Welcome to GeekPolice!
HomeHelp for removal of VBS:ExeDropper-gen[Trj] from my PC
- prasad2002
Beginner
-
OS : windows 7
Posts : 3
Rubies : 2033
Likes : 0 
prasad2002 on 6th January 2012, 5:20 pm
OTL logfile created on: 1/6/2012 10:29:06 PM - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Prasad\Documents\Downloads\Programs
Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1.97 Gb Total Physical Memory | 1.10 Gb Available Physical Memory | 56.15% Memory free
3.93 Gb Paging File | 2.91 Gb Available in Paging File | 74.11% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 29.19 Gb Total Space | 8.70 Gb Free Space | 29.80% Space Free | Partition Type: NTFS
Drive D: | 36.13 Gb Total Space | 1.66 Gb Free Space | 4.60% Space Free | Partition Type: NTFS
Drive E: | 6.83 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF
Drive F: | 36.34 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive I: | 9.10 Gb Total Space | 2.92 Gb Free Space | 32.11% Space Free | Partition Type: NTFS
Computer Name: PRASAD-PC | User Name: Prasad | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2012/01/06 22:26:22 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Prasad\My Documents\Downloads\Programs\OTL.EXE
PRC - [2012/01/03 15:39:39 | 000,247,968 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\System32\Macromed\Flash\FlashUtil11e_ActiveX.exe
PRC - [2011/10/13 19:19:06 | 000,217,478 | ---- | M] () -- C:\Program Files\Tata Photon+\Huawei\Tata Photon+.exe
PRC - [2010/11/16 19:07:38 | 000,264,704 | ---- | M] () -- C:\ProgramData\DatacardService\HWDeviceService.exe
PRC - [2010/11/16 19:07:30 | 000,230,912 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\ProgramData\DatacardService\DCSHelper.exe
PRC - [2010/10/21 15:09:38 | 000,247,649 | ---- | M] () -- C:\Users\Prasad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\cssrs.exe
PRC - [2010/09/07 20:42:02 | 002,838,912 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
PRC - [2010/09/07 20:41:59 | 000,040,384 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2010/09/07 20:41:44 | 000,119,200 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\afwServ.exe
PRC - [2010/08/11 09:02:14 | 001,690,224 | ---- | M] (VIA) -- C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe
PRC - [2009/10/16 09:43:00 | 003,134,896 | ---- | M] (Tonec Inc.) -- C:\Program Files\Internet Download Manager\IDMan.exe
PRC - [2009/10/15 15:21:51 | 000,263,600 | ---- | M] (Tonec Inc.) -- C:\Program Files\Internet Download Manager\IEMonitor.exe
PRC - [2009/07/14 06:44:42 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2009/07/14 06:44:20 | 002,613,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009/07/14 06:44:12 | 000,100,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\audiodg.exe
========== Modules (No Company Name) ==========
MOD - [2011/10/13 19:19:06 | 000,217,478 | ---- | M] () -- C:\Program Files\Tata Photon+\Huawei\Tata Photon+.exe
MOD - [2011/10/13 19:19:04 | 000,635,314 | ---- | M] () -- C:\Program Files\Tata Photon+\Huawei\atcomm.dll
MOD - [2011/10/13 19:19:04 | 000,266,657 | ---- | M] () -- C:\Program Files\Tata Photon+\Huawei\DeviceMgrUIPlugin.dll
MOD - [2011/10/13 19:19:04 | 000,262,677 | ---- | M] () -- C:\Program Files\Tata Photon+\Huawei\SMSPlugin.dll
MOD - [2011/10/13 19:19:04 | 000,258,560 | ---- | M] () -- C:\Program Files\Tata Photon+\Huawei\DetectDev.dll
MOD - [2011/10/13 19:19:04 | 000,242,035 | ---- | M] () -- C:\Program Files\Tata Photon+\Huawei\LocaleMgrPlugin.dll
MOD - [2011/10/13 19:19:04 | 000,209,235 | ---- | M] () -- C:\Program Files\Tata Photon+\Huawei\DeviceMgrPlugin.dll
MOD - [2011/10/13 19:19:04 | 000,205,229 | ---- | M] () -- C:\Program Files\Tata Photon+\Huawei\NetInfoPlugin.dll
MOD - [2011/10/13 19:19:04 | 000,197,115 | ---- | M] () -- C:\Program Files\Tata Photon+\Huawei\FileManager.dll
MOD - [2011/10/13 19:19:04 | 000,193,009 | ---- | M] () -- C:\Program Files\Tata Photon+\Huawei\DialUpPlugin.dll
MOD - [2011/10/13 19:19:04 | 000,188,859 | ---- | M] () -- C:\Program Files\Tata Photon+\Huawei\CallPlugin.dll
MOD - [2011/10/13 19:19:04 | 000,168,400 | ---- | M] () -- C:\Program Files\Tata Photon+\Huawei\XCodec.dll
MOD - [2011/10/13 19:19:04 | 000,168,343 | ---- | M] () -- C:\Program Files\Tata Photon+\Huawei\DeviceOperate.dll
MOD - [2011/10/13 19:19:04 | 000,164,349 | ---- | M] () -- C:\Program Files\Tata Photon+\Huawei\ConfigFilePlugin.dll
MOD - [2011/10/13 19:19:04 | 000,139,645 | ---- | M] () -- C:\Program Files\Tata Photon+\Huawei\NotifyServicePlugin.dll
MOD - [2011/10/13 19:19:04 | 000,119,709 | ---- | M] () -- C:\Program Files\Tata Photon+\Huawei\isaputrace.dll
MOD - [2010/10/21 15:09:38 | 000,247,649 | ---- | M] () -- C:\Users\Prasad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\cssrs.exe
MOD - [2010/08/11 09:02:20 | 000,100,976 | ---- | M] () -- C:\Program Files\VIA\VIAudioi\VDeck\VMicApi.dll
MOD - [2010/08/11 09:02:10 | 064,663,664 | ---- | M] () -- C:\Program Files\VIA\VIAudioi\VDeck\skin.dll
MOD - [2010/08/11 09:02:06 | 000,080,496 | ---- | M] () -- C:\Program Files\VIA\VIAudioi\VDeck\QsApoApi.dll
MOD - [2010/08/11 09:02:04 | 000,113,264 | ---- | M] () -- C:\Program Files\VIA\VIAudioi\VDeck\Dts2ApoApi.dll
========== Win32 Services (SafeList) ==========
SRV - File not found [Auto | Running] -- -- (HWDeviceService.exe)
SRV - [2010/09/07 20:41:59 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Web Scanner)
SRV - [2010/09/07 20:41:59 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Mail Scanner)
SRV - [2010/09/07 20:41:59 | 000,040,384 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2010/09/07 20:41:44 | 000,119,200 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\afwServ.exe -- (avast! Firewall)
SRV - [2009/07/14 06:46:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/14 06:46:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009/07/14 06:45:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
========== Driver Services (SafeList) ==========
DRV - [2011/10/13 19:19:04 | 000,193,792 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ewusbmdm.sys -- (hwdatacard)
DRV - [2011/10/13 19:19:04 | 000,102,784 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ew_hwusbdev.sys -- (ew_hwusbdev)
DRV - [2010/09/07 20:24:16 | 000,099,792 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswFW.sys -- (aswFW)
DRV - [2010/09/07 20:23:58 | 000,340,048 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2010/09/07 20:23:35 | 000,190,416 | ---- | M] (AVAST Software) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\aswNdis2.sys -- (aswNdis2)
DRV - [2010/09/07 20:22:25 | 000,046,672 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2010/09/07 20:22:03 | 000,165,584 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2010/09/07 20:17:46 | 000,023,376 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2010/09/07 20:17:30 | 000,050,768 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2010/09/07 20:17:07 | 000,017,744 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2010/08/04 18:47:00 | 001,143,920 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\viahduaa.sys -- (VIAHdAudAddService)
DRV - [2009/07/14 06:49:10 | 000,175,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vmbus.sys -- (vmbus)
DRV - [2009/07/14 06:49:10 | 000,040,896 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\vmstorfl.sys -- (storflt)
DRV - [2009/07/14 06:49:10 | 000,028,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\storvsc.sys -- (storvsc)
DRV - [2009/07/14 04:58:47 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vms3cap.sys -- (s3cap)
DRV - [2009/07/14 04:58:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\VMBusHID.sys -- (VMBusHID)
DRV - [2009/07/14 03:32:47 | 000,050,688 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\L1C62x86.sys -- (L1C) NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.114116.info
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Preserve
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.114116.info
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\mozilla_cc@internetdownloadmanager.com: C:\Users\Prasad\AppData\Roaming\IDM\idmmzcc3 [2011/10/30 16:05:26 | 000,000,000 | ---D | M]
O1 HOSTS File: ([2009/06/11 03:09:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (IDMIEHlprObj Class) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll (Tonec Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {1392B8D2-5C05-419F-A8F6-B9F15A596612} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - No CLSID value found.
