Rogue Killer Log:
RogueKiller V8.1.1 [10/03/2012] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Feedback:
http://www.geekstogo.com/forum/files/file/413-roguekiller/
Website:
http://tigzy.geekstogo.com/roguekiller.php
Blog:
http://tigzyrk.blogspot.com
Operating System: Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : Swetha [Admin rights]
Mode : Scan -- Date : 10/03/2012 10:23:42
¤¤¤ Bad processes : 0 ¤¤¤
¤¤¤ Registry Entries : 12 ¤¤¤
[TASK][SUSP PATH] {4F8A5BF7-47F4-486F-BBD9-3C7CE272BC64} : C:\Windows\system32\pcalua.exe -a C:\Users\Swetha\Desktop\SOFTWARES\qhuninst.exe -d C:\Users\Swetha\Desktop\SOFTWARES -> FOUND
[TASK][HJNAME] {C1FB122E-9AC4-4789-9AF3-9656DC42F68D} : C:\Windows\system32\pcalua.exe -a C:\Users\Swetha\winlogon.exe -d C:\Windows\system32 -> FOUND
[HJPOL] HKCU\[...]\System : disableregistrytools (0) -> FOUND
[HJPOL] HKLM\[...]\System : DisableRegistryTools (0) -> FOUND
[HJPOL] HKLM\[...]\Wow6432Node\System : DisableRegistryTools (0) -> FOUND
[HJ DESK] HKCU\[...]\ClassicStartMenu : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
[HJ DESK] HKCU\[...]\ClassicStartMenu : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND
[HJ DESK] HKCU\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND
[HJ DESK] HKCU\[...]\ClassicStartMenu : {645FF040-5081-101B-9F08-00AA002F954E} (1) -> FOUND
[HJ DESK] HKCU\[...]\NewStartPanel : {645FF040-5081-101B-9F08-00AA002F954E} (1) -> FOUND
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND
¤¤¤ Particular Files / Folders: ¤¤¤
¤¤¤ Driver : [NOT LOADED] ¤¤¤
¤¤¤ Infection : Root.MBR ¤¤¤
¤¤¤ HOSTS File: ¤¤¤
--> C:\Windows\system32\drivers\etc\hosts
127.0.0.1 localhost
¤¤¤ MBR Check: ¤¤¤
+++++ PhysicalDrive0: SAMSUNG HM641JI +++++
--- User ---
[MBR] 95b8514f066a49dc9db447e43a775706
[BSP] 5172bfeb4ea2654649dd7a3060aeab9b : Windows 7 MBR Code
Partition table:
0 - [XXXXXX] DELL-UTIL (0xde) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 15000 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 30926848 | Size: 595364 Mo
User != LL1 ... KO!
--- LL1 ---
[MBR] 6ada47a0ecf38acdbdabc30691ce81e9
[BSP] 5172bfeb4ea2654649dd7a3060aeab9b : Windows 7 MBR Code [possible maxSST in 3!]
Partition table:
0 - [XXXXXX] DELL-UTIL (0xde) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 15000 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 30926848 | Size: 595364 Mo
3 - [ACTIVE] NTFS (0x17) [HIDDEN!] Offset (sectors): 1250261680 | Size: 0 Mo
User != LL2 ... KO!
--- LL2 ---
[MBR] 6ada47a0ecf38acdbdabc30691ce81e9
[BSP] 5172bfeb4ea2654649dd7a3060aeab9b : Windows 7 MBR Code [possible maxSST in 3!]
Partition table:
0 - [XXXXXX] DELL-UTIL (0xde) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 15000 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 30926848 | Size: 595364 Mo
3 - [ACTIVE] NTFS (0x17) [HIDDEN!] Offset (sectors): 1250261680 | Size: 0 Mo
+++++ PhysicalDrive1: Seagate Portable USB Device +++++
--- User ---
[MBR] a60509be79e821c64ee8a6f7639e2122
[BSP] 9e90507e0c4e46b048bb6ef8b61ef001 : MBR Code unknown
Partition table:
0 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 476937 Mo
User = LL1 ... OK!
Error reading LL2 MBR!
Finished : << RKreport[1].txt >>
RKreport[1].txt
********************************************************************
OTL.txt:
OTL logfile created on: 10/3/2012 10:26:39 AM - Run 1
OTL by OldTimer - Version 3.2.70.1 Folder = C:\Users\Swetha\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
5.87 Gb Total Physical Memory | 4.22 Gb Available Physical Memory | 71.89% Memory free
11.73 Gb Paging File | 9.83 Gb Available in Paging File | 83.81% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 581.41 Gb Total Space | 502.07 Gb Free Space | 86.35% Space Free | Partition Type: NTFS
Drive E: | 465.76 Gb Total Space | 369.11 Gb Free Space | 79.25% Space Free | Partition Type: NTFS
Drive Y: | 99.79 Mb Total Space | 89.97 Mb Free Space | 90.16% Space Free | Partition Type: FAT
Computer Name: SWETHA-PC | User Name: Swetha | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2012/10/03 10:24:54 | 000,600,064 | ---- | M] (OldTimer Tools) -- C:\Users\Swetha\Desktop\OTL.exe
PRC - [2012/10/02 20:08:51 | 000,722,528 | ---- | M] () -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\12.2.6\ToolbarUpdater.exe
PRC - [2012/10/02 20:08:47 | 000,947,808 | ---- | M] () -- C:\Program Files (x86)\AVG Secure Search\vprot.exe
PRC - [2012/09/06 15:51:54 | 015,668,432 | ---- | M] (Google) -- C:\Program Files (x86)\Google\Drive\googledrivesync.exe
PRC - [2012/05/04 15:43:20 | 001,561,768 | ---- | M] (Ask) -- C:\Program Files (x86)\Ask.com\Updater\Updater.exe
PRC - [2011/10/13 18:21:52 | 000,249,648 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
PRC - [2011/09/01 17:47:26 | 000,090,448 | ---- | M] (Research In Motion Limited) -- C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
PRC - [2010/07/06 01:36:12 | 000,135,168 | ---- | M] () -- C:\Windows\SysWOW64\ChgService.exe
PRC - [2010/05/21 13:00:52 | 000,783,680 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe
PRC - [2010/05/21 12:58:30 | 000,673,088 | ---- | M] (SoftThinks) -- C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe
PRC - [2010/03/17 17:37:16 | 002,320,920 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2010/03/17 17:34:12 | 000,268,824 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2009/12/23 18:39:04 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2009/12/23 18:39:02 | 000,284,696 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
PRC - [2009/10/15 04:10:28 | 000,498,160 | ---- | M] () -- C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe
PRC - [2009/07/01 19:54:04 | 000,013,600 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
PRC - [2009/06/09 10:11:14 | 000,155,648 | ---- | M] (Stardock Corporation) -- C:\Program Files\Dell\DellDock\DockLogin.exe
PRC - [2009/05/21 09:59:08 | 000,206,064 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files (x86)\Dell Support Center\bin\sprtsvc.exe
PRC - [2009/05/21 09:59:08 | 000,206,064 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe
PRC - [2009/01/26 15:31:16 | 002,144,088 | RHS- | M] (Safer Networking Limited) -- C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
PRC - [2009/01/26 15:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
========== Modules (No Company Name) ==========
MOD - [2012/10/03 09:56:59 | 001,169,408 | ---- | M] () -- C:\Users\Swetha\AppData\Local\Temp\_MEI22762\wx._core_.pyd
MOD - [2012/10/03 09:56:59 | 001,024,024 | ---- | M] () -- C:\Users\Swetha\AppData\Local\Temp\_MEI22762\windows._cacheinvalidation.pyd
MOD - [2012/10/03 09:56:59 | 000,792,576 | ---- | M] () -- C:\Users\Swetha\AppData\Local\Temp\_MEI22762\wx._gdi_.pyd
MOD - [2012/10/03 09:56:59 | 000,731,136 | ---- | M] () -- C:\Users\Swetha\AppData\Local\Temp\_MEI22762\wx._misc_.pyd
MOD - [2012/10/03 09:56:59 | 000,645,120 | ---- | M] () -- C:\Users\Swetha\AppData\Local\Temp\_MEI22762\_ssl.pyd
MOD - [2012/10/03 09:56:59 | 000,571,392 | ---- | M] () -- C:\Users\Swetha\AppData\Local\Temp\_MEI22762\pysqlite2._sqlite.pyd
MOD - [2012/10/03 09:56:59 | 000,354,304 | ---- | M] () -- C:\Users\Swetha\AppData\Local\Temp\_MEI22762\pythoncom26.dll
MOD - [2012/10/03 09:56:59 | 000,311,808 | ---- | M] () -- C:\Users\Swetha\AppData\Local\Temp\_MEI22762\_hashlib.pyd
MOD - [2012/10/03 09:56:59 | 000,263,168 | ---- | M] () -- C:\Users\Swetha\AppData\Local\Temp\_MEI22762\win32com.shell.shell.pyd
MOD - [2012/10/03 09:56:59 | 000,110,592 | ---- | M] () -- C:\Users\Swetha\AppData\Local\Temp\_MEI22762\win32security.pyd
MOD - [2012/10/03 09:56:59 | 000,096,256 | ---- | M] () -- C:\Users\Swetha\AppData\Local\Temp\_MEI22762\win32api.pyd
MOD - [2012/10/03 09:56:59 | 000,086,016 | ---- | M] () -- C:\Users\Swetha\AppData\Local\Temp\_MEI22762\_elementtree.pyd
MOD - [2012/10/03 09:56:59 | 000,073,728 | ---- | M] () -- C:\Users\Swetha\AppData\Local\Temp\_MEI22762\_ctypes.pyd
MOD - [2012/10/03 09:56:59 | 000,070,656 | ---- | M] () -- C:\Users\Swetha\AppData\Local\Temp\_MEI22762\wx._html2.pyd
MOD - [2012/10/03 09:56:59 | 000,040,448 | ---- | M] () -- C:\Users\Swetha\AppData\Local\Temp\_MEI22762\_socket.pyd
MOD - [2012/10/03 09:56:59 | 000,036,352 | ---- | M] () -- C:\Users\Swetha\AppData\Local\Temp\_MEI22762\win32process.pyd
MOD - [2012/10/03 09:56:59 | 000,022,528 | ---- | M] () -- C:\Users\Swetha\AppData\Local\Temp\_MEI22762\win32pdh.pyd
MOD - [2012/10/03 09:56:59 | 000,011,776 | ---- | M] () -- C:\Users\Swetha\AppData\Local\Temp\_MEI22762\win32crypt.pyd
MOD - [2012/10/03 09:56:58 | 001,056,256 | ---- | M] () -- C:\Users\Swetha\AppData\Local\Temp\_MEI22762\wx._controls_.pyd
MOD - [2012/10/03 09:56:58 | 000,807,424 | ---- | M] () -- C:\Users\Swetha\AppData\Local\Temp\_MEI22762\wx._windows_.pyd
MOD - [2012/10/03 09:56:58 | 000,121,856 | ---- | M] () -- C:\Users\Swetha\AppData\Local\Temp\_MEI22762\wx._wizard.pyd
MOD - [2012/10/03 09:56:58 | 000,111,104 | ---- | M] () -- C:\Users\Swetha\AppData\Local\Temp\_MEI22762\win32file.pyd
MOD - [2012/10/03 09:56:58 | 000,110,592 | ---- | M] () -- C:\Users\Swetha\AppData\Local\Temp\_MEI22762\pywintypes26.dll
MOD - [2012/10/03 09:56:58 | 000,039,424 | ---- | M] () -- C:\Users\Swetha\AppData\Local\Temp\_MEI22762\win32inet.pyd
MOD - [2012/10/03 09:56:57 | 000,585,728 | ---- | M] () -- C:\Users\Swetha\AppData\Local\Temp\_MEI22762\unicodedata.pyd
MOD - [2012/10/03 09:56:57 | 000,153,088 | ---- | M] () -- C:\Users\Swetha\AppData\Local\Temp\_MEI22762\pyexpat.pyd
MOD - [2012/10/03 09:56:57 | 000,017,920 | ---- | M] () -- C:\Users\Swetha\AppData\Local\Temp\_MEI22762\win32event.pyd
MOD - [2012/10/03 09:56:57 | 000,011,776 | ---- | M] () -- C:\Users\Swetha\AppData\Local\Temp\_MEI22762\select.pyd
MOD - [2012/10/02 20:08:55 | 000,564,832 | ---- | M] () -- C:\Program Files (x86)\Common Files\AVG Secure Search\DNTInstaller\12.2.6\avgdttbx.dll
MOD - [2012/10/02 20:08:53 | 000,132,704 | ---- | M] () -- C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\12.2.6\SiteSafety.dll
MOD - [2012/10/02 20:08:47 | 000,947,808 | ---- | M] () -- C:\Program Files (x86)\AVG Secure Search\vprot.exe
MOD - [2012/06/13 09:04:06 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\7b7fbe651c6e72f12099a298654c9594\System.Windows.Forms.ni.dll
MOD - [2012/06/13 09:03:59 | 001,591,808 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\6bb439b3f87736d3248ae27d43e2c0d6\System.Drawing.ni.dll
MOD - [2012/05/12 20:09:09 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\03dee80574f4ec770b6f77ca030ded6c\System.Runtime.Remoting.ni.dll
MOD - [2012/05/12 20:08:33 | 003,347,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\46fce56db7685a586d3eeb7c373e3c1c\WindowsBase.ni.dll
MOD - [2012/05/12 20:08:29 | 005,452,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\ba3d70b651454c7d49b407b93663bfed\System.Xml.ni.dll
MOD - [2012/05/12 20:08:26 | 007,967,232 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\ce9ff6baf9053ed2ed673d948179195c\System.ni.dll
MOD - [2012/05/12 20:08:26 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\cfa9c506bfb9254c89dace7b83bc9f9d\System.Configuration.ni.dll
MOD - [2012/05/12 20:08:20 | 011,492,864 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\acfc1391e45fedd2a359778ea57d914c\mscorlib.ni.dll
MOD - [2010/05/21 13:00:52 | 000,783,680 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe
MOD - [2010/05/21 12:59:16 | 000,079,168 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\zlib1.dll
MOD - [2010/05/21 12:58:56 | 000,075,072 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\STRegistry.dll
MOD - [2010/05/21 12:58:54 | 000,111,936 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\STPE.dll
MOD - [2010/05/21 12:58:48 | 000,121,152 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\STNLS.dll
MOD - [2010/05/21 12:58:46 | 000,128,320 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\STLog.dll
MOD - [2010/05/21 12:58:42 | 000,234,816 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\STFiles.dll
MOD - [2010/05/21 12:58:18 | 001,123,648 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\libxml2.dll
MOD - [2009/10/15 04:10:28 | 000,498,160 | ---- | M] () -- C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe
========== Services (SafeList) ==========
SRV:
64bit: - [2012/09/12 21:21:48 | 000,368,896 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- c:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV:
64bit: - [2012/09/12 21:21:48 | 000,022,072 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV:
64bit: - [2010/06/02 02:30:28 | 000,203,264 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:
64bit: - [2010/03/17 17:29:08 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_58afa5ca50c7b5e7\AESTSr64.exe -- (AESTFilters)
SRV:
64bit: - [2010/03/17 17:27:52 | 000,244,736 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_58afa5ca50c7b5e7\stacsv64.exe -- (STacSV)
SRV:
64bit: - [2010/02/03 02:13:10 | 000,048,128 | ---- | M] (Dell Inc.) [Auto | Running] -- C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE -- (wltrysvc)
SRV:
64bit: - [2009/11/02 13:48:18 | 000,126,352 | ---- | M] (Intel(R) Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\TurboBoost\TurboBoost.exe -- (TurboBoost)
SRV:
64bit: - [2009/07/13 21:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:
64bit: - [2009/07/01 19:54:02 | 000,864,032 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins)
SRV:
64bit: - [2009/06/09 10:11:14 | 000,155,648 | ---- | M] (Stardock Corporation) [Auto | Running] -- C:\Program Files\Dell\DellDock\DockLogin.exe -- (DockLoginService)
SRV - [2012/10/02 20:08:51 | 000,722,528 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\12.2.6\ToolbarUpdater.exe -- (vToolbarUpdater12.2.6)
SRV - [2012/10/01 17:04:57 | 000,250,288 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/07/13 13:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/07/03 13:46:44 | 000,655,944 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2011/10/21 16:23:42 | 000,196,176 | ---- | M] (Microsoft Corporation.) [Auto | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
SRV - [2011/10/13 18:21:52 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE -- (BBUpdate)
SRV - [2010/12/08 06:31:06 | 000,628,736 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2010/07/06 01:36:12 | 000,135,168 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\ChgService.exe -- (Change Modem Device Service)
SRV - [2010/05/21 12:58:30 | 000,673,088 | ---- | M] (SoftThinks) [Auto | Running] -- C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe -- (SftService)
SRV - [2010/03/18 05:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/03/17 17:37:16 | 002,320,920 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2010/03/17 17:34:12 | 000,268,824 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2010/03/17 17:29:08 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_58afa5ca50c7b5e7\AESTSr64.exe -- (AESTFilters)
SRV - [2010/03/17 17:27:52 | 000,244,736 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_58afa5ca50c7b5e7\STacSV64.exe -- (STacSV)
SRV - [2009/12/23 18:39:04 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2009/06/10 17:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009/06/05 20:07:28 | 000,250,616 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WildTangent\Dell Games\Dell Game Console\GameConsoleService.exe -- (GameConsoleService)
SRV - [2009/05/21 09:59:08 | 000,206,064 | ---- | M] (SupportSoft, Inc.) [Auto | Running] -- C:\Program Files (x86)\Dell Support Center\bin\sprtsvc.exe -- (sprtsvc_DellSupportCenter)
========== Driver Services (SafeList) ==========
DRV:
64bit: - [2012/10/02 20:08:54 | 000,031,080 | ---- | M] (AVG Technologies) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtpx64.sys -- (avgtp)
DRV:
64bit: - [2012/08/30 22:03:48 | 000,128,456 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv)
DRV:
64bit: - [2012/03/01 02:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:
64bit: - [2011/08/01 15:59:06 | 000,045,416 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\point64.sys -- (Point64)
DRV:
64bit: - [2011/08/01 15:59:06 | 000,023,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nuidfltr.sys -- (NuidFltr)
DRV:
64bit: - [2011/07/25 17:44:46 | 000,074,752 | ---- | M] (Research In Motion Limited) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RimUsb_AMD64.sys -- (RimUsb)
DRV:
64bit: - [2011/07/20 14:58:22 | 000,044,032 | ---- | M] (Research in Motion Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RimSerial_AMD64.sys -- (RimVSerPort)
DRV:
64bit: - [2011/05/18 00:08:32 | 000,047,616 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dc3d.sys -- (dc3d)
DRV:
64bit: - [2011/03/11 02:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:
64bit: - [2011/03/11 02:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:
64bit: - [2010/12/02 04:14:18 | 000,019,968 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbx64.sys -- (nmwcd)
DRV:
64bit: - [2010/11/20 09:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:
64bit: - [2010/11/20 07:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:
64bit: - [2010/07/06 01:37:50 | 000,126,080 | ---- | M] (QUALCOMM Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\cmnsusbser.sys -- (cmnsusbser)
DRV:
64bit: - [2010/06/02 02:50:28 | 006,857,728 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:
64bit: - [2010/06/02 01:42:48 | 000,264,192 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:
64bit: - [2010/05/06 09:21:46 | 000,125,456 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV:
64bit: - [2010/03/17 17:44:44 | 000,301,104 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:
64bit: - [2010/03/17 17:41:48 | 000,325,152 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:
64bit: - [2010/03/17 17:33:06 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64)
DRV:
64bit: - [2010/03/17 17:29:52 | 000,232,480 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV:
64bit: - [2010/03/17 17:27:14 | 000,505,856 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\stwrt64.sys -- (STHDA)
DRV:
64bit: - [2010/02/03 02:13:08 | 000,022,520 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\bcm42rly.sys -- (BCM42RLY)
DRV:
64bit: - [2010/02/03 02:13:08 | 000,020,984 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\bcmvwl64.sys -- (BcmVWL)
DRV:
64bit: - [2010/02/03 02:13:06 | 003,058,168 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
DRV:
64bit: - [2009/12/30 11:21:26 | 000,031,800 | ---- | M] (VS Revo Group) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\revoflt.sys -- (Revoflt)
DRV:
64bit: - [2009/12/17 11:42:08 | 000,538,136 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:
64bit: - [2009/11/02 13:48:02 | 000,013,784 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\TurboB.sys -- (TurboB)
DRV:
64bit: - [2009/07/13 21:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:
64bit: - [2009/07/13 21:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:
64bit: - [2009/07/13 21:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:
64bit: - [2009/07/13 20:10:47 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rootmdm.sys -- (ROOTMODEM)
DRV:
64bit: - [2009/07/09 04:00:00 | 000,055,280 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:
64bit: - [2009/07/03 02:26:34 | 000,132,648 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt)
DRV:
64bit: - [2009/07/03 02:26:34 | 000,098,344 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio)
DRV:
64bit: - [2009/07/03 02:26:34 | 000,035,104 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwl2cap.sys -- (btwl2cap)
DRV:
64bit: - [2009/07/03 02:26:34 | 000,021,160 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwrchid.sys -- (btwrchid)
DRV:
64bit: - [2009/06/15 14:06:42 | 000,172,704 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CtClsFlt.sys -- (CtClsFlt)
DRV:
64bit: - [2009/06/10 16:37:05 | 006,108,416 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:
64bit: - [2009/06/10 16:35:33 | 000,389,120 | ---- | M] (Marvell) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\yk62x64.sys -- (yukonw7)
DRV:
64bit: - [2009/06/10 16:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:
64bit: - [2009/06/10 16:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:
64bit: - [2009/06/10 16:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:
64bit: - [2009/06/10 16:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:
64bit: - [2008/08/28 03:44:42 | 000,025,600 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pccsmcfdx64.sys -- (pccsmcfd)
DRV:
64bit: - [2006/11/01 13:51:00 | 000,151,656 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr)
DRV - [2009/07/13 21:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:
64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:
64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" =
http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://www.yahoo.com
IE - HKLM\..\SearchScopes,DefaultScope = {006ee092-9658-4fd6-bd8e-a21a348e59f5}
IE - HKLM\..\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}: "URL" =
http://feed.snap.do/?publisher=Down...fbf-a964b82b70d9&searchtype=ds&q={searchTerms}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" =
http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-4092166746-846261767-1355132555-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-4092166746-846261767-1355132555-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://www.google.com/
IE - HKU\S-1-5-21-4092166746-846261767-1355132555-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL =
http://feed.snap.do/?publisher=Down...fbf-a964b82b70d9&searchtype=ds&q={searchTerms}
IE - HKU\S-1-5-21-4092166746-846261767-1355132555-1000\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =
http://feed.snap.do/?publisher=Down...fbf-a964b82b70d9&searchtype=ds&q={searchTerms}
IE - HKU\S-1-5-21-4092166746-846261767-1355132555-1000\..\SearchScopes,DefaultScope = {95B7759C-8C7F-4BF1-B163-73684A933233}
IE - HKU\S-1-5-21-4092166746-846261767-1355132555-1000\..\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}: "URL" =
http://feed.snap.do/?publisher=Down...fbf-a964b82b70d9&searchtype=ds&q={searchTerms}
IE - HKU\S-1-5-21-4092166746-846261767-1355132555-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" =
http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-4092166746-846261767-1355132555-1000\..\SearchScopes\{07609084-5AA3-44F8-9F14-1ABA2E5E2108}: "URL" =
http://www.flickr.com/search/?q={searchTerms}
IE - HKU\S-1-5-21-4092166746-846261767-1355132555-1000\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" =
http://search.babylon.com/web/{sear...01385&mntrId=7c4e86d40000000000005cac4cd46d2d
IE - HKU\S-1-5-21-4092166746-846261767-1355132555-1000\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" =
https://isearch.avg.com/search?cid=...f4654d424&lang=en&ds=ga011&pr=sa&d=2012-10-02 20:08:57&v=12.2.5.34&sap=dsp&q={searchTerms}
IE - HKU\S-1-5-21-4092166746-846261767-1355132555-1000\..\SearchScopes\{B1B45648-4D3B-4892-B87A-E16BAAA47DC6}: "URL" =
http://websearch.ask.com/redirect?c...pn_sauid=3E9AE255-F011-47E0-9588-E24D77287976
IE - HKU\S-1-5-21-4092166746-846261767-1355132555-1000\..\SearchScopes\{BE80BD07-3B92-4DE9-A61A-2F9800DB8F39}: "URL" =
http://delicious.com/search?p={searchTerms}
IE - HKU\S-1-5-21-4092166746-846261767-1355132555-1000\..\SearchScopes\{DECA3892-BA8F-44b8-A993-A466AD694AE4}: "URL" =
http://search.yahoo.com/search?p={searchTerms}
IE - HKU\S-1-5-21-4092166746-846261767-1355132555-1000\..\SearchScopes\{E50B49E1-FBEA-423B-8C6E-C56F75BC2062}: "URL" =
http://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=chr-yie9
IE - HKU\S-1-5-21-4092166746-846261767-1355132555-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "AVG Secure Search"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "AVG Secure Search"
FF - prefs.js..browser.startup.homepage: "
http://www.google.com/"
FF - prefs.js..extensions.enabledAddons:
tebnrakxyt@tebnrakxyt.org:1.0
FF - prefs.js..extensions.enabledAddons:
plugin@yontoo.com:1.20.00
FF - prefs.js..extensions.enabledAddons:
bbrs_002@blabbers.com:1.0.5
FF - prefs.js..extensions.enabledItems:
helperbar@helperbar.com:1.0
FF - prefs.js..extensions.enabledItems: {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}:5.6.0.8153
FF - prefs.js..extensions.enabledItems:
ffxtlbr@babylon.com:1.1.9
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA}:6.0.27
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}:6.0.29
FF - prefs.js..keyword.URL: "
https://isearch.avg.com/search?cid=...2.5.32&lang=&pr=&d=2012-09-8 13:1:43&sap=ku&q="
FF:
64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_4_402_278.dll File not found
FF:
64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:
64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_278.dll ()
FF - HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\12.2.6\\npsitesafety.dll ()
FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf: C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@rim.com/npappworld: C:\Program Files (x86)\Research In Motion Limited\BlackBerry App World Browser Plugin\npappworld.dll ()
FF - HKLM\Software\MozillaPlugins\@RIM.com/WebSLLauncher,version=1.0: C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll ()
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\Swetha\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\Swetha\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Swetha\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Swetha\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\avg@toolbar: C:\ProgramData\AVG Secure Search\12.2.5.34\ [2012/10/02 20:09:04 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011/12/16 06:50:31 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/09/12 12:14:56 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\SeaMonkey\Extensions\\mozilla_cc@internetdownloadmanager.com: C:\Users\Swetha\AppData\Roaming\IDM\idmmzcc5
