Restart the service.

Error - 11/17/2009 1:08:16 PM | Computer Name = SRIGURU | Source = Service Control Manager | ID = 7031
Description = The Windows Search service terminated unexpectedly. It has done this
2 time(s). The following corrective action will be taken in 30000 milliseconds:
Restart the service.

Error - 11/17/2009 1:09:14 PM | Computer Name = SRIGURU | Source = Service Control Manager | ID = 7031
Description = The Apple Mobile Device service terminated unexpectedly. It has done
this 3 time(s). The following corrective action will be taken in 60000 milliseconds:
Restart the service.

Error - 11/17/2009 1:09:21 PM | Computer Name = SRIGURU | Source = Service Control Manager | ID = 7034
Description = The Windows Search service terminated unexpectedly. It has done this
3 time(s).

Error - 11/17/2009 1:28:18 PM | Computer Name = SRIGURU | Source = Service Control Manager | ID = 7009
Description = Timeout (30000 milliseconds) waiting for the AOL Connectivity Service
service to connect.

Error - 11/17/2009 1:28:18 PM | Computer Name = SRIGURU | Source = Service Control Manager | ID = 7000
Description = The AOL Connectivity Service service failed to start due to the following
error: %%1053

Error - 11/20/2009 12:21:46 PM | Computer Name = SRIGURU | Source = Service Control Manager | ID = 7034
Description = The iPod Service service terminated unexpectedly. It has done this
1 time(s).

Error - 11/20/2009 1:31:00 PM | Computer Name = SRIGURU | Source = Service Control Manager | ID = 7031
Description = The Apple Mobile Device service terminated unexpectedly. It has done
this 1 time(s). The following corrective action will be taken in 60000 milliseconds:
Restart the service.

Error - 11/21/2009 10:44:01 AM | Computer Name = SRIGURU | Source = Service Control Manager | ID = 7034
Description = The iPod Service service terminated unexpectedly. It has done this
1 time(s).


< End of report >

#6 creativegd

creativegd
  • Topic Starter

  • Members
  • 73 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Atlanta
  • Local time:03:53 AM

Posted 21 November 2009 - 10:53 PM

The computer is still crashing often, but a new symptom has come up. The fan under the laptop is sometimes making a loud noise like it is loose. It goes away as quickly as it starts but is very loud. I rang HP technical support when this happened and they thought the problem was hardware related particularly the motherboard. This laptop was purchased in Sept 2006 and has just reached the end of it 3 years warranty so I could not get HP to fix it. I would like to be sure that this is the problem with the crashing of the computer. It does get very hot especially when the cpu is running high. Also the monitor has some pixels missing in a stream of dots on the bottom left - maybe 4 to 5 tiny sections. Not sure if this info is important but thought I would mention. I have also noticed that frequently it will crash just after startup especially when the cpu is running high. Even I will stop all the startup programs like AVG and Avast etc it still crashes. When it crashes there is no blue screen just total shut down. Cannot think of anything else to report. If I think of anything I will let you know.

Thank you
Heidi

#7 myrti

myrti

    Sillyberry


  • Malware Study Hall Admin
  • 33,766 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:At home
  • Local time:09:53 AM

Posted 22 November 2009 - 08:49 PM

Hi,

this sounds very much like a heat issue. I will check your PC out for malware, but if we don't find anything, I would suggest that you head over to the hardware forum once we're done and ask them for help with the fan.

I do not recommend that you have more than one anti virus product installed and running on your computer at a time. The reason for this is that if both products have their automatic (Real-Time) protection switched on, then those products which do not encrypt the virus strings within them can cause other anti virus products to cause "false alarms". It can also lead to a clash as both products fight for access to files which are opened again this is the resident/automatic protection. In general terms, the two programs may conflict and cause:
1) False Alarms: When the anti virus software tells you that your PC has a virus when it actually doesn't.
2) System Performance Problems: Your system may lock up due to both products attempting to access the same file at the same time.
Therefore please go to add/remove in the control panel and remove either AVG or Avast!.

As a next step try to run gmer:
Please download GMER from one of the following locations and save it to your desktop:
  • Main Mirror
    This version will download a randomly named file (Recommended)
  • Zipped Mirror
    This version will download a zip file you will need to extract first. If you use this mirror, please extract the zip file to your desktop.
  • Disconnect from the Internet and close all running programs.
  • Temporarily disable any real-time active protection so your security programs will not conflict with gmer's driver.
  • Double-click on the randomly named GMER file (i.e. n7gmo46c.exe) and allow the gmer.sys driver to load if asked.
  • Note: If you downloaded the zipped version, extract the file to its own folder such as C:\gmer and then double-click on gmer.exe.

    Posted Image
  • GMER will open to the Rootkit/Malware tab and perform an automatic quick scan when first run. (do not use the computer while the scan is in progress)
  • If you receive a WARNING!!! about rootkit activity and are asked to fully scan your system...click NO.
  • Now click the Scan button. If you see a rootkit warning window, click OK.
  • When the scan is finished, click the Save... button to save the scan results to your Desktop. Save the file as gmer.log.
  • Click the Copy button and paste the results into your next reply.
  • Exit GMER and re-enable all active protection when done.
-- If you encounter any problems, try running GMER in Safe Mode.

As wel as Malwarebytes:
Please download Malwarebytes Anti-Malware and save it to your desktop.
alternate download link 1
alternate download link 2
If you have a previous version of MBAM, remove it via Add/Remove Programs and download a fresh copy.
  • Make sure you are connected to the Internet.
  • Double-click on mbam-setup.exe to install the application.
  • When the installation begins, follow the prompts and do not make any changes to default settings.
  • When installation has finished, make sure you leave both of these checked:
    • Update Malwarebytes' Anti-Malware
    • Launch Malwarebytes' Anti-Malware
  • Then click Finish.
MBAM will automatically start and you will be asked to update the program before performing a scan.
  • If an update is found, the program will automatically update itself.
  • Press the OK button to close that box and continue.
  • If you encounter any problems while downloading the updates, manually download them from here and just double-click on mbam-rules.exe to install. Alternatively, you can update through MBAM's interface from a clean computer, copy the definitions (rules.ref) located in C:\Documents and Settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware from that system to a usb stick or CD and then copy it to the infected machine.
On the Scanner tab:
  • Make sure the "Perform Quick Scan" option is selected.
  • Then click on the Scan button.
  • If asked to select the drives to scan, leave all the drives selected and click on the Start Scan button.
  • The scan will begin and "Scan in progress" will show at the top. It may take some time to complete so please be patient.
  • When the scan is finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".
  • Click OK to close the message box and continue with the removal process.
Back at the main Scanner screen:
  • Click on the Show Results button to see a list of any malware that was found.
  • Make sure that everything is checked, and click Remove Selected.
  • When removal is completed, a log report will open in Notepad.
  • The log is automatically saved and can be viewed by clicking the Logs tab in MBAM.
  • Copy and paste the contents of that report in your next reply and exit MBAM.
Note: If MBAM encounters a file that is difficult to remove, you may be asked to reboot your computer so it can proceed with the disinfection process. Regardless if prompted to restart the computer or not, please do so immediately. Failure to reboot normally (not into safe mode) will prevent MBAM from removing all the malware. MBAM may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you after scanning with MBAM. Please temporarily disable such programs or permit them to allow the changes.

please post back the resutls from gmer and malwarebytes.

regards myrti

is that a bird?  a plane? nooo it's the flying blueberry!

If I have been helping you and haven't replied in 2 days, feel free to shoot me a PM! Please don't send help request via PM, unless I am already helping you. Use the forums!

 

Follow BleepingComputer on: Facebook | Twitter | Google+


#8 creativegd

creativegd
  • Topic Starter

  • Members
  • 73 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Atlanta
  • Local time:03:53 AM

Posted 26 November 2009 - 12:03 AM

Hi, here is the Gmer report as requested. The Malwarebytes will be tomorrow as the scan takes a long time.

Have uninstalled AVG and some other antivirus software so now have only AVAST.

Thank you

GMER 1.0.15.15252 - http://www.gmer.net
Rootkit scan 2009-11-25 23:42:56
Windows 5.1.2600 Service Pack 2
Running: iu2bndxy.exe; Driver: C:\DOCUME~1\SRILAG~1\LOCALS~1\Temp\pfrdypob.sys


---- System - GMER 1.0.15 ----

SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwClose [0xAC1296B8]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwCreateKey [0xAC129574]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwDeleteValueKey [0xAC129A52]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwDuplicateObject [0xAC12914C]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwOpenKey [0xAC12964E]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwOpenProcess [0xAC12908C]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwOpenThread [0xAC1290F0]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwQueryValueKey [0xAC12976E]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwRestoreKey [0xAC12972E]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwSetValueKey [0xAC1298AE]
SSDT \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys (SASKUTIL.SYS/SUPERAdBlocker.com and SUPERAntiSpyware.com) ZwTerminateProcess [0xAC235F20]

---- Kernel code sections - GMER 1.0.15 ----

.text C:\WINDOWS\system32\DRIVERS\nv4_mini.sys section is writeable [0xB986D360, 0x2212DD, 0xE8000020]
init C:\WINDOWS\system32\drivers\tifm21.sys entry point in "init" section [0xB966BEBF]

---- User code sections - GMER 1.0.15 ----

.text C:\WINDOWS\system32\SearchIndexer.exe[3184] kernel32.dll!WriteFile 7C810D97 7 Bytes JMP 00585C0C C:\WINDOWS\system32\MSSRCH.DLL (mssrch.dll/Microsoft Corporation)

---- User IAT/EAT - GMER 1.0.15 ----

IAT C:\WINDOWS\system32\services.exe[1048] @ C:\WINDOWS\system32\services.exe [ADVAPI32.dll!CreateProcessAsUserW] 00380002
IAT C:\WINDOWS\system32\services.exe[1048] @ C:\WINDOWS\system32\services.exe [KERNEL32.dll!CreateProcessW] 00380000

---- Devices - GMER 1.0.15 ----

AttachedDevice \FileSystem\Ntfs \Ntfs aswMon2.SYS (avast! File System Filter Driver for Windows XP/ALWIL Software)
AttachedDevice \Driver\Tcpip \Device\Ip aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)
AttachedDevice \Driver\Tcpip \Device\Ip avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 SynTP.sys (Synaptics Touchpad Driver/Synaptics, Inc.)
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 eabfiltr.sys (QLB PS/2 Keyboard filter driver/Hewlett-Packard Development Company, L.P.)
AttachedDevice \Driver\Tcpip \Device\Tcp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)
AttachedDevice \Driver\Tcpip \Device\Tcp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \Driver\Tcpip \Device\Tcp aswRdr.SYS (avast! TDI RDR Driver/ALWIL Software)
AttachedDevice \Driver\Tcpip \Device\Udp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)
AttachedDevice \Driver\Tcpip \Device\Udp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \Driver\Tcpip \Device\Udp aswRdr.SYS (avast! TDI RDR Driver/ALWIL Software)
AttachedDevice \Driver\Tcpip \Device\RawIp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \Driver\Tcpip \Device\RawIp aswRdr.SYS (avast! TDI RDR Driver/ALWIL Software)
AttachedDevice \Driver\Tcpip \Device\RawIp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)

---- EOF - GMER 1.0.15 ----

#9 creativegd

creativegd
  • Topic Starter

  • Members
  • 73 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Atlanta
  • Local time:03:53 AM

Posted 26 November 2009 - 12:32 AM

Here is the Malwarebytes log (11 infections found!):

Malwarebytes' Anti-Malware 1.41
Database version: 3235
Windows 5.1.2600 Service Pack 2

11/26/2009 12:14:42 AM
mbam-log-2009-11-26 (00-14-31).txt

Scan type: Quick Scan
Objects scanned: 115267
Time elapsed: 7 minute(s), 36 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 16
Registry Values Infected: 0
Registry Data Items Infected: 3
Folders Infected: 6
Files Infected: 16

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_CLASSES_ROOT\bho_myjavacore.mjcore.1 (Trojan.BHO) -> No action taken.
HKEY_CLASSES_ROOT\winapp.winsafe.1 (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\AppID\{26a98aa8-07fe-46e6-b6df-26704f3b895f} (Trojan.BHO) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{c5428486-50a0-4a02-9d20-520b59a9f9b3} (Adware.ShopperReports) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\649daccd112641c488fc21273199510b (Rogue.ErrorKiller) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\70b04ea5347940b4393bd61ea7c52133 (Rogue.ErrorKiller) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\91cfe52036c29f94a89b5841f4c08989 (Rogue.ErrorKiller) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\98b9e8d706b8f674a9169de100f24e43 (Rogue.ErrorKiller) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\a8c34468623593047be711b99d1685bd (Rogue.ErrorKiller) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\cc0c47d2e1f3e0d48a9ac81a2ce6f883 (Rogue.ErrorKiller) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\f26f86900381e954da13b07be7c12224 (Rogue.ErrorKiller) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\adwarepro (Rogue.AdwarePro) -> No action taken.
HKEY_CLASSES_ROOT\AppID\BHO_CPV.dll (Trojan.BHO) -> No action taken.
HKEY_CLASSES_ROOT\BitDownload (Trojan.Swizzor) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\VB and VBA Program Settings\tm (Trojan.Downloader) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\XP Police AntiVirus (Rogue.XPPolice) -> No action taken.