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [HDAudDeck] C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe (VIA)
O4 - HKCU..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe (Tonec Inc.)
O4 - Startup: C:\Users\Prasad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\cssrs.exe ()
O4 - Startup: C:\Users\Prasad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\cssrsmgr.exe ()
O4 - Startup: C:\Users\Prasad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\efayyvfe.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8 - Extra context menu item: Download all links with IDM - C:\Program Files\Internet Download Manager\IEGetAll.htm ()
O8 - Extra context menu item: Download FLV video content with IDM - C:\Program Files\Internet Download Manager\IEGetVL.htm ()
O8 - Extra context menu item: Download with IDM - C:\Program Files\Internet Download Manager\IEExt.htm ()
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab (Java Plug-in 1.6.0_27)
O16 - DPF: {CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab (Java Plug-in 1.6.0_27)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab (Java Plug-in 1.6.0_27)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B6D896AA-E82F-4F85-9F08-84C8C93FA636}: NameServer = 4.2.2.2 121.242.190.180
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) -C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/11 03:12:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2010/11/19 18:37:38 | 000,142,336 | R--- | M] () - F:\AutoRun.exe -- [ CDFS ]
O32 - AutoRun File - [2007/11/25 00:41:52 | 000,000,047 | R--- | M] () - F:\AUTORUN.INF -- [ CDFS ]
O32 - AutoRun File - [2009/07/03 14:13:04 | 000,000,094 | R--- | M] () - F:\autorun.sh -- [ CDFS ]
O33 - MountPoints2\{0b54b152-ec46-11e0-880c-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{0b54b152-ec46-11e0-880c-806e6f6e6963}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- [2010/11/19 18:37:38 | 000,142,336 | R--- | M] ()
O33 - MountPoints2\{3fb9b6c9-ee8c-11e0-8860-8c89a533a41d}\Shell - "" = AutoRun
O33 - MountPoints2\{3fb9b6c9-ee8c-11e0-8860-8c89a533a41d}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- [2010/11/19 18:37:38 | 000,142,336 | R--- | M] ()
O33 - MountPoints2\F\Shell - "" = AutoRun
O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\AutoRun.exe -- [2010/11/19 18:37:38 | 000,142,336 | R--- | M] ()
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: NTDS - File not found
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vmms - Service
SafeBootMin: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: NTDS - File not found
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vmms - Service
SafeBootNet: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Macromedia Shockwave Flash
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
========== Files/Folders - Created Within 30 Days ==========
[2012/01/04 21:26:10 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2012/01/02 22:20:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
[2012/01/02 22:20:21 | 000,000,000 | ---D | C] -- C:\Program Files\7-Zip
[2012/01/02 21:55:08 | 000,000,000 | -HSD | C] -- C:\Config.Msi
========== Files - Modified Within 30 Days ==========
[2012/01/06 21:40:03 | 000,010,016 | ---- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/01/06 21:40:03 | 000,010,016 | ---- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/01/06 21:34:25 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/01/06 21:34:16 | 1583,226,880 | -HS- | M] () -- C:\hiberfil.sys
[2012/01/05 18:15:29 | 000,101,872 | ---- | M] () -- C:\Users\Prasad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\efayyvfe.exe
[2012/01/05 18:15:29 | 000,101,872 | ---- | M] () -- C:\Users\Prasad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\cssrsmgr.exe
[2012/01/03 15:39:39 | 000,414,368 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2012/01/02 23:07:25 | 000,101,872 | ---- | M] () -- C:\Users\Prasad\AppData\Roaming\cssrsmgr.exe
[2012/01/02 22:03:31 | 000,615,122 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012/01/02 22:03:31 | 000,103,496 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012/01/02 21:55:13 | 000,001,984 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
========== Files Created - No Company Name ==========
[2012/01/02 22:21:57 | 004,249,600 | ---- | C] () -- C:\Users\Prasad\Desktop\26113__9780471317517__9780585256054__0471317519.tar_2
[2011/12/25 22:13:11 | 002,073,213 | ---- | C] () -- C:\Users\Prasad\Desktop\Ch2_SM.pdf
[2011/10/13 20:25:28 | 000,021,412 | ---- | C] () -- C:\Windows\System32\emptyregdb.dat
[2011/10/08 21:12:49 | 000,057,344 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2011/09/22 20:50:33 | 000,000,000 | ---- | C] () -- C:\Windows\PROTOCOL.INI
[2011/09/18 00:41:29 | 000,101,872 | ---- | C] () -- C:\Users\Prasad\AppData\Roaming\cssrsmgr.exe
[2011/09/17 21:06:34 | 000,247,649 | -HS- | C] () -- C:\Users\Prasad\AppData\Roaming\cssrs.exe
[2011/09/17 11:34:14 | 000,140,288 | ---- | C] () -- C:\Windows\System32\igfxtvcx.dll
[2011/09/17 11:24:17 | 000,982,220 | ---- | C] () -- C:\Windows\System32\igkrng500.bin
[2011/09/17 11:24:17 | 000,439,300 | ---- | C] () -- C:\Windows\System32\igcompkrng500.bin
[2011/09/17 11:24:17 | 000,092,216 | ---- | C] () -- C:\Windows\System32\igfcg500m.bin
[2011/09/17 11:24:15 | 000,134,592 | ---- | C] () -- C:\Windows\System32\igfcg500.bin
[2009/07/14 10:27:37 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009/07/14 10:03:53 | 000,408,520 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2009/07/14 07:35:48 | 000,615,122 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2009/07/14 07:35:48 | 000,291,294 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2009/07/14 07:35:48 | 000,103,496 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2009/07/14 07:35:48 | 000,031,548 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2009/07/14 07:35:05 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2009/07/14 07:34:11 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2009/07/14 05:49:49 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
[2009/07/14 05:25:01 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009/07/14 05:21:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll
[2009/07/14 05:12:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll
[2009/06/11 02:56:10 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
========== Custom Scans ==========
< %APPDATA%\Microsoft\*.* >
< %systemroot%\system32\config\systemprofile\*.dat /x >
< %USERPROFILE%\Desktop\*.exe >
[2010/10/21 15:09:38 | 000,247,649 | ---- | M] () -- C:\Users\Prasad\Desktop\idman5.18.4.full.rox1234.exe
< %PROGRAMFILES%\Common Files\*.* >
< %systemroot%\winn32\*.* >
< %USERPROFILE%\My Documents\*.exe >
< %USERPROFILE%\*.exe >
< %PROGRAMFILES%\Mozilla Firefox\*.exe >
< %ProgramFiles%\TinyProxy. >
< %systemroot%\system32\*.* /lockedfiles >
< %systemroot%\Tasks\*.job /lockedfiles >
< %systemroot%\system32\drivers\*.* /lockedfiles >
< %PROGRAMFILES%\*. >
[2012/01/02 22:20:22 | 000,000,000 | ---D | M] -- C:\Program Files\7-Zip
[2011/10/30 15:59:24 | 000,000,000 | ---D | M] -- C:\Program Files\Adobe
[2011/10/30 15:59:26 | 000,000,000 | ---D | M] -- C:\Program Files\Alwil Software
[2011/10/30 15:59:34 | 000,000,000 | ---D | M] -- C:\Program Files\C-Free 5
