Jump to content

raviaditya

Members
 View Profile  See their activity

  • Posts

    5

  • Joined

  • Last visited

Reputation

0 Neutral
  1. raviaditya
    Perfect! Thanks so much for all your help! You guys are Superstars
  2. raviaditya
    Hello! Thanks for your help. Here is the OTLfix log: All processes killed ========== OTL ========== HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully! Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}\ not found. HKEY_USERS\S-1-5-21-1779918490-3245665379-4120766740-1000\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully! Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{99079a25-328f-4bd4-be04-00955acaa0a7}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{99079a25-328f-4bd4-be04-00955acaa0a7}\ deleted successfully. File C:\Program Files\Searchqu Toolbar\Datamngr\ToolBar\searchqudtx.dll not found. Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9D717F81-9148-4f12-8568-69135F087DB0}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9D717F81-9148-4f12-8568-69135F087DB0}\ not found. File C:\Program Files\Searchqu Toolbar\Datamngr\BrowserConnection.dll not found. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{99079a25-328f-4bd4-be04-00955acaa0a7} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{99079a25-328f-4bd4-be04-00955acaa0a7}\ not found. File C:\Program Files\Searchqu Toolbar\Datamngr\ToolBar\searchqudtx.dll not found. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\10 deleted successfully. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully. Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_Dlls:C:\PROGRA~1\SEARCH~1\Datamngr\datamngr.dll deleted successfully. C:\Program Files\Searchqu Toolbar\Datamngr\datamngr.dll moved successfully. Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_Dlls:C:\PROGRA~1\SEARCH~1\Datamngr\IEBHO.dll deleted successfully. File C:\Program Files\Searchqu Toolbar\Datamngr\IEBHO.dll not found. ========== FILES ========== C:\Program Files\Searchqu Toolbar\Datamngr folder moved successfully. C:\Program Files\Searchqu Toolbar folder moved successfully. ========== COMMANDS ========== [EMPTYTEMP] User: a ->Temp folder emptied: 239528948 bytes ->Temporary Internet Files folder emptied: 8939082 bytes ->Java cache emptied: 33131 bytes ->Google Chrome cache emptied: 393931506 bytes ->Flash cache emptied: 63032 bytes User: All Users User: Default ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes ->Flash cache emptied: 56466 bytes User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes ->Flash cache emptied: 0 bytes User: Public %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 89173511 bytes RecycleBin emptied: 30706694 bytes Total Files Cleaned = 727.00 mb Restore point Set: OTL Restore Point OTL by OldTimer - Version 3.2.43.0 log created on 05142012_124804 Files\Folders moved on Reboot... Registry entries deleted on Reboot...
  3. raviaditya
    So sorry for the incomplete post.... here are the outputs of OTL.txt and EXTRAS.txt OTL logfile created on: 5/14/2012 12:01:32 PM - Run 1 OTL by OldTimer - Version 3.2.43.0 Folder = C:\Users\a\Desktop Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 8.0.7600.16385) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 2.99 Gb Total Physical Memory | 1.43 Gb Available Physical Memory | 47.74% Memory free 5.98 Gb Paging File | 4.24 Gb Available in Paging File | 70.93% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 158.14 Gb Total Space | 37.91 Gb Free Space | 23.97% Space Free | Partition Type: NTFS Drive D: | 68.59 Gb Total Space | 50.66 Gb Free Space | 73.86% Space Free | Partition Type: NTFS Drive F: | 465.76 Gb Total Space | 221.19 Gb Free Space | 47.49% Space Free | Partition Type: NTFS Computer Name: 21A-L03 | User Name: a | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Quick Scan Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2012/05/14 11:55:08 | 000,595,456 | ---- | M] (OldTimer Tools) -- C:\Users\a\Desktop\OTL.exe