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Search\Local Page (Hijack.SearchPage) -> Bad: (http://www.iesearch.com/) Good: (http://www.Google.com/) -> No action taken.

Folders Infected:
C:\Documents and Settings\Srila Gurudeva\Application Data\cogad (Trojan.Agent) -> No action taken.
C:\Documents and Settings\Srila Gurudeva\Application Data\Twain (Trojan.Matcash) -> No action taken.
C:\Documents and Settings\Srila Gurudeva\Start Menu\Programs\BitDownload (Trojan.Swizzor) -> No action taken.
C:\WINDOWS\system32\LocalService32 (Worm.Archive) -> No action taken.
C:\Program Files\AdwarePro (Rogue.AdwarePro) -> No action taken.
C:\Documents and Settings\Srila Gurudeva\Start Menu\Programs\AdwarePro (Rogue.AdwarePro) -> No action taken.

Files Infected:
C:\Documents and Settings\Srila Gurudeva\Start Menu\Programs\BitDownload\BitDownload Downloads.lnk (Trojan.Swizzor) -> No action taken.
C:\WINDOWS\system32\LocalService32\39.music.mp3.kwd (Worm.Archive) -> No action taken.
C:\WINDOWS\system32\LocalService32\41.crack.zip.kwd (Worm.Archive) -> No action taken.
C:\WINDOWS\system32\LocalService32\42.keymaker.zip.kwd (Worm.Archive) -> No action taken.
C:\WINDOWS\system32\LocalService32\43.setup.zip.kwd (Worm.Archive) -> No action taken.
C:\WINDOWS\system32\LocalService32\44.unpack.zip.kwd (Worm.Archive) -> No action taken.
C:\WINDOWS\system32\LocalService32\45.keygen.zip.kwd (Worm.Archive) -> No action taken.
C:\WINDOWS\system32\LocalService32\46.serial.zip.kwd (Worm.Archive) -> No action taken.
C:\WINDOWS\system32\LocalService32\47.music.snd (Worm.Archive) -> No action taken.
C:\WINDOWS\system32\LocalService32\47.music.snd.kwd (Worm.Archive) -> No action taken.
C:\Program Files\AdwarePro\AdwarePro.url (Rogue.AdwarePro) -> No action taken.
C:\Program Files\AdwarePro\engine.dat (Rogue.AdwarePro) -> No action taken.
C:\Program Files\AdwarePro\SchedulePlan.txt (Rogue.AdwarePro) -> No action taken.
C:\Program Files\AdwarePro\uninst.exe (Rogue.AdwarePro) -> No action taken.
C:\Documents and Settings\Srila Gurudeva\Start Menu\Programs\AdwarePro\Uninstall.lnk (Rogue.AdwarePro) -> No action taken.
C:\Documents and Settings\Srila Gurudeva\Start Menu\Programs\AdwarePro\Website.lnk (Rogue.AdwarePro) -> No action taken.

#10 myrti

myrti

    Sillyberry


  • Malware Study Hall Admin
  • 33,766 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:At home
  • Local time:09:53 AM

Posted 26 November 2009 - 02:04 PM

Hi,

please have Malwarebytes remove what it found. This will delete a couple of programs you may have installed like AdwarePro and BitDownload, please do NOT reinstall them since they are rogue programs or come bundled with adware.

Please also provide a new OTL log (only otl.txt will be created).

regards myrti

is that a bird?  a plane? nooo it's the flying blueberry!

If I have been helping you and haven't replied in 2 days, feel free to shoot me a PM! Please don't send help request via PM, unless I am already helping you. Use the forums!

 

Follow BleepingComputer on: Facebook | Twitter | Google+


#11 creativegd

creativegd
  • Topic Starter

  • Members
  • 73 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Atlanta
  • Local time:03:53 AM

Posted 29 November 2009 - 12:59 PM

Hi,

Have done the above including the removal of the programs mentioned - will not reinstall them. The fan underneath the laptop is constantly making a loud noise now. It sound like it is hitting the plastic or something else. I cannot access the fan with the way this laptop is constructed so can not be sure what the problem is here. Because of the noise and not wishing to damage the laptop I am only turning it on sparingly.

The otl scan is below:

OTL logfile created on: 11/29/2009 12:49:11 PM - Run 2
OTL by OldTimer - Version 3.1.6.1 Folder = C:\Documents and Settings\Srila Gurudeva\Desktop\Software
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18372)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 1.48 Gb Available Physical Memory | 73.84% Memory free
3.85 Gb Paging File | 3.34 Gb Available in Paging File | 86.77% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 111.78 Gb Total Space | 18.34 Gb Free Space | 16.40% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: SRIGURU
Current User Name: Srila Gurudeva
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2009/11/21 09:42:53 | 00,528,896 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Srila Gurudeva\Desktop\Software\OTL.exe
PRC - [2009/11/12 16:33:10 | 00,141,600 | ---- | M] (Apple Inc.) -- C:\Program Files\iTunes\iTunesHelper.exe
PRC - [2009/11/12 16:33:00 | 00,545,568 | ---- | M] (Apple Inc.) -- C:\Program Files\iPod\bin\iPodService.exe
PRC - [2009/11/10 23:08:18 | 00,417,792 | ---- | M] (Apple Inc.) -- C:\Program Files\QuickTime\QTTask.exe
PRC - [2009/10/27 22:04:06 | 00,261,392 | ---- | M] () -- C:\Program Files\USB Safely Remove\USBSRService.exe
PRC - [2009/10/27 22:04:04 | 01,513,744 | ---- | M] () -- C:\Program Files\USB Safely Remove\USBSafelyRemove.exe
PRC - [2009/08/17 11:07:23 | 00,081,000 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashDisp.exe
PRC - [2009/08/17 11:07:17 | 00,138,680 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe
PRC - [2009/08/17 11:07:01 | 00,254,040 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
PRC - [2009/08/17 11:04:21 | 00,352,920 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
PRC - [2009/08/17 10:58:55 | 00,018,752 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
PRC - [2009/05/29 12:41:26 | 00,144,712 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
PRC - [2009/03/04 01:46:25 | 00,152,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe
PRC - [2009/02/06 04:41:05 | 00,227,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmiprvse.exe
PRC - [2009/01/15 16:17:36 | 01,830,128 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
PRC - [2008/12/12 10:17:38 | 00,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe
PRC - [2007/06/13 05:23:07 | 01,033,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2006/07/31 04:28:12 | 04,102,656 | ---- | M] () -- C:\Program Files\Qlock\qlock.exe
PRC - [2006/04/15 17:26:00 | 00,143,427 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvsvc32.exe
PRC - [2006/03/31 16:01:48 | 00,761,946 | ---- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
PRC - [2006/03/23 11:38:38 | 00,131,072 | ---- | M] ( Hewlett-Packard Development Company, L.P.) -- C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
PRC - [2006/03/15 15:28:32 | 00,135,168 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
PRC - [2006/02/27 17:02:06 | 00,581,693 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
PRC - [2006/02/27 17:00:58 | 01,265,748 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
PRC - [2006/02/27 16:55:44 | 00,258,103 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
PRC - [2006/02/14 10:49:22 | 00,454,656 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files\HPQ\HP Wireless Assistant\HP Wireless Assistant.exe
PRC - [2005/07/15 16:48:33 | 00,479,232 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Gmail Notifier\gnotify.exe
PRC - [2003/06/19 22:25:00 | 00,322,120 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
PRC - [2003/04/07 01:42:52 | 00,217,190 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe


========== Modules (SafeList) ==========

MOD - [2009/11/21 09:42:53 | 00,528,896 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Srila Gurudeva\Desktop\Software\OTL.exe
MOD - [2006/08/25 10:45:55 | 01,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
MOD - [2006/02/28 07:00:00 | 00,185,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\framedyn.dll
MOD - [2006/02/28 07:00:00 | 00,025,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mslbui.dll


========== Win32 Services (SafeList) ==========

SRV - [2009/11/12 16:33:00 | 00,545,568 | ---- | M] (Apple Inc.) -- C:\Program Files\iPod\bin\iPodService.exe -- (iPod Service)
SRV - [2009/10/27 22:04:06 | 00,261,392 | ---- | M] () -- C:\Program Files\USB Safely Remove\USBSRService.exe -- (USBSafelyRemoveService)
SRV - [2009/08/17 11:07:17 | 00,138,680 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe -- (avast! Antivirus)
SRV - [2009/08/17 11:07:01 | 00,254,040 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe -- (avast! Mail Scanner)
SRV - [2009/08/17 11:04:21 | 00,352,920 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe -- (avast! Web Scanner)
SRV - [2009/08/17 10:58:55 | 00,018,752 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe -- (aswUpdSv)
SRV - [2009/05/29 12:41:26 | 00,144,712 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2009/03/04 01:46:25 | 00,152,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2008/12/12 10:17:38 | 00,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe -- (Bonjour Service)
SRV - [2008/10/25 22:39:33 | 00,168,432 | ---- | M] (Google) -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc)
SRV - [2008/07/29 20:10:04 | 00,046,104 | ---- | M] (Microsoft Corporation) -- c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe -- (FontCache3.0.0.0)
SRV - [2008/07/29 18:24:50 | 00,881,664 | ---- | M] (Microsoft Corporation) -- c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe -- (idsvc)
SRV - [2008/07/29 18:16:38 | 00,132,096 | ---- | M] (Microsoft Corporation) -- c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing)
SRV - [2008/07/25 10:17:02 | 00,069,632 | ---- | M] (Microsoft Corporation) -- c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008/07/25 10:16:40 | 00,034,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe -- (aspnet_state)
SRV - [2007/02/25 16:53:51 | 00,266,240 | ---- | M] () -- C:\Program Files\Letterhead Fonts\LHFService.exe -- (Letterhead Fonts Service)
SRV - [2006/10/30 18:58:58 | 00,072,704 | ---- | M] (Adobe Systems) -- C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe -- (Adobe LM Service)
SRV - [2006/10/18 20:05:24 | 00,913,408 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\WMPNetwk.exe -- (WMPNetworkSvc)
SRV - [2006/04/15 17:26:00 | 00,143,427 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvsvc32.exe -- (NVSvc)
SRV - [2006/03/15 15:28:32 | 00,135,168 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe -- (hpqwmiex)
SRV - [2006/02/28 07:00:00 | 00,038,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll -- (helpsvc)
SRV - [2006/02/27 16:55:44 | 00,258,103 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe -- (btwdins)
SRV - [2004/10/22 03:24:18 | 00,073,728 | ---- | M] (Macrovision Corporation) -- C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe -- (IDriverT)
SRV - [2003/07/28 11:28:22 | 00,089,136 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
SRV - [2003/06/19 22:25:00 | 00,322,120 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE -- (MDM)


