Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Redirect Trojan/Virus keeps sending my browers to ChinaonTV, epoclick etc.


  • This topic is locked This topic is locked
17 replies to this topic

#1 Jaynev

Jaynev

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:09:02 PM

Posted 07 November 2010 - 04:02 PM

Hi,

I think I have a redirect Trojan/Virus keeps sending my browers to ChinaonTV, epoclick etc. Sometimes the browser just hangs with the status bar saying "google-analytics.com". This affects both Firefox and IE. I ran AVG, Trendmicro etc. and they could not find any infection.

I am attaching the files as per your instructions.

Thanks in advance!

Jay

Attached Files



BC AdBot (Login to Remove)

 


#2 Shannon2012

Shannon2012

  • Security Colleague
  • 3,657 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:North Carolina, USA
  • Local time:10:02 PM

Posted 14 November 2010 - 03:43 PM

Hello and welcome to Bleeping Computer

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine.

If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.

Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.

If you have already posted a DDS log, please do so again, as your situation may have changed.
Use the 'Add Reply' and add the new log to this thread.

Thanks and again sorry for the delay.

We need to see some information about what is happening in your machine. Please perform the following scan:
  • Download DDS by sUBs from one of the following links. Save it to your desktop.
  • Double click on the DDS icon, allow it to run.
  • A small box will open, with an explaination about the tool. No input is needed, the scan is running.
  • Notepad will open with the results.
  • Follow the instructions that pop up for posting the results.
  • Close the program window, and delete the program from your desktop.
Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet.

Information on A/V control HERE

We also need a new log from the GMER anti-rootkit scanner. Please first disable any CD emulation programs using the steps found in this topic:

Why we request you disable CD Emulation when receiving Malware Removal Advice

Then create another GMER log and post it as an attachment to the reply where you post your new DDS log. Instructions on how to properly create a GMER log can be found here:

How to create a GMER log


Shannon

#3 Jaynev

Jaynev
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:09:02 PM

Posted 14 November 2010 - 10:02 PM

Hey Shannon,

Thanks for your reply. Yes, I would like to receive help. I quite understand that the volunteers have much to do and it takes time to respond.

I have followed the instructions and run DDS and GMER. Here are the results of DDS and GMER. Also attached is the zipped file Attach.

Thanks again,

JN


DDS (Ver_10-11-10.01) - NTFS_AMD64
Run by Jayanta at 14:32:40.56 on Sun 11/14/2010
Internet Explorer: 8.0.6001.18975 BrowserJavaVersion: 1.6.0_20
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.3837.1416 [GMT -8:00]

SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}

============== Running Processes ===============

C:\PROGRA~2\AVG\AVG10\avgchsva.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\system32\Ati2evxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_bd5387da\STacSV64.exe
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\Ati2evxx.exe
C:\Windows\system32\Hpservice.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_bd5387da\AESTSr64.exe
C:\Windows\system32\agr64svc.exe
C:\Program Files (x86)\AVG\AVG10\avgwdsvc.exe
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Program Files (x86)\Juniper Networks\Common Files\dsNcService.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\Windows\system32\lxctcoms.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files (x86)\Common Files\LogiShrd\LVMVFM\LVPrS64H.exe
C:\Program Files (x86)\Norton Internet Security\Engine\16.5.0.135\ccSvcHst.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files (x86)\SMINST\BLService.exe
C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
C:\Program Files (x86)\AVG\AVG10\avgnsa.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe
C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\SearchIndexer.exe
C:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe
C:\Program Files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
C:\Program Files (x86)\Hp\HP Software Update\hpwuSchd2.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrotray.exe
C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files (x86)\AVG\AVG10\avgtray.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
C:\Program Files (x86)\AVG\AVG10\Identity Protection\agent\bin\avgidsmonitor.exe
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files (x86)\Microsoft Office\OFFICE11\WINWORD.EXE
C:\Program Files (x86)\Hewlett-Packard\Shared\hpqToaster.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Windows\splwow64.exe
c:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Windows\SysWow64\Macromed\Flash\FlashUtil10c.exe
C:\Windows\system32\wuauclt.exe
C:\PROGRA~2\AVG\AVG10\avgrsa.exe
C:\Program Files (x86)\AVG\AVG10\avgcsrva.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Microsoft Office\OFFICE11\OUTLOOK.EXE
C:\Program Files (x86)\Microsoft Office\OFFICE11\POWERPNT.EXE
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\PROGRA~2\Java\jre6\bin\jp2launcher.exe
C:\Program Files (x86)\Java\jre6\bin\java.exe
C:\Windows\system32\NOTEPAD.EXE
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\AVG\AVG10\avgui.exe
C:\Users\Jayanta\Desktop\dds.scr

============== Pseudo HJT Report ===============

uStart Page = hxxp://gmail.com/
uDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=91&bd=Pavilion&pf=cnnb
mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=91&bd=Pavilion&pf=cnnb
mDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=91&bd=Pavilion&pf=cnnb
mWinlogon: Userinit=userinit.exe
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Skype add-on (mastermind): {22bf413b-c6d2-4d91-82a9-a0f997ba588c} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - c:\program files\real\realplayer\rpbrowserrecordplugin.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - C:\Program Files (x86)\AVG\AVG10\avgssie.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: Symantec NCO BHO: {602adb0e-4aff-4217-8aa1-95dac4dfa408} - C:\Program Files (x86)\Norton Internet Security\Engine\16.5.0.135\coIEPlg.dll
BHO: Symantec Intrusion Prevention: {6d53ec84-6aae-4787-aeee-f4628f01010c} - C:\Program Files (x86)\Norton Internet Security\Engine\16.5.0.135\IPSBHO.DLL
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO: Adobe PDF Conversion Toolbar Helper: {ae7cd045-e861-484f-8273-0445ee161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.6.5612.1312\swg.dll
BHO: Google Dictionary Compression sdch: {c84d72fe-e17d-4195-bb24-76c02e2e7c4e} - C:\Program Files (x86)\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll
BHO: Microsoft Live Search Toolbar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\Program Files (x86)\MSN\Toolbar\3.0.0541.0\msneshellx.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO: SmartSelect Class: {f4971ee7-daa0-4053-9964-665d8ee6a077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
TB: Norton Toolbar: {7febefe3-6b19-4349-98d2-ffb09d4b49ca} - C:\Program Files (x86)\Norton Internet Security\Engine\16.5.0.135\coIEPlg.dll
TB: Microsoft Live Search Toolbar: {1e61ed7c-7cb8-49d6-b9e9-ab4c880c8414} - c:\Program Files (x86)\MSN\Toolbar\3.0.0541.0\msneshellx.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB: Adobe PDF: {47833539-d0c5-4125-9fa8-0819e2eaac93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
TB: {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No File
uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
uRun: [Google Update] "C:\Users\Jayanta\AppData\Local\Google\Update\GoogleUpdate.exe" /c
mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [QlbCtrl.exe] "C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" /Start
mRun: [HP Health Check Scheduler] c:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
mRun: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
mRun: [<NO NAME>]
mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [Adobe Acrobat Speed Launcher] "C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe"
mRun: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe"
mRun: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
mRun: [WirelessAssistant] C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
mRun: [AVG_TRAY] C:\Program Files (x86)\AVG\AVG10\avgtray.exe
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Append to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert link target to existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: {5067A26B-1337-4436-8AFE-EE169C2DA79F} - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
IE: {77BF5300-1474-4EC7-9980-D32B190E9B07} - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~2\OFFICE11\REFIEBAR.DLL
DPF: {0246ECA8-996F-11D1-BE2F-00A0C9037DFE} - hxxp://www.anandabazar.com/wfplayer/tdserver.cab
DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} - hxxp://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.5.0.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {E008A543-CEFB-4559-912F-C27C2B89F13B} - hxxps://domino7.unlv.edu/dwa7W.cab
DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} - hxxps://vpn.umuc.edu/dana-cached/sc/JuniperSetupClient.cab
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG10\avgpp.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
Handler: symres - {AA1061FE-6C41-421f-9344-69640C9732AB} - C:\Program Files (x86)\Norton Internet Security\Engine\16.5.0.135\CoIEPlg.dll
mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "C:\Program Files (x86)\Common Files\LightScribe\LSRunOnce.exe"
BHO-X64: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG10\avgssiea.dll
BHO-X64: WormRadar.com IESiteBlocker.NavFilter - No File
BHO-X64: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
BHO-X64: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5612.1312\swg64.dll
TB-X64: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
TB-X64: {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No File
TB-X64: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -
TB-X64: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File

================= FIREFOX ===================

FF - ProfilePath - C:\Users\Jayanta\AppData\Roaming\Mozilla\Firefox\Profiles\3ydujb0p.default\
FF - prefs.js: browser.startup.homepage - hxxp://mail.google.com/mail/?shva=1#inbox
FF - component: C:\Program Files (x86)\AVG\AVG10\Firefox\components\avgssff.dll
FF - component: c:\program files\real\realplayer\browserrecord\firefox\ext\components\nprpffbrowserrecordext.dll
FF - plugin: C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\real\realplayer\Netscape6\nppl3260.dll
FF - plugin: c:\program files\real\realplayer\Netscape6\nprjplug.dll
FF - plugin: c:\program files\real\realplayer\Netscape6\nprpjplug.dll
FF - plugin: C:\Users\Jayanta\AppData\Local\Google\Update\1.2.183.39\npGoogleOneClick8.dll
FF - plugin: C:\Users\Jayanta\AppData\Roaming\Move Networks\plugins\npqmp071701000002.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF - HiddenExtension: Java Console: No Registry Reference - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}

---- FIREFOX POLICIES ----
C:\Program Files (x86)\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);
C:\Program Files (x86)\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--fiqz9s", true); // Traditional
C:\Program Files (x86)\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--fiqs8s", true); // Simplified
C:\Program Files (x86)\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--j6w193g", true);
C:\Program Files (x86)\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
C:\Program Files (x86)\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4a87g", true);
C:\Program Files (x86)\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbqly7c0a67fbc", true);
C:\Program Files (x86)\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbqly7cvafr", true);
C:\Program Files (x86)\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--kpry57d", true); // Traditional
C:\Program Files (x86)\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--kprw13d", true); // Simplified

============= SERVICES / DRIVERS ===============

R0 AVGIDSEH;AVGIDSEH;C:\Windows\System32\drivers\AVGIDSEH.sys [2010-9-13 27216]
R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\System32\drivers\avgrkx64.sys [2010-9-7 30288]
R0 SymEFA;Symantec Extended File Attributes;C:\Windows\System32\drivers\NISx64\1005000.087\SymEFA64.sys [2009-5-16 402992]
R1 Avgldx64;AVG AVI Loader Driver;C:\Windows\System32\drivers\avgldx64.sys [2010-9-7 305232]
R1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\System32\drivers\avgmfx64.sys [2010-9-7 41040]
R1 Avgtdia;AVG TDI Driver;C:\Windows\System32\drivers\avgtdia.sys [2010-9-7 381008]
R1 BHDrvx64;Symantec Heuristics Driver;C:\Windows\System32\drivers\NISx64\1005000.087\BHDrvx64.sys [2009-5-16 332848]
R1 ccHP;Symantec Hash Provider;C:\Windows\System32\drivers\NISx64\1005000.087\cchpx64.sys [2009-5-16 582704]
R1 IDSVia64;IDSVia64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20090709.001\IDSviA64.sys [2009-7-12 396848]
R2 {55662437-DA8C-40c0-AADA-2C816A897A49};Power Control [2009/03/14 12:44:28];C:\Program Files (x86)\Hewlett-Packard\Media\DVD\000.fcl [2008-11-28 146928]
R2 AESTFilters;Andrea ST Filters Service;C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_bd5387da\AESTSr64.exe [2009-3-14 89088]
R2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe [2010-10-11 6104656]
R2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG10\avgwdsvc.exe [2010-9-10 265400]
R2 hpsrv;HP Service;C:\Windows\System32\hpservice.exe [2008-3-18 23040]
R2 LVPrcS64;Process Monitor;C:\Program Files\Common Files\logishrd\LVMVFM\LVPrcSrv.exe [2009-4-30 190488]
R2 Norton Internet Security;Norton Internet Security;C:\Program Files (x86)\Norton Internet Security\Engine\16.5.0.135\ccSvcHst.exe [2009-5-16 115560]
R2 Recovery Service for Windows;Recovery Service for Windows;C:\Program Files (x86)\SMINST\BLService.exe [2009-1-19 365952]
R2 TVCapSvc;TV Background Capture Service (TVBCS);C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe [2009-2-9 296320]
R2 TVSched;TV Task Scheduler (TVTS);C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe [2009-2-9 116096]
R2 VMCService;Vodafone Mobile Connect Service;C:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe [2008-10-9 14336]
R3 AVGIDSDriver;AVGIDSDriver;C:\Windows\System32\drivers\AVGIDSDriver.sys [2010-8-19 133712]
R3 AVGIDSFilter;AVGIDSFilter;C:\Windows\System32\drivers\AVGIDSFilter.sys [2010-8-19 35920]
R3 Com4QLBEx;Com4QLBEx;C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2009-1-19 222512]
R3 enecir;ENE CIR Receiver;C:\Windows\System32\drivers\enecir.sys [2008-1-24 60928]
R3 LVPr2M64;Logitech LVPr2M64 Driver;C:\Windows\System32\drivers\LVPr2M64.sys [2009-4-30 30232]
R3 SYMNDISV;Symantec Network Filter Driver;C:\Windows\System32\drivers\NISx64\1005000.087\symndisv.sys [2009-5-16 46640]
R3 usbfilter;AMD USB Filter Driver;C:\Windows\System32\drivers\usbfilter.sys [2009-5-10 26168]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S3 FontCache;Windows Font Cache Service;C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-1-20 27648]
S3 JMCR;JMCR;C:\Windows\System32\drivers\jmcr.sys [2008-7-21 145496]
S3 MEMSWEEP2;MEMSWEEP2;C:\Windows\System32\453E.tmp [2010-11-12 6144]
S3 NETw3v64;Intel® PRO/Wireless 3945ABG Adapter Driver for Windows Vista 64 Bit;C:\Windows\System32\drivers\NETw3v64.sys [2008-1-20 3154432]
S3 nosGetPlusHelper;getPlus® Helper 3004;C:\Windows\System32\svchost.exe -k nosGetPlusHelper [2008-1-20 27648]
S3 PerfHost;Performance Counter DLL Host;C:\Windows\SysWOW64\perfhost.exe [2008-1-20 19968]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-3-18 1020768]
S3 yukonx64;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\System32\drivers\yk60x64.sys [2006-11-2 273408]
S4 clr_optimization_v2.0.50727_64;Microsoft .NET Framework NGEN v2.0.50727_X64;C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe [2009-9-17 89920]

=============== File Associations ===============

JSEFile=C:\Windows\SysWOW64\WScript.exe "%1" %*

=============== Created Last 30 ================

2010-11-14 00:41:20 -------- d-----w- C:\Users\Jayanta\AppData\Roaming\Malwarebytes
2010-11-14 00:41:07 38224 ----a-w- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
2010-11-14 00:41:06 24664 ----a-w- C:\Windows\System32\drivers\mbam.sys
2010-11-14 00:41:06 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2010-11-14 00:41:06 -------- d-----w- C:\PROGRA~3\Malwarebytes
2010-11-13 06:47:58 6144 ------w- C:\Windows\System32\453E.tmp
2010-11-13 06:42:41 6144 ------w- C:\Windows\System32\6EEB.tmp
2010-11-13 06:42:25 -------- d-----w- C:\Program Files (x86)\Sophos
2010-11-10 03:11:08 2409784 ----a-w- C:\Program Files\Windows Mail\OESpamFilter.dat
2010-11-10 03:11:08 2409784 ----a-w- C:\Program Files (x86)\Windows Mail\OESpamFilter.dat
2010-11-05 15:04:30 -------- d-----w- C:\Windows\System32\drivers\NSSx64\0207030.022
2010-11-05 15:04:30 -------- d-----w- C:\Windows\System32\drivers\NSSx64
2010-11-05 15:04:30 -------- d-----w- C:\Program Files (x86)\Norton Security Scan
2010-11-04 00:37:16 189520 ----a-w- C:\Windows\SysWow64\drivers\tmcomm.sys
2010-11-02 17:30:54 -------- d-----w- C:\Users\Jayanta\AppData\Local\Apple Computer
2010-11-02 17:19:45 -------- d-----w- C:\Users\Jayanta\AppData\Local\Apple
2010-10-27 05:45:13 411368 ----a-w- C:\Windows\SysWow64\deployJava1.dll
2010-10-27 05:45:13 411368 ----a-w- C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
2010-10-27 02:47:57 1927680 ----a-w- C:\Windows\System32\gameux.dll
2010-10-27 02:47:56 1696256 ----a-w- C:\Windows\SysWow64\gameux.dll
2010-10-27 02:47:54 32256 ----a-w- C:\Windows\System32\Apphlpdm.dll
2010-10-27 02:47:54 28672 ----a-w- C:\Windows\SysWow64\Apphlpdm.dll
2010-10-27 02:47:53 4240384 ----a-w- C:\Windows\SysWow64\GameUXLegacyGDFs.dll
2010-10-27 02:47:53 4240384 ----a-w- C:\Windows\System32\GameUXLegacyGDFs.dll

==================== Find3M ====================

2010-09-13 23:27:46 27216 ----a-w- C:\Windows\System32\drivers\AVGIDSEH.sys
2010-09-13 14:32:37 8147968 ----a-w- C:\Windows\System32\wmploc.DLL
2010-09-13 13:56:41 8147456 ----a-w- C:\Windows\SysWow64\wmploc.DLL
2010-09-08 06:41:05 1147904 ----a-w- C:\Windows\System32\wininet.dll
2010-09-08 06:36:53 56832 ----a-w- C:\Windows\System32\licmgr10.dll
2010-09-08 06:36:38 1538560 ----a-w- C:\Windows\System32\inetcpl.cpl
2010-09-08 06:36:24 132096 ----a-w- C:\Windows\System32\iesysprep.dll
2010-09-08 06:36:23 77312 ----a-w- C:\Windows\System32\iesetup.dll
2010-09-08 06:01:28 916480 ----a-w- C:\Windows\SysWow64\wininet.dll
2010-09-08 05:57:18 43520 ----a-w- C:\Windows\SysWow64\licmgr10.dll
2010-09-08 05:57:05 1469440 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2010-09-08 05:56:53 71680 ----a-w- C:\Windows\SysWow64\iesetup.dll
2010-09-08 05:56:53 109056 ----a-w- C:\Windows\SysWow64\iesysprep.dll
2010-09-08 05:36:07 479232 ----a-w- C:\Windows\System32\html.iec
2010-09-08 05:04:36 385024 ----a-w- C:\Windows\SysWow64\html.iec
2010-09-08 04:51:18 162816 ----a-w- C:\Windows\System32\ieUnatt.exe
2010-09-08 04:49:56 1638912 ----a-w- C:\Windows\System32\mshtml.tlb
2010-09-08 04:26:46 133632 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2010-09-08 04:25:15 1638912 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2010-09-07 10:48:58 381008 ----a-w- C:\Windows\System32\drivers\avgtdia.sys
2010-09-07 10:48:56 41040 ----a-w- C:\Windows\System32\drivers\avgmfx64.sys
2010-09-07 10:48:52 305232 ----a-w- C:\Windows\System32\drivers\avgldx64.sys
2010-09-07 10:48:50 30288 ----a-w- C:\Windows\System32\drivers\avgrkx64.sys
2010-09-06 18:28:38 179712 ----a-w- C:\Windows\System32\srvsvc.dll
2010-09-06 18:28:38 12288 ----a-w- C:\Windows\System32\sscore.dll
2010-09-06 18:27:03 17920 ----a-w- C:\Windows\System32\netevent.dll
2010-09-06 16:20:29 9728 ----a-w- C:\Windows\SysWow64\sscore.dll
2010-09-06 16:19:06 17920 ----a-w- C:\Windows\SysWow64\netevent.dll
2010-09-06 15:34:14 451584 ----a-w- C:\Windows\System32\drivers\srv.sys
2010-09-06 15:33:51 175104 ----a-w- C:\Windows\System32\drivers\srv2.sys
2010-09-06 15:33:49 145920 ----a-w- C:\Windows\System32\drivers\srvnet.sys
2010-08-31 17:27:07 633856 ----a-w- C:\Windows\System32\comctl32.dll
2010-08-31 15:46:37 954752 ----a-w- C:\Windows\SysWow64\mfc40.dll
2010-08-31 15:46:37 954288 ----a-w- C:\Windows\SysWow64\mfc40u.dll
2010-08-31 15:44:31 531968 ----a-w- C:\Windows\SysWow64\comctl32.dll
2010-08-31 14:57:39 2753024 ----a-w- C:\Windows\System32\win32k.sys
2010-08-26 17:46:52 189952 ----a-w- C:\Windows\System32\t2embed.dll
2010-08-26 17:40:08 100352 ----a-w- C:\Windows\apppatch\AppPatch64\acspecfc.dll
2010-08-26 17:40:07 331776 ----a-w- C:\Windows\apppatch\AppPatch64\AcLayers.dll
2010-08-26 17:40:07 284672 ----a-w- C:\Windows\apppatch\AppPatch64\AcGenral.dll
2010-08-26 16:37:45 157184 ----a-w- C:\Windows\SysWow64\t2embed.dll
2010-08-26 16:33:06 173056 ----a-w- C:\Windows\apppatch\AcXtrnal.dll
2010-08-26 16:33:04 542720 ----a-w- C:\Windows\apppatch\AcLayers.dll
2010-08-26 16:33:04 458752 ----a-w- C:\Windows\apppatch\AcSpecfc.dll
2010-08-26 16:33:04 2159616 ----a-w- C:\Windows\apppatch\AcGenral.dll
2010-08-20 16:57:50 1090048 ----a-w- C:\Windows\System32\wmpmde.dll
2010-08-20 16:05:07 867328 ----a-w- C:\Windows\SysWow64\wmpmde.dll
2010-08-20 04:42:38 35920 ----a-w- C:\Windows\System32\drivers\AVGIDSFilter.sys
2010-08-20 04:42:36 133712 ----a-w- C:\Windows\System32\drivers\AVGIDSDriver.sys
2010-08-17 14:54:20 273920 ----a-w- C:\Windows\System32\spoolsv.exe

============= FINISH: 14:35:58.70 ===============

GMER 1.0.15.15530 - http://www.gmer.net
Rootkit scan 2010-11-14 15:56:49
Windows 6.0.6002 Service Pack 2
Running: gmer.exe


---- Registry - GMER 1.0.15 ----

Reg HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\002186bff1e3
Reg HKLM\SYSTEM\ControlSet003\Services\BTHPORT\Parameters\Keys\002186bff1e3 (not active ControlSet)

---- Files - GMER 1.0.15 ----

File C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010006.ci 40960 bytes
File C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010006.dir 4096 bytes
File C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010006.wid 65536 bytes
File C:\Users\Jayanta\AppData\Roaming\Microsoft\Word\~WRD2319.tmp 3523 bytes

---- EOF - GMER 1.0.15 ----

Attached Files



#4 thcbytes

thcbytes

  • Malware Response Team
  • 14,790 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:02 PM

Posted 17 November 2010 - 11:17 PM

Hi and welcome to the Virus/Trojan/Spyware/Malware Removal forum,

I am thcbytes and I am here to help you!

I ask that you refrain from running tools other than those I suggest to you while I am cleaning up your computer. The reason for this is so I know what is going on with the machine at any time. Some programs can interfere with others and hamper the recovery process.

Please perform all steps in the order received and do not proceed if you need clarification.

Please copy and paste all logs into your post unless directed otherwise. Please do not re-run any programs I suggest. If you encounter problems please stop and tell me about it. When your computer is clean I will alert you of such. I will also provide you with detailed suggestions for prevention.

In the upper right hand corner of the topic you will see a button called Watch this topic. Click on this then choose Immediate E-Mail notification and then Proceed then you will be advised by email when I respond to your topic.

After 5 days if your topic is not replied I we assume it has been abandoned and I will close it.

I would also like to inform you that most of us here at Bleeping Computer offer our expert assistance out of the goodness of our hearts. Please be courteous and appreciative for the assistance provided!

Again I would like to remind you to make no further changes to your computer unless I direct you to do so. Your computer fix will be based on the current condition of your computer! Any changes might delay my ability to help you.

==========

  • Please download OTL from one of the following mirrors:
  • Save it to your desktop.
  • Double click on the Posted Image icon on your desktop.


    Change the following settings
    • Change Drivers to All
    • Change Standard Registry to All

  • Copy and Paste the following code into the Posted Image textbox. Do not include the word "Code"


    netsvcs
    msconfig
    safebootminimal
    safebootnetwork
    activex
    drivers32
    %ALLUSERSPROFILE%\Application Data\*.
    %ALLUSERSPROFILE%\Application Data\*.exe /s
    %APPDATA%\*.
    %APPDATA%\*.exe /s
    %SYSTEMDRIVE%\*.exe
    /md5start
    explorer.exe
    winlogon.exe
    userinit.exe
    eventlog.dll
    scecli.dll
    netlogon.dll
    cngaudit.dll
    sceclt.dll
    ntelogon.dll
    logevent.dll
    iaStor.sys
    nvstor.sys
    atapi.sys
    IdeChnDr.sys
    viasraid.sys
    AGP440.sys
    vaxscsi.sys
    nvatabus.sys
    viamraid.sys
    nvata.sys
    nvgts.sys
    iastorv.sys
    ViPrt.sys
    eNetHook.dll
    ahcix86.sys
    KR10N.sys
    nvstor32.sys
    ahcix86s.sys
    /md5stop
    %systemroot%\system32\drivers\*.sys /lockedfiles
    %systemroot%\System32\config\*.sav
    %systemroot%\*. /mp /s
    %systemroot%\system32\*.dll /lockedfiles
    %systemroot%\system32\drivers\*.sys /90
    CREATERESTOREPOINT
  • Push Posted Image
  • A report will open. Copy and Paste that report in your next reply.
  • Two reports will open, copy and paste them in a reply here:
    • OTListIt.txt <-- Will be opened
    • Extra.txt <-- Will be minimized

==========

Scan With RKUnHooker

  • Please download http://www.kernelmode.info/ARKs/RkU3.8.388.590.rar
  • Save it to your desktop.
  • Double-click it and unzip the exe.
  • Next double click RKU.exe contained within the zipped folder.
  • Click the Reporttab and then click Scan.
  • Check Drivers & Stealth and Uncheck the rest then Click OK.
  • Wait till the scanner has finished and then click File --> Save Report.
  • Save the report to your desktop and click Close.
Copy the entire contents of the report and paste it in a reply here.

Note** you may get this warning it is ok, just ignore it

"Rootkit Unhooker has detected a parasite inside itself!
It is recommended to remove parasite, okay?"


==========

Please download MBRCheck to your desktop
  • Double click MBRCheck.exe to run (With Vista and Win 7 right click and select Run as Administrator)
  • It will show a Black screen with some data on it
  • A log named MBRcheck will be on your desktop
  • Copy and paste that log in your next reply

==========

With your next post please provide:

  • OTL.txt
  • Extra.txt
  • RKU log
  • MbrCheck log
  • You will likely need to post the logs over several posts.

Please note that I will be unavailable from Friday until Sunday.

Kind regards,
thcbytes
Proud member - Unified Network of Instructors and Trained Eliminators
Posted Image

I do not accept personal donations for assistance provided. I would ask that you instead consider donating the greatest gift - Organ Donation. Your organs are of no use to you when your gone. You will save a life that would otherwise be lost!

http://donatelife.net/register-now/

#5 Jaynev

Jaynev
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:09:02 PM

Posted 19 November 2010 - 04:51 PM

Hello Thcbytes,

Thanks for your reply.

I was able to run OTL and MBRCheck. However when I tried to run RKU, it said there was an error. Once the error was "Error loading driver, NTSTATUS code: C000036B" and on trying again I got the error "Error loading driver, NTSTATUS code: 0xC000036B".

The logs for OTL and MBRCheck are pasted below and following posts.

Regards,

JN

OTL logfile created on: 11/18/2010 10:05:43 AM - Run 1
OTL by OldTimer - Version 3.2.17.3 Folder = C:\Users\Jayanta\Desktop
64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18975)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

4.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 40.00% Memory free
8.00 Gb Paging File | 6.00 Gb Available in Paging File | 71.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 285.00 Gb Total Space | 19.44 Gb Free Space | 6.82% Space Free | Partition Type: NTFS
Drive D: | 13.08 Gb Total Space | 2.04 Gb Free Space | 15.57% Space Free | Partition Type: NTFS

Computer Name: EVERMORE | User Name: Jayanta | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2010/11/18 09:45:16 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Jayanta\Desktop\OTL.exe
PRC - [2010/10/28 12:21:14 | 000,016,856 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
PRC - [2010/10/28 12:21:13 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2010/10/11 11:58:12 | 006,104,656 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
PRC - [2010/10/11 11:58:12 | 000,725,072 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSMonitor.exe
PRC - [2010/09/15 04:29:10 | 002,745,696 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG10\avgtray.exe
PRC - [2010/09/10 00:45:22 | 000,265,400 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG10\avgwdsvc.exe
PRC - [2010/04/12 14:46:36 | 001,135,912 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
PRC - [2010/04/03 15:44:26 | 000,640,440 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrotray.exe
PRC - [2010/02/18 10:43:20 | 000,490,728 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
PRC - [2009/05/11 15:30:18 | 000,039,408 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
PRC - [2009/04/30 15:01:12 | 000,125,464 | ---- | M] (Logitech Inc.) -- C:\Program Files (x86)\Common Files\LogiShrd\LVMVFM\LVPrS64H.exe
PRC - [2009/03/12 00:42:35 | 000,115,560 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton Internet Security\Engine\16.5.0.135\ccSvcHst.exe
PRC - [2009/02/09 17:14:02 | 000,296,320 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe
PRC - [2009/02/09 17:14:02 | 000,116,096 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe
PRC - [2008/12/02 18:28:22 | 000,365,952 | ---- | M] () -- C:\Program Files (x86)\SMINST\BLService.exe
PRC - [2008/11/21 00:33:32 | 000,431,472 | ---- | M] (Juniper Networks) -- C:\Program Files (x86)\Juniper Networks\Common Files\dsNcService.exe
PRC - [2008/10/09 14:32:56 | 000,014,336 | ---- | M] (Vodafone) -- C:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe


========== Modules (SafeList) ==========

MOD - [2010/11/18 09:45:16 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Jayanta\Desktop\OTL.exe
MOD - [2010/08/31 07:43:52 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll
MOD - [2009/04/10 22:28:21 | 002,241,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msi.dll
MOD - [2008/01/20 18:49:15 | 000,038,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\sfc_os.dll
MOD - [2006/11/02 01:46:13 | 000,004,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\sfc.dll
MOD - [2006/11/02 01:46:07 | 000,015,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msiltcfg.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2009/04/30 15:01:00 | 000,190,488 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe -- (LVPrcS64)
SRV:64bit: - [2008/12/10 06:04:58 | 000,935,424 | ---- | M] (ATI Technologies Inc.) [Auto | Running] -- C:\Windows\SysNative\Ati2evxx.exe -- (Ati External Event Utility)
SRV:64bit: - [2008/09/26 11:13:54 | 000,279,040 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_bd5387da\STacSV64.exe -- (STacSV)
SRV:64bit: - [2008/09/26 11:13:24 | 000,089,088 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_bd5387da\AESTSr64.exe -- (AESTFilters)
SRV:64bit: - [2008/03/18 15:25:40 | 000,023,040 | ---- | M] (Hewlett-Packard Corporation) [Auto | Running] -- C:\Windows\SysNative\Hpservice.exe -- (hpsrv)
SRV:64bit: - [2008/01/20 18:47:32 | 000,383,544 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2007/12/11 11:11:30 | 000,015,872 | ---- | M] (Agere Systems) [Auto | Running] -- C:\Windows\SysNative\agr64svc.exe -- (AgereModemAudio)
SRV:64bit: - [2006/07/13 10:06:18 | 000,546,304 | ---- | M] ( ) [Auto | Running] -- C:\Windows\SysNative\lxctcoms.exe -- (lxct_device)
SRV - [2010/10/11 11:58:12 | 006,104,656 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe -- (AVGIDSAgent)
SRV - [2010/09/10 00:45:22 | 000,265,400 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG10\avgwdsvc.exe -- (avgwd)
SRV - [2010/07/26 15:01:58 | 000,066,112 | ---- | M] (NOS Microsystems Ltd.) [On_Demand | Stopped] -- C:\Program Files (x86)\NOS\bin\getPlus_Helper_3004.dll -- (nosGetPlusHelper) getPlus®
SRV - [2010/03/18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/11/12 11:16:14 | 000,651,720 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2009/03/29 20:42:14 | 000,066,368 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009/03/12 00:42:35 | 000,115,560 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Norton Internet Security\Engine\16.5.0.135\ccSvcHst.exe -- (Norton Internet Security)
SRV - [2009/02/09 17:14:02 | 000,296,320 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe -- (TVCapSvc) TV Background Capture Service (TVBCS)
SRV - [2009/02/09 17:14:02 | 000,116,096 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe -- (TVSched) TV Task Scheduler (TVTS)
SRV - [2008/12/02 18:28:22 | 000,365,952 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\SMINST\BLService.exe -- (Recovery Service for Windows)
SRV - [2008/11/21 00:33:32 | 000,431,472 | ---- | M] (Juniper Networks) [Auto | Running] -- C:\Program Files (x86)\Juniper Networks\Common Files\dsNcService.exe -- (dsNcService)
SRV - [2008/10/09 14:32:56 | 000,014,336 | ---- | M] (Vodafone) [Auto | Running] -- C:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe -- (VMCService)
SRV - [2006/07/13 09:27:16 | 000,528,384 | ---- | M] ( ) [Auto | Running] -- C:\Windows\SysWow64\lxctcoms.exe -- (lxct_device)