PRC - [2012/05/10 10:39:31 | 000,005,632 | ---- | M] (Absolute Software Corp.) -- C:\Windows\System32\ctrestrt.exe PRC - [2012/04/12 05:27:08 | 000,069,640 | ---- | M] (Nalpeiron Ltd.) -- C:\Windows\System32\NLSSRV32.EXE PRC - [2012/04/12 05:27:00 | 000,175,624 | ---- | M] (Nitro PDF Software) -- C:\Program Files\Nitro PDF\Professional 7\NitroPDFDriverService2.exe PRC - [2012/04/07 11:47:35 | 000,234,080 | ---- | M] (K7 Computing Pvt Ltd) -- C:\Program Files\K7 Computing\K7TSecurity\K7FWSrvc.exe PRC - [2012/04/07 11:47:33 | 000,159,328 | ---- | M] (K7 Computing Pvt Ltd) -- C:\Program Files\K7 Computing\K7TSecurity\K7PSSrvc.exe PRC - [2012/04/03 18:56:36 | 000,197,728 | ---- | M] (K7 Computing Pvt Ltd) -- C:\Program Files\K7 Computing\K7TSecurity\K7RTScan.exe PRC - [2012/03/16 12:00:11 | 000,218,440 | ---- | M] (K7 Computing Pvt Ltd) -- C:\Program Files\K7 Computing\K7TSecurity\K7TSMngr.exe PRC - [2012/03/12 17:42:01 | 001,694,608 | ---- | M] (Bandoo Media, inc) -- C:\Program Files\Searchqu Toolbar\Datamngr\datamngrUI.exe PRC - [2012/02/21 00:14:04 | 000,058,288 | ---- | M] (Absolute Software Corp.) -- C:\Windows\System32\rpcnet.exe PRC - [2012/02/16 15:32:16 | 000,148,576 | ---- | M] (K7 Computing Pvt Ltd) -- C:\Program Files\K7 Computing\K7TSecurity\K7EmlPxy.exe PRC - [2012/02/16 15:31:55 | 000,159,840 | ---- | M] (K7 Computing Pvt Ltd) -- C:\Program Files\K7 Computing\K7TSecurity\K7TSecurity.exe PRC - [2011/12/21 19:46:54 | 000,262,752 | ---- | M] (K7 Computing Pvt Ltd) -- C:\Program Files\K7 Computing\K7TSecurity\K7CrvSvc.exe PRC - [2011/11/05 17:20:22 | 000,097,376 | ---- | M] (K7 Computing Pvt Ltd) -- C:\Program Files\K7 Computing\K7TSecurity\K7TSAlrt.exe PRC - [2011/11/05 17:20:19 | 000,072,800 | ---- | M] (K7 Computing Pvt Ltd) -- C:\Program Files\K7 Computing\K7TSecurity\K7SysMon.Exe PRC - [2011/03/15 17:59:32 | 000,312,184 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe PRC - [2010/01/25 10:59:38 | 001,286,144 | ---- | M] (Luidia, Inc.) -- C:\Program Files\Luidia\eBeam Device Service\eBeamDeviceServiceUI.exe PRC - [2010/01/25 10:59:14 | 000,180,224 | ---- | M] (Luidia, Inc.) -- C:\Program Files\Luidia\eBeam Device Service\eBeamDeviceServiceMain.exe PRC - [2010/01/20 16:21:58 | 004,673,536 | ---- | M] (Luidia, Inc.) -- C:\Program Files\Luidia\eBeam Interact\eBeamInteractive.exe PRC - [2009/09/15 18:36:38 | 000,888,752 | ---- | M] (TOSHIBA) -- C:\Program Files\TOSHIBA\TFPU\TFPUPWDBank.exe PRC - [2009/09/11 13:51:48 | 001,811,704 | ---- | M] (AuthenTec, Inc.) -- C:\Program Files\Fingerprint Sensor\AtService.exe PRC - [2009/07/14 06:44:42 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe PRC - [2009/07/14 06:44:20 | 002,613,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2007/07/24 11:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) -- c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe PRC - [2007/01/11 17:56:56 | 000,063,112 | ---- | M] (CANON INC.) -- C:\Windows\System32\CNAB4RPK.EXE PRC - [2004/12/14 02:12:02 | 000,483,328 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\Adobe\Acrobat 7.0\Distillr\acrotray.exe ========== Modules (No Company Name) ========== MOD - [2012/04/28 07:37:01 | 000,444,400 | ---- | M] () -- C:\Users\a\AppData\Local\Google\Chrome\Application\18.0.1025.168\ppgooglenaclpluginchrome.dll MOD - [2012/04/28 07:36:59 | 003,915,248 | ---- | M] () -- C:\Users\a\AppData\Local\Google\Chrome\Application\18.0.1025.168\pdf.dll MOD - [2012/04/28 07:35:45 | 000,544,240 | ---- | M] () -- C:\Users\a\AppData\Local\Google\Chrome\Application\18.0.1025.168\libglesv2.dll MOD - [2012/04/28 07:35:44 | 000,117,744 | ---- | M] () -- C:\Users\a\AppData\Local\Google\Chrome\Application\18.0.1025.168\libegl.dll MOD - [2012/04/28 07:35:34 | 000,122,880 | ---- | M] () -- C:\Users\a\AppData\Local\Google\Chrome\Application\18.0.1025.168\avutil-51.dll MOD - [2012/04/28 07:35:33 | 000,220,672 | ---- | M] () -- C:\Users\a\AppData\Local\Google\Chrome\Application\18.0.1025.168\avformat-53.dll