[2011/07/13 08:51:12 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Swetha\AppData\Roaming\Mozilla\Extensions
[2012/10/01 18:20:47 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Swetha\AppData\Roaming\Mozilla\Firefox\Profiles\i0ufshml.default\extensions
[2012/02/08 10:09:22 | 000,000,000 | ---D | M] (Browser Companion Helper) -- C:\Users\Swetha\AppData\Roaming\Mozilla\Firefox\Profiles\i0ufshml.default\extensions\bbrs_002@blabbers.com
[2012/10/01 18:19:09 | 000,000,000 | ---D | M] (Yontoo) -- C:\Users\Swetha\AppData\Roaming\Mozilla\Firefox\Profiles\i0ufshml.default\extensions\plugin@yontoo.com
[2012/09/12 12:25:59 | 000,000,000 | ---D | M] (Ask Toolbar) -- C:\Users\Swetha\AppData\Roaming\Mozilla\Firefox\Profiles\i0ufshml.default\extensions\toolbar@ask.com
[1832/11/29 00:37:17 | 000,002,095 | ---- | M] () (No name found) -- C:\Users\Swetha\AppData\Roaming\Mozilla\Firefox\Profiles\i0ufshml.default\extensions\tebnrakxyt@tebnrakxyt.org.xpi
[2012/09/08 21:34:37 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Swetha\AppData\Roaming\Mozilla\Firefox\Profiles\i0ufshml.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\0324adea3b6ec02af09ea4ae9424591b_expire
[2012/04/08 01:53:08 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Swetha\AppData\Roaming\Mozilla\Firefox\Profiles\i0ufshml.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\119c19a856ccb1369a8aa3721faaf2b1_expire
[2012/08/08 18:58:15 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Swetha\AppData\Roaming\Mozilla\Firefox\Profiles\i0ufshml.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\21f0428a26d427df5855a0bc90045021_expire
[2012/10/02 19:06:09 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Swetha\AppData\Roaming\Mozilla\Firefox\Profiles\i0ufshml.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\292124057d00cb0fa73db6b90d079658_expire
[2012/08/09 23:12:38 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Swetha\AppData\Roaming\Mozilla\Firefox\Profiles\i0ufshml.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\2e74403c227112bec523796d5a77d77e_expire
[2012/10/02 19:06:11 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Swetha\AppData\Roaming\Mozilla\Firefox\Profiles\i0ufshml.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\4139ce40922185449b5f6d4af90a225c_expire
[2012/10/01 16:59:45 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Swetha\AppData\Roaming\Mozilla\Firefox\Profiles\i0ufshml.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\4d3d10bd28ff623813254a49b26be41f_expire
[2012/10/02 19:06:12 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Swetha\AppData\Roaming\Mozilla\Firefox\Profiles\i0ufshml.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\584f65cffc1c4cd51141560ecca30687_expire
[2012/10/02 19:06:12 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Swetha\AppData\Roaming\Mozilla\Firefox\Profiles\i0ufshml.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\5c7f22b4f7a8d093c6ce6ede7682b4e9_expire
[2012/08/09 23:12:38 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Swetha\AppData\Roaming\Mozilla\Firefox\Profiles\i0ufshml.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\5d8b44209964515b959812929b2723b4_expire
[2012/09/08 21:34:42 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Swetha\AppData\Roaming\Mozilla\Firefox\Profiles\i0ufshml.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\604b9862af4f41da5f4a8aaea35075ba_expire
[2012/07/18 19:39:34 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Swetha\AppData\Roaming\Mozilla\Firefox\Profiles\i0ufshml.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\7acafe2d3e4c14a116bde4e028813ba7_expire
[2012/10/02 19:06:15 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Swetha\AppData\Roaming\Mozilla\Firefox\Profiles\i0ufshml.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\859b48ccb0344069fb329b6d72940a6e_expire
[2012/10/02 19:06:17 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Swetha\AppData\Roaming\Mozilla\Firefox\Profiles\i0ufshml.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\aab49e4b8b0adea3507d92e81077f14c_expire
[2012/07/18 19:39:34 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Swetha\AppData\Roaming\Mozilla\Firefox\Profiles\i0ufshml.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\bd46a3b5782552a37d64c1b7a7fda6db_expire
[2012/05/24 12:50:25 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Swetha\AppData\Roaming\Mozilla\Firefox\Profiles\i0ufshml.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\c4b81def0d6f6df7de175c63fe2cbbd9_expire
[2012/10/02 19:06:16 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Swetha\AppData\Roaming\Mozilla\Firefox\Profiles\i0ufshml.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\d34813b44bcc8a441d4d2ab95f401f5c_expire
[2012/08/09 23:12:35 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Swetha\AppData\Roaming\Mozilla\Firefox\Profiles\i0ufshml.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\dc6668d28979688b1e2066d1dcaef0f6_expire
[2012/09/17 21:03:37 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Swetha\AppData\Roaming\Mozilla\Firefox\Profiles\i0ufshml.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\e02b35320e5111f1b626466c13c70a0a_expire
[2012/10/02 19:06:10 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Swetha\AppData\Roaming\Mozilla\Firefox\Profiles\i0ufshml.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\e394b97e9118a3153bf352ead025fa2e_expire
[2012/10/02 19:06:14 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Swetha\AppData\Roaming\Mozilla\Firefox\Profiles\i0ufshml.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\e919434ec29526b28593c426e4264271_expire
[2012/10/02 19:06:17 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Swetha\AppData\Roaming\Mozilla\Firefox\Profiles\i0ufshml.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\eb91756ae6745d22433f80be4ec59445_expire
[2012/10/02 19:06:18 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Swetha\AppData\Roaming\Mozilla\Firefox\Profiles\i0ufshml.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\ece71b71690fad200cbed95871ef4bb2_expire
[2012/09/17 21:03:37 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Swetha\AppData\Roaming\Mozilla\Firefox\Profiles\i0ufshml.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\ed1844c0c7b217c8c77395dab9059105_expire
[2012/10/02 19:06:14 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Swetha\AppData\Roaming\Mozilla\Firefox\Profiles\i0ufshml.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\f03527c67e08602d2e4c18ae7867300d_expire
[2012/10/02 19:06:18 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Swetha\AppData\Roaming\Mozilla\Firefox\Profiles\i0ufshml.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\f25f61a6c9e06e1cf75fec86b6bc6d85_expire
[2012/10/01 16:59:45 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Swetha\AppData\Roaming\Mozilla\Firefox\Profiles\i0ufshml.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\fa74672918974682c82b8d91dfbe0d6b_expire
[2012/10/01 16:59:45 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Swetha\AppData\Roaming\Mozilla\Firefox\Profiles\i0ufshml.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\ff4d692d5e7cccbc4b3e9ef4062b1c6f_expire
[2012/09/12 12:25:59 | 000,002,299 | ---- | M] () -- C:\Users\Swetha\AppData\Roaming\Mozilla\Firefox\Profiles\i0ufshml.default\searchplugins\askcom.xml
[2012/10/01 18:20:03 | 000,002,385 | ---- | M] () -- C:\Users\Swetha\AppData\Roaming\Mozilla\Firefox\Profiles\i0ufshml.default\searchplugins\Web Search.xml
[2012/09/12 12:14:01 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2011/09/06 20:58:44 | 000,000,000 | ---D | M] (Click to call with Skype) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2011/09/14 20:38:14 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA}
[2011/11/21 00:04:51 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012/10/02 20:08:46 | 000,003,752 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\avg-secure-search.xml
[2012/02/08 10:08:59 | 000,002,288 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml
[2011/11/20 21:04:05 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2011/11/20 21:04:05 | 000,002,040 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml
========== Chrome ==========
CHR - homepage:
http://www.google.com
CHR - homepage:
http://www.google.com
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\22.0.1229.79\PepperFlash\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_278.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\22.0.1229.79\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\22.0.1229.79\pdf.dll
CHR - plugin: Skype Toolbars (Enabled) = C:\Users\Swetha\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.6.0.8153_0\npSkypeChromePlugin.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: 2007 Microsoft Office system (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\NPOFF12.DLL
CHR - plugin: Google Talk Plugin (Enabled) = C:\Users\Swetha\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
CHR - plugin: Google Talk Plugin Video Accelerator (Enabled) = C:\Users\Swetha\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll
CHR - plugin: AVG SiteSafety plugin (Enabled) = C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\12.2.6\\npsitesafety.dll
CHR - plugin: RIM Handheld Application Loader (Enabled) = C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll
CHR - plugin: Foxit Reader Plugin for Mozilla (Enabled) = C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll
CHR - plugin: Java(TM) Platform SE 7 U7 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: Java Deployment Toolkit 7.0.70.11 (Enabled) = C:\Windows\SysWOW64\npDeployJava1.dll
CHR - plugin: BlackBerry AppWorld (Enabled) = C:\Program Files (x86)\Research In Motion Limited\BlackBerry App World Browser Plugin\npappworld.dll
CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll
CHR - Extension: YouTube = C:\Users\Swetha\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google Search = C:\Users\Swetha\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: Click to call with Skype = C:\Users\Swetha\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.6.0.8153_0\
CHR - Extension: AVG Secure Search = C:\Users\Swetha\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\12.2.5.34_0\
CHR - Extension: Giant Savings = C:\Users\Swetha\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndkhncnongaclekkbelchmeafffimifj\1.18.13_0\crossrider
CHR - Extension: Giant Savings = C:\Users\Swetha\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndkhncnongaclekkbelchmeafffimifj\1.18.13_0\
CHR - Extension: Gmail = C:\Users\Swetha\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
O1 HOSTS File: ([2012/10/01 19:12:36 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\12.2.5.34\AVG Secure Search_toolbar.dll ()
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3:
64bit: - HKLM\..\Toolbar: (no name) - {ae07101b-46d4-4a98-af68-0333ea26e113} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\12.2.5.34\AVG Secure Search_toolbar.dll ()
O3 - HKLM\..\Toolbar: (no name) - {ae07101b-46d4-4a98-af68-0333ea26e113} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKU\S-1-5-21-4092166746-846261767-1355132555-1000\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O4:
64bit: - HKLM..\Run: [Broadcom Wireless Manager UI] C:\Program Files\Dell\DW WLAN Card\WLTRAY.EXE (Dell Inc.)
O4:
64bit: - HKLM..\Run: [IntelliPoint] c:\Program Files\Microsoft IntelliPoint\ipoint.exe (Microsoft Corporation)
O4:
64bit: - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4:
64bit: - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
O4 - HKLM..\Run: [ApnUpdater] C:\Program Files (x86)\Ask.com\Updater\Updater.exe (Ask)
O4 - HKLM..\Run: [DellSupportCenter] C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe (SupportSoft, Inc.)
O4 - HKLM..\Run: [Desktop Disc Tool] C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe ()
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [RIMBBLaunchAgent.exe] C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe (Research In Motion Limited)
O4 - HKLM..\Run: [ROC_ROC_JULY_P1] "C:\Program Files (x86)\AVG Secure Search\ROC_ROC_JULY_P1.exe" / /PROMPT /CMPID=ROC_JULY_P1 File not found
O4 - HKLM..\Run: [ROC_ROC_NT] C:\Program Files (x86)\AVG Secure Search\ROC_ROC_NT.exe ()
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [vProt] C:\Program Files (x86)\AVG Secure Search\vprot.exe ()
O4 - HKU\S-1-5-21-4092166746-846261767-1355132555-1000..\Run: [GoogleDriveSync] C:\Program Files (x86)\Google\Drive\googledrivesync.exe (Google)
