Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Infected with virus! help!


  • This topic is locked This topic is locked
1 reply to this topic

#1 IshanX

IshanX

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:09:42 AM

Posted 08 March 2011 - 11:42 AM

Virus' detected:
Win32/Adware.GooochiBiz.AM
Win32/Adware.Primawega.AJ

Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Database version: 5989

Windows 6.1.7601 Service Pack 1
Internet Explorer 9.0.8080.16413

3/8/2011 8:03:56 PM
mbam-log-2011-03-08 (20-03-56).txt

Scan type: Quick scan
Objects scanned: 160282
Time elapsed: 2 minute(s), 5 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 7
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 3

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{74F563DA-D098-55F3-75EE-09EA9F336FC9} (Adware.AdRotator) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{74F563DA-D098-55F3-75EE-09EA9F336FC9} (Adware.AdRotator) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{74F563DA-D098-55F3-75EE-09EA9F336FC9} (Adware.AdRotator) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{74F563DA-D098-55F3-75EE-09EA9F336FC9} (Adware.AdRotator) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ad526d4e-5d9b-f87d-a097-3fbbdf7ffe8c} (Adware.AdRotator) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{ad526d4e-5d9b-f87d-a097-3fbbdf7ffe8c} (Adware.AdRotator) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{AD526D4E-5D9B-F87D-A097-3FBBDF7FFE8C} (Adware.AdRotator) -> Quarantined and deleted successfully.

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
c:\Users\Ishan\AppData\Local\Temp\rpcssvc.exe (Adware.BHO) -> Quarantined and deleted successfully.
c:\Windows\SysWOW64\txzatqumxuo.dll (Adware.AdRotator) -> Quarantined and deleted successfully.
c:\Windows\SysWOW64\73b095a8.dll (Adware.AdRotator) -> Quarantined and deleted successfully.

Windows Validation Check
Version: 1.9.11.5
Log Created On: 2002_08-03-2011
-----------------------

Windows Information
-----------------------
Windows Version: Windows 7 Service Pack 1
Windows Mode: Normal
Systemroot Path: C:\Windows

WVCheck's Auto Update Check
-----------------------
Auto-Update Option: Download updates and install them automatically.
-----------------------
Last Success Time for Update Detection: 2011-03-08 14:18:54
Last Success Time for Update Download: 2011-03-08 14:19:38
Last Success Time for Update Installation: 2011-03-08 14:19:43


WVCheck's Registry Check Check
-----------------------
Antiwpa: Not Found
-----------------------
Chew7Hale: Not Found
-----------------------


WVCheck's File Dump
-----------------------
C:\Windows\System32\slwga.dll
Size: 14336 bytes
Creation; 5/2/2011 20:55:58
Modification; 20/11/2010 4:21:26
MD5; 19f75d71e4256f5113d64ce2bb66b838
Matched: slwga.dll
-----------------------
C:\Windows\SysWOW64\slwga.dll
Size: 14336 bytes
Creation; 5/2/2011 20:55:58
Modification; 20/11/2010 4:21:26
MD5; 19f75d71e4256f5113d64ce2bb66b838
Matched: slwga.dll
-----------------------
C:\Windows\winsxs\amd64_microsoft-windows-security-spp-wga_31bf3856ad364e35_6.1.7600.16385_none_5b467ba9bd0679bb\slwga.dll
Size: 14848 bytes
Creation; 14/7/2009 5:22:11
Modification; 14/7/2009 7:11:54
MD5; cc03cf9f24946dcbd70acb3e1b2f05bf
Matched: slwga.dll
-----------------------
C:\Windows\winsxs\amd64_microsoft-windows-security-spp-wga_31bf3856ad364e35_6.1.7601.17514_none_5d778f71b9f4fd55\slwga.dll
Size: 15360 bytes
Creation; 5/2/2011 20:55:36
Modification; 20/11/2010 5:27:28
MD5; b6d6886149573278cba6abd44c4317f5
Matched: slwga.dll
-----------------------
C:\Windows\winsxs\x86_microsoft-windows-security-spp-wga_31bf3856ad364e35_6.1.7600.16385_none_ff27e02604a90885\slwga.dll
Size: 13824 bytes
Creation; 14/7/2009 5:6:22
Modification; 14/7/2009 6:46:15
MD5; 01fe4bdd0b47a7d8bf34d78d2bc23ddb
Matched: slwga.dll
-----------------------
C:\Windows\winsxs\x86_microsoft-windows-security-spp-wga_31bf3856ad364e35_6.1.7601.17514_none_0158f3ee01978c1f\slwga.dll
Size: 14336 bytes
Creation; 5/2/2011 20:55:58
Modification; 20/11/2010 4:21:26
MD5; 19f75d71e4256f5113d64ce2bb66b838
Matched: slwga.dll
-----------------------



WVCheck's Dir Dump



WVCheck's Missing File Check
-----------------------
WVCheck found no missing Windows files.


WVCheck's MBAM Quarantine Check
-----------------------
There were no bad files quarantined by MBAM.


WVCheck's HOSTS File Check
-----------------------
Line: 127.0.0.1 analytics.microsoft.com
Matched: *microsoft.com*
-----------------------
Line: 127.0.0.1 microsoft.com.org
Matched: *microsoft.com*
-----------------------
Line: 127.0.0.1 www.www.microsoft.com.org
Matched: *microsoft.com*
-----------------------


WVCheck's MD5 Check
EXPERIMENTAL!!
-----------------------
user32.dll - 5e0db2d8b2750543cd2ebb9ea8e6cdd3


-------- End of File, program close at 2004_08-03-2011 --------

Rooter.exe (v1.0.2) by Eric_71
.
SeDebugPrivilege granted successfully ...
.
Windows 7 . (6.1.7601) Service Pack 1
[32_bits] - Intel64 Family 6 Model 23 Stepping 10, GenuineIntel
.
[wscsvc] (Security Center) RUNNING (state:4)
[MpsSvc] RUNNING (state:4)
Windows Firewall -> Disabled !
Windows Defender -> Enabled
User Account Control (UAC) -> Disabled !
.
Internet Explorer 9.0.8080.16413
Mozilla Firefox 4.0b12 (en-US)
.
C:\ [Fixed-NTFS] .. ( Total:390 Go - Free:283 Go )
D:\ [Fixed-NTFS] .. ( Total:75 Go - Free:75 Go )
E:\ [CD_Rom]
.
Scan : 20:06.40
Path : C:\Users\Ishan\Downloads\Programs\Rooter.exe
User : Ishan ( Administrator -> YES )
.
----------------------\\ Processes
.
Locked [System Process] (0)
Locked System (4)
______ ???2?????? (276)
______ ???2?????? (416)
______ ???2?????? (488)
______ ???2?????? (504)
______ ???2?????? (544)
______ ???2?????? (560)
______ ???2?????? (568)
______ ???2?????? (656)
______ ???2?????? (740)
______ ???2?????? (780)
______ ???2?????? (820)
______ ???2?????? (936)
______ ???2?????? (968)
______ ???2?????? (1008)
______ ???2?????? (436)
______ ???2?????? (1168)
______ ???2?????? (1260)
______ ???2?????? (1360)
______ ???2?????? (1468)
______ ???2?????? (1684)
______ C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (1712)
______ C:\Program Files (x86)\Bonjour\mDNSResponder.exe (1792)
______ C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe (1860)
______ ???2?????? (1924)
______ ???2?????? (1216)
______ ???2?????? (1568)
______ ???2?????? (984)
______ ???2?????? (1964)
______ ???2?????? (1984)
______ ???2?????? (2056)
______ ???2?????? (2204)
______ ???2?????? (2224)
______ C:\Program Files (x86)\CleanMem\mini_monitor.exe (2312)
______ ???2?????? (2448)
______ ???2?????? (2612)
______ ???2?????? (2972)
______ ???2?????? (2988)
______ ???2?????? (3000)
______ C:\Program Files (x86)\WordWeb\wweb32.exe (3012)
______ ???2?????? (3068)
______ C:\Program Files (x86)\Unlocker\UnlockerAssistant.exe (2444)
______ C:\Windows\SysWOW64\regsvr32.exe (2668)
______ C:\Program Files (x86)\Internet Explorer\iexplore.exe (2932)
______ C:\Program Files (x86)\Internet Explorer\iexplore.exe (1108)
______ ???2?????? (2896)
______ ???2?????? (3228)
______ ???2?????? (3452)
______ ???2?????? (3980)
______ ???2?????? (4084)
______ ???2?????? (3760)
______ ???2?????? (2924)
______ C:\Program Files (x86)\Everything\Everything.exe (4208)
______ C:\program files (x86)\internet download manager\idman.exe (2300)
______ C:\program files (x86)\internet download manager\IEMonitor.exe (4700)
______ C:\Program Files (x86)\uTorrent\uTorrent.exe (1444)
______ C:\Users\Ishan\appdata\roaming\dropbox\bin\dropbox.exe (2840)
______ ???2?????? (2180)
______ C:\Program Files (x86)\Mozilla Firefox 4.0 Beta 11\firefox.exe (2628)
______ C:\Program Files (x86)\Mozilla Firefox 4.0 Beta 11\plugin-container.exe (4232)
______ ???2?????? (4656)
______ C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe (4944)
______ ???2?????? (4772)
______ C:\Windows\sysWOW64\wbem\wmiprvse.exe (4164)
______ C:\Windows\SysWOW64\notepad.exe (3860)
______ C:\Users\Ishan\Downloads\Programs\Rooter.exe (4972)
.
----------------------\\ Device\Harddisk0\
.
\Device\Harddisk0 [Sectors : 63 x 512 Bytes]
.
\Device\Harddisk0\Partition1 --[ MBR ]-- (Start_Offset:1048576 | Length:104857600)
\Device\Harddisk0\Partition2 (Start_Offset:105906176 | Length:419325542400)
\Device\Harddisk0\Partition3 (Start_Offset:419431448576 | Length:80675340288)
.
----------------------\\ Scheduled Tasks
.
C:\Windows\Tasks\RockMeltUpdateTaskUserS-1-5-21-1230700564-2377669282-3266596742-1000Core.job
C:\Windows\Tasks\RockMeltUpdateTaskUserS-1-5-21-1230700564-2377669282-3266596742-1000UA.job
C:\Windows\Tasks\SA.DAT
C:\Windows\Tasks\SCHEDLGU.TXT
.
----------------------\\ Registry
.
.
----------------------\\ Files & Folders
.
----------------------\\ Scan completed at 20:06.43
.
C:\Rooter$\Rooter_1.txt - (08/03/2011 | 20:06.43)