MOD - [2012/04/28 07:35:32 | 001,747,456 | ---- | M] () -- C:\Users\a\AppData\Local\Google\Chrome\Application\18.0.1025.168\avcodec-53.dll MOD - [2012/04/28 06:39:18 | 008,743,584 | ---- | M] () -- C:\Users\a\AppData\Local\Google\Chrome\Application\18.0.1025.168\gcswf32.dll MOD - [2009/09/11 15:13:18 | 000,244,656 | ---- | M] () -- C:\Program Files\TOSHIBA\TFPU\TFPUCommon.dll MOD - [2009/01/28 15:27:22 | 000,523,776 | ---- | M] () -- C:\Program Files\Luidia\eBeam Interact\eBeamSAR.dll MOD - [2008/10/23 14:02:26 | 000,094,208 | ---- | M] () -- C:\Program Files\Luidia\eBeam Interact\VistaCoreSoundAPIWrap.dll MOD - [2008/08/09 21:56:40 | 000,132,608 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll ========== Win32 Services (SafeList) ========== SRV - [2012/04/18 13:53:22 | 000,253,088 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2012/04/12 05:27:08 | 000,069,640 | ---- | M] (Nalpeiron Ltd.) [Auto | Running] -- C:\Windows\System32\NLSSRV32.EXE -- (nlsX86cc) SRV - [2012/04/12 05:27:00 | 000,175,624 | ---- | M] (Nitro PDF Software) [Auto | Running] -- C:\Program Files\Nitro PDF\Professional 7\NitroPDFDriverService2.exe -- (NitroDriverReadSpool2) SRV - [2012/04/07 11:47:35 | 000,234,080 | ---- | M] (K7 Computing Pvt Ltd) [Auto | Running] -- C:\Program Files\K7 Computing\K7TSecurity\K7FWSrvc.exe -- (K7FWSrvc) SRV - [2012/04/07 11:47:33 | 000,159,328 | ---- | M] (K7 Computing Pvt Ltd) [Auto | Running] -- C:\Program Files\K7 Computing\K7TSecurity\K7PSSrvc.exe -- (K7PSSrvc) SRV - [2012/04/03 18:56:36 | 000,197,728 | ---- | M] (K7 Computing Pvt Ltd) [Auto | Running] -- C:\Program Files\K7 Computing\K7TSecurity\K7RTScan.exe -- (K7RTScan) SRV - [2012/03/16 12:00:11 | 000,218,440 | ---- | M] (K7 Computing Pvt Ltd) [Auto | Running] -- C:\Program Files\K7 Computing\K7TSecurity\K7TSMngr.exe -- (K7TSMngr) SRV - [2012/02/21 00:14:04 | 000,058,288 | ---- | M] (Absolute Software Corp.) [Auto | Running] -- C:\Windows\System32\rpcnet.exe -- (rpcnet) Remote Procedure Call (RPC) SRV - [2012/02/16 15:32:16 | 000,148,576 | ---- | M] (K7 Computing Pvt Ltd) [Auto | Running] -- C:\Program Files\K7 Computing\K7TSecurity\K7EmlPxy.exe -- (K7EmlPxy) SRV - [2011/12/21 19:46:54 | 000,262,752 | ---- | M] (K7 Computing Pvt Ltd) [Auto | Running] -- C:\Program Files\K7 Computing\K7TSecurity\K7CrvSvc.exe -- (K7CrvSvc) SRV - [2011/11/05 17:20:15 | 000,303,712 | ---- | M] (K7 Computing Pvt Ltd) [On_Demand | Stopped] -- C:\Program Files\K7 Computing\K7TSecurity\K7SpmSrc.exe -- (K7SpmSrc) SRV - [2010/02/19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard) SRV - [2010/01/25 10:59:14 | 000,180,224 | ---- | M] (Luidia, Inc.) [Auto | Running] -- C:\Program Files\Luidia\eBeam Device Service\eBeamDeviceServiceMain.exe -- (eBeam Device Service) SRV - [2009/09/11 13:51:48 | 001,811,704 | ---- | M] (AuthenTec, Inc.) [Auto | Running] -- C:\Program Files\Fingerprint Sensor\AtService.exe -- (ATService) SRV - [2009/07/14 06:46:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc) SRV - [2009/07/14 06:46:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc) SRV - [2009/07/14 06:45:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV - [2007/07/24 11:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) [Auto | Running] -- c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2) ========== Driver Services (SafeList) ========== DRV - [2012/03/30 10:42:35 | 001,077,816 | ---- | M] (K7 Computing Pvt Ltd) [File_System | Boot | Running] -- C:\Windows\System32\drivers\K7Sentry.sys -- (K7Sentry) DRV - [2011/07/06 14:09:00 | 000,035,872 | ---- | M] (K7 Computing Pvt Ltd) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\K7FWHlpr.sys -- (K7FWHlpr) DRV - [2009/09/14 10:31:54 | 000,659,328 | ---- | M] (AuthenTec, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ATSwpWDF.sys -- (ATSwpWDF) DRV - [2009/07/14 06:49:10 | 000,175,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus) DRV - [2009/07/14 06:49:10 | 000,040,896 