========== Driver Services (All) ==========

DRV:64bit: - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NISx64\1000000.07D\SYMREDRV.SYS -- (SYMREDRV)
DRV:64bit: - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NISx64\1000000.07D\SYMDNS.SYS -- (SYMDNS)
DRV:64bit: - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV:64bit: - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV:64bit: - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\ipinip.sys -- (IpInIp)
DRV:64bit: - [2010/09/13 15:27:46 | 000,027,216 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\Windows\SysNative\DRIVERS\AVGIDSEH.Sys -- (AVGIDSEH)
DRV:64bit: - [2010/09/07 02:48:58 | 000,381,008 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\DRIVERS\avgtdia.sys -- (Avgtdia)
DRV:64bit: - [2010/09/07 02:48:56 | 000,041,040 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\DRIVERS\avgmfx64.sys -- (Avgmfx64)
DRV:64bit: - [2010/09/07 02:48:52 | 000,305,232 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\DRIVERS\avgldx64.sys -- (Avgldx64)
DRV:64bit: - [2010/09/07 02:48:50 | 000,030,288 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\DRIVERS\avgrkx64.sys -- (Avgrkx64)
DRV:64bit: - [2010/09/06 07:34:14 | 000,451,584 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\srv.sys -- (srv)
DRV:64bit: - [2010/09/06 07:33:51 | 000,175,104 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\srv2.sys -- (srv2)
DRV:64bit: - [2010/09/06 07:33:49 | 000,145,920 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\srvnet.sys -- (srvnet)
DRV:64bit: - [2010/08/19 20:42:38 | 000,035,920 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\AVGIDSFilter.Sys -- (AVGIDSFilter)
DRV:64bit: - [2010/08/19 20:42:36 | 000,133,712 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\AVGIDSDriver.Sys -- (AVGIDSDriver)
DRV:64bit: - [2010/06/16 09:11:35 | 001,426,816 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\tcpip.sys -- (Tcpip6)
DRV:64bit: - [2010/06/16 09:11:35 | 001,426,816 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\tcpip.sys -- (Tcpip)
DRV:64bit: - [2010/05/26 10:39:08 | 000,006,144 | ---- | M] (Sophos Plc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\453E.tmp -- (MEMSWEEP2)
DRV:64bit: - [2010/02/23 03:32:23 | 000,135,680 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\mrxsmb.sys -- (mrxsmb)
DRV:64bit: - [2010/02/23 03:32:21 | 000,273,920 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\mrxsmb10.sys -- (mrxsmb10)
DRV:64bit: - [2010/02/23 03:32:20 | 000,106,496 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\mrxsmb20.sys -- (mrxsmb20)
DRV:64bit: - [2010/02/20 13:30:08 | 000,620,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HTTP.sys -- (HTTP)
DRV:64bit: - [2010/02/18 03:59:46 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\tunnel.sys -- (tunnel)
DRV:64bit: - [2009/12/08 09:55:32 | 000,040,448 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\tcpipreg.sys -- (tcpipreg)
DRV:64bit: - [2009/09/30 16:51:42 | 000,046,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\wpdusb.sys -- (WpdUsb)
DRV:64bit: - [2009/09/24 17:27:18 | 000,893,440 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\dxgkrnl.sys -- (DXGKrnl)
DRV:64bit: - [2009/06/15 22:00:45 | 000,515,656 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\ksecdd.sys -- (KSecDD)
DRV:64bit: - [2009/05/16 03:46:41 | 000,172,080 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\SYMEVENT64x86.SYS -- (SymEvent)
DRV:64bit: - [2009/05/16 03:45:59 | 000,582,704 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\NISx64\1005000.087\ccHPx64.sys -- (ccHP)
DRV:64bit: - [2009/05/16 03:45:59 | 000,332,848 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1005000.087\BHDrvx64.sys -- (BHDrvx64)
DRV:64bit: - [2009/04/30 21:55:58 | 002,755,096 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\LV302V64.SYS -- (PID_PEPI) Logitech QuickCam IM(PID_PEPI)
DRV:64bit: - [2009/04/30 14:59:48 | 000,030,232 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\LVPr2M64.sys -- (LVPr2Mon)
DRV:64bit: - [2009/04/30 14:59:48 | 000,030,232 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\LVPr2M64.sys -- (LVPr2M64)
DRV:64bit: - [2009/04/10 23:15:53 | 000,067,048 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\volmgr.sys -- (volmgr)
DRV:64bit: - [2009/04/10 23:15:53 | 000,062,440 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\DRIVERS\termdd.sys -- (TermDD)
DRV:64bit: - [2009/04/10 23:15:52 | 000,408,024 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\volmgrx.sys -- (volmgrx)
DRV:64bit: - [2009/04/10 23:15:45 | 000,269,288 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\volsnap.sys -- (volsnap)
DRV:64bit: - [2009/04/10 23:15:34 | 000,738,264 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\ndis.sys -- (NDIS)
DRV:64bit: - [2009/04/10 23:15:33 | 000,361,448 | ---- | M] (Microsoft Corporation) [Kernel | Unknown | Running] -- C:\Windows\SysNative\CLFS.sys -- (CLFS) Common Log (CLFS)
DRV:64bit: - [2009/04/10 23:15:32 | 000,325,608 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\acpi.sys -- (ACPI)
DRV:64bit: - [2009/04/10 23:15:32 | 000,275,432 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\fltmgr.sys -- (FltMgr)
DRV:64bit: - [2009/04/10 23:15:31 | 000,215,528 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\msiscsi.sys -- (iScsiPrt)
DRV:64bit: - [2009/04/10 23:15:31 | 000,178,664 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\pci.sys -- (pci)
DRV:64bit: - [2009/04/10 23:15:30 | 000,155,112 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\ecache.sys -- (Ecache)
DRV:64bit: - [2009/04/10 23:15:25 | 000,073,176 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\partmgr.sys -- (partmgr)
DRV:64bit: - [2009/04/10 23:15:25 | 000,067,032 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\disk.sys -- (disk)
DRV:64bit: - [2009/04/10 23:15:24 | 000,059,880 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\Drivers\mup.sys -- (Mup)
DRV:64bit: - [2009/04/10 23:15:21 | 000,029,656 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\msahci.sys -- (msahci)
DRV:64bit: - [2009/04/10 23:15:00 | 000,020,952 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\atapi.sys -- (atapi)
DRV:64bit: - [2009/04/10 23:14:59 | 000,014,312 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\pciide.sys -- (pciide)
DRV:64bit: - [2009/04/10 21:44:24 | 000,406,016 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\afd.sys -- (AFD)
DRV:64bit: - [2009/04/10 21:43:46 | 000,078,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\rassstp.sys -- (RasSstp) WAN Miniport (SSTP)
DRV:64bit: - [2009/04/10 21:43:40 | 000,169,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\ndiswan.sys -- (NdisWan)
DRV:64bit: - [2009/04/10 21:43:39 | 000,098,816 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\raspptp.sys -- (PptpMiniport) WAN Miniport (PPTP)
DRV:64bit: - [2009/04/10 21:43:39 | 000,086,528 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\DRIVERS\wanarp.sys -- (Wanarpv6)
DRV:64bit: - [2009/04/10 21:43:39 | 000,086,528 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\wanarp.sys -- (Wanarp)
DRV:64bit: - [2009/04/10 21:43:38 | 000,124,928 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\rasl2tp.sys -- (Rasl2tp) WAN Miniport (L2TP)
DRV:64bit: - [2009/04/10 21:43:33 | 000,050,176 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\raspppoe.sys -- (RasPppoe)
DRV:64bit: - [2009/04/10 21:43:27 | 000,067,584 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\ipfltdrv.sys -- (IpFilterDriver)
DRV:64bit: - [2009/04/10 21:43:00 | 000,094,720 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\DRIVERS\tdx.sys -- (tdx)
DRV:64bit: - [2009/04/10 21:42:56 | 000,094,208 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\DRIVERS\pacer.sys -- (PSched)
DRV:64bit: - [2009/04/10 21:42:33 | 000,248,320 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\DRIVERS\netbt.sys -- (netbt)
DRV:64bit: - [2009/04/10 21:42:19 | 000,088,064 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\DRIVERS\smb.sys -- (Smb) Message-oriented TCP/IP and TCP/IPv6 Protocol (SMB session)
DRV:64bit: - [2009/04/10 21:40:20 | 000,187,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\nwifi.sys -- (NativeWifiP)
DRV:64bit: - [2009/04/10 21:39:52 | 000,273,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\usbhub.sys -- (usbhub)
DRV:64bit: - [2009/04/10 21:39:51 | 000,275,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HdAudio.sys -- (HdAudAddService)
DRV:64bit: - [2009/04/10 21:39:41 | 000,948,736 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\HDAudBus.sys -- (HDAudBus)
DRV:64bit: - [2009/04/10 21:39:38 | 000,077,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\USBSTOR.SYS -- (USBSTOR)
DRV:64bit: - [2009/04/10 21:39:36 | 000,049,664 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\usbehci.sys -- (usbehci)
DRV:64bit: - [2009/04/10 21:39:36 | 000,024,064 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\usbohci.sys -- (usbohci)
DRV:64bit: - [2009/04/10 21:39:34 | 000,098,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaudio.sys -- (usbaudio) USB Audio Driver (WDM)
DRV:64bit: - [2009/04/10 21:34:39 | 000,079,872 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\DRIVERS\cdrom.sys -- (cdrom)
DRV:64bit: - [2009/04/10 21:33:40 | 000,022,528 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\DRIVERS\kbdhid.sys -- (kbdhid)
DRV:64bit: - [2009/04/10 20:55:42 | 000,139,264 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mrxdav.sys -- (MRxDAV)
DRV:64bit: - [2009/04/10 20:55:24 | 000,287,744 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\Windows\SysNative\DRIVERS\rdbss.sys -- (rdbss)
DRV:64bit: - [2009/04/10 20:54:44 | 000,097,792 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\Windows\SysNative\Drivers\dfsc.sys -- (DfsC)
DRV:64bit: - [2009/04/10 20:54:21 | 000,299,008 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\Windows\SysNative\DRIVERS\udfs.sys -- (udfs)
DRV:64bit: - [2009/03/12 00:43:27 | 000,476,720 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\NISx64\1005000.087\SRTSP64.SYS -- (SRTSP)
DRV:64bit: - [2009/03/12 00:43:27 | 000,402,992 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\NISx64\1005000.087\SYMEFA64.SYS -- (SymEFA)
DRV:64bit: - [2009/03/12 00:43:27 | 000,310,320 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\NISx64\1005000.087\SYMTDI.SYS -- (SYMTDI)
DRV:64bit: - [2009/03/12 00:43:27 | 000,138,288 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\NISx64\1005000.087\SYMFW.SYS -- (SYMFW)
DRV:64bit: - [2009/03/12 00:43:27 | 000,046,640 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\NISx64\1005000.087\SYMNDISV.SYS -- (SYMNDISV)
DRV:64bit: - [2009/03/12 00:43:27 | 000,032,816 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\DRIVERS\SymIMv.sys -- (SymIM)
DRV:64bit: - [2009/03/12 00:43:27 | 000,032,304 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1005000.087\SRTSPX64.SYS -- (SRTSPX) Symantec Real Time Storage Protection (PEL)
DRV:64bit: - [2009/01/19 21:18:21 | 000,020,536 | ---- | M] (VIA Technologies, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\viaide.sys -- (viaide)
DRV:64bit: - [2009/01/19 21:18:21 | 000,020,536 | ---- | M] (CMD Technology, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\cmdide.sys -- (cmdide)
DRV:64bit: - [2009/01/19 21:18:21 | 000,019,512 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\intelide.sys -- (intelide)
DRV:64bit: - [2009/01/19 21:18:21 | 000,018,488 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdide.sys -- (amdide)
DRV:64bit: - [2009/01/19 21:18:21 | 000,018,488 | ---- | M] (Acer Laboratories Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aliide.sys -- (aliide)
DRV:64bit: - [2009/01/19 20:57:37 | 000,694,784 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\BTHport.sys -- (BTHPORT)
DRV:64bit: - [2009/01/19 20:57:37 | 000,178,688 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\rfcomm.sys -- (RFCOMM) Bluetooth Device (RFCOMM Protocol TDI)
DRV:64bit: - [2009/01/19 20:57:37 | 000,035,840 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\BTHUSB.sys -- (BTHUSB)
DRV:64bit: - [2009/01/19 20:57:37 | 000,026,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\BthEnum.sys -- (BthEnum)
DRV:64bit: - [2009/01/19 20:57:37 | 000,026,112 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\hidir.sys -- (HidIr)
DRV:64bit: - [2009/01/19 20:57:37 | 000,015,872 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\hidusb.sys -- (HidUsb)
DRV:64bit: - [2009/01/09 15:02:08 | 000,031,744 | ---- | M] (Research in Motion Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\RimSerial_AMD64.sys -- (RimVSerPort)
DRV:64bit: - [2008/12/10 07:31:26 | 004,993,024 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\atikmdag.sys -- (atikmdag)
DRV:64bit: - [2008/11/21 00:15:54 | 000,029,184 | ---- | M] (Juniper Networks) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\dsNcAdX64.sys -- (dsNcAdpt)
DRV:64bit: - [2008/10/27 16:40:02 | 001,164,288 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\athrx.sys -- (athr)
DRV:64bit: - [2008/09/26 11:14:14 | 000,465,408 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\stwrt64.sys -- (STHDA)
DRV:64bit: - [2008/07/21 02:53:04 | 000,145,496 | ---- | M] (JMicron Technology Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\jmcr.sys -- (JMCR)
DRV:64bit: - [2008/07/04 13:33:32 | 000,115,072 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\ewusbmdm.sys -- (hwdatacard)
DRV:64bit: - [2008/05/28 16:54:18 | 000,026,168 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\usbfilter.sys -- (usbfilter)
DRV:64bit: - [2008/05/20 18:33:36 | 000,028,416 | ---- | M] (Research In Motion Limited) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\RimUsb_AMD64.sys -- (RimUsb)
DRV:64bit: - [2008/04/27 21:25:06 | 000,016,400 | ---- | M] (ATI Technologies Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\DRIVERS\AtiPcie.sys -- (AtiPcie) ATI PCI Express (3GIO)
DRV:64bit: - [2008/03/27 11:10:56 | 000,026,984 | ---- | M] (Hewlett-Packard Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\DRIVERS\hpdskflt.sys -- (hpdskflt)
DRV:64bit: - [2008/03/27 11:10:14 | 000,040,296 | ---- | M] (Hewlett-Packard Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\Accelerometer.sys -- (Accelerometer)
DRV:64bit: - [2008/02/29 14:59:32 | 001,252,352 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\agrsm64.sys -- (AgereSoftModem)
DRV:64bit: - [2008/02/14 06:56:14 | 000,160,768 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\Rtlh64.sys -- (RTL8169)
DRV:64bit: - [2008/01/24 05:24:24 | 000,060,928 | ---- | M] (ENE TECHNOLOGY INC.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\enecir.sys -- (enecir)
DRV:64bit: - [2008/01/20 18:51:14 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tdtcp.sys -- (TDTCP)
DRV:64bit: - [2008/01/20 18:51:14 | 000,016,384 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tdpipe.sys -- (TDPIPE)
DRV:64bit: - [2008/01/20 18:51:07 | 000,007,168 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\DRIVERS\RDPCDD.sys -- (RDPCDD)
DRV:64bit: - [2008/01/20 18:51:01 | 000,022,016 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\asyncmac.sys -- (AsyncMac)
DRV:64bit: - [2008/01/20 18:50:59 | 000,070,200 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\fileinfo.sys -- (FileInfo)
DRV:64bit: - [2008/01/20 18:50:45 | 000,090,624 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\bowser.sys -- (bowser)
DRV:64bit: - [2008/01/20 18:50:45 | 000,017,408 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\irenum.sys -- (IRENUM)
DRV:64bit: - [2008/01/20 18:50:39 | 000,881,720 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\Wdf01000.sys -- (Wdf01000)
DRV:64bit: - [2008/01/20 18:50:39 | 000,090,624 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Running] -- C:\Windows\SysNative\DRIVERS\cdfs.sys -- (cdfs)
DRV:64bit: - [2008/01/20 18:50:25 | 000,070,200 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mountmgr.sys -- (MountMgr)
DRV:64bit: - [2008/01/20 18:50:10 | 000,029,184 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\tssecsrv.sys -- (tssecsrv)
DRV:64bit: - [2008/01/20 18:50:09 | 000,108,544 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\WUDFRd.sys -- (WUDFRd)
DRV:64bit: - [2008/01/20 18:50:04 | 000,040,448 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\modem.sys -- (Modem)
DRV:64bit: - [2008/01/20 18:49:58 | 000,022,016 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\ndisuio.sys -- (Ndisuio)
DRV:64bit: - [2008/01/20 18:49:52 | 000,011,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\MSKSSRV.sys -- (MSKSSRV)
DRV:64bit: - [2008/01/20 18:49:52 | 000,007,936 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\MSTEE.sys -- (MSTEE)
DRV:64bit: - [2008/01/20 18:49:51 | 000,028,672 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vga.sys -- (VgaSave)
DRV:64bit: - [2008/01/20 18:49:48 | 000,007,168 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\rdpencdd.sys -- (RDPENCDD)
DRV:64bit: - [2008/01/20 18:49:47 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\RootMdm.sys -- (ROOTMODEM)
DRV:64bit: - [2008/01/20 18:49:42 | 000,081,408 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mpsdrv.sys -- (mpsdrv)
DRV:64bit: - [2008/01/20 18:49:42 | 000,024,064 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\nsiproxy.sys -- (nsiproxy)
DRV:64bit: - [2008/01/20 18:49:42 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\ws2ifsl.sys -- (ws2ifsl)
DRV:64bit: - [2008/01/20 18:49:16 | 000,109,568 | ---- | M] (Microsoft Corporation) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\luafv.sys -- (luafv)
DRV:64bit: - [2008/01/20 18:49:15 | 000,075,776 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\DRIVERS\rspndr.sys -- (rspndr)
DRV:64bit: - [2008/01/20 18:49:15 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\DRIVERS\lltdio.sys -- (lltdio)
DRV:64bit: - [2008/01/20 18:49:00 | 000,020,864 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ksthunk.sys -- (ksthunk)
DRV:64bit: - [2008/01/20 18:48:45 | 000,115,712 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\ipnat.sys -- (IPNAT)
DRV:64bit: - [2008/01/20 18:48:45 | 000,024,064 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\ndistapi.sys -- (NdisTapi)
DRV:64bit: - [2008/01/20 18:48:45 | 000,018,432 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\tunmp.sys -- (tunmp)
DRV:64bit: - [2008/01/20 18:48:28 | 000,033,280 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\filetrace.sys -- (Filetrace)
DRV:64bit: - [2008/01/20 18:48:27 | 000,044,544 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\Windows\SysNative\DRIVERS\netbios.sys -- (NetBIOS)
DRV:64bit: - [2008/01/20 18:48:24 | 000,014,848 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\DRIVERS\rasacd.sys -- (RasAcd)
DRV:64bit: - [2008/01/20 18:47:30 | 000,046,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\qwavedrv.sys -- (QWAVEdrv)
DRV:64bit: - [2008/01/20 18:47:28 | 000,076,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ipmidrv.sys -- (IPMIDRV)
DRV:64bit: - [2008/01/20 18:47:28 | 000,035,896 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\i2omp.sys -- (i2omp)
DRV:64bit: - [2008/01/20 18:47:27 | 000,185,912 | ---- | M] (Adaptec, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\adpu320.sys -- (adpu320)
DRV:64bit: - [2008/01/20 18:47:27 | 000,168,704 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\usbvideo.sys -- (usbvideo) USB Video Device (WDM)
DRV:64bit: - [2008/01/20 18:47:27 | 000,042,040 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\DRIVERS\kbdclass.sys -- (kbdclass)
DRV:64bit: - [2008/01/20 18:47:27 | 000,024,120 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\wd.sys -- (Wd)
DRV:64bit: - [2008/01/20 18:47:26 | 000,128,056 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mpio.sys -- (mpio)
DRV:64bit: - [2008/01/20 18:47:26 | 000,078,392 | ---- | M] (Silicon Integrated Systems) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sisraid4.sys -- (SiSRaid4)
DRV:64bit: - [2008/01/20 18:47:25 | 000,149,048 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\vsmraid.sys -- (vsmraid)
DRV:64bit: - [2008/01/20 18:47:25 | 000,041,984 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\usbscan.sys -- (usbscan)
DRV:64bit: - [2008/01/20 18:47:25 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\fdc.sys -- (fdc)
DRV:64bit: - [2008/01/20 18:47:25 | 000,029,184 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\usbuhci.sys -- (usbuhci)
DRV:64bit: - [2008/01/20 18:47:04 | 000,113,720 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\msdsm.sys -- (msdsm)
DRV:64bit: - [2008/01/20 18:47:04 | 000,055,296 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\blbdrive.sys -- (blbdrive)
DRV:64bit: - [2008/01/20 18:47:03 | 000,041,984 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\circlass.sys -- (circlass)
DRV:64bit: - [2008/01/20 18:47:02 | 000,115,712 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\bthpan.sys -- (BthPan) Bluetooth Device (Personal Area Network)
DRV:64bit: - [2008/01/20 18:47:01 | 000,113,720 | ---- | M] (LSI Logic) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\lsi_scsi.sys -- (LSI_SCSI)
DRV:64bit: - [2008/01/20 18:47:01 | 000,095,744 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\usbccgp.sys -- (usbccgp)
DRV:64bit: - [2008/01/20 18:47:00 | 000,091,192 | ---- | M] (Adaptec, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\arcsas.sys -- (arcsas)
DRV:64bit: - [2008/01/20 18:47:00 | 000,049,152 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\monitor.sys -- (monitor)
DRV:64bit: - [2008/01/20 18:47:00 | 000,029,184 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\vgapnp.sys -- (vga)
DRV:64bit: - [2008/01/20 18:47:00 | 000,014,848 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sffdisk.sys -- (sffdisk)
DRV:64bit: - [2008/01/20 18:47:00 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sffp_mmc.sys -- (sffp_mmc)
DRV:64bit: - [2008/01/20 18:47:00 | 000,013,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sffp_sd.sys -- (sffp_sd)
DRV:64bit: - [2008/01/20 18:46:59 | 000,397,368 | ---- | M] (Emulex) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\elxstor.sys -- (elxstor)
DRV:64bit: - [2008/01/20 18:46:59 | 000,290,872 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iastorv.sys -- (iaStorV)
DRV:64bit: - [2008/01/20 18:46:59 | 000,068,152 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\gagp30kx.sys -- (gagp30kx)
DRV:64bit: - [2008/01/20 18:46:59 | 000,067,128 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uagp35.sys -- (uagp35)
DRV:64bit: - [2008/01/20 18:46:59 | 000,064,000 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\DRIVERS\i8042prt.sys -- (i8042prt)
DRV:64bit: - [2008/01/20 18:46:59 | 000,047,672 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\hpcisss.sys -- (HpCISSs)
DRV:64bit: - [2008/01/20 18:46:59 | 000,039,992 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\DRIVERS\mouclass.sys -- (mouclass)
DRV:64bit: - [2008/01/20 18:46:59 | 000,035,896 | ---- | M] (LSI Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\megasas.sys -- (megasas)
DRV:64bit: - [2008/01/20 18:46:59 | 000,026,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sermouse.sys -- (sermouse)
DRV:64bit: - [2008/01/20 18:46:59 | 000,024,064 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\usbprint.sys -- (usbprint)
DRV:64bit: - [2008/01/20 18:46:59 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\mouhid.sys -- (mouhid)
DRV:64bit: - [2008/01/20 18:46:57 | 003,154,432 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\NETw3v64.sys -- (NETw3v64) Intel®
DRV:64bit: - [2008/01/20 18:46:56 | 000,438,328 | ---- | M] (LSI Corporation, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\megasr.sys -- (MegaSR)
DRV:64bit: - [2008/01/20 18:46:56 | 000,284,728 | ---- | M] (ULi Electronics Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\uliahci.sys -- (uliahci)
DRV:64bit: - [2008/01/20 18:46:56 | 000,146,176 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\E1G6032E.sys -- (E1G60) Intel®
DRV:64bit: - [2008/01/20 18:46:56 | 000,105,016 | ---- | M] (LSI Logic) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\lsi_sas.sys -- (LSI_SAS)
DRV:64bit: - [2008/01/20 18:46:56 | 000,045,624 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sisraid2.sys -- (SiSRaid2)
DRV:64bit: - [2008/01/20 18:46:55 | 000,111,104 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\sdbus.sys -- (sdbus)
DRV:64bit: - [2008/01/20 18:46:55 | 000,024,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\flpydisk.sys -- (flpydisk)
DRV:64bit: - [2008/01/20 18:46:54 | 000,342,584 | ---- | M] (Adaptec, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\adpahci.sys -- (adpahci)
DRV:64bit: - [2008/01/20 18:46:54 | 000,128,056 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\nvraid.sys -- (nvraid)
DRV:64bit: - [2008/01/20 18:46:54 | 000,126,520 | ---- | M] (Adaptec, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\adpu160m.sys -- (adpu160m)
DRV:64bit: - [2008/01/20 18:46:54 | 000,072,192 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\ohci1394.sys -- (ohci1394)
DRV:64bit: - [2008/01/20 18:46:54 | 000,054,328 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\nvstor.sys -- (nvstor)
DRV:64bit: - [2008/01/20 18:46:54 | 000,041,984 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\umbus.sys -- (umbus)
DRV:64bit: - [2008/01/20 18:46:53 | 000,486,456 | ---- | M] (Adaptec, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\adp94xx.sys -- (adp94xx)
DRV:64bit: - [2008/01/20 18:46:52 | 001,221,176 | ---- | M] (QLogic Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\ql2300.sys -- (ql2300)
DRV:64bit: - [2008/01/20 18:46:52 | 000,174,696 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\ulsata2.sys -- (ulsata2)
DRV:64bit: - [2008/01/20 18:46:52 | 000,090,680 | ---- | M] (Adaptec, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\arc.sys -- (arc)
DRV:64bit: - [2008/01/20 18:46:52 | 000,027,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\crcdisk.sys -- (crcdisk)
DRV:64bit: - [2008/01/20 18:46:51 | 000,314,368 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpdr.sys -- (rdpdr)
DRV:64bit: - [2008/01/20 18:46:51 | 000,126,520 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nv_agp.sys -- (nv_agp)
DRV:64bit: - [2008/01/20 18:46:51 | 000,113,720 | ---- | M] (LSI Logic) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\lsi_fc.sys -- (LSI_FC)
DRV:64bit: - [2008/01/20 18:46:51 | 000,068,152 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uliagpkx.sys -- (uliagpkx)
DRV:64bit: - [2008/01/20 18:46:51 | 000,064,568 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\agp440.sys -- (agp440)
DRV:64bit: - [2008/01/20 18:46:51 | 000,050,688 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdk8.sys -- (AmdK8)
DRV:64bit: - [2008/01/20 18:46:51 | 000,048,128 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\intelppm.sys -- (intelppm)
DRV:64bit: - [2008/01/20 18:46:51 | 000,047,104 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\processr.sys -- (Processor)
DRV:64bit: - [2008/01/20 18:46:51 | 000,034,872 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\mssmbios.sys -- (mssmbios)
DRV:64bit: - [2008/01/20 18:46:51 | 000,023,608 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\isapnp.sys -- (isapnp)
DRV:64bit: - [2008/01/20 18:46:51 | 000,017,976 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\msisadrv.sys -- (msisadrv)
DRV:64bit: - [2008/01/20 18:46:51 | 000,017,792 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\CmBatt.sys -- (CmBatt)
DRV:64bit: - [2008/01/20 18:46:51 | 000,006,144 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\drmkaud.sys -- (drmkaud)
DRV:64bit: - [2008/01/20 18:46:50 | 000,023,608 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\DRIVERS\compbatt.sys -- (Compbatt)
DRV:64bit: - [2008/01/20 18:46:50 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\wmiacpi.sys -- (WmiAcpi)
DRV:64bit: - [2008/01/20 18:46:50 | 000,013,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\swenum.sys -- (swenum)
DRV:64bit: - [2008/01/20 18:46:50 | 000,008,704 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\errdev.sys -- (ErrDev)
DRV:64bit: - [2008/01/18 03:31:30 | 000,320,560 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\SynTP.sys -- (SynTP)
DRV:64bit: - [2007/06/18 16:13:12 | 000,018,432 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\HpqKbFiltr.sys -- (HpqKbFiltr)
DRV:64bit: - [2006/11/02 04:03:03 | 000,051,816 | ---- | M] (IBM Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\nfrd960.sys -- (nfrd960)
DRV:64bit: - [2006/11/02 04:02:52 | 000,049,256 | ---- | M] (LSI Logic) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\symc8xx.sys -- (Symc8xx)
DRV:64bit: - [2006/11/02 04:02:47 | 000,048,232 | ---- | M] (LSI Logic) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sym_u3.sys -- (Sym_u3)
DRV:64bit: - [2006/11/02 04:02:39 | 000,044,648 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iirsp.sys -- (iirsp)
DRV:64bit: - [2006/11/02 04:02:37 | 000,044,648 | ---- | M] (LSI Logic) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sym_hi.sys -- (Sym_hi)
DRV:64bit: - [2006/11/02 04:02:24 | 000,039,016 | ---- | M] (LSI Logic Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mraid35x.sys -- (Mraid35x)
DRV:64bit: - [2006/11/02 04:02:09 | 000,037,480 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iteraid.sys -- (iteraid)
DRV:64bit: - [2006/11/02 04:02:09 | 000,037,480 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iteatapi.sys -- (iteatapi)
DRV:64bit: - [2006/11/02 03:51:30 | 000,203,368 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pcmcia.sys -- (pcmcia)
DRV:64bit: - [2006/11/02 03:50:54 | 000,148,072 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\ulsata.sys -- (UlSata)
DRV:64bit: - [2006/11/02 03:50:27 | 000,124,008 | ---- | M] (QLogic Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\ql40xx.sys -- (ql40xx)
DRV:64bit: - [2006/11/02 03:50:06 | 000,090,216 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sbp2port.sys -- (sbp2port)
DRV:64bit: - [2006/11/02 03:50:06 | 000,088,168 | ---- | M] (Adaptec, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\djsvs.sys -- (aic78xx)
DRV:64bit: - [2006/11/02 01:44:02 | 000,050,688 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bthmodem.sys -- (BTHMODEM)
DRV:64bit: - [2006/11/02 01:44:01 | 000,034,304 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidbth.sys -- (HidBth)
DRV:64bit: - [2006/11/02 01:43:46 | 000,079,360 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbcir.sys -- (usbcir) eHome Infrared Receiver (USBCIR)
DRV:64bit: - [2006/11/02 01:40:24 | 000,026,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wacompen.sys -- (WacomPen)
DRV:64bit: - [2006/11/02 01:38:24 | 000,016,384 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sfloppy.sys -- (sfloppy)
DRV:64bit: - [2006/11/02 01:38:02 | 000,094,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\serial.sys -- (Serial)
DRV:64bit: - [2006/11/02 01:37:58 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\serenum.sys -- (Serenum)
DRV:64bit: - [2006/11/02 01:37:57 | 000,096,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\parport.sys -- (Parport)
DRV:64bit: - [2006/11/02 01:37:30 | 000,007,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\MSPCLOCK.sys -- (MSPCLOCK)
DRV:64bit: - [2006/11/02 01:37:30 | 000,006,656 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\MSPQM.sys -- (MSPQM)
DRV:64bit: - [2006/11/02 00:43:25 | 000,086,528 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
DRV:64bit: - [2006/10/23 18:08:37 | 000,712,704 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\peauth.sys -- (PEAUTH)
DRV:64bit: - [2006/10/03 17:45:36 | 000,273,408 | ---- | M] (Marvell) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\yk60x64.sys -- (yukonx64)
DRV:64bit: - [2006/09/19 03:42:33 | 000,014,720 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\brusbser.sys -- (BrUsbSer)
DRV:64bit: - [2006/09/18 13:36:24 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\Wbem\ntfs.mof -- (Ntfs)
DRV:64bit: - [2006/09/18 13:30:18 | 000,047,104 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\brserwdm.sys -- (BrSerWdm)
DRV:64bit: - [2006/09/18 13:30:18 | 000,014,976 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\brusbmdm.sys -- (BrUsbMdm)
DRV:64bit: - [2006/09/18 13:30:15 | 000,018,432 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\brfiltlo.sys -- (BrFiltLo)
DRV:64bit: - [2006/09/18 13:30:15 | 000,008,704 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\brfiltup.sys -- (BrFiltUp)
DRV - [2009/05/14 13:46:22 | 000,475,696 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -- (eeCtrl)
DRV - [2009/01/29 13:50:10 | 000,396,848 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20090709.001\IDSviA64.sys -- (IDSVia64)
DRV - [2008/11/28 17:04:24 | 000,146,928 | ---- | M] (CyberLink Corp.) [2009/03/14 12:44:28] [Kernel | Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\Media\DVD\000.fcl -- ({55662437-DA8C-40c0-AADA-2C816A897A49})


========== Standard Registry (All) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=91&bd=Pavilion&pf=cnnb
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\blank.htm
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=91&bd=Pavilion&pf=cnnb
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=91&bd=Pavilion&pf=cnnb
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=91&bd=Pavilion&pf=cnnb

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=91&bd=Pavilion&pf=cnnb
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://gmail.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://mail.google.com/mail/?shva=1#inbox"
FF - prefs.js..extensions.enabledItems: {20a82645-c095-46ed-80e3-08825760534b}:1.2.1
FF - prefs.js..extensions.enabledItems: moveplayer@movenetworks.com:7
FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:1.0
FF - prefs.js..extensions.enabledItems: {3f963a5b-e555-4543-90e2-c3908898db71}:10.0.0.1151
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.12

FF - HKLM\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2009/09/19 07:15:09 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: c:\program files\real\realplayer\browserrecord\firefox\ext [2009/09/25 09:57:08 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\Program Files (x86)\AVG\AVG10\Firefox\ [2010/10/25 21:41:00 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2010/10/28 12:21:18 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2010/11/17 21:04:10 | 000,000,000 | ---D | M]