LockSearch by jpshortstuff (05.11.09.1)
Log created at 20:07 on 08/03/2011 (Ishan)
Scanning C:\


C:\hiberfil.sys
-------------------------


C:\pagefile.sys
-------------------------

-=E.O.F=-

CKScanner - Additional Security Risks - These are not necessarily bad
c:\users\ishan\music\mastodon\crack the skye\desktop.ini
scanner sequence 3.NA.11
----- EOF -----

GMER 1.0.15.15530 - http://www.gmer.net
Rootkit scan 2011-03-08 21:43:13
Windows 6.1.7601 Service Pack 1
Running: gmer.exe


---- Registry - GMER 1.0.15 ----

Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0x53 0xF5 0xA8 0x71 ...
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Program Files (x86)\DAEMON Tools Lite\
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0 0x00 0x00 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0xA0 0x02 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0x8E 0xC1 0x2B 0xFD ...
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0x9B 0x2A 0x18 0x76 ...
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg@h0 1
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg@s1 771343423
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg@s2 285507792
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0x53 0xF5 0xA8 0x71 ...
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Program Files (x86)\DAEMON Tools Lite\
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0 0x00 0x00 0x00 0x00 ...
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0xA0 0x02 0x00 0x00 ...
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0x8E 0xC1 0x2B 0xFD ...
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0x9B 0x2A 0x18 0x76 ...

---- EOF - GMER 1.0.15 ----

OTL logfile created on: 3/8/2011 9:47:00 PM - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\Ishan\Downloads\Programs
64bit- An unknown product Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8080.16413)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

4.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 67.00% Memory free
8.00 Gb Paging File | 6.00 Gb Available in Paging File | 72.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 390.53 Gb Total Space | 283.78 Gb Free Space | 72.66% Space Free | Partition Type: NTFS
Drive D: | 75.13 Gb Total Space | 75.04 Gb Free Space | 99.87% Space Free | Partition Type: NTFS

Computer Name: R4Z0R-PC | User Name: Ishan | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Users\Ishan\Downloads\Programs\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\uTorrent\uTorrent.exe (BitTorrent, Inc.)
PRC - C:\Program Files (x86)\Mozilla Firefox 4.0 Beta 11\plugin-container.exe (Mozilla Corporation)
PRC - C:\Program Files (x86)\Mozilla Firefox 4.0 Beta 11\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files (x86)\Internet Download Manager\IDMan.exe (Tonec Inc.)
PRC - C:\Program Files (x86)\CleanMem\Mini_Monitor.exe (PcWinTech.com)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
PRC - C:\Users\Ishan\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
PRC - C:\Users\Ishan\Desktop\gmer.exe ()
PRC - C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe (ESET)
PRC - C:\Program Files (x86)\Unlocker\UnlockerAssistant.exe ()
PRC - C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe (Tonec Inc.)
PRC - C:\Program Files (x86)\WordWeb\wweb32.exe (WordWeb Software)
PRC - C:\Windows\SysWOW64\regsvr32.exe (Microsoft Corporation)
PRC - C:\Program Files (x86)\Everything\Everything.exe ()


========== Modules (SafeList) ==========

MOD - C:\Users\Ishan\Downloads\Programs\OTL.exe (OldTimer Tools)
MOD - C:\Windows\SysWOW64\wpdshext.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\wintrust.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\winsta.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\wkscli.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\WMVCORE.DLL (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\PortableDeviceApi.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\ntlanman.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\EhStorAPI.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\dbghelp.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\davclnt.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\audiodev.dll (Microsoft Corporation)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll (Microsoft Corporation)
MOD - C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17514_none_72d18a4386696c80\GdiPlus.dll (Microsoft Corporation)
MOD - C:\Program Files (x86)\Internet Download Manager\idmmkb.dll (Tonec Inc.)
MOD - C:\Users\Ishan\AppData\Roaming\Dropbox\bin\msvcp71.dll (Microsoft Corporation)
MOD - C:\Users\Ishan\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll (Dropbox, Inc.)
MOD - C:\Program Files (x86)\Unlocker\UnlockerHook.dll ()
MOD - C:\Windows\SysWOW64\WMASF.DLL (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\IconCodecService.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\drprov.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\davhlpr.dll (Microsoft Corporation)
MOD - C:\Users\Ishan\AppData\Roaming\Dropbox\bin\msvcr71.dll (Microsoft Corporation)


========== Win32 Services (SafeList) ==========

SRV:64bit: - (SolutoService) -- C:\Program Files\Soluto\SolutoService.exe (Soluto)
SRV:64bit: - (EhttpSrv) -- C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe (ESET)
SRV:64bit: - (ekrn) -- C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe (ESET)
SRV:64bit: - (STacSV) -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_0057cbec48a2d7cf\stacsv64.exe (IDT, Inc.)
SRV:64bit: - (UDisk Monitor) -- C:\Program Files\Reliance Netconnect - Broadband+\bin\MonServiceUDisk.exe ()
SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SRV:64bit: - (AESTFilters) -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_0057cbec48a2d7cf\AESTSr64.exe (Andrea Electronics Corporation)
SRV - (rpcapd) Remote Packet Capture Protocol v.0 (experimental) -- C:\Program Files (x86)\WinPcap\rpcapd.exe (CACE Technologies, Inc.)
SRV - (SwitchBoard) -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)


========== Driver Services (SafeList) ==========

DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\drivers\usbaapl64.sys (Apple, Inc.)
DRV:64bit: - (Soluto) -- C:\Windows\SysNative\drivers\Soluto.sys (Soluto LTD.)
DRV:64bit: - (sptd) -- C:\Windows\SysNative\drivers\sptd.sys ()
DRV:64bit: - (IDMWFP) -- C:\Windows\SysNative\drivers\idmwfp.sys (Tonec Inc.)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (sdbus) -- C:\Windows\SysNative\drivers\sdbus.sys (Microsoft Corporation)
DRV:64bit: - (AtiHDAudioService) -- C:\Windows\SysNative\drivers\AtihdW76.sys (Advanced Micro Devices)
DRV:64bit: - (SRS_HDAL_Service) -- C:\Windows\SysNative\drivers\SRS_HDAL_amd64.sys ()
DRV:64bit: - (NETwNs64) ___ Intel® -- C:\Windows\SysNative\drivers\NETwNs64.sys (Intel Corporation)
DRV:64bit: - (eamonm) -- C:\Windows\SysNative\drivers\eamonm.sys (ESET)
DRV:64bit: - (epfw) -- C:\Windows\SysNative\drivers\epfw.sys (ESET)
DRV:64bit: - (ehdrv) -- C:\Windows\SysNative\drivers\ehdrv.sys (ESET)
DRV:64bit: - (epfwwfp) -- C:\Windows\SysNative\drivers\epfwwfp.sys (ESET)
DRV:64bit: - (Epfwndis) -- C:\Windows\SysNative\drivers\epfwndis.sys (ESET)
DRV:64bit: - (SynTP) -- C:\Windows\SysNative\drivers\SynTP.sys (Synaptics Incorporated)
DRV:64bit: - (NPF) -- C:\Windows\SysNative\drivers\npf.sys (CACE Technologies, Inc.)
DRV:64bit: - (STHDA) -- C:\Windows\SysNative\drivers\stwrt64.sys (IDT, Inc.)
DRV:64bit: - (ztemtusbser) -- C:\Windows\SysNative\drivers\CT_ZTEMT_U_USBSER.sys (ZTEMT Incorporated)
DRV:64bit: - (NETw5s64) Intel® -- C:\Windows\SysNative\drivers\NETw5s64.sys (Intel Corporation)
DRV:64bit: - (atikmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (rimmptsk) -- C:\Windows\SysNative\drivers\rimmpx64.sys (REDC)
DRV:64bit: - (rismxdp) -- C:\Windows\SysNative\drivers\rixdpx64.sys (REDC)
DRV:64bit: - (rimsptsk) -- C:\Windows\SysNative\drivers\rimspx64.sys (REDC)
DRV:64bit: - (Ntfs) -- C:\Windows\SysNative\wbem\ntfs.mof ()
DRV:64bit: - (netw5v64) Intel® -- C:\Windows\SysNative\drivers\netw5v64.sys (Intel Corporation)
DRV:64bit: - (k57nd60a) Broadcom NetLink ™ -- C:\Windows\SysNative\drivers\k57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV:64bit: - (WDC_SAM) -- C:\Windows\SysNative\drivers\wdcsam64.sys (Western Digital Technologies)
DRV - (cpudrv64) -- C:\Program Files (x86)\SystemRequirementsLab\cpudrv64.sys ()
DRV - (UltraMonUtility) -- C:\Program Files (x86)\Common Files\Realtime Soft\UltraMonMirrorDrv\x64\UltraMonUtility.sys (Realtime Soft Ltd)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://in.msn.com/?rd=1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 3F 6D 95 FC 6E C5 CB 01 [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========