O4 - HKU\S-1-5-21-4092166746-846261767-1355132555-1000..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited)
O4 - HKLM..\RunOnce: [Launcher] C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\Launcher.exe (Softthinks)
O4 - Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk = File not found
O4 - Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk = File not found
O4 - Startup: C:\Users\Swetha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk = File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Recovery present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Recovery present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Recovery present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Recovery present
O7 - HKU\S-1-5-21-4092166746-846261767-1355132555-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-4092166746-846261767-1355132555-1000\Software\Policies\Microsoft\Internet Explorer\Recovery present
O7 - HKU\S-1-5-21-4092166746-846261767-1355132555-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9:
64bit: - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:
64bit: - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Click to call with Skype - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Click to call with Skype - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O16:
64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93}
http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16:
64bit: - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16:
64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Reg Error: Unable to open value key)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 209.18.47.61 209.18.47.62
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{37D6762A-964F-4668-84BB-B78A81B83E93}: DhcpNameServer = 192.168.0.1 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{50ED0B71-249A-4BC3-A802-30B90DC00184}: DhcpNameServer = 209.18.47.61 209.18.47.62
O18:
64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:
64bit: - Protocol\Handler\livecall - No CLSID value found
O18:
64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:
64bit: - Protocol\Handler\ms-itss - No CLSID value found
O18:
64bit: - Protocol\Handler\msnim - No CLSID value found
O18:
64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:
64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18:
64bit: - Protocol\Handler\viprotocol - No CLSID value found
O18:
64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\12.2.6\ViProtocol.dll ()
O20:
64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:
64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008/12/15 03:01:46 | 000,000,113 | ---- | M] () - E:\Autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2009/09/23 21:08:04 | 000,001,050 | -HS- | M] () - Y:\AUTOEXEC.bat -- [ FAT ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35:
64bit: - HKLM\..comfile [open] -- "%1" %*
O35:
64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:
64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:
64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2012/10/03 10:24:54 | 000,600,064 | ---- | C] (OldTimer Tools) -- C:\Users\Swetha\Desktop\OTL.exe
[2012/10/03 10:21:19 | 000,000,000 | ---D | C] -- C:\Users\Swetha\Desktop\RK_Quarantine
[2012/10/03 10:02:46 | 000,000,000 | ---D | C] -- C:\Users\Swetha\AppData\Local\MigWiz
[2012/10/02 20:21:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2012/10/02 20:09:06 | 000,000,000 | ---D | C] -- C:\Users\Swetha\AppData\Local\AVG Secure Search
[2012/10/02 20:09:04 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG Secure Search
[2012/10/02 20:08:54 | 000,031,080 | ---- | C] (AVG Technologies) -- C:\Windows\SysNative\drivers\avgtpx64.sys
[2012/10/02 20:08:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\AVG Secure Search
[2012/10/02 20:08:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AVG Secure Search
[2012/10/02 19:51:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Belarc
[2012/10/02 15:27:28 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2012/10/02 15:16:09 | 000,000,000 | ---D | C] -- C:\ComboFix
[2012/10/01 18:19:24 | 000,000,000 | ---D | C] -- C:\Users\Swetha\AppData\Local\Smartbar
[2012/10/01 18:19:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Yontoo
[2012/10/01 18:19:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Tarma Installer
[2012/10/01 18:12:45 | 000,000,000 | ---D | C] -- C:\Users\Swetha\AppData\Local\Macromedia
[2012/10/01 12:02:04 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2012/10/01 12:02:04 | 000,162,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2012/10/01 12:02:04 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2012/10/01 12:02:04 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll
[2012/10/01 12:02:04 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2012/10/01 12:02:04 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2012/10/01 12:02:03 | 003,695,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat
[2012/10/01 12:02:03 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2012/10/01 12:02:03 | 000,434,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2012/10/01 12:02:03 | 000,367,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2012/10/01 12:02:03 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2012/10/01 12:02:03 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2012/10/01 12:02:03 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe
[2012/10/01 12:02:03 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe
[2012/10/01 12:02:03 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakeng.dll
[2012/10/01 12:02:03 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2012/10/01 12:02:03 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll
[2012/10/01 12:02:03 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe
[2012/10/01 12:02:03 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2012/10/01 12:02:03 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ie4uinit.exe
[2012/10/01 12:02:03 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2012/10/01 12:02:03 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll
[2012/10/01 12:02:03 | 000,063,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx
[2012/10/01 12:02:03 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll
[2012/10/01 12:02:03 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll
[2012/10/01 12:02:03 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2012/10/01 12:02:03 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2012/10/01 12:02:02 | 002,312,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2012/10/01 12:02:02 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2012/10/01 12:02:02 | 000,267,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieaksie.dll
[2012/10/01 12:02:02 | 000,227,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieaksie.dll
[2012/10/01 12:02:02 | 000,222,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll
[2012/10/01 12:02:02 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2012/10/01 12:02:02 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2012/10/01 12:02:02 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakui.dll
[2012/10/01 12:02:02 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieakui.dll
[2012/10/01 12:02:02 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2012/10/01 12:02:02 | 000,145,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2012/10/01 12:02:02 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2012/10/01 12:02:02 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2012/10/01 12:02:02 | 000,114,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\admparse.dll
[2012/10/01 12:02:02 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\admparse.dll
[2012/10/01 12:02:02 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2012/10/01 12:02:02 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll
[2012/10/01 12:02:02 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll
[2012/10/01 12:02:02 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe
[2012/10/01 12:02:01 | 003,695,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat
[2012/10/01 12:02:01 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2012/10/01 12:02:01 | 000,729,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2012/10/01 12:02:01 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2012/10/01 12:02:01 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2012/10/01 12:02:01 | 000,452,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2012/10/01 12:02:01 | 000,448,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2012/10/01 12:02:01 | 000,282,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2012/10/01 12:02:01 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2012/10/01 12:02:01 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2012/10/01 12:02:01 | 000,165,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe
[2012/10/01 12:02:01 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe
[2012/10/01 12:02:01 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieakeng.dll
[2012/10/01 12:02:01 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll
[2012/10/01 12:02:01 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2012/10/01 12:02:01 | 000,103,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll
[2012/10/01 12:02:01 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2012/10/01 12:02:01 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe
[2012/10/01 12:02:01 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2012/10/01 12:02:01 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2012/10/01 12:02:01 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll
[2012/10/01 12:02:01 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx
[2012/10/01 12:02:01 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll
[2012/10/01 12:02:01 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2012/10/01 12:02:01 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2012/10/01 12:02:01 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2012/09/30 20:54:28 | 000,696,240 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012/09/30 20:54:20 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Macromed
[2012/09/30 19:54:16 | 000,000,000 | ---D | C] -- C:\Windows\pss
[2012/09/30 19:23:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
[2012/09/30 19:23:15 | 000,000,000 | ---D | C] -- C:\Users\Swetha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
[2012/09/29 10:25:22 | 000,000,000 | --SD | C] -- C:\Users\Swetha\Google Drive
[2012/09/29 10:24:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
[2012/09/26 11:05:49 | 000,245,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\OxpsConverter.exe
[2012/09/23 13:01:33 | 000,000,000 | ---D | C] -- C:\Users\Swetha\saber_libs
[2012/09/23 13:01:25 | 000,000,000 | -H-D | C] -- C:\Users\Swetha\.saberrds
[2012/09/23 12:55:10 | 000,000,000 | -H-D | C] -- C:\Users\Swetha\saberdesigner
[2012/09/23 12:49:18 | 000,000,000 | ---D | C] -- C:\Synopsys
[2012/09/17 21:00:53 | 000,000,000 | ---D | C] -- C:\Users\Swetha\AppData\Local\Synopsys,_Inc
[2012/09/17 20:55:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Synopsys
[2012/09/17 20:49:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Business Objects
[2012/09/12 12:25:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ask.com
[2012/09/12 12:15:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Ask
[2012/09/12 12:15:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2012/09/12 12:14:56 | 000,821,736 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\npDeployJava1.dll
[2012/09/12 12:14:56 | 000,246,760 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2012/09/12 12:14:40 | 000,174,056 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2012/09/12 12:14:40 | 000,174,056 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2012/09/12 12:14:40 | 000,095,208 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2012/09/12 12:14:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java
[2012/09/12 10:52:54 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\RNDISMP.sys
[2012/09/12 10:52:53 | 000,574,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10level9.dll
[2012/09/12 10:52:53 | 000,376,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\netio.sys
[2012/09/12 10:52:53 | 000,288,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\FWPKCLNT.SYS
[2012/09/11 19:09:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy
[2012/09/11 19:09:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy
[2012/09/10 20:13:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012/09/10 20:13:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012/09/10 15:22:18 | 000,000,000 | ---D | C] -- C:\Users\Swetha\AppData\Roaming\Yahoo!