========== Driver Services (SafeList) ==========

DRV - [2009/08/17 11:06:43 | 00,094,160 | ---- | M] (ALWIL Software) -- C:\WINDOWS\system32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2009/08/17 11:05:52 | 00,114,768 | ---- | M] (ALWIL Software) -- C:\WINDOWS\system32\drivers\aswSP.sys -- (aswSP)
DRV - [2009/08/17 11:05:37 | 00,020,560 | ---- | M] (ALWIL Software) -- C:\WINDOWS\system32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2009/08/17 11:04:40 | 00,051,376 | ---- | M] (ALWIL Software) -- C:\WINDOWS\system32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2009/08/17 11:04:29 | 00,023,152 | ---- | M] (ALWIL Software) -- C:\WINDOWS\system32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2009/08/17 11:03:21 | 00,026,944 | ---- | M] (ALWIL Software) -- C:\WINDOWS\system32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2009/05/18 14:17:00 | 00,026,600 | ---- | M] (GEAR Software Inc.) -- C:\WINDOWS\system32\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV - [2009/01/15 16:17:42 | 00,007,408 | R--- | M] ( SUPERAdBlocker.com and SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SASENUM.SYS -- (SASENUM)
DRV - [2009/01/15 16:17:40 | 00,008,944 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2009/01/15 16:17:38 | 00,055,024 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2008/02/22 21:38:33 | 00,043,872 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\System32\Drivers\PxHelp20.sys -- (PxHelp20)
DRV - [2007/11/13 05:25:53 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- C:\WINDOWS\system32\drivers\secdrv.sys -- (Secdrv)
DRV - [2007/10/31 14:09:14 | 00,030,464 | ---- | M] (Apple, Inc.) -- C:\WINDOWS\system32\drivers\usbaapl.sys -- (USBAAPL)
DRV - [2007/06/15 14:35:30 | 00,082,432 | R--- | M] (Sierra Wireless Inc.) -- C:\WINDOWS\system32\drivers\swnc8u20.sys -- (SWNC8U20)
DRV - [2007/06/15 14:35:30 | 00,066,304 | R--- | M] (Sierra Wireless Inc.) -- C:\WINDOWS\system32\drivers\swumx20.sys -- (SWUMX20)
DRV - [2007/06/14 12:59:26 | 00,032,160 | ---- | M] (PCTEL Inc.) -- C:\WINDOWS\system32\PCTINDIS5.sys -- (PCTINDIS5)
DRV - [2006/11/27 00:36:21 | 00,039,264 | ---- | M] (VSO Software) -- C:\WINDOWS\system32\drivers\Pcouffin.sys -- (Pcouffin)
DRV - [2006/10/20 09:28:04 | 00,026,368 | R--- | M] (Research in Motion Ltd) -- C:\WINDOWS\system32\drivers\RimSerial.sys -- (RimVSerPort)
DRV - [2006/10/04 21:42:42 | 00,002,560 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\drivers\cdralw2k.sys -- (Cdralw2k)
DRV - [2006/10/04 21:42:42 | 00,002,432 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\drivers\cdr4_xp.sys -- (Cdr4_xp)
DRV - [2006/09/28 19:23:34 | 01,709,696 | ---- | M] (Intel® Corporation) -- C:\WINDOWS\system32\drivers\NETw3x32.sys -- (NETw3x32)
DRV - [2006/06/02 14:02:36 | 00,572,928 | ---- | M] (Conexant Systems Inc.) -- C:\WINDOWS\system32\drivers\CHDAud.sys -- (HdAudAddService)
DRV - [2006/04/15 17:26:00 | 03,658,528 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2006/04/12 15:40:56 | 00,013,849 | ---- | M] (Waytech Development, Inc.) -- C:\WINDOWS\system32\drivers\BtFltr.sys -- (BtFltr)
DRV - [2006/03/31 15:41:40 | 00,193,056 | ---- | M] (Synaptics, Inc.) -- C:\WINDOWS\system32\drivers\SynTP.sys -- (SynTP)
DRV - [2006/02/28 07:00:00 | 00,088,448 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\nwlnkipx.sys -- (NwlnkIpx)
DRV - [2006/02/28 07:00:00 | 00,063,232 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\nwlnknb.sys -- (NwlnkNb)
DRV - [2006/02/28 07:00:00 | 00,055,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\nwlnkspx.sys -- (NwlnkSpx)
DRV - [2006/02/28 07:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) -- C:\WINDOWS\system32\drivers\ptilink.sys -- (Ptilink)
DRV - [2006/02/28 07:00:00 | 00,005,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\rootmdm.sys -- (ROOTMODEM)
DRV - [2006/02/27 16:48:20 | 00,401,664 | ---- | M] (Broadcom Corporation.) -- C:\WINDOWS\system32\drivers\btaudio.sys -- (btaudio)
DRV - [2006/02/27 16:45:48 | 01,342,602 | ---- | M] (Broadcom Corporation.) -- C:\WINDOWS\system32\drivers\btkrnl.sys -- (BTKRNL)
DRV - [2006/02/27 16:43:44 | 00,030,363 | ---- | M] (Broadcom Corporation.) -- C:\WINDOWS\system32\drivers\btport.sys -- (BTDriver)
DRV - [2006/02/27 16:43:36 | 00,030,189 | ---- | M] (Broadcom Corporation.) -- C:\WINDOWS\system32\drivers\btwmodem.sys -- (btwmodem)
DRV - [2006/02/27 16:43:06 | 00,057,096 | ---- | M] (Broadcom Corporation.) -- C:\WINDOWS\system32\drivers\btwusb.sys -- (BTWUSB)
DRV - [2006/02/27 16:40:16 | 00,148,168 | ---- | M] (Broadcom Corporation.) -- C:\WINDOWS\system32\drivers\btwdndis.sys -- (BTWDNDIS)
DRV - [2006/02/27 16:39:08 | 00,044,163 | ---- | M] (Broadcom Corporation.) -- C:\WINDOWS\system32\drivers\btwhid.sys -- (btwhid)
DRV - [2006/02/14 19:57:46 | 00,012,672 | ---- | M] (Conexant) -- C:\WINDOWS\system32\drivers\mdmxsdk.sys -- (mdmxsdk)
DRV - [2005/11/22 19:50:02 | 00,874,240 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\DRIVERS\iaStor.sys -- (iaStor)
DRV - [2005/11/03 08:31:52 | 00,157,696 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\drivers\e100b325.sys -- (E100B)
DRV - [2005/09/20 10:30:56 | 00,162,432 | ---- | M] (Texas Instruments) -- C:\WINDOWS\system32\drivers\tifm21.sys -- (tifm21)
DRV - [2005/09/19 14:24:20 | 00,005,760 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\WINDOWS\system32\drivers\EabUsb.sys -- (eabusb)
DRV - [2005/09/19 14:24:10 | 00,009,344 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\WINDOWS\system32\drivers\CPQBttn.sys -- (HBtnKey)
DRV - [2005/09/19 14:23:52 | 00,007,808 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\WINDOWS\system32\drivers\eabfiltr.sys -- (eabfiltr)
DRV - [2005/08/22 00:07:00 | 01,035,008 | ---- | M] (Conexant Systems, Inc.) -- C:\WINDOWS\system32\drivers\HSF_DPV.sys -- (HSF_DPV)
DRV - [2005/08/22 00:06:16 | 00,201,600 | ---- | M] (Conexant Systems, Inc.) -- C:\WINDOWS\system32\drivers\HSFHWAZL.sys -- (HSFHWAZL)
DRV - [2005/08/22 00:06:10 | 00,718,464 | ---- | M] (Conexant Systems, Inc.) -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2005/03/14 14:01:38 | 00,041,984 | ---- | M] (DeviceGuys, Inc.) -- C:\WINDOWS\system32\drivers\DGIVECP.SYS -- (DgiVecp)
DRV - [2005/01/07 17:07:18 | 00,138,752 | ---- | M] (Windows ® Server 2003 DDK provider) -- C:\WINDOWS\system32\drivers\Hdaudbus.sys -- (HDAudBus)
DRV - [2004/10/11 11:28:18 | 00,009,856 | ---- | M] (Padus, Inc.) -- C:\WINDOWS\system32\drivers\pfc.sys -- (pfc)
DRV - [2004/07/20 00:41:48 | 00,016,877 | ---- | M] (Adaptec) -- C:\WINDOWS\system32\drivers\ASPI32.SYS -- (Aspi32)
DRV - [2004/01/27 23:40:26 | 00,284,928 | ---- | M] (Roxio) -- C:\WINDOWS\system32\drivers\Cdudf_xp.sys -- (cdudf_xp)
DRV - [2004/01/27 23:39:56 | 00,023,680 | ---- | M] (Roxio) -- C:\WINDOWS\system32\drivers\dvd_2k.sys -- (dvd_2K)
DRV - [2004/01/27 23:34:56 | 00,140,416 | ---- | M] (Windows ® 2000 DDK provider) -- C:\WINDOWS\system32\drivers\DVDVRRdr_xp.sys -- (DVDVRRdr_xp)
DRV - [2004/01/27 23:29:44 | 00,023,680 | ---- | M] (Roxio) -- C:\WINDOWS\system32\drivers\mmc_2k.sys -- (mmc_2K)
DRV - [2004/01/27 23:29:40 | 00,197,632 | ---- | M] (Roxio) -- C:\WINDOWS\system32\drivers\Udfreadr.sys -- (UDFReadr)
DRV - [2004/01/27 23:16:38 | 00,117,248 | ---- | M] (Roxio) -- C:\WINDOWS\system32\drivers\Pwd_2k.sys -- (pwd_2k)
DRV - [2001/08/17 13:56:16 | 00,007,552 | ---- | M] (Sony Corporation) -- C:\WINDOWS\system32\drivers\SONYPVU1.SYS -- (SONYPVU1)
DRV - [1998/02/19 13:54:58 | 00,088,064 | ---- | M] (///FAST Software Security) -- C:\WINDOWS\system32\drivers\Hardlock.sys -- (Hardlock)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Local Page = http://www.Google.com/
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm


IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?p...&ar=msnhome
IE - HKU\.DEFAULT\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\.DEFAULT\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>

IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?p...&ar=msnhome
IE - HKU\S-1-5-18\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>



IE - HKU\S-1-5-21-839522115-57989841-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKU\S-1-5-21-839522115-57989841-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKU\S-1-5-21-839522115-57989841-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Page_Transitions = 1
IE - HKU\S-1-5-21-839522115-57989841-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch
IE - HKU\S-1-5-21-839522115-57989841-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKU\S-1-5-21-839522115-57989841-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchTerm...tf8&oe=utf8
IE - HKU\S-1-5-21-839522115-57989841-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKU\S-1-5-21-839522115-57989841-725345543-1003\S-1-5-21-839522115-57989841-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-839522115-57989841-725345543-1003\S-1-5-21-839522115-57989841-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>;*.local

========== FireFox ==========



FF - HKLM\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2009/06/25 04:00:49 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.13\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2009/11/21 09:26:01 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.13\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2009/11/21 09:26:00 | 00,000,000 | ---D | M]