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt) DRV - [2009/07/14 06:49:10 | 000,028,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc) DRV - [2009/07/14 04:58:47 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap) DRV - [2009/07/14 04:58:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID) DRV - [2009/07/14 03:32:53 | 000,311,296 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\yk62x86.sys -- (yukonw7) DRV - [2009/07/14 03:32:51 | 004,231,168 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\netw5v32.sys -- (netw5v32) Intel® DRV - [2009/04/18 21:00:58 | 000,013,600 | ---- | M] (K7 Computing Pvt Ltd) [Kernel | System | Running] -- C:\Windows\System32\drivers\K7TdiHlp.sys -- (K7TdiHlp) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = http://dts.search-results.com/sr?src=ieb&appid=101&systemid=406&sr=0&q={searchTerms} IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-1779918490-3245665379-4120766740-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Preserve IE - HKU\S-1-5-21-1779918490-3245665379-4120766740-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank IE - HKU\S-1-5-21-1779918490-3245665379-4120766740-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp IE - HKU\S-1-5-21-1779918490-3245665379-4120766740-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us IE - HKU\S-1-5-21-1779918490-3245665379-4120766740-1000\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} IE - HKU\S-1-5-21-1779918490-3245665379-4120766740-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKU\S-1-5-21-1779918490-3245665379-4120766740-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_32: C:\Windows\system32\npdeployJava1.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@k7computing.com/k7webprotection: C:\Program Files\\K7 Computing\K7TSecurity\npK7SRNPExt.dll () FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\a\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\a\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{C1CA7765-44E4-452e-9D00-A04F3D434281}: C:\Program Files\TOSHIBA\TFPU\FirefoxAddin [2012/04/18 14:05:44 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\k7srff@k7computing.com: C:\Program Files\K7 Computing\K7TSecurity\K7SR [2012/05/03 11:40:24 | 000,000,000 | ---D | M] ========== Chrome ========== CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}, CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Users\a\AppData\Local\Google\Chrome\Application\18.0.1025.168\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\a\AppData\Local\Google\Chrome\Application\18.0.1025.168\pdf.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Users\a\AppData\Local\Google\Chrome\Application\18.0.1025.168\gcswf32.dll CHR - plugin: Shockwave Flash (Disabled) = C:\Users\a\AppData\Local\Google\Chrome\User Data\PepperFlash\11.1.31.203\pepflashplayer.dll CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll CHR - plugin: Java Platform SE 6 U32 (Enabled) = C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll CHR - plugin: Java Deployment Toolkit 6.0.320.5 (Enabled) = C:\Windows\system32\npdeployJava1.dll CHR - plugin: K7Security Suite of Products (Enabled) = C:\Program Files\\K7 Computing\K7TSecurity\npK7SRNPExt.dll CHR - plugin: Google Update (Enabled) = C:\Users\a\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll CHR - Extension: Angry Birds = C:\Users\a\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj\1.1.2.1_0\ CHR - Extension: Last.fm free music player = C:\Users\a\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbncpldmanoknoahidbgmkgobgmhnafh\2.9.68_0\ CHR - Extension: YouTube = C:\Users\a\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\ CHR - Extension: Google Search = C:\Users\a\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\ CHR - Extension: Zomato = C:\Users\a\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpkojgbclmcfkcangfplnaakcmgoambl\1.0.1_0\ CHR - Extension: ESPN Cricinfo = C:\Users\a\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlklinjgampohhihndkofhhaahoicoip\1.0.0_0\ CHR - Extension: TweetDeck = C:\Users\a\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbdpomandigafcibbmofojjchbcdagbl\1.4_0\ CHR - Extension: bitly | a simple URL shortener = C:\Users\a\AppData\Local\Google\Chrome\User Data\Default\Extensions\iabeihobmhlgpkcgjiloemdbofjbdcic\1.3.1.5_0\ CHR - Extension: ESPN Cricinfo = C:\Users\a\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijhlikjoigjegofbedmfmlcfkmhabldh\1.8.4.1_0\ CHR - Extension: Quick Note = C:\Users\a\AppData\Local\Google\Chrome\User Data\Default\Extensions\mijlebbfndhelmdpmllgcfadlkankhok\1.3.4_0\ CHR - Extension: FastestChrome - Browse Faster = C:\Users\a\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmffncokckfccddfenhkhnllmlobdahm\6.1.3_0\ CHR - Extension: Send from Gmail (by Google) = C:\Users\a\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgphcomnlaojlmmcjmiddhdapjpbgeoc\1.12_0\ CHR - Extension: Gmail = C:\Users\a\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\ O1 HOSTS File: ([2009/06/11 03:09:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O2 - BHO: (TFPUPWDBankBHO Class) - {030AC7B6-E7EC-40F1-8FB2-C0FD344DE0B9} - C:\Program Files\TOSHIBA\TFPU\TFPUPWDBankBHO.dll (TODO: <Company name>) O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) O2 - BHO: (K7 Web Protection) - {08B3B4B6-02DA-4658-8BA6-5974E3EBB03D} - C:\Program Files\K7 Computing\K7TSecurity\K7SRExt.dll (K7 Computing Pvt Ltd) O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\Program Files\Searchqu Toolbar\Datamngr\ToolBar\searchqudtx.dll () O2 - BHO: (DataMngr) - {9D717F81-9148-4f12-8568-69135F087DB0} - C:\Program Files\Searchqu Toolbar\Datamngr\BrowserConnection.dll (Bandoo Media, inc) O2 - BHO: (AcroIEToolbarHelper Class) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O3 - HKLM\..\Toolbar: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\Program Files\Searchqu Toolbar\Datamngr\ToolBar\searchqudtx.dll () O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found. O3 - HKU\S-1-5-21-1779918490-3245665379-4120766740-1000\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [Acrobat Assistant 7.0] C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe (Adobe Systems Inc.) O4 - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [AdobeCS5.5ServiceManager] "C:\Program Files\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin File not found O4 - HKLM..\Run: [DATAMNGR] C:\Program Files\Searchqu Toolbar\Datamngr\datamngrUI.exe (Bandoo Media, inc) O4 - HKLM..\Run: [K7TSStart] C:\Program Files\K7 Computing\K7TSecurity\K7TSecurity.exe (K7 Computing Pvt Ltd) O4 - HKLM..\Run: [switchBoard] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [TFPUPWDBankService] C:\Program Files\TOSHIBA\TFPU\TFPUPWDBank.exe (TOSHIBA) O4 - HKLM..\Run: [TFPUService] C:\Program Files\TOSHIBA\TFPU\TFPUTaskMonitor.exe (TOSHIBA) O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation) O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\System32\K7WSLsp.dll (K7 Computing Pvt Ltd) O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\System32\K7WSLsp.dll (K7 Computing Pvt Ltd) O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\System32\K7WSLsp.dll (K7 Computing Pvt Ltd) O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\System32\K7WSLsp.dll (K7 Computing Pvt Ltd) O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\System32\K7WSLsp.dll (K7 Computing Pvt Ltd) O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\System32\K7WSLsp.dll (K7 Computing Pvt Ltd) O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\System32\K7WSLsp.dll (K7 Computing Pvt Ltd) O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\System32\K7WSLsp.dll (K7 Computing Pvt Ltd) O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\System32\K7WSLsp.dll (K7 Computing Pvt Ltd) O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\System32\K7WSLsp.dll (K7 Computing Pvt Ltd) O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - C:\Windows\System32\K7WSLsp.dll (K7 Computing Pvt Ltd) O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab (Java Plug-in 1.6.0_32) O16 - DPF: {CAFEEFAC-0016-0000-0032-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab (Java Plug-in 1.6.0_32) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab (Java Plug-in 1.6.0_32) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{EC83FAE9-80D5-4B72-8366-0999047BFBD6}: DhcpNameServer = 192.168.1.1 O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) O20 - AppInit_DLLs: (C:\PROGRA~1\SEARCH~1\Datamngr\datamngr.dll) - C:\Program Files\Searchqu Toolbar\Datamngr\datamngr.dll (Bandoo Media, inc) O20 - AppInit_DLLs: (C:\PROGRA~1\SEARCH~1\Datamngr\IEBHO.dll) - C:\Program Files\Searchqu Toolbar\Datamngr\IEBHO.dll (Bandoo Media, inc) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2012/01/16 14:01:40 | 000,000,106 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) O34 - HKLM BootExecute: (K7TSDbg) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2012/05/14 11:55:02 | 000,595,456 | ---- | C] (OldTimer Tools) -- C:\Users\a\Desktop\OTL.exe [2012/05/11 13:25:39 | 000,000,000 | ---D | C] -- C:\Users\a\AppData\Roaming\skypePM [2012/05/11 09:51:15 | 000,000,000 | ---D | C] -- C:\Users\a\AppData\Roaming\Skype [2012/05/11 09:51:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype [2012/05/11 09:51:04 | 000,000,000 | R--D | C] -- C:\Program Files\Skype [2012/05/11 09:51:04 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype [2012/05/11 09:50:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype [2012/05/11 09:50:25 | 023,511,716 | ---- | C] (Skype Technologies S.A.) -- C:\Users\a\Desktop\SkypeSetupFull.exe [2012/05/08 10:55:20 | 000,000,000 | ---D | C] -- C:\Users\a\AppData\Roaming\K7 Computing [2012/05/07 18:03:55 | 000,000,000 | ---D | C] -- C:\Users\a\Desktop\Today's Class [2012/05/05 15:08:22 | 000,000,000 | ---D | C] -- C:\Program Files\Searchqu Toolbar [2012/05/05 15:00:01 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Protexis [2012/05/05 15:00:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Corel [2012/05/05 14:57:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CorelDRAW Graphics Suite X4 [2012/05/05 14:52:37 | 000,000,000 | ---D | C] -- C:\Program Files\Corel [2012/05/05 14:00:29 | 000,000,000 | ---D | C] -- C:\Users\a\Documents\LEARN Android [2012/05/05 10:16:30 | 000,000,000 | ---D | C] -- C:\Users\a\MyAndroidApp [2012/05/05 10:08:35 | 000,000,000 | ---D | C] -- C:\Users\a\workspace [2012/05/03 15:48:59 | 000,000,000 | ---D | C] -- C:\Users\a\.android [2012/05/03 15:48:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Android SDK Tools [2012/05/03 15:48:39 | 000,000,000 | ---D | C] -- C:\Program Files\Android [2012/05/03 15:38:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun [2012/05/03 15:38:41 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java [2012/05/03 15:37:52 | 000,000,000 | ---D | C] -- C:\Program Files\Sun [2012/05/03 15:35:41 | 000,000,000 | ---D | C] -- C:\Program Files\Java [2012/05/03 15:15:02 | 000,000,000 | ---D | C] -- C:\06 Tablet [2012/05/03 11:44:46 | 000,005,632 | ---- | C] (Absolute Software Corp.) -- C:\Windows\System32\ctrestrt.exe [2012/05/03 11:40:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K7TotalSecurity [2012/05/03 11:39:03 | 000,000,000 | ---D | C] -- C:\ProgramData\K7TS12Upgr [2012/05/02 15:42:46 | 000,000,000 | ---D | C] -- C:\Users\a\AppData\Roaming\Nitro PDF [2012/05/02 15:41:15 | 000,027,144 | ---- | C] (Nitro PDF Software) -- C:\Windows\System32\nitrolocalmon2.dll [2012/05/02 15:41:15 | 000,018,440 | ---- | C] (Nitro PDF Software) -- C:\Windows\System32\nitrolocalui2.dll [2012/05/02 15:40:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Nitro PDF [2012/05/02 15:40:37 | 000,000,000 | ---D | C] -- C:\Program Files\Nitro PDF [2012/05/02 15:40:37 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Nitro PDF [2012/05/02 15:39:04 | 000,000,000 | ---D | C] -- C:\Users\a\AppData\Roaming\Downloaded