[2011/10/30 15:59:35 | 000,000,000 | ---D | M] -- C:\Program Files\CCleaner
[2011/10/30 15:59:35 | 000,000,000 | ---D | M] -- C:\Program Files\Common Files
[2011/10/30 15:59:43 | 000,000,000 | ---D | M] -- C:\Program Files\Cucusoft
[2009/07/14 13:20:29 | 000,000,000 | ---D | M] -- C:\Program Files\DVD Maker
[2011/10/30 15:59:43 | 000,000,000 | ---D | M] -- C:\Program Files\Google
[2011/10/30 15:59:49 | 000,000,000 | ---D | M] -- C:\Program Files\ImgBurn
[2011/11/14 18:06:07 | 000,000,000 | -H-D | M] -- C:\Program Files\InstallShield Installation Information
[2011/10/30 18:08:31 | 000,000,000 | ---D | M] -- C:\Program Files\Intel
[2011/10/31 22:32:13 | 000,000,000 | ---D | M] -- C:\Program Files\Internet Download Manager
[2009/07/14 10:26:49 | 000,000,000 | ---D | M] -- C:\Program Files\Internet Explorer
[2011/10/30 15:59:49 | 000,000,000 | ---D | M] -- C:\Program Files\Java
[2011/11/07 12:17:45 | 000,000,000 | ---D | M] -- C:\Program Files\MATLAB
[2009/07/14 13:20:24 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Games
[2011/10/30 16:00:22 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Office
[2011/10/30 16:00:22 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Visual Studio
[2011/10/30 16:00:23 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Visual Studio 8
[2011/10/30 16:00:23 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Works
[2011/10/30 16:00:23 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft.NET
[2011/10/30 16:00:23 | 000,000,000 | ---D | M] -- C:\Program Files\MSBuild
[2009/07/14 10:22:30 | 000,000,000 | ---D | M] -- C:\Program Files\Reference Assemblies
[2011/10/30 16:00:23 | 000,000,000 | ---D | M] -- C:\Program Files\Softland
[2011/10/30 16:00:23 | 000,000,000 | ---D | M] -- C:\Program Files\Tata Photon+
[2009/07/14 10:23:23 | 000,000,000 | -H-D | M] -- C:\Program Files\Uninstall Information
[2011/10/30 16:00:28 | 000,000,000 | ---D | M] -- C:\Program Files\VIA
[2011/10/30 16:00:28 | 000,000,000 | ---D | M] -- C:\Program Files\VideoLAN
[2009/07/14 10:26:49 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Defender
[2009/07/14 13:20:04 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Journal
[2009/07/14 10:26:49 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Mail
[2009/07/14 10:26:49 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Media Player
[2009/07/14 10:22:30 | 000,000,000 | ---D | M] -- C:\Program Files\Windows NT
[2009/07/14 10:26:49 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Photo Viewer
[2009/07/14 10:22:32 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Portable Devices
[2009/07/14 10:26:49 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Sidebar
[2011/10/31 22:32:14 | 000,000,000 | ---D | M] -- C:\Program Files\WinRAR
< MD5 for: AGP440.SYS >
[2009/07/14 06:56:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\drivers\AGP440.sys
[2009/07/14 06:56:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_x86_neutral_65848c2d7375a720\AGP440.sys
[2009/07/14 06:56:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_b9e9435f20046eeb\AGP440.sys
< MD5 for: ATAPI.SYS >
[2009/07/14 06:56:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\drivers\atapi.sys
[2009/07/14 06:56:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_f64b9c35a3a5be81\atapi.sys
[2009/07/14 06:56:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_dd0e7e3d82dd640d\atapi.sys
< MD5 for: DISK.SYS >
[2009/07/14 06:50:27 | 000,057,424 | ---- | M] (Microsoft Corporation) MD5=565003F326F99802E68CA78F2A68E9FF -- C:\Windows\System32\drivers\disk.sys
[2009/07/14 06:50:27 | 000,057,424 | ---- | M] (Microsoft Corporation) MD5=565003F326F99802E68CA78F2A68E9FF -- C:\Windows\System32\DriverStore\FileRepository\disk.inf_x86_neutral_b431b61a11f8df6c\disk.sys
[2009/07/14 06:50:27 | 000,057,424 | ---- | M] (Microsoft Corporation) MD5=565003F326F99802E68CA78F2A68E9FF -- C:\Windows\winsxs\x86_disk.inf_31bf3856ad364e35_6.1.7600.16385_none_f99cd807d58018cb\disk.sys
< MD5 for: NETLOGON.DLL >
[2009/07/14 06:46:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\System32\netlogon.dll
[2009/07/14 06:46:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_fd8e0d66994d7dc8\netlogon.dll
< MD5 for: NVSTOR.SYS >
[2009/07/14 06:50:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- C:\Windows\System32\drivers\nvstor.sys
[2009/07/14 06:50:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_5bde3fe2945bce9e\nvstor.sys
[2009/07/14 06:50:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_39b1194b205239d8\nvstor.sys
< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
< hklm\software\clients\startmenuinternet|command /rs >
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\Windows\System32\ie4uinit.exe" -show [2009/07/14 06:44:21 | 000,176,128 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\Windows\System32\ie4uinit.exe" -reinstall [2009/07/14 06:44:21 | 000,176,128 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\Windows\System32\ie4uinit.exe" -hide [2009/07/14 06:44:21 | 000,176,128 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" -extoff [2009/07/14 06:47:29 | 000,673,048 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\Program Files\Internet Explorer\iexplore.exe [2009/07/14 06:47:29 | 000,673,048 | ---- | M] (Microsoft Corporation)
< hklm\software\clients\startmenuinternet|command /64 /rs >
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\Windows\System32\ie4uinit.exe" -show [2009/07/14 06:44:21 | 000,176,128 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\Windows\System32\ie4uinit.exe" -reinstall [2009/07/14 06:44:21 | 000,176,128 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\Windows\System32\ie4uinit.exe" -hide [2009/07/14 06:44:21 | 000,176,128 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" -extoff [2009/07/14 06:47:29 | 000,673,048 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\Program Files\Internet Explorer\iexplore.exe [2009/07/14 06:47:29 | 000,673,048 | ---- | M] (Microsoft Corporation)
< End of report >
OTL Extras logfile created on: 1/6/2012 10:29:06 PM - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Prasad\Documents\Downloads\Programs
Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1.97 Gb Total Physical Memory | 1.10 Gb Available Physical Memory | 56.15% Memory free
3.93 Gb Paging File | 2.91 Gb Available in Paging File | 74.11% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 29.19 Gb Total Space | 8.70 Gb Free Space | 29.80% Space Free | Partition Type: NTFS
Drive D: | 36.13 Gb Total Space | 1.66 Gb Free Space | 4.60% Space Free | Partition Type: NTFS
Drive E: | 6.83 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF
Drive F: | 36.34 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive I: | 9.10 Gb Total Space | 2.92 Gb Free Space | 32.11% Space Free | Partition Type: NTFS
Computer Name: PRASAD-PC | User Name: Prasad | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"D:\C - Free\C_Free_Professional_v5_0_0_keygen.exe" = D:\C - Free\C_Free_Professional_v5_0_0_keygen.exe:*:Enabled:C_Free_Professional_v5_0_0_keygen -- ()
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00203668-8170-44A0-BE44-B632FA4D780F}" = Adobe AIR
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{20D4A895-748C-4D88-871C-FDB1695B0169}" = Platform