[2012/09/10 12:04:30 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2012/09/10 11:58:59 | 000,000,000 | ---D | C] -- C:\Windows\Sun
[2012/09/10 10:56:38 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2012/09/10 10:56:38 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2012/09/10 10:56:38 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2012/09/10 10:35:09 | 000,000,000 | ---D | C] -- C:\Qoobox
[2012/09/10 10:34:09 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2012/09/10 10:33:52 | 000,000,000 | ---D | C] -- C:\Users\Swetha\Desktop\Anti Virus
[2012/09/08 20:24:41 | 000,000,000 | ---D | C] -- C:\found.000
[2012/09/08 11:57:09 | 000,000,000 | ---D | C] -- C:\Users\Swetha\AppData\Roaming\Malwarebytes
[2012/09/08 11:56:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012/09/08 11:40:06 | 000,000,000 | ---D | C] -- C:\Users\Swetha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\File Recovery
[2012/09/04 13:51:24 | 000,000,000 | ---D | C] -- C:\Users\Swetha\Desktop\Restore
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2012/10/03 10:24:54 | 000,600,064 | ---- | M] (OldTimer Tools) -- C:\Users\Swetha\Desktop\OTL.exe
[2012/10/03 10:23:08 | 001,422,336 | ---- | M] () -- C:\Users\Swetha\Desktop\RogueKiller.exe
[2012/10/03 10:11:01 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/10/03 10:06:33 | 000,726,444 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/10/03 10:06:33 | 000,624,412 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/10/03 10:06:33 | 000,106,756 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/10/03 10:03:50 | 000,013,872 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/10/03 10:03:50 | 000,013,872 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/10/03 09:56:47 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/10/03 09:56:23 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/10/03 09:56:13 | 428,781,567 | -HS- | M] () -- C:\hiberfil.sys
[2012/10/02 23:42:01 | 000,000,912 | -H-- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4092166746-846261767-1355132555-1000UA.job
[2012/10/02 23:40:01 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/10/02 21:21:07 | 3224,686,592 | ---- | M] () -- C:\Users\Swetha\Desktop\X15-65733.iso
[2012/10/02 20:21:12 | 000,002,291 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2012/10/02 20:21:12 | 000,002,275 | ---- | M] () -- C:\Users\Swetha\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2012/10/02 20:08:54 | 000,031,080 | ---- | M] (AVG Technologies) -- C:\Windows\SysNative\drivers\avgtpx64.sys
[2012/10/01 19:12:36 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2012/10/01 17:04:57 | 000,696,240 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012/10/01 17:04:57 | 000,073,136 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012/10/01 12:02:04 | 000,717,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2012/10/01 12:02:04 | 000,162,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2012/10/01 12:02:04 | 000,118,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2012/10/01 12:02:04 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll
[2012/10/01 12:02:04 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2012/10/01 12:02:04 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2012/10/01 12:02:03 | 003,695,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat
[2012/10/01 12:02:03 | 001,427,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2012/10/01 12:02:03 | 000,434,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2012/10/01 12:02:03 | 000,367,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2012/10/01 12:02:03 | 000,231,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2012/10/01 12:02:03 | 000,176,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2012/10/01 12:02:03 | 000,152,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe
[2012/10/01 12:02:03 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe
[2012/10/01 12:02:03 | 000,130,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakeng.dll
[2012/10/01 12:02:03 | 000,086,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2012/10/01 12:02:03 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll
[2012/10/01 12:02:03 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe
[2012/10/01 12:02:03 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2012/10/01 12:02:03 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ie4uinit.exe
[2012/10/01 12:02:03 | 000,073,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2012/10/01 12:02:03 | 000,072,822 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf
[2012/10/01 12:02:03 | 000,066,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll
[2012/10/01 12:02:03 | 000,063,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx
[2012/10/01 12:02:03 | 000,054,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll
[2012/10/01 12:02:03 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll
[2012/10/01 12:02:03 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2012/10/01 12:02:03 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2012/10/01 12:02:02 | 002,312,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2012/10/01 12:02:02 | 000,816,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2012/10/01 12:02:02 | 000,267,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieaksie.dll
[2012/10/01 12:02:02 | 000,227,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieaksie.dll
[2012/10/01 12:02:02 | 000,222,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll
[2012/10/01 12:02:02 | 000,197,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2012/10/01 12:02:02 | 000,173,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2012/10/01 12:02:02 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakui.dll
[2012/10/01 12:02:02 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieakui.dll
[2012/10/01 12:02:02 | 000,149,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2012/10/01 12:02:02 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2012/10/01 12:02:02 | 000,142,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2012/10/01 12:02:02 | 000,123,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2012/10/01 12:02:02 | 000,114,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\admparse.dll
[2012/10/01 12:02:02 | 000,101,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\admparse.dll
[2012/10/01 12:02:02 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2012/10/01 12:02:02 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll
[2012/10/01 12:02:02 | 000,049,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll
[2012/10/01 12:02:02 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe
[2012/10/01 12:02:01 | 003,695,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat
[2012/10/01 12:02:01 | 001,494,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2012/10/01 12:02:01 | 000,729,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2012/10/01 12:02:01 | 000,599,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2012/10/01 12:02:01 | 000,534,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2012/10/01 12:02:01 | 000,452,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2012/10/01 12:02:01 | 000,448,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2012/10/01 12:02:01 | 000,282,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2012/10/01 12:02:01 | 000,248,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2012/10/01 12:02:01 | 000,237,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2012/10/01 12:02:01 | 000,165,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe
[2012/10/01 12:02:01 | 000,160,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe
[2012/10/01 12:02:01 | 000,160,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieakeng.dll
[2012/10/01 12:02:01 | 000,135,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll
[2012/10/01 12:02:01 | 000,111,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2012/10/01 12:02:01 | 000,103,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll
[2012/10/01 12:02:01 | 000,096,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2012/10/01 12:02:01 | 000,091,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe
[2012/10/01 12:02:01 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2012/10/01 12:02:01 | 000,085,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2012/10/01 12:02:01 | 000,082,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll
[2012/10/01 12:02:01 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx
[2012/10/01 12:02:01 | 000,072,822 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf
[2012/10/01 12:02:01 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll
[2012/10/01 12:02:01 | 000,039,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2012/10/01 12:02:01 | 000,030,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2012/10/01 12:02:01 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2012/09/29 12:02:07 | 000,001,945 | ---- | M] () -- C:\Windows\epplauncher.mif
[2012/09/29 10:25:23 | 000,001,701 | ---- | M] () -- C:\Users\Swetha\Desktop\Google Drive.lnk
[2012/09/29 09:47:57 | 000,000,410 | ---- | M] () -- C:\Windows\BRWMARK.INI
[2012/09/29 09:47:57 | 000,000,034 | ---- | M] () -- C:\Windows\SysWow64\BD2140.DAT
[2012/09/26 12:42:05 | 000,000,860 | -H-- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4092166746-846261767-1355132555-1000Core.job
[2012/09/22 14:46:39 | 000,001,260 | ---- | M] () -- C:\Users\Swetha\Desktop\Spybot - Search & Destroy.lnk
[2012/09/18 07:50:16 | 000,445,040 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012/09/12 12:14:28 | 000,095,208 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2012/09/12 12:14:26 | 000,821,736 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\npDeployJava1.dll
[2012/09/12 12:14:26 | 000,746,984 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\deployJava1.dll
[2012/09/12 12:14:26 | 000,246,760 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2012/09/12 12:14:26 | 000,174,056 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2012/09/12 12:14:26 | 000,174,056 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2012/09/10 20:13:45 | 000,001,111 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/09/08 21:50:14 | 000,000,112 | ---- | M] () -- C:\ProgramData\F557PAGw5.dat
[2012/09/08 21:31:16 | 000,000,001 | ---- | M] () -- C:\ProgramData\1EAWa143.exe_.b
[2012/09/08 21:31:16 | 000,000,001 | ---- | M] () -- C:\ProgramData\1EAWa143.exe.b