FF - HKLM\software\mozilla\Mozilla Firefox 4.0b12\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox 4.0 Beta 11\components [2011/03/02 18:59:48 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0b12\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox 4.0 Beta 11\plugins
FF - HKLM\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2011/02/06 00:24:24 | 000,000,000 | ---D | M]

[2011/02/05 20:59:17 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Ishan\AppData\Roaming\Mozilla\Extensions
[2011/03/04 13:04:50 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Ishan\AppData\Roaming\Mozilla\Firefox\Profiles\9bwiz4z8.default\extensions
[2011/03/03 06:32:25 | 000,000,000 | ---D | M] (Firesheep) -- C:\Users\Ishan\AppData\Roaming\Mozilla\Firefox\Profiles\9bwiz4z8.default\extensions\firesheep@codebutler.com
File not found (No name found) --
[2011/03/08 18:42:43 | 000,000,000 | ---D | M] (z) -- C:\PROGRAM FILES (X86)\MOZILLA FIREFOX 4.0 BETA 11\EXTENSIONS\{7651A61B-63E7-6832-AAFE-FC96A86DCD11}
[2011/02/22 00:32:39 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES (X86)\MOZILLA FIREFOX 4.0 BETA 11\EXTENSIONS\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
[2011/02/05 22:10:14 | 000,000,000 | ---D | M] (IDM CC) -- C:\USERS\ISHAN\APPDATA\ROAMING\IDM\IDMMZCC3
() (No name found) -- C:\USERS\ISHAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9BWIZ4Z8.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
() (No name found) -- C:\USERS\ISHAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9BWIZ4Z8.DEFAULT\EXTENSIONS\{D4DD63FA-01E4-46A7-B6B1-EDAB7D6AD389}.XPI
() (No name found) -- C:\USERS\ISHAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9BWIZ4Z8.DEFAULT\EXTENSIONS\{E4A8A97B-F2ED-450B-B12D-EE082BA24781}.XPI
() (No name found) -- C:\USERS\ISHAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9BWIZ4Z8.DEFAULT\EXTENSIONS\BRENDEN@RTY.CA.XPI
() (No name found) -- C:\USERS\ISHAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9BWIZ4Z8.DEFAULT\EXTENSIONS\BRIEF@MOZDEV.ORG.XPI

O1 HOSTS File: ([2011/02/18 02:15:24 | 000,622,039 | ---- | M]) - C:\Windows\SysNative\drivers\etc\HOSTS
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 fr.a2dfp.net
O1 - Hosts: 127.0.0.1 m.fr.a2dfp.net
O1 - Hosts: 127.0.0.1 ad.a8.net
O1 - Hosts: 127.0.0.1 asy.a8ww.net
O1 - Hosts: 127.0.0.1 abcstats.com
O1 - Hosts: 127.0.0.1 a.abv.bg
O1 - Hosts: 127.0.0.1 adserver.abv.bg
O1 - Hosts: 127.0.0.1 adv.abv.bg
O1 - Hosts: 127.0.0.1 bimg.abv.bg
O1 - Hosts: 127.0.0.1 ca.abv.bg
O1 - Hosts: 127.0.0.1 www2.a-counter.kiev.ua
O1 - Hosts: 127.0.0.1 track.acclaimnetwork.com
O1 - Hosts: 127.0.0.1 accuserveadsystem.com
O1 - Hosts: 127.0.0.1 www.accuserveadsystem.com
O1 - Hosts: 127.0.0.1 achmedia.com
O1 - Hosts: 127.0.0.1 aconti.net
O1 - Hosts: 127.0.0.1 secure.aconti.net
O1 - Hosts: 127.0.0.1 www.aconti.net #[Dialer.Aconti]
O1 - Hosts: 127.0.0.1 ads.active.com #[server down?]
O1 - Hosts: 127.0.0.1 am1.activemeter.com
O1 - Hosts: 127.0.0.1 www.activemeter.com #[Tracking.Cookie]
O1 - Hosts: 127.0.0.1 ads.activepower.net
O1 - Hosts: 127.0.0.1 stat.active24stats.nl #[Tracking.Cookie]
O1 - Hosts: 127.0.0.1 ad2games.com
O1 - Hosts: 16422 more lines...
O2:64bit: - BHO: (IDMIEHlprObj Class) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll (Internet Download Manager, Tonec Inc.)
O2 - BHO: (IDMIEHlprObj Class) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll (Internet Download Manager, Tonec Inc.)
O2 - BHO: (Foxit PDF Creator Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (Foxit PDF Creator Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKCU\..\Toolbar\WebBrowser: (Foxit PDF Creator Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O4:64bit: - HKLM..\Run: [egui] C:\Program Files\ESET\ESET Smart Security\egui.exe (ESET)
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware (reboot)] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [UnlockerAssistant] C:\Program Files (x86)\Unlocker\UnlockerAssistant.exe ()
O4 - HKCU..\Run: [WordWeb] C:\Program Files (x86)\WordWeb\wweb32.exe (WordWeb Software)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8:64bit: - Extra context menu item: Download all links with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm ()
O8:64bit: - Extra context menu item: Download FLV video content with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetVL.htm ()
O8:64bit: - Extra context menu item: Download with IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm ()
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Download all links with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm ()
O8 - Extra context menu item: Download FLV video content with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetVL.htm ()
O8 - Extra context menu item: Download with IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm ()
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Ranges: Range1979 ([http] in Trusted sites)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Program Files\Soluto\soluto.exe /userinit) - C:\Program Files\Soluto\soluto.exe (Soluto)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{e793f788-3b49-11e0-a6dd-002219f8a430}\Shell - "" = AutoRun
O33 - MountPoints2\{e793f788-3b49-11e0-a6dd-002219f8a430}\Shell\AutoRun\command - "" = F:\Setup.exe /Auto
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)

Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)

MsConfig:64bit - StartUpReg: AdobeAAMUpdater-1.0 - hkey= - key= - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
MsConfig:64bit - StartUpReg: AdobeCS5ServiceManager - hkey= - key= - C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated)
MsConfig:64bit - StartUpReg: ATICustomerCare - hkey= - key= - C:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe (Advanced Micro Devices, Inc.)
MsConfig:64bit - StartUpReg: BCSSync - hkey= - key= - C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe (Microsoft Corporation)
MsConfig:64bit - StartUpReg: DAEMON Tools Lite - hkey= - key= - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
MsConfig:64bit - StartUpReg: googletalk - hkey= - key= - C:\Program Files (x86)\Google\Google Talk\googletalk.exe (Google)
MsConfig:64bit - StartUpReg: iTunesHelper - hkey= - key= - C:\Program Files (x86)\iTunes\iTunesHelper.exe (Apple Inc.)
MsConfig:64bit - StartUpReg: Malwarebytes' Anti-Malware - hkey= - key= - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
MsConfig:64bit - StartUpReg: QuickTime Task - hkey= - key= - C:\Program Files (x86)\QuickTime\QTTask.exe (Apple Inc.)
MsConfig:64bit - StartUpReg: RockMelt Update - hkey= - key= - C:\Users\Ishan\AppData\Local\RockMelt\Update\RockMeltUpdate.exe (RockMelt Inc.)
MsConfig:64bit - StartUpReg: SunJavaUpdateSched - hkey= - key= - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
MsConfig:64bit - StartUpReg: SwitchBoard - hkey= - key= - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
MsConfig:64bit - State: "bootini" - Reg Error: Key error.

SafeBootMin:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SafeBootMin:64bit: Base - Driver Group
SafeBootMin:64bit: Boot Bus Extender - Driver Group
SafeBootMin:64bit: Boot file system - Driver Group
SafeBootMin:64bit: File system - Driver Group
SafeBootMin:64bit: Filter - Driver Group
SafeBootMin:64bit: HelpSvc - Service
SafeBootMin:64bit: PCI Configuration - Driver Group
SafeBootMin:64bit: PNP Filter - Driver Group
SafeBootMin:64bit: Primary disk - Driver Group
SafeBootMin:64bit: sacsvr - Service
SafeBootMin:64bit: SCSI Class - Driver Group
SafeBootMin:64bit: SolutoService - C:\Program Files\Soluto\SolutoService.exe (Soluto)
SafeBootMin:64bit: System Bus Extender - Driver Group
SafeBootMin:64bit: vmms - Service
SafeBootMin:64bit: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootMin:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vmms - Service
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

SafeBootNet:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SafeBootNet:64bit: Base - Driver Group
SafeBootNet:64bit: Boot Bus Extender - Driver Group
SafeBootNet:64bit: Boot file system - Driver Group
SafeBootNet:64bit: File system - Driver Group
SafeBootNet:64bit: Filter - Driver Group
SafeBootNet:64bit: HelpSvc - Service
SafeBootNet:64bit: Messenger - Service
SafeBootNet:64bit: NDIS Wrapper - Driver Group
SafeBootNet:64bit: NetBIOSGroup - Driver Group
SafeBootNet:64bit: NetDDEGroup - Driver Group
SafeBootNet:64bit: Network - Driver Group
SafeBootNet:64bit: NetworkProvider - Driver Group
SafeBootNet:64bit: PCI Configuration - Driver Group
SafeBootNet:64bit: PNP Filter - Driver Group
SafeBootNet:64bit: PNP_TDI - Driver Group
SafeBootNet:64bit: Primary disk - Driver Group
SafeBootNet:64bit: rdsessmgr - Service
SafeBootNet:64bit: sacsvr - Service
SafeBootNet:64bit: SCSI Class - Driver Group
SafeBootNet:64bit: SolutoService - C:\Program Files\Soluto\SolutoService.exe (Soluto)
SafeBootNet:64bit: Streams Drivers - Driver Group
SafeBootNet:64bit: System Bus Extender - Driver Group
SafeBootNet:64bit: TDI - Driver Group
SafeBootNet:64bit: vmms - Service
SafeBootNet:64bit: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootNet:64bit: WudfUsbccidDriver - Driver
SafeBootNet:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet:64bit: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet:64bit: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet:64bit: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet:64bit: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet:64bit: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vmms - Service
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX:64bit: {2E44C1B7-F070-7A3C-314E-699CC6AF472A} - Browser Customizations
ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX:64bit: {56CFFC7B-EF64-4A29-ABBE-6D6948098E54} - Internet Explorer
ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings
ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX:64bit: {CC5E6106-9C5B-DEC2-B676-35B28B484209} - Browser Customizations
ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework
ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX:64bit: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig
ActiveX:64bit: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\SysWOW64\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\SysWOW64\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\iedkcs32.dll",BrandIEActiveSetup SIGNUP