[2009/05/10 22:13:57 | 000,000,000 | ---D | M] -- C:\Users\Jayanta\AppData\Roaming\Mozilla\Extensions
[2009/05/10 22:13:57 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jayanta\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2010/11/17 10:36:32 | 000,000,000 | ---D | M] -- C:\Users\Jayanta\AppData\Roaming\Mozilla\Firefox\Profiles\3ydujb0p.default\extensions
[2010/11/03 10:03:37 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Jayanta\AppData\Roaming\Mozilla\Firefox\Profiles\3ydujb0p.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/10/05 20:14:19 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jayanta\AppData\Roaming\Mozilla\Firefox\Profiles\3ydujb0p.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}
[2010/10/26 21:45:31 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2010/10/28 12:21:18 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2010/11/03 10:03:37 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010/10/28 12:21:12 | 000,025,048 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\components\browserdirprovider.dll
[2010/10/28 12:21:12 | 000,140,248 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\components\brwsrcmp.dll
[2010/10/26 21:44:15 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
[2010/10/28 12:21:15 | 000,066,520 | ---- | M] (mozilla.org) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npnul32.dll
[2007/03/22 15:23:30 | 000,017,248 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Mozilla Firefox\plugins\NPOFFICE.DLL
[2010/11/06 11:37:34 | 000,103,864 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\nppdf32.dll
[2009/09/25 09:56:56 | 000,140,864 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\nppl3260.dll
[2009/09/25 09:57:16 | 000,008,192 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\nprjplug.dll
[2009/09/25 09:56:48 | 000,094,208 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\nprpjplug.dll
[2010/07/26 15:01:58 | 000,037,184 | ---- | M] (NOS Microsystems Ltd.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\np_gp.dll
[2010/10/10 20:52:00 | 000,001,394 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\amazondotcom.xml
[2010/10/10 20:52:01 | 000,002,193 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\answers.xml
[2010/10/10 20:52:01 | 000,001,534 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\creativecommons.xml
[2010/10/10 20:52:01 | 000,002,344 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\eBay.xml
[2010/10/10 20:52:01 | 000,002,371 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\google.xml
[2010/10/10 20:52:01 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\wikipedia.xml
[2010/10/10 20:52:01 | 000,001,096 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\yahoo.xml

O1 HOSTS File: ([2010/02/09 19:22:43 | 000,000,761 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2:64bit: - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG10\avgssiea.dll (AVG Technologies CZ, s.r.o.)
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5612.1312\swg64.dll (Google Inc.)
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (Skype add-on (mastermind)) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - c:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG10\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\16.5.0.135\CoIEPlg.dll (Symantec Corporation)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\16.5.0.135\IPSBHO.dll (Symantec Corporation)
O2 - BHO: (Windows Live Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.6.5612.1312\swg.dll (Google Inc.)
O2 - BHO: (Google Dictionary Compression sdch) - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files (x86)\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll (Google Inc.)
O2 - BHO: (Microsoft Live Search Toolbar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\Program Files (x86)\MSN\Toolbar\3.0.0541.0\msneshellx.dll (Microsoft Corp.)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (no name) - - No CLSID value found.
O3 - HKLM\..\Toolbar: (Microsoft Live Search Toolbar) - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - c:\Program Files (x86)\MSN\Toolbar\3.0.0541.0\msneshellx.dll (Microsoft Corp.)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\16.5.0.135\CoIEPlg.dll (Symantec Corporation)
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKCU\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\16.5.0.135\CoIEPlg.dll (Symantec Corporation)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [Adobe Acrobat Speed Launcher] C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Adobe ARM] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files (x86)\AVG\AVG10\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [HP Health Check Scheduler] c:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe (Hewlett-Packard)
O4 - HKLM..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\hpwuSchd2.exe (Hewlett-Packard)
O4 - HKLM..\Run: [QlbCtrl.exe] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe ( Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [WirelessAssistant] C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe (Hewlett-Packard)
O4 - HKCU..\Run: [Google Update] C:\Users\Jayanta\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.)
O4 - HKCU..\Run: [swg] C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ForceActiveDesktopOn = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: BindDirectlyToPropertySetStorage = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O8:64bit: - Extra context menu item: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Append to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Convert link target to existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files (x86)\Microsoft Office\OFFICE11\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Append to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert link target to existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files (x86)\Microsoft Office\OFFICE11\EXCEL.EXE (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files (x86)\Microsoft Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\SysNative\NLAapi.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\SysNative\napinsp.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\SysNative\wshbth.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Windows\SysNative\winrnr.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\SysWOW64\nlaapi.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\SysWOW64\NapiNSP.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\SysWOW64\wshbth.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Windows\SysWOW64\winrnr.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Ranges: Range1 ([http] in Local intranet)
O16 - DPF: {0246ECA8-996F-11D1-BE2F-00A0C9037DFE} http://www.anandabazar.com/wfplayer/tdserver.cab (TDServer Control)
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} http://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.5.0.cab (DLM Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {E008A543-CEFB-4559-912F-C27C2B89F13B} https://domino7.unlv.edu/dwa7W.cab (Domino Web Access 7 Control)
O16 - DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} https://vpn.umuc.edu/dana-cached/sc/JuniperSetupClient.cab (JuniperSetupClientControl Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 213.109.67.168 213.109.72.100 1.1.1.1
O18:64bit: - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysNative\msvidctl.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG10\avgppa.dll (AVG Technologies CZ, s.r.o.)
O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysNative\inetcomm.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\symres {AA1061FE-6C41-421f-9344-69640C9732AB} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysNative\msvidctl.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG10\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysWOW64\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files (x86)\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files (x86)\Common Files\microsoft shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files (x86)\Common Files\microsoft shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\symres {AA1061FE-6C41-421f-9344-69640C9732AB} - C:\Program Files (x86)\Norton Internet Security\Engine\16.5.0.135\CoIEPlg.dll (Symantec Corporation)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - Reg Error: Key error. File not found
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (rundll32 shell32) - C:\Windows\SysNative\shell32.dll (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") - C:\Windows\SysNative\sysdm.cpl (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (rundll32 shell32) - C:\Windows\SysWow64\shell32.dll (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") - C:\Windows\SysWow64\sysdm.cpl (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\SysNative\webcheck.dll (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\SysWOW64\webcheck.dll (Microsoft Corporation)
O22:64bit: - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Component Categories cache daemon - C:\Windows\SysNative\browseui.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Component Categories cache daemon - C:\Windows\SysWOW64\browseui.dll (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Jayanta\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O24 - Desktop BackupWallPaper: C:\Users\Jayanta\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O29:64bit: - HKLM SecurityProviders - (credssp.dll) - C:\Windows\SysWow64\credssp.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (credssp.dll) - C:\Windows\SysWow64\credssp.dll (Microsoft Corporation)
O30:64bit: - LSA: Authentication Packages - (msv1_0) - C:\Windows\SysNative\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\Windows\SysWow64\msv1_0.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (kerberos) - C:\Windows\SysNative\kerberos.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (msv1_0) - C:\Windows\SysNative\msv1_0.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (schannel) - C:\Windows\SysNative\schannel.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (wdigest) - C:\Windows\SysNative\wdigest.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (tspkg) - C:\Windows\SysNative\tspkg.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\Windows\SysWow64\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\Windows\SysWow64\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\Windows\SysWow64\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\Windows\SysWow64\wdigest.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (tspkg) - C:\Windows\SysWow64\tspkg.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{02d056b5-a307-11de-9967-00235a36da1f}\Shell - "" = AutoRun
O33 - MountPoints2\{02d056b5-a307-11de-9967-00235a36da1f}\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe -- File not found
O33 - MountPoints2\{970c5da7-bd8a-11de-8bfe-00235a36da1f}\Shell - "" = AutoRun
O33 - MountPoints2\{970c5da7-bd8a-11de-8bfe-00235a36da1f}\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (C:\PROGRA~2\AVG\AVG10\avgchsva.exe /sync) - C:\Program Files (x86)\AVG\AVG10\avgchsva.exe (AVG Technologies CZ, s.r.o.)
O34 - HKLM BootExecute: (C:\PROGRA~2\AVG\AVG10\avgrsa.exe /sync /restart) - C:\Program Files (x86)\AVG\AVG10\avgrsa.exe (AVG Technologies CZ, s.r.o.)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*


MsConfig:64bit - StartUpReg: Acrobat Assistant 8.0 - hkey= - key= - C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)
MsConfig:64bit - StartUpReg: Adobe Acrobat Speed Launcher - hkey= - key= - C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe (Adobe Systems Incorporated)
MsConfig:64bit - StartUpReg: Adobe Reader Speed Launcher - hkey= - key= - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
MsConfig:64bit - StartUpReg: AVG9_TRAY - hkey= - key= - C:\PROGRA~2\AVG\AVG9\avgtray.exe File not found
MsConfig:64bit - StartUpReg: BlackBerryAutoUpdate - hkey= - key= - C:\Program Files (x86)\Common Files\Research In Motion\Auto Update\RIMAutoUpdate.exe (Research In Motion Limited)
MsConfig:64bit - StartUpReg: CLMLServer for HP TouchSmart - hkey= - key= - C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe File not found
MsConfig:64bit - StartUpReg: DVDAgent - hkey= - key= - C:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe (CyberLink Corp.)
MsConfig:64bit - StartUpReg: Lexmark 5400 Series - hkey= - key= - C:\Program Files (x86)\Lexmark 5400 Series\fm3032.exe ()
MsConfig:64bit - StartUpReg: LogitechQuickCamRibbon - hkey= - key= - C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe ()
MsConfig:64bit - StartUpReg: LXCTCATS - hkey= - key= - C:\Windows\SysNative\spool\DRIVERS\x64\3\LXCTtime.DLL (Lexmark International Inc.)
MsConfig:64bit - StartUpReg: MobileConnect - hkey= - key= - C:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe (Vodafone)
MsConfig:64bit - StartUpReg: SunJavaUpdateSched - hkey= - key= - C:\Program Files (x86)\Java\jre6\bin\jusched.exe File not found
MsConfig:64bit - StartUpReg: swg - hkey= - key= - C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
MsConfig:64bit - StartUpReg: TkBellExe - hkey= - key= - C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
MsConfig:64bit - StartUpReg: TSMAgent - hkey= - key= - C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe File not found
MsConfig:64bit - StartUpReg: TVAgent - hkey= - key= - C:\Program Files (x86)\Hewlett-Packard\Media\TV\TVAgent.exe (CyberLink Corp.)
MsConfig:64bit - StartUpReg: UCam_Menu - hkey= - key= - C:\Program Files (x86)\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
MsConfig:64bit - StartUpReg: UpdateLBPShortCut - hkey= - key= - C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
MsConfig:64bit - StartUpReg: UpdateP2GoShortCut - hkey= - key= - C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
MsConfig:64bit - StartUpReg: UpdatePDIRShortCut - hkey= - key= - C:\Program Files (x86)\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
MsConfig:64bit - StartUpReg: UpdatePSTShortCut - hkey= - key= - C:\Program Files (x86)\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
MsConfig:64bit - State: "startup" - Reg Error: Key error.

SafeBootMin:64bit: AppMgmt - Service
SafeBootMin:64bit: Base - Driver Group
SafeBootMin:64bit: Boot Bus Extender - Driver Group
SafeBootMin:64bit: Boot file system - Driver Group
SafeBootMin:64bit: File system - Driver Group
SafeBootMin:64bit: Filter - Driver Group
SafeBootMin:64bit: HelpSvc - Service
SafeBootMin:64bit: PCI Configuration - Driver Group
SafeBootMin:64bit: PNP Filter - Driver Group
SafeBootMin:64bit: Primary disk - Driver Group
SafeBootMin:64bit: sacsvr - Service
SafeBootMin:64bit: SCSI Class - Driver Group
SafeBootMin:64bit: SymEFA.sys - C:\Windows\SysNative\drivers\NISx64\1005000.087\SYMEFA64.SYS (Symantec Corporation)
SafeBootMin:64bit: System Bus Extender - Driver Group
SafeBootMin:64bit: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootMin:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootMin: AppMgmt - Service
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

SafeBootNet:64bit: AppMgmt - Service
SafeBootNet:64bit: Base - Driver Group
SafeBootNet:64bit: Boot Bus Extender - Driver Group
SafeBootNet:64bit: Boot file system - Driver Group
SafeBootNet:64bit: File system - Driver Group
SafeBootNet:64bit: Filter - Driver Group
SafeBootNet:64bit: HelpSvc - Service
SafeBootNet:64bit: Messenger - Service
SafeBootNet:64bit: NDIS Wrapper - Driver Group
SafeBootNet:64bit: NetBIOSGroup - Driver Group
SafeBootNet:64bit: NetDDEGroup - Driver Group
SafeBootNet:64bit: Network - Driver Group
SafeBootNet:64bit: NetworkProvider - Driver Group
SafeBootNet:64bit: PCI Configuration - Driver Group
SafeBootNet:64bit: PNP Filter - Driver Group
SafeBootNet:64bit: PNP_TDI - Driver Group
SafeBootNet:64bit: Primary disk - Driver Group
SafeBootNet:64bit: rdsessmgr - Service
SafeBootNet:64bit: sacsvr - Service
SafeBootNet:64bit: SCSI Class - Driver Group
SafeBootNet:64bit: Streams Drivers - Driver Group
SafeBootNet:64bit: SymEFA.sys - C:\Windows\SysNative\drivers\NISx64\1005000.087\SYMEFA64.SYS (Symantec Corporation)
SafeBootNet:64bit: System Bus Extender - Driver Group
SafeBootNet:64bit: TDI - Driver Group
SafeBootNet:64bit: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootNet:64bit: WudfPf - Driver
SafeBootNet:64bit: WudfUsbccidDriver - Driver
SafeBootNet:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet:64bit: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet:64bit: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet:64bit: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet:64bit: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet:64bit: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootNet: AppMgmt - Service
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: WudfPf - Driver
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

ActiveX:64bit: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} -
ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 11.0
ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX:64bit: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} -
ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.7
ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\system32\ie4uinit.exe -BaseSettings
ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX:64bit: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX:64bit: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework
ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\system32\unregmp2.exe /ShowWMP
ActiveX:64bit: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\system32\ie4uinit.exe -UserIconConfig
ActiveX:64bit: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "C:\Program Files (x86)\Common Files\LightScribe\LSRunOnce.exe"
ActiveX: {1AED62A0-E781-877E-4172-BA9EFADCF5FF} - Browser Customizations
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4DC936B8-247C-615D-A866-4FF23E5432B9} - Internet Explorer
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - Web Folders
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\SysWOW64\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\SysWOW64\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\iedkcs32.dll",BrandIEActiveSetup SIGNUP

Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32:64bit: vidc.i420 - lvcod64.dll (Logitech Inc.)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3codecp - C:\Windows\SysWow64\l3codecp.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\Windows\SysWow64\DivX.dll (DivX, Inc.)
Drivers32: VIDC.DVSD - C:\Windows\SysWow64\pdvcodec.dll (Matsubleepa Electric Industrial Co., Ltd.)
Drivers32: vidc.i420 - C:\Windows\SysWow64\lvcodec2.dll (Logitech Inc.)
Drivers32: vidc.yv12 - C:\Windows\SysWow64\DivX.dll (DivX, Inc.)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2010/11/18 09:45:11 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Users\Jayanta\Desktop\OTL.exe
[2010/11/14 14:42:07 | 000,000,000 | ---D | C] -- C:\Users\Jayanta\Desktop\gmer
[2010/11/13 16:41:20 | 000,000,000 | ---D | C] -- C:\Users\Jayanta\AppData\Roaming\Malwarebytes
[2010/11/13 16:41:07 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2010/11/13 16:41:06 | 000,024,664 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2010/11/13 16:41:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2010/11/13 16:41:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010/11/13 16:35:26 | 006,153,352 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\Jayanta\Desktop\jayanta-setup-1.46.exe
[2010/11/12 22:42:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Sophos
[2010/11/12 22:39:18 | 000,000,000 | ---D | C] -- C:\Users\Jayanta\Desktop\RootkitBuster_2.80.1077
[2010/11/10 10:09:34 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2010/11/05 07:04:30 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\NSSx64
[2010/11/05 07:04:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Norton Security Scan
[2010/11/05 07:04:30 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\NSSx64\0207030.022
[2010/11/05 07:03:41 | 000,318,088 | ---- | C] (Symantec Corp.) -- C:\Users\Jayanta\Desktop\Setup.exe
[2010/11/03 16:37:16 | 000,189,520 | ---- | C] (Trend Micro Inc.) -- C:\Windows\SysWow64\drivers\tmcomm.sys
[2010/11/02 09:30:54 | 000,000,000 | ---D | C] -- C:\Users\Jayanta\AppData\Roaming\Apple Computer
[2010/11/02 09:30:54 | 000,000,000 | ---D | C] -- C:\Users\Jayanta\AppData\Local\Apple Computer
[2010/11/02 09:30:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Safari
[2010/11/02 09:20:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Apple
[2010/11/02 09:19:45 | 000,000,000 | ---D | C] -- C:\Users\Jayanta\AppData\Local\Apple
[2010/11/02 09:19:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Apple Software Update
[2010/11/02 09:19:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple
[2010/10/26 21:46:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2010/10/26 21:46:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2010/10/26 21:45:13 | 000,411,368 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\deployJava1.dll
[2010/10/26 21:45:13 | 000,153,376 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe
[2010/10/26 21:45:13 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe
[2010/10/26 21:45:13 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe
[2010/10/26 21:44:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java
[2010/10/26 18:47:57 | 001,927,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\gameux.dll
[2010/10/26 18:47:56 | 001,696,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\gameux.dll
[2010/10/26 18:47:54 | 000,032,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Apphlpdm.dll
[2010/10/26 18:47:54 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Apphlpdm.dll
[2010/10/26 18:47:53 | 004,240,384 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\GameUXLegacyGDFs.dll
[2010/10/26 18:47:53 | 004,240,384 | ---- | C] (Microsoft) -- C:\Windows\SysNative\GameUXLegacyGDFs.dll
[2010/10/22 08:44:07 | 000,000,000 | ---D | C] -- C:\Users\Jayanta\Documents\UNLV APPEALS COMMITTEE
[2009/06/08 19:48:50 | 000,409,600 | ---- | C] ( ) -- C:\Windows\SysWow64\lxctinpa.dll
[2009/06/08 19:48:49 | 000,643,072 | ---- | C] ( ) -- C:\Windows\SysWow64\lxctpmui.dll
[2009/06/08 19:48:49 | 000,393,216 | ---- | C] ( ) -- C:\Windows\SysWow64\lxctiesc.dll
[2009/06/08 19:48:48 | 001,187,840 | ---- | C] ( ) -- C:\Windows\SysWow64\lxctserv.dll
[2009/06/08 19:48:48 | 000,983,040 | ---- | C] ( ) -- C:\Windows\SysWow64\lxctusb1.dll
[2009/06/08 19:48:48 | 000,163,840 | ---- | C] ( ) -- C:\Windows\SysWow64\lxctprox.dll
[2009/06/08 19:48:48 | 000,094,208 | ---- | C] ( ) -- C:\Windows\SysWow64\lxctpplc.dll
[2009/06/08 19:48:47 | 000,696,320 | ---- | C] ( ) -- C:\Windows\SysWow64\lxcthbn3.dll
[2009/06/08 19:48:47 | 000,667,648 | ---- | C] ( ) -- C:\Windows\SysWow64\lxctcomc.dll
[2009/06/08 19:48:47 | 000,528,384 | ---- | C] ( ) -- C:\Windows\SysWow64\lxctlmpm.dll
[2009/06/08 19:48:47 | 000,421,888 | ---- | C] ( ) -- C:\Windows\SysWow64\lxctcomm.dll
[2 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]
[1 C:\Users\Jayanta\Desktop\*.tmp files -> C:\Users\Jayanta\Desktop\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010/11/18 09:52:25 | 099,539,677 | ---- | M] () -- C:\Windows\SysNative\drivers\AVG\incavi.avm
[2010/11/18 09:45:16 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Jayanta\Desktop\OTL.exe
[2010/11/18 09:40:40 | 930,497,536 | ---- | M] () -- C:\Users\Jayanta\Desktop\inbox.pst
[2010/11/18 09:40:40 | 520,111,104 | ---- | M] () -- C:\Users\Jayanta\Desktop\sent.pst
[2010/11/18 09:38:58 | 000,003,216 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010/11/18 09:38:58 | 000,003,216 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010/11/18 09:36:00 | 000,000,916 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2379491072-1832334390-2107030829-1000UA.job
[2010/11/18 09:35:59 | 000,000,900 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2379491072-1832334390-2107030829-1001UA.job
[2010/11/17 21:04:10 | 000,001,917 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2010/11/17 19:38:46 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010/11/17 19:38:38 | 4024,262,656 | -HS- | M] () -- C:\hiberfil.sys
[2010/11/17 19:28:08 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2010/11/17 19:27:42 | 000,151,552 | ---- | M] () -- C:\Users\Jayanta\Desktop\equityNF.doc
[2010/11/17 18:54:11 | 000,699,392 | ---- | M] () -- C:\Users\Jayanta\Desktop\Equity.ppt
[2010/11/17 18:53:56 | 000,110,432 | ---- | M] () -- C:\Users\Jayanta\Desktop\EquityNF.rtf
[2010/11/17 18:36:00 | 000,000,848 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2379491072-1832334390-2107030829-1001Core.job
[2010/11/17 16:36:00 | 000,000,864 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2379491072-1832334390-2107030829-1000Core.job
[2010/11/17 14:58:02 | 000,000,502 | -H-- | M] () -- C:\Windows\tasks\Norton Security Scan for Jayanta.job
[2010/11/17 11:44:55 | 000,002,657 | ---- | M] () -- C:\Users\Jayanta\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Office Word 2003.lnk
[2010/11/17 09:03:21 | 000,000,112 | ---- | M] () -- C:\Users\Jayanta\webct_upload_applet.properties
[2010/11/17 09:02:41 | 000,076,288 | ---- | M] () -- C:\Users\Jayanta\Documents\Counseling Consultation Fall 2010.ppt
[2010/11/16 16:42:23 | 000,052,224 | ---- | M] () -- C:\Users\Jayanta\Desktop\Quiz_Stats.xls
[2010/11/15 13:14:16 | 000,011,903 | ---- | M] () -- C:\Users\Jayanta\Desktop\L3.jpg
[2010/11/14 18:57:04 | 000,002,436 | ---- | M] () -- C:\Users\Jayanta\Desktop\Attach.zip
[2010/11/14 14:51:56 | 000,086,016 | ---- | M] () -- C:\Users\Jayanta\Desktop\Final-FIN640-Summer2010.doc
[2010/11/14 14:41:01 | 000,288,107 | ---- | M] () -- C:\Users\Jayanta\Desktop\gmer.zip
[2010/11/14 14:30:12 | 000,630,272 | ---- | M] () -- C:\Users\Jayanta\Desktop\dds.pif
[2010/11/14 14:25:53 | 000,630,272 | ---- | M] () -- C:\Users\Jayanta\Desktop\dds.scr
[2010/11/13 16:35:31 | 006,153,352 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\Jayanta\Desktop\jayanta-setup-1.46.exe
[2010/11/12 22:41:33 | 001,376,832 | ---- | M] () -- C:\Users\Jayanta\Desktop\sar_15_sfx.exe
[2010/11/12 22:39:05 | 001,074,232 | ---- | M] () -- C:\Users\Jayanta\Desktop\RootkitBuster_2.80.1077.zip
[2010/11/12 20:01:40 | 000,087,040 | ---- | M] () -- C:\Users\Jayanta\Desktop\equityNP.doc
[2010/11/12 03:33:02 | 000,189,353 | ---- | M] () -- C:\Users\Jayanta\Desktop\Poker_Stats.jpg
[2010/11/11 10:00:53 | 000,030,208 | ---- | M] () -- C:\Users\Jayanta\Desktop\MSAF_Survey.doc
[2010/11/11 09:34:39 | 467,289,088 | ---- | M] () -- C:\Users\Jayanta\Desktop\sent3.pst
[2010/11/11 09:31:51 | 000,703,388 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2010/11/11 09:31:51 | 000,604,502 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2010/11/11 09:31:51 | 000,104,170 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2010/11/10 10:58:16 | 000,000,968 | ---- | M] () -- C:\Users\Jayanta\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Microsoft Office Outlook.lnk
[2010/11/09 07:04:09 | 000,055,045 | ---- | M] () -- C:\Users\Jayanta\Desktop\Gdp20-40.jpg
[2010/11/08 19:08:59 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForJayanta.job
[2010/11/07 10:14:12 | 000,171,159 | ---- | M] () -- C:\Users\Jayanta\Desktop\equityNP.pdf
[2010/11/07 10:09:53 | 000,000,000 | ---- | M] () -- C:\Users\Jayanta\defogger_reenable
[2010/11/07 10:07:10 | 000,050,477 | ---- | M] () -- C:\Users\Jayanta\Desktop\Defogger.exe
[2010/11/06 18:42:14 | 000,026,624 | ---- | M] () -- C:\Users\Jayanta\Desktop\Trackrecord_Agreement.doc
[2010/11/05 07:04:36 | 000,001,179 | ---- | M] () -- C:\Users\Public\Desktop\Norton Security Scan.lnk
[2010/11/05 07:04:30 | 000,000,172 | ---- | M] () -- C:\Windows\SysNative\drivers\NSSx64\0207030.022\isolate.ini
[2010/11/05 07:03:42 | 000,318,088 | ---- | M] (Symantec Corp.) -- C:\Users\Jayanta\Desktop\Setup.exe
[2010/11/03 21:32:15 | 000,028,672 | ---- | M] () -- C:\Users\Jayanta\Desktop\Drazik Award Nominees 2010 Turner_TMG.doc
[2010/11/03 16:35:41 | 000,000,036 | ---- | M] () -- C:\Users\Jayanta\AppData\Local\housecall.guid.cache
[2010/11/01 13:46:22 | 000,054,394 | ---- | M] () -- C:\Users\Jayanta\Desktop\stock-vector-sheriff-aiming-a-gun-26884678.jpg
[2010/10/27 09:49:42 | 000,100,864 | ---- | M] () -- C:\Users\Jayanta\Desktop\FIN_640_Midterm_Fall_2010.doc
[2010/10/27 08:07:35 | 000,000,860 | ---- | M] () -- C:\Users\Public\Desktop\AVG 2011.lnk
[2010/10/26 21:44:15 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe
[2010/10/26 21:44:15 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe
[2010/10/26 21:44:15 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe
[2010/10/26 21:44:14 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\deployJava1.dll
[2010/10/25 09:10:47 | 000,452,096 | ---- | M] () -- C:\Users\Jayanta\Desktop\chat_directions_fall2010.doc
[2 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]
[1 C:\Users\Jayanta\Desktop\*.tmp files -> C:\Users\Jayanta\Desktop\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/11/17 21:03:29 | 000,001,917 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2010/11/17 09:02:41 | 000,076,288 | ---- | C] () -- C:\Users\Jayanta\Documents\Counseling Consultation Fall 2010.ppt
[2010/11/15 13:14:16 | 000,011,903 | ---- | C] () -- C:\Users\Jayanta\Desktop\L3.jpg
[2010/11/14 18:57:04 | 000,002,436 | ---- | C] () -- C:\Users\Jayanta\Desktop\Attach.zip
[2010/11/14 14:58:43 | 000,092,160 | ---- | C] () -- C:\Users\Jayanta\Desktop\Final-FIN640-Summer2010-with-answers.doc
[2010/11/14 14:51:46 | 000,086,016 | ---- | C] () -- C:\Users\Jayanta\Desktop\Final-FIN640-Summer2010.doc
[2010/11/14 14:30:06 | 000,630,272 | ---- | C] () -- C:\Users\Jayanta\Desktop\dds.pif
[2010/11/12 22:41:30 | 001,376,832 | ---- | C] () -- C:\Users\Jayanta\Desktop\sar_15_sfx.exe
[2010/11/12 22:39:04 | 001,074,232 | ---- | C] () -- C:\Users\Jayanta\Desktop\RootkitBuster_2.80.1077.zip
[2010/11/12 20:00:39 | 000,110,432 | ---- | C] () -- C:\Users\Jayanta\Desktop\EquityNF.rtf
[2010/11/12 03:31:58 | 000,189,353 | ---- | C] () -- C:\Users\Jayanta\Desktop\Poker_Stats.jpg
[2010/11/11 10:00:53 | 000,030,208 | ---- | C] () -- C:\Users\Jayanta\Desktop\MSAF_Survey.doc
[2010/11/11 09:29:23 | 467,289,088 | ---- | C] () -- C:\Users\Jayanta\Desktop\sent3.pst
[2010/11/09 12:21:23 | 520,111,104 | ---- | C] () -- C:\Users\Jayanta\Desktop\sent.pst
[2010/11/09 06:15:57 | 000,055,045 | ---- | C] () -- C:\Users\Jayanta\Desktop\Gdp20-40.jpg
[2010/11/07 10:53:03 | 000,288,107 | ---- | C] () -- C:\Users\Jayanta\Desktop\gmer.zip
[2010/11/07 10:14:09 | 000,171,159 | ---- | C] () -- C:\Users\Jayanta\Desktop\equityNP.pdf
[2010/11/07 10:11:13 | 000,630,272 | ---- | C] () -- C:\Users\Jayanta\Desktop\dds.scr
[2010/11/07 10:09:53 | 000,000,000 | ---- | C] () -- C:\Users\Jayanta\defogger_reenable
[2010/11/07 10:07:09 | 000,050,477 | ---- | C] () -- C:\Users\Jayanta\Desktop\Defogger.exe
[2010/11/06 18:42:14 | 000,026,624 | ---- | C] () -- C:\Users\Jayanta\Desktop\Trackrecord_Agreement.doc
[2010/11/05 07:04:38 | 000,000,502 | -H-- | C] () -- C:\Windows\tasks\Norton Security Scan for Jayanta.job
[2010/11/05 07:04:36 | 000,001,179 | ---- | C] () -- C:\Users\Public\Desktop\Norton Security Scan.lnk
[2010/11/05 07:04:30 | 000,000,172 | ---- | C] () -- C:\Windows\SysNative\drivers\NSSx64\0207030.022\isolate.ini
[2010/11/03 21:26:11 | 000,028,672 | ---- | C] () -- C:\Users\Jayanta\Desktop\Drazik Award Nominees 2010 Turner_TMG.doc
[2010/11/03 21:00:55 | 000,452,096 | ---- | C] () -- C:\Users\Jayanta\Desktop\chat_directions_fall2010.doc
[2010/11/03 16:35:41 | 000,000,036 | ---- | C] () -- C:\Users\Jayanta\AppData\Local\housecall.guid.cache
[2010/11/01 13:46:20 | 000,054,394 | ---- | C] () -- C:\Users\Jayanta\Desktop\stock-vector-sheriff-aiming-a-gun-26884678.jpg
[2010/10/26 21:56:03 | 000,100,864 | ---- | C] () -- C:\Users\Jayanta\Desktop\FIN_640_Midterm_Fall_2010.doc
[2010/10/26 18:13:05 | 000,087,040 | ---- | C] () -- C:\Users\Jayanta\Desktop\equityNP.doc
[2010/10/26 18:12:56 | 000,699,392 | ---- | C] () -- C:\Users\Jayanta\Desktop\Equity.ppt
[2010/10/26 18:12:39 | 000,151,552 | ---- | C] () -- C:\Users\Jayanta\Desktop\equityNF.doc
[2010/10/20 14:20:53 | 930,497,536 | ---- | C] () -- C:\Users\Jayanta\Desktop\inbox.pst
[2010/03/02 14:56:05 | 000,000,000 | ---- | C] () -- C:\Users\Jayanta\AppData\Local\prvlcl.dat
[2010/02/12 09:43:36 | 000,027,442 | ---- | C] () -- C:\Users\Jayanta\AppData\Local\tmpWENDY_SIG.JPG
[2010/02/12 09:43:36 | 000,027,418 | ---- | C] () -- C:\Users\Jayanta\AppData\Local\tmpWENDY_SIG.0
[2010/01/25 07:48:51 | 000,000,000 | ---- | C] () -- C:\Users\Jayanta\AppData\Roaming\wklnhst.dat
[2009/12/02 09:22:03 | 000,040,002 | ---- | C] () -- C:\Users\Jayanta\AppData\Local\tmpTWO-WENDY-JAY.0
[2009/12/02 09:22:03 | 000,036,571 | ---- | C] () -- C:\Users\Jayanta\AppData\Local\tmpTWO-WENDY-JAY.JPG
[2009/11/09 01:58:30 | 000,000,000 | ---- | C] () -- C:\Users\Jayanta\AppData\Local\FnF4.txt
[2009/09/25 09:58:22 | 000,000,025 | ---- | C] () -- C:\Windows\cdplayer.ini
[2009/09/19 21:37:20 | 000,000,079 | ---- | C] () -- C:\Users\Jayanta\AppData\Local\DVDPATH.TXT
[2009/09/19 21:36:42 | 000,007,052 | ---- | C] () -- C:\Users\Jayanta\AppData\Local\d3d9caps.dat
[2009/09/17 03:33:11 | 000,117,248 | ---- | C] () -- C:\Windows\SysWow64\EhStorAuthn.dll
[2009/09/17 03:31:51 | 000,368,640 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/09/16 14:20:08 | 000,000,376 | ---- | C] () -- C:\Windows\ODBC.INI
[2009/08/11 23:51:02 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2009/07/30 17:58:42 | 000,000,326 | ---- | C] () -- C:\Windows\primopdf.ini
[2009/06/08 19:48:50 | 000,274,432 | ---- | C] () -- C:\Windows\SysWow64\LXCTinst.dll
[2009/05/11 18:32:00 | 000,093,184 | ---- | C] () -- C:\Users\Jayanta\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/05/10 22:06:37 | 000,000,836 | ---- | C] () -- C:\ProgramData\HPWALog.txt
[2009/05/10 22:06:31 | 000,000,000 | ---- | C] () -- C:\Users\Jayanta\AppData\Local\QSwitch.txt
[2009/05/10 22:06:31 | 000,000,000 | ---- | C] () -- C:\Users\Jayanta\AppData\Local\DSwitch.txt
[2009/05/10 22:06:31 | 000,000,000 | ---- | C] () -- C:\Users\Jayanta\AppData\Local\AtStart.txt
[2009/03/14 13:18:44 | 000,000,105 | ---- | C] () -- C:\ProgramData\{d36dd326-7280-11d8-97c8-000129760cbe}.log
[2009/03/14 13:18:31 | 000,000,032 | ---- | C] () -- C:\ProgramData\{051B9612-4D82-42AC-8C63-CD2DCEDC1CB3}.log
[2009/03/14 13:17:39 | 000,000,032 | ---- | C] () -- C:\ProgramData\{9867824A-C86D-4A83-8F3C-E7A86BE0AFD3}.log
[2009/03/14 13:16:13 | 000,000,032 | ---- | C] () -- C:\ProgramData\{23F3DA62-2D9E-4A69-B8D5-BE8E9E148092}.log
[2009/03/14 13:13:49 | 000,000,032 | ---- | C] () -- C:\ProgramData\{4FC670EB-5F02-4B07-90DB-022B86BFEFD0}.log
[2009/01/19 21:45:49 | 000,000,109 | ---- | C] () -- C:\ProgramData\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}.log
[2009/01/19 21:36:56 | 000,000,110 | ---- | C] () -- C:\ProgramData\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}.log
[2009/01/19 21:34:18 | 000,000,105 | ---- | C] () -- C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
[2009/01/19 21:32:19 | 000,000,107 | ---- | C] () -- C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log
[2008/09/22 13:21:34 | 000,127,092 | R--- | C] () -- C:\ProgramData\DeviceManager.xml.rc4
[2008/08/20 15:45:46 | 000,020,270 | ---- | C] () -- C:\ProgramData\DeviceInstaller.xml
[2008/01/20 18:50:05 | 000,060,124 | ---- | C] () -- C:\Windows\SysWow64\tcpmon.ini
[2003/01/07 14:05:08 | 000,002,695 | ---- | C] () -- C:\Windows\SysWow64\OUTLPERF.INI