"{26A24AE4-039D-4CA4-87B4-2F83216027FF}" = Java(TM) 6 Update 27
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{5545EEE1-FA36-4F76-B6BE-5696E7F4E2D6}" = VBA (2627.01)
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{AC76BA86-7AD7-1033-7B44-A92000000001}" = Adobe Reader 9.2
"{C1E2523A-2F4C-45F2-BBCE-7247163ECE15}" = Tally 9
"3D Home Architect Deluxe 3.0" = 3D Home Architect(r) Deluxe 3.0
"7-Zip" = 7-Zip 9.20
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"avast5" = avast! Internet Security
"CCleaner" = CCleaner (remove only)
"C-Free 5.0_is1" = C-Free 5.0 Professional
"doPDF 7 printer_is1" = doPDF 7.2 printer
"ENTERPRISE" = Microsoft Office Enterprise 2007
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"ImgBurn" = ImgBurn
"InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}" = VIA Platform Device Manager
"Internet Download Manager" = Internet Download Manager
"MatlabR2007b" = MATLAB R2007b
"Picasa 3" = Picasa 3
"Tata Photon+" = Tata Photon+
"TVWiz" = Intel(R) TV Wizard
"VLC media player" = VLC media player 1.1.11
"WinRAR archiver" = WinRAR 4.01 (32-bit)
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 1/5/2012 1:58:57 PM | Computer Name = Prasad-PC | Source = Application Error | ID = 1000
Description = Faulting application name: vlc.exe, version: 1.1.11.0, time stamp:
0x4e1edf37 Faulting module name: vlc.exe, version: 1.1.11.0, time stamp: 0x4e1edf37
Exception
code: 0xc0000005 Fault offset: 0x000016ee Faulting process id: 0x454 Faulting application
start time: 0x01cccbd3b1930084 Faulting application path: C:\Program Files\VideoLAN\VLC\vlc.exe
Faulting
module path: C:\Program Files\VideoLAN\VLC\vlc.exe Report Id: efdd2b03-37c6-11e1-b56d-a106be6390dc
Error - 1/5/2012 9:02:01 PM | Computer Name = Prasad-PC | Source = Application Error | ID = 1000
Description = Faulting application name: AUDIODG.EXE, version: 6.1.7600.16385, time
stamp: 0x4a5bcb44 Faulting module name: VIASysFx.dll, version: 1.0.0.0, time stamp:
0x4c5937da Exception code: 0xc0000094 Fault offset: 0x0005a90e Faulting process id:
0x3e8 Faulting application start time: 0x01cccc0eb1dcd0c4 Faulting application path:
C:\Windows\system32\AUDIODG.EXE Faulting module path: C:\Windows\system32\VIASysFx.dll
Report
Id: 09d18583-3802-11e1-a657-b48cd72bfef4
Error - 1/6/2012 12:05:22 PM | Computer Name = Prasad-PC | Source = Windows Search Service | ID = 7040
Description =
Error - 1/6/2012 12:05:22 PM | Computer Name = Prasad-PC | Source = Windows Search Service | ID = 7042
Description =
Error - 1/6/2012 12:05:22 PM | Computer Name = Prasad-PC | Source = Windows Search Service | ID = 3029
Description =
Error - 1/6/2012 12:05:22 PM | Computer Name = Prasad-PC | Source = Windows Search Service | ID = 3028
Description =
Error - 1/6/2012 12:05:22 PM | Computer Name = Prasad-PC | Source = Windows Search Service | ID = 3058
Description =
Error - 1/6/2012 12:05:22 PM | Computer Name = Prasad-PC | Source = Windows Search Service | ID = 7010
Description =
Error - 1/6/2012 12:05:22 PM | Computer Name = Prasad-PC | Source = Windows Search Service | ID = 7040
Description =
Error - 1/6/2012 12:05:22 PM | Computer Name = Prasad-PC | Source = Windows Search Service | ID = 7042
Description =
[ Media Center Events ]
Error - 11/18/2011 6:49:26 PM | Computer Name = Prasad-PC | Source = MCUpdate | ID = 0
Description = 4:19:10 AM - Error connecting to the internet. 4:19:10 AM - Unable
to contact server..
Error - 11/25/2011 10:33:53 AM | Computer Name = Prasad-PC | Source = MCUpdate | ID = 0
Description = 8:03:53 PM - Error connecting to the internet. 8:03:53 PM - Unable
to contact server..
Error - 11/25/2011 10:34:11 AM | Computer Name = Prasad-PC | Source = MCUpdate | ID = 0
Description = 8:03:58 PM - Error connecting to the internet. 8:03:58 PM - Unable
to contact server..
Error - 11/26/2011 11:28:04 AM | Computer Name = Prasad-PC | Source = MCUpdate | ID = 0
Description = 8:58:02 PM - Error connecting to the internet. 8:58:04 PM - Unable
to contact server..
Error - 11/26/2011 11:28:21 AM | Computer Name = Prasad-PC | Source = MCUpdate | ID = 0
Description = 8:58:10 PM - Error connecting to the internet. 8:58:10 PM - Unable
to contact server..
Error - 11/27/2011 5:58:43 AM | Computer Name = Prasad-PC | Source = MCUpdate | ID = 0
Description = 3:28:42 PM - Error connecting to the internet. 3:28:42 PM - Unable
to contact server..
Error - 11/27/2011 5:59:14 AM | Computer Name = Prasad-PC | Source = MCUpdate | ID = 0
Description = 3:28:53 PM - Error connecting to the internet. 3:28:53 PM - Unable
to contact server..
Error - 11/27/2011 10:31:49 AM | Computer Name = Prasad-PC | Source = MCUpdate | ID = 0
Description = 8:01:49 PM - Error connecting to the internet. 8:01:49 PM - Unable
to contact server..
Error - 11/27/2011 10:31:58 AM | Computer Name = Prasad-PC | Source = MCUpdate | ID = 0
Description = 8:01:54 PM - Error connecting to the internet. 8:01:54 PM - Unable
to contact server..
Error - 12/22/2011 12:45:36 PM | Computer Name = Prasad-PC | Source = MCUpdate | ID = 0
Description = 10:15:19 PM - Error connecting to the internet. 10:15:19 PM - Unable
to contact server..
[ OSession Events ]
Error - 12/30/2011 11:16:47 AM | Computer Name = Prasad-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 1410
seconds with 180 seconds of active time. This session ended with a crash.
[ System Events ]
Error - 12/31/2011 10:03:29 AM | Computer Name = Prasad-PC | Source = Service Control Manager | ID = 7031
Description = The Windows Search service terminated unexpectedly. It has done this
1 time(s). The following corrective action will be taken in 30000 milliseconds:
Restart the service.
Error - 1/3/2012 8:51:45 AM | Computer Name = Prasad-PC | Source = volsnap | ID = 393252
Description = The shadow copies of volume C: were aborted because the shadow copy
storage could not grow due to a user imposed limit.
Error - 1/3/2012 5:04:30 PM | Computer Name = Prasad-PC | Source = volsnap | ID = 393252
Description = The shadow copies of volume C: were aborted because the shadow copy
storage could not grow due to a user imposed limit.
Error - 1/4/2012 11:36:15 AM | Computer Name = Prasad-PC | Source = volsnap | ID = 393252
Description = The shadow copies of volume C: were aborted because the shadow copy
storage could not grow due to a user imposed limit.
Error - 1/4/2012 11:56:16 AM | Computer Name = Prasad-PC | Source = BugCheck | ID = 1001
Description =
Error - 1/5/2012 9:01:12 PM | Computer Name = Prasad-PC | Source = EventLog | ID = 6008
Description = The previous system shutdown at 11:45:57 PM on ?1/?5/?2012 was unexpected.
Error - 1/6/2012 12:04:26 PM | Computer Name = Prasad-PC | Source = EventLog | ID = 6008
Description = The previous system shutdown at 9:32:53 PM on ?1/?6/?2012 was unexpected.
Error - 1/6/2012 12:04:33 PM | Computer Name = PRASAD-PC | Source = BugCheck | ID = 1001
Description =
Error - 1/6/2012 12:05:22 PM | Computer Name = Prasad-PC | Source = Service Control Manager | ID = 7024
Description = The Windows Search service terminated with service-specific error
%%-1073473536.
Error - 1/6/2012 12:05:22 PM | Computer Name = Prasad-PC | Source = Service Control Manager | ID = 7031
Description = The Windows Search service terminated unexpectedly. It has done this
1 time(s). The following corrective action will be taken in 30000 milliseconds:
Restart the service.