========== Files/Folders - Created Within 30 Days ==========

[2011/03/08 20:06:43 | 000,000,000 | ---D | C] -- C:\Rooter$
[2011/03/08 19:52:33 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2011/03/08 19:22:46 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2011/03/07 23:42:57 | 000,000,000 | ---D | C] -- C:\Users\Ishan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
[2011/03/07 23:42:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
[2011/03/06 02:33:52 | 000,000,000 | ---D | C] -- C:\Users\Ishan\Documents\Darkspore
[2011/03/06 02:33:51 | 000,000,000 | ---D | C] -- C:\Users\Ishan\AppData\Roaming\DarksporeData
[2011/03/05 22:46:37 | 000,000,000 | ---D | C] -- C:\Users\Ishan\AppData\Roaming\skypePM
[2011/03/05 22:45:33 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype
[2011/03/05 22:45:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2011/03/05 22:45:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2011/03/05 22:45:32 | 000,000,000 | ---D | C] -- C:\Users\Ishan\AppData\Roaming\Skype
[2011/03/05 22:45:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype
[2011/03/05 11:24:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2011/03/05 11:23:32 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2011/03/05 11:23:31 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2011/03/05 11:23:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2011/03/05 07:58:58 | 000,000,000 | -H-D | C] -- C:\IORRT
[2011/03/03 06:31:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinPcap
[2011/03/03 06:31:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WinPcap
[2011/03/03 04:50:09 | 000,000,000 | ---D | C] -- C:\Users\Ishan\AppData\Roaming\Azureus
[2011/03/03 04:49:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BitMate
[2011/03/03 04:49:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\BitMate
[2011/03/02 18:24:48 | 000,000,000 | ---D | C] -- C:\Users\Ishan\AppData\Roaming\MP3 Quality Modifier
[2011/03/02 13:08:21 | 000,000,000 | ---D | C] -- C:\Windows\pss
[2011/03/02 02:25:05 | 000,000,000 | ---D | C] -- C:\Users\Ishan\AppData\Local\{7C91AC98-E947-4391-BCF5-70F770009A19}
[2011/03/02 02:24:45 | 000,000,000 | ---D | C] -- C:\Users\Ishan\Tracing
[2011/03/02 02:13:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows Live
[2011/03/02 02:11:54 | 000,000,000 | ---D | C] -- C:\Users\Ishan\AppData\Local\Windows Live
[2011/03/02 02:11:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Windows Live
[2011/03/01 06:13:42 | 000,000,000 | ---D | C] -- C:\Windows\Simple Static IP
[2011/03/01 06:13:42 | 000,000,000 | ---D | C] -- C:\Users\Ishan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Simple Static IP
[2011/03/01 06:13:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Simple Static IP
[2011/03/01 06:01:24 | 000,000,000 | ---D | C] -- C:\Users\Ishan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Simple Port Forwarding
[2011/03/01 06:01:17 | 000,000,000 | ---D | C] -- C:\Windows\Simple Port Forwarding
[2011/03/01 06:01:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Simple Port Forwarding
[2011/03/01 05:57:44 | 000,061,440 | ---- | C] (PcWinTech.com) -- C:\Windows\SysWow64\CleanMem.exe
[2011/03/01 05:57:43 | 000,000,000 | ---D | C] -- C:\Users\Ishan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CleanMem
[2011/03/01 05:57:42 | 000,000,000 | ---D | C] -- C:\Windows\CleanMem
[2011/03/01 05:57:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CleanMem
[2011/03/01 05:54:40 | 000,000,000 | ---D | C] -- C:\Windows\Port Triggering Initiator
[2011/03/01 05:54:40 | 000,000,000 | ---D | C] -- C:\Users\Ishan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Port Triggering Initiator
[2011/03/01 05:54:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Port Triggering Initiator
[2011/03/01 05:24:51 | 000,000,000 | ---D | C] -- C:\Users\Ishan\Documents\My Google Gadgets
[2011/03/01 02:31:15 | 000,053,248 | ---- | C] (Windows XP Bundled build C-Centric Single User) -- C:\Windows\SysWow64\CSVer.dll
[2011/03/01 02:31:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Intel
[2011/03/01 02:30:45 | 000,000,000 | ---D | C] -- C:\Intel
[2011/02/28 09:52:11 | 000,000,000 | ---D | C] -- C:\Users\Ishan\Documents\ResumeMaker
[2011/02/28 09:52:11 | 000,000,000 | ---D | C] -- C:\Users\Ishan\AppData\Roaming\Individual Software
[2011/02/28 09:51:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ResumeMaker Professional
[2011/02/28 09:49:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ResumeMaker
[2011/02/28 09:49:06 | 000,000,000 | ---D | C] -- C:\Windows\MSApps
[2011/02/28 09:49:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Individual Software
[2011/02/27 02:53:46 | 000,000,000 | ---D | C] -- C:\Users\Ishan\AppData\Roaming\dBpoweramp
[2011/02/27 01:19:19 | 000,000,000 | ---D | C] -- C:\Users\Ishan\AppData\Roaming\AccurateRip
[2011/02/27 01:19:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\dBpoweramp Music Converter
[2011/02/27 01:19:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Illustrate
[2011/02/25 21:55:16 | 000,000,000 | ---D | C] -- C:\Users\Ishan\AppData\Local\Realtime Soft
[2011/02/25 21:54:05 | 000,000,000 | ---D | C] -- C:\Users\Ishan\AppData\Roaming\Realtime Soft
[2011/02/25 21:53:53 | 000,000,000 | ---D | C] -- C:\Program Files\UltraMon
[2011/02/25 21:53:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Realtime Soft
[2011/02/25 21:33:31 | 012,572,672 | ---- | C] (IDT, Inc.) -- C:\Windows\SysNative\idtcpl64.cpl
[2011/02/25 21:33:31 | 003,309,568 | ---- | C] (IDT, Inc.) -- C:\Windows\SysNative\stlang64.dll
[2011/02/25 21:33:31 | 000,564,224 | ---- | C] (IDT, Inc.) -- C:\Windows\SysNative\idt64mp1.exe
[2011/02/25 21:32:52 | 001,472,000 | ---- | C] (IDT, Inc.) -- C:\Windows\SysNative\stapo64.dll
[2011/02/25 21:32:52 | 000,644,608 | ---- | C] (IDT, Inc.) -- C:\Windows\SysNative\stapi64.dll
[2011/02/25 21:32:52 | 000,431,616 | ---- | C] (IDT, Inc.) -- C:\Windows\SysNative\stcplx64.dll
[2011/02/25 21:32:49 | 000,000,000 | ---D | C] -- C:\Program Files\IDT
[2011/02/25 21:24:00 | 000,000,000 | ---D | C] -- C:\Users\Ishan\AppData\Roaming\ATI
[2011/02/25 21:24:00 | 000,000,000 | ---D | C] -- C:\Users\Ishan\AppData\Local\ATI
[2011/02/25 21:24:00 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI
[2011/02/25 21:23:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Catalyst Control Center
[2011/02/25 21:22:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ATI Technologies
[2011/02/25 12:29:17 | 000,000,000 | ---D | C] -- C:\Users\Ishan\AppData\Roaming\.minecraft
[2011/02/25 06:22:02 | 000,000,000 | ---D | C] -- C:\Users\Ishan\AppData\Roaming\Soluto
[2011/02/25 06:13:31 | 000,054,728 | ---- | C] (Soluto LTD.) -- C:\Windows\SysNative\drivers\Soluto.sys
[2011/02/25 06:13:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Soluto
[2011/02/25 06:13:30 | 000,000,000 | ---D | C] -- C:\Program Files\Soluto
[2011/02/25 06:11:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Soluto
[2011/02/25 00:28:28 | 000,000,000 | ---D | C] -- C:\Users\Ishan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Unlocker
[2011/02/25 00:28:28 | 000,000,000 | ---D | C] -- C:\Program Files\Unlocker
[2011/02/25 00:14:52 | 000,000,000 | ---D | C] -- C:\Users\Ishan\AppData\Roaming\URSoft
[2011/02/25 00:14:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Your Uninstaller! 2010
[2011/02/25 00:14:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Your Uninstaller! 2010
[2011/02/24 02:34:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SystemRequirementsLab
[2011/02/24 02:32:31 | 000,000,000 | ---D | C] -- C:\Users\Ishan\AppData\Roaming\SystemRequirementsLab
[2011/02/23 14:08:59 | 000,000,000 | ---D | C] -- C:\Users\Ishan\AppData\Roaming\Malwarebytes
[2011/02/23 14:08:26 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2011/02/23 14:08:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/02/23 14:08:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011/02/23 14:08:22 | 000,024,152 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2011/02/23 14:08:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2011/02/22 19:53:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2011/02/22 19:53:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Silverlight
[2011/02/22 00:32:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2011/02/22 00:32:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2011/02/22 00:31:09 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee
[2011/02/21 05:07:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Lunch Design
[2011/02/21 05:07:28 | 000,000,000 | ---D | C] -- C:\games
[2011/02/21 00:01:04 | 000,000,000 | ---D | C] -- C:\Windows\Sun
[2011/02/20 17:14:09 | 000,000,000 | ---D | C] -- C:\Users\Ishan\ChrometaV2
[2011/02/20 17:13:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java
[2011/02/20 17:12:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Chrometa 2.0
[2011/02/20 05:23:38 | 000,000,000 | ---D | C] -- C:\ProgramData\FLEXnet
[2011/02/20 05:21:33 | 000,000,000 | ---D | C] -- C:\Program Files\SRS Labs
[2011/02/19 06:16:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Speccy
[2011/02/19 06:16:51 | 000,000,000 | ---D | C] -- C:\Program Files\Speccy
[2011/02/19 01:05:51 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP
[2011/02/19 01:05:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpywareBlaster
[2011/02/19 01:05:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SpywareBlaster
[2011/02/18 17:55:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Viper
[2011/02/18 17:55:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Viper
[2011/02/18 17:55:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Kerigwa
[2011/02/18 17:33:29 | 000,000,000 | ---D | C] -- C:\Users\Ishan\AppData\Roaming\ZTEEVDO
[2011/02/18 17:32:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Reliance Netconnect - Broadband+
[2011/02/18 17:32:14 | 000,119,168 | ---- | C] (ZTEMT Incorporated) -- C:\Windows\SysNative\drivers\CT_ZTEMT_U_USBSER.sys
[2011/02/18 17:32:06 | 000,000,000 | ---D | C] -- C:\Program Files\Reliance Netconnect - Broadband+
[2011/02/17 17:46:23 | 000,000,000 | ---D | C] -- C:\LEGEND BACKUP 172
[2011/02/16 05:17:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MegaDev
[2011/02/16 05:17:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MegaDev
[2011/02/16 03:52:51 | 000,000,000 | ---D | C] -- C:\Users\Ishan\AppData\Local\Western Digital
[2011/02/16 03:47:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Unlocker
[2011/02/14 22:40:38 | 000,000,000 | R--D | C] -- C:\Users\Ishan\Dropbox
[2011/02/14 22:37:30 | 000,000,000 | ---D | C] -- C:\Users\Ishan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
[2011/02/14 22:37:04 | 000,000,000 | ---D | C] -- C:\Users\Ishan\AppData\Roaming\Dropbox
[2011/02/14 09:16:58 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\SRSLabs
[2011/02/14 09:15:31 | 000,505,856 | ---- | C] (IDT, Inc.) -- C:\Windows\SysNative\drivers\stwrt64.sys
[2011/02/14 09:15:30 | 000,209,920 | ---- | C] (IDT, Inc.) -- C:\Windows\SysNative\st646267.dll
[2011/02/14 09:15:29 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\InstallShield Installation Information
[2011/02/13 03:58:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Electronic Arts
[2011/02/13 03:58:30 | 000,000,000 | ---D | C] -- C:\ProgramData\EA Core
[2011/02/12 21:15:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ATI Stream SDK v2
[2011/02/12 21:15:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ATI Stream
[2011/02/12 21:15:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ATI
[2011/02/12 21:15:11 | 000,000,000 | ---D | C] -- C:\Program Files\ATI Technologies
[2011/02/12 21:15:09 | 000,000,000 | ---D | C] -- C:\Program Files\ATI
[2011/02/12 21:14:32 | 000,000,000 | ---D | C] -- C:\ATI
[2011/02/11 14:02:06 | 000,000,000 | ---D | C] -- C:\Users\Ishan\Documents\Criterion Games
[2011/02/11 13:52:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Electronic Arts
[2011/02/11 13:50:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Solidshield
[2011/02/11 10:18:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Hewlett-Packard
[2011/02/11 10:09:53 | 000,000,000 | ---D | C] -- C:\Users\Ishan\AppData\Local\ElevatedDiagnostics
[2011/02/10 14:53:03 | 000,000,000 | ---D | C] -- C:\Users\Ishan\AppData\Roaming\Auslogics
[2011/02/10 14:53:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Auslogics
[2011/02/10 14:53:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Auslogics
[2011/02/09 18:18:40 | 000,000,000 | ---D | C] -- C:\Users\Ishan\AppData\Roaming\TeraCopy
[2011/02/09 18:14:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeraCopy
[2011/02/09 18:13:58 | 000,000,000 | ---D | C] -- C:\Program Files\TeraCopy
[2011/02/09 17:56:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Talk
[2011/02/09 10:19:23 | 000,000,000 | ---D | C] -- C:\Users\Ishan\AppData\Local\Adobe
[2011/02/09 10:10:18 | 000,000,000 | ---D | C] -- C:\ProgramData\regid.1986-12.com.adobe
[2011/02/09 10:10:00 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe
[2011/02/09 10:09:03 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2011/02/09 10:06:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe AIR
[2011/02/09 10:06:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe
[2011/02/09 10:02:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe
[2011/02/09 10:02:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe
[2011/02/09 09:33:05 | 000,000,000 | ---D | C] -- C:\Users\Ishan\AppData\Roaming\WordWeb
[2011/02/08 22:07:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox 4.0 Beta 11
[2011/02/08 11:27:25 | 000,000,000 | ---D | C] -- C:\Users\Ishan\AppData\Local\tctemp
[2011/02/08 11:21:56 | 000,000,000 | ---D | C] -- C:\Users\Ishan\AppData\Local\Apple Computer
[2011/02/08 11:21:55 | 000,000,000 | ---D | C] -- C:\Users\Ishan\AppData\Roaming\Apple Computer
[2011/02/08 11:21:44 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\DRVSTORE
[2011/02/08 11:21:21 | 000,000,000 | ---D | C] -- C:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001}
[2011/02/08 11:20:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
[2011/02/08 11:20:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\QuickTime
[2011/02/08 11:20:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer
[2011/02/08 11:20:41 | 000,000,000 | ---D | C] -- C:\Users\Ishan\AppData\Local\Apple
[2011/02/08 11:20:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Apple Software Update
[2011/02/08 11:20:27 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple
[2011/02/08 11:20:18 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2011/02/08 11:20:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bonjour
[2011/02/08 11:20:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple
[2011/02/08 11:20:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Apple
[2011/02/08 10:27:01 | 000,000,000 | ---D | C] -- C:\Users\Ishan\AppData\Roaming\foobar2000
[2011/02/07 12:49:01 | 000,000,000 | ---D | C] -- C:\Users\Ishan\AppData\Roaming\Foxit Software