[2008/11/21 10:47:05 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Srila Gurudeva\Application Data\Mozilla\Extensions
[2008/11/21 10:47:05 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Srila Gurudeva\Application Data\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2009/08/24 11:13:32 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Srila Gurudeva\Application Data\Mozilla\Firefox\Profiles\86vw6dxx.default\extensions
[2009/06/27 20:23:42 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Srila Gurudeva\Application Data\Mozilla\Firefox\Profiles\86vw6dxx.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2009/01/09 19:07:10 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Srila Gurudeva\Application Data\Mozilla\Firefox\Profiles\86vw6dxx.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2009/07/26 12:20:58 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Srila Gurudeva\Application Data\Mozilla\Firefox\Profiles\86vw6dxx.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2008/01/05 18:21:42 | 00,001,208 | ---- | M] () -- C:\Documents and Settings\Srila Gurudeva\Application Data\Mozilla\Firefox\Profiles\86vw6dxx.default\searchplugins\FireSearch.xml
[2009/08/24 11:13:32 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2009/02/10 09:40:34 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\{92D227A1-8A94-4D05-9A88-09D457B7F49D}
[2009/08/24 23:09:21 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2009/03/04 01:46:46 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}
[2007/08/23 16:35:34 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\google-cjk@partners.mozilla.com
[2009/08/24 23:09:14 | 00,023,032 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\browserdirprovider.dll
[2009/08/24 23:09:14 | 00,134,648 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\brwsrcmp.dll
[2008/08/06 15:22:02 | 00,114,688 | ---- | M] (Adobe Systems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\np32dsw.dll
[2009/03/04 01:46:26 | 00,410,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeploytk.dll
[2009/08/24 23:09:16 | 00,065,528 | ---- | M] (mozilla.org) -- C:\Program Files\Mozilla Firefox\plugins\npnul32.dll
[2007/03/22 18:23:30 | 00,017,248 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Mozilla Firefox\plugins\NPOFFICE.DLL
[2008/10/14 20:33:30 | 00,095,600 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\Mozilla Firefox\plugins\nppdf32.dll
[2008/10/30 19:11:44 | 00,144,984 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\nppl3260.dll
[2009/11/21 09:25:57 | 00,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
[2009/11/21 09:25:58 | 00,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
[2009/11/21 09:25:58 | 00,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
[2009/11/21 09:25:58 | 00,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
[2009/11/21 09:25:58 | 00,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
[2009/11/21 09:25:59 | 00,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
[2009/11/21 09:25:59 | 00,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
[2009/11/21 09:25:59 | 00,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin8.dll
[2008/10/30 19:12:07 | 00,008,192 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\nprjplug.dll
[2008/10/30 19:11:34 | 00,094,208 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\nprpjplug.dll
[2008/08/25 21:44:58 | 00,221,184 | ---- | M] (CNN) -- C:\Program Files\Mozilla Firefox\plugins\NPTURNMED.dll
[2007/08/21 19:42:32 | 00,057,344 | ---- | M] (America Online, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npunagi2.dll
[2009/05/01 16:33:44 | 00,001,394 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazondotcom.xml
[2009/05/01 16:33:44 | 00,002,193 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\answers.xml
[2009/07/31 22:15:28 | 00,001,490 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\avg_igeared.xml
[2009/05/01 16:33:44 | 00,001,534 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\creativecommons.xml
[2009/05/01 16:33:44 | 00,002,343 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay.xml
[2009/05/01 16:33:44 | 00,001,706 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\google.xml
[2009/05/01 16:33:44 | 00,001,178 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia.xml

O1 HOSTS File: (687 bytes) - C:\WINDOWS\system32\drivers\etc\HOSTS
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll File not found
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Windows Live Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (AcroIEToolbarHelper Class) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll ()
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll ()
O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKU\S-1-5-21-839522115-57989841-725345543-1003\..\Toolbar\ShellBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll ()
O3 - HKU\S-1-5-21-839522115-57989841-725345543-1003\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll ()
O4 - HKLM..\Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] C:\Program Files\Google\Gmail Notifier\gnotify.exe (Google Inc.)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avast!] C:\Program Files\Alwil Software\Avast4\ashDisp.exe (ALWIL Software)
O4 - HKLM..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\Cpqset.exe ()
O4 - HKLM..\Run: [High Definition Audio Property Page Shortcut] C:\WINDOWS\System32\CHDAudPropShortcut.exe (Windows ® Server 2003 DDK provider)
O4 - HKLM..\Run: [hpWirelessAssistant] C:\Program Files\HPQ\HP Wireless Assistant\HP Wireless Assistant.exe (Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [IMJPMIG8.1] C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.)
O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [QlbCtrl] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe ( Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime\QTTask.exe (Apple Inc.)
O4 - HKLM..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics, Inc.)
O4 - HKU\S-1-5-21-839522115-57989841-725345543-1003..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
O4 - HKU\S-1-5-21-839522115-57989841-725345543-1003..\Run: [USB Safely Remove] C:\Program Files\USB Safely Remove\USBSafelyRemove.exe ()
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\StartUp\Acrobat Assistant.lnk = C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe (Adobe Systems Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\StartUp\Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\StartUp\Bluetooth.lnk = C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
O4 - Startup: C:\Documents and Settings\Srila Gurudeva\Start Menu\Programs\StartUp\qlock.lnk = C:\Program Files\Qlock\qlock.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: CDRAutoRun = 0
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: CDRAutoRun = 0
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19_Classes\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20_Classes\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-839522115-57989841-725345543-1003\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-839522115-57989841-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-839522115-57989841-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O7 - HKU\S-1-5-21-839522115-57989841-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\S-1-5-21-839522115-57989841-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-839522115-57989841-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O7 - HKU\S-1-5-21-839522115-57989841-725345543-1003_Classes\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\OFFICE11\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Send To &Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\network diagnostic\xpnetdiag.exe (Microsoft Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKLM\..Trusted Domains: aol.com ([objects] * is out of zone range - 5)
O15 - HKLM\..Trusted Domains: 49 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKU\.DEFAULT\..Trusted Domains: 48 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKU\S-1-5-18\..Trusted Domains: 48 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKU\S-1-5-21-839522115-57989841-725345543-1003\..Trusted Domains: 46 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {01016526-5E80-11D8-9E86-0007E96C65AE} https://install.charter.com/diskless/bin/ssctlsma.dll (SmartAccess Ctl Class)
O16 - DPF: {01113300-3E00-11D2-8470-0060089874ED} https://install.charter.com/diskless/bin/tgctlcm.cab (Support.com Configuration Class)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://fpdownload.macromedia.com/pub/shock...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {1B00725B-C455-4DE6-BFB6-AD540AD427CD} http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab (Reg Error: Key error.)
O16 - DPF: {200B3EE9-7242-4EFD-B1E4-D97EE825BA53} http://h20270.www2.hp.com/ediags/gmn/insta...staller_gmn.cab (VerifyGMN Class)
O16 - DPF: {238F6F83-B8B4-11CF-8771-00A024541EE3} https://ids.southeasterntech.edu/Citrix/Met...ca32/wficat.cab (Reg Error: Value error.)
O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} http://www.eset.eu/buxus/docs/OnlineScanner.cab (OnlineScanner Control)
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} http://download.bitdefender.com/resources/scan8/oscan8.cab (BDSCANONLINE Control)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.microsoft.com/microsoftupdat...b?1168308030671 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_12)
O16 - DPF: {95D88B35-A521-472B-A182-BB1A98356421} http://asp.mathxl.com/books/_Players/PearsonInstallAsst2.cab (Pearson Installation Assistant 2)
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} http://acs.pandasoftware.com/activescan/as5free/asinst.cab (ActiveScan Installer Class)
O16 - DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} https://h17000.www1.hp.com/ewfrf-JAVA/Secur...loadManager.ocx (Get_ActiveX Control)
O16 - DPF: {B7D07999-2ADB-4AEB-997E-F61CB7B2E2CD} http://www.trendsecure.com/easy_install/_a...asyInstallX.CAB (TSEasyInstallX Control)
O16 - DPF: {CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_12)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_12)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shockwa...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E6D23284-0E9B-417D-A782-03E4487FC947} http://asp.mathxl.com/books/_Players/MathPlayer.cab (Pearson MathXL Player)
O16 - DPF: {FFBB3F3B-0A5A-4106-BE53-DFE1E2340CB1} http://dlm.tools.akamai.com/dlmanager/vers...vex-2.2.1.6.cab (DownloadManager Control)
O18 - Protocol\Handler\cdo {CD00020A-8B95-11D1-82DB-00C04FB1625D} - Reg Error: Value error. File not found
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\MSITSS.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files\Common Files\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files\Common Files\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop Components:0 (My Current Home Page) - About:Home
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/10/27 17:44:04 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{55534bb6-80bd-11dc-8d33-001641864759}\Shell\AutoRun\command - "" = E:\Seagate\Installer\InstallSeagateManager.exe -- File not found
O33 - MountPoints2\E\Shell\AutoRun\command - "" = E:\Seagate\Installer\InstallSeagateManager.exe -- File not found
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\WINDOWS\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - File not found
O35 - comfile [open] -- "%1" %* File not found
O35 - exefile [open] -- "%1" %* File not found