< End of report >
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Prasad\Documents\Downloads\Programs
Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1.97 Gb Total Physical Memory | 1.10 Gb Available Physical Memory | 56.15% Memory free
3.93 Gb Paging File | 2.91 Gb Available in Paging File | 74.11% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 29.19 Gb Total Space | 8.70 Gb Free Space | 29.80% Space Free | Partition Type: NTFS
Drive D: | 36.13 Gb Total Space | 1.66 Gb Free Space | 4.60% Space Free | Partition Type: NTFS
Drive E: | 6.83 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF
Drive F: | 36.34 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive I: | 9.10 Gb Total Space | 2.92 Gb Free Space | 32.11% Space Free | Partition Type: NTFS
Computer Name: PRASAD-PC | User Name: Prasad | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2012/01/06 22:26:22 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Prasad\My Documents\Downloads\Programs\OTL.EXE
PRC - [2012/01/03 15:39:39 | 000,247,968 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\System32\Macromed\Flash\FlashUtil11e_ActiveX.exe
PRC - [2011/10/13 19:19:06 | 000,217,478 | ---- | M] () -- C:\Program Files\Tata Photon+\Huawei\Tata Photon+.exe
PRC - [2010/11/16 19:07:38 | 000,264,704 | ---- | M] () -- C:\ProgramData\DatacardService\HWDeviceService.exe
PRC - [2010/11/16 19:07:30 | 000,230,912 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\ProgramData\DatacardService\DCSHelper.exe
PRC - [2010/10/21 15:09:38 | 000,247,649 | ---- | M] () -- C:\Users\Prasad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\cssrs.exe
PRC - [2010/09/07 20:42:02 | 002,838,912 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
PRC - [2010/09/07 20:41:59 | 000,040,384 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2010/09/07 20:41:44 | 000,119,200 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\afwServ.exe
PRC - [2010/08/11 09:02:14 | 001,690,224 | ---- | M] (VIA) -- C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe
PRC - [2009/10/16 09:43:00 | 003,134,896 | ---- | M] (Tonec Inc.) -- C:\Program Files\Internet Download Manager\IDMan.exe
PRC - [2009/10/15 15:21:51 | 000,263,600 | ---- | M] (Tonec Inc.) -- C:\Program Files\Internet Download Manager\IEMonitor.exe
PRC - [2009/07/14 06:44:42 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2009/07/14 06:44:20 | 002,613,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009/07/14 06:44:12 | 000,100,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\audiodg.exe
========== Modules (No Company Name) ==========
MOD - [2011/10/13 19:19:06 | 000,217,478 | ---- | M] () -- C:\Program Files\Tata Photon+\Huawei\Tata Photon+.exe
MOD - [2011/10/13 19:19:04 | 000,635,314 | ---- | M] () -- C:\Program Files\Tata Photon+\Huawei\atcomm.dll
MOD - [2011/10/13 19:19:04 | 000,266,657 | ---- | M] () -- C:\Program Files\Tata Photon+\Huawei\DeviceMgrUIPlugin.dll
MOD - [2011/10/13 19:19:04 | 000,262,677 | ---- | M] () -- C:\Program Files\Tata Photon+\Huawei\SMSPlugin.dll
MOD - [2011/10/13 19:19:04 | 000,258,560 | ---- | M] () -- C:\Program Files\Tata Photon+\Huawei\DetectDev.dll
MOD - [2011/10/13 19:19:04 | 000,242,035 | ---- | M] () -- C:\Program Files\Tata Photon+\Huawei\LocaleMgrPlugin.dll
MOD - [2011/10/13 19:19:04 | 000,209,235 | ---- | M] () -- C:\Program Files\Tata Photon+\Huawei\DeviceMgrPlugin.dll
MOD - [2011/10/13 19:19:04 | 000,205,229 | ---- | M] () -- C:\Program Files\Tata Photon+\Huawei\NetInfoPlugin.dll
MOD - [2011/10/13 19:19:04 | 000,197,115 | ---- | M] () -- C:\Program Files\Tata Photon+\Huawei\FileManager.dll
MOD - [2011/10/13 19:19:04 | 000,193,009 | ---- | M] () -- C:\Program Files\Tata Photon+\Huawei\DialUpPlugin.dll
MOD - [2011/10/13 19:19:04 | 000,188,859 | ---- | M] () -- C:\Program Files\Tata Photon+\Huawei\CallPlugin.dll
MOD - [2011/10/13 19:19:04 | 000,168,400 | ---- | M] () -- C:\Program Files\Tata Photon+\Huawei\XCodec.dll
MOD - [2011/10/13 19:19:04 | 000,168,343 | ---- | M] () -- C:\Program Files\Tata Photon+\Huawei\DeviceOperate.dll
MOD - [2011/10/13 19:19:04 | 000,164,349 | ---- | M] () -- C:\Program Files\Tata Photon+\Huawei\ConfigFilePlugin.dll
MOD - [2011/10/13 19:19:04 | 000,139,645 | ---- | M] () -- C:\Program Files\Tata Photon+\Huawei\NotifyServicePlugin.dll
MOD - [2011/10/13 19:19:04 | 000,119,709 | ---- | M] () -- C:\Program Files\Tata Photon+\Huawei\isaputrace.dll
MOD - [2010/10/21 15:09:38 | 000,247,649 | ---- | M] () -- C:\Users\Prasad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\cssrs.exe
MOD - [2010/08/11 09:02:20 | 000,100,976 | ---- | M] () -- C:\Program Files\VIA\VIAudioi\VDeck\VMicApi.dll
MOD - [2010/08/11 09:02:10 | 064,663,664 | ---- | M] () -- C:\Program Files\VIA\VIAudioi\VDeck\skin.dll
MOD - [2010/08/11 09:02:06 | 000,080,496 | ---- | M] () -- C:\Program Files\VIA\VIAudioi\VDeck\QsApoApi.dll
MOD - [2010/08/11 09:02:04 | 000,113,264 | ---- | M] () -- C:\Program Files\VIA\VIAudioi\VDeck\Dts2ApoApi.dll
========== Win32 Services (SafeList) ==========
SRV - File not found [Auto | Running] -- -- (HWDeviceService.exe)
SRV - [2010/09/07 20:41:59 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Web Scanner)
SRV - [2010/09/07 20:41:59 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Mail Scanner)
SRV - [2010/09/07 20:41:59 | 000,040,384 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2010/09/07 20:41:44 | 000,119,200 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\afwServ.exe -- (avast! Firewall)
SRV - [2009/07/14 06:46:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/14 06:46:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009/07/14 06:45:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
========== Driver Services (SafeList) ==========
DRV - [2011/10/13 19:19:04 | 000,193,792 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ewusbmdm.sys -- (hwdatacard)
DRV - [2011/10/13 19:19:04 | 000,102,784 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ew_hwusbdev.sys -- (ew_hwusbdev)
DRV - [2010/09/07 20:24:16 | 000,099,792 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswFW.sys -- (aswFW)
DRV - [2010/09/07 20:23:58 | 000,340,048 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2010/09/07 20:23:35 | 000,190,416 | ---- | M] (AVAST Software) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\aswNdis2.sys -- (aswNdis2)
DRV - [2010/09/07 20:22:25 | 000,046,672 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2010/09/07 20:22:03 | 000,165,584 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2010/09/07 20:17:46 | 000,023,376 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2010/09/07 20:17:30 | 000,050,768 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2010/09/07 20:17:07 | 000,017,744 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2010/08/04 18:47:00 | 001,143,920 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\viahduaa.sys -- (VIAHdAudAddService)
DRV - [2009/07/14 06:49:10 | 000,175,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vmbus.sys -- (vmbus)
DRV - [2009/07/14 06:49:10 | 000,040,896 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\vmstorfl.sys -- (storflt)
DRV - [2009/07/14 06:49:10 | 000,028,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\storvsc.sys -- (storvsc)
DRV - [2009/07/14 04:58:47 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vms3cap.sys -- (s3cap)
DRV - [2009/07/14 04:58:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\VMBusHID.sys -- (VMBusHID)
DRV - [2009/07/14 03:32:47 | 000,050,688 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\L1C62x86.sys -- (L1C) NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.114116.info
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Preserve
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.114116.info
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\mozilla_cc@internetdownloadmanager.com: C:\Users\Prasad\AppData\Roaming\IDM\idmmzcc3 [2011/10/30 16:05:26 | 000,000,000 | ---D | M]
O1 HOSTS File: ([2009/06/11 03:09:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (IDMIEHlprObj Class) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll (Tonec Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {1392B8D2-5C05-419F-A8F6-B9F15A596612} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - No CLSID value found.