Installations [2012/05/02 15:30:57 | 000,000,000 | ---D | C] -- C:\Users\a\Documents\OneNote Notebooks [2012/04/30 12:52:55 | 000,000,000 | ---D | C] -- C:\Users\a\Documents\Corel User Files [2012/04/25 16:57:48 | 000,000,000 | ---D | C] -- C:\ProgramData\regid.1986-12.com.adobe [2012/04/25 16:05:19 | 000,000,000 | ---D | C] -- C:\Users\a\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant [2012/04/25 16:05:15 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe Download Assistant [2012/04/20 16:38:22 | 000,000,000 | ---D | C] -- C:\Users\a\AppData\Roaming\Temp [2012/04/20 16:38:22 | 000,000,000 | ---D | C] -- C:\Users\a\AppData\Roaming\Configuration [2012/04/18 16:41:07 | 000,000,000 | ---D | C] -- C:\Users\a\Documents\My Scrapbook [2012/04/18 15:28:23 | 000,000,000 | ---D | C] -- C:\Program Files\MSECache [2012/04/18 14:44:59 | 000,000,000 | ---D | C] -- C:\Users\a\AppData\Roaming\AdobeUM [2012/04/18 14:42:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe Systems [2012/04/18 14:41:29 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe Systems Shared [2012/04/18 14:40:17 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Adobe PDF [2012/04/18 14:37:12 | 000,000,000 | ---D | C] -- C:\Users\a\AppData\Roaming\Corel [2012/04/18 14:34:36 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Corel [2012/04/18 14:29:45 | 000,000,000 | ---D | C] -- C:\GraphCalc [2012/04/18 14:29:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eBeam Interact [2012/04/18 14:29:21 | 000,374,064 | ---- | C] (Black Ice Software, Inc.) -- C:\Windows\System32\Tiff32.dll [2012/04/18 14:29:21 | 000,359,232 | ---- | C] (Black Ice Software, Inc.) -- C:\Windows\System32\BuEMonNT.dll [2012/04/18 14:29:21 | 000,251,192 | ---- | C] (Black Ice Software, Inc.) -- C:\Windows\System32\BuERmvNT.dll [2012/04/18 14:29:21 | 000,230,712 | ---- | C] (Black Ice Software, Inc.) -- C:\Windows\System32\BiImgUser.dll [2012/04/18 14:29:21 | 000,165,176 | ---- | C] (Black Ice Software, Inc.) -- C:\Windows\System32\BuEAppNT.exe [2012/04/18 14:29:21 | 000,165,168 | ---- | C] (Black Ice Software, Inc.) -- C:\Windows\System32\JPEG32.dll [2012/04/18 14:28:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eBeam Capture [2012/04/18 14:28:09 | 000,000,000 | ---D | C] -- C:\Program Files\Luidia [2012/04/18 14:05:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TOSHIBA [2012/04/18 14:05:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Toshiba [2012/04/18 14:05:48 | 000,000,000 | ---D | C] -- C:\Users\a\AppData\Roaming\TFPU [2012/04/18 14:05:39 | 000,000,000 | ---D | C] -- C:\Program Files\TOSHIBA [2012/04/18 14:05:07 | 000,000,000 | ---D | C] -- C:\Program Files\Fingerprint Sensor [2012/04/18 14:04:45 | 000,000,000 | ---D | C] -- C:\Users\a\AppData\Roaming\WinBatch [2012/04/18 13:48:28 | 000,000,000 | ---D | C] -- C:\Users\a\AppData\Local\Diagnostics ========== Files - Modified Within 30 Days ========== [2012/05/14 11:55:08 | 000,595,456 | ---- | M] (OldTimer Tools) -- C:\Users\a\Desktop\OTL.exe [2012/05/14 11:51:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2012/05/14 11:12:00 | 000,000,892 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1779918490-3245665379-4120766740-1000UA.job [2012/05/14 09:53:34 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012/05/14 09:53:34 | 000,017,408 | ---- | M] () -- C:\Windows\System32\rpcnetp.exe [2012/05/13 13:12:00 | 000,000,840 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1779918490-3245665379-4120766740-1000Core.job [2012/05/11 13:25:39 | 000,000,056 | -H-- | M] () -- C:\ProgramData\ezsidmv.dat [2012/05/11 09:51:05 | 000,002,503 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk [2012/05/10 11:30:08 | 000,615,360 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2012/05/10 11:30:08 | 000,103,702 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2012/05/10 11:12:09 | 000,135,185 | ---- | M] () -- C:\Users\a\Documents\Voda-9711682306-May 12.pdf [2012/05/10 