[2012/09/08 11:42:08 | 000,000,176 | -H-- | M] () -- C:\ProgramData\-pxONFJaCv1kwiXr
[2012/09/08 11:42:08 | 000,000,152 | -H-- | M] () -- C:\ProgramData\-pxONFJaCv1kwiX
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files Created - No Company Name ==========
[2012/10/03 10:23:08 | 001,422,336 | ---- | C] () -- C:\Users\Swetha\Desktop\RogueKiller.exe
[2012/10/02 20:37:10 | 3224,686,592 | ---- | C] () -- C:\Users\Swetha\Desktop\X15-65733.iso
[2012/10/02 20:21:12 | 000,002,291 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2012/10/02 20:21:12 | 000,002,275 | ---- | C] () -- C:\Users\Swetha\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2012/10/01 17:04:58 | 000,000,830 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/10/01 12:02:03 | 000,072,822 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf
[2012/10/01 12:02:01 | 000,072,822 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf
[2012/09/29 10:25:23 | 000,001,701 | ---- | C] () -- C:\Users\Swetha\Desktop\Google Drive.lnk
[2012/09/29 09:47:57 | 000,000,410 | ---- | C] () -- C:\Windows\BRWMARK.INI
[2012/09/29 09:47:57 | 000,000,034 | ---- | C] () -- C:\Windows\SysWow64\BD2140.DAT
[2012/09/17 17:01:24 | 001,929,484 | ---- | C] () -- C:\Users\Swetha\Desktop\DSC_5242 5x7.jpg
[2012/09/11 19:09:54 | 000,001,260 | ---- | C] () -- C:\Users\Swetha\Desktop\Spybot - Search & Destroy.lnk
[2012/09/10 20:13:45 | 000,001,111 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/09/10 14:19:14 | 000,445,040 | ---- | C] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012/09/10 11:19:48 | 000,001,079 | ---- | C] () -- C:\Users\Public\Desktop\Revo Uninstaller Pro.lnk
[2012/09/10 10:56:38 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2012/09/10 10:56:38 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2012/09/10 10:56:38 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2012/09/10 10:56:38 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2012/09/10 10:56:38 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2012/09/08 21:31:32 | 000,000,112 | ---- | C] () -- C:\ProgramData\F557PAGw5.dat
[2012/09/08 21:31:16 | 000,000,001 | ---- | C] () -- C:\ProgramData\1EAWa143.exe_.b
[2012/09/08 21:31:16 | 000,000,001 | ---- | C] () -- C:\ProgramData\1EAWa143.exe.b
[2012/09/08 13:17:05 | 000,002,233 | ---- | C] () -- C:\Users\Public\Desktop\BlackBerry Desktop Software.lnk
[2012/09/08 13:17:05 | 000,001,128 | ---- | C] () -- C:\Users\Public\Desktop\Foxit Reader 5.1.lnk
[2012/09/08 13:15:31 | 000,000,834 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
[2012/09/08 13:15:30 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader 9.lnk
[2012/09/08 13:15:30 | 000,002,010 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
[2012/09/08 13:15:30 | 000,001,547 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
[2012/09/08 13:15:30 | 000,001,352 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Anytime Upgrade.lnk
[2012/09/08 13:15:30 | 000,001,345 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
[2012/09/08 13:15:30 | 000,001,330 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sidebar.lnk
[2012/09/08 13:15:30 | 000,001,326 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
[2012/09/08 13:15:30 | 000,001,246 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XPS Viewer.lnk
[2012/09/08 13:15:30 | 000,001,210 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Fax and Scan.lnk
[2012/09/08 13:15:30 | 000,001,149 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Works Task Launcher.lnk
[2012/09/08 11:40:07 | 000,000,176 | -H-- | C] () -- C:\ProgramData\-pxONFJaCv1kwiXr
[2012/09/08 11:40:07 | 000,000,152 | -H-- | C] () -- C:\ProgramData\-pxONFJaCv1kwiX
[2012/04/26 14:45:10 | 000,003,584 | ---- | C] () -- C:\Users\Swetha\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/08/05 04:17:48 | 000,744,030 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011/07/13 08:42:18 | 000,135,168 | ---- | C] () -- C:\Windows\SysWow64\ChgService.exe
[2011/02/24 13:39:13 | 000,000,990 | -HS- | C] () -- C:\Users\Swetha\AppData\Roaming\systemfl.$dk
[2011/02/17 02:10:26 | 000,000,196 | ---- | C] () -- C:\Users\Swetha\AppData\Roaming\wklnhst.dat
========== ZeroAccess Check ==========
[2009/07/14 00:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012/06/09 01:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/09 00:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 21:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 08:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 21:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== Alternate Data Streams ==========
@Alternate Data Stream - 112 bytes -> C:\ProgramData\TEMP
1B5B4F1
< End of report >
******************************************
Extra.txt
OTL Extras logfile created on: 10/3/2012 10:26:39 AM - Run 1
OTL by OldTimer - Version 3.2.70.1 Folder = C:\Users\Swetha\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
5.87 Gb Total Physical Memory | 4.22 Gb Available Physical Memory | 71.89% Memory free
11.73 Gb Paging File | 9.83 Gb Available in Paging File | 83.81% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 581.41 Gb Total Space | 502.07 Gb Free Space | 86.35% Space Free | Partition Type: NTFS
Drive E: | 465.76 Gb Total Space | 369.11 Gb Free Space | 79.25% Space Free | Partition Type: NTFS
Drive Y: | 99.79 Mb Total Space | 89.97 Mb Free Space | 90.16% Space Free | Partition Type: FAT
Computer Name: SWETHA-PC | User Name: Swetha | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
[HKEY_USERS\S-1-5-21-4092166746-846261767-1355132555-1000\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Unable to open value key File not found
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Unable to open value key
htmlfile [edit] -- Reg Error: Unable to open value key
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Unable to open value key
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Unable to open value key
Unknown [openas] -- %SystemRoot%\SysWow64\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Unable to open value key
htmlfile [edit] -- Reg Error: Unable to open value key
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Unable to open value key
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Unable to open value key
Unknown [openas] -- %SystemRoot%\SysWow64\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
========== Firewall Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{028B1325-22DF-49B1-A34C-CC028A8EB04B}" = lport=4482 | protocol=6 | dir=in | name=blackberry desktop software wireless music sync data transfer |
"{0848E532-050E-474B-97C6-169F4DC46D46}" = lport=4482 | protocol=17 | dir=in | name=blackberry desktop software wireless music sync discovery |
"{11FE18AB-DA4C-46C2-B27C-E8A6108B1C74}" = lport=4481 | protocol=6 | dir=in | name=blackberry desktop software wireless music sync data transfer |
"{13566D1A-0304-46B9-9CE9-67ACA96E6DEE}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss |
name=@firewallapi.dll,-28539 |
"{13E248EE-B978-4A34-91C2-D06C23AB0273}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{1C06A8C9-0A85-47CD-8545-224B878C569A}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{225271AC-221F-43EC-AC47-668D9EE8DF93}" = lport=4481 | protocol=17 | dir=in | name=blackberry desktop software wireless music sync discovery |
"{6267FAF5-3F89-4252-A886-32FF62F4BCD4}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{665E684E-C09E-4DBC-9BA5-9E5FADA71F3F}" = lport=445 | protocol=6 | dir=in | app=system |
"{74656FE4-03AE-49BD-B658-A7C6B3F88FB7}" = lport=4481 | protocol=6 | dir=in | name=blackberry desktop software wireless music sync data transfer |
"{74E9A987-EC21-45DD-9F30-7226899EF3A0}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{7739FB82-97DA-41E5-8441-177976C9FA39}" = rport=10243 | protocol=6 | dir=out | app=system |
"{7F7D102F-01DA-4E58-8D45-32DEDC66D567}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{94FFE4E2-D571-482C-9792-FE3EC1C47286}" = rport=137 | protocol=17 | dir=out | app=system |
"{A3AD0E39-1953-4EA2-A16B-E4E6800D63A6}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{B2819579-ACD6-403B-8F34-5F9410535CA6}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\outlook.exe |
"{B7EC2D18-6B45-47F3-B1F2-D10CF7747719}" = rport=138 | protocol=17 | dir=out | app=system |
"{B96F32DA-4729-440B-8A34-8EF1FA9A5E41}" = lport=137 | protocol=17 | dir=in | app=system |
"{BAE0954D-4F60-44AF-8936-8C737D9E509F}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{BF6F5B14-B6FC-464A-9380-4CEE176384F2}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{C2466082-5715-449C-96A6-AC0D1D32CE3A}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{C614630F-4CB0-48D5-A02B-A37F3A03A295}" = lport=138 | protocol=17 | dir=in | app=system |
"{C97947E7-285F-4C28-8049-D400D119C79A}" = lport=4482 | protocol=17 | dir=in | name=blackberry desktop software wireless music sync discovery |
"{CBACDAAF-9361-4835-AF07-BD55769E8910}" = rport=445 | protocol=6 | dir=out | app=system |
"{CD9FBF40-A9CA-45A2-8338-7D66AFAF0360}" = lport=4481 | protocol=17 | dir=in | name=blackberry desktop software wireless music sync discovery |
"{CDE4ABE7-A748-4A52-946D-72BDFDE9C020}" = lport=139 | protocol=6 | dir=in | app=system |
"{D2CAB549-482B-418B-9AC3-42281889D9A5}" = lport=10243 | protocol=6 | dir=in | app=system |
"{D8C5AF4B-08A1-43E7-9AB5-A4990F6DB326}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{DCF9D0A6-2ABA-4E52-8560-810FD2A0E815}" = lport=2869 | protocol=6 | dir=in | app=system |
"{E0933FAA-9B8C-4925-80C2-A3725100599A}" = rport=139 | protocol=6 | dir=out | app=system |
"{EBDAFD13-DF23-44F4-BCD0-CC4870E75105}" = lport=2869 | protocol=6 | dir=in | app=system |
"{F610F94B-384F-4355-90D6-281E71E0A83F}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{FB4E31B0-3B7B-4F3D-A1A5-1C6AB4284028}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{FB5700DA-47FC-4FDA-BA4C-10152DF993BA}" = lport=4482 | protocol=6 | dir=in | name=blackberry desktop software wireless music sync data transfer |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{024AA537-FBE5-4FAF-985E-1DE5AE641B5B}" = dir=in | app=c:\program files (x86)\windows live\sync\windowslivesync.exe |
"{1BD783E8-12C1-4AC4-90AC-4266963754C4}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{260E2C7F-CD0D-4805-B165-3D206979D79A}" = protocol=58 | dir=in |
name=@firewallapi.dll,-28545 |
"{28F5282F-EA25-49FA-AEF2-B3666FD917BF}" = protocol=17 | dir=in | app=c:\program files (x86)\research in motion\blackberry desktop\rim.desktop.exe |