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [HDAudDeck] C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe (VIA)
O4 - HKCU..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe (Tonec Inc.)
O4 - Startup: C:\Users\Prasad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\cssrs.exe ()
O4 - Startup: C:\Users\Prasad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\cssrsmgr.exe ()
O4 - Startup: C:\Users\Prasad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\efayyvfe.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8 - Extra context menu item: Download all links with IDM - C:\Program Files\Internet Download Manager\IEGetAll.htm ()
O8 - Extra context menu item: Download FLV video content with IDM - C:\Program Files\Internet Download Manager\IEGetVL.htm ()
O8 - Extra context menu item: Download with IDM - C:\Program Files\Internet Download Manager\IEExt.htm ()
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab (Java Plug-in 1.6.0_27)
O16 - DPF: {CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab (Java Plug-in 1.6.0_27)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab (Java Plug-in 1.6.0_27)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B6D896AA-E82F-4F85-9F08-84C8C93FA636}: NameServer = 4.2.2.2 121.242.190.180
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) -C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/11 03:12:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2010/11/19 18:37:38 | 000,142,336 | R--- | M] () - F:\AutoRun.exe -- [ CDFS ]
O32 - AutoRun File - [2007/11/25 00:41:52 | 000,000,047 | R--- | M] () - F:\AUTORUN.INF -- [ CDFS ]
O32 - AutoRun File - [2009/07/03 14:13:04 | 000,000,094 | R--- | M] () - F:\autorun.sh -- [ CDFS ]
O33 - MountPoints2\{0b54b152-ec46-11e0-880c-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{0b54b152-ec46-11e0-880c-806e6f6e6963}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- [2010/11/19 18:37:38 | 000,142,336 | R--- | M] ()
O33 - MountPoints2\{3fb9b6c9-ee8c-11e0-8860-8c89a533a41d}\Shell - "" = AutoRun
O33 - MountPoints2\{3fb9b6c9-ee8c-11e0-8860-8c89a533a41d}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- [2010/11/19 18:37:38 | 000,142,336 | R--- | M] ()
O33 - MountPoints2\F\Shell - "" = AutoRun
O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\AutoRun.exe -- [2010/11/19 18:37:38 | 000,142,336 | R--- | M] ()
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: NTDS - File not found
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vmms - Service
SafeBootMin: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: NTDS - File not found
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vmms - Service
SafeBootNet: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Macromedia Shockwave Flash
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
========== Files/Folders - Created Within 30 Days ==========
[2012/01/04 21:26:10 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2012/01/02 22:20:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
[2012/01/02 22:20:21 | 000,000,000 | ---D | C] -- C:\Program Files\7-Zip
[2012/01/02 21:55:08 | 000,000,000 | -HSD | C] -- C:\Config.Msi
========== Files - Modified Within 30 Days ==========
[2012/01/06 21:40:03 | 000,010,016 | ---- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/01/06 21:40:03 | 000,010,016 | ---- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/01/06 21:34:25 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/01/06 21:34:16 | 1583,226,880 | -HS- | M] () -- C:\hiberfil.sys
[2012/01/05 18:15:29 | 000,101,872 | ---- | M] () -- C:\Users\Prasad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\efayyvfe.exe
[2012/01/05 18:15:29 | 000,101,872 | ---- | M] () -- C:\Users\Prasad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\cssrsmgr.exe
[2012/01/03 15:39:39 | 000,414,368 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2012/01/02 23:07:25 | 000,101,872 | ---- | M] () -- C:\Users\Prasad\AppData\Roaming\cssrsmgr.exe
[2012/01/02 22:03:31 | 000,615,122 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012/01/02 22:03:31 | 000,103,496 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012/01/02 21:55:13 | 000,001,984 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
========== Files Created - No Company Name ==========
[2012/01/02 22:21:57 | 004,249,600 | ---- | C] () -- C:\Users\Prasad\Desktop\26113__9780471317517__9780585256054__0471317519.tar_2
[2011/12/25 22:13:11 | 002,073,213 | ---- | C] () -- C:\Users\Prasad\Desktop\Ch2_SM.pdf
[2011/10/13 20:25:28 | 000,021,412 | ---- | C] () -- C:\Windows\System32\emptyregdb.dat
[2011/10/08 21:12:49 | 000,057,344 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2011/09/22 20:50:33 | 000,000,000 | ---- | C] () -- C:\Windows\PROTOCOL.INI
[2011/09/18 00:41:29 | 000,101,872 | ---- | C] () -- C:\Users\Prasad\AppData\Roaming\cssrsmgr.exe
[2011/09/17 21:06:34 | 000,247,649 | -HS- | C] () -- C:\Users\Prasad\AppData\Roaming\cssrs.exe
[2011/09/17 11:34:14 | 000,140,288 | ---- | C] () -- C:\Windows\System32\igfxtvcx.dll
[2011/09/17 11:24:17 | 000,982,220 | ---- | C] () -- C:\Windows\System32\igkrng500.bin
[2011/09/17 11:24:17 | 000,439,300 | ---- | C] () -- C:\Windows\System32\igcompkrng500.bin
[2011/09/17 11:24:17 | 000,092,216 | ---- | C] () -- C:\Windows\System32\igfcg500m.bin
[2011/09/17 11:24:15 | 000,134,592 | ---- | C] () -- C:\Windows\System32\igfcg500.bin
[2009/07/14 10:27:37 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009/07/14 10:03:53 | 000,408,520 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2009/07/14 07:35:48 | 000,615,122 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2009/07/14 07:35:48 | 000,291,294 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2009/07/14 07:35:48 | 000,103,496 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2009/07/14 07:35:48 | 000,031,548 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2009/07/14 07:35:05 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2009/07/14 07:34:11 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2009/07/14 05:49:49 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
[2009/07/14 05:25:01 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009/07/14 05:21:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll
[2009/07/14 05:12:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll
[2009/06/11 02:56:10 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
========== Custom Scans ==========
< %APPDATA%\Microsoft\*.* >
< %systemroot%\system32\config\systemprofile\*.dat /x >
< %USERPROFILE%\Desktop\*.exe >
[2010/10/21 15:09:38 | 000,247,649 | ---- | M] () -- C:\Users\Prasad\Desktop\idman5.18.4.full.rox1234.exe
< %PROGRAMFILES%\Common Files\*.* >
< %systemroot%\winn32\*.* >
< %USERPROFILE%\My Documents\*.exe >
< %USERPROFILE%\*.exe >
< %PROGRAMFILES%\Mozilla Firefox\*.exe >
< %ProgramFiles%\TinyProxy. >
< %systemroot%\system32\*.* /lockedfiles >
< %systemroot%\Tasks\*.job /lockedfiles >
< %systemroot%\system32\drivers\*.* /lockedfiles >
< %PROGRAMFILES%\*. >
[2012/01/02 22:20:22 | 000,000,000 | ---D | M] -- C:\Program Files\7-Zip
[2011/10/30 15:59:24 | 000,000,000 | ---D | M] -- C:\Program Files\Adobe
[2011/10/30 15:59:26 | 000,000,000 | ---D | M] -- C:\Program Files\Alwil Software
[2011/10/30 15:59:34 | 000,000,000 | ---D | M] -- C:\Program Files\C-Free 5
[2011/10/30 15:59:35 | 000,000,000 | ---D | M] -- C:\Program Files\CCleaner
[2011/10/30 15:59:35 | 000,000,000 | ---D | M] -- C:\Program Files\Common Files
[2011/10/30 15:59:43 | 000,000,000 | ---D | M] -- C:\Program Files\Cucusoft
[2009/07/14 13:20:29 | 000,000,000 | ---D | M] -- C:\Program Files\DVD Maker
[2011/10/30 15:59:43 | 000,000,000 | ---D | M] -- C:\Program Files\Google
[2011/10/30 15:59:49 | 000,000,000 | ---D | M] -- C:\Program Files\ImgBurn
[2011/11/14 18:06:07 | 000,000,000 | -H-D | M] -- C:\Program Files\InstallShield Installation Information
[2011/10/30 18:08:31 | 000,000,000 | ---D | M] -- C:\Program Files\Intel
[2011/10/31 22:32:13 | 000,000,000 | ---D | M] -- C:\Program Files\Internet Download Manager
[2009/07/14 10:26:49 | 000,000,000 | ---D | M] -- C:\Program Files\Internet Explorer
[2011/10/30 15:59:49 | 000,000,000 | ---D | M] -- C:\Program Files\Java
[2011/11/07 12:17:45 | 000,000,000 | ---D | M] -- C:\Program Files\MATLAB
[2009/07/14 13:20:24 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Games
[2011/10/30 16:00:22 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Office
[2011/10/30 16:00:22 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Visual Studio
[2011/10/30 16:00:23 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Visual Studio 8
[2011/10/30 16:00:23 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Works
[2011/10/30 16:00:23 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft.NET
[2011/10/30 16:00:23 | 000,000,000 | ---D | M] -- C:\Program Files\MSBuild
[2009/07/14 10:22:30 | 000,000,000 | ---D | M] -- C:\Program Files\Reference Assemblies
[2011/10/30 16:00:23 | 000,000,000 | ---D | M] -- C:\Program Files\Softland