10:39:41 | 000,058,288 | ---- | M] (Absolute Software Corp.) -- C:\Windows\System32\rpcnet.dll [2012/05/10 10:39:31 | 000,005,632 | ---- | M] (Absolute Software Corp.) -- C:\Windows\System32\ctrestrt.exe [2012/05/10 10:23:17 | 000,010,016 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012/05/10 10:23:17 | 000,010,016 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012/05/10 10:18:06 | 2408,390,656 | -HS- | M] () -- C:\hiberfil.sys [2012/05/06 06:02:02 | 003,766,760 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2012/05/05 14:53:54 | 000,190,538 | ---- | M] () -- C:\Users\a\Documents\Tanushree_Nagori_050512.pdf [2012/05/05 14:45:59 | 000,002,828 | -HS- | M] () -- C:\ProgramData\KGyGaAvL.sys [2012/05/05 14:45:51 | 000,000,088 | RHS- | M] () -- C:\ProgramData\CED56F63B7.sys [2012/05/03 15:50:32 | 001,243,849 | ---- | M] () -- C:\Users\a\Documents\TT_Datasheet_tazPad.pdf [2012/05/03 11:40:28 | 000,001,923 | ---- | M] () -- C:\Users\Public\Desktop\K7TotalSecurity.lnk [2012/05/02 15:41:09 | 000,002,017 | ---- | M] () -- C:\Users\Public\Desktop\Nitro Pro 7.lnk [2012/05/02 15:30:56 | 000,001,280 | ---- | M] () -- C:\Users\a\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk [2012/05/02 15:30:22 | 000,056,314 | ---- | M] () -- C:\Users\a\Documents\09th 980601_A1 QP Science.pdf [2012/05/02 11:22:32 | 000,002,655 | ---- | M] () -- C:\Users\a\Documents\Microsoft Office Excel 2007.lnk [2012/05/02 11:14:57 | 000,002,377 | ---- | M] () -- C:\Users\a\Desktop\Google Chrome.lnk [2012/05/01 16:52:21 | 023,511,716 | ---- | M] (Skype Technologies S.A.) -- C:\Users\a\Desktop\SkypeSetupFull.exe [2012/04/25 21:32:28 | 000,000,512 | ---- | M] () -- C:\Windows\_delis32.ini [2012/04/25 17:36:42 | 000,933,458 | ---- | M] () -- C:\Users\a\Desktop\Atomic Structure 1.pdf [2012/04/25 17:14:09 | 000,465,772 | ---- | M] () -- C:\Users\a\Desktop\Atomic Structure.pdf [2012/04/25 16:51:27 | 000,001,055 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Content Viewer.lnk [2012/04/19 12:39:36 | 000,001,158 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Canon LBP2900 Status Window.lnk [2012/04/18 16:32:26 | 000,017,408 | ---- | M] () -- C:\Windows\System32\rpcnetp.dll [2012/04/18 15:50:38 | 000,183,956 | ---- | M] () -- C:\Users\a\Documents\office lay out.pdf [2012/04/18 14:40:37 | 000,002,453 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Acrobat Speed Launcher.lnk [2012/04/18 14:40:37 | 000,001,989 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Acrobat 7.0 Professional.lnk [2012/04/18 14:05:19 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_ATSwpWDF_01007.Wdf ========== Files Created - No Company Name ========== [2012/05/11 13:25:39 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat [2012/05/11 09:51:05 | 000,002,503 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk [2012/05/10 11:12:09 | 000,135,185 | ---- | C] () -- C:\Users\a\Documents\Voda-9711682306-May 12.pdf [2012/05/05 14:53:51 | 000,190,538 | ---- | C] () -- C:\Users\a\Documents\Tanushree_Nagori_050512.pdf [2012/05/05 12:57:07 | 000,028,496 | ---- | C] () -- C:\Users\a\Desktop\3x2 Pole Kiosk.cdr [2012/05/03 15:50:30 | 001,243,849 | ---- | C] () -- C:\Users\a\Documents\TT_Datasheet_tazPad.pdf [2012/05/02 15:41:09 | 000,002,545 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nitro Pro 7.lnk [2012/05/02 15:41:09 | 000,002,017 | ---- | C] () -- C:\Users\Public\Desktop\Nitro Pro 7.lnk [2012/05/02 15:30:56 | 000,001,280 | ---- | C] () -- C:\Users\a\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk [2012/05/02 15:30:22 | 000,056,314 | ---- | C] () -- C:\Users\a\Documents\09th 980601_A1 QP Science.pdf [2012/05/02 11:22:32 | 000,002,655 | ---- | C] () -- C:\Users\a\Documents\Microsoft Office Excel 2007.lnk [2012/04/25 21:31:11 | 000,000,512 | ---- | C] () -- C:\Windows\_delis32.ini [2012/04/25 17:36:42 | 000,933,458 | ---- | C] () -- C:\Users\a\Desktop\Atomic Structure 1.pdf [2012/04/25 17:14:09 | 000,465,772 | ---- | C] () -- C:\