"{30E8B99C-324A-4581-902E-1F7D78ECB6FF}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{3F5CAAB3-71AC-4433-83FD-5141385D3769}" = protocol=6 | dir=in | app=c:\program files (x86)\yahoo!\messenger\yahoomessenger.exe |
"{3F5FC844-8D3F-4D61-8BD2-768CF0E29EB8}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{49FAC09D-1574-4DB2-9F0E-B31DE5D62D24}" = dir=in | app=c:\program files (x86)\windows live\messenger\wlcsdk.exe |
"{4F100382-A4AE-4D7E-9C0B-C8C6C613D1C2}" = protocol=6 | dir=out | app=system |
"{51DF87D4-AEEF-448F-B34E-9D382AEF3B13}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{5AE51F44-180A-4981-A3B5-FBB53D3DBEB0}" = protocol=6 | dir=in | app=c:\program files (x86)\research in motion\blackberry desktop\rim.desktop.exe |
"{5DC72B77-7D9F-46A1-9D5D-4D6BE757644A}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{6912A617-4F86-45F4-B1AD-25EA3EA1AEA9}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{86EE5BD0-92E6-49FF-883D-19872089852D}" = protocol=1 | dir=out |
name=@firewallapi.dll,-28544 |
"{8A32DE64-0596-4DC8-8C42-2278D130160F}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{8C9B6BE1-FD90-4F09-83FF-80809B7B8618}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{8F0E75F6-3966-4458-963A-F1AD213944C7}" = protocol=1 | dir=in |
name=@firewallapi.dll,-28543 |
"{9251416D-785C-47D3-A518-C8EA8C11CD70}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{9730D328-614E-4646-A02B-D7265348F8CB}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{A02BE594-B6DA-49BE-A551-B49E82936E4B}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{AACCEB56-871B-4BFE-8EC6-AE8821F1666B}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{B2496756-DFD5-428D-853A-59206459AD17}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{B86CC07A-F1F3-44DE-AEA2-8AC3B8D8F1CC}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{CE453E7E-CB81-4E28-AA19-BF365EDC3F9B}" = protocol=6 | dir=in | app=c:\program files (x86)\research in motion\blackberry desktop\rim.desktop.exe |
"{CF2DB384-E0BA-42FB-B885-B95D97FA0329}" = protocol=17 | dir=in | app=c:\program files (x86)\yahoo!\messenger\yahoomessenger.exe |
"{DEBBD566-B256-4D2C-91F3-A862630BD884}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{E606B019-8DEC-4FFA-B556-5240D7E9EE74}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{EDC40A0C-0B14-4864-B117-E804D8F851BA}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{F5028120-00FB-48DE-B7FF-24CFCDF65597}" = protocol=17 | dir=in | app=c:\program files (x86)\research in motion\blackberry desktop\rim.desktop.exe |
"{F5BB9BD8-6BED-4B09-8582-CC907DA17D85}" = protocol=58 | dir=out |
name=@firewallapi.dll,-28546 |
"{FCB04439-AD74-415B-A83A-3D175E97B384}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"TCP Query User{0CF680B8-5915-44CD-BA0F-85DE52F619B5}C:\synopsys\saberrd_studentedition\f-2011.09-patch2\saberrd\bin\saberrd.exe" = protocol=6 | dir=in | app=c:\synopsys\saberrd_studentedition\f-2011.09-patch2\saberrd\bin\saberrd.exe |
"TCP Query User{1E255F40-4A3A-4355-8E85-400FB417AFA6}E:\saber\f-2011.09-patch2\saberrd\bin\aimsh.exe" = protocol=6 | dir=in | app=e:\saber\f-2011.09-patch2\saberrd\bin\aimsh.exe |
"TCP Query User{525BE416-C190-4256-A42F-52B52B9AD1FF}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe |
"TCP Query User{5F9253E1-B457-4799-9662-040B865FF844}C:\synopsys\saberrd_studentedition\f-2011.09-patch2\saberrd\bin\aimsh.exe" = protocol=6 | dir=in | app=c:\synopsys\saberrd_studentedition\f-2011.09-patch2\saberrd\bin\aimsh.exe |
"TCP Query User{744DB83A-63B5-4049-9E28-995C6E7D7C69}C:\program files (x86)\microsoft office\office12\groove.exe" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"TCP Query User{79DE8DC6-50D8-47AB-8AF5-11CE68FE78C0}C:\program files (x86)\yahoo!\messenger\yahoomessenger.exe" = protocol=6 | dir=in | app=c:\program files (x86)\yahoo!\messenger\yahoomessenger.exe |
"TCP Query User{7B4C5A2A-F7F9-4776-BB22-787844020EED}E:\saber\f-2011.09-patch2\saberrd\bin\saberrd.exe" = protocol=6 | dir=in | app=e:\saber\f-2011.09-patch2\saberrd\bin\saberrd.exe |
"UDP Query User{4A670700-57FF-4876-BC4F-BAB9952BB830}C:\program files (x86)\yahoo!\messenger\yahoomessenger.exe" = protocol=17 | dir=in | app=c:\program files (x86)\yahoo!\messenger\yahoomessenger.exe |
"UDP Query User{7F753C69-68F5-484B-BCF5-68DC37124D07}C:\synopsys\saberrd_studentedition\f-2011.09-patch2\saberrd\bin\aimsh.exe" = protocol=17 | dir=in | app=c:\synopsys\saberrd_studentedition\f-2011.09-patch2\saberrd\bin\aimsh.exe |
"UDP Query User{8E53737F-ADD1-47C5-A857-D11340EC95D6}E:\saber\f-2011.09-patch2\saberrd\bin\saberrd.exe" = protocol=17 | dir=in | app=e:\saber\f-2011.09-patch2\saberrd\bin\saberrd.exe |
"UDP Query User{9DF25AC1-3EC8-47C5-A1AF-094DE231AF29}E:\saber\f-2011.09-patch2\saberrd\bin\aimsh.exe" = protocol=17 | dir=in | app=e:\saber\f-2011.09-patch2\saberrd\bin\aimsh.exe |
"UDP Query User{A238D807-86E9-4EE1-8AC1-D1112ED876C7}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe |
"UDP Query User{AD5EB1FF-62E4-466C-A968-71C8E1C122D2}C:\synopsys\saberrd_studentedition\f-2011.09-patch2\saberrd\bin\saberrd.exe" = protocol=17 | dir=in | app=c:\synopsys\saberrd_studentedition\f-2011.09-patch2\saberrd\bin\saberrd.exe |
"UDP Query User{F91B5C5A-BCC0-4D5A-BBDB-BA59057D51CF}C:\program files (x86)\microsoft office\office12\groove.exe" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{0B591597-EE32-F353-ECAA-FB4F58474691}" = ATI AVIVO64 Codecs
"{26A24AE4-039D-4CA4-87B4-2F86416020FF}" = Java(TM) 6 Update 20 (64-bit)
"{39F4C6F9-618A-4E5B-8FB2-6BD661174E32}" = Intel(R) Turbo Boost Technology Monitor
"{4617173B-0792-4FD7-AB2B-1D787BF2D459}" = MSVC90_x64
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{4D668D4F-FAA2-4726-834C-31F4614F312E}" = MSVC80_x64_v2
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{624C7F0A-89B2-4C49-9CAB-9D69613EC95A}" = Microsoft IntelliPoint 8.2
"{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1" = Revo Uninstaller Pro 2.5.7
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{87CF757E-C1F1-4D22-865C-00C6950B5258}" = Quickset64
"{889DF117-14D1-44EE-9F31-C5FB5D47F68B}" = Yontoo 1.10.02
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}" = Dell Edoc Viewer
"{8F59A8AC-1D7B-8578-38F7-8F5166FA8580}" = ccc-utility64
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007
"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}" = WIDCOMM Bluetooth Software
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{C73A3942-84C8-4597-9F9B-EE227DCBA758}" = Dell Dock
"{C78D3032-9DFD-41D0-9DE9-58EAE750CBA4}" = Microsoft Security Client
"{EF5745D9-C0A7-4D40-2900-AD093F232827}" = ATI Catalyst Install Manager
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"doPDF 7 printer_is1" = doPDF 7.2 printer
"DW WLAN Card Utility" = DW WLAN Card Utility
"FCEC33AD40CEA5E0FC4CEE6E42041A0DA189652D" = Windows Driver Package - Nokia pccsmcfd (08/22/2008 7.0.0.0)
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft IntelliPoint 8.2" = Microsoft IntelliPoint 8.2
"Microsoft Security Client" = Microsoft Security Essentials
"SaberRD_StudentEdition" = SaberRD Student Edition 2011.09-PATCH2
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"WinRAR archiver" = WinRAR 4.01 (64-bit)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0ED7EE95-6A97-47AA-AD73-152C08A15B04}" = Dell DataSafe Local Backup
"{12BAA98C-F8DD-4BC9-BBE6-1C8463114197}" = BlackBerry Device Software Updater
"{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}" = Microsoft Works
"{178832DE-9DE0-4C87-9F82-9315A9B03985}" = Windows Live Writer
"{1B2BDFB3-3786-A62F-F498-83F9EE3FBD0F}" = CCC Help Japanese
"{20068980-5702-5CA7-F335-6592852F7F59}" = CCC Help Italian
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{218D629E-8D06-4B23-A238-EB869770B6CC}" = MSVC90_x86
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26A24AE4-039D-4CA4-87B4-2F83217007FF}" = Java 7 Update 7
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{3D5044A5-97B8-45C0-B956-BB2376569188}" = Windows Live Movie Maker
"{3D6F16CA-13B8-6425-A71A-B91DB3E14F51}" = CCC Help Danish
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{4216D328-0FE8-48B8-85B8-BD300E6F080F}" = Nokia Connectivity Cable Driver
"{45338B07-A236-4270-9A77-EBB4115517B5}" = Windows Live Sign-in Assistant
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4DE43CB4-9FB5-82E1-780C-9D38E2F1391E}" = CCC Help Dutch
"{51C7AD07-C3F6-4635-8E8A-231306D810FE}" = Cisco LEAP Module
"{597BBBD5-8A69-CF88-2DE3-67194CE5C071}" = Catalyst Control Center Graphics Previews Common
"{6412CECE-8172-4BE5-935B-6CECACD2CA87}" = Windows Live Mail
"{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}" = Cisco EAP-FAST Module
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{65D0C510-D7B6-4438-9FC8-E6B91115AB0D}" = Live! Cam Avatar Creator
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{71E015CC-52DA-4536-AF0C-C643BA1E45FB}" = Catalyst Control Center - Branding
"{7677040A-E5AA-998C-8810-59F0B5D3E0A8}" = Catalyst Control Center InstallProxy
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7CC90569-A7DB-5EA0-A9FE-0C5799A28B11}" = CCC Help Chinese Traditional
"{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}" = Dell Getting Started Guide
"{81128EE8-8EAD-4DB0-85C6-17C2CE50FF71}" = Windows Live Essentials
"{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}" = Windows Live Sync
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8DE03F6E-FCD2-4497-A8FF-F6C4430618B6}" = BlackBerry App World Browser Plugin
"{8DEB7DD7-FC6D-76C6-712D-40968A736963}" = CCC Help Swedish
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISE_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0409-1000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0116-0409-1000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{91CBABA8-2E52-4EFF-A4A6-26BE8C63CEB7}" = Nokia Ovi Suite Software Updater
"{92531F24-21E5-C8EC-30E6-D56536FD61C7}" = CCC Help Finnish
"{9BC422FB-175A-0191-C141-B8B453DAF06E}" = Catalyst Control Center Graphics Previews Vista
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A1C21906-351B-685E-7263-A4C30DF381E0}" = CCC Help German
"{A33E7B0C-B99C-4EC9-B702-8A328B161AF9}" = Roxio Burn
"{A85FD55B-891B-4314-97A5-EA96C0BD80B5}" = Windows Live Messenger
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9668246-FB70-4103-A1E3-66C9BC2EFB49}" = Dell DataSafe Local Backup - Support Software
"{AB6EE148-B13E-C19D-2732-CD0EB23C39B8}" = CCC Help Portuguese
"{AC76BA86-7AD7-1033-7B44-A91000000001}" = Adobe Reader 9.1