[2011/10/30 16:00:23 | 000,000,000 | ---D | M] -- C:\Program Files\Tata Photon+
[2009/07/14 10:23:23 | 000,000,000 | -H-D | M] -- C:\Program Files\Uninstall Information
[2011/10/30 16:00:28 | 000,000,000 | ---D | M] -- C:\Program Files\VIA
[2011/10/30 16:00:28 | 000,000,000 | ---D | M] -- C:\Program Files\VideoLAN
[2009/07/14 10:26:49 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Defender
[2009/07/14 13:20:04 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Journal
[2009/07/14 10:26:49 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Mail
[2009/07/14 10:26:49 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Media Player
[2009/07/14 10:22:30 | 000,000,000 | ---D | M] -- C:\Program Files\Windows NT
[2009/07/14 10:26:49 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Photo Viewer
[2009/07/14 10:22:32 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Portable Devices
[2009/07/14 10:26:49 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Sidebar
[2011/10/31 22:32:14 | 000,000,000 | ---D | M] -- C:\Program Files\WinRAR
< MD5 for: AGP440.SYS >
[2009/07/14 06:56:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\drivers\AGP440.sys
[2009/07/14 06:56:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_x86_neutral_65848c2d7375a720\AGP440.sys
[2009/07/14 06:56:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_b9e9435f20046eeb\AGP440.sys
< MD5 for: ATAPI.SYS >
[2009/07/14 06:56:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\drivers\atapi.sys
[2009/07/14 06:56:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_f64b9c35a3a5be81\atapi.sys
[2009/07/14 06:56:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_dd0e7e3d82dd640d\atapi.sys
< MD5 for: DISK.SYS >
[2009/07/14 06:50:27 | 000,057,424 | ---- | M] (Microsoft Corporation) MD5=565003F326F99802E68CA78F2A68E9FF -- C:\Windows\System32\drivers\disk.sys
[2009/07/14 06:50:27 | 000,057,424 | ---- | M] (Microsoft Corporation) MD5=565003F326F99802E68CA78F2A68E9FF -- C:\Windows\System32\DriverStore\FileRepository\disk.inf_x86_neutral_b431b61a11f8df6c\disk.sys
[2009/07/14 06:50:27 | 000,057,424 | ---- | M] (Microsoft Corporation) MD5=565003F326F99802E68CA78F2A68E9FF -- C:\Windows\winsxs\x86_disk.inf_31bf3856ad364e35_6.1.7600.16385_none_f99cd807d58018cb\disk.sys
< MD5 for: NETLOGON.DLL >
[2009/07/14 06:46:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\System32\netlogon.dll
[2009/07/14 06:46:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_fd8e0d66994d7dc8\netlogon.dll
< MD5 for: NVSTOR.SYS >
[2009/07/14 06:50:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- C:\Windows\System32\drivers\nvstor.sys
[2009/07/14 06:50:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_5bde3fe2945bce9e\nvstor.sys
[2009/07/14 06:50:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_39b1194b205239d8\nvstor.sys
< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
< hklm\software\clients\startmenuinternet|command /rs >
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\Windows\System32\ie4uinit.exe" -show [2009/07/14 06:44:21 | 000,176,128 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\Windows\System32\ie4uinit.exe" -reinstall [2009/07/14 06:44:21 | 000,176,128 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\Windows\System32\ie4uinit.exe" -hide [2009/07/14 06:44:21 | 000,176,128 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" -extoff [2009/07/14 06:47:29 | 000,673,048 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\Program Files\Internet Explorer\iexplore.exe [2009/07/14 06:47:29 | 000,673,048 | ---- | M] (Microsoft Corporation)
< hklm\software\clients\startmenuinternet|command /64 /rs >
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\Windows\System32\ie4uinit.exe" -show [2009/07/14 06:44:21 | 000,176,128 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\Windows\System32\ie4uinit.exe" -reinstall [2009/07/14 06:44:21 | 000,176,128 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\Windows\System32\ie4uinit.exe" -hide [2009/07/14 06:44:21 | 000,176,128 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" -extoff [2009/07/14 06:47:29 | 000,673,048 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\Program Files\Internet Explorer\iexplore.exe [2009/07/14 06:47:29 | 000,673,048 | ---- | M] (Microsoft Corporation)
< End of report >
OTL Extras logfile created on: 1/6/2012 10:29:06 PM - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Prasad\Documents\Downloads\Programs
Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1.97 Gb Total Physical Memory | 1.10 Gb Available Physical Memory | 56.15% Memory free
3.93 Gb Paging File | 2.91 Gb Available in Paging File | 74.11% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 29.19 Gb Total Space | 8.70 Gb Free Space | 29.80% Space Free | Partition Type: NTFS
Drive D: | 36.13 Gb Total Space | 1.66 Gb Free Space | 4.60% Space Free | Partition Type: NTFS
Drive E: | 6.83 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF
Drive F: | 36.34 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive I: | 9.10 Gb Total Space | 2.92 Gb Free Space | 32.11% Space Free | Partition Type: NTFS
Computer Name: PRASAD-PC | User Name: Prasad | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"D:\C - Free\C_Free_Professional_v5_0_0_keygen.exe" = D:\C - Free\C_Free_Professional_v5_0_0_keygen.exe:*:Enabled:C_Free_Professional_v5_0_0_keygen -- ()
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00203668-8170-44A0-BE44-B632FA4D780F}" = Adobe AIR
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{20D4A895-748C-4D88-871C-FDB1695B0169}" = Platform
"{26A24AE4-039D-4CA4-87B4-2F83216027FF}" = Java(TM) 6 Update 27
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{5545EEE1-FA36-4F76-B6BE-5696E7F4E2D6}" = VBA (2627.01)
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{AC76BA86-7AD7-1033-7B44-A92000000001}" = Adobe Reader 9.2
"{C1E2523A-2F4C-45F2-BBCE-7247163ECE15}" = Tally 9
"3D Home Architect Deluxe 3.0" = 3D Home Architect(r) Deluxe 3.0
"7-Zip" = 7-Zip 9.20
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"avast5" = avast! Internet Security
"CCleaner" = CCleaner (remove only)
"C-Free 5.0_is1" = C-Free 5.0 Professional
"doPDF 7 printer_is1" = doPDF 7.2 printer
"ENTERPRISE" = Microsoft Office Enterprise 2007
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"ImgBurn" = ImgBurn
"InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}" = VIA Platform Device Manager
"Internet Download Manager" = Internet Download Manager
"MatlabR2007b" = MATLAB R2007b
"Picasa 3" = Picasa 3
"Tata Photon+" = Tata Photon+
"TVWiz" = Intel(R) TV Wizard
"VLC media player" = VLC media player 1.1.11
"WinRAR archiver" = WinRAR 4.01 (32-bit)
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 1/5/2012 1:58:57 PM | Computer Name = Prasad-PC | Source = Application Error | ID = 1000
Description = Faulting application name: vlc.exe, version: 1.1.11.0, time stamp:
0x4e1edf37 Faulting module name: vlc.exe, version: 1.1.11.0, time stamp: 0x4e1edf37
Exception
code: 0xc0000005 Fault offset: 0x000016ee Faulting process id: 0x454 Faulting application
start time: 0x01cccbd3b1930084 Faulting application path: C:\Program Files\VideoLAN\VLC\vlc.exe
Faulting
module path: C:\Program Files\VideoLAN\VLC\vlc.exe Report Id: efdd2b03-37c6-11e1-b56d-a106be6390dc
Error - 1/5/2012 9:02:01 PM | Computer Name = Prasad-PC | Source = Application Error | ID = 1000
Description = Faulting application name: AUDIODG.EXE, version: 6.1.7600.16385, time
stamp: 0x4a5bcb44 Faulting module name: VIASysFx.dll, version: 1.0.0.0, time stamp:
0x4c5937da Exception code: 0xc0000094 Fault offset: 0x0005a90e Faulting process id:
0x3e8 Faulting application start time: 0x01cccc0eb1dcd0c4 Faulting application path:
C:\Windows\system32\AUDIODG.EXE Faulting module path: C:\Windows\system32\VIASysFx.dll
Report
Id: 09d18583-3802-11e1-a657-b48cd72bfef4
Error - 1/6/2012 12:05:22 PM | Computer Name = Prasad-PC | Source = Windows Search Service | ID = 7040
Description =
Error - 1/6/2012 12:05:22 PM | Computer Name = Prasad-PC | Source = Windows Search Service | ID = 7042
Description =
Error - 1/6/2012 12:05:22 PM | Computer Name = Prasad-PC | Source = Windows Search Service | ID = 3029
Description =
Error - 1/6/2012 12:05:22 PM | Computer Name = Prasad-PC | Source = Windows Search Service | ID = 3028
Description =
Error - 1/6/2012 12:05:22 PM | Computer Name = Prasad-PC | Source = Windows Search Service | ID = 3058
Description =
Error - 1/6/2012 12:05:22 PM | Computer Name = Prasad-PC | Source = Windows Search Service | ID = 7010
Description =
Error - 1/6/2012 12:05:22 PM | Computer Name = Prasad-PC | Source = Windows Search Service | ID = 7040
Description =
Error - 1/6/2012 12:05:22 PM | Computer Name = Prasad-PC | Source = Windows Search Service | ID = 7042
Description =
[ Media Center Events ]
Error - 11/18/2011 6:49:26 PM | Computer Name = Prasad-PC | Source = MCUpdate | ID = 0
Description = 4:19:10 AM - Error connecting to the internet. 4:19:10 AM - Unable
to contact server..