========== Files/Folders - Created Within 30 Days ==========

[2009/11/25 23:58:24 | 00,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2009/11/25 23:58:23 | 00,019,160 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2009/11/25 23:58:23 | 00,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2009/11/21 09:42:42 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Srila Gurudeva\Desktop\Software
[2009/11/21 09:30:23 | 00,000,000 | ---D | C] -- C:\Program Files\iPod
[2009/11/21 09:30:02 | 00,000,000 | ---D | C] -- C:\Program Files\iTunes
[2009/11/21 09:30:02 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2009/11/10 23:08:24 | 00,094,208 | ---- | C] (Apple Inc.) -- C:\WINDOWS\System32\QuickTimeVR.qtx
[2009/11/10 23:08:24 | 00,069,632 | ---- | C] (Apple Inc.) -- C:\WINDOWS\System32\QuickTime.qts
[9 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2009/11/29 11:51:24 | 00,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2009/11/29 11:50:37 | 00,050,868 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2009/11/29 11:50:32 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009/11/29 11:50:30 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009/11/29 11:50:26 | 21,455,05280 | -HS- | M] () -- C:\hiberfil.sys
[2009/11/26 09:52:08 | 14,942,208 | ---- | M] () -- C:\Documents and Settings\Srila Gurudeva\ntuser.dat
[2009/11/26 09:52:08 | 00,000,178 | -HS- | M] () -- C:\Documents and Settings\Srila Gurudeva\ntuser.ini
[2009/11/26 00:31:15 | 00,002,187 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Safari.lnk
[2009/11/25 23:58:26 | 00,000,696 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2009/11/24 22:00:00 | 00,000,398 | ---- | M] () -- C:\WINDOWS\tasks\XoftSpy.job
[2009/11/24 21:28:53 | 00,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2009/11/24 15:16:00 | 00,000,288 | ---- | M] () -- C:\WINDOWS\tasks\Uniblue SpeedUpMyPC Nag.job
[2009/11/24 15:12:38 | 00,002,497 | ---- | M] () -- C:\Documents and Settings\Srila Gurudeva\Desktop\Microsoft Office Word 2003.lnk
[2009/11/22 00:50:46 | 09,536,000 | ---- | M] () -- C:\Documents and Settings\Srila Gurudeva\Desktop\collection costs.xls
[2009/11/21 09:31:22 | 00,001,804 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2009/11/21 09:25:44 | 00,001,604 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\QuickTime Player.lnk
[2009/11/21 07:41:02 | 00,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2009/11/20 20:34:38 | 00,536,637 | ---- | M] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu207-1.pdf
[2009/11/20 15:00:00 | 00,000,410 | ---- | M] () -- C:\WINDOWS\tasks\Norton Security Scan.job
[2009/11/20 13:10:25 | 01,629,137 | ---- | M] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\gopaljiu catalog_magazines_09.pdf
[2009/11/20 13:06:11 | 01,930,059 | ---- | M] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\gopaljiu catalog_books_09.pdf
[2009/11/20 12:31:37 | 00,547,189 | ---- | M] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu214.pdf
[2009/11/20 12:31:32 | 00,516,039 | ---- | M] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu213.pdf
[2009/11/20 12:31:28 | 00,573,200 | ---- | M] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu212.pdf
[2009/11/20 12:31:25 | 00,480,457 | ---- | M] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu211.pdf
[2009/11/20 12:29:34 | 00,464,019 | ---- | M] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu210.pdf
[2009/11/20 12:29:31 | 00,495,620 | ---- | M] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu209.pdf
[2009/11/20 12:29:28 | 00,441,437 | ---- | M] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu208.pdf
[2009/11/20 12:29:24 | 00,536,637 | ---- | M] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu207.pdf
[2009/11/20 12:29:16 | 00,442,333 | ---- | M] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu206.pdf
[2009/11/20 12:29:11 | 00,463,192 | ---- | M] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu205.pdf
[2009/11/20 12:29:06 | 00,462,620 | ---- | M] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu204.pdf
[2009/11/20 12:29:01 | 00,487,278 | ---- | M] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu203.pdf
[2009/11/20 12:28:55 | 00,384,724 | ---- | M] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu202.pdf
[2009/11/20 12:28:50 | 00,265,125 | ---- | M] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu201.pdf
[2009/11/20 12:28:45 | 00,371,997 | ---- | M] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu200.pdf
[2009/11/20 12:28:40 | 00,293,797 | ---- | M] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu199.pdf
[2009/11/20 12:28:35 | 00,313,614 | ---- | M] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu198.pdf
[2009/11/20 12:28:24 | 00,134,819 | ---- | M] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu197.pdf
[2009/11/20 12:28:18 | 00,134,584 | ---- | M] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu196.pdf
[2009/11/20 12:28:13 | 00,133,440 | ---- | M] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu195.pdf
[2009/11/20 12:28:03 | 00,313,361 | ---- | M] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu194.pdf
[2009/11/20 12:27:55 | 00,171,103 | ---- | M] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu193.pdf
[2009/11/20 12:27:50 | 00,172,333 | ---- | M] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu192.pdf
[2009/11/20 12:27:45 | 00,192,090 | ---- | M] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu191.pdf
[2009/11/20 12:27:40 | 00,179,156 | ---- | M] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu190.pdf
[2009/11/20 12:27:31 | 00,180,536 | ---- | M] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu189.pdf
[2009/11/20 12:27:24 | 00,174,674 | ---- | M] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu188.pdf
[2009/11/20 12:27:19 | 00,193,994 | ---- | M] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu187.pdf
[2009/11/20 12:27:13 | 00,190,730 | ---- | M] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu186.pdf
[2009/11/20 12:27:07 | 00,125,637 | ---- | M] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu185.pdf
[2009/11/20 12:27:00 | 00,155,321 | ---- | M] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu184.pdf
[2009/11/20 12:26:56 | 00,196,543 | ---- | M] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu183.pdf
[2009/11/20 12:26:52 | 00,117,767 | ---- | M] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu182.pdf
[2009/11/20 12:26:48 | 00,160,854 | ---- | M] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu181.pdf
[2009/11/20 12:24:50 | 00,157,792 | ---- | M] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu180.pdf
[2009/11/20 12:24:46 | 00,178,077 | ---- | M] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu179.pdf
[2009/11/20 12:24:40 | 00,167,098 | ---- | M] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu178.pdf
[2009/11/20 12:24:37 | 00,165,025 | ---- | M] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu177.pdf
[2009/11/20 12:24:33 | 00,162,669 | ---- | M] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu176.pdf
[2009/11/20 12:24:27 | 00,157,575 | ---- | M] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu175.pdf
[2009/11/20 12:24:23 | 00,151,666 | ---- | M] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu174.pdf
[2009/11/20 12:24:19 | 00,114,780 | ---- | M] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu173.pdf
[2009/11/20 12:24:11 | 00,102,268 | ---- | M] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu172.pdf
[2009/11/20 12:24:07 | 00,109,744 | ---- | M] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu171.pdf
[2009/11/20 12:24:01 | 00,108,314 | ---- | M] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu170.pdf
[2009/11/20 12:23:51 | 00,127,454 | ---- | M] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu169.pdf
[2009/11/20 12:23:47 | 00,131,195 | ---- | M] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu168.pdf
[2009/11/20 12:23:43 | 00,134,554 | ---- | M] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu167.pdf
[2009/11/20 12:23:33 | 00,150,332 | ---- | M] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu166.pdf
[2009/11/20 12:23:25 | 00,146,067 | ---- | M] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu165.pdf
[2009/11/20 12:23:19 | 00,140,325 | ---- | M] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu164.pdf
[2009/11/20 12:23:15 | 00,133,902 | ---- | M] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu163.pdf
[2009/11/20 12:23:09 | 00,128,320 | ---- | M] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu162.pdf
[2009/11/20 12:23:05 | 00,128,447 | ---- | M] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu161.pdf
[2009/11/20 12:22:56 | 00,143,039 | ---- | M] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu160.pdf
[2009/11/20 12:22:51 | 00,133,355 | ---- | M] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu159.pdf
[2009/11/20 12:22:47 | 00,134,403 | ---- | M] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu158.pdf
[2009/11/20 12:22:40 | 00,141,712 | ---- | M] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu157.pdf
[2009/11/20 12:22:35 | 00,161,518 | ---- | M] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu156.pdf
[2009/11/20 12:22:31 | 00,110,827 | ---- | M] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu155.pdf
[2009/11/20 12:22:25 | 00,338,155 | ---- | M] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu154.pdf
[2009/11/20 12:22:19 | 00,201,777 | ---- | M] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu153.pdf
[2009/11/20 12:22:15 | 00,440,895 | ---- | M] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu152.pdf
[2009/11/20 12:22:10 | 00,142,842 | ---- | M] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu151.pdf
[2009/11/20 12:21:12 | 00,139,448 | ---- | M] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu149.pdf
[2009/11/20 12:21:06 | 00,147,610 | ---- | M] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu150.pdf
[2009/11/20 12:20:58 | 00,141,075 | ---- | M] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu148.pdf
[2009/11/20 12:20:51 | 00,142,291 | ---- | M] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu147.pdf
[2009/11/20 12:20:43 | 00,097,804 | ---- | M] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu146.pdf
[2009/11/20 12:20:38 | 00,094,474 | ---- | M] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu145.pdf
[2009/11/20 12:20:33 | 00,099,097 | ---- | M] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu144.pdf
[2009/11/20 12:20:26 | 00,099,024 | ---- | M] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu143.pdf
[2009/11/20 12:20:21 | 00,096,480 | ---- | M] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu142.pdf
[2009/11/20 12:20:15 | 00,095,923 | ---- | M] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu141.pdf
[2009/11/20 12:20:10 | 00,094,045 | ---- | M] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu140.pdf
[2009/11/20 12:20:03 | 00,096,046 | ---- | M] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu139.pdf
[2009/11/17 18:53:00 | 00,000,282 | ---- | M] () -- C:\WINDOWS\tasks\Uniblue SpyEraser Nag.job
[2009/11/17 13:44:27 | 00,000,654 | ---- | M] () -- C:\WINDOWS\win.ini
[2009/11/17 13:43:59 | 00,000,006 | ---- | M] () -- C:\WINDOWS\msoffice.ini
[2009/11/11 05:23:55 | 06,310,936 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2009/11/10 23:08:24 | 00,094,208 | ---- | M] (Apple Inc.) -- C:\WINDOWS\System32\QuickTimeVR.qtx
[2009/11/10 23:08:24 | 00,069,632 | ---- | M] (Apple Inc.) -- C:\WINDOWS\System32\QuickTime.qts
[2009/11/05 12:36:21 | 26,768,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\MRT.exe
[2009/11/02 12:11:45 | 00,555,502 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2009/11/02 12:11:45 | 00,465,364 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2009/11/02 12:11:45 | 00,080,070 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2009/10/31 08:26:17 | 06,021,032 | ---- | M] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\Pelvic_clock_jaw_p1.wma
[2009/10/31 08:26:16 | 09,936,801 | ---- | M] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\Pelvic_clock_jaw_p2.wma
[2009/10/31 08:25:06 | 01,877,092 | ---- | M] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\NLP_2_med.wma
[9 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2009/11/25 23:58:26 | 00,000,696 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2009/11/21 09:31:22 | 00,001,804 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2009/11/21 09:25:44 | 00,001,604 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\QuickTime Player.lnk
[2009/11/20 20:34:37 | 00,536,637 | ---- | C] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu207-1.pdf
[2009/11/20 13:10:25 | 01,629,137 | ---- | C] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\gopaljiu catalog_magazines_09.pdf
[2009/11/20 13:06:11 | 01,930,059 | ---- | C] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\gopaljiu catalog_books_09.pdf
[2009/11/20 12:31:37 | 00,547,189 | ---- | C] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu214.pdf
[2009/11/20 12:31:32 | 00,516,039 | ---- | C] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu213.pdf
[2009/11/20 12:31:28 | 00,573,200 | ---- | C] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu212.pdf
[2009/11/20 12:31:25 | 00,480,457 | ---- | C] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu211.pdf
[2009/11/20 12:29:34 | 00,464,019 | ---- | C] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu210.pdf
[2009/11/20 12:29:31 | 00,495,620 | ---- | C] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu209.pdf
[2009/11/20 12:29:28 | 00,441,437 | ---- | C] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu208.pdf
[2009/11/20 12:29:24 | 00,536,637 | ---- | C] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu207.pdf
[2009/11/20 12:29:16 | 00,442,333 | ---- | C] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu206.pdf
[2009/11/20 12:29:11 | 00,463,192 | ---- | C] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu205.pdf
[2009/11/20 12:29:06 | 00,462,620 | ---- | C] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu204.pdf
[2009/11/20 12:29:01 | 00,487,278 | ---- | C] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu203.pdf
[2009/11/20 12:28:55 | 00,384,724 | ---- | C] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu202.pdf
[2009/11/20 12:28:50 | 00,265,125 | ---- | C] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu201.pdf
[2009/11/20 12:28:45 | 00,371,997 | ---- | C] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu200.pdf
[2009/11/20 12:28:40 | 00,293,797 | ---- | C] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu199.pdf
[2009/11/20 12:28:35 | 00,313,614 | ---- | C] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu198.pdf
[2009/11/20 12:28:23 | 00,134,819 | ---- | C] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu197.pdf
[2009/11/20 12:28:18 | 00,134,584 | ---- | C] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu196.pdf
[2009/11/20 12:28:13 | 00,133,440 | ---- | C] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu195.pdf
[2009/11/20 12:28:03 | 00,313,361 | ---- | C] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu194.pdf
[2009/11/20 12:27:55 | 00,171,103 | ---- | C] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu193.pdf
[2009/11/20 12:27:50 | 00,172,333 | ---- | C] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu192.pdf
[2009/11/20 12:27:45 | 00,192,090 | ---- | C] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu191.pdf
[2009/11/20 12:27:40 | 00,179,156 | ---- | C] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu190.pdf
[2009/11/20 12:27:31 | 00,180,536 | ---- | C] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu189.pdf
[2009/11/20 12:27:24 | 00,174,674 | ---- | C] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu188.pdf
[2009/11/20 12:27:19 | 00,193,994 | ---- | C] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu187.pdf
[2009/11/20 12:27:13 | 00,190,730 | ---- | C] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu186.pdf
[2009/11/20 12:27:07 | 00,125,637 | ---- | C] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu185.pdf
[2009/11/20 12:27:00 | 00,155,321 | ---- | C] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu184.pdf
[2009/11/20 12:26:56 | 00,196,543 | ---- | C] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu183.pdf
[2009/11/20 12:26:52 | 00,117,767 | ---- | C] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu182.pdf
[2009/11/20 12:26:48 | 00,160,854 | ---- | C] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu181.pdf
[2009/11/20 12:24:50 | 00,157,792 | ---- | C] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu180.pdf
[2009/11/20 12:24:46 | 00,178,077 | ---- | C] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu179.pdf
[2009/11/20 12:24:40 | 00,167,098 | ---- | C] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu178.pdf
[2009/11/20 12:24:36 | 00,165,025 | ---- | C] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu177.pdf
[2009/11/20 12:24:33 | 00,162,669 | ---- | C] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu176.pdf
[2009/11/20 12:24:27 | 00,157,575 | ---- | C] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu175.pdf
[2009/11/20 12:24:23 | 00,151,666 | ---- | C] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu174.pdf
[2009/11/20 12:24:19 | 00,114,780 | ---- | C] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu173.pdf
[2009/11/20 12:24:11 | 00,102,268 | ---- | C] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu172.pdf
[2009/11/20 12:24:07 | 00,109,744 | ---- | C] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu171.pdf
[2009/11/20 12:24:01 | 00,108,314 | ---- | C] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu170.pdf
[2009/11/20 12:23:51 | 00,127,454 | ---- | C] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu169.pdf
[2009/11/20 12:23:47 | 00,131,195 | ---- | C] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu168.pdf
[2009/11/20 12:23:43 | 00,134,554 | ---- | C] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu167.pdf
[2009/11/20 12:23:33 | 00,150,332 | ---- | C] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu166.pdf
[2009/11/20 12:23:24 | 00,146,067 | ---- | C] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu165.pdf
[2009/11/20 12:23:19 | 00,140,325 | ---- | C] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu164.pdf
[2009/11/20 12:23:15 | 00,133,902 | ---- | C] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu163.pdf
[2009/11/20 12:23:09 | 00,128,320 | ---- | C] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu162.pdf
[2009/11/20 12:23:05 | 00,128,447 | ---- | C] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu161.pdf
[2009/11/20 12:22:56 | 00,143,039 | ---- | C] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu160.pdf
[2009/11/20 12:22:51 | 00,133,355 | ---- | C] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu159.pdf
[2009/11/20 12:22:47 | 00,134,403 | ---- | C] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu158.pdf
[2009/11/20 12:22:40 | 00,141,712 | ---- | C] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu157.pdf
[2009/11/20 12:22:35 | 00,161,518 | ---- | C] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu156.pdf
[2009/11/20 12:22:31 | 00,110,827 | ---- | C] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu155.pdf
[2009/11/20 12:22:25 | 00,338,155 | ---- | C] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu154.pdf
[2009/11/20 12:22:19 | 00,201,777 | ---- | C] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu153.pdf
[2009/11/20 12:22:15 | 00,440,895 | ---- | C] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu152.pdf
[2009/11/20 12:22:10 | 00,142,842 | ---- | C] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu151.pdf
[2009/11/20 12:21:12 | 00,139,448 | ---- | C] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu149.pdf
[2009/11/20 12:21:06 | 00,147,610 | ---- | C] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu150.pdf
[2009/11/20 12:20:58 | 00,141,075 | ---- | C] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu148.pdf
[2009/11/20 12:20:51 | 00,142,291 | ---- | C] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu147.pdf
[2009/11/20 12:20:43 | 00,097,804 | ---- | C] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu146.pdf
[2009/11/20 12:20:38 | 00,094,474 | ---- | C] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu145.pdf
[2009/11/20 12:20:33 | 00,099,097 | ---- | C] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu144.pdf
[2009/11/20 12:20:26 | 00,099,024 | ---- | C] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu143.pdf
[2009/11/20 12:20:21 | 00,096,480 | ---- | C] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu142.pdf
[2009/11/20 12:20:15 | 00,095,923 | ---- | C] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu141.pdf
[2009/11/20 12:20:10 | 00,094,045 | ---- | C] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu140.pdf
[2009/11/20 12:20:03 | 00,096,046 | ---- | C] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\bindu139.pdf
[2009/11/17 13:43:08 | 00,000,006 | ---- | C] () -- C:\WINDOWS\msoffice.ini
[2009/11/10 10:56:12 | 09,536,000 | ---- | C] () -- C:\Documents and Settings\Srila Gurudeva\Desktop\collection costs.xls
[2009/11/06 12:58:30 | 21,455,05280 | -HS- | C] () -- C:\hiberfil.sys
[2009/10/31 08:25:14 | 06,021,032 | ---- | C] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\Pelvic_clock_jaw_p1.wma
[2009/10/31 08:25:07 | 09,936,801 | ---- | C] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\Pelvic_clock_jaw_p2.wma
[2009/10/31 08:25:05 | 01,877,092 | ---- | C] () -- C:\Documents and Settings\Srila Gurudeva\My Documents\NLP_2_med.wma
[2009/02/14 01:34:53 | 12,385,064 | -H-- | C] () -- C:\Documents and Settings\Srila Gurudeva\Local Settings\Application Data\IconCache.db
[2009/02/10 09:24:01 | 00,000,000 | ---- | C] () -- C:\WINDOWS\PROTOCOL.INI
[2009/02/10 09:07:20 | 00,000,000 | ---- | C] () -- C:\Documents and Settings\Srila Gurudeva\Local Settings\Application Data\imageCache7.db
[2008/11/30 20:14:21 | 00,000,000 | ---- | C] () -- C:\Documents and Settings\Srila Gurudeva\Local Settings\Application Data\FnF4.txt
[2008/11/16 20:36:22 | 00,000,256 | ---- | C] () -- C:\WINDOWS\System32\42upd.dll
[2008/11/14 00:02:36 | 00,000,256 | ---- | C] () -- C:\WINDOWS\System32\41upd.dll
[2008/10/30 08:57:50 | 00,000,256 | ---- | C] () -- C:\WINDOWS\System32\40upd.dll
[2008/02/11 08:39:26 | 00,253,952 | ---- | C] () -- C:\WINDOWS\System32\OnlineScannerDLLA.dll
[2008/02/11 08:39:18 | 00,237,568 | ---- | C] () -- C:\WINDOWS\System32\OnlineScannerDLLW.dll
[2008/02/08 12:53:46 | 00,110,592 | ---- | C] () -- C:\WINDOWS\System32\OnlineScannerLang.dll
[2008/01/14 14:02:48 | 00,011,776 | ---- | C] () -- C:\WINDOWS\System32\pmsbfn32.dll
[2008/01/09 15:01:48 | 00,000,453 | ---- | C] () -- C:\WINDOWS\bdoscandellang.ini
[2007/12/26 00:29:33 | 00,000,133 | ---- | C] () -- C:\Program Files\AutoUpdate.dat
[2007/11/22 13:24:38 | 00,000,165 | ---- | C] () -- C:\WINDOWS\QUICKEN.INI
[2007/11/14 13:58:36 | 00,000,388 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI
[2007/10/23 21:12:13 | 00,001,751 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2007/09/27 09:51:02 | 00,020,698 | ---- | C] () -- C:\WINDOWS\System32\idxcntrs.ini
[2007/09/27 09:48:48 | 00,030,628 | ---- | C] () -- C:\WINDOWS\System32\gsrvctr.ini
[2007/09/27 09:48:28 | 00,031,698 | ---- | C] () -- C:\WINDOWS\System32\gthrctr.ini
[2007/07/27 13:49:02 | 00,225,355 | ---- | C] () -- C:\WINDOWS\System32\lnod32apiW.dll
[2007/07/27 13:49:02 | 00,196,683 | ---- | C] () -- C:\WINDOWS\System32\lnod32apiA.dll
[2007/07/19 11:31:55 | 00,000,034 | ---- | C] () -- C:\WINDOWS\webica.ini
[2007/05/08 18:59:45 | 00,005,632 | ---- | C] () -- C:\Documents and Settings\Srila Gurudeva\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007/05/03 12:01:11 | 00,191,624 | ---- | C] () -- C:\Documents and Settings\Srila Gurudeva\Application Data\GDIPFONTCACHEV1.DAT
[2007/04/12 15:30:19 | 00,000,075 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2006/11/30 14:28:50 | 00,000,027 | ---- | C] () -- C:\WINDOWS\SmartAudio.INI
[2006/11/27 01:05:18 | 00,000,023 | ---- | C] () -- C:\WINDOWS\AudiMovie.INI
[2006/11/27 01:03:31 | 00,761,856 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2006/11/27 01:03:31 | 00,180,224 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2006/11/27 01:03:30 | 03,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2006/11/27 00:57:09 | 00,000,067 | ---- | C] () -- C:\WINDOWS\#1 DVD Audio Ripper.INI
[2006/11/27 00:36:25 | 00,000,000 | ---- | C] () -- C:\WINDOWS\AudioDVD.INI
[2006/11/21 19:41:47 | 00,000,014 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\DragToDiscUserNameD.txt
[2006/11/21 08:58:45 | 00,208,008 | ---- | C] () -- C:\Documents and Settings\Srila Gurudeva\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2006/11/19 10:35:58 | 00,000,058 | ---- | C] () -- C:\WINDOWS\System32\EAL32.INI
[2006/11/19 10:35:53 | 00,000,066 | ---- | C] () -- C:\WINDOWS\ESPR200.ini
[2006/10/31 16:23:08 | 00,000,022 | ---- | C] () -- C:\WINDOWS\System32\PICSDK.ini
[2006/10/31 16:19:07 | 00,096,768 | ---- | C] () -- C:\WINDOWS\SlantAdj.dll
[2006/10/31 16:19:07 | 00,000,072 | ---- | C] () -- C:\WINDOWS\System32\epDPE.ini
[2006/10/31 16:18:01 | 00,000,043 | ---- | C] () -- C:\WINDOWS\EP4180.ini
[2006/10/30 22:22:36 | 00,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2006/10/30 21:30:18 | 00,000,000 | ---- | C] () -- C:\Documents and Settings\Srila Gurudeva\Local Settings\Application Data\QSwitch.txt
[2006/10/30 21:30:18 | 00,000,000 | ---- | C] () -- C:\Documents and Settings\Srila Gurudeva\Local Settings\Application Data\DSwitch.txt
[2006/10/30 21:30:18 | 00,000,000 | ---- | C] () -- C:\Documents and Settings\Srila Gurudeva\Local Settings\Application Data\AtStart.txt
[2006/10/27 17:50:56 | 00,000,062 | -HS- | C] () -- C:\Documents and Settings\Srila Gurudeva\Application Data\desktop.ini
[2006/10/27 13:29:40 | 00,000,062 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\desktop.ini
[2006/06/29 13:58:52 | 00,030,808 | ---- | C] () -- C:\WINDOWS\Fonts\GlobalUserInterface.CompositeFont
[2006/06/29 13:53:56 | 00,026,489 | ---- | C] () -- C:\WINDOWS\Fonts\GlobalSansSerif.CompositeFont
[2006/04/18 14:39:28 | 00,029,779 | ---- | C] () -- C:\WINDOWS\Fonts\GlobalSerif.CompositeFont
[2006/04/18 14:39:28 | 00,026,040 | ---- | C] () -- C:\WINDOWS\Fonts\GlobalMonospace.CompositeFont
[2006/04/15 17:26:00 | 01,662,976 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2006/04/15 17:26:00 | 01,466,368 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2006/04/15 17:26:00 | 01,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2006/04/15 17:26:00 | 00,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2006/04/15 17:26:00 | 00,098,304 | ---- | C] () -- C:\WINDOWS\System32\nvapi.dll
[2006/02/28 07:00:00 | 00,000,654 | ---- | C] () -- C:\WINDOWS\win.ini
[2006/02/28 07:00:00 | 00,000,227 | ---- | C] () -- C:\WINDOWS\system.ini
[2006/02/27 16:51:36 | 00,090,112 | ---- | C] () -- C:\WINDOWS\System32\btprn2k.dll
[2005/12/05 18:25:22 | 00,139,264 | ---- | C] () -- C:\WINDOWS\System32\lnod32umc.dll
[2005/12/05 11:37:10 | 00,106,496 | ---- | C] () -- C:\WINDOWS\System32\lnod32upd.dll
[2003/01/07 15:05:08 | 00,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2002/05/15 22:29:04 | 00,000,607 | ---- | C] () -- C:\WINDOWS\System32\BTNeighborhood.dll.manifest
[2001/11/23 17:18:00 | 00,000,597 | ---- | C] () -- C:\WINDOWS\System32\btcss.dll.manifest
[2001/11/14 12:56:00 | 01,802,240 | ---- | C] () -- C:\WINDOWS\System32\lcppn21.dll