========== Custom Scans ==========


< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2009/06/08 21:17:29 | 000,000,000 | ---D | M] -- C:\Users\Jayanta\AppData\Roaming\5400 Series
[2009/11/17 13:58:45 | 000,000,000 | ---D | M] -- C:\Users\Jayanta\AppData\Roaming\Adobe
[2010/11/02 09:30:54 | 000,000,000 | ---D | M] -- C:\Users\Jayanta\AppData\Roaming\Apple Computer
[2009/05/10 22:06:27 | 000,000,000 | ---D | M] -- C:\Users\Jayanta\AppData\Roaming\ATI
[2010/10/15 10:58:10 | 000,000,000 | ---D | M] -- C:\Users\Jayanta\AppData\Roaming\AVG10
[2009/09/16 13:15:37 | 000,000,000 | ---D | M] -- C:\Users\Jayanta\AppData\Roaming\CustomStartUp
[2010/01/25 20:19:07 | 000,000,000 | ---D | M] -- C:\Users\Jayanta\AppData\Roaming\CyberLink
[2010/03/31 23:57:25 | 000,000,000 | ---D | M] -- C:\Users\Jayanta\AppData\Roaming\DivX
[2009/11/12 10:29:10 | 000,000,000 | ---D | M] -- C:\Users\Jayanta\AppData\Roaming\Download Manager
[2009/06/06 11:02:31 | 000,000,000 | ---D | M] -- C:\Users\Jayanta\AppData\Roaming\funkitron
[2009/05/11 22:17:10 | 000,000,000 | ---D | M] -- C:\Users\Jayanta\AppData\Roaming\Google
[2009/11/16 18:19:13 | 000,000,000 | ---D | M] -- C:\Users\Jayanta\AppData\Roaming\Hewlett-Packard
[2009/05/10 21:31:07 | 000,000,000 | ---D | M] -- C:\Users\Jayanta\AppData\Roaming\HP TCS
[2010/06/14 17:24:07 | 000,000,000 | ---D | M] -- C:\Users\Jayanta\AppData\Roaming\hpqLog
[2009/05/10 22:06:00 | 000,000,000 | ---D | M] -- C:\Users\Jayanta\AppData\Roaming\Identities
[2009/11/17 13:44:54 | 000,000,000 | ---D | M] -- C:\Users\Jayanta\AppData\Roaming\InstallShield
[2010/05/07 06:22:18 | 000,000,000 | ---D | M] -- C:\Users\Jayanta\AppData\Roaming\Juniper Networks
[2009/05/10 22:09:40 | 000,000,000 | ---D | M] -- C:\Users\Jayanta\AppData\Roaming\Macromedia
[2010/11/13 16:41:20 | 000,000,000 | ---D | M] -- C:\Users\Jayanta\AppData\Roaming\Malwarebytes
[2006/11/02 07:07:25 | 000,000,000 | ---D | M] -- C:\Users\Jayanta\AppData\Roaming\Media Center Programs
[2010/01/25 07:48:51 | 000,000,000 | --SD | M] -- C:\Users\Jayanta\AppData\Roaming\Microsoft
[2009/11/14 22:00:46 | 000,000,000 | ---D | M] -- C:\Users\Jayanta\AppData\Roaming\Move Networks
[2009/05/10 22:13:57 | 000,000,000 | ---D | M] -- C:\Users\Jayanta\AppData\Roaming\Mozilla
[2010/03/05 16:02:15 | 000,000,000 | ---D | M] -- C:\Users\Jayanta\AppData\Roaming\PrimoPDF
[2009/09/25 09:57:47 | 000,000,000 | ---D | M] -- C:\Users\Jayanta\AppData\Roaming\Real
[2009/08/20 08:53:11 | 000,000,000 | ---D | M] -- C:\Users\Jayanta\AppData\Roaming\Research In Motion
[2010/11/17 00:23:10 | 000,000,000 | ---D | M] -- C:\Users\Jayanta\AppData\Roaming\Skype
[2010/11/17 00:06:13 | 000,000,000 | ---D | M] -- C:\Users\Jayanta\AppData\Roaming\skypePM
[2010/01/25 07:49:00 | 000,000,000 | ---D | M] -- C:\Users\Jayanta\AppData\Roaming\Template
[2009/10/20 14:14:14 | 000,000,000 | ---D | M] -- C:\Users\Jayanta\AppData\Roaming\Vodafone
[2009/05/10 16:51:32 | 000,000,000 | ---D | M] -- C:\Users\Jayanta\AppData\Roaming\WildTangent

< %APPDATA%\*.exe /s >
[2010/04/10 11:11:36 | 000,300,400 | ---- | M] (Juniper Networks") -- C:\Users\Jayanta\AppData\Roaming\Juniper Networks\Host Checker\dsHostChecker.exe
[2010/04/10 11:11:36 | 000,234,864 | ---- | M] (Juniper Networks) -- C:\Users\Jayanta\AppData\Roaming\Juniper Networks\Host Checker\dsHostCheckerProxy.exe
[2010/04/10 11:11:38 | 000,157,040 | ---- | M] () -- C:\Users\Jayanta\AppData\Roaming\Juniper Networks\Host Checker\InstallHelper.exe
[2010/04/10 11:11:44 | 000,056,072 | ---- | M] () -- C:\Users\Jayanta\AppData\Roaming\Juniper Networks\Host Checker\uninstall.exe
[2010/03/16 23:03:58 | 000,132,464 | ---- | M] () -- C:\Users\Jayanta\AppData\Roaming\Juniper Networks\Setup Client\dsmmf.exe
[2010/03/16 23:03:56 | 000,497,008 | ---- | M] (Juniper Networks) -- C:\Users\Jayanta\AppData\Roaming\Juniper Networks\Setup Client\JuniperSetupClient.exe
[2010/03/16 23:03:00 | 000,329,984 | ---- | M] () -- C:\Users\Jayanta\AppData\Roaming\Juniper Networks\Setup Client\JuniperSetupClientOCX.exe
[2010/03/16 23:01:24 | 000,218,368 | ---- | M] () -- C:\Users\Jayanta\AppData\Roaming\Juniper Networks\Setup Client\JuniperSetupXP.exe
[2010/03/16 23:04:02 | 000,050,840 | ---- | M] (Juniper Networks) -- C:\Users\Jayanta\AppData\Roaming\Juniper Networks\Setup Client\uninstall.exe
[2009/11/14 20:42:46 | 000,143,976 | ---- | M] () -- C:\Users\Jayanta\AppData\Roaming\Move Networks\uninstall.exe
[2009/10/14 16:50:30 | 000,097,216 | ---- | M] () -- C:\Users\Jayanta\AppData\Roaming\Move Networks\ie_bin\MovePlayerUpgrade.exe
[2010/07/26 15:01:58 | 000,032,032 | ---- | M] (NOS Microsystems Ltd.) -- C:\Users\Jayanta\AppData\Roaming\Mozilla\Firefox\Profiles\3ydujb0p.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}\chrome\content\getPlusPlus_Adobe_reg.exe
[2009/07/09 09:53:53 | 000,390,664 | ---- | M] (RealNetworks, Inc.) -- C:\Users\Jayanta\AppData\Roaming\Real\RealPlayer\Update\realplayer11gold.exe
[2010/06/03 10:06:56 | 000,439,816 | ---- | M] (RealNetworks, Inc.) -- C:\Users\Jayanta\AppData\Roaming\Real\Update\setup3.10\setup.exe
[2010/11/15 16:12:53 | 000,506,024 | ---- | M] (RealNetworks, Inc.) -- C:\Users\Jayanta\AppData\Roaming\Real\Update\setup3.13\setup.exe
[2009/06/19 10:30:47 | 000,390,664 | ---- | M] (RealNetworks, Inc.) -- C:\Users\Jayanta\AppData\Roaming\Real\Update\temp\~Upg0\realplayer11gold.exe
[2009/07/09 09:53:52 | 000,390,664 | ---- | M] (RealNetworks, Inc.) -- C:\Users\Jayanta\AppData\Roaming\Real\Update\temp\~Upg1\realplayer11gold.exe

< %SYSTEMDRIVE%\*.exe >


< MD5 for: AGP440.SYS >
[2008/01/20 18:46:51 | 000,064,568 | ---- | M] (Microsoft Corporation) MD5=F6F6793B7F17B550ECFDBD3B229173F7 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_163188bf770e4ab0\AGP440.sys
[2008/01/20 18:46:51 | 000,064,568 | ---- | M] (Microsoft Corporation) MD5=F6F6793B7F17B550ECFDBD3B229173F7 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_181d01cb743015fc\AGP440.sys

< MD5 for: ATAPI.SYS >
[2008/01/20 18:46:50 | 000,022,584 | ---- | M] (Microsoft Corporation) MD5=1898FAE8E07D97F2F6C2D5326C633FAC -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_3956c39dd9e73fd2\atapi.sys
[2009/01/19 21:18:21 | 000,022,584 | ---- | M] (Microsoft Corporation) MD5=35137384FFB6FB4B4C3063CEB5DB34BE -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.0.6000.20847_none_37d5e5fef5f86cf7\atapi.sys
[2008/08/15 20:49:42 | 000,022,584 | ---- | M] (Microsoft Corporation) MD5=ACA311FAC841A06E4A7EF9A0F1C195F8 -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.0.6001.22245_none_39ba2410f320cb3a\atapi.sys
[2009/01/19 21:18:21 | 000,022,584 | ---- | M] (Microsoft Corporation) MD5=B388797CAAB36D523840347CC6A39B96 -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.0.6001.22193_none_398211faf34b271a\atapi.sys
[2009/04/10 23:15:00 | 000,020,952 | ---- | M] (Microsoft Corporation) MD5=E68D9B3A3905619732F7FE039466A623 -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_3b423ca9d7090b1e\atapi.sys

< MD5 for: CNGAUDIT.DLL >
[2006/11/02 03:16:48 | 000,014,848 | ---- | M] (Microsoft Corporation) MD5=21322B1A2AD337C579F4A65EA0D25193 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_424bc4aceb06de1c\cngaudit.dll
[2006/11/02 01:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\SysWOW64\cngaudit.dll
[2006/11/02 01:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\SysWOW64\cngaudit.dll
[2006/11/02 01:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll

< MD5 for: EVENTLOG.DLL >
[2007/05/17 21:34:04 | 000,007,216 | ---- | M] () MD5=C2A279A458A06DE2C83D842AA042B5A8 -- C:\Program Files (x86)\CyberLink\PowerDirector\EventLog.dll

< MD5 for: EXPLORER.EXE >
[2008/10/28 22:20:29 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7ABF06BE -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_b5f700fe698beb14\explorer.exe
[2008/10/28 22:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_b7eb106e66a7ac19\explorer.exe
[2008/10/28 22:15:50 | 003,087,360 | ---- | M] (Microsoft Corporation) MD5=50514057C28A74BAC2BD04B7B990D615 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_aba256ac352b2919\explorer.exe
[2008/10/29 19:59:17 | 002,927,616 | ---- | M] (Microsoft Corporation) MD5=50BA5850147410CDE89C523AD3BC606E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_b8583e9d7fda0512\explorer.exe
[2009/04/10 23:10:17 | 003,079,168 | ---- | M] (Microsoft Corporation) MD5=6B08E54A451B3F95E4109DBA7E594270 -- C:\Windows\explorer.exe
[2009/04/10 23:10:17 | 003,079,168 | ---- | M] (Microsoft Corporation) MD5=6B08E54A451B3F95E4109DBA7E594270 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_afbebba22f3bab41\explorer.exe
[2008/10/27 18:30:12 | 003,086,848 | ---- | M] (Microsoft Corporation) MD5=72B9990E45C25AA3C75C4FB50A9D6CE0 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_ac5266dd4e2b0a41\explorer.exe
[2008/10/28 22:49:22 | 003,080,704 | ---- | M] (Microsoft Corporation) MD5=BBD8E74F23D7605CB0CDB57A1B25D826 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_ad96661c3246ea1e\explorer.exe
[2009/04/10 22:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\SysWOW64\explorer.exe
[2009/04/10 22:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\SysWOW64\explorer.exe
[2009/04/10 22:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_ba1365f4639c6d3c\explorer.exe
[2008/10/29 21:30:07 | 003,081,216 | ---- | M] (Microsoft Corporation) MD5=E404A65EF890140410E9F3D405841C95 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_ae03944b4b794317\explorer.exe
[2008/10/27 18:15:02 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=E7156B0B74762D9DE0E66BDCDE06E5FB -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_b6a7112f828bcc3c\explorer.exe
[2008/01/20 18:48:44 | 003,080,704 | ---- | M] (Microsoft Corporation) MD5=F6D765FB6B457542D954682F50C26E4F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_add342963219dff5\explorer.exe
[2008/01/20 18:49:23 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=FFA764631CB70A30065C12EF8E174F9F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_b827ece8667aa1f0\explorer.exe

< MD5 for: IASTORV.SYS >
[2008/01/20 18:46:59 | 000,290,872 | ---- | M] (Intel Corporation) MD5=3E3BF3627D886736D0B4E90054F929F6 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_0b2fedfc40256bc5\iaStorV.sys

< MD5 for: NETLOGON.DLL >
[2008/01/20 18:51:03 | 000,716,800 | ---- | M] (Microsoft Corporation) MD5=5D0A4891F8CD0E9E64FF57A6A34044F5 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_59d652c6f057598d\netlogon.dll
[2009/04/10 22:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\SysWOW64\netlogon.dll
[2009/04/10 22:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\SysWOW64\netlogon.dll
[2009/04/10 22:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_6616762521d9e6d4\netlogon.dll
[2009/04/10 23:11:16 | 000,717,312 | ---- | M] (Microsoft Corporation) MD5=A3F1B171702CA04744EE514243B45BFB -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_5bc1cbd2ed7924d9\netlogon.dll
[2008/01/20 18:48:28 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_642afd1924b81b88\netlogon.dll

< MD5 for: NVSTOR.SYS >
[2008/01/20 18:46:54 | 000,054,328 | ---- | M] (NVIDIA Corporation) MD5=F7EA0FE82842D05EDA3EFDD376DBFDBA -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_95f95eab775c159d\nvstor.sys

< MD5 for: SCECLI.DLL >
[2008/01/20 18:50:28 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_9e812831c5d9a243\scecli.dll
[2008/01/20 18:49:49 | 000,235,520 | ---- | M] (Microsoft Corporation) MD5=35F1DD99F9903BC267C2AF16B09F9BF7 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_942c7ddf9178e048\scecli.dll
[2009/04/10 22:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\SysWOW64\scecli.dll
[2009/04/10 22:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\SysWOW64\scecli.dll
[2009/04/10 22:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_a06ca13dc2fb6d8f\scecli.dll
[2009/04/10 23:11:23 | 000,235,520 | ---- | M] (Microsoft Corporation) MD5=9922ADB6DCA8F0F5EA038BEFF339C08B -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_9617f6eb8e9aab94\scecli.dll

< MD5 for: USERINIT.EXE >
[2008/01/20 18:50:36 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\SysWOW64\userinit.exe
[2008/01/20 18:50:36 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\SysWOW64\userinit.exe
[2008/01/20 18:50:36 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe
[2008/01/20 18:49:46 | 000,028,160 | ---- | M] (Microsoft Corporation) MD5=A0AB2BB9A92293D9CE66E252719AB5FE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_384755998a0d6941\userinit.exe

< MD5 for: WINLOGON.EXE >
[2009/04/10 23:11:08 | 000,405,504 | ---- | M] (Microsoft Corporation) MD5=6D0773A3A65D28B663F334C90441D01A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_cdcd15a68a70b877\winlogon.exe
[2008/01/20 18:49:47 | 000,406,016 | ---- | M] (Microsoft Corporation) MD5=856491FCED98093D824B9EB2892F564A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_cbe19c9a8d4eed2b\winlogon.exe
[2009/04/10 22:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\SysWOW64\winlogon.exe
[2009/04/10 22:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\SysWOW64\winlogon.exe
[2009/04/10 22:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe
[2008/01/20 18:50:38 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\system32\drivers\*.sys /90 >
[2010/09/06 01:26:20 | 000,189,520 | ---- | M] (Trend Micro Inc.) -- C:\Windows\SysWOW64\drivers\tmcomm.sys

< End of report >

OTL Extras logfile created on: 11/18/2010 10:05:43 AM - Run 1
OTL by OldTimer - Version 3.2.17.3 Folder = C:\Users\Jayanta\Desktop
64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18975)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

4.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 40.00% Memory free
8.00 Gb Paging File | 6.00 Gb Available in Paging File | 71.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 285.00 Gb Total Space | 19.44 Gb Free Space | 6.82% Space Free | Partition Type: NTFS
Drive D: | 13.08 Gb Total Space | 2.04 Gb Free Space | 15.57% Space Free | Partition Type: NTFS

Computer Name: EVERMORE | User Name: Jayanta | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\System32\ieframe.DLL (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = 9F 9E 16 8C DC 5B C8 01 [binary data]
"VistaSp2" = DB AF A4 D4 1A 3A CA 01 [binary data]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"oobe_av" = 1

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{3A3D2E6B-235E-49F9-BD9C-4385F3F17B6B}" = rport=67 | protocol=17 | dir=in | svc=dhcp | app=c:\windows\system32\svchost.exe |
"{49711BB5-EA21-4A59-901A-5C25E54D4430}" = rport=67 | protocol=17 | dir=out | svc=dhcp | app=c:\windows\system32\svchost.exe |
"{62DE2E18-206A-4303-BFC5-5FF7053A05F0}" = lport=2869 | protocol=6 | dir=in | app=system |
"{9D66B51B-0F8E-42D3-BB8F-2FF23A624C17}" = rport=53 | protocol=17 | dir=out | svc=dnscache | app=c:\windows\system32\svchost.exe |
"{C46C8EB1-753F-4A16-BE4E-F9B4AC1EB901}" = lport=teredo | protocol=17 | dir=in | svc=iphlpsvc | app=c:\windows\system32\svchost.exe |
"{DA96AB03-97EF-45C4-83B5-5213EA3257B4}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{1B1ABE66-72DD-4131-BBEC-59AFDD82B434}" = protocol=58 | dir=in | app=system |
"{21268656-1644-47E6-8394-839B6E6FE5D3}" = protocol=58 | dir=out | name=core networking - parameter problem (icmpv6-out) |
"{23013D48-4CE7-4946-8FD7-D078C2C7EED4}" = protocol=58 | dir=in | app=system |
"{2CB5CED7-7D91-4D51-BC97-C84DBEA06FAD}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg10\avgdiagex.exe |
"{2D9942BB-4772-4DC6-8EF2-1524DF4BC792}" = protocol=41 | dir=in | app=system |
"{305F5887-D277-4821-93D8-8A71857A9D5A}" = protocol=58 | dir=in | app=system |
"{315E4C98-2080-404A-AE20-884F3B0CECE4}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{35159C6E-511E-4B03-9F79-62F9F02E4B4F}" = dir=in | app=c:\program files (x86)\hewlett-packard\touchsmart\media\hptouchsmartmusic.exe |
"{3629A361-0984-4B70-91EA-620C3C7ADFF6}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\tv\qp.exe |
"{38E8AA13-07CC-4DAC-AA41-393C42FDD556}" = protocol=17 | dir=out | svc=iphlpsvc | app=c:\windows\system32\svchost.exe |
"{4AA21C41-8300-415C-BC32-6D13896120B1}" = protocol=2 | dir=out | app=system |
"{4E20BFA2-EFF3-4EB1-A799-68915BCE4817}" = protocol=1 | dir=in | app=system |
"{52DBB3A8-20FF-47E2-898E-BCCD1132C76A}" = protocol=58 | dir=out | name=core networking - router solicitation (icmpv6-out) |
"{562E4C30-6076-4300-AC2B-E96E9854C4A7}" = protocol=58 | dir=in | app=system |
"{5A5471D4-681C-4B53-BB4E-995A21727841}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\tv\qpservice.exe |
"{5BEC852D-0385-4B20-BB23-ABE40E99AFF8}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\tsmagent.exe |
"{648055A9-8657-4E55-B56F-1C3F4016470D}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\hptouchsmartmusic.exe |
"{64F01AB1-541F-403D-8D3E-3F59C520AD73}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\hptouchsmartphoto.exe |
"{650062FC-B198-4E30-90DF-3E793FEA80D3}" = protocol=58 | dir=in | app=system |
"{670B2F29-50CD-4B21-B800-9256BE2D5F84}" = dir=in | app=c:\program files (x86)\hewlett-packard\touchsmart\media\hptouchsmartphoto.exe |
"{7520026B-DF60-446D-93F6-24E17D5E220F}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\hpdvdsmart.exe |
"{7E0E4559-4494-481F-85A9-B427DD69ECB4}" = protocol=58 | dir=out | name=core networking - time exceeded (icmpv6-out) |
"{84E22443-805A-4266-94FA-35BF08302DB8}" = protocol=58 | dir=out | name=core networking - neighbor discovery solicitation (icmpv6-out) |
"{96C431F0-BE80-4B63-B196-0FAF7F25BBA1}" = dir=in | app=c:\program files (x86)\hewlett-packard\touchsmart\media\kernel\clml\clmlsvc.exe |
"{9ADA97C1-AD89-421B-B934-2A6E42A9305D}" = protocol=58 | dir=out | name=core networking - multicast listener query (icmpv6-out) |
"{A17BE4F5-0277-48E0-8C82-4559FFF49106}" = protocol=58 | dir=out | name=core networking - neighbor discovery advertisement (icmpv6-out) |
"{A3F25E57-E840-4663-A438-4B032CAF65C4}" = dir=in | app=c:\program files (x86)\windows live\messenger\wlcsdk.exe |
"{A49DE0E3-3CA3-49DE-A2A3-A8092A260E5B}" = protocol=58 | dir=out | name=core networking - multicast listener report v2 (icmpv6-out) |
"{AFF79391-F267-4647-B4F7-7EBC998CFF08}" = protocol=58 | dir=out | name=core networking - router advertisement (icmpv6-out) |
"{B3A14B94-99A0-4783-9437-5C4D9B7B4AA4}" = protocol=58 | dir=out | name=core networking - packet too big (icmpv6-out) |
"{B7120B76-F4DC-456F-9D6F-A2EF9715A0A3}" = protocol=58 | dir=in | app=system |
"{B8C0F05D-5A42-47E4-B5D2-4CFF36E5C4FF}" = protocol=58 | dir=out | name=core networking - multicast listener done (icmpv6-out) |
"{BD96A708-2E8E-44A5-A64B-90A94B38D5D3}" = dir=in | app=c:\program files (x86)\hewlett-packard\touchsmart\media\hptouchsmartvideo.exe |
"{C094D901-4E25-45D0-9BBD-D74D39E07805}" = protocol=58 | dir=in | app=system |
"{C758B150-9812-4A52-BBAD-4126AD0621F5}" = protocol=58 | dir=out | name=core networking - multicast listener report (icmpv6-out) |
"{CA1AFF5D-E35A-4C24-86CC-8BBB5D16FE8E}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg10\avgmfapx.exe |
"{CC953F42-3359-4D58-8390-C173BD801189}" = dir=in | app=c:\program files (x86)\cyberlink\powerdirector\pdr.exe |
"{CC9FA42B-2276-4EAB-99AF-C385343B103B}" = protocol=58 | dir=in | app=system |
"{CE1CCEE5-6787-4C4A-B2C8-A3B5A334F445}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg10\avgdiagex.exe |
"{CE70E2DF-8E88-4DA5-87EE-F328D40ACB04}" = protocol=58 | dir=in | app=system |
"{CFABAA10-79A2-4381-B655-8BC7047414F8}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\kernel\clml\clmlsvc.exe |
"{D0FD5794-4E08-48D7-8979-48E4295B8B68}" = protocol=58 | dir=in | app=system |
"{D1D696C2-A9A0-470D-B292-8C35608E9271}" = protocol=2 | dir=in | app=system |
"{D5433855-99AC-4266-9F78-B60F6BEDC2B7}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{DCE37FB4-53BA-4F8C-9C3E-F37D9161D3F9}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\hptouchsmartvideo.exe |
"{E6F0F50C-E070-4344-9D93-2A6831DE0574}" = protocol=58 | dir=in | app=system |
"{EF090882-75E2-46F5-91F3-7F02A82F887B}" = protocol=58 | dir=in | app=system |
"{F09A9452-1A59-421B-A2AF-AF85E8A0DED3}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg10\avgmfapx.exe |
"{F2A6E25A-A137-40FB-B9F5-23634939031E}" = dir=in | app=c:\program files (x86)\hewlett-packard\touchsmart\media\tsmagent.exe |
"{F49FB6F4-F5F7-4D9A-B318-FC394F03886E}" = protocol=41 | dir=out | app=system |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{2F97CE84-9C33-4631-821B-85EA371EA254}" = ProtectSmart Hard Drive Protection
"{319B58E8-4C80-4912-8EA7-24A9658120C6}" = AVG 2011
"{4FFA2088-8317-3B14-93CD-4C699DB37843}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729
"{5BF8A577-B334-49BE-A7B2-349C1F1B0C58}" = AVG 2011
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{B87BB2A8-5921-9B18-BBB5-D9A42F9CD3E1}" = ccc-utility64
"{C6CFAF5A-12F9-485E-EAD7-7FA1D3E5B943}" = ATI Catalyst Install Manager
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D4DF3FD3-4467-47EF-8D4A-AF1E691E34F5}" = Logitech Webcam Software
"{EE936C7A-EA40-31D5-9B65-8E3E089C3828}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148
"{F1568AA6-5982-4AFB-A871-C68E4328BC3B}" = HP MediaSmart SmartMenu
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"Agere Systems Soft Modem" = Agere Systems HDA Modem
"AVG" = AVG 2011
"Lexmark 5400 Series" = Lexmark 5400 Series
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"SynTPDeinstKey" = Synaptics Pointing Device Driver

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00203668-8170-44A0-BE44-B632FA4D780F}" = Adobe AIR
"{002471C5-6F62-D6CD-D6E5-A0F20F079B8B}" = Catalyst Control Center Localization Polish
"{004B0DCB-4C60-465B-8F01-44B0A4111187}" = SlingPlayer
"{0054A0F6-00C9-4498-B821-B5C9578F433E}" = HP Help and Support
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = HP MediaSmart Webcam
"{03819281-0870-65EE-24B0-A7DEDE9F796A}" = Catalyst Control Center Localization Chinese Traditional
"{04F66470-CEA7-BF9A-1885-8E1A3474825A}" = CCC Help Danish
"{08062F2F-926A-D7EC-57E9-AB97AA0D7FDA}" = CCC Help Finnish
"{082702D5-5DD8-4600-BCE5-48B15174687F}" = HP Doc Viewer
"{0CAB8CDF-232E-F28F-A017-B388F41FACCB}" = CCC Help Portuguese
"{0E7DBD52-B097-4F2B-A7C7-F105B0D20FDB}" = LightScribe System Software 1.14.17.1
"{149BBCB8-674F-48D2-969C-9D0EA88DA7D6}" = HP User Guides 0129
"{150FE68F-EE0C-4867-150A-D74FECBB8448}" = Catalyst Control Center Graphics Light
"{154A4184-1A3D-4BF9-A5AE-4FA1660445F3}" = HP Total Care Advisor
"{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}" = Microsoft Works
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{187817E2-6407-461C-B59B-56CE73363D34}" = Catalyst Control Center - Branding
"{1BD05B04-7A33-409A-A714-613163E41935}" = BlackBerry Desktop Software 5.0.1
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{226b64e8-dc75-4eea-a6c8-abcb496320f2}-Google Talk" = Google Talk (remove only)
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{254C37AA-6B72-4300-84F6-98A82419187E}" = ActiveCheck component for HP Active Support Library
"{265C893D-9D3D-4CE6-A317-9FFF1C6C9C44}" = RealProducer Basic 11
"{26604C7E-A313-4D12-867F-7C6E7820BE4C}" = JMicron JMB38X Flash Media Controller
"{2680244D-0FBA-4856-EBE3-9D67E61EB46F}" = Catalyst Control Center Localization Spanish
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java™ 6 Update 20
"{2BDFE775-48C0-3E1C-895C-DACC33CC52F0}" = Catalyst Control Center Localization Greek
"{2C8CC208-965C-48A1-90A8-DFB484358F1C}" = FaxRedist
"{2DAD2930-DFC1-AD0F-E63D-B3E95451CD68}" = CCC Help Greek
"{2F59397E-50B1-3CA6-2F8C-03773D40BE3B}" = Catalyst Control Center Graphics Full New
"{2FDBBCEA-62DB-45F4-B6E5-0E1FB2A1F29D}" = Visual C++ 8.0 Runtime Setup Package (x64)
"{34D2AB40-150D-475D-AE32-BD23FB5EE355}" = HP Quick Launch Buttons 6.40 L1
"{352310C3-E46B-42D3-8F32-54721FDD72D9}" = NetZero Preloader
"{35CC44E6-5916-89DC-16B6-7ADE609211CE}" = Catalyst Control Center Localization Finnish
"{3877C901-7B90-4727-A639-B6ED2DD59D43}" = ESU for Microsoft Vista
"{3A9C19FE-D61C-50DA-6FAF-7FB941B538A0}" = Catalyst Control Center Localization French
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3BAB23A6-5272-F52D-1AF0-29419F1362B4}" = Catalyst Control Center Localization Italian
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"{415B2719-AD3A-4944-B404-C472DB6085B3}" = Cisco EAP-FAST Module
"{43F8F1E5-C740-4293-A309-EA9DD6474DB1}" = MotionDV STUDIO 5.3E LE for DV
"{445F6483-40DC-61B5-849D-35274D96DBA3}" = Catalyst Control Center Localization Czech
"{45338B07-A236-4270-9A77-EBB4115517B5}" = Windows Live Sign-in Assistant
"{45A136EC-88BF-4B95-99F5-C45D3930E1CC}" = HP MULTIPLE MODEM INSTALLER for VISTA
"{47F36D92-E58E-456D-B73C-3382737E4C42}" = HP Update
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A239818-F5F7-7AE8-9FD3-08F435ED88D0}" = Skins
"{4C17CE6E-4838-819F-01BE-7EEE6181914A}" = Catalyst Control Center Localization Norwegian
"{4C4EA31F-AE29-2517-5E92-3EFB1FD7B896}" = CCC Help Hungarian
"{4FBCEA31-5D18-4212-9231-DE7CF1BE7DBB}" = Logitech Vid
"{527CF1CA-D98B-504D-833B-69DA9A8A5AD6}" = CCC Help Czech
"{541DEAC0-5F3D-45E6-B7CB-94ECF3B96748}" = Skype web features
"{54CC7901-804D-4155-B353-21F0CC9112AB}" = HP Wireless Assistant
"{57A5AEC1-97FC-474D-92C4-908FCC2253D4}" = HP Customer Experience Enhancements
"{5B99A0A7-0B21-2CD6-474D-8D67177BD4D6}" = Catalyst Control Center Localization Dutch
"{5CFE0191-1ECE-7BD5-8AEF-069ED59A01BB}" = Catalyst Control Center Localization Korean
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{6244BAF3-F26D-A695-1EF6-D9A3C0A6DAA1}" = Catalyst Control Center Graphics Previews Common
"{6423EF83-6E1D-4D22-A36F-689CD19FD4D2}" = Juno Preloader
"{6570A194-A52D-9F23-EA48-90D7C6F20BE9}" = Catalyst Control Center Localization Swedish
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{666F0B45-78DA-FAA3-AB14-43CAEEA3D475}" = Catalyst Control Center Localization Russian
"{669C7BD8-DAA2-49B6-966C-F1E2AAE6B17E}" = Cisco PEAP Module
"{669D4A35-146B-4314-89F1-1AC3D7B88367}" = HPAsset component for HP Active Support Library
"{66B6555E-07BF-3FCB-191F-BCD75650F1F2}" = CCC Help Italian
"{67626E09-5366-4480-8F1E-93FADF50CA15}" = HP MediaSmart TV
"{67F6A6BA-E225-4BF5-8E7C-BB4AE25EDCBC}" = Catalyst Control Center InstallProxy
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69E1907C-E9EA-7A5A-79ED-47FF2B5BFDFB}" = Catalyst Control Center Localization Danish
"{6A370610-3778-44AF-9AAC-69B2FD1A3356}" = Microsoft Live Search Toolbar
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{732A3F80-008B-4350-BD58-EC5AE98707B8}" = HP Common Access Service Library
"{75D0438A-55FB-DD38-0745-5D370179CAC7}" = CCC Help French
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{77DCDCE3-2DED-62F3-8154-05E745472D07}" = Acrobat.com
"{786C5694-F5C0-4215-92B7-EE77A4E7319C}" = PHStat2 version 2.7
"{793C0C7E-7977-C9B5-B427-FDF95F2D1636}" = Catalyst Control Center Localization Hungarian
"{7B798B31-2F33-4DC8-BDA4-D36488E86636}" = Slingbox - Watch Your TV Anywhere
"{7CA1269D-86E6-91A8-DD66-9CF6838821BF}" = Catalyst Control Center Localization Portuguese
"{81128EE8-8EAD-4DB0-85C6-17C2CE50FF71}" = Windows Live Essentials
"{812C53D9-39EC-0511-04E4-5430A4747FB5}" = CCC Help German
"{83770D14-21B9-44B3-8689-F7B523F94560}" = Cisco LEAP Module
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8169, 8168, 8101E and 8102E Ethernet Network Card Driver for Windows Vista
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{91110409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{9527A496-5DF9-412A-ADC7-168BA5379CA6}" = Microsoft Flight Simulator X
"{95A747E0-DF19-46CB-A622-20A0107201BD}" = HP Total Care Setup
"{A1940302-F0F9-132F-C521-A5D0E24FAC1D}" = CCC Help Thai
"{A2315CF8-E14F-FA46-B1F1-20E0E5483ADB}" = Catalyst Control Center Localization Thai
"{A3AB35FA-943E-4799-99DC-46EFD59E998F}" = AMD USB Audio Driver Filter
"{A8411EDB-6A00-8D1A-584B-7A932F44A0C9}" = CCC Help Japanese
"{A85FD55B-891B-4314-97A5-EA96C0BD80B5}" = Windows Live Messenger
"{AC5CD4CF-3802-623E-AD97-D188785EF411}" = CCC Help Polish
"{AC76BA86-1033-F400-7760-000000000004}" = Adobe Acrobat 9 Pro - English, Français, Deutsch
"{AC76BA86-1033-F400-7760-000000000004}_932" = Adobe Acrobat 9.3.2 - CPSID_53951
"{AC76BA86-1033-F400-7760-000000000004}{AC76BA86-1033-F400-7760-000000000004}" = Adobe Acrobat 9 Pro - English, Français, Deutsch
"{AC76BA86-7AD7-1033-7B44-A94000000001}" = Adobe Reader 9.4.1
"{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}" = ABBYY FineReader 6.0 Sprint
"{B2EE25B9-5B00-4ACF-94F0-92433C28C39E}" = HP MediaSmart Music/Photo/Video
"{B9275904-9237-94A3-2144-E3D6A62B57E9}" = CCC Help Turkish
"{C3A32068-8AB1-4327-BB16-BED9C6219DC7}" = Atheros Driver Installation Program
"{C48EB957-0CCB-D590-AB3F-B3F8A14ECC2F}" = Catalyst Control Center Graphics Full Existing
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"{C656142F-EFE1-44CD-BFAD-6CBC6DCB9860}" = Vodafone Mobile Connect Lite
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"{CBA7FD59-19A7-5724-5646-CF307326CC18}" = Catalyst Control Center Core Implementation
"{CC7A4274-E6F2-2351-DA6A-07AB73896609}" = CCC Help Norwegian
"{CD7D2C01-F3C8-4127-325D-49853FCCDB62}" = Catalyst Control Center Localization German
"{CE7E3BE0-2DD3-4416-A690-F9E4A99A8CFF}" = HP Active Support Library
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.1
"{D1E7EA15-5F96-728C-AF32-E1CFF8F9CE44}" = CCC Help Swedish
"{D47419B2-62BD-6B53-A96F-7E2F6F3D50C0}" = Catalyst Control Center Localization Turkish
"{D62C79B5-44E0-DEC0-AF01-6A1404E093E9}" = CCC Help Spanish
"{DAEAFD68-BB4A-4507-A241-C8804D2EA66D}" = Apple Application Support
"{DCCAD079-F92C-44DA-B258-624FC6517A5A}" = HP MediaSmart DVD
"{E12F2B78-CF64-2438-391F-3D3411A6E193}" = CCC Help English
"{E2883E8F-472F-4fb0-9522-AC9BF37916A7}" = Adobe Download Manager
"{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}" = IDT Audio
"{E5C3A144-0F9B-8F3E-F1A3-2BB7B26014A6}" = ccc-core-static
"{E8020EC7-5DD8-80C9-7237-7B2E9BDA8CC6}" = muvee Reveal
"{E8B11A27-5CA6-748E-0F68-159CCF789DF3}" = CCC Help Dutch
"{ECEE0279-785F-4CB3-9F28-E69813234BF8}" = SPORE Creature Creator Trial Edition
"{ED65A382-3F80-D5A8-CCE0-DAB59D85CA91}" = CCC Help Russian
"{EDBB71B2-3C17-4EA5-ED91-E2EA5C2305CF}" = CCC Help Korean
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F250EA7A-F117-2CCE-03E7-BB62C2BF476C}" = Catalyst Control Center Graphics Previews Vista
"{F38CC586-4703-CE3C-F466-D7821E87926A}" = Catalyst Control Center Localization Chinese Standard
"{F62F62BD-E5C5-56E3-6CF6-00407B743E32}" = CCC Help Chinese Traditional
"{F6BD194C-4190-4D73-B1B1-C48C99921BFE}" = Windows Live Call
"{FAF7448B-7AB8-8C58-745E-1551CB481C3D}" = CCC Help Chinese Standard
"{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}" = Visual Studio 2008 x64 Redistributables
"{FDE3DBB7-AA79-AA91-ABE9-3696883FAB20}" = Catalyst Control Center Localization Japanese
"7-Zip" = 7-Zip 4.65
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"BlackBerry_{1BD05B04-7A33-409A-A714-613163E41935}" = BlackBerry Desktop Software 5.0.1
"Bridge_Base_Online" = Bridge Base Online
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"DivX Setup.divx.com" = DivX Setup
"HP.MediaSmartSlingPlayer_is1" = HP MediaSmart SlingPlayer
"InstallShield_{004B0DCB-4C60-465B-8F01-44B0A4111187}" = SlingPlayer
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = HP MediaSmart Webcam
"InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"InstallShield_{67626E09-5366-4480-8F1E-93FADF50CA15}" = HP MediaSmart TV
"InstallShield_{9527A496-5DF9-412A-ADC7-168BA5379CA6}" = Microsoft Flight Simulator X
"InstallShield_{B2EE25B9-5B00-4ACF-94F0-92433C28C39E}" = HP MediaSmart Music/Photo/Video
"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}" = HP MediaSmart DVD
"Juniper Network Connect 6.3.0" = Juniper Networks Network Connect 6.3.0
"Juniper_Setup_Client Activex Control" = Juniper Networks Setup Client Activex Control
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Mozilla Firefox (3.6.12)" = Mozilla Firefox (3.6.12)
"NIS" = Norton Internet Security
"NSS" = Norton Security Scan
"PocketRAR" = Pocket RAR documentation
"PrimoPDF" = PrimoPDF -- by Nitro PDF Software
"RealPlayer 12.0" = RealPlayer
"Sophos-AntiRootkit" = Sophos Anti-Rootkit 1.5.4
"WildTangent hp Master Uninstall" = HP Games
"WinLiveSuite_Wave3" = Windows Live Essentials