"{AF595D08-64AC-428B-8FB8-EEC70CCB8803}" = Ovi Desktop Sync Engine
"{B2E47DE7-800B-40BB-BD1F-9F221C3AEE87}" = Roxio Burn
"{B4089055-D468-45A4-A6BA-5A138DD715FC}" = Bing Bar
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Click to Call with Skype
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{BE6A55A2-C71F-57DD-E498-7B8F317C0E15}" = ccc-core-static
"{C484CC8D-03CF-4022-89C4-DB4F02E8A15B}" = Crystal Report 2008 Runtime SP3
"{D11D2A79-78FA-EA15-CC16-8F24817EAED2}" = CCC Help Korean
"{D165A6B1-6985-072E-969E-333D759D6777}" = CCC Help Spanish
"{D4AEC53C-1720-41D9-B6D7-6A60DE62D444}" = PC Connectivity Solution
"{D50EDFC1-82F3-4CD2-9583-868715CC3746}" = Ability Office 5
"{D6C75F0B-3BC1-4FC9-B8C5-3F7E8ED059CA}" = Windows Live Photo Gallery
"{DF28B648-9636-5DE8-A072-54A5323B0CDA}" = CCC Help Norwegian
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
"{E3BFEE55-39E2-4BE0-B966-89FE583822C1}" = Dell Support Center (Support Software)
"{E8D7B35C-93B1-317E-9403-2BBBA2154ABF}" = Google Talk Plugin
"{E8DEB138-8DAC-EB25-87CE-D38A2C1C35CE}" = CCC Help French
"{EACCC042-848D-4166-9D97-B13D1D108722}" = Google Drive
"{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}" = Cisco PEAP Module
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F189FCA9-6147-49EE-A995-BE611281EE6E}" = Nokia Ovi Suite
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{F393B7C2-136F-2956-30A3-1099C8394B51}" = CCC Help Chinese Standard
"{F584F82F-79D5-4744-A702-E5BC4E8FBC83}" = OviMPlatform
"{F6BD194C-4190-4D73-B1B1-C48C99921BFE}" = Windows Live Call
"{F6F4AF75-109A-638B-80D5-87283B00CD5E}" = Catalyst Control Center Localization All
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center
"{F909BB1B-3FC1-4EDA-AF1F-8F1A89163591}" = BlackBerry Desktop Software 6.1
"{FB46EFDE-44F4-83F1-3044-68F5E95E3D4E}" = CCC Help English
"{FBCCCFB0-D89D-C91F-B9B1-8AB1760C1DD0}" = CCC Help Russian
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Advanced Audio FX Engine" = Advanced Audio FX Engine
"AVG Secure Search" = AVG Security Toolbar
"BlackBerry_Desktop" = BlackBerry Desktop Software 6.1
"Dell Dock" = Dell Dock
"Dell Webcam Central" = Dell Webcam Central
"DSMT6" = MathType 6
"ENTERPRISE" = Microsoft Office Enterprise 2007
"Foxit Reader_is1" = Foxit Reader 5.1
"GOM Player" = GOM Player
"Google Chrome" = Google Chrome
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.62.0.1300
"Mozilla Firefox 8.0.1 (x86 en-US)" = Mozilla Firefox 8.0.1 (x86 en-US)
"Nokia Ovi Suite" = Nokia Ovi Suite
"VLC media player" = VLC media player 1.1.1
"WildTangent dell Master Uninstall" = WildTangent Games
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR 4.20 (32-bit)
"Yahoo! Messenger" = Yahoo! Messenger
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-4092166746-846261767-1355132555-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{226b64e8-dc75-4eea-a6c8-abcb496320f2}-Google Talk" = Google Talk (remove only)
"{79A765E1-C399-405B-85AF-466F52E918B0}" = Ask Toolbar Updater
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 5/8/2012 11:35:29 AM | Computer Name = Swetha-PC | Source = SideBySide | ID = 16842787
Description = Activation context generation failed for "c:\program files (x86)\windows
live\photo gallery\MovieMaker.Exe".Error in manifest or policy file "c:\program
files (x86)\windows live\photo gallery\WLMFDS.DLL" on line 8. Component identity
found in manifest does not match the identity of the component requested. Reference
is WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1". Definition
is WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1". Please use
sxstrace.exe for detailed diagnosis.
Error - 5/10/2012 6:23:45 PM | Computer Name = Swetha-PC | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "C:\Program Files (x86)\Nokia\Nokia
PC Suite 7\TIS_Windows7PIM.dll". Dependent Assembly Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"
could not be found. Please use sxstrace.exe for detailed diagnosis.
Error - 5/10/2012 6:24:06 PM | Computer Name = Swetha-PC | Source = SideBySide | ID = 16842787
Description = Activation context generation failed for "c:\program files (x86)\windows
live\photo gallery\MovieMaker.Exe".Error in manifest or policy file "c:\program
files (x86)\windows live\photo gallery\WLMFDS.DLL" on line 8. Component identity
found in manifest does not match the identity of the component requested. Reference
is WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1". Definition
is WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1". Please use
sxstrace.exe for detailed diagnosis.
Error - 5/12/2012 11:17:35 AM | Computer Name = Swetha-PC | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "C:\Program Files (x86)\Nokia\Nokia
PC Suite 7\TIS_Windows7PIM.dll". Dependent Assembly Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"
could not be found. Please use sxstrace.exe for detailed diagnosis.
Error - 5/12/2012 11:17:55 AM | Computer Name = Swetha-PC | Source = SideBySide | ID = 16842787
Description = Activation context generation failed for "c:\program files (x86)\windows
live\photo gallery\MovieMaker.Exe".Error in manifest or policy file "c:\program
files (x86)\windows live\photo gallery\WLMFDS.DLL" on line 8. Component identity
found in manifest does not match the identity of the component requested. Reference
is WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1". Definition
is WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1". Please use
sxstrace.exe for detailed diagnosis.
Error - 5/13/2012 5:00:37 PM | Computer Name = Swetha-PC | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "C:\Program Files (x86)\Nokia\Nokia
PC Suite 7\TIS_Windows7PIM.dll". Dependent Assembly Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"
could not be found. Please use sxstrace.exe for detailed diagnosis.
Error - 5/13/2012 5:00:59 PM | Computer Name = Swetha-PC | Source = SideBySide | ID = 16842787
Description = Activation context generation failed for "c:\program files (x86)\windows
live\photo gallery\MovieMaker.Exe".Error in manifest or policy file "c:\program
files (x86)\windows live\photo gallery\WLMFDS.DLL" on line 8. Component identity
found in manifest does not match the identity of the component requested. Reference
is WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1". Definition
is WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1". Please use
sxstrace.exe for detailed diagnosis.
Error - 5/14/2012 7:03:39 PM | Computer Name = Swetha-PC | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "C:\Program Files (x86)\Nokia\Nokia
PC Suite 7\TIS_Windows7PIM.dll". Dependent Assembly Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"
could not be found. Please use sxstrace.exe for detailed diagnosis.
Error - 5/14/2012 7:04:00 PM | Computer Name = Swetha-PC | Source = SideBySide | ID = 16842787
Description = Activation context generation failed for "c:\program files (x86)\windows
live\photo gallery\MovieMaker.Exe".Error in manifest or policy file "c:\program
files (x86)\windows live\photo gallery\WLMFDS.DLL" on line 8. Component identity
found in manifest does not match the identity of the component requested. Reference
is WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1". Definition
is WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1". Please use
sxstrace.exe for detailed diagnosis.
Error - 5/16/2012 9:32:39 AM | Computer Name = Swetha-PC | Source = Application Hang | ID = 1002
Description = The program iexplore.exe version 9.0.8112.16421 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Action Center control panel. Process ID: c8c Start
Time: 01cd33682c659c1e Termination Time: 30 Application Path: C:\Program Files (x86)\internet
explorer\iexplore.exe Report Id:
[ Broadcom Wireless LAN Events ]
Error - 9/30/2012 5:27:24 PM | Computer Name = Swetha-PC | Source = WLAN-Tray | ID = 0
Description = 17:27:21, Sun, Sep 30, 12 Error - Unable to gain access to user store
[ Media Center Events ]
Error - 2/10/2011 2:57:39 AM | Computer Name = Swetha-PC | Source = MCUpdate | ID = 0
Description = 10:57:39 AM - Error connecting to the internet. 10:57:39 AM - Unable
to contact server..
[ OSession Events ]
Error - 10/9/2011 9:36:12 PM | Computer Name = Swetha-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 265
seconds with 120 seconds of active time. This session ended with a crash.
[ System Events ]
Error - 10/3/2012 10:23:33 AM | Computer Name = Swetha-PC | Source = Ntfs | ID = 262199
Description = The file system structure on the disk is corrupt and unusable. Please
run the chkdsk utility on the volume .
Error - 10/3/2012 10:23:33 AM | Computer Name = Swetha-PC | Source = Ntfs | ID = 262199
Description = The file system structure on the disk is corrupt and unusable. Please
run the chkdsk utility on the volume .
Error - 10/3/2012 10:23:33 AM | Computer Name = Swetha-PC | Source = Ntfs | ID = 262199
Description = The file system structure on the disk is corrupt and unusable. Please
run the chkdsk utility on the volume .
Error - 10/3/2012 10:23:33 AM | Computer Name = Swetha-PC | Source = Ntfs | ID = 262199
Description = The file system structure on the disk is corrupt and unusable. Please
run the chkdsk utility on the volume .
Error - 10/3/2012 10:23:33 AM | Computer Name = Swetha-PC | Source = Ntfs | ID = 262199
Description = The file system structure on the disk is corrupt and unusable. Please
run the chkdsk utility on the volume .
Error - 10/3/2012 10:23:33 AM | Computer Name = Swetha-PC | Source = Ntfs | ID = 262199
Description = The file system structure on the disk is corrupt and unusable. Please
run the chkdsk utility on the volume .
Error - 10/3/2012 10:23:33 AM | Computer Name = Swetha-PC | Source = Ntfs | ID = 262199
Description = The file system structure on the disk is corrupt and unusable. Please
run the chkdsk utility on the volume .
Error - 10/3/2012 10:23:33 AM | Computer Name = Swetha-PC | Source = Ntfs | ID = 262199
Description = The file system structure on the disk is corrupt and unusable. Please
run the chkdsk utility on the volume .
Error - 10/3/2012 10:26:39 AM | Computer Name = Swetha-PC | Source = Ntfs | ID = 262199
Description = The file system structure on the disk is corrupt and unusable. Please
run the chkdsk utility on the volume .
Error - 10/3/2012 10:27:47 AM | Computer Name = Swetha-PC | Source = Ntfs | ID = 262199
Description = The file system structure on the disk is corrupt and unusable. Please
run the chkdsk utility on the volume .
< End of report >