========== Alternate Data Streams ==========

@Alternate Data Stream - 8168 bytes -> C:\Program Files\Common Files:

 
 

  
 


@Alternate Data Stream - 8168 bytes -> C:\Program Files\Common Files:
    
  

 

@Alternate Data Stream - 8168 bytes -> C:\Program Files\Common Files:
      

  

@Alternate Data Stream - 8168 bytes -> C:\Program Files\Common Files:

 

 
  


@Alternate Data Stream - 8168 bytes -> C:\Program Files\Common Files:
   

 
   


@Alternate Data Stream - 8168 bytes -> C:\Program Files\Common Files:
  
 

 
@Alternate Data Stream - 8168 bytes -> C:\Program Files\Common Files:
  
   
 


@Alternate Data Stream - 8168 bytes -> C:\Program Files\Common Files:
     
  


 

@Alternate Data Stream - 8168 bytes -> C:\Program Files\Common Files:

   



 

    
@Alternate Data Stream - 8168 bytes -> C:\Program Files\Common Files:
 



  
 
  

@Alternate Data Stream - 8168 bytes -> C:\Program Files\Common Files:


  
 
   
@Alternate Data Stream - 8168 bytes -> C:\Program Files\Common Files:

 


      
@Alternate Data Stream - 8168 bytes -> C:\Program Files\Common Files:

 
  
 
    