Error - 11/25/2011 10:33:53 AM | Computer Name = Prasad-PC | Source = MCUpdate | ID = 0
Description = 8:03:53 PM - Error connecting to the internet. 8:03:53 PM - Unable
to contact server..
Error - 11/25/2011 10:34:11 AM | Computer Name = Prasad-PC | Source = MCUpdate | ID = 0
Description = 8:03:58 PM - Error connecting to the internet. 8:03:58 PM - Unable
to contact server..
Error - 11/26/2011 11:28:04 AM | Computer Name = Prasad-PC | Source = MCUpdate | ID = 0
Description = 8:58:02 PM - Error connecting to the internet. 8:58:04 PM - Unable
to contact server..
Error - 11/26/2011 11:28:21 AM | Computer Name = Prasad-PC | Source = MCUpdate | ID = 0
Description = 8:58:10 PM - Error connecting to the internet. 8:58:10 PM - Unable
to contact server..
Error - 11/27/2011 5:58:43 AM | Computer Name = Prasad-PC | Source = MCUpdate | ID = 0
Description = 3:28:42 PM - Error connecting to the internet. 3:28:42 PM - Unable
to contact server..
Error - 11/27/2011 5:59:14 AM | Computer Name = Prasad-PC | Source = MCUpdate | ID = 0
Description = 3:28:53 PM - Error connecting to the internet. 3:28:53 PM - Unable
to contact server..
Error - 11/27/2011 10:31:49 AM | Computer Name = Prasad-PC | Source = MCUpdate | ID = 0
Description = 8:01:49 PM - Error connecting to the internet. 8:01:49 PM - Unable
to contact server..
Error - 11/27/2011 10:31:58 AM | Computer Name = Prasad-PC | Source = MCUpdate | ID = 0
Description = 8:01:54 PM - Error connecting to the internet. 8:01:54 PM - Unable
to contact server..
Error - 12/22/2011 12:45:36 PM | Computer Name = Prasad-PC | Source = MCUpdate | ID = 0
Description = 10:15:19 PM - Error connecting to the internet. 10:15:19 PM - Unable
to contact server..
[ OSession Events ]
Error - 12/30/2011 11:16:47 AM | Computer Name = Prasad-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 1410
seconds with 180 seconds of active time. This session ended with a crash.
[ System Events ]
Error - 12/31/2011 10:03:29 AM | Computer Name = Prasad-PC | Source = Service Control Manager | ID = 7031
Description = The Windows Search service terminated unexpectedly. It has done this
1 time(s). The following corrective action will be taken in 30000 milliseconds:
Restart the service.
Error - 1/3/2012 8:51:45 AM | Computer Name = Prasad-PC | Source = volsnap | ID = 393252
Description = The shadow copies of volume C: were aborted because the shadow copy
storage could not grow due to a user imposed limit.
Error - 1/3/2012 5:04:30 PM | Computer Name = Prasad-PC | Source = volsnap | ID = 393252
Description = The shadow copies of volume C: were aborted because the shadow copy
storage could not grow due to a user imposed limit.
Error - 1/4/2012 11:36:15 AM | Computer Name = Prasad-PC | Source = volsnap | ID = 393252
Description = The shadow copies of volume C: were aborted because the shadow copy
storage could not grow due to a user imposed limit.
Error - 1/4/2012 11:56:16 AM | Computer Name = Prasad-PC | Source = BugCheck | ID = 1001
Description =
Error - 1/5/2012 9:01:12 PM | Computer Name = Prasad-PC | Source = EventLog | ID = 6008
Description = The previous system shutdown at 11:45:57 PM on ?1/?5/?2012 was unexpected.
Error - 1/6/2012 12:04:26 PM | Computer Name = Prasad-PC | Source = EventLog | ID = 6008
Description = The previous system shutdown at 9:32:53 PM on ?1/?6/?2012 was unexpected.
Error - 1/6/2012 12:04:33 PM | Computer Name = PRASAD-PC | Source = BugCheck | ID = 1001
Description =
Error - 1/6/2012 12:05:22 PM | Computer Name = Prasad-PC | Source = Service Control Manager | ID = 7024
Description = The Windows Search service terminated with service-specific error
%%-1073473536.
Error - 1/6/2012 12:05:22 PM | Computer Name = Prasad-PC | Source = Service Control Manager | ID = 7031
Description = The Windows Search service terminated unexpectedly. It has done this
1 time(s). The following corrective action will be taken in 30000 milliseconds:
Restart the service.
< End of report >
- Belahzur
Site Admin
-
OS : 7 Home Premium x64
Posts : 34946
Rubies : 217930
Likes : 18 -
Belahzur on 13th January 2012, 1:24 am
Please download and run this tool.
Download Malwarebytes' Anti-Malware from Here
Double Click mbam-setup.exe to install the application.
If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts.
Click OK to either and let MBAM proceed with the disinfection process.
If asked to restart the computer, please do so immediately.
Post the contents of the MBAM Log.
Download Malwarebytes' Anti-Malware from Here
Double Click mbam-setup.exe to install the application.
- Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
- If an update is found, it will download and install the latest version.
- Once the program has loaded, select "Perform Quick Scan", then click Scan.
- The scan may take some time to finish,so please be patient.
- When the scan is complete, click OK, then Show Results to view the results.
- Make sure that everything is checked, and click Remove Selected.
- When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Note)
- The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts.
Click OK to either and let MBAM proceed with the disinfection process.
If asked to restart the computer, please do so immediately.
Post the contents of the MBAM Log.
Site Admin / Security Administrator
[Prework] - Please PM me if I fail to respond within 24hrs.
Similar topics
Create an account or log in to leave a reply
You need to be a member in order to leave a reply.
Page 1 of 1
Permissions in this forum:
You can reply to topics in this forum