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
"Juniper_Setup_Client" = Juniper Networks Setup Client
"Move Media Player" = Move Media Player
"Neoteris_Host_Checker" = Juniper Networks Host Checker

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 10/6/2010 4:50:32 AM | Computer Name = Evermore | Source = SideBySide | ID = 16842830
Description = Activation context generation failed for "C:\Program Files (x86)\Adobe\Acrobat
9.0\Designer 8.2\FormDesigner.exe".Error in manifest or policy file "" on line
. A component version required by the application conflicts with another component
version already active. Conflicting components are:. Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_1509f8bef40ee4da.manifest.
Component
2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0.manifest.

Error - 10/6/2010 5:04:05 AM | Computer Name = Evermore | Source = SideBySide | ID = 16842830
Description = Activation context generation failed for "C:\Program Files (x86)\Adobe\Acrobat
9.0\Designer 8.2\FormDesigner.exe".Error in manifest or policy file "" on line
. A component version required by the application conflicts with another component
version already active. Conflicting components are:. Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_1509f8bef40ee4da.manifest.
Component
2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0.manifest.

Error - 10/6/2010 5:04:06 AM | Computer Name = Evermore | Source = SideBySide | ID = 16842830
Description = Activation context generation failed for "C:\Program Files (x86)\Adobe\Acrobat
9.0\Designer 8.2\FormDesigner.exe".Error in manifest or policy file "" on line
. A component version required by the application conflicts with another component
version already active. Conflicting components are:. Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_1509f8bef40ee4da.manifest.
Component
2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0.manifest.

Error - 10/6/2010 5:04:10 AM | Computer Name = Evermore | Source = EventSystem | ID = 4609
Description =

Error - 10/6/2010 5:04:22 AM | Computer Name = Evermore | Source = SideBySide | ID = 16842830
Description = Activation context generation failed for "C:\Program Files (x86)\Adobe\Acrobat
9.0\Designer 8.2\FormDesigner.exe".Error in manifest or policy file "" on line
. A component version required by the application conflicts with another component
version already active. Conflicting components are:. Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_1509f8bef40ee4da.manifest.
Component
2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0.manifest.

Error - 10/6/2010 5:04:58 AM | Computer Name = Evermore | Source = WinMgmt | ID = 10
Description =

Error - 10/6/2010 9:57:49 AM | Computer Name = Evermore | Source = VMCService | ID = 0
Description = conflictManagerTypeValue

Error - 10/6/2010 9:57:52 AM | Computer Name = Evermore | Source = SideBySide | ID = 16842830
Description = Activation context generation failed for "C:\Program Files (x86)\Adobe\Acrobat
9.0\Designer 8.2\FormDesigner.exe".Error in manifest or policy file "" on line
. A component version required by the application conflicts with another component
version already active. Conflicting components are:. Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_1509f8bef40ee4da.manifest.
Component
2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0.manifest.

Error - 10/6/2010 9:57:52 AM | Computer Name = Evermore | Source = SideBySide | ID = 16842830
Description = Activation context generation failed for "C:\Program Files (x86)\Adobe\Acrobat
9.0\Designer 8.2\FormDesigner.exe".Error in manifest or policy file "" on line
. A component version required by the application conflicts with another component
version already active. Conflicting components are:. Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_1509f8bef40ee4da.manifest.
Component
2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0.manifest.

Error - 10/6/2010 9:58:08 AM | Computer Name = Evermore | Source = WinMgmt | ID = 10
Description =

[ System Events ]
Error - 11/18/2010 2:39:19 PM | Computer Name = Evermore | Source = atapi | ID = 262155
Description = The driver detected a controller error on \Device\Ide\IdePort0.

Error - 11/18/2010 2:39:19 PM | Computer Name = Evermore | Source = atapi | ID = 262155
Description = The driver detected a controller error on \Device\Ide\IdePort0.

Error - 11/18/2010 2:52:06 PM | Computer Name = Evermore | Source = atapi | ID = 262155
Description = The driver detected a controller error on \Device\Ide\IdePort0.

Error - 11/18/2010 2:52:06 PM | Computer Name = Evermore | Source = atapi | ID = 262155
Description = The driver detected a controller error on \Device\Ide\IdePort0.

Error - 11/18/2010 2:52:06 PM | Computer Name = Evermore | Source = atapi | ID = 262155
Description = The driver detected a controller error on \Device\Ide\IdePort0.

Error - 11/18/2010 2:52:06 PM | Computer Name = Evermore | Source = atapi | ID = 262155
Description = The driver detected a controller error on \Device\Ide\IdePort0.

Error - 11/18/2010 2:52:06 PM | Computer Name = Evermore | Source = atapi | ID = 262155
Description = The driver detected a controller error on \Device\Ide\IdePort0.

Error - 11/18/2010 2:52:06 PM | Computer Name = Evermore | Source = atapi | ID = 262155
Description = The driver detected a controller error on \Device\Ide\IdePort0.

Error - 11/18/2010 2:52:06 PM | Computer Name = Evermore | Source = atapi | ID = 262155
Description = The driver detected a controller error on \Device\Ide\IdePort0.

Error - 11/18/2010 2:52:06 PM | Computer Name = Evermore | Source = atapi | ID = 262155
Description = The driver detected a controller error on \Device\Ide\IdePort0.


< End of report >


MBRCheck, version 1.2.3
© 2010, AD

Command-line:
Windows Version: Windows Vista Home Premium Edition
Windows Information: Service Pack 2 (build 6002), 64-bit
Base Board Manufacturer: Compal
BIOS Manufacturer: Hewlett-Packard
System Manufacturer: Hewlett-Packard
System Product Name: HP Pavilion dv7 Notebook PC
Logical Drives Mask: 0x0000001c

Kernel Drivers (total 213):
0x02262000 \SystemRoot\system32\ntoskrnl.exe
0x0221C000 \SystemRoot\system32\hal.dll
0x00605000 \SystemRoot\system32\kdcom.dll
0x0060F000 \SystemRoot\system32\PSHED.dll
0x00623000 \SystemRoot\system32\CLFS.SYS
0x00680000 \SystemRoot\system32\CI.dll
0x00803000 \SystemRoot\system32\drivers\Wdf01000.sys
0x008DD000 \SystemRoot\system32\drivers\WDFLDR.SYS
0x008EB000 \SystemRoot\system32\drivers\acpi.sys
0x00941000 \SystemRoot\system32\drivers\WMILIB.SYS
0x0094A000 \SystemRoot\system32\drivers\msisadrv.sys
0x00954000 \SystemRoot\system32\drivers\pci.sys
0x00984000 \SystemRoot\system32\drivers\isapnp.sys
0x0098D000 \SystemRoot\system32\drivers\mpio.sys
0x009AF000 \SystemRoot\System32\drivers\partmgr.sys
0x009C4000 \SystemRoot\system32\DRIVERS\compbatt.sys
0x009C8000 \SystemRoot\system32\DRIVERS\BATTC.SYS
0x009D4000 \SystemRoot\system32\drivers\volmgr.sys
0x00732000 \SystemRoot\System32\drivers\volmgrx.sys
0x009E8000 \SystemRoot\system32\drivers\intelide.sys
0x009F0000 \SystemRoot\system32\drivers\PCIIDEX.SYS
0x00798000 \SystemRoot\system32\drivers\pciide.sys
0x0079F000 \SystemRoot\system32\drivers\aliide.sys
0x007A6000 \SystemRoot\system32\drivers\amdide.sys
0x007AD000 \SystemRoot\system32\drivers\cmdide.sys
0x007B5000 \SystemRoot\System32\drivers\mountmgr.sys
0x007C8000 \SystemRoot\system32\drivers\msdsm.sys
0x00A00000 \SystemRoot\system32\drivers\nvraid.sys
0x00A23000 \SystemRoot\system32\drivers\CLASSPNP.SYS
0x00A4F000 \SystemRoot\system32\drivers\viaide.sys
0x00A57000 \SystemRoot\system32\drivers\iastorv.sys
0x00B1E000 \SystemRoot\system32\drivers\atapi.sys
0x00B26000 \SystemRoot\system32\drivers\ataport.SYS
0x00B4A000 \SystemRoot\system32\drivers\lsi_scsi.sys
0x00B68000 \SystemRoot\system32\drivers\storport.sys
0x00BC5000 \SystemRoot\system32\drivers\msahci.sys
0x00BCF000 \SystemRoot\system32\drivers\hpcisss.sys
0x00C00000 \SystemRoot\system32\drivers\adp94xx.sys
0x00C79000 \SystemRoot\system32\drivers\adpahci.sys
0x00CCF000 \SystemRoot\system32\drivers\adpu160m.sys
0x00CF0000 \SystemRoot\system32\drivers\SCSIPORT.SYS
0x00D1E000 \SystemRoot\system32\drivers\adpu320.sys
0x00D4D000 \SystemRoot\system32\drivers\djsvs.sys
0x00D65000 \SystemRoot\system32\drivers\arc.sys
0x00D7E000 \SystemRoot\system32\drivers\arcsas.sys
0x00E05000 \SystemRoot\system32\drivers\elxstor.sys
0x00EA8000 \SystemRoot\system32\drivers\i2omp.sys
0x00EB3000 \SystemRoot\system32\drivers\iirsp.sys
0x00EC4000 \SystemRoot\system32\drivers\iteatapi.sys
0x00ED1000 \SystemRoot\system32\drivers\iteraid.sys
0x00EDE000 \SystemRoot\system32\drivers\lsi_fc.sys
0x00EFC000 \SystemRoot\system32\drivers\lsi_sas.sys
0x00F18000 \SystemRoot\system32\drivers\megasas.sys
0x00F24000 \SystemRoot\system32\drivers\megasr.sys
0x00FEB000 \SystemRoot\system32\drivers\mraid35x.sys
0x00D97000 \SystemRoot\system32\drivers\nfrd960.sys
0x00DA7000 \SystemRoot\system32\drivers\nvstor.sys
0x01005000 \SystemRoot\system32\drivers\ql2300.sys
0x01157000 \SystemRoot\system32\drivers\ql40xx.sys
0x011B5000 \SystemRoot\system32\drivers\sisraid2.sys
0x011C3000 \SystemRoot\system32\drivers\sisraid4.sys
0x011D9000 \SystemRoot\system32\drivers\symc8xx.sys
0x011E7000 \SystemRoot\system32\drivers\sym_hi.sys
0x00DB7000 \SystemRoot\system32\drivers\sym_u3.sys
0x0120A000 \SystemRoot\system32\drivers\uliahci.sys
0x01253000 \SystemRoot\system32\drivers\ulsata.sys
0x01282000 \SystemRoot\system32\drivers\ulsata2.sys
0x012C4000 \SystemRoot\system32\drivers\vsmraid.sys
0x012EB000 \SystemRoot\system32\drivers\fltmgr.sys
0x01332000 \SystemRoot\system32\drivers\fileinfo.sys
0x01346000 \SystemRoot\system32\drivers\NISx64\1005000.087\SYMEFA64.SYS
0x0140B000 \SystemRoot\System32\Drivers\ksecdd.sys
0x0160D000 \SystemRoot\system32\drivers\ndis.sys
0x01492000 \SystemRoot\system32\drivers\msrpc.sys
0x014E2000 \SystemRoot\system32\drivers\NETIO.SYS
0x01809000 \SystemRoot\System32\drivers\tcpip.sys
0x0197F000 \SystemRoot\System32\drivers\fwpkclnt.sys
0x01A0E000 \SystemRoot\System32\Drivers\Ntfs.sys
0x01B8E000 \SystemRoot\system32\drivers\wd.sys
0x01B96000 \SystemRoot\system32\drivers\volsnap.sys
0x01BDA000 \SystemRoot\System32\Drivers\spldr.sys
0x01BE2000 \SystemRoot\system32\drivers\sbp2port.sys
0x019AB000 \SystemRoot\System32\Drivers\mup.sys
0x019BD000 \SystemRoot\System32\drivers\ecache.sys
0x01A00000 \SystemRoot\system32\DRIVERS\hpdskflt.sys
0x019E9000 \SystemRoot\system32\drivers\disk.sys
0x017D0000 \SystemRoot\system32\drivers\crcdisk.sys
0x017DA000 \SystemRoot\system32\DRIVERS\avgrkx64.sys
0x017E4000 \SystemRoot\system32\DRIVERS\AVGIDSEH.Sys
0x01800000 \SystemRoot\system32\DRIVERS\AtiPcie.sys
0x01545000 \SystemRoot\system32\DRIVERS\tunnel.sys
0x01552000 \SystemRoot\system32\DRIVERS\tunmp.sys
0x0155B000 \SystemRoot\system32\DRIVERS\processr.sys
0x12A0D000 \SystemRoot\system32\DRIVERS\atikmdag.sys
0x130C0000 \SystemRoot\System32\drivers\dxgkrnl.sys
0x131A3000 \SystemRoot\System32\drivers\watchdog.sys
0x1320E000 \SystemRoot\system32\DRIVERS\HDAudBus.sys
0x1340E000 \SystemRoot\system32\DRIVERS\athrx.sys
0x13531000 \SystemRoot\system32\DRIVERS\Rtlh64.sys
0x1355C000 \SystemRoot\system32\DRIVERS\cdrom.sys
0x13578000 \SystemRoot\system32\DRIVERS\usbohci.sys
0x13583000 \SystemRoot\system32\DRIVERS\USBPORT.SYS
0x135C9000 \SystemRoot\system32\DRIVERS\usbfilter.sys
0x135D3000 \SystemRoot\system32\DRIVERS\USBD.SYS
0x135D5000 \SystemRoot\system32\DRIVERS\usbehci.sys
0x135E6000 \SystemRoot\system32\DRIVERS\i8042prt.sys
0x13400000 \SystemRoot\system32\DRIVERS\HpqKbFiltr.sys
0x13322000 \SystemRoot\system32\DRIVERS\kbdclass.sys
0x13330000 \SystemRoot\system32\DRIVERS\SynTP.sys
0x13385000 \SystemRoot\system32\DRIVERS\mouclass.sys
0x13391000 \SystemRoot\system32\DRIVERS\CmBatt.sys
0x13396000 \SystemRoot\system32\DRIVERS\enecir.sys
0x133B2000 \SystemRoot\system32\DRIVERS\Accelerometer.sys
0x133BE000 \SystemRoot\system32\DRIVERS\wmiacpi.sys
0x133C7000 \SystemRoot\system32\DRIVERS\dsNcAdX64.sys
0x131B3000 \SystemRoot\system32\DRIVERS\msiscsi.sys
0x133D3000 \SystemRoot\system32\DRIVERS\TDI.SYS
0x133E0000 \SystemRoot\System32\Drivers\RootMdm.sys
0x133E8000 \SystemRoot\system32\drivers\modem.sys
0x0156E000 \SystemRoot\system32\DRIVERS\rasl2tp.sys
0x13200000 \SystemRoot\system32\DRIVERS\ndistapi.sys
0x01591000 \SystemRoot\system32\DRIVERS\ndiswan.sys
0x131EC000 \SystemRoot\system32\DRIVERS\raspppoe.sys
0x015C2000 \SystemRoot\system32\DRIVERS\raspptp.sys
0x015E0000 \SystemRoot\system32\DRIVERS\rassstp.sys
0x133F7000 \SystemRoot\system32\DRIVERS\RimSerial_AMD64.sys
0x013AD000 \SystemRoot\system32\DRIVERS\termdd.sys
0x1340C000 \SystemRoot\system32\DRIVERS\swenum.sys
0x013C0000 \SystemRoot\system32\DRIVERS\ks.sys
0x00DC5000 \SystemRoot\system32\DRIVERS\circlass.sys
0x12A00000 \SystemRoot\system32\DRIVERS\mssmbios.sys
0x00DD6000 \SystemRoot\system32\DRIVERS\umbus.sys
0x13E09000 \SystemRoot\system32\DRIVERS\usbhub.sys
0x13E51000 \SystemRoot\System32\Drivers\NDProxy.SYS
0x13E65000 \SystemRoot\system32\drivers\HdAudio.sys
0x13EAE000 \SystemRoot\system32\drivers\portcls.sys
0x13EE9000 \SystemRoot\system32\drivers\drmk.sys
0x13F0C000 \SystemRoot\system32\drivers\ksthunk.sys
0x13F12000 \SystemRoot\system32\DRIVERS\stwrt64.sys
0x14A06000 \SystemRoot\system32\DRIVERS\agrsm64.sys
0x14B42000 \SystemRoot\system32\DRIVERS\hidir.sys
0x14B4D000 \SystemRoot\system32\DRIVERS\HIDCLASS.SYS
0x14B5F000 \SystemRoot\system32\DRIVERS\HIDPARSE.SYS
0x14B67000 \SystemRoot\system32\DRIVERS\kbdhid.sys
0x14B72000 \SystemRoot\system32\DRIVERS\mouhid.sys
0x14B7D000 \SystemRoot\system32\DRIVERS\avgmfx64.sys
0x14B8C000 \SystemRoot\System32\Drivers\Fs_Rec.SYS
0x14B96000 \SystemRoot\System32\Drivers\Null.SYS
0x14B9F000 \SystemRoot\System32\drivers\vga.sys
0x14BAD000 \SystemRoot\System32\drivers\VIDEOPRT.SYS
0x14BD2000 \SystemRoot\system32\DRIVERS\usbccgp.sys
0x14BEE000 \SystemRoot\System32\DRIVERS\RDPCDD.sys
0x13F89000 \SystemRoot\System32\Drivers\usbvideo.sys
0x14BF7000 \SystemRoot\system32\drivers\rdpencdd.sys
0x13FB3000 \SystemRoot\System32\Drivers\Msfs.SYS
0x13FBE000 \SystemRoot\System32\Drivers\Npfs.SYS
0x13FCF000 \SystemRoot\System32\DRIVERS\rasacd.sys
0x13FD8000 \SystemRoot\system32\DRIVERS\tdx.sys
0x14600000 \SystemRoot\System32\Drivers\NISx64\1005000.087\SYMTDI.SYS
0x14653000 \??\C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
0x14689000 \SystemRoot\System32\Drivers\NISx64\1005000.087\SYMNDISV.SYS
0x14697000 \SystemRoot\System32\Drivers\NISx64\1005000.087\SYMFW.SYS
0x146BD000 \SystemRoot\system32\DRIVERS\smb.sys
0x146D8000 \SystemRoot\system32\DRIVERS\avgtdia.sys
0x14739000 \SystemRoot\System32\DRIVERS\netbt.sys
0x1477D000 \SystemRoot\system32\drivers\afd.sys
0x00BDD000 \SystemRoot\system32\DRIVERS\pacer.sys
0x147E8000 \SystemRoot\system32\DRIVERS\SymIMv.sys
0x00DE6000 \SystemRoot\system32\DRIVERS\netbios.sys
0x14C0E000 \SystemRoot\system32\DRIVERS\wanarp.sys
0x14C29000 \??\C:\Windows\system32\drivers\NISx64\1005000.087\SRTSPX64.SYS
0x14C3D000 \SystemRoot\system32\DRIVERS\rdbss.sys
0x14C8A000 \SystemRoot\system32\drivers\nsiproxy.sys
0x14C96000 \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\ipsdefs\20090709.001\IDSvia64.sys
0x14CFC000 \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
0x14D72000 \SystemRoot\System32\Drivers\dfsc.sys
0x14E0D000 \SystemRoot\System32\Drivers\NISx64\1005000.087\ccHPx64.sys
0x14EA0000 \??\C:\Windows\system32\drivers\NISx64\1005000.087\BHDrvx64.sys
0x14EF6000 \SystemRoot\system32\DRIVERS\avgldx64.sys
0x14F45000 \SystemRoot\System32\Drivers\crashdmp.sys
0x14F53000 \SystemRoot\System32\Drivers\dump_dumpata.sys
0x14F5F000 \SystemRoot\System32\Drivers\dump_msahci.sys
0x00070000 \SystemRoot\System32\win32k.sys
0x14F69000 \SystemRoot\System32\drivers\Dxapi.sys
0x14F75000 \SystemRoot\system32\DRIVERS\monitor.sys
0x00460000 \SystemRoot\System32\TSDDD.dll
0x006A0000 \SystemRoot\System32\cdd.dll
0x14F88000 \SystemRoot\system32\drivers\luafv.sys
0x16606000 \SystemRoot\system32\drivers\spsys.sys
0x166A0000 \SystemRoot\system32\DRIVERS\lltdio.sys
0x166B4000 \SystemRoot\system32\DRIVERS\nwifi.sys
0x166E8000 \SystemRoot\system32\DRIVERS\ndisuio.sys
0x166F3000 \SystemRoot\system32\DRIVERS\rspndr.sys
0x1670B000 \SystemRoot\system32\drivers\HTTP.sys
0x167AE000 \SystemRoot\System32\DRIVERS\srvnet.sys
0x167D7000 \SystemRoot\system32\DRIVERS\bowser.sys
0x14FAA000 \SystemRoot\System32\drivers\mpsdrv.sys
0x14FC4000 \SystemRoot\system32\drivers\mrxdav.sys
0x14D8F000 \SystemRoot\system32\DRIVERS\mrxsmb.sys
0x16C03000 \SystemRoot\system32\DRIVERS\mrxsmb10.sys
0x16C4C000 \SystemRoot\system32\DRIVERS\mrxsmb20.sys
0x16C6B000 \SystemRoot\System32\DRIVERS\srv2.sys
0x16C9D000 \SystemRoot\System32\DRIVERS\srv.sys
0x16D31000 \SystemRoot\system32\DRIVERS\AVGIDSFilter.Sys
0x16D3D000 \SystemRoot\system32\drivers\peauth.sys
0x16DF3000 \SystemRoot\System32\Drivers\secdrv.SYS
0x14FEB000 \SystemRoot\System32\drivers\tcpipreg.sys
0x14DB8000 \??\C:\Program Files (x86)\Hewlett-Packard\Media\DVD\000.fcl
0x17A01000 \SystemRoot\system32\DRIVERS\AVGIDSDriver.Sys
0x17A2F000 \SystemRoot\system32\DRIVERS\LVPr2M64.sys
0x17A3B000 \SystemRoot\system32\DRIVERS\cdfs.sys
0x17A57000 \SystemRoot\system32\DRIVERS\asyncmac.sys
0x77910000 \Windows\System32\ntdll.dll

Processes (total 88):
0 System Idle Process
4 System
452 C:\Windows\System32\smss.exe
484 C:\PROGRA~2\AVG\AVG10\avgchsva.exe
724 csrss.exe
800 csrss.exe
808 C:\Windows\System32\wininit.exe
848 C:\Windows\System32\services.exe
864 C:\Windows\System32\lsass.exe
872 C:\Windows\System32\lsm.exe
908 C:\Windows\System32\winlogon.exe
332 C:\Windows\System32\svchost.exe
476 C:\Windows\System32\svchost.exe
928 C:\Windows\System32\Ati2evxx.exe
1012 C:\Windows\System32\svchost.exe
1020 C:\Windows\System32\svchost.exe
344 C:\Windows\System32\svchost.exe
1044 C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_bd5387da\stacsv64.exe
1184 C:\Windows\System32\audiodg.exe
1316 C:\Windows\System32\svchost.exe
1332 C:\Windows\System32\SLsvc.exe
1368 C:\Windows\System32\svchost.exe
1440 C:\Windows\System32\Ati2evxx.exe
1464 C:\Windows\System32\hpservice.exe
1544 C:\Windows\System32\svchost.exe
1732 C:\Windows\System32\wlanext.exe
1788 C:\Windows\System32\spoolsv.exe
1824 C:\Windows\System32\svchost.exe
1432 C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_bd5387da\AESTSr64.exe
1508 C:\Windows\System32\agr64svc.exe
1540 C:\Program Files (x86)\AVG\AVG10\avgwdsvc.exe
480 C:\Windows\System32\svchost.exe
1800 C:\Program Files (x86)\Juniper Networks\Common Files\dsNcService.exe
2184 C:\Windows\System32\dwm.exe
2228 C:\Windows\System32\taskeng.exe
2236 C:\Windows\explorer.exe
2260 C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
2356 C:\Program Files\Common Files\logishrd\LVMVFM\LVPrcSrv.exe
2392 C:\Windows\System32\lxctcoms.exe
2400 LVPrS64H.exe
2500 C:\Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\MDM.EXE
2536 C:\Program Files (x86)\Norton Internet Security\Engine\16.5.0.135\ccSvcHst.exe
2696 C:\Windows\System32\svchost.exe
2740 C:\Program Files (x86)\SMINST\BLService.exe
2788 C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
2808 C:\Program Files (x86)\AVG\AVG10\avgnsa.exe
2888 C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
2988 C:\Windows\System32\svchost.exe
3040 C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe
2112 C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe
2200 C:\Windows\System32\svchost.exe
1244 C:\Windows\System32\SearchIndexer.exe
1092 C:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe
3200 C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
3224 C:\Program Files (x86)\Hp\HP Software Update\hpwuSchd2.exe
3348 C:\Program Files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
3360 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
3404 C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrotray.exe
3488 C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
3536 C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
3580 C:\Program Files (x86)\AVG\AVG10\avgtray.exe
3604 C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
3764 WmiPrvSE.exe
3924 C:\Program Files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSMonitor.exe
4032 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
3304 C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
3860 WmiPrvSE.exe
1104 C:\Program Files (x86)\Mozilla Firefox\firefox.exe
4296 C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
4416 C:\Program Files (x86)\Hewlett-Packard\Shared\HpqToaster.exe
4776 C:\Windows\System32\taskeng.exe
3192 C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
4684 C:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Service.exe
3700 C:\Windows\System32\wuauclt.exe
2124 C:\PROGRA~2\AVG\AVG10\avgrsa.exe
3792 C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
3452 C:\Program Files (x86)\AVG\AVG10\avgcsrva.exe
4260 C:\PROGRA~2\Java\jre6\bin\jp2launcher.exe
1076 C:\Program Files (x86)\Java\jre6\bin\java.exe
4056 C:\Program Files (x86)\Microsoft Office\OFFICE11\OUTLOOK.EXE
4672 C:\Program Files (x86)\Microsoft Office\OFFICE11\WINWORD.EXE
4724 C:\Windows\splwow64.exe
4484 C:\Program Files (x86)\Internet Explorer\iexplore.exe
6100 C:\Program Files (x86)\Internet Explorer\iexplore.exe
5656 C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10c.exe
2620 taskeng.exe
4836 C:\Users\Jayanta\Desktop\MBRCheck.exe
6664 <unknown>

\\.\C: --> \\.\PhysicalDrive0 at offset 0x00000000`00100000 (NTFS)
\\.\D: --> \\.\PhysicalDrive0 at offset 0x00000047`40300000 (NTFS)

PhysicalDrive0 Model Number: SAMSUNGHM320JI, Rev: 2SS00_03

Size Device Name MBR Status
--------------------------------------------
298 GB \\.\PhysicalDrive0 Unknown MBR code
SHA1: 6DF26AE7D6663DFFFF5602BEDE5BE4683120D56C


Found non-standard or infected MBR.
Enter 'Y' and hit ENTER for more options, or 'N' to exit:
Options:
[1] Dump the MBR of a physical disk to file.
[2] Restore the MBR of a physical disk with a standard boot code.
[3] Exit.

Enter your choice: Enter the physical disk number to dump (0-99, -1 to exit): -1

Done!

#6 thcbytes

thcbytes

  • Malware Response Team
  • 14,790 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:02 PM

Posted 20 November 2010 - 08:36 AM

Hello,

I am away with limited internet connectivity. I will post your next step on Sunday after you perform these steps. I appreciate your patience.

==========

RKU will not run due to your 64bit architecture.

=========

  • Please reopen Posted Image on your desktop.
  • Copy and Paste the following code into the Posted Image textbox. Do not include the word "Code"
    :OTL
    :Commands
    [emptytemp]
    [Reboot]
    
  • Push Posted Image
  • OTL may ask to reboot the machine. Please do so if asked.
  • Click Posted Image.

==========

Download TDSSKiller.zip
  • Extract it to your desktop
  • Double click TDSSKiller.exe
  • Press Start Scan
    • If Malicious objects are found then ensure Cure is selected
    • Then click Continue > Reboot now
  • Copy and paste the log in your next reply
    • A copy of the log will be saved automatically to the root of the drive (typically C:\)

==========

Please rerun MBAM.