@Alternate Data Stream - 8168 bytes -> C:\Program Files\Common Files:

 
   
  
@Alternate Data Stream - 8168 bytes -> C:\Program Files\Common Files:


   
 

 

 
 
 

@Alternate Data Stream - 8168 bytes -> C:\Program Files\Common Files:



  
  
   
@Alternate Data Stream - 8168 bytes -> C:\Program Files\Common Files:
 


   

  



@Alternate Data Stream - 8168 bytes -> C:\Program Files\Common Files:
 


 

       
 
@Alternate Data Stream - 8168 bytes -> C:\Program Files\Common Files:
   


   

  
  
@Alternate Data Stream - 8168 bytes -> C:\Program Files\Common Files:
  

 

 
    

@Alternate Data Stream - 8168 bytes -> C:\Program Files\Common Files: 
 



 


@Alternate Data Stream - 8168 bytes -> C:\Program Files\Common Files: 
  

@Alternate Data Stream - 8168 bytes -> C:\Program Files\Common Files:
 
   
 
  
@Alternate Data Stream - 8168 bytes -> C:\Program Files\Common Files: 
  
   

 
@Alternate Data Stream - 8168 bytes -> C:\Program Files\Common Files: 
    
 
 
   
@Alternate Data Stream - 8168 bytes -> C:\Program Files\Common Files: 


   
@Alternate Data Stream - 8168 bytes -> C:\Program Files\Common Files: 
       



@Alternate Data Stream - 8168 bytes -> C:\Program Files\Common Files:  
  
 
  
@Alternate Data Stream - 8168 bytes -> C:\Program Files\Common Files:    


  


 
@Alternate Data Stream - 8168 bytes -> C:\Program Files\Common Files:   
 
  

 

@Alternate Data Stream - 8168 bytes -> C:\Program Files\Common Files:    



 
 

@Alternate Data Stream - 8168 bytes -> C:\Program Files\Common Files:       




 

  
   

@Alternate Data Stream - 8168 bytes -> C:\Program Files\Common Files:   

  
   
 


@Alternate Data Stream - 8168 bytes -> C:\Program Files\Common Files:  

    

    
@Alternate Data Stream - 8168 bytes -> C:\Program Files\Common Files: 


 
 


 
  

 
@Alternate Data Stream - 8168 bytes -> C:\Program Files\Common Files: 
  
 








  
@Alternate Data Stream - 8168 bytes -> C:\Program Files\Common Files:     
  
@Alternate Data Stream - 8168 bytes -> C:\Program Files\Common Files:  

  

  
 
@Alternate Data Stream - 8168 bytes -> C:\Program Files\Common Files:  

  

    
@Alternate Data Stream - 8168 bytes -> C:\Program Files\Common Files:  

  
@Alternate Data Stream - 8168 bytes -> C:\Program Files\Common Files:     
  


@Alternate Data Stream - 8168 bytes -> C:\Program Files\Common Files: 



 
 
  
@Alternate Data Stream - 8168 bytes -> C:\Program Files\Common Files: 
 
 
  
 
  


 
@Alternate Data Stream - 8168 bytes -> C:\Program Files\Common Files: 
   
 
       
@Alternate Data Stream - 8168 bytes -> C:\Program Files\Common Files:       
 

 

@Alternate Data Stream - 8168 bytes -> C:\Program Files\Common Files:   
  

   
@Alternate Data Stream - 8168 bytes -> C:\Program Files\Common Files:   
  

 
 
 
@Alternate Data Stream - 8168 bytes -> C:\Program Files\Common Files: 
   
   
 

@Alternate Data Stream - 8168 bytes -> C:\Program Files\Common Files: 

   


 


@Alternate Data Stream - 8168 bytes -> C:\Program Files\Common Files: 

    
    
@Alternate Data Stream - 8168 bytes -> C:\Program Files\Common Files: 
 
  
 

 
@Alternate Data Stream - 8168 bytes -> C:\Program Files\Common Files:   
  
 
 


  

 
@Alternate Data Stream - 8168 bytes -> C:\Program Files\Common Files:  

  
 

@Alternate Data Stream - 8168 bytes -> C:\Program Files\Common Files: 
  
  

   
 

@Alternate Data Stream - 8168 bytes -> C:\Program Files\Common Files:   
 

  


 
@Alternate Data Stream - 8168 bytes -> C:\Program Files\Common Files:   
   

 

@Alternate Data Stream - 8168 bytes -> C:\Program Files\Common Files:         
   

 
@Alternate Data Stream - 8168 bytes -> C:\Program Files\Common Files:    


   
 


    
@Alternate Data Stream - 8168 bytes -> C:\Program Files\Common Files:  





  
  

@Alternate Data Stream - 8168 bytes -> C:\Program Files\Common Files:  

   



 
@Alternate Data Stream - 8168 bytes -> C:\Program Files\Common Files:   
 


  
 
 

@Alternate Data Stream - 8168 bytes -> C:\Program Files\Common Files: 



 


    

@Alternate Data Stream - 8168 bytes -> C:\Program Files\Common Files:

  



  

 
@Alternate Data Stream - 8168 bytes -> C:\Program Files\Common Files: 
 

  



 
@Alternate Data Stream - 8168 bytes -> C:\Program Files\Common Files: 
 


 

 
@Alternate Data Stream - 8168 bytes -> C:\Program Files\Common Files: 

    


  


@Alternate Data Stream - 8168 bytes -> C:\Program Files\Common Files: 


    
  
@Alternate Data Stream - 8168 bytes -> C:\Program Files\Common Files: 
            

  
@Alternate Data Stream - 8168 bytes -> C:\Program Files\Common Files: 

    

 
 
 
  

@Alternate Data Stream - 8168 bytes -> C:\Program Files\Common Files:   
 
   
 
 
 
@Alternate Data Stream - 8168 bytes -> C:\Program Files\Common Files:   



 

 
   
@Alternate Data Stream - 8168 bytes -> C:\Program Files\Common Files:     
  


 


@Alternate Data Stream - 8168 bytes -> C:\Program Files\Common Files: 

  

  


   
@Alternate Data Stream - 8168 bytes -> C:\Program Files\Common Files:  
 
 



 
 
@Alternate Data Stream - 8168 bytes -> C:\Program Files\Common Files:


     

  
 
@Alternate Data Stream - 8168 bytes -> C:\Program Files\Common Files:
 
 
          


@Alternate Data Stream - 8168 bytes -> C:\Program Files\Common Files:




  
  
 
@Alternate Data Stream - 8168 bytes -> C:\Program Files\Common Files:
 


 



   
@Alternate Data Stream - 8168 bytes -> C:\Program Files\Common Files:
 
 
   

   
@Alternate Data Stream - 8168 bytes -> C:\Program Files\Common Files:
  


    


@Alternate Data Stream - 8168 bytes -> C:\Program Files\Common Files:

     

 
 
  

 

@Alternate Data Stream - 8168 bytes -> C:\Program Files\Common Files:

   


 
  
  
@Alternate Data Stream - 8168 bytes -> C:\Program Files\Common Files:

  

   

@Alternate Data Stream - 8168 bytes -> C:\Program Files\Common Files:

     

 
   


@Alternate Data Stream - 8168 bytes -> C:\Program Files\Common Files:



      
@Alternate Data Stream - 8168 bytes -> C:\Program Files\Common Files:

   
  


 
  

  

@Alternate Data Stream - 8168 bytes -> C:\Program Files\Common Files:

   

      

@Alternate Data Stream - 8168 bytes -> C:\Program Files\Common Files: 
 
  
    


@Alternate Data Stream - 8168 bytes -> C:\Program Files\Common Files: 
 

 
    
 


@Alternate Data Stream - 8168 bytes -> C:\Program Files\Common Files:

        

@Alternate Data Stream - 8168 bytes -> C:\Program Files\Common Files: 

 

    

@Alternate Data Stream - 8168 bytes -> C:\Program Files\Common Files:  
  
 


     
@Alternate Data Stream - 8168 bytes -> C:\Program Files\Common Files:     
   
    
@Alternate Data Stream - 8168 bytes -> C:\Program Files\Common Files:  
 
      


 

@Alternate Data Stream - 8168 bytes -> C:\Program Files\Common Files:    



 

   
@Alternate Data Stream - 8168 bytes -> C:\Program Files\Common Files:  
 


   

  
 
@Alternate Data Stream - 8168 bytes -> C:\Program Files\Common Files:   


 
    
@Alternate Data Stream - 8168 bytes -> C:\Program Files\Common Files: 
 

 


@Alternate Data Stream - 8168 bytes -> C:\Program Files\Common Files:   


 
@Alternate Data Stream - 8168 bytes -> C:\Program Files\Common Files: 
 
  
   
 




@Alternate Data Stream - 8168 bytes -> C:\Program Files\Common Files:


 


    
 
  
  
@Alternate Data Stream - 8168 bytes -> C:\Program Files\Common Files: 


  


   
 
@Alternate Data Stream - 8168 bytes -> C:\Program Files\Common Files: 
      
@Alternate Data Stream - 8168 bytes -> C:\Program Files\Common Files:   
  
    
 
@Alternate Data Stream - 8168 bytes -> C:\Program Files\Common Files: 

   
 

   

@Alternate Data Stream - 29624 bytes -> C:\Program Files\Common Files:

   
 


 
@Alternate Data Stream - 29624 bytes -> C:\Program Files\Common Files:



 
   

   
@Alternate Data Stream - 29624 bytes -> C:\Program Files\Common Files:
  


 

  





@Alternate Data Stream - 29624 bytes -> C:\Program Files\Common Files:
  




 
 
 

@Alternate Data Stream - 29624 bytes -> C:\Program Files\Common Files:
 
  
    
   
@Alternate Data Stream - 29624 bytes -> C:\Program Files\Common Files:


 



 


  
@Alternate Data Stream - 29624 bytes -> C:\Program Files\Common Files:
  

 



  

@Alternate Data Stream - 29624 bytes -> C:\Program Files\Common Files:
  
    
   


@Alternate Data Stream - 29624 bytes -> C:\Program Files\Common Files:
    

  

 
 
@Alternate Data Stream - 29624 bytes -> C:\Program Files\Common Files:



  
   
 
@Alternate Data Stream - 29624 bytes -> C:\Program Files\Common Files:
 

 
  
@Alternate Data Stream - 29624 bytes -> C:\Program Files\Common Files:

 
 
    
 
 

@Alternate Data Stream - 29624 bytes -> C:\Program Files\Common Files:
 


  



 

@Alternate Data Stream - 29624 bytes -> C:\Program Files\Common Files:
  
  

  
   
@Alternate Data Stream - 29624 bytes -> C:\Program Files\Common Files:
    
 
 
 
@Alternate Data Stream - 29624 bytes -> C:\Program Files\Common Files:
 
   



     


@Alternate Data Stream - 29624 bytes -> C:\Program Files\Common Files:
 


 
     

@Alternate Data Stream - 29624 bytes -> C:\Program Files\Common Files: 

 


   

@Alternate Data Stream - 29624 bytes -> C:\Program Files\Common Files: 

 
 
 
 


@Alternate Data Stream - 29624 bytes -> C:\Program Files\Common Files: 

    
@Alternate Data Stream - 29624 bytes -> C:\Program Files\Common Files: 
  

 


  
  
@Alternate Data Stream - 29624 bytes -> C:\Program Files\Common Files: 

  
 
  

   
@Alternate Data Stream - 29624 bytes -> C:\Program Files\Common Files: 
  
 
 

   
 
@Alternate Data Stream - 29624 bytes -> C:\Program Files\Common Files:   

 

@Alternate Data Stream - 29624 bytes -> C:\Program Files\Common Files:  
 

  
     
  
@Alternate Data Stream - 29624 bytes -> C:\Program Files\Common Files:  
 
  

@Alternate Data Stream - 29624 bytes -> C:\Program Files\Common Files:     

  

  

@Alternate Data Stream - 29624 bytes -> C:\Program Files\Common Files:    

 


 
  
 
 
  

@Alternate Data Stream - 29624 bytes -> C:\Program Files\Common Files:  
  
   


 



 
@Alternate Data Stream - 29624 bytes -> C:\Program Files\Common Files: 


 


 