========== Files - Modified Within 30 Days ==========

[2011/03/08 20:51:03 | 000,000,928 | ---- | M] () -- C:\Windows\tasks\RockMeltUpdateTaskUserS-1-5-21-1230700564-2377669282-3266596742-1000UA.job
[2011/03/08 19:46:30 | 000,717,956 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011/03/08 19:46:30 | 000,618,264 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011/03/08 19:46:30 | 000,104,546 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011/03/08 19:08:32 | 000,025,216 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011/03/08 19:08:32 | 000,025,216 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011/03/08 19:01:11 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/03/08 19:01:06 | 3193,581,568 | -HS- | M] () -- C:\hiberfil.sys
[2011/03/08 18:53:53 | 000,020,992 | ---- | M] () -- C:\Windows\jestertb.dll
[2011/03/08 18:42:42 | 000,050,168 | ---- | M] () -- C:\Windows\SysWow64\thcqblqvllhvmiyxd.exe
[2011/03/08 01:51:00 | 000,000,876 | ---- | M] () -- C:\Windows\tasks\RockMeltUpdateTaskUserS-1-5-21-1230700564-2377669282-3266596742-1000Core.job
[2011/03/07 15:50:53 | 000,001,413 | ---- | M] () -- C:\Users\Ishan\Desktop\Internet Explorer (64-bit).lnk
[2011/03/07 15:48:16 | 000,001,441 | ---- | M] () -- C:\Users\Ishan\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2011/03/05 22:46:41 | 000,000,056 | -H-- | M] () -- C:\Windows\SysWow64\ezsidmv.dat
[2011/03/05 22:45:33 | 000,002,515 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2011/03/05 11:24:11 | 000,001,783 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2011/03/03 04:54:31 | 000,002,312 | ---- | M] () -- C:\Users\Ishan\Desktop\RockMelt.lnk
[2011/03/03 04:49:28 | 000,001,067 | ---- | M] () -- C:\Users\Public\Desktop\BitMate.lnk
[2011/03/02 19:15:37 | 002,318,600 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2011/03/02 18:58:57 | 000,013,082 | ---- | M] () -- C:\Windows\SysWow64\SpoonUninstall-dBpoweramp DSP Effects.dat
[2011/03/02 18:58:49 | 000,033,846 | ---- | M] () -- C:\Windows\SysWow64\SpoonUninstall-dBpoweramp DSP Effects.bmp
[2011/03/02 18:58:47 | 004,022,504 | ---- | M] () -- C:\Windows\SysWow64\SpoonUninstall.exe
[2011/03/02 01:56:57 | 000,000,796 | ---- | M] () -- C:\Users\Public\Desktop\Speccy.lnk
[2011/03/01 06:13:42 | 000,001,993 | ---- | M] () -- C:\Users\Ishan\Desktop\Simple Static IP.lnk
[2011/03/01 06:01:24 | 000,001,974 | ---- | M] () -- C:\Users\Ishan\Desktop\Simple Port Forwarding.lnk
[2011/03/01 05:54:40 | 000,002,003 | ---- | M] () -- C:\Users\Ishan\Desktop\Port Triggering Initiator.lnk
[2011/02/28 08:04:41 | 000,001,035 | ---- | M] () -- C:\Users\Public\Desktop\foobar2000.lnk
[2011/02/27 03:45:05 | 000,000,896 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\CCleaner.lnk
[2011/02/27 01:22:16 | 000,002,879 | ---- | M] () -- C:\Windows\SysWow64\SpoonUninstall-dBpoweramp [Arrange Audio] Codec.dat
[2011/02/27 01:22:14 | 000,033,846 | ---- | M] () -- C:\Windows\SysWow64\SpoonUninstall-dBpoweramp [Arrange Audio] Codec.bmp
[2011/02/27 01:21:23 | 000,002,999 | ---- | M] () -- C:\Windows\SysWow64\SpoonUninstall-dBpoweramp [Channel Split] Codec.dat
[2011/02/27 01:21:21 | 000,033,846 | ---- | M] () -- C:\Windows\SysWow64\SpoonUninstall-dBpoweramp [Channel Split] Codec.bmp
[2011/02/27 01:21:15 | 000,002,884 | ---- | M] () -- C:\Windows\SysWow64\SpoonUninstall-dBpoweramp [Calculate Audio CRC] Codec.dat
[2011/02/27 01:21:12 | 000,033,846 | ---- | M] () -- C:\Windows\SysWow64\SpoonUninstall-dBpoweramp [Calculate Audio CRC] Codec.bmp
[2011/02/27 01:21:02 | 000,002,869 | ---- | M] () -- C:\Windows\SysWow64\SpoonUninstall-dBpoweramp [Tag From Filename] Codec.dat
[2011/02/27 01:20:59 | 000,033,846 | ---- | M] () -- C:\Windows\SysWow64\SpoonUninstall-dBpoweramp [Tag From Filename] Codec.bmp
[2011/02/27 01:20:48 | 000,003,002 | ---- | M] () -- C:\Windows\SysWow64\SpoonUninstall-dBpoweramp [Multi Encoder] Codec.dat
[2011/02/27 01:20:46 | 000,033,846 | ---- | M] () -- C:\Windows\SysWow64\SpoonUninstall-dBpoweramp [Multi Encoder] Codec.bmp
[2011/02/27 01:20:39 | 000,002,900 | ---- | M] () -- C:\Windows\SysWow64\SpoonUninstall-dBpoweramp [ReplayGain] Codec.dat
[2011/02/27 01:20:36 | 000,033,846 | ---- | M] () -- C:\Windows\SysWow64\SpoonUninstall-dBpoweramp [ReplayGain] Codec.bmp
[2011/02/27 01:19:11 | 000,018,038 | ---- | M] () -- C:\Windows\SysWow64\SpoonUninstall-dBpoweramp Music Converter.dat
[2011/02/27 01:18:51 | 000,033,846 | ---- | M] () -- C:\Windows\SysWow64\SpoonUninstall-dBpoweramp Music Converter.bmp
[2011/02/26 08:41:12 | 000,002,172 | ---- | M] () -- C:\Users\Ishan\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox 4.0 Beta 11.lnk
[2011/02/25 06:15:11 | 000,000,098 | ---- | M] () -- C:\ProgramData\Microsoft.SqlServer.Compact.351.64.bc
[2011/02/25 00:14:50 | 000,001,097 | ---- | M] () -- C:\Users\Ishan\Desktop\Your Unin-staller!.lnk
[2011/02/24 19:54:03 | 000,000,822 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2011/02/23 15:10:54 | 000,656,384 | ---- | M] () -- C:\Windows\SysWow64\txzatqumxuo.dll
[2011/02/23 14:08:26 | 000,001,113 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/02/21 05:07:29 | 000,000,745 | ---- | M] () -- C:\Users\Ishan\Desktop\Icy Tower.lnk
[2011/02/20 01:20:46 | 000,731,106 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011/02/19 06:49:06 | 000,011,208 | ---- | M] () -- C:\Users\Ishan\Documents\cc_20110219_064900.reg
[2011/02/19 01:05:45 | 000,001,007 | ---- | M] () -- C:\Users\Ishan\Desktop\SpywareBlaster.lnk
[2011/02/18 17:32:20 | 000,000,931 | ---- | M] () -- C:\Users\Public\Desktop\Reliance Netconnect.lnk
[2011/02/18 02:15:24 | 000,622,039 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\HOSTS
[2011/02/16 05:17:43 | 000,002,198 | ---- | M] () -- C:\Users\Ishan\Desktop\MegaTrainer eXperience.lnk
[2011/02/14 22:40:38 | 000,001,039 | ---- | M] () -- C:\Users\Ishan\Desktop\Dropbox.lnk
[2011/02/11 10:24:55 | 000,000,000 | -H-- | M] () -- C:\Users\Ishan\Documents\Default.rdp
[2011/02/10 14:53:01 | 000,001,140 | ---- | M] () -- C:\Users\Ishan\Desktop\Auslogics Disk Defrag.lnk
[2011/02/09 19:10:22 | 000,054,728 | ---- | M] (Soluto LTD.) -- C:\Windows\SysNative\drivers\Soluto.sys
[2011/02/08 22:07:36 | 000,002,148 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox 4.0 Beta 11.lnk
[2011/02/08 11:20:54 | 000,001,845 | ---- | M] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2011/02/07 11:23:06 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf

========== Files Created - No Company Name ==========

[2011/03/08 20:12:25 | 000,296,448 | ---- | C] () -- C:\Users\Ishan\Desktop\gmer.exe