MBAM may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you. Temporarily disable such programs or permit them to allow the changes.
  • Make sure you are connected to the Internet.
    • Update Malwarebytes' Anti-Malware <--- Important!!
    • Launch Malwarebytes' Anti-Malware
  • Then click Finish.
MBAM will automatically start and you will be asked to update the program before performing a scan.
  • If an update is found, the program will automatically update itself. Press the OK button to close that box and continue.
  • If you encounter any problems while downloading the definition updates, manually download them from here and just double-click on mbam-rules.exe to install.
On the Scanner tab:
  • Make sure the "Perform Quick Scan" option is selected.
  • Then click on the Scan button.
  • If asked to select the drives to scan, leave all the drives selected and click on the Start Scan button.
  • The scan will begin and "Scan in progress" will show at the top. It may take some time to complete so please be patient.
  • When the scan is finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".
  • Click OK to close the message box and continue with the removal process.
Back at the main Scanner screen:
  • Click on the Show Results button to see a list of any malware that was found.
  • Make sure that everything is checked, and click Remove Selected.
  • When removal is completed, a log report will open in Notepad.
  • The log is automatically saved and can be viewed by clicking the Logs tab in MBAM.
  • Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows MBAM's database version and your operating system.
  • Exit MBAM when done.
Note: If MBAM encounters a file that is difficult to remove, you will be asked to reboot your computer so MBAM can proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot normally (not into safe mode) will prevent MBAM from removing all the malware.

==========

I'd like us to scan your machine with ESET OnlineScan
  • Hold down Control and click on the following link to open ESET OnlineScan in a new window.
    ESET OnlineScan
  • Click the Posted Image button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on Posted Image to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the Posted Image icon on your desktop.
  • Check Posted Image
  • Click the Posted Image button.
  • Accept any security warnings from your browser.
  • Check Posted Image
  • Push the Start button.
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, push Posted Image
  • Push Posted Image, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Push the Posted Image button.
  • Push Posted Image

==========

Please carefully describe what problems you are currently experiencing

Regards,
thcbytes
Proud member - Unified Network of Instructors and Trained Eliminators
Posted Image

I do not accept personal donations for assistance provided. I would ask that you instead consider donating the greatest gift - Organ Donation. Your organs are of no use to you when your gone. You will save a life that would otherwise be lost!

http://donatelife.net/register-now/

#7 Jaynev

Jaynev
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:09:02 PM

Posted 21 November 2010 - 01:18 PM

Hi Thcbytes,

I was able to run OTL and TDSS. By MBAM do you mean MBRCheck? I could not find a reference to MBAM earlier in this thread.

Thanks very much for your help. I appreciate it a lot.

JN

#8 Jaynev

Jaynev
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:09:02 PM

Posted 21 November 2010 - 02:52 PM

I found MBAM from Malwarebytes. Am downloading it and will report back.

JN

#9 thcbytes

thcbytes

  • Malware Response Team
  • 14,790 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:02 PM

Posted 21 November 2010 - 04:19 PM

You already have MBAM installed on your computer. From your logs..

"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware


Regards,
thcbytes
Proud member - Unified Network of Instructors and Trained Eliminators
Posted Image

I do not accept personal donations for assistance provided. I would ask that you instead consider donating the greatest gift - Organ Donation. Your organs are of no use to you when your gone. You will save a life that would otherwise be lost!

http://donatelife.net/register-now/

#10 Jaynev

Jaynev
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:09:02 PM

Posted 22 November 2010 - 12:44 PM

Hello Thcbytes,

I did the following as you instructed:

1) Ran OTL
2) Ran TDSSKiller (log pasted at bottom)
3) Ran MBAM (no malicious items found)
4) Ran ESET (no malicious items found)

The computer actually seems to be working fine now. The problem earlier was that it would redirect pages to websites like epoclick.com, chinaontv.com etc. There seem to be no more redirects now.

It seems that whatever scans and fixes you ran have fixed the problem. Thanks a lot for all your help. Hope none of the problems will be back.

I had a question. In the MBRCheck it says that the MBR is corrupted. Do I need to do anything about it?

Thanks again!

Best Regards,

JN

#11 Jaynev

Jaynev
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:09:02 PM

Posted 22 November 2010 - 02:38 PM

Here is the TDSS Killer log:

2010/11/21 09:48:55.0985 TDSS rootkit removing tool 2.4.8.0 Nov 17 2010 07:23:12
2010/11/21 09:48:55.0985 ================================================================================
2010/11/21 09:48:55.0985 SystemInfo:
2010/11/21 09:48:55.0985
2010/11/21 09:48:55.0985 OS Version: 6.0.6002 ServicePack: 2.0
2010/11/21 09:48:55.0985 Product type: Workstation
2010/11/21 09:48:55.0985 ComputerName: EVERMORE
2010/11/21 09:48:55.0985 UserName: Jayanta
2010/11/21 09:48:55.0985 Windows directory: C:\Windows
2010/11/21 09:48:55.0985 System windows directory: C:\Windows
2010/11/21 09:48:55.0985 Running under WOW64
2010/11/21 09:48:55.0985 Processor architecture: Intel x64
2010/11/21 09:48:55.0985 Number of processors: 2
2010/11/21 09:48:55.0985 Page size: 0x1000
2010/11/21 09:48:55.0985 Boot type: Normal boot
2010/11/21 09:48:55.0985 ================================================================================
2010/11/21 09:48:55.0985 Utility is running under WOW64
2010/11/21 09:48:57.0265 Initialize success
2010/11/21 09:49:33.0971 ================================================================================
2010/11/21 09:49:33.0971 Scan started
2010/11/21 09:49:33.0971 Mode: Manual;
2010/11/21 09:49:33.0971 ================================================================================
2010/11/21 09:49:35.0001 Accelerometer (60fbb29ccce48b4c3a6517caf42c3496) C:\Windows\system32\DRIVERS\Accelerometer.sys
2010/11/21 09:49:35.0266 ACPI (1965aaffab07e3fb03c77f81beba3547) C:\Windows\system32\drivers\acpi.sys
2010/11/21 09:49:35.0453 adp94xx (f14215e37cf124104575073f782111d2) C:\Windows\system32\drivers\adp94xx.sys
2010/11/21 09:49:35.0547 adpahci (7d05a75e3066861a6610f7ee04ff085c) C:\Windows\system32\drivers\adpahci.sys
2010/11/21 09:49:35.0609 adpu160m (820a201fe08a0c345b3bedbc30e1a77c) C:\Windows\system32\drivers\adpu160m.sys
2010/11/21 09:49:35.0656 adpu320 (9b4ab6854559dc168fbb4c24fc52e794) C:\Windows\system32\drivers\adpu320.sys
2010/11/21 09:49:35.0797 AFD (12415ccfd3e7cec55b5184e67b039fe4) C:\Windows\system32\drivers\afd.sys
2010/11/21 09:49:36.0046 AgereSoftModem (3627a62b10284ffbf862bfd49928edf4) C:\Windows\system32\DRIVERS\agrsm64.sys
2010/11/21 09:49:36.0311 agp440 (f6f6793b7f17b550ecfdbd3b229173f7) C:\Windows\system32\drivers\agp440.sys
2010/11/21 09:49:36.0436 aic78xx (222cb641b4b8a1d1126f8033f9fd6a00) C:\Windows\system32\drivers\djsvs.sys
2010/11/21 09:49:36.0514 aliide (e0ca5bb8e6c79533dc6b1da7361a201e) C:\Windows\system32\drivers\aliide.sys
2010/11/21 09:49:36.0561 amdide (7034f8d1b9703d711d3f92c95deb377d) C:\Windows\system32\drivers\amdide.sys
2010/11/21 09:49:36.0639 AmdK8 (cdc3632a3a5ea4dbb83e46076a3165a1) C:\Windows\system32\drivers\amdk8.sys
2010/11/21 09:49:36.0701 arc (ba8417d4765f3988ff921f30f630e303) C:\Windows\system32\drivers\arc.sys
2010/11/21 09:49:36.0764 arcsas (9d41c435619733b34cc16a511e644b11) C:\Windows\system32\drivers\arcsas.sys
2010/11/21 09:49:36.0811 AsyncMac (22d13ff3dafec2a80634752b1eaa2de6) C:\Windows\system32\DRIVERS\asyncmac.sys
2010/11/21 09:49:36.0889 atapi (e68d9b3a3905619732f7fe039466a623) C:\Windows\system32\drivers\atapi.sys
2010/11/21 09:49:37.0013 athr (19f0adc93e97c4d41afe40407bf61ca8) C:\Windows\system32\DRIVERS\athrx.sys
2010/11/21 09:49:37.0310 atikmdag (a4379447148ee55330768cc491ee999e) C:\Windows\system32\DRIVERS\atikmdag.sys
2010/11/21 09:49:37.0622 AtiPcie (db0d3de15edc96e7529fc0d3f7760894) C:\Windows\system32\DRIVERS\AtiPcie.sys
2010/11/21 09:49:37.0747 AVGIDSDriver (4f1ae7de0cc6615323b7b959aa973b01) C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys
2010/11/21 09:49:37.0840 AVGIDSEH (a14e9123764dcb4386066bd9cdccde8d) C:\Windows\system32\DRIVERS\AVGIDSEH.Sys
2010/11/21 09:49:37.0918 AVGIDSFilter (dd0aa3178b548a6d95e1d35d675de2cd) C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys
2010/11/21 09:49:38.0043 Avgldx64 (ef415e445e5376624ed78685ee9647d4) C:\Windows\system32\DRIVERS\avgldx64.sys
2010/11/21 09:49:38.0121 Avgmfx64 (f5ffa3053d26c55edc112e66197eed09) C:\Windows\system32\DRIVERS\avgmfx64.sys
2010/11/21 09:49:38.0215 Avgrkx64 (5b3f127b26c08b1c7df5c5f111ca4030) C:\Windows\system32\DRIVERS\avgrkx64.sys
2010/11/21 09:49:38.0371 Avgtdia (ee472479301fef0b6a17e16d8a0deceb) C:\Windows\system32\DRIVERS\avgtdia.sys
2010/11/21 09:49:38.0776 BHDrvx64 (2531e19c2271636779e0a1ee6ac0cea9) C:\Windows\system32\drivers\NISx64\1005000.087\BHDrvx64.sys
2010/11/21 09:49:38.0870 blbdrive (79feeb40056683f8f61398d81dda65d2) C:\Windows\system32\drivers\blbdrive.sys
2010/11/21 09:49:38.0948 bowser (8b2b19031d0aeade6e1b933df1acba7e) C:\Windows\system32\DRIVERS\bowser.sys
2010/11/21 09:49:39.0010 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\brfiltlo.sys
2010/11/21 09:49:39.0088 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\brfiltup.sys
2010/11/21 09:49:39.0182 Brserid (f0f0ba4d815be446aa6a4583ca3bca9b) C:\Windows\system32\drivers\brserid.sys
2010/11/21 09:49:39.0229 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\system32\drivers\brserwdm.sys
2010/11/21 09:49:39.0260 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\system32\drivers\brusbmdm.sys
2010/11/21 09:49:39.0338 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\system32\drivers\brusbser.sys
2010/11/21 09:49:39.0416 BthEnum (471ff09330a53177bbe9fd6ddf8a8259) C:\Windows\system32\DRIVERS\BthEnum.sys
2010/11/21 09:49:39.0463 BTHMODEM (e0777b34e05f8a82a21856efc900c29f) C:\Windows\system32\drivers\bthmodem.sys
2010/11/21 09:49:39.0525 BthPan (befc5311736b475ac5b60c14ff7c775a) C:\Windows\system32\DRIVERS\bthpan.sys
2010/11/21 09:49:40.0009 BTHPORT (7d104f22c04a76f0d2f96f789ac07fcb) C:\Windows\system32\Drivers\BTHport.sys
2010/11/21 09:49:40.0149 BTHUSB (d9324f0c142267961ce900bfc3798bb1) C:\Windows\system32\Drivers\BTHUSB.sys
2010/11/21 09:49:40.0336 ccHP (4ade32912dbbfd0558780475c007116f) C:\Windows\System32\Drivers\NISx64\1005000.087\ccHPx64.sys
2010/11/21 09:49:40.0414 cdfs (b4d787db8d30793a4d4df9feed18f136) C:\Windows\system32\DRIVERS\cdfs.sys
2010/11/21 09:49:40.0492 cdrom (c025aa69be3d0d25c7a2e746ef6f94fc) C:\Windows\system32\DRIVERS\cdrom.sys
2010/11/21 09:49:40.0555 circlass (02ea568d498bbdd4ba55bf3fce34d456) C:\Windows\system32\DRIVERS\circlass.sys
2010/11/21 09:49:40.0664 CLFS (3dca9a18b204939cfb24bea53e31eb48) C:\Windows\system32\CLFS.sys
2010/11/21 09:49:40.0882 CmBatt (b52d9a14ce4101577900a364ba86f3df) C:\Windows\system32\DRIVERS\CmBatt.sys
2010/11/21 09:49:40.0913 cmdide (8c6aa24c1d7273a02284588426ab8ce3) C:\Windows\system32\drivers\cmdide.sys
2010/11/21 09:49:40.0976 Compbatt (7fb8ad01db0eabe60c8a861531a8f431) C:\Windows\system32\DRIVERS\compbatt.sys
2010/11/21 09:49:41.0023 crcdisk (a8585b6412253803ce8efcbd6d6dc15c) C:\Windows\system32\drivers\crcdisk.sys
2010/11/21 09:49:41.0163 DfsC (36cd31121f228e7e79bae60aa45764c6) C:\Windows\system32\Drivers\dfsc.sys
2010/11/21 09:49:41.0288 disk (b0107e40ecdb5fa692ebf832f295d905) C:\Windows\system32\drivers\disk.sys
2010/11/21 09:49:41.0459 drmkaud (f1a78a98cfc2ee02144c6bec945447e6) C:\Windows\system32\drivers\drmkaud.sys
2010/11/21 09:49:41.0553 dsNcAdpt (3d52bd28fcb943da53ce12c3d4a4c0af) C:\Windows\system32\DRIVERS\dsNcAdX64.sys
2010/11/21 09:49:41.0771 DXGKrnl (1d96e28ebcd96ad1b44a3fd02ca6433d) C:\Windows\System32\drivers\dxgkrnl.sys
2010/11/21 09:49:41.0912 E1G60 (264cee7b031a9d6c827f3d0cb031f2fe) C:\Windows\system32\DRIVERS\E1G6032E.sys
2010/11/21 09:49:42.0068 Ecache (5f94962be5a62db6e447ff6470c4f48a) C:\Windows\system32\drivers\ecache.sys
2010/11/21 09:49:42.0271 eeCtrl (a7fbc38c1f6f3df3f1e21b8933e76e7c) C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
2010/11/21 09:49:42.0645 elxstor (c4636d6e10469404ab5308d9fd45ed07) C:\Windows\system32\drivers\elxstor.sys
2010/11/21 09:49:42.0863 enecir (3a70dc8951b995c73a22b9a23210833e) C:\Windows\system32\DRIVERS\enecir.sys
2010/11/21 09:49:42.0973 ErrDev (bc3a58e938bb277e46bf4b3003b01abd) C:\Windows\system32\drivers\errdev.sys
2010/11/21 09:49:43.0207 exfat (486844f47b6636044a42454614ed4523) C:\Windows\system32\drivers\exfat.sys
2010/11/21 09:49:43.0378 fastfat (1a4bee34277784619ddaf0422c0c6e23) C:\Windows\system32\drivers\fastfat.sys
2010/11/21 09:49:43.0503 fdc (81b79b6df71fa1d2c6d688d830616e39) C:\Windows\system32\DRIVERS\fdc.sys
2010/11/21 09:49:43.0628 FileInfo (457b7d1d533e4bd62a99aed9c7bb4c59) C:\Windows\system32\drivers\fileinfo.sys
2010/11/21 09:49:43.0690 Filetrace (d421327fd6efccaf884a54c58e1b0d7f) C:\Windows\system32\drivers\filetrace.sys
2010/11/21 09:49:43.0768 flpydisk (230923ea2b80f79b0f88d90f87b87ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
2010/11/21 09:49:43.0940 FltMgr (e3041bc26d6930d61f42aedb79c91720) C:\Windows\system32\drivers\fltmgr.sys
2010/11/21 09:49:44.0080 Fs_Rec (29d99e860a1ca0a03c6a733fdd0da703) C:\Windows\system32\drivers\Fs_Rec.sys
2010/11/21 09:49:44.0174 gagp30kx (c8e416668d3dc2be3d4fe4c79224997f) C:\Windows\system32\drivers\gagp30kx.sys
2010/11/21 09:49:44.0392 HdAudAddService (68e732382b32417ff61fd663259b4b09) C:\Windows\system32\drivers\HdAudio.sys
2010/11/21 09:49:44.0595 HDAudBus (f942c5820205f2fb453243edfec82a3d) C:\Windows\system32\DRIVERS\HDAudBus.sys
2010/11/21 09:49:44.0720 HidBth (b4881c84a180e75b8c25dc1d726c375f) C:\Windows\system32\drivers\hidbth.sys
2010/11/21 09:49:44.0798 HidIr (1d4e03e5c5ba4c3679c38cb6b4c60d5f) C:\Windows\system32\DRIVERS\hidir.sys
2010/11/21 09:49:44.0876 HidUsb (59a7b5e13356c20d67983868242167c5) C:\Windows\system32\DRIVERS\hidusb.sys
2010/11/21 09:49:44.0969 HpCISSs (d7109a1e6bd2dfdbcba72a6bc626a13b) C:\Windows\system32\drivers\hpcisss.sys
2010/11/21 09:49:45.0032 hpdskflt (4a435ca815a54639ca09ddf75d751ebc) C:\Windows\system32\DRIVERS\hpdskflt.sys
2010/11/21 09:49:45.0079 HpqKbFiltr (0ecc54fd34d6a089c300846b011e81d6) C:\Windows\system32\DRIVERS\HpqKbFiltr.sys
2010/11/21 09:49:45.0219 HTTP (098f1e4e5c9cb5b0063a959063631610) C:\Windows\system32\drivers\HTTP.sys
2010/11/21 09:49:45.0328 hwdatacard (f57e489800543b69fe196f51ca9c85b5) C:\Windows\system32\DRIVERS\ewusbmdm.sys
2010/11/21 09:49:45.0437 i2omp (da94c854cea5fac549d4e1f6e88349e8) C:\Windows\system32\drivers\i2omp.sys
2010/11/21 09:49:45.0500 i8042prt (cbb597659a2713ce0c9cc20c88c7591f) C:\Windows\system32\DRIVERS\i8042prt.sys
2010/11/21 09:49:45.0625 iaStorV (3e3bf3627d886736d0b4e90054f929f6) C:\Windows\system32\drivers\iastorv.sys
2010/11/21 09:49:46.0061 IDSVia64 (a38190b2c50f3e79c08172c844e1b8ea) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\ipsdefs\20090709.001\IDSvia64.sys
2010/11/21 09:49:46.0264 iirsp (8c3951ad2fe886ef76c7b5027c3125d3) C:\Windows\system32\drivers\iirsp.sys
2010/11/21 09:49:46.0436 intelide (475490caf376e55e6e8b37bbdfeb2e81) C:\Windows\system32\drivers\intelide.sys
2010/11/21 09:49:46.0529 intelppm (bfd84af32fa1bad6231c4585cb469630) C:\Windows\system32\DRIVERS\intelppm.sys
2010/11/21 09:49:46.0654 IpFilterDriver (d8aabc341311e4780d6fce8c73c0ad81) C:\Windows\system32\DRIVERS\ipfltdrv.sys
2010/11/21 09:49:46.0826 IPMIDRV (9c2ee2e6e5a7203bfae15c299475ec67) C:\Windows\system32\drivers\ipmidrv.sys
2010/11/21 09:49:46.0919 IPNAT (b7e6212f581ea5f6ab0c3a6ceeeb89be) C:\Windows\system32\DRIVERS\ipnat.sys
2010/11/21 09:49:47.0029 IRENUM (8c42ca155343a2f11d29feca67faa88d) C:\Windows\system32\drivers\irenum.sys
2010/11/21 09:49:47.0122 isapnp (0672bfcedc6fc468a2b0500d81437f4f) C:\Windows\system32\drivers\isapnp.sys
2010/11/21 09:49:47.0247 iScsiPrt (e4fdf99599f27ec25d2cf6d754243520) C:\Windows\system32\DRIVERS\msiscsi.sys
2010/11/21 09:49:47.0294 iteatapi (63c766cdc609ff8206cb447a65abba4a) C:\Windows\system32\drivers\iteatapi.sys
2010/11/21 09:49:47.0356 iteraid (1281fe73b17664631d12f643cbea3f59) C:\Windows\system32\drivers\iteraid.sys
2010/11/21 09:49:47.0403 JMCR (15371306d1adbbf35e475c8da516a956) C:\Windows\system32\DRIVERS\jmcr.sys
2010/11/21 09:49:47.0465 kbdclass (423696f3ba6472dd17699209b933bc26) C:\Windows\system32\DRIVERS\kbdclass.sys
2010/11/21 09:49:47.0590 kbdhid (dbdf75d51464fbc47d0104ec3d572c05) C:\Windows\system32\DRIVERS\kbdhid.sys
2010/11/21 09:49:47.0746 KSecDD (476e2c1dcea45895994bef11c2a98715) C:\Windows\system32\Drivers\ksecdd.sys
2010/11/21 09:49:47.0824 ksthunk (1d419cf43db29396ecd7113d129d94eb) C:\Windows\system32\drivers\ksthunk.sys
2010/11/21 09:49:47.0980 lltdio (96ece2659b6654c10a0c310ae3a6d02c) C:\Windows\system32\DRIVERS\lltdio.sys
2010/11/21 09:49:48.0105 LSI_FC (acbe1af32d3123e330a07bfbc5ec4a9b) C:\Windows\system32\drivers\lsi_fc.sys
2010/11/21 09:49:48.0167 LSI_SAS (799ffb2fc4729fa46d2157c0065b3525) C:\Windows\system32\drivers\lsi_sas.sys
2010/11/21 09:49:48.0214 LSI_SCSI (f445ff1daad8a226366bfaf42551226b) C:\Windows\system32\drivers\lsi_scsi.sys
2010/11/21 09:49:48.0261 luafv (52f87b9cc8932c2a7375c3b2a9be5e3e) C:\Windows\system32\drivers\luafv.sys
2010/11/21 09:49:48.0355 LVPr2M64 (7717a2cb550267860d3933f3fba0216f) C:\Windows\system32\DRIVERS\LVPr2M64.sys
2010/11/21 09:49:48.0386 LVPr2Mon (7717a2cb550267860d3933f3fba0216f) C:\Windows\system32\DRIVERS\LVPr2M64.sys
2010/11/21 09:49:48.0495 megasas (5c5cd6aaced32fb26c3fb34b3dcf972f) C:\Windows\system32\drivers\megasas.sys
2010/11/21 09:49:48.0542 MegaSR (859bc2436b076c77c159ed694acfe8f8) C:\Windows\system32\drivers\megasr.sys
2010/11/21 09:49:48.0651 MEMSWEEP2 (d70476ad02d6fd75282b196d3b58831d) C:\Windows\system32\453E.tmp
2010/11/21 09:49:48.0713 Modem (59848d5cc74606f0ee7557983bb73c2e) C:\Windows\system32\drivers\modem.sys
2010/11/21 09:49:48.0791 monitor (c247cc2a57e0a0c8c6dccf7807b3e9e5) C:\Windows\system32\DRIVERS\monitor.sys
2010/11/21 09:49:48.0854 mouclass (9367304e5e412b120cf5f4ea14e4e4f1) C:\Windows\system32\DRIVERS\mouclass.sys
2010/11/21 09:49:48.0932 mouhid (c2c2bd5c5ce5aaf786ddd74b75d2ac69) C:\Windows\system32\DRIVERS\mouhid.sys
2010/11/21 09:49:48.0979 MountMgr (11bc9b1e8801b01f7f6adb9ead30019b) C:\Windows\system32\drivers\mountmgr.sys
2010/11/21 09:49:49.0197 mpio (f8276eb8698142884498a528dfea8478) C:\Windows\system32\drivers\mpio.sys
2010/11/21 09:49:49.0275 mpsdrv (c92b9abdb65a5991e00c28f13491dba2) C:\Windows\system32\drivers\mpsdrv.sys
2010/11/21 09:49:49.0353 Mraid35x (3c200630a89ef2c0864d515b7a75802e) C:\Windows\system32\drivers\mraid35x.sys
2010/11/21 09:49:49.0478 MRxDAV (7c1de4aa96dc0c071611f9e7de02a68d) C:\Windows\system32\drivers\mrxdav.sys
2010/11/21 09:49:49.0587 mrxsmb (d58d129e26705e83a4deba7177eb7972) C:\Windows\system32\DRIVERS\mrxsmb.sys
2010/11/21 09:49:49.0681 mrxsmb10 (d5be5c14e0f1dc489f5bb2a67983f630) C:\Windows\system32\DRIVERS\mrxsmb10.sys
2010/11/21 09:49:49.0774 mrxsmb20 (09a2990c3b293c212816c9bc0d7c200e) C:\Windows\system32\DRIVERS\mrxsmb20.sys
2010/11/21 09:49:49.0868 msahci (aa459f2ab3ab603c357ff117cae3d818) C:\Windows\system32\drivers\msahci.sys
2010/11/21 09:49:50.0039 msdsm (264bbb4aaf312a485f0e44b65a6b7202) C:\Windows\system32\drivers\msdsm.sys
2010/11/21 09:49:50.0258 Msfs (704f59bfc4512d2bb0146aec31b10a7c) C:\Windows\system32\drivers\Msfs.sys
2010/11/21 09:49:50.0320 msisadrv (00ebc952961664780d43dca157e79b27) C:\Windows\system32\drivers\msisadrv.sys
2010/11/21 09:49:50.0414 MSKSSRV (0ea73e498f53b96d83dbfca074ad4cf8) C:\Windows\system32\drivers\MSKSSRV.sys
2010/11/21 09:49:50.0461 MSPCLOCK (52e59b7e992a58e740aa63f57edbae8b) C:\Windows\system32\drivers\MSPCLOCK.sys
2010/11/21 09:49:50.0523 MSPQM (49084a75bae043ae02d5b44d02991bb2) C:\Windows\system32\drivers\MSPQM.sys
2010/11/21 09:49:50.0617 MsRPC (dc6ccf440cdede4293db41c37a5060a5) C:\Windows\system32\drivers\MsRPC.sys
2010/11/21 09:49:50.0695 mssmbios (855796e59df77ea93af46f20155bf55b) C:\Windows\system32\DRIVERS\mssmbios.sys
2010/11/21 09:49:50.0757 MSTEE (86d632d75d05d5b7c7c043fa3564ae86) C:\Windows\system32\drivers\MSTEE.sys
2010/11/21 09:49:50.0851 Mup (0cc49f78d8aca0877d885f149084e543) C:\Windows\system32\Drivers\mup.sys
2010/11/21 09:49:51.0131 NativeWifiP (2007b826c4acd94ae32232b41f0842b9) C:\Windows\system32\DRIVERS\nwifi.sys
2010/11/21 09:49:51.0802 NDIS (65950e07329fcee8e6516b17c8d0abb6) C:\Windows\system32\drivers\ndis.sys
2010/11/21 09:49:51.0911 NdisTapi (64df698a425478e321981431ac171334) C:\Windows\system32\DRIVERS\ndistapi.sys
2010/11/21 09:49:52.0036 Ndisuio (8baa43196d7b5bb972c9a6b2bbf61a19) C:\Windows\system32\DRIVERS\ndisuio.sys
2010/11/21 09:49:52.0177 NdisWan (f8158771905260982ce724076419ef19) C:\Windows\system32\DRIVERS\ndiswan.sys
2010/11/21 09:49:52.0255 NDProxy (9cb77ed7cb72850253e973a2d6afdf49) C:\Windows\system32\drivers\NDProxy.sys
2010/11/21 09:49:52.0301 NetBIOS (a499294f5029a7862adc115bda7371ce) C:\Windows\system32\DRIVERS\netbios.sys
2010/11/21 09:49:52.0379 netbt (fc2c792ebddc8e28df939d6a92c83d61) C:\Windows\system32\DRIVERS\netbt.sys
2010/11/21 09:49:53.0128 NETw3v64 (c86984aee87900c1eeb6942ede3bf4b6) C:\Windows\system32\DRIVERS\NETw3v64.sys
2010/11/21 09:49:53.0549 nfrd960 (4ac08bd6af2df42e0c3196d826c8aea7) C:\Windows\system32\drivers\nfrd960.sys
2010/11/21 09:49:53.0830 Npfs (b298874f8e0ea93f06ec40aa8d146478) C:\Windows\system32\drivers\Npfs.sys
2010/11/21 09:49:53.0924 nsiproxy (1523af19ee8b030ba682f7a53537eaeb) C:\Windows\system32\drivers\nsiproxy.sys
2010/11/21 09:49:54.0361 Ntfs (bac869dfb98e499ba4d9bb1fb43270e1) C:\Windows\system32\drivers\Ntfs.sys
2010/11/21 09:49:54.0548 Null (dd5d684975352b85b52e3fd5347c20cb) C:\Windows\system32\drivers\Null.sys
2010/11/21 09:49:54.0610 nvraid (2c040b7ada5b06f6facadac8514aa034) C:\Windows\system32\drivers\nvraid.sys
2010/11/21 09:49:54.0673 nvstor (f7ea0fe82842d05eda3efdd376dbfdba) C:\Windows\system32\drivers\nvstor.sys
2010/11/21 09:49:54.0735 nv_agp (19067ca93075ef4823e3938a686f532f) C:\Windows\system32\drivers\nv_agp.sys
2010/11/21 09:49:54.0922 ohci1394 (1b30103fde512915a9214b108b6e7a9c) C:\Windows\system32\DRIVERS\ohci1394.sys
2010/11/21 09:49:55.0265 Parport (aecd57f94c887f58919f307c35498ea0) C:\Windows\system32\drivers\parport.sys
2010/11/21 09:49:55.0375 partmgr (f9b5eda4c17a2be7663f064dbf0fe254) C:\Windows\system32\drivers\partmgr.sys
2010/11/21 09:49:55.0531 pci (47ab1e0fc9d0e12bb53ba246e3a0906d) C:\Windows\system32\drivers\pci.sys
2010/11/21 09:49:55.0640 pciide (2657f6c0b78c36d95034be109336e382) C:\Windows\system32\drivers\pciide.sys
2010/11/21 09:49:55.0780 pcmcia (037661f3d7c507c9993b7010ceee6288) C:\Windows\system32\drivers\pcmcia.sys
2010/11/21 09:49:56.0123 PEAUTH (58865916f53592a61549b04941bfd80d) C:\Windows\system32\drivers\peauth.sys
2010/11/21 09:49:56.0669 PID_PEPI (ae0b94363da0f60d42b9d05b352f61ed) C:\Windows\system32\DRIVERS\LV302V64.SYS
2010/11/21 09:49:57.0122 PptpMiniport (23386e9952025f5f21c368971e2e7301) C:\Windows\system32\DRIVERS\raspptp.sys
2010/11/21 09:49:57.0293 Processor (5080e59ecee0bc923f14018803aa7a01) C:\Windows\system32\DRIVERS\processr.sys
2010/11/21 09:49:57.0434 PSched (c5ab7f0809392d0da027f4a2a81bfa31) C:\Windows\system32\DRIVERS\pacer.sys
2010/11/21 09:49:57.0543 ql2300 (0b83f4e681062f3839be2ec1d98fd94a) C:\Windows\system32\drivers\ql2300.sys
2010/11/21 09:49:57.0652 ql40xx (e1c80f8d4d1e39ef9595809c1369bf2a) C:\Windows\system32\drivers\ql40xx.sys
2010/11/21 09:49:57.0761 QWAVEdrv (e8d76edab77ec9c634c27b8eac33adc5) C:\Windows\system32\drivers\qwavedrv.sys
2010/11/21 09:49:57.0839 RasAcd (1013b3b663a56d3ddd784f581c1bd005) C:\Windows\system32\DRIVERS\rasacd.sys
2010/11/21 09:49:57.0980 Rasl2tp (ac7bc4d42a7e558718dfdec599bbfc2c) C:\Windows\system32\DRIVERS\rasl2tp.sys
2010/11/21 09:49:58.0105 RasPppoe (4517fbf8b42524afe4ede1de102aae3e) C:\Windows\system32\DRIVERS\raspppoe.sys
2010/11/21 09:49:58.0261 RasSstp (c6a593b51f34c33e5474539544072527) C:\Windows\system32\DRIVERS\rassstp.sys
2010/11/21 09:49:58.0463 rdbss (322db5c6b55e8d8ee8d6f358b2aaabb1) C:\Windows\system32\DRIVERS\rdbss.sys
2010/11/21 09:49:58.0651 RDPCDD (603900cc05f6be65ccbf373800af3716) C:\Windows\system32\DRIVERS\RDPCDD.sys
2010/11/21 09:49:58.0885 rdpdr (c045d1fb111c28df0d1be8d4bda22c06) C:\Windows\system32\drivers\rdpdr.sys
2010/11/21 09:49:58.0963 RDPENCDD (cab9421daf3d97b33d0d055858e2c3ab) C:\Windows\system32\drivers\rdpencdd.sys
2010/11/21 09:49:59.0134 RDPWD (b1d741c87cea8d7282146366cc9c3f81) C:\Windows\system32\drivers\RDPWD.sys
2010/11/21 09:49:59.0368 RFCOMM (72c35598ba591abddc37fce7d26fe1c4) C:\Windows\system32\DRIVERS\rfcomm.sys
2010/11/21 09:49:59.0587 RimUsb (5790bca445cc40df8b38c2c48608aac2) C:\Windows\system32\Drivers\RimUsb_AMD64.sys
2010/11/21 09:49:59.0680 RimVSerPort (c903d49655b4aae46673f0aaa6be0f58) C:\Windows\system32\DRIVERS\RimSerial_AMD64.sys
2010/11/21 09:49:59.0852 ROOTMODEM (6a0cf73b019cbc9255e23c9192ec3702) C:\Windows\system32\Drivers\RootMdm.sys
2010/11/21 09:49:59.0930 rspndr (22a9cb08b1a6707c1550c6bf099aae73) C:\Windows\system32\DRIVERS\rspndr.sys
2010/11/21 09:49:59.0992 RTL8169 (82b66abf055611024e5dbb9fa556c11d) C:\Windows\system32\DRIVERS\Rtlh64.sys
2010/11/21 09:50:00.0133 sbp2port (cd9c693589c60ad59bbbcfb0e524e01b) C:\Windows\system32\drivers\sbp2port.sys
2010/11/21 09:50:00.0413 sdbus (b42ee50f7d24f837f925332eb349eca5) C:\Windows\system32\DRIVERS\sdbus.sys
2010/11/21 09:50:00.0663 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
2010/11/21 09:50:00.0819 Serenum (f71bfe7ac6c52273b7c82cbf1bb2a222) C:\Windows\system32\drivers\serenum.sys
2010/11/21 09:50:00.0881 Serial (e62fac91ee288db29a9696a9d279929c) C:\Windows\system32\drivers\serial.sys
2010/11/21 09:50:00.0959 sermouse (a842f04833684bceea7336211be478df) C:\Windows\system32\drivers\sermouse.sys
2010/11/21 09:50:01.0162 sffdisk (14d4b4465193a87c127933978e8c4106) C:\Windows\system32\drivers\sffdisk.sys
2010/11/21 09:50:01.0256 sffp_mmc (7073aee3f82f3d598e3825962aa98ab2) C:\Windows\system32\drivers\sffp_mmc.sys
2010/11/21 09:50:01.0349 sffp_sd (35e59ebe4a01a0532ed67975161c7b82) C:\Windows\system32\drivers\sffp_sd.sys
2010/11/21 09:50:01.0443 sfloppy (6b7838c94135768bd455cbdc23e39e5f) C:\Windows\system32\drivers\sfloppy.sys
2010/11/21 09:50:01.0552 SiSRaid2 (7a5de502aeb719d4594c6471060a78b3) C:\Windows\system32\drivers\sisraid2.sys
2010/11/21 09:50:01.0646 SiSRaid4 (3a2f769fab9582bc720e11ea1dfb184d) C:\Windows\system32\drivers\sisraid4.sys
2010/11/21 09:50:01.0880 Smb (290b6f6a0ec4fcdfc90f5cb6d7020473) C:\Windows\system32\DRIVERS\smb.sys
2010/11/21 09:50:02.0083 spldr (386c3c63f00a7040c7ec5e384217e89d) C:\Windows\system32\drivers\spldr.sys
2010/11/21 09:50:02.0441 SRTSP (ede32f87142057740ab76fef24f9dfb6) C:\Windows\System32\Drivers\NISx64\1005000.087\SRTSP64.SYS
2010/11/21 09:50:02.0785 SRTSPX (a0fab032d949023b4492e81c1b2fad22) C:\Windows\system32\drivers\NISx64\1005000.087\SRTSPX64.SYS
2010/11/21 09:50:03.0003 srv (8cd33a47ca02c79038b669f31f95bdac) C:\Windows\system32\DRIVERS\srv.sys
2010/11/21 09:50:03.0159 srv2 (1bedf533096c56e70f87e3e3ee02caf5) C:\Windows\system32\DRIVERS\srv2.sys
2010/11/21 09:50:03.0362 srvnet (2b8c340f830c465f514d966f7e6a822f) C:\Windows\system32\DRIVERS\srvnet.sys
2010/11/21 09:50:03.0565 STHDA (e01797a54f8a61512b7e590fde6d1988) C:\Windows\system32\DRIVERS\stwrt64.sys
2010/11/21 09:50:03.0814 swenum (8a851ca908b8b974f89c50d2e18d4f0c) C:\Windows\system32\DRIVERS\swenum.sys
2010/11/21 09:50:04.0017 Symc8xx (2f26a2c6fc96b29beff5d8ed74e6625b) C:\Windows\system32\drivers\symc8xx.sys
2010/11/21 09:50:04.0454 SymEFA (acdc50c1d086ce312bceba877ce91274) C:\Windows\system32\drivers\NISx64\1005000.087\SYMEFA64.SYS
2010/11/21 09:50:04.0547 SymEvent (d106432b496d75e3f04a2855ea6c68d7) C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
2010/11/21 09:50:04.0719 SYMFW (0f2c4ed553abd5d9063d73b2eb27c687) C:\Windows\System32\Drivers\NISx64\1005000.087\SYMFW.SYS
2010/11/21 09:50:04.0813 SymIM (9da17e985c8a970b0b9062d7946097d3) C:\Windows\system32\DRIVERS\SymIMv.sys
2010/11/21 09:50:04.0875 SYMNDISV (4d7150436f9085505b9a782a359157f8) C:\Windows\System32\Drivers\NISx64\1005000.087\SYMNDISV.SYS
2010/11/21 09:50:05.0203 SYMTDI (f3a5a414313d97e700374dfe416b93a4) C:\Windows\System32\Drivers\NISx64\1005000.087\SYMTDI.SYS
2010/11/21 09:50:05.0296 Sym_hi (a909667976d3bccd1df813fed517d837) C:\Windows\system32\drivers\sym_hi.sys
2010/11/21 09:50:05.0359 Sym_u3 (36887b56ec2d98b9c362f6ae4de5b7b0) C:\Windows\system32\drivers\sym_u3.sys
2010/11/21 09:50:05.0499 SynTP (b432c6063d4c621241c2b6e05ca0c3e3) C:\Windows\system32\DRIVERS\SynTP.sys
2010/11/21 09:50:05.0733 Tcpip (973658a2ea9c06b2976884b9046dfc6c) C:\Windows\system32\drivers\tcpip.sys
2010/11/21 09:50:05.0920 Tcpip6 (973658a2ea9c06b2976884b9046dfc6c) C:\Windows\system32\DRIVERS\tcpip.sys
2010/11/21 09:50:06.0139 tcpipreg (c7e72a4071ee0200e3c075dacfb2b334) C:\Windows\system32\drivers\tcpipreg.sys
2010/11/21 09:50:06.0248 TDPIPE (1d8bf4aaa5fb7a2761475781dc1195bc) C:\Windows\system32\drivers\tdpipe.sys
2010/11/21 09:50:06.0341 TDTCP (7f7e00cdf609df657f4cda02dd1c9bb1) C:\Windows\system32\drivers\tdtcp.sys
2010/11/21 09:50:06.0451 tdx (458919c8c42e398dc4802178d5ffee27) C:\Windows\system32\DRIVERS\tdx.sys
2010/11/21 09:50:06.0560 TermDD (8c19678d22649ec002ef2282eae92f98) C:\Windows\system32\DRIVERS\termdd.sys
2010/11/21 09:50:06.0778 tssecsrv (9e5409cd17c8bef193aad498f3bc2cb8) C:\Windows\system32\DRIVERS\tssecsrv.sys
2010/11/21 09:50:06.0856 tunmp (89ec74a9e602d16a75a4170511029b3c) C:\Windows\system32\DRIVERS\tunmp.sys
2010/11/21 09:50:06.0981 tunnel (30a9b3f45ad081bffc3bcaa9c812b609) C:\Windows\system32\DRIVERS\tunnel.sys
2010/11/21 09:50:07.0090 uagp35 (fec266ef401966311744bd0f359f7f56) C:\Windows\system32\drivers\uagp35.sys
2010/11/21 09:50:07.0262 udfs (faf2640a2a76ed03d449e443194c4c34) C:\Windows\system32\DRIVERS\udfs.sys
2010/11/21 09:50:07.0511 uliagpkx (4ec9447ac3ab462647f60e547208ca00) C:\Windows\system32\drivers\uliagpkx.sys
2010/11/21 09:50:07.0667 uliahci (697f0446134cdc8f99e69306184fbbb4) C:\Windows\system32\drivers\uliahci.sys
2010/11/21 09:50:07.0745 UlSata (31707f09846056651ea2c37858f5ddb0) C:\Windows\system32\drivers\ulsata.sys
2010/11/21 09:50:07.0808 ulsata2 (85e5e43ed5b48c8376281bab519271b7) C:\Windows\system32\drivers\ulsata2.sys
2010/11/21 09:50:07.0886 umbus (46e9a994c4fed537dd951f60b86ad3f4) C:\Windows\system32\DRIVERS\umbus.sys
2010/11/21 09:50:08.0026 usbaudio (c6ba890de6e41857fbe84175519cae7d) C:\Windows\system32\drivers\usbaudio.sys
2010/11/21 09:50:08.0135 usbccgp (07e3498fc60834219d2356293da0fecc) C:\Windows\system32\DRIVERS\usbccgp.sys
2010/11/21 09:50:08.0198 usbcir (9247f7e0b65852c1f6631480984d6ed2) C:\Windows\system32\drivers\usbcir.sys
2010/11/21 09:50:08.0307 usbehci (827e44de934a736ea31e91d353eb126f) C:\Windows\system32\DRIVERS\usbehci.sys
2010/11/21 09:50:08.0385 usbfilter (8fec71666aba7114f9cab9e56065ec80) C:\Windows\system32\DRIVERS\usbfilter.sys
2010/11/21 09:50:08.0494 usbhub (bb35cd80a2ececfadc73569b3d70c7d1) C:\Windows\system32\DRIVERS\usbhub.sys
2010/11/21 09:50:08.0588 usbohci (e406b003a354776d317762694956b0fc) C:\Windows\system32\DRIVERS\usbohci.sys
2010/11/21 09:50:08.0666 usbprint (28b693b6d31e7b9332c1bdcefef228c1) C:\Windows\system32\DRIVERS\usbprint.sys
2010/11/21 09:50:08.0775 usbscan (ea0bf666868964fbe8cb10e50c97b9f1) C:\Windows\system32\DRIVERS\usbscan.sys
2010/11/21 09:50:08.0884 USBSTOR (b854c1558fca0c269a38663e8b59b581) C:\Windows\system32\DRIVERS\USBSTOR.SYS
2010/11/21 09:50:09.0009 usbuhci (b2872cbf9f47316abd0e0c74a1aba507) C:\Windows\system32\DRIVERS\usbuhci.sys
2010/11/21 09:50:09.0103 usbvideo (fc33099877790d51b0927b7039059855) C:\Windows\system32\Drivers\usbvideo.sys
2010/11/21 09:50:09.0290 vga (916b94bcf1e09873fff2d5fb11767bbc) C:\Windows\system32\DRIVERS\vgapnp.sys
2010/11/21 09:50:09.0337 VgaSave (b83ab16b51feda65dd81b8c59d114d63) C:\Windows\System32\drivers\vga.sys
2010/11/21 09:50:09.0461 viaide (4f964e6828156f0ef3fa8d3a9a7895de) C:\Windows\system32\drivers\viaide.sys
2010/11/21 09:50:09.0555 volmgr (2b7e885ed951519a12c450d24535dfca) C:\Windows\system32\drivers\volmgr.sys
2010/11/21 09:50:09.0742 volmgrx (cec5ac15277d75d9e5dec2e1c6eaf877) C:\Windows\system32\drivers\volmgrx.sys
2010/11/21 09:50:10.0039 volsnap (5280aada24ab36b01a84a6424c475c8d) C:\Windows\system32\drivers\volsnap.sys
2010/11/21 09:50:10.0148 vsmraid (a68f455ed2673835209318dd61bfbb0e) C:\Windows\system32\drivers\vsmraid.sys
2010/11/21 09:50:10.0335 WacomPen (fef8fe5923fead2cee4dfabfce3393a7) C:\Windows\system32\drivers\wacompen.sys
2010/11/21 09:50:10.0475 Wanarp (b8e7049622300d20ba6d8be0c47c0cfd) C:\Windows\system32\DRIVERS\wanarp.sys
2010/11/21 09:50:10.0616 Wanarpv6 (b8e7049622300d20ba6d8be0c47c0cfd) C:\Windows\system32\DRIVERS\wanarp.sys
2010/11/21 09:50:10.0803 Wd (0c17a0816f65b89e362e682ad5e7266e) C:\Windows\system32\drivers\wd.sys
2010/11/21 09:50:11.0287 Wdf01000 (d02e7e4567da1e7582fbf6a91144b0df) C:\Windows\system32\drivers\Wdf01000.sys
2010/11/21 09:50:11.0833 WmiAcpi (e18aebaaa5a773fe11aa2c70f65320f5) C:\Windows\system32\DRIVERS\wmiacpi.sys
2010/11/21 09:50:11.0973 WpdUsb (5e2401b3fc1089c90e081291357371a9) C:\Windows\system32\DRIVERS\wpdusb.sys
2010/11/21 09:50:12.0051 ws2ifsl (8a900348370e359b6bff6a550e4649e1) C:\Windows\system32\drivers\ws2ifsl.sys
2010/11/21 09:50:12.0176 WUDFRd (501a65252617b495c0f1832f908d54d8) C:\Windows\system32\DRIVERS\WUDFRd.sys
2010/11/21 09:50:12.0285 yukonx64 (07f7285220307aafb755d890295f0f9a) C:\Windows\system32\DRIVERS\yk60x64.sys
2010/11/21 09:50:12.0472 {55662437-DA8C-40c0-AADA-2C816A897A49} (1cacfef9e5dd866c5b79a135ee729e18) C:\Program Files (x86)\Hewlett-Packard\Media\DVD\000.fcl
2010/11/21 09:50:12.0597 ================================================================================
2010/11/21 09:50:12.0597 Scan finished
2010/11/21 09:50:12.0597 ================================================================================