 
   

@Alternate Data Stream - 29624 bytes -> C:\Program Files\Common Files:      


 


@Alternate Data Stream - 29624 bytes -> C:\Program Files\Common Files:   
    


@Alternate Data Stream - 29624 bytes -> C:\Program Files\Common Files: 

 

 

 
    
@Alternate Data Stream - 29624 bytes -> C:\Program Files\Common Files: 



  
 

 

@Alternate Data Stream - 29624 bytes -> C:\Program Files\Common Files: 
   

  

  
@Alternate Data Stream - 29624 bytes -> C:\Program Files\Common Files: 
 

 
 

 

@Alternate Data Stream - 29624 bytes -> C:\Program Files\Common Files: 

      

  

@Alternate Data Stream - 29624 bytes -> C:\Program Files\Common Files: 

 
  


   
@Alternate Data Stream - 29624 bytes -> C:\Program Files\Common Files: 


  
  
  


 


 
@Alternate Data Stream - 29624 bytes -> C:\Program Files\Common Files: 
   
       

 
@Alternate Data Stream - 29624 bytes -> C:\Program Files\Common Files: 
     
  


@Alternate Data Stream - 29624 bytes -> C:\Program Files\Common Files:   

 
 
    

 
@Alternate Data Stream - 29624 bytes -> C:\Program Files\Common Files:  
     



@Alternate Data Stream - 29624 bytes -> C:\Program Files\Common Files:    
  







@Alternate Data Stream - 29624 bytes -> C:\Program Files\Common Files:  

 
  
  

@Alternate Data Stream - 29624 bytes -> C:\Program Files\Common Files:   
 
 
   
    
@Alternate Data Stream - 29624 bytes -> C:\Program Files\Common Files:   

  



 


 


@Alternate Data Stream - 29624 bytes -> C:\Program Files\Common Files:  


 
   




 
@Alternate Data Stream - 29624 bytes -> C:\Program Files\Common Files:   
 


   
@Alternate Data Stream - 29624 bytes -> C:\Program Files\Common Files: 

  
 

  

@Alternate Data Stream - 29624 bytes -> C:\Program Files\Common Files:      









@Alternate Data Stream - 29624 bytes -> C:\Program Files\Common Files:    

    
 

@Alternate Data Stream - 29624 bytes -> C:\Program Files\Common Files: 
  

 
 
 
   
@Alternate Data Stream - 29624 bytes -> C:\Program Files\Common Files: 
 

 

 
@Alternate Data Stream - 29624 bytes -> C:\Program Files\Common Files: 
 
 
@Alternate Data Stream - 29624 bytes -> C:\Program Files\Common Files: 
  

    
    


@Alternate Data Stream - 29624 bytes -> C:\Program Files\Common Files:   
  






@Alternate Data Stream - 29624 bytes -> C:\Program Files\Common Files:   

     
 
@Alternate Data Stream - 29624 bytes -> C:\Program Files\Common Files:   
  


      
 
@Alternate Data Stream - 29624 bytes -> C:\Program Files\Common Files:  
   
  


@Alternate Data Stream - 29624 bytes -> C:\Program Files\Common Files:  

 
 

   
 
@Alternate Data Stream - 29624 bytes -> C:\Program Files\Common Files:  
      
 


 
@Alternate Data Stream - 29624 bytes -> C:\Program Files\Common Files:   
    

 




@Alternate Data Stream - 29624 bytes -> C:\Program Files\Common Files:



 
    


 
@Alternate Data Stream - 29624 bytes -> C:\Program Files\Common Files:

 






   

@Alternate Data Stream - 29624 bytes -> C:\Program Files\Common Files:

 


 

 
  
@Alternate Data Stream - 29624 bytes -> C:\Program Files\Common Files:


 
  

   
@Alternate Data Stream - 29624 bytes -> C:\Program Files\Common Files:


  
 



  
@Alternate Data Stream - 29624 bytes -> C:\Program Files\Common Files:


    
   

 


@Alternate Data Stream - 29624 bytes -> C:\Program Files\Common Files:

   
 

@Alternate Data Stream - 29624 bytes -> C:\Program Files\Common Files:

 

  

  

 

@Alternate Data Stream - 29624 bytes -> C:\Program Files\Common Files:
 
       

@Alternate Data Stream - 29624 bytes -> C:\Program Files\Common Files:
 
 

 
 
@Alternate Data Stream - 29624 bytes -> C:\Program Files\Common Files:
  



 
 

 
 
 

@Alternate Data Stream - 29624 bytes -> C:\Program Files\Common Files:
 
  

  
    
@Alternate Data Stream - 29624 bytes -> C:\Program Files\Common Files:
 
 
  

 



@Alternate Data Stream - 29624 bytes -> C:\Program Files\Common Files:
   
 
   
  
@Alternate Data Stream - 29624 bytes -> C:\Program Files\Common Files:


     


  
@Alternate Data Stream - 29624 bytes -> C:\Program Files\Common Files:

   


@Alternate Data Stream - 29624 bytes -> C:\Program Files\Common Files:
   
   

 
@Alternate Data Stream - 29624 bytes -> C:\Program Files\Common Files:
  
  



 

@Alternate Data Stream - 29624 bytes -> C:\Program Files\Common Files:
   


 
 

  

 

@Alternate Data Stream - 29624 bytes -> C:\Program Files\Common Files:
 
      


@Alternate Data Stream - 29624 bytes -> C:\Program Files\Common Files: 

 

 
 


@Alternate Data Stream - 29624 bytes -> C:\Program Files\Common Files:



   

    



 
 
@Alternate Data Stream - 29624 bytes -> C:\Program Files\Common Files: 

 
 

  
 





 
 


@Alternate Data Stream - 29624 bytes -> C:\Program Files\Common Files: 

   

    
 
@Alternate Data Stream - 29624 bytes -> C:\Program Files\Common Files: 
  


     
@Alternate Data Stream - 29624 bytes -> C:\Program Files\Common Files: 
  

 
 
 
@Alternate Data Stream - 29624 bytes -> C:\Program Files\Common Files: 
   
 
 
@Alternate Data Stream - 29624 bytes -> C:\Program Files\Common Files:    
  







@Alternate Data Stream - 29624 bytes -> C:\Program Files\Common Files:     


 

  


@Alternate Data Stream - 29624 bytes -> C:\Program Files\Common Files:  

   
@Alternate Data Stream - 29624 bytes -> C:\Program Files\Common Files:  
 
  
 
 

@Alternate Data Stream - 29624 bytes -> C:\Program Files\Common Files:   
   
   

  
@Alternate Data Stream - 29624 bytes -> C:\Program Files\Common Files: 


 

     
@Alternate Data Stream - 29624 bytes -> C:\Program Files\Common Files: 

 

 


 
 
@Alternate Data Stream - 29624 bytes -> C:\Program Files\Common Files:
   
 
 
@Alternate Data Stream - 29624 bytes -> C:\Program Files\Common Files: 
 





 
@Alternate Data Stream - 29624 bytes -> C:\Program Files\Common Files: 
     
  

@Alternate Data Stream - 29624 bytes -> C:\Program Files\Common Files:
    
   

   



@Alternate Data Stream - 29624 bytes -> C:\Program Files\Common Files: 







    


@Alternate Data Stream - 29624 bytes -> C:\Program Files\Common Files: 


 



 
@Alternate Data Stream - 29624 bytes -> C:\Program Files\Common Files: 



 


 
    
@Alternate Data Stream - 29624 bytes -> C:\Program Files\Common Files: 


 
    



  
@Alternate Data Stream - 29624 bytes -> C:\Program Files\Common Files: 
 








 

  
@Alternate Data Stream - 29624 bytes -> C:\Program Files\Common Files: 

 


 

 

@Alternate Data Stream - 29624 bytes -> C:\Program Files\Common Files:     
   
  
@Alternate Data Stream - 29624 bytes -> C:\Program Files\Common Files: 
   

  
  

@Alternate Data Stream - 104 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2

< End of report >

#12 myrti

myrti

    Sillyberry


  • Malware Study Hall Admin
  • 33,766 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:At home
  • Local time:09:53 AM

Posted 29 November 2009 - 03:15 PM

Hi,

what you are describing is clearly a hardware problem. I would suggest that you get that fixed and once your PC is can be turned on safely again we continue here.


If you agree with this I will temporarily close the topic until your fan is looked at and you can contact me per PM once you want the topic reopened. Would this be ok for you?

regards myrti

is that a bird?  a plane? nooo it's the flying blueberry!

If I have been helping you and haven't replied in 2 days, feel free to shoot me a PM! Please don't send help request via PM, unless I am already helping you. Use the forums!

 

Follow BleepingComputer on: Facebook | Twitter | Google+


#13 creativegd

creativegd
  • Topic Starter

  • Members
  • 73 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Atlanta
  • Local time:03:53 AM

Posted 01 December 2009 - 11:14 AM

Hi, yes that will be fine. I will have someone look at the fan so we can progress. I will contact you as soon as it is ready.

#14 creativegd

creativegd
  • Topic Starter

  • Members
  • 73 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Atlanta
  • Local time:03:53 AM

Posted 06 December 2009 - 10:46 AM

Hi,

Just wanted to let you know that the laptop is back from the tech who was working on the issue with the fan. He did a diagnostic including a stress test and could not find anything. He said it did not crash once. He cleaned it out and told me there was alot of dust and things clogging up the inside of the computer including the fan. He researched the HP fan for this model and told me it is a design flaw and that many other people have this same problem of the fan grinding and making a lot of noise against the casing. I asked him to look into replacing it and apparently HP does not sell this part anymore, so I think I maybe stuck with it. On the bright side, the cleaning has helped alot and the laptop does not make as much noise, only occasionally. Nothing else to report.

So I can work on the laptop now. Please let me know the next step or what you would like to suggest.

Thanks

#15 myrti

myrti

    Sillyberry


  • Malware Study Hall Admin
  • 33,766 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:At home
  • Local time:09:53 AM

Posted 11 December 2009 - 09:36 AM

Hi,

I'm terribly sorry for the delay. :( I had unexpected family issues to deal with, which left me without internet access for most of the week, but I'm back in the internet connected world now and I hope there won't be any more delays.

I'm happy to hear that the cleaning was a success :(

Please run a new scan with OTL and gmer so we get up to date logs:

Please download GMER from one of the following locations and save it to your desktop:
  • Main Mirror
    This version will download a randomly named file (Recommended)
  • Zipped Mirror
    This version will download a zip file you will need to extract first. If you use this mirror, please extract the zip file to your desktop.
  • Disconnect from the Internet and close all running programs.
  • Temporarily disable any real-time active protection so your security programs will not conflict with gmer's driver.
  • Double-click on the randomly named GMER file (i.e. n7gmo46c.exe) and allow the gmer.sys driver to load if asked.
  • Note: If you downloaded the zipped version, extract the file to its own folder such as C:\gmer and then double-click on gmer.exe.

    Posted Image
  • GMER will open to the Rootkit/Malware tab and perform an automatic quick scan when first run. (do not use the computer while the scan is in progress)
  • If you receive a WARNING!!! about rootkit activity and are asked to fully scan your system...click NO.
  • Now click the Scan button. If you see a rootkit warning window, click OK.
  • When the scan is finished, click the Save... button to save the scan results to your Desktop. Save the file as gmer.log.
  • Click the Copy button and paste the results into your next reply.
  • Exit GMER and re-enable all active protection when done.
-- If you encounter any problems, try running GMER in Safe Mode.

We need to create an OTL Report
  • Please download OTL from one of the following mirrors:
  • Save it to your desktop.
  • Double click on the Posted Image icon on your desktop.
  • Click the "Scan All Users" checkbox.
  • Push the Posted Image button.
  • a report will open, copy and paste it in a reply here:
    • OT.txt <-- Will be opened
Sorry once more,
regards myrti

Edited by myrti, 11 December 2009 - 09:41 AM.

is that a bird?  a plane? nooo it's the flying blueberry!

If I have been helping you and haven't replied in 2 days, feel free to shoot me a PM! Please don't send help request via PM, unless I am already helping you. Use the forums!

 

Follow BleepingComputer on: Facebook | Twitter | Google+





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users