[2011/03/08 18:53:53 | 000,020,992 | ---- | C] () -- C:\Windows\jestertb.dll
[2011/03/08 18:42:42 | 000,050,168 | ---- | C] () -- C:\Windows\SysWow64\thcqblqvllhvmiyxd.exe
[2011/03/07 15:50:53 | 000,001,413 | ---- | C] () -- C:\Users\Ishan\Desktop\Internet Explorer (64-bit).lnk
[2011/03/07 15:43:48 | 000,072,822 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf
[2011/03/07 15:43:48 | 000,072,822 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf
[2011/03/05 22:46:41 | 000,000,056 | -H-- | C] () -- C:\Windows\SysWow64\ezsidmv.dat
[2011/03/05 22:45:33 | 000,002,515 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk
[2011/03/05 11:24:11 | 000,001,783 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2011/03/03 04:49:28 | 000,001,067 | ---- | C] () -- C:\Users\Public\Desktop\BitMate.lnk
[2011/03/02 02:19:22 | 000,002,486 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Messenger.lnk
[2011/03/01 06:13:42 | 000,001,993 | ---- | C] () -- C:\Users\Ishan\Desktop\Simple Static IP.lnk
[2011/03/01 06:01:24 | 000,001,974 | ---- | C] () -- C:\Users\Ishan\Desktop\Simple Port Forwarding.lnk
[2011/03/01 05:57:44 | 000,000,186 | ---- | C] () -- C:\Windows\SysWow64\CleanMem.ini
[2011/03/01 05:54:40 | 000,002,003 | ---- | C] () -- C:\Users\Ishan\Desktop\Port Triggering Initiator.lnk
[2011/02/27 03:42:09 | 000,000,896 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\CCleaner.lnk
[2011/02/27 01:22:16 | 000,033,846 | ---- | C] () -- C:\Windows\SysWow64\SpoonUninstall-dBpoweramp [Arrange Audio] Codec.bmp
[2011/02/27 01:22:16 | 000,002,879 | ---- | C] () -- C:\Windows\SysWow64\SpoonUninstall-dBpoweramp [Arrange Audio] Codec.dat
[2011/02/27 01:21:23 | 000,033,846 | ---- | C] () -- C:\Windows\SysWow64\SpoonUninstall-dBpoweramp [Channel Split] Codec.bmp
[2011/02/27 01:21:23 | 000,002,999 | ---- | C] () -- C:\Windows\SysWow64\SpoonUninstall-dBpoweramp [Channel Split] Codec.dat
[2011/02/27 01:21:15 | 000,033,846 | ---- | C] () -- C:\Windows\SysWow64\SpoonUninstall-dBpoweramp [Calculate Audio CRC] Codec.bmp
[2011/02/27 01:21:15 | 000,002,884 | ---- | C] () -- C:\Windows\SysWow64\SpoonUninstall-dBpoweramp [Calculate Audio CRC] Codec.dat
[2011/02/27 01:21:02 | 000,033,846 | ---- | C] () -- C:\Windows\SysWow64\SpoonUninstall-dBpoweramp [Tag From Filename] Codec.bmp
[2011/02/27 01:21:02 | 000,002,869 | ---- | C] () -- C:\Windows\SysWow64\SpoonUninstall-dBpoweramp [Tag From Filename] Codec.dat
[2011/02/27 01:20:48 | 000,033,846 | ---- | C] () -- C:\Windows\SysWow64\SpoonUninstall-dBpoweramp [Multi Encoder] Codec.bmp
[2011/02/27 01:20:48 | 000,003,002 | ---- | C] () -- C:\Windows\SysWow64\SpoonUninstall-dBpoweramp [Multi Encoder] Codec.dat
[2011/02/27 01:20:39 | 000,033,846 | ---- | C] () -- C:\Windows\SysWow64\SpoonUninstall-dBpoweramp [ReplayGain] Codec.bmp
[2011/02/27 01:20:39 | 000,002,900 | ---- | C] () -- C:\Windows\SysWow64\SpoonUninstall-dBpoweramp [ReplayGain] Codec.dat
[2011/02/27 01:19:16 | 000,033,846 | ---- | C] () -- C:\Windows\SysWow64\SpoonUninstall-dBpoweramp DSP Effects.bmp
[2011/02/27 01:19:16 | 000,013,082 | ---- | C] () -- C:\Windows\SysWow64\SpoonUninstall-dBpoweramp DSP Effects.dat
[2011/02/27 01:19:11 | 004,022,504 | ---- | C] () -- C:\Windows\SysWow64\SpoonUninstall.exe
[2011/02/27 01:19:11 | 000,033,846 | ---- | C] () -- C:\Windows\SysWow64\SpoonUninstall-dBpoweramp Music Converter.bmp
[2011/02/27 01:19:11 | 000,018,038 | ---- | C] () -- C:\Windows\SysWow64\SpoonUninstall-dBpoweramp Music Converter.dat
[2011/02/25 21:53:53 | 000,002,535 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UltraMon.lnk
[2011/02/25 06:15:11 | 000,000,098 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.351.64.bc
[2011/02/25 00:14:50 | 000,001,097 | ---- | C] () -- C:\Users\Ishan\Desktop\Your Unin-staller!.lnk
[2011/02/23 15:10:54 | 000,656,384 | ---- | C] () -- C:\Windows\SysWow64\txzatqumxuo.dll
[2011/02/23 14:08:26 | 000,001,113 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/02/21 05:07:29 | 000,000,745 | ---- | C] () -- C:\Users\Ishan\Desktop\Icy Tower.lnk
[2011/02/20 01:20:46 | 000,731,106 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011/02/19 06:49:02 | 000,011,208 | ---- | C] () -- C:\Users\Ishan\Documents\cc_20110219_064900.reg
[2011/02/19 06:16:56 | 000,000,796 | ---- | C] () -- C:\Users\Public\Desktop\Speccy.lnk
[2011/02/19 01:05:45 | 000,001,007 | ---- | C] () -- C:\Users\Ishan\Desktop\SpywareBlaster.lnk
[2011/02/18 17:32:20 | 000,000,931 | ---- | C] () -- C:\Users\Public\Desktop\Reliance Netconnect.lnk
[2011/02/16 05:17:43 | 000,002,198 | ---- | C] () -- C:\Users\Ishan\Desktop\MegaTrainer eXperience.lnk
[2011/02/14 22:40:38 | 000,001,039 | ---- | C] () -- C:\Users\Ishan\Desktop\Dropbox.lnk
[2011/02/11 10:24:55 | 000,000,000 | -H-- | C] () -- C:\Users\Ishan\Documents\Default.rdp
[2011/02/10 14:53:01 | 000,001,140 | ---- | C] () -- C:\Users\Ishan\Desktop\Auslogics Disk Defrag.lnk
[2011/02/09 10:10:05 | 000,001,232 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS5 (64 Bit).lnk
[2011/02/09 10:08:58 | 000,001,173 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CS5.lnk
[2011/02/09 10:06:42 | 000,000,997 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Help.lnk
[2011/02/08 22:07:36 | 000,002,172 | ---- | C] () -- C:\Users\Ishan\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox 4.0 Beta 11.lnk
[2011/02/08 22:07:36 | 000,002,160 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox 4.0 Beta 11.lnk
[2011/02/08 22:07:36 | 000,002,148 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox 4.0 Beta 11.lnk
[2011/02/08 11:20:54 | 000,001,845 | ---- | C] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2011/02/08 11:20:39 | 000,002,519 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
[2011/02/07 11:23:06 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2011/02/06 09:24:03 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2011/02/05 20:59:11 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2010/06/25 22:33:12 | 000,053,299 | ---- | C] () -- C:\Windows\SysWow64\pthreadVC.dll
[2009/07/14 11:08:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009/07/14 08:05:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009/07/14 08:04:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009/07/14 05:40:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009/07/14 05:12:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009/07/14 02:33:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/06/11 02:56:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat

========== LOP Check ==========

[2011/02/25 12:31:41 | 000,000,000 | ---D | M] -- C:\Users\Ishan\AppData\Roaming\.minecraft
[2011/02/10 14:53:03 | 000,000,000 | ---D | M] -- C:\Users\Ishan\AppData\Roaming\Auslogics
[2011/03/05 11:34:54 | 000,000,000 | ---D | M] -- C:\Users\Ishan\AppData\Roaming\Azureus
[2011/02/06 04:21:14 | 000,000,000 | ---D | M] -- C:\Users\Ishan\AppData\Roaming\DAEMON Tools Lite
[2011/03/06 02:34:13 | 000,000,000 | ---D | M] -- C:\Users\Ishan\AppData\Roaming\DarksporeData
[2011/02/27 02:53:46 | 000,000,000 | ---D | M] -- C:\Users\Ishan\AppData\Roaming\dBpoweramp
[2011/03/08 20:16:31 | 000,000,000 | ---D | M] -- C:\Users\Ishan\AppData\Roaming\DMCache
[2011/03/08 19:10:46 | 000,000,000 | ---D | M] -- C:\Users\Ishan\AppData\Roaming\Dropbox
[2011/02/06 00:25:32 | 000,000,000 | ---D | M] -- C:\Users\Ishan\AppData\Roaming\ESET
[2011/03/07 15:45:41 | 000,000,000 | ---D | M] -- C:\Users\Ishan\AppData\Roaming\foobar2000
[2011/02/07 12:49:01 | 000,000,000 | ---D | M] -- C:\Users\Ishan\AppData\Roaming\Foxit Software
[2011/03/08 20:09:28 | 000,000,000 | ---D | M] -- C:\Users\Ishan\AppData\Roaming\IDM
[2011/02/28 09:52:11 | 000,000,000 | ---D | M] -- C:\Users\Ishan\AppData\Roaming\Individual Software
[2011/03/02 18:28:21 | 000,000,000 | ---D | M] -- C:\Users\Ishan\AppData\Roaming\MP3 Quality Modifier
[2011/02/25 06:22:02 | 000,000,000 | ---D | M] -- C:\Users\Ishan\AppData\Roaming\Soluto
[2011/03/01 04:42:16 | 000,000,000 | ---D | M] -- C:\Users\Ishan\AppData\Roaming\SystemRequirementsLab
[2011/03/08 20:13:34 | 000,000,000 | ---D | M] -- C:\Users\Ishan\AppData\Roaming\TeraCopy
[2011/02/25 00:14:52 | 000,000,000 | ---D | M] -- C:\Users\Ishan\AppData\Roaming\URSoft
[2011/03/08 21:40:31 | 000,000,000 | ---D | M] -- C:\Users\Ishan\AppData\Roaming\uTorrent
[2011/02/09 09:33:05 | 000,000,000 | ---D | M] -- C:\Users\Ishan\AppData\Roaming\WordWeb
[2011/02/18 19:14:11 | 000,000,000 | ---D | M] -- C:\Users\Ishan\AppData\Roaming\ZTEEVDO
[2011/03/08 01:51:00 | 000,000,876 | ---- | M] () -- C:\Windows\Tasks\RockMeltUpdateTaskUserS-1-5-21-1230700564-2377669282-3266596742-1000Core.job
[2011/03/08 20:51:03 | 000,000,928 | ---- | M] () -- C:\Windows\Tasks\RockMeltUpdateTaskUserS-1-5-21-1230700564-2377669282-3266596742-1000UA.job
[2009/07/14 10:38:49 | 000,008,840 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 95 bytes -> C:\ProgramData\TEMP:5C321E34
@Alternate Data Stream - 171 bytes -> C:\ProgramData\TEMP:1CE11B51

< End of report >

OTL Extras logfile created on: 3/8/2011 9:47:00 PM - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\Ishan\Downloads\Programs
64bit- An unknown product Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8080.16413)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

4.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 67.00% Memory free
8.00 Gb Paging File | 6.00 Gb Available in Paging File | 72.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 390.53 Gb Total Space | 283.78 Gb Free Space | 72.66% Space Free | Partition Type: NTFS
Drive D: | 75.13 Gb Total Space | 75.04 Gb Free Space | 99.87% Space Free | Partition Type: NTFS

Computer Name: R4Z0R-PC | User Name: Ishan | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox 4.0 Beta 11\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l File not found
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [runas] -- cmd.exe /c takeown /f "%1" && icacls "%1" /grant administrators:F (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [runas] -- cmd.exe /c takeown /f "%1" && icacls "%1" /grant administrators:F (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
"DefaultOutboundAction" = 0
"DefaultInboundAction" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

========== Authorized Applications List ==========


========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
"{1E9FC118-651D-4934-97BE-E53CAE5C7D45}" = Microsoft_VC80_MFCLOC_x86_x64
"{22441735-5983-AD2A-5CC5-FA2CCD7EF732}" = ATI Stream SDK v2 Developer
"{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}" = Microsoft_VC80_CRT_x86_x64
"{537056B7-32A4-4408-9B54-0341963C7C9C}" = UltraMon
"{57A55288-6BA7-47F4-9F6D-9E4086463471}" = ESET Smart Security
"{6B082D3D-8987-4886-8B1A-CAA34DF79431}" = Soluto
"{8557397C-A42D-486F-97B3-A2CBC2372593}" = Microsoft_VC90_ATL_x86_x64
"{8E3ECAA6-4975-17E7-E443-960F8E3F9136}" = ccc-utility64
"{8F473675-D702-45F9-8EBC-342B40C17BF5}" = Apple Mobile Device Support
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2010
"{90140000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010
"{90A1F0ED-BC6F-EBD4-2101-885AB084499C}" = ATI Catalyst Install Manager
"{925D058B-564A-443A-B4B2-7E90C6432E55}" = Microsoft_VC80_ATL_x86_x64
"{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}" = Microsoft_VC90_CRT_x86_x64
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}" = Microsoft_VC90_MFC_x86_x64
"{B24A47E5-F196-461E-A7A4-AADB72CB19DD}" = iTunes
"{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}" = Microsoft_VC80_MFC_x86_x64
"{D07A61E5-A59C-433C-BCBD-22025FA2287B}" = Windows Live Language Selector
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
"{E4F5E48E-7155-4CF9-88CD-7F377EC9AC54}" = Bonjour
"CCleaner" = CCleaner
"Speccy" = Speccy
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"TeraCopy_is1" = TeraCopy 2.12
"Unlocker" = Unlocker 1.9.0-x64
"WinRAR archiver" = WinRAR 4.00 (64-bit)
"ZTEWireless-101_is1" = Reliance Netconnect - Broadband+

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{00E9A68C-DD7F-F961-7EB3-60606DEA8C83}" = CCC Help Chinese Traditional
"{02980141-FD57-8EAE-12FE-14DB086AD44E}" = CCC Help Finnish
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}" = Adobe Community Help
"{11083C7A-D0D6-4DA4-8C3A-74B8389EC07B}" = ATI Catalyst Registration
"{15FEDA5F-141C-4127-8D7E-B962D1742728}" = Adobe Photoshop CS5
"{1BFC85A2-D51C-B072-EECE-692C1F6F39F7}" = CCC Help Russian
"{1D08D60F-B829-B083-3CEB-46D45E786BD7}" = CCC Help Korean
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{226b64e8-dc75-4eea-a6c8-abcb496320f2}-Google Talk" = Google Talk (remove only)
"{26A24AE4-039D-4CA4-87B4-2F83216015FF}" = Java™ 6 Update 24
"{293F82CD-1BE8-03BC-DBAD-903388CFBB62}" = Catalyst Control Center Localization All
"{2DC94AFD-A6E2-4AB4-9132-4A3F8E07B386}" = Apple Application Support
"{309CFFB9-4EFD-428F-4CAE-CBBEB6A32CD6}" = CCC Help Danish
"{3F5CF8BB-8D8E-9553-4F3E-DDB29F56158C}" = CCC Help German
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{53F67FF8-D51D-1C77-59E0-4797A3BEF546}" = CCC Help Norwegian
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{585E9394-6039-4AAB-D121-57788CA7474C}" = CCC Help Japanese
"{5A4FB792-D98F-409C-24B6-BD2A80D30E3A}" = Catalyst Control Center Graphics Previews Common
"{5DDE8B6B-2922-103A-EA92-0CC4D5BBE63E}" = CCC Help Spanish
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6EA15FDE-39F1-47F1-2FE2-37803AA4F7F6}" = CCC Help French
"{6FCBE08B-EB47-448E-8566-CE38E8B8D065}" = System Requirements Lab CYRI
"{749129FB-A3E4-B5D7-425A-B22F262EBD50}" = CCC Help Polish
"{78C957A5-B4AF-21AB-1CD4-0B9C9EC66DCB}" = CCC Help Turkish
"{80956555-A512-4190-9CAD-B000C36D6B6B}" = Windows Live Messenger
"{83A606F5-BF6F-42ED-9F33-B9F74297CDED}" = Need for Speed™ Hot Pursuit
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{896C5024-AA39-12E8-D6C2-D818B7E3D58F}" = CCC Help English
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8ACC73AA-6511-7C55-B1A9-8E5D1DEAFAA3}" = The Lord of the Rings FREE Trial
"{8B562A56-6C57-509C-FD32-B68FB80DE2CB}" = CCC Help Portuguese
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{90140000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010
"{90140000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010
"{90140000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010
"{90140000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010
"{90140000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010
"{90140000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010
"{90140000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010
"{90140000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2010
"{90140000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010
"{90140000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010
"{90140000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2010
"{90140000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010
"{90140000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{95ECF9A9-FE38-0751-3BAC-446BB4494846}" = CCC Help Swedish
"{9A22BB09-8086-691D-F409-3AF74D9E3BF0}" = ccc-core-static
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A17A245B-1B9D-AD95-2249-C2F1C1F1F4BA}" = CCC Help Thai
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{ADEEF3E4-15A4-F286-38EE-675A8EF0212B}" = Catalyst Control Center InstallProxy
"{B1AAE4BF-C98E-467E-94C7-4E1F51DD86E0}" = Darkspore™
"{B217B71E-D823-7317-B606-D247E38A82C5}" = CCC Help Dutch
"{B50EEEB0-4984-11C2-7F6A-0263034A20E9}" = CCC Help Greek
"{B812760B-E2A2-082F-8F0B-F9C5D722A203}" = CCC Help Chinese Standard
"{C33ABF38-B26E-02CB-EAE4-F13CF444FA7A}" = CCC Help Czech
"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DB1F1933-58B6-4ACD-A7E8-ABE8CC086A07}" = System Requirements Lab for Intel
"{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1" = Auslogics Disk Defrag
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}" = IDT Audio
"{E5E7A1EE-F0D6-6E44-6C59-29CD9A666409}" = CCC Help Italian
"{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.1
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{F169F3EB-36AF-46A5-91E7-C9F48360CBAF}" = BitMate
"{F74C130C-3D05-7182-1E80-10C990C1D163}" = CCC Help Hungarian
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"CleanMem" = CleanMem
"DAEMON Tools Lite" = DAEMON Tools Lite
"Everything" = Everything 1.2.1.371
"foobar2000" = foobar2000 v1.1.5
"Foxit Reader" = Foxit Reader
"Icy Tower v1.5_is1" = Icy Tower v1.5
"Internet Download Manager" = Internet Download Manager
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"MegaTrainer eXperience_is1" = MegaTrainer eXperience V1.0.3.2
"Mozilla Firefox 4.0b12 (x86 en-US)" = Mozilla Firefox 4.0b12 (x86 en-US)
"Office14.PROPLUS" = Microsoft Office Professional Plus 2010
"Picasa 3" = Picasa 3
"Port Triggering Initiator" = Port Triggering Initiator
"ResumeMaker Professional" = ResumeMaker Professional
"Simple Port Forwarding" = Simple Port Forwarding
"Simple Static IP" = Simple Static IP
"SpywareBlaster_is1" = SpywareBlaster 4.4
"uTorrent" = µTorrent
"VLC media player" = VLC media player 1.1.6
"WinLiveSuite" = Windows Live Essentials
"WinPcapInst" = WinPcap 4.1.2
"WordWeb" = WordWeb
"YU2010_is1" = Your Uninstaller! 2010

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dropbox" = Dropbox
"RockMelt" = RockMelt

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 3/8/2011 1:15:16 AM | Computer Name = R4Z0R-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 3/8/2011 1:15:16 AM | Computer Name = R4Z0R-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 3978

Error - 3/8/2011 1:15:16 AM | Computer Name = R4Z0R-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 3978

Error - 3/8/2011 1:15:17 AM | Computer Name = R4Z0R-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 3/8/2011 1:15:17 AM | Computer Name = R4Z0R-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 5023

Error - 3/8/2011 1:15:17 AM | Computer Name = R4Z0R-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 5023

Error - 3/8/2011 1:15:18 AM | Computer Name = R4Z0R-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 3/8/2011 1:15:18 AM | Computer Name = R4Z0R-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 6084

Error - 3/8/2011 1:15:18 AM | Computer Name = R4Z0R-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 6084

Error - 3/8/2011 5:21:06 AM | Computer Name = R4Z0R-PC | Source = Google Update | ID = 20
Description =

[ System Events ]
Error - 3/8/2011 1:04:57 AM | Computer Name = R4Z0R-PC | Source = atikmdag | ID = 43029
Description = Display is not active

Error - 3/8/2011 1:29:17 AM | Computer Name = R4Z0R-PC | Source = atikmdag | ID = 43029
Description = Display is not active

Error - 3/8/2011 2:40:31 AM | Computer Name = R4Z0R-PC | Source = ACPI | ID = 327693
Description = : The embedded controller (EC) did not respond within the specified
timeout period. This may indicate that there is an error in the EC hardware or
firmware or that the BIOS is accessing the EC incorrectly. You should check with
your computer manufacturer for an upgraded BIOS. In some situations, this error
may cause the computer to function incorrectly.

Error - 3/8/2011 4:31:16 AM | Computer Name = R4Z0R-PC | Source = ACPI | ID = 327693
Description = : The embedded controller (EC) did not respond within the specified
timeout period. This may indicate that there is an error in the EC hardware or
firmware or that the BIOS is accessing the EC incorrectly. You should check with
your computer manufacturer for an upgraded BIOS. In some situations, this error
may cause the computer to function incorrectly.

Error - 3/8/2011 6:13:25 AM | Computer Name = R4Z0R-PC | Source = atikmdag | ID = 52236
Description = CPLIB :: General - Invalid Parameter

Error - 3/8/2011 6:13:25 AM | Computer Name = R4Z0R-PC | Source = atikmdag | ID = 43029
Description = Display is not active

Error - 3/8/2011 6:13:37 AM | Computer Name = R4Z0R-PC | Source = Service Control Manager | ID = 7023
Description = The Function Discovery Resource Publication service terminated with
the following error: %%-2147014847

Error - 3/8/2011 9:31:11 AM | Computer Name = R4Z0R-PC | Source = atikmdag | ID = 52236
Description = CPLIB :: General - Invalid Parameter

Error - 3/8/2011 9:31:11 AM | Computer Name = R4Z0R-PC | Source = atikmdag | ID = 43029
Description = Display is not active

Error - 3/8/2011 9:31:22 AM | Computer Name = R4Z0R-PC | Source = Service Control Manager | ID = 7023
Description = The Function Discovery Resource Publication service terminated with
the following error: %%-2147014847


< End of report >

EDIT: Please be patient. There are over 210 unanswered topics in this forum at present and the current average wait time to receive help is about a week. ~BP

Edited by Budapest, 09 March 2011 - 03:59 PM.
Moved from AII ~BP


BC AdBot (Login to Remove)

 


#2 Budapest

Budapest

    Bleepin' Cynic


  • Moderator
  • 23,573 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:42 AM

Posted 09 March 2011 - 05:56 PM

It appears that this issue is resolved, therefore I am closing the topic. If that is not the case and you need or wish to continue with this topic, please send me or any Moderator a Personal Message (PM) that you would like this topic re-opened.
The power of accurate observation is commonly called cynicism by those who haven't got it.

—George Bernard Shaw




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users