#12 thcbytes

thcbytes

  • Malware Response Team
  • 14,790 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:02 PM

Posted 22 November 2010 - 05:06 PM

Well done. :thumbup2:

I am please the redirects have stopped. The Mbr is alright.

This next...

Important Note: Your version of Java is out of date. Older versions have vulnerabilities that malicious sites can use to exploit and infect your system. Microsoft: ‘Unprecedented Wave of Java Exploitation’
Drive-by Trojan preying on out-of-date Java installations
Ghosts of Java Haunt UsersPlease follow these steps to remove older version Java components and update:
  • Download the latest version of Java Runtime Environment (JRE) Version 6 and save it to your desktop.
  • Look for "JDK 6 Update 22 (JDK or JRE)".
  • Click the "Download JRE" button to the right.
  • Select your Platform: "Windows".
  • Select your Language: "Multi-language".
  • Read the License Agreement, and then check the box that says: "I agree to the Java SE...License Agreement".
  • Click Continue and the page will refresh.
  • Under Required Files, check the box for Windows Offline Installation, click the link below it and save the file to your desktop.
  • Close any programs you may have running - especially your web browser.
Go to Posted Image > Control Panel, double-click on Add/Remove Programs or Programs and Features in Vista/Windows 7 and remove all older versions of Java.
  • Check (highlight) any item with Java Runtime Environment (JRE or J2SE) in the name.
  • Click the Remove or Change/Remove button and follow the onscreen instructions for the Java uninstaller.
  • Repeat as many times as necessary to remove each Java versions.
  • Reboot your computer once all Java components are removed.
  • Then from your desktop double-click on jre-6u22-windows-i586.exe to install the newest version.
  • If using Windows 7 or Vista and the installer refuses to launch due to insufficient user permissions, then Run As Administrator.
  • When the Java Setup - Welcome window opens, click the Install > button.
  • If offered to install a Toolbar, just uncheck the box before continuing unless you want it.
-- Starting with Java 6u10, the uninstaller incorporated in each new release uses Enhanced Auto update to automatically remove the previous version when updating to a later update release. It will not remove older versions, so they will need to be removed manually.
-- Java is updated frequently. If you want to be automatically notified of future updates, just turn on the Java Automatic Update feature and you will not have to remember to update when Java releases a new version.


Note: The Java Quick Starter (JQS.exe) adds a service to improve the initial startup time of Java applets and applications but it's not necessary.
To disable the JQS service if you don't want to use it:
  • Go to Start > Control Panel > Java > Advanced > Miscellaneous and uncheck the box for Java Quick Starter.
  • Click Ok and reboot your computer.

==========

Re-run OTL
  • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
  • Click on Minimal Output at the top
  • Download the following file Scan.txt to your Desktop. Click here to download it. You may need to right click on it and select "Save"
  • Double click inside the Custom Scan box at the bottom
  • A window will appear saying "Click Ok to load a custom scan from a file or Cancel to cancel"
  • Click the Ok button and navigate to the file Scan.txt which we just saved to your desktop
  • Select Scan.txt and click Open. Writing will now appear under the Custom Scan box
  • Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  • Please copy (Edit->Select All, Edit->Copy) the contents of the resultant file and post it in your topic

Any further troubles or concerns?

Regards.
thcbytes
Proud member - Unified Network of Instructors and Trained Eliminators
Posted Image

I do not accept personal donations for assistance provided. I would ask that you instead consider donating the greatest gift - Organ Donation. Your organs are of no use to you when your gone. You will save a life that would otherwise be lost!

http://donatelife.net/register-now/

#13 Jaynev

Jaynev
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:09:02 PM

Posted 23 November 2010 - 03:16 AM

Hi Thcbytes,

I updated java and ran the OTL scan as instructed. The "scan.txt" file is at a different (old) link at the geekstogo.com website but I was able to find it. Log posted below.

I had downloaded some data to an external drive before I cleaned this computer. Do you think it is safe to transfer the data back (only non-executatble files) with Windows running in "Safe Mode"?

Thanks again,

JN

OTL logfile created on: 11/23/2010 1:57:11 AM - Run 5
OTL by OldTimer - Version 3.2.17.3 Folder = C:\Users\Jayanta\Desktop
64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18975)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

4.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 60.00% Memory free
8.00 Gb Paging File | 6.00 Gb Available in Paging File | 78.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 285.00 Gb Total Space | 44.41 Gb Free Space | 15.58% Space Free | Partition Type: NTFS
Drive D: | 13.08 Gb Total Space | 2.04 Gb Free Space | 15.57% Space Free | Partition Type: NTFS

Computer Name: EVERMORE | User Name: Jayanta | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Users\Jayanta\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSMonitor.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files (x86)\AVG\AVG10\avgtray.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files (x86)\AVG\AVG10\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
PRC - C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrotray.exe (Adobe Systems Inc.)
PRC - C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
PRC - C:\Program Files (x86)\Common Files\LogiShrd\LVMVFM\LVPrS64H.exe (Logitech Inc.)
PRC - C:\Program Files (x86)\Norton Internet Security\Engine\16.5.0.135\ccSvcHst.exe (Symantec Corporation)
PRC - C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe ()
PRC - C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe ()
PRC - C:\Program Files (x86)\SMINST\BLService.exe ()
PRC - C:\Program Files (x86)\Juniper Networks\Common Files\dsNcService.exe (Juniper Networks)
PRC - C:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe (Vodafone)


========== Modules (SafeList) ==========

MOD - C:\Users\Jayanta\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\msshsq.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\msi.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\duser.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\sfc_os.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\sfc.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\msiltcfg.dll (Microsoft Corporation)


========== Win32 Services (SafeList) ==========

SRV:64bit: - (LVPrcS64) -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe (Logitech Inc.)
SRV:64bit: - (Ati External Event Utility) -- C:\Windows\SysNative\Ati2evxx.exe (ATI Technologies Inc.)
SRV:64bit: - (STacSV) -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_bd5387da\STacSV64.exe (IDT, Inc.)
SRV:64bit: - (AESTFilters) -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_bd5387da\AESTSr64.exe (Andrea Electronics Corporation)
SRV:64bit: - (hpsrv) -- C:\Windows\SysNative\Hpservice.exe (Hewlett-Packard Corporation)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV:64bit: - (AgereModemAudio) -- C:\Windows\SysNative\agr64svc.exe (Agere Systems)
SRV:64bit: - (lxct_device) -- C:\Windows\SysNative\lxctcoms.exe ( )
SRV - (AVGIDSAgent) -- C:\Program Files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe (AVG Technologies CZ, s.r.o.)
SRV - (avgwd) -- C:\Program Files (x86)\AVG\AVG10\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
SRV - (nosGetPlusHelper) getPlus® -- C:\Program Files (x86)\NOS\bin\getPlus_Helper_3004.dll (NOS Microsystems Ltd.)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (FLEXnet Licensing Service) -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Macrovision Europe Ltd.)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (Norton Internet Security) -- C:\Program Files (x86)\Norton Internet Security\Engine\16.5.0.135\ccSvcHst.exe (Symantec Corporation)
SRV - (TVCapSvc) TV Background Capture Service (TVBCS) -- C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe ()
SRV - (TVSched) TV Task Scheduler (TVTS) -- C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe ()
SRV - (Recovery Service for Windows) -- C:\Program Files (x86)\SMINST\BLService.exe ()
SRV - (dsNcService) -- C:\Program Files (x86)\Juniper Networks\Common Files\dsNcService.exe (Juniper Networks)
SRV - (VMCService) -- C:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe (Vodafone)
SRV - (lxct_device) -- C:\Windows\SysWow64\lxctcoms.exe ( )


========== Driver Services (SafeList) ==========

DRV:64bit: - (SYMREDRV) -- C:\Windows\SysNative\drivers\NISx64\1000000.07D\SYMREDRV.SYS File not found
DRV:64bit: - (SYMDNS) -- C:\Windows\SysNative\drivers\NISx64\1000000.07D\SYMDNS.SYS File not found
DRV:64bit: - (NwlnkFwd) -- C:\Windows\SysNative\DRIVERS\nwlnkfwd.sys File not found
DRV:64bit: - (NwlnkFlt) -- C:\Windows\SysNative\DRIVERS\nwlnkflt.sys File not found
DRV:64bit: - (IpInIp) -- C:\Windows\SysNative\DRIVERS\ipinip.sys File not found
DRV:64bit: - (AVGIDSEH) -- C:\Windows\SysNative\DRIVERS\AVGIDSEH.Sys (AVG Technologies CZ, s.r.o. )
DRV:64bit: - (Avgtdia) -- C:\Windows\SysNative\DRIVERS\avgtdia.sys (AVG Technologies CZ, s.r.o.)
DRV:64bit: - (Avgmfx64) -- C:\Windows\SysNative\DRIVERS\avgmfx64.sys (AVG Technologies CZ, s.r.o.)
DRV:64bit: - (Avgldx64) -- C:\Windows\SysNative\DRIVERS\avgldx64.sys (AVG Technologies CZ, s.r.o.)
DRV:64bit: - (Avgrkx64) -- C:\Windows\SysNative\DRIVERS\avgrkx64.sys (AVG Technologies CZ, s.r.o.)
DRV:64bit: - (AVGIDSFilter) -- C:\Windows\SysNative\DRIVERS\AVGIDSFilter.Sys (AVG Technologies CZ, s.r.o. )
DRV:64bit: - (AVGIDSDriver) -- C:\Windows\SysNative\DRIVERS\AVGIDSDriver.Sys (AVG Technologies CZ, s.r.o. )
DRV:64bit: - (MEMSWEEP2) -- C:\Windows\SysNative\453E.tmp (Sophos Plc)
DRV:64bit: - (WpdUsb) -- C:\Windows\SysNative\DRIVERS\wpdusb.sys (Microsoft Corporation)
DRV:64bit: - (SymEvent) -- C:\Windows\SysNative\Drivers\SYMEVENT64x86.SYS (Symantec Corporation)
DRV:64bit: - (ccHP) -- C:\Windows\SysNative\Drivers\NISx64\1005000.087\ccHPx64.sys (Symantec Corporation)
DRV:64bit: - (BHDrvx64) -- C:\Windows\SysNative\drivers\NISx64\1005000.087\BHDrvx64.sys (Symantec Corporation)
DRV:64bit: - (PID_PEPI) Logitech QuickCam IM(PID_PEPI) -- C:\Windows\SysNative\DRIVERS\LV302V64.SYS (Logitech Inc.)
DRV:64bit: - (LVPr2Mon) -- C:\Windows\SysNative\DRIVERS\LVPr2M64.sys ()
DRV:64bit: - (LVPr2M64) -- C:\Windows\SysNative\DRIVERS\LVPr2M64.sys ()
DRV:64bit: - (SRTSP) -- C:\Windows\SysNative\Drivers\NISx64\1005000.087\SRTSP64.SYS (Symantec Corporation)
DRV:64bit: - (SymEFA) -- C:\Windows\SysNative\drivers\NISx64\1005000.087\SYMEFA64.SYS (Symantec Corporation)
DRV:64bit: - (SYMTDI) -- C:\Windows\SysNative\Drivers\NISx64\1005000.087\SYMTDI.SYS (Symantec Corporation)
DRV:64bit: - (SYMFW) -- C:\Windows\SysNative\Drivers\NISx64\1005000.087\SYMFW.SYS (Symantec Corporation)
DRV:64bit: - (SYMNDISV) -- C:\Windows\SysNative\Drivers\NISx64\1005000.087\SYMNDISV.SYS (Symantec Corporation)
DRV:64bit: - (SymIM) -- C:\Windows\SysNative\DRIVERS\SymIMv.sys (Symantec Corporation)
DRV:64bit: - (SRTSPX) Symantec Real Time Storage Protection (PEL) -- C:\Windows\SysNative\drivers\NISx64\1005000.087\SRTSPX64.SYS (Symantec Corporation)
DRV:64bit: - (RimVSerPort) -- C:\Windows\SysNative\DRIVERS\RimSerial_AMD64.sys (Research in Motion Ltd)
DRV:64bit: - (atikmdag) -- C:\Windows\SysNative\DRIVERS\atikmdag.sys (ATI Technologies Inc.)
DRV:64bit: - (dsNcAdpt) -- C:\Windows\SysNative\DRIVERS\dsNcAdX64.sys (Juniper Networks)
DRV:64bit: - (athr) -- C:\Windows\SysNative\DRIVERS\athrx.sys (Atheros Communications, Inc.)
DRV:64bit: - (STHDA) -- C:\Windows\SysNative\DRIVERS\stwrt64.sys (IDT, Inc.)
DRV:64bit: - (JMCR) -- C:\Windows\SysNative\DRIVERS\jmcr.sys (JMicron Technology Corporation)
DRV:64bit: - (hwdatacard) -- C:\Windows\SysNative\DRIVERS\ewusbmdm.sys (Huawei Technologies Co., Ltd.)
DRV:64bit: - (usbfilter) -- C:\Windows\SysNative\DRIVERS\usbfilter.sys (Advanced Micro Devices Inc.)
DRV:64bit: - (RimUsb) -- C:\Windows\SysNative\Drivers\RimUsb_AMD64.sys (Research In Motion Limited)
DRV:64bit: - (AtiPcie) ATI PCI Express (3GIO) -- C:\Windows\SysNative\DRIVERS\AtiPcie.sys (ATI Technologies Inc.)
DRV:64bit: - (hpdskflt) -- C:\Windows\SysNative\DRIVERS\hpdskflt.sys (Hewlett-Packard Corporation)
DRV:64bit: - (Accelerometer) -- C:\Windows\SysNative\DRIVERS\Accelerometer.sys (Hewlett-Packard Corporation)
DRV:64bit: - (AgereSoftModem) -- C:\Windows\SysNative\DRIVERS\agrsm64.sys (Agere Systems)
DRV:64bit: - (RTL8169) -- C:\Windows\SysNative\DRIVERS\Rtlh64.sys (Realtek Corporation )
DRV:64bit: - (enecir) -- C:\Windows\SysNative\DRIVERS\enecir.sys (ENE TECHNOLOGY INC.)
DRV:64bit: - (ROOTMODEM) -- C:\Windows\SysNative\Drivers\RootMdm.sys (Microsoft Corporation)
DRV:64bit: - (NETw3v64) Intel® -- C:\Windows\SysNative\DRIVERS\NETw3v64.sys (Intel Corporation)
DRV:64bit: - (sdbus) -- C:\Windows\SysNative\DRIVERS\sdbus.sys (Microsoft Corporation)
DRV:64bit: - (SynTP) -- C:\Windows\SysNative\DRIVERS\SynTP.sys (Synaptics, Inc.)
DRV:64bit: - (HpqKbFiltr) -- C:\Windows\SysNative\DRIVERS\HpqKbFiltr.sys (Hewlett-Packard Development Company, L.P.)
DRV:64bit: - (yukonx64) -- C:\Windows\SysNative\DRIVERS\yk60x64.sys (Marvell)
DRV:64bit: - (Ntfs) -- C:\Windows\SysNative\Wbem\ntfs.mof ()
DRV - (Normandy) -- C:\Windows\SysWow64\drivers\Normandy.sys ()
DRV - (rkhdrv40) -- C:\Windows\SysWow64\drivers\rkhdrv40.sys ()
DRV - (eeCtrl) -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys (Symantec Corporation)
DRV - (IDSVia64) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20090709.001\IDSviA64.sys (Symantec Corporation)
DRV - ({55662437-DA8C-40c0-AADA-2C816A897A49}) -- C:\Program Files (x86)\Hewlett-Packard\Media\DVD\000.fcl (CyberLink Corp.)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=91&bd=Pavilion&pf=cnnb
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=91&bd=Pavilion&pf=cnnb
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=91&bd=Pavilion&pf=cnnb
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=91&bd=Pavilion&pf=cnnb

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=91&bd=Pavilion&pf=cnnb
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://gmail.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Ask.com"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://mail.google.com/mail/?shva=1#inbox"
FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:1.0
FF - prefs.js..extensions.enabledItems: {3f963a5b-e555-4543-90e2-c3908898db71}:10.0.0.1151
FF - prefs.js..keyword.URL: "http://websearch.ask.com/redirect?client=ff&src=kw&tb=WBG&o=15136&locale=en_US&apn_uid=44061580-FBA4-467B-AE9B-AB77EE899003&apn_ptnrs=RS&apn_sauid=43E34337-7BD3-49F3-8AD0-4705921020C4&apn_dtid=YYYYYYYYUS&q="

FF - HKLM\software\mozilla\Firefox\Extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\Program Files (x86)\AVG\AVG10\Firefox\ [2010/10/25 23:41:00 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2010/10/28 14:21:18 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2010/11/17 23:04:10 | 000,000,000 | ---D | M]

[2009/05/11 00:13:57 | 000,000,000 | ---D | M] -- C:\Users\Jayanta\AppData\Roaming\Mozilla\Extensions
[2010/11/23 01:53:09 | 000,000,000 | ---D | M] -- C:\Users\Jayanta\AppData\Roaming\Mozilla\Firefox\Profiles\3ydujb0p.default\extensions
[2010/11/03 12:03:37 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Jayanta\AppData\Roaming\Mozilla\Firefox\Profiles\3ydujb0p.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/10/05 22:14:19 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jayanta\AppData\Roaming\Mozilla\Firefox\Profiles\3ydujb0p.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}
[2010/11/18 15:00:49 | 000,000,000 | ---D | M] -- C:\Users\Jayanta\AppData\Roaming\Mozilla\Firefox\Profiles\3ydujb0p.default\extensions\toolbar@ask.com
[2010/11/18 15:00:54 | 000,002,567 | ---- | M] () -- C:\Users\Jayanta\AppData\Roaming\Mozilla\Firefox\Profiles\3ydujb0p.default\searchplugins\askcom.xml
[2010/11/22 22:31:19 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2010/10/26 23:44:15 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll

O1 HOSTS File: ([2010/02/09 21:22:43 | 000,000,761 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2:64bit: - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG10\avgssiea.dll (AVG Technologies CZ, s.r.o.)
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5612.1312\swg64.dll (Google Inc.)
O2 - BHO: (Skype add-on (mastermind)) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - c:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG10\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\16.5.0.135\CoIEPlg.dll (Symantec Corporation)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\16.5.0.135\IPSBHO.dll (Symantec Corporation)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.6.5612.1312\swg.dll (Google Inc.)
O2 - BHO: (Google Dictionary Compression sdch) - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files (x86)\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll (Google Inc.)
O2 - BHO: (Microsoft Live Search Toolbar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\Program Files (x86)\MSN\Toolbar\3.0.0541.0\msneshellx.dll (Microsoft Corp.)
O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll File not found
O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (no name) - - No CLSID value found.
O3 - HKLM\..\Toolbar: (Microsoft Live Search Toolbar) - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - c:\Program Files (x86)\MSN\Toolbar\3.0.0541.0\msneshellx.dll (Microsoft Corp.)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\16.5.0.135\CoIEPlg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKCU\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\16.5.0.135\CoIEPlg.dll (Symantec Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [Adobe Acrobat Speed Launcher] C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files (x86)\AVG\AVG10\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [HP Health Check Scheduler] c:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe (Hewlett-Packard)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKCU..\Run: [swg] C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O8:64bit: - Extra context menu item: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Append to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Convert link target to existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Append to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert link target to existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Ranges: Range1 ([http] in Local intranet)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {0246ECA8-996F-11D1-BE2F-00A0C9037DFE} http://www.anandabazar.com/wfplayer/tdserver.cab (TDServer Control)
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} http://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.5.0.cab (DLM Control)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (Reg Error: Key error.)
O16 - DPF: {E008A543-CEFB-4559-912F-C27C2B89F13B} https://domino7.unlv.edu/dwa7W.cab (Domino Web Access 7 Control)
O16 - DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} https://vpn.umuc.edu/dana-cached/sc/JuniperSetupClient.cab (JuniperSetupClientControl Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.1.1.1
O18:64bit: - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG10\avgppa.dll (AVG Technologies CZ, s.r.o.)
O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\symres {AA1061FE-6C41-421f-9344-69640C9732AB} - Reg Error: Key error. File not found
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG10\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\symres {AA1061FE-6C41-421f-9344-69640C9732AB} - C:\Program Files (x86)\Norton Internet Security\Engine\16.5.0.135\CoIEPlg.dll (Symantec Corporation)
O18:64bit: - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - Reg Error: Key error. File not found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Jayanta\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O24 - Desktop BackupWallPaper: C:\Users\Jayanta\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{02d056b5-a307-11de-9967-00235a36da1f}\Shell - "" = AutoRun
O33 - MountPoints2\{02d056b5-a307-11de-9967-00235a36da1f}\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe -- File not found
O33 - MountPoints2\{970c5da7-bd8a-11de-8bfe-00235a36da1f}\Shell - "" = AutoRun
O33 - MountPoints2\{970c5da7-bd8a-11de-8bfe-00235a36da1f}\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (C:\PROGRA~2\AVG\AVG10\avgchsva.exe /sync) - C:\Program Files (x86)\AVG\AVG10\avgchsva.exe (AVG Technologies CZ, s.r.o.)
O34 - HKLM BootExecute: (C:\PROGRA~2\AVG\AVG10\avgrsa.exe /sync /restart) - C:\Program Files (x86)\AVG\AVG10\avgrsa.exe (AVG Technologies CZ, s.r.o.)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*


Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32:64bit: vidc.i420 - lvcod64.dll (Logitech Inc.)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3codecp - C:\Windows\SysWow64\l3codecp.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\Windows\SysWow64\DivX.dll (DivX, Inc.)
Drivers32: VIDC.DVSD - C:\Windows\SysWow64\pdvcodec.dll (Matsubleepa Electric Industrial Co., Ltd.)
Drivers32: vidc.i420 - C:\Windows\SysWow64\lvcodec2.dll (Logitech Inc.)
Drivers32: vidc.yv12 - C:\Windows\SysWow64\DivX.dll (DivX, Inc.)

MsConfig:64bit - StartUpReg: Acrobat Assistant 8.0 - hkey= - key= - C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)
MsConfig:64bit - StartUpReg: Adobe Acrobat Speed Launcher - hkey= - key= - C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe (Adobe Systems Incorporated)
MsConfig:64bit - StartUpReg: Adobe Reader Speed Launcher - hkey= - key= - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
MsConfig:64bit - StartUpReg: AVG9_TRAY - hkey= - key= - C:\PROGRA~2\AVG\AVG9\avgtray.exe File not found
MsConfig:64bit - StartUpReg: BlackBerryAutoUpdate - hkey= - key= - C:\Program Files (x86)\Common Files\Research In Motion\Auto Update\RIMAutoUpdate.exe (Research In Motion Limited)
MsConfig:64bit - StartUpReg: CLMLServer for HP TouchSmart - hkey= - key= - C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe File not found
MsConfig:64bit - StartUpReg: DVDAgent - hkey= - key= - C:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe (CyberLink Corp.)
MsConfig:64bit - StartUpReg: Lexmark 5400 Series - hkey= - key= - C:\Program Files (x86)\Lexmark 5400 Series\fm3032.exe ()
MsConfig:64bit - StartUpReg: LogitechQuickCamRibbon - hkey= - key= - C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe ()
MsConfig:64bit - StartUpReg: LXCTCATS - hkey= - key= - C:\Windows\SysNative\spool\DRIVERS\x64\3\LXCTtime.DLL (Lexmark International Inc.)
MsConfig:64bit - StartUpReg: MobileConnect - hkey= - key= - C:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe (Vodafone)
MsConfig:64bit - StartUpReg: SunJavaUpdateSched - hkey= - key= - C:\Program Files (x86)\Java\jre6\bin\jusched.exe File not found
MsConfig:64bit - StartUpReg: swg - hkey= - key= - C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
MsConfig:64bit - StartUpReg: TkBellExe - hkey= - key= - C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
MsConfig:64bit - StartUpReg: TSMAgent - hkey= - key= - C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe File not found
MsConfig:64bit - StartUpReg: TVAgent - hkey= - key= - C:\Program Files (x86)\Hewlett-Packard\Media\TV\TVAgent.exe (CyberLink Corp.)
MsConfig:64bit - StartUpReg: UCam_Menu - hkey= - key= - C:\Program Files (x86)\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
MsConfig:64bit - StartUpReg: UpdateLBPShortCut - hkey= - key= - C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
MsConfig:64bit - StartUpReg: UpdateP2GoShortCut - hkey= - key= - C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
MsConfig:64bit - StartUpReg: UpdatePDIRShortCut - hkey= - key= - C:\Program Files (x86)\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
MsConfig:64bit - StartUpReg: UpdatePSTShortCut - hkey= - key= - C:\Program Files (x86)\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
MsConfig:64bit - State: "startup" - Reg Error: Key error.

SafeBootMin:64bit: AppMgmt - Service
SafeBootMin:64bit: Base - Driver Group
SafeBootMin:64bit: Boot Bus Extender - Driver Group
SafeBootMin:64bit: Boot file system - Driver Group
SafeBootMin:64bit: File system - Driver Group
SafeBootMin:64bit: Filter - Driver Group
SafeBootMin:64bit: HelpSvc - Service
SafeBootMin:64bit: PCI Configuration - Driver Group
SafeBootMin:64bit: PNP Filter - Driver Group
SafeBootMin:64bit: Primary disk - Driver Group
SafeBootMin:64bit: sacsvr - Service
SafeBootMin:64bit: SCSI Class - Driver Group
SafeBootMin:64bit: SymEFA.sys - C:\Windows\SysNative\drivers\NISx64\1005000.087\SYMEFA64.SYS (Symantec Corporation)
SafeBootMin:64bit: System Bus Extender - Driver Group
SafeBootMin:64bit: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootMin:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootMin: AppMgmt - Service
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

SafeBootNet:64bit: AppMgmt - Service
SafeBootNet:64bit: Base - Driver Group
SafeBootNet:64bit: Boot Bus Extender - Driver Group
SafeBootNet:64bit: Boot file system - Driver Group
SafeBootNet:64bit: File system - Driver Group
SafeBootNet:64bit: Filter - Driver Group
SafeBootNet:64bit: HelpSvc - Service
SafeBootNet:64bit: Messenger - Service
SafeBootNet:64bit: NDIS Wrapper - Driver Group
SafeBootNet:64bit: NetBIOSGroup - Driver Group
SafeBootNet:64bit: NetDDEGroup - Driver Group
SafeBootNet:64bit: Network - Driver Group
SafeBootNet:64bit: NetworkProvider - Driver Group
SafeBootNet:64bit: PCI Configuration - Driver Group
SafeBootNet:64bit: PNP Filter - Driver Group
SafeBootNet:64bit: PNP_TDI - Driver Group
SafeBootNet:64bit: Primary disk - Driver Group
SafeBootNet:64bit: rdsessmgr - Service
SafeBootNet:64bit: sacsvr - Service
SafeBootNet:64bit: SCSI Class - Driver Group
SafeBootNet:64bit: Streams Drivers - Driver Group
SafeBootNet:64bit: SymEFA.sys - C:\Windows\SysNative\drivers\NISx64\1005000.087\SYMEFA64.SYS (Symantec Corporation)
SafeBootNet:64bit: System Bus Extender - Driver Group
SafeBootNet:64bit: TDI - Driver Group
SafeBootNet:64bit: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootNet:64bit: WudfPf - Driver
SafeBootNet:64bit: WudfUsbccidDriver - Driver
SafeBootNet:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet:64bit: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet:64bit: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet:64bit: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet:64bit: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet:64bit: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootNet: AppMgmt - Service
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: WudfPf - Driver
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

ActiveX:64bit: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX:64bit: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} -
ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 11.0
ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX:64bit: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} -
ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.7
ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\system32\ie4uinit.exe -BaseSettings
ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX:64bit: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX:64bit: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework
ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\system32\unregmp2.exe /ShowWMP
ActiveX:64bit: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\system32\ie4uinit.exe -UserIconConfig
ActiveX:64bit: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
ActiveX: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "C:\Program Files (x86)\Common Files\LightScribe\LSRunOnce.exe"
ActiveX: {1AED62A0-E781-877E-4172-BA9EFADCF5FF} - Browser Customizations
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4DC936B8-247C-615D-A866-4FF23E5432B9} - Internet Explorer
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - Web Folders
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\SysWOW64\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\SysWOW64\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\iedkcs32.dll",BrandIEActiveSetup SIGNUP

========== Files/Folders - Created Within 30 Days ==========

[2010/11/22 22:39:41 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2010/11/22 22:12:51 | 016,192,800 | ---- | C] (Sun Microsystems, Inc.) -- C:\Users\Jayanta\jre-6u22-windows-x64.exe
[2010/11/22 09:50:50 | 000,454,656 | ---- | C] (Simon Tatham) -- C:\Users\Jayanta\Desktop\putty.exe
[2010/11/21 15:16:16 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2010/11/21 15:16:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2010/11/21 13:20:28 | 006,153,352 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\Jayanta\Desktop\mbam-setup-1.46.exe
[2010/11/21 10:51:27 | 000,000,000 | ---D | C] -- C:\Users\Jayanta\Desktop\tdsskiller
[2010/11/21 10:49:50 | 000,000,000 | ---D | C] -- C:\_OTL
[2010/11/19 01:09:41 | 000,000,000 | ---D | C] -- C:\Users\Jayanta\Desktop\RkU3.8.388.590
[2010/11/19 00:56:10 | 000,000,000 | ---D | C] -- C:\RkUnhooker
[2010/11/19 00:55:37 | 000,000,000 | ---D | C] -- C:\Users\Jayanta\Desktop\rkunhooker
[2010/11/18 14:35:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ask.com
[2010/11/18 14:35:46 | 000,000,000 | ---D | C] -- C:\Users\Jayanta\AppData\Roaming\Philipp Winterberg
[2010/11/18 14:35:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Free RAR Extract Frog
[2010/11/18 14:32:03 | 003,402,528 | ---- | C] (Philipp Winterberg) -- C:\Users\Jayanta\Desktop\InstallFreeRARExtractFrog.exe
[2010/11/18 11:45:11 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Users\Jayanta\Desktop\OTL.exe
[2010/11/14 16:42:07 | 000,000,000 | ---D | C] -- C:\Users\Jayanta\Desktop\gmer
[2010/11/13 18:41:20 | 000,000,000 | ---D | C] -- C:\Users\Jayanta\AppData\Roaming\Malwarebytes
[2010/11/13 18:41:06 | 000,024,664 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2010/11/13 18:41:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010/11/13 18:35:26 | 006,153,352 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\Jayanta\Desktop\jayanta-setup-1.46.exe
[2010/11/13 00:42:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Sophos
[2010/11/13 00:39:18 | 000,000,000 | ---D | C] -- C:\Users\Jayanta\Desktop\RootkitBuster_2.80.1077
[2010/11/05 09:04:30 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\NSSx64
[2010/11/05 09:04:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Norton Security Scan
[2010/11/05 09:04:30 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\NSSx64\0207030.022
[2010/11/05 09:03:41 | 000,318,088 | ---- | C] (Symantec Corp.) -- C:\Users\Jayanta\Desktop\Setup.exe
[2010/11/03 18:37:16 | 000,189,520 | ---- | C] (Trend Micro Inc.) -- C:\Windows\SysWow64\drivers\tmcomm.sys
[2010/11/02 11:30:54 | 000,000,000 | ---D | C] -- C:\Users\Jayanta\AppData\Roaming\Apple Computer
[2010/11/02 11:30:54 | 000,000,000 | ---D | C] -- C:\Users\Jayanta\AppData\Local\Apple Computer
[2010/11/02 11:30:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Safari
[2010/11/02 11:20:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Apple
[2010/11/02 11:19:45 | 000,000,000 | ---D | C] -- C:\Users\Jayanta\AppData\Local\Apple
[2010/11/02 11:19:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Apple Software Update
[2010/11/02 11:19:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple
[2010/10/26 23:46:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2009/06/08 21:48:50 | 000,409,600 | ---- | C] ( ) -- C:\Windows\SysWow64\lxctinpa.dll
[2009/06/08 21:48:49 | 000,643,072 | ---- | C] ( ) -- C:\Windows\SysWow64\lxctpmui.dll
[2009/06/08 21:48:49 | 000,393,216 | ---- | C] ( ) -- C:\Windows\SysWow64\lxctiesc.dll
[2009/06/08 21:48:48 | 001,187,840 | ---- | C] ( ) -- C:\Windows\SysWow64\lxctserv.dll
[2009/06/08 21:48:48 | 000,983,040 | ---- | C] ( ) -- C:\Windows\SysWow64\lxctusb1.dll
[2009/06/08 21:48:48 | 000,163,840 | ---- | C] ( ) -- C:\Windows\SysWow64\lxctprox.dll
[2009/06/08 21:48:48 | 000,094,208 | ---- | C] ( ) -- C:\Windows\SysWow64\lxctpplc.dll
[2009/06/08 21:48:47 | 000,696,320 | ---- | C] ( ) -- C:\Windows\SysWow64\lxcthbn3.dll
[2009/06/08 21:48:47 | 000,667,648 | ---- | C] ( ) -- C:\Windows\SysWow64\lxctcomc.dll
[2009/06/08 21:48:47 | 000,528,384 | ---- | C] ( ) -- C:\Windows\SysWow64\lxctlmpm.dll
[2009/06/08 21:48:47 | 000,421,888 | ---- | C] ( ) -- C:\Windows\SysWow64\lxctcomm.dll
[2 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]
[1 C:\Users\Jayanta\Desktop\*.tmp files -> C:\Users\Jayanta\Desktop\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010/11/23 01:56:15 | 930,497,536 | ---- | M] () -- C:\Users\Jayanta\Desktop\inbox.pst
[2010/11/23 01:56:15 | 520,111,104 | ---- | M] () -- C:\Users\Jayanta\Desktop\sent.pst
[2010/11/23 01:40:59 | 000,000,900 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2379491072-1832334390-2107030829-1001UA.job
[2010/11/23 01:36:00 | 000,000,916 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2379491072-1832334390-2107030829-1000UA.job
[2010/11/23 01:10:29 | 099,888,090 | ---- | M] () -- C:\Windows\SysNative\drivers\AVG\incavi.avm
[2010/11/23 01:05:20 | 000,015,820 | ---- | M] () -- C:\Users\Jayanta\Desktop\Pappan_FIN640_HW10.xlsx
[2010/11/23 00:35:38 | 000,003,216 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010/11/23 00:35:38 | 000,003,216 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010/11/22 23:53:08 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010/11/22 22:43:05 | 000,703,388 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2010/11/22 22:43:05 | 000,604,502 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2010/11/22 22:43:05 | 000,104,170 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2010/11/22 22:35:24 | 4024,262,656 | -HS- | M] () -- C:\hiberfil.sys
[2010/11/22 22:33:58 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2010/11/22 22:12:25 | 000,000,000 | ---- | M] () -- C:\Users\Jayanta\Desktop\jre-6u22-windows-x64.exe
[2010/11/22 21:41:00 | 000,000,848 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2379491072-1832334390-2107030829-1001Core.job
[2010/11/22 21:05:58 | 000,000,864 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2379491072-1832334390-2107030829-1000Core.job
[2010/11/22 14:05:42 | 000,556,873 | ---- | M] () -- C:\Users\Jayanta\Desktop\RoyalResorts.jpg
[2010/11/22 09:50:51 | 000,454,656 | ---- | M] (Simon Tatham) -- C:\Users\Jayanta\Desktop\putty.exe
[2010/11/22 08:15:08 | 000,022,826 | ---- | M] () -- C:\Users\Jayanta\Desktop\FAC_Profile_MSAF_2011APR-rev.xlsx
[2010/11/22 01:13:36 | 000,080,724 | ---- | M] () -- C:\Users\Jayanta\Desktop\ESET.jpg
[2010/11/21 17:20:56 | 000,000,502 | -H-- | M] () -- C:\Windows\tasks\Norton Security Scan for Jayanta.job
[2010/11/21 15:16:19 | 000,000,848 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/11/21 13:20:39 | 006,153,352 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\Jayanta\Desktop\mbam-setup-1.46.exe
[2010/11/21 10:51:16 | 001,224,671 | ---- | M] () -- C:\Users\Jayanta\Desktop\tdsskiller.zip
[2010/11/21 01:56:45 | 000,100,679 | ---- | M] () -- C:\Users\Jayanta\Desktop\DelhiFlorist.jpg
[2010/11/19 13:49:02 | 000,080,384 | ---- | M] () -- C:\Users\Jayanta\Desktop\MBRCheck.exe
[2010/11/19 12:28:43 | 000,197,003 | ---- | M] () -- C:\Users\Jayanta\Desktop\RKU.jpg
[2010/11/19 12:27:42 | 000,034,560 | ---- | M] () -- C:\Windows\SysWow64\drivers\Normandy.sys
[2010/11/19 01:07:06 | 000,629,057 | ---- | M] () -- C:\Users\Jayanta\Desktop\RkU3.8.388.590.rar
[2010/11/19 01:01:56 | 000,024,320 | ---- | M] () -- C:\Windows\SysWow64\drivers\rkhdrv40.sys
[2010/11/19 00:54:51 | 000,161,243 | ---- | M] () -- C:\Users\Jayanta\Desktop\rkunhooker.zip
[2010/11/19 00:47:42 | 000,052,736 | ---- | M] () -- C:\Users\Jayanta\Desktop\Quiz_Stats.xls
[2010/11/18 22:07:14 | 000,325,120 | ---- | M] () -- C:\Users\Jayanta\Desktop\Equity.ppt
[2010/11/18 22:07:00 | 000,115,378 | ---- | M] () -- C:\Users\Jayanta\Desktop\EquityNF.rtf
[2010/11/18 18:19:14 | 000,002,657 | ---- | M] () -- C:\Users\Jayanta\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Office Word 2003.lnk
[2010/11/18 14:32:06 | 003,402,528 | ---- | M] (Philipp Winterberg) -- C:\Users\Jayanta\Desktop\InstallFreeRARExtractFrog.exe
[2010/11/18 11:45:16 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Jayanta\Desktop\OTL.exe
[2010/11/17 23:04:10 | 000,001,917 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2010/11/17 21:27:42 | 000,151,552 | ---- | M] () -- C:\Users\Jayanta\Desktop\equityNF.doc
[2010/11/17 11:03:21 | 000,000,112 | ---- | M] () -- C:\Users\Jayanta\webct_upload_applet.properties
[2010/11/17 11:02:41 | 000,076,288 | ---- | M] () -- C:\Users\Jayanta\Documents\Counseling Consultation Fall 2010.ppt
[2010/11/15 15:14:16 | 000,011,903 | ---- | M] () -- C:\Users\Jayanta\Desktop\L3.jpg
[2010/11/14 20:57:04 | 000,002,436 | ---- | M] () -- C:\Users\Jayanta\Desktop\Attach.zip
[2010/11/14 16:51:56 | 000,086,016 | ---- | M] () -- C:\Users\Jayanta\Desktop\Final-FIN640-Summer2010.doc
[2010/11/14 16:41:01 | 000,288,107 | ---- | M] () -- C:\Users\Jayanta\Desktop\gmer.zip
[2010/11/14 16:30:12 | 000,630,272 | ---- | M] () -- C:\Users\Jayanta\Desktop\dds.pif
[2010/11/14 16:25:53 | 000,630,272 | ---- | M] () -- C:\Users\Jayanta\Desktop\dds.scr
[2010/11/13 18:35:31 | 006,153,352 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\Jayanta\Desktop\jayanta-setup-1.46.exe
[2010/11/13 00:41:33 | 001,376,832 | ---- | M] () -- C:\Users\Jayanta\Desktop\sar_15_sfx.exe
[2010/11/13 00:39:05 | 001,074,232 | ---- | M] () -- C:\Users\Jayanta\Desktop\RootkitBuster_2.80.1077.zip
[2010/11/12 22:01:40 | 000,087,040 | ---- | M] () -- C:\Users\Jayanta\Desktop\equityNP.doc
[2010/11/12 05:33:02 | 000,189,353 | ---- | M] () -- C:\Users\Jayanta\Desktop\Poker_Stats.jpg
[2010/11/11 12:00:53 | 000,030,208 | ---- | M] () -- C:\Users\Jayanta\Desktop\MSAF_Survey.doc
[2010/11/11 11:34:39 | 467,289,088 | ---- | M] () -- C:\Users\Jayanta\Desktop\sent3.pst
[2010/11/10 12:58:16 | 000,000,968 | ---- | M] () -- C:\Users\Jayanta\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Microsoft Office Outlook.lnk
[2010/11/09 09:04:09 | 000,055,045 | ---- | M] () -- C:\Users\Jayanta\Desktop\Gdp20-40.jpg
[2010/11/08 21:08:59 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForJayanta.job
[2010/11/07 12:14:12 | 000,171,159 | ---- | M] () -- C:\Users\Jayanta\Desktop\equityNP.pdf
[2010/11/07 12:09:53 | 000,000,000 | ---- | M] () -- C:\Users\Jayanta\defogger_reenable
[2010/11/07 12:07:10 | 000,050,477 | ---- | M] () -- C:\Users\Jayanta\Desktop\Defogger.exe
[2010/11/06 20:42:14 | 000,026,624 | ---- | M] () -- C:\Users\Jayanta\Desktop\Trackrecord_Agreement.doc
[2010/11/05 09:04:36 | 000,001,179 | ---- | M] () -- C:\Users\Public\Desktop\Norton Security Scan.lnk
[2010/11/05 09:04:30 | 000,000,172 | ---- | M] () -- C:\Windows\SysNative\drivers\NSSx64\0207030.022\isolate.ini
[2010/11/05 09:03:42 | 000,318,088 | ---- | M] (Symantec Corp.) -- C:\Users\Jayanta\Desktop\Setup.exe
[2010/11/03 23:32:15 | 000,028,672 | ---- | M] () -- C:\Users\Jayanta\Desktop\Drazik Award Nominees 2010 Turner_TMG.doc
[2010/11/03 18:35:41 | 000,000,036 | ---- | M] () -- C:\Users\Jayanta\AppData\Local\housecall.guid.cache
[2010/11/01 15:46:22 | 000,054,394 | ---- | M] () -- C:\Users\Jayanta\Desktop\stock-vector-sheriff-aiming-a-gun-26884678.jpg
[2010/10/27 11:49:42 | 000,100,864 | ---- | M] () -- C:\Users\Jayanta\Desktop\FIN_640_Midterm_Fall_2010.doc
[2010/10/27 10:07:35 | 000,000,860 | ---- | M] () -- C:\Users\Public\Desktop\AVG 2011.lnk
[2010/10/25 11:10:47 | 000,452,096 | ---- | M] () -- C:\Users\Jayanta\Desktop\chat_directions_fall2010.doc
[2 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]
[1 C:\Users\Jayanta\Desktop\*.tmp files -> C:\Users\Jayanta\Desktop\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/11/23 01:05:20 | 000,015,820 | ---- | C] () -- C:\Users\Jayanta\Desktop\Pappan_FIN640_HW10.xlsx
[2010/11/22 22:12:25 | 000,000,000 | ---- | C] () -- C:\Users\Jayanta\Desktop\jre-6u22-windows-x64.exe
[2010/11/22 14:05:41 | 000,556,873 | ---- | C] () -- C:\Users\Jayanta\Desktop\RoyalResorts.jpg
[2010/11/22 10:53:22 | 000,022,826 | ---- | C] () -- C:\Users\Jayanta\Desktop\FAC_Profile_MSAF_2011APR-rev.xlsx
[2010/11/22 01:13:35 | 000,080,724 | ---- | C] () -- C:\Users\Jayanta\Desktop\ESET.jpg
[2010/11/21 15:16:19 | 000,000,848 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/11/21 10:51:10 | 001,224,671 | ---- | C] () -- C:\Users\Jayanta\Desktop\tdsskiller.zip
[2010/11/21 01:56:44 | 000,100,679 | ---- | C] () -- C:\Users\Jayanta\Desktop\DelhiFlorist.jpg
[2010/11/19 13:48:57 | 000,080,384 | ---- | C] () -- C:\Users\Jayanta\Desktop\MBRCheck.exe
[2010/11/19 03:43:46 | 000,197,003 | ---- | C] () -- C:\Users\Jayanta\Desktop\RKU.jpg
[2010/11/19 00:57:14 | 000,024,320 | ---- | C] () -- C:\Windows\SysWow64\drivers\rkhdrv40.sys
[2010/11/19 00:54:50 | 000,161,243 | ---- | C] () -- C:\Users\Jayanta\Desktop\rkunhooker.zip
[2010/11/19 00:39:38 | 000,034,560 | ---- | C] () -- C:\Windows\SysWow64\drivers\Normandy.sys
[2010/11/18 14:23:59 | 000,629,057 | ---- | C] () -- C:\Users\Jayanta\Desktop\RkU3.8.388.590.rar
[2010/11/17 23:03:29 | 000,001,917 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2010/11/17 11:02:41 | 000,076,288 | ---- | C] () -- C:\Users\Jayanta\Documents\Counseling Consultation Fall 2010.ppt
[2010/11/15 15:14:16 | 000,011,903 | ---- | C] () -- C:\Users\Jayanta\Desktop\L3.jpg
[2010/11/14 20:57:04 | 000,002,436 | ---- | C] () -- C:\Users\Jayanta\Desktop\Attach.zip
[2010/11/14 16:58:43 | 000,092,160 | ---- | C] () -- C:\Users\Jayanta\Desktop\Final-FIN640-Summer2010-with-answers.doc
[2010/11/14 16:51:46 | 000,086,016 | ---- | C] () -- C:\Users\Jayanta\Desktop\Final-FIN640-Summer2010.doc
[2010/11/14 16:30:06 | 000,630,272 | ---- | C] () -- C:\Users\Jayanta\Desktop\dds.pif
[2010/11/13 00:41:30 | 001,376,832 | ---- | C] () -- C:\Users\Jayanta\Desktop\sar_15_sfx.exe
[2010/11/13 00:39:04 | 001,074,232 | ---- | C] () -- C:\Users\Jayanta\Desktop\RootkitBuster_2.80.1077.zip
[2010/11/12 22:00:39 | 000,115,378 | ---- | C] () -- C:\Users\Jayanta\Desktop\EquityNF.rtf
[2010/11/12 05:31:58 | 000,189,353 | ---- | C] () -- C:\Users\Jayanta\Desktop\Poker_Stats.jpg
[2010/11/11 12:00:53 | 000,030,208 | ---- | C] () -- C:\Users\Jayanta\Desktop\MSAF_Survey.doc
[2010/11/11 11:29:23 | 467,289,088 | ---- | C] () -- C:\Users\Jayanta\Desktop\sent3.pst
[2010/11/09 14:21:23 | 520,111,104 | ---- | C] () -- C:\Users\Jayanta\Desktop\sent.pst
[2010/11/09 08:15:57 | 000,055,045 | ---- | C] () -- C:\Users\Jayanta\Desktop\Gdp20-40.jpg
[2010/11/07 12:53:03 | 000,288,107 | ---- | C] () -- C:\Users\Jayanta\Desktop\gmer.zip
[2010/11/07 12:14:09 | 000,171,159 | ---- | C] () -- C:\Users\Jayanta\Desktop\equityNP.pdf
[2010/11/07 12:11:13 | 000,630,272 | ---- | C] () -- C:\Users\Jayanta\Desktop\dds.scr
[2010/11/07 12:09:53 | 000,000,000 | ---- | C] () -- C:\Users\Jayanta\defogger_reenable
[2010/11/07 12:07:09 | 000,050,477 | ---- | C] () -- C:\Users\Jayanta\Desktop\Defogger.exe
[2010/11/06 20:42:14 | 000,026,624 | ---- | C] () -- C:\Users\Jayanta\Desktop\Trackrecord_Agreement.doc
[2010/11/05 09:04:38 | 000,000,502 | -H-- | C] () -- C:\Windows\tasks\Norton Security Scan for Jayanta.job
[2010/11/05 09:04:36 | 000,001,179 | ---- | C] () -- C:\Users\Public\Desktop\Norton Security Scan.lnk
[2010/11/05 09:04:30 | 000,000,172 | ---- | C] () -- C:\Windows\SysNative\drivers\NSSx64\0207030.022\isolate.ini
[2010/11/03 23:26:11 | 000,028,672 | ---- | C] () -- C:\Users\Jayanta\Desktop\Drazik Award Nominees 2010 Turner_TMG.doc
[2010/11/03 23:00:55 | 000,452,096 | ---- | C] () -- C:\Users\Jayanta\Desktop\chat_directions_fall2010.doc
[2010/11/03 18:35:41 | 000,000,036 | ---- | C] () -- C:\Users\Jayanta\AppData\Local\housecall.guid.cache
[2010/11/01 15:46:20 | 000,054,394 | ---- | C] () -- C:\Users\Jayanta\Desktop\stock-vector-sheriff-aiming-a-gun-26884678.jpg
[2010/10/26 23:56:03 | 000,100,864 | ---- | C] () -- C:\Users\Jayanta\Desktop\FIN_640_Midterm_Fall_2010.doc
[2010/10/26 20:13:05 | 000,087,040 | ---- | C] () -- C:\Users\Jayanta\Desktop\equityNP.doc
[2010/10/26 20:12:56 | 000,325,120 | ---- | C] () -- C:\Users\Jayanta\Desktop\Equity.ppt
[2010/10/26 20:12:39 | 000,151,552 | ---- | C] () -- C:\Users\Jayanta\Desktop\equityNF.doc
[2010/03/02 16:56:05 | 000,000,000 | ---- | C] () -- C:\Users\Jayanta\AppData\Local\prvlcl.dat
[2010/02/12 11:43:36 | 000,027,442 | ---- | C] () -- C:\Users\Jayanta\AppData\Local\tmpWENDY_SIG.JPG
[2010/02/12 11:43:36 | 000,027,418 | ---- | C] () -- C:\Users\Jayanta\AppData\Local\tmpWENDY_SIG.0
[2010/01/25 09:48:51 | 000,000,000 | ---- | C] () -- C:\Users\Jayanta\AppData\Roaming\wklnhst.dat
[2009/12/02 11:22:03 | 000,040,002 | ---- | C] () -- C:\Users\Jayanta\AppData\Local\tmpTWO-WENDY-JAY.0
[2009/12/02 11:22:03 | 000,036,571 | ---- | C] () -- C:\Users\Jayanta\AppData\Local\tmpTWO-WENDY-JAY.JPG
[2009/11/09 03:58:30 | 000,000,000 | ---- | C] () -- C:\Users\Jayanta\AppData\Local\FnF4.txt
[2009/09/25 11:58:22 | 000,000,025 | ---- | C] () -- C:\Windows\cdplayer.ini
[2009/09/19 23:37:20 | 000,000,079 | ---- | C] () -- C:\Users\Jayanta\AppData\Local\DVDPATH.TXT
[2009/09/19 23:36:42 | 000,007,052 | ---- | C] () -- C:\Users\Jayanta\AppData\Local\d3d9caps.dat
[2009/09/17 05:33:11 | 000,117,248 | ---- | C] () -- C:\Windows\SysWow64\EhStorAuthn.dll
[2009/09/17 05:31:51 | 000,368,640 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/09/16 16:20:08 | 000,000,376 | ---- | C] () -- C:\Windows\ODBC.INI
[2009/08/12 01:51:02 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2009/07/30 19:58:42 | 000,000,326 | ---- | C] () -- C:\Windows\primopdf.ini
[2009/06/08 21:48:50 | 000,274,432 | ---- | C] () -- C:\Windows\SysWow64\LXCTinst.dll
[2009/05/11 20:32:00 | 000,093,184 | ---- | C] () -- C:\Users\Jayanta\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/05/11 00:06:37 | 000,000,282 | ---- | C] () -- C:\ProgramData\HPWALog.txt
[2009/05/11 00:06:31 | 000,000,000 | ---- | C] () -- C:\Users\Jayanta\AppData\Local\QSwitch.txt
[2009/05/11 00:06:31 | 000,000,000 | ---- | C] () -- C:\Users\Jayanta\AppData\Local\DSwitch.txt
[2009/05/11 00:06:31 | 000,000,000 | ---- | C] () -- C:\Users\Jayanta\AppData\Local\AtStart.txt
[2009/03/14 15:18:44 | 000,000,105 | ---- | C] () -- C:\ProgramData\{d36dd326-7280-11d8-97c8-000129760cbe}.log
[2009/03/14 15:18:31 | 000,000,032 | ---- | C] () -- C:\ProgramData\{051B9612-4D82-42AC-8C63-CD2DCEDC1CB3}.log
[2009/03/14 15:17:39 | 000,000,032 | ---- | C] () -- C:\ProgramData\{9867824A-C86D-4A83-8F3C-E7A86BE0AFD3}.log
[2009/03/14 15:16:13 | 000,000,032 | ---- | C] () -- C:\ProgramData\{23F3DA62-2D9E-4A69-B8D5-BE8E9E148092}.log
[2009/03/14 15:13:49 | 000,000,032 | ---- | C] () -- C:\ProgramData\{4FC670EB-5F02-4B07-90DB-022B86BFEFD0}.log
[2009/01/19 23:45:49 | 000,000,109 | ---- | C] () -- C:\ProgramData\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}.log
[2009/01/19 23:36:56 | 000,000,110 | ---- | C] () -- C:\ProgramData\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}.log
[2009/01/19 23:34:18 | 000,000,105 | ---- | C] () -- C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
[2009/01/19 23:32:19 | 000,000,107 | ---- | C] () -- C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log
[2008/09/22 15:21:34 | 000,127,092 | R--- | C] () -- C:\ProgramData\DeviceManager.xml.rc4
[2008/08/20 17:45:46 | 000,020,270 | ---- | C] () -- C:\ProgramData\DeviceInstaller.xml
[2008/01/20 20:50:05 | 000,060,124 | ---- | C] () -- C:\Windows\SysWow64\tcpmon.ini
[2003/01/07 16:05:08 | 000,002,695 | ---- | C] () -- C:\Windows\SysWow64\OUTLPERF.INI

========== LOP Check ==========

[2009/06/08 23:17:29 | 000,000,000 | ---D | M] -- C:\Users\Jayanta\AppData\Roaming\5400 Series
[2010/10/15 12:58:10 | 000,000,000 | ---D | M] -- C:\Users\Jayanta\AppData\Roaming\AVG10
[2009/09/16 15:15:37 | 000,000,000 | ---D | M] -- C:\Users\Jayanta\AppData\Roaming\CustomStartUp
[2009/06/06 13:02:31 | 000,000,000 | ---D | M] -- C:\Users\Jayanta\AppData\Roaming\funkitron
[2010/05/07 08:22:18 | 000,000,000 | ---D | M] -- C:\Users\Jayanta\AppData\Roaming\Juniper Networks
[2010/11/18 14:35:46 | 000,000,000 | ---D | M] -- C:\Users\Jayanta\AppData\Roaming\Philipp Winterberg
[2010/03/05 18:02:15 | 000,000,000 | ---D | M] -- C:\Users\Jayanta\AppData\Roaming\PrimoPDF
[2009/08/20 10:53:11 | 000,000,000 | ---D | M] -- C:\Users\Jayanta\AppData\Roaming\Research In Motion
[2010/01/25 09:49:00 | 000,000,000 | ---D | M] -- C:\Users\Jayanta\AppData\Roaming\Template
[2009/10/20 16:14:14 | 000,000,000 | ---D | M] -- C:\Users\Jayanta\AppData\Roaming\Vodafone
[2009/05/10 18:51:32 | 000,000,000 | ---D | M] -- C:\Users\Jayanta\AppData\Roaming\WildTangent
[2010/11/22 22:33:59 | 000,032,584 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



< End of report >

#14 thcbytes

thcbytes

  • Malware Response Team
  • 14,790 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:02 PM

Posted 23 November 2010 - 04:58 PM

For safety sake we better scan that USB drive.

  • Plug in the USB
  • Re-open MBAM
  • Choose "Full Scan"
  • Choose the USB to scan
  • Post the log here

Regards,
thcbytes
Proud member - Unified Network of Instructors and Trained Eliminators
Posted Image

I do not accept personal donations for assistance provided. I would ask that you instead consider donating the greatest gift - Organ Donation. Your organs are of no use to you when your gone. You will save a life that would otherwise be lost!

http://donatelife.net/register-now/

#15 Jaynev

Jaynev
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:09:02 PM

Posted 23 November 2010 - 07:45 PM

Hi Tchbytes,

Unfortunately the USB drive is at home and I am currently traveling. I will return on Nov 29 and will post it then. If this thread is closed by then and you do not return, I would like to thank you once again for the help.

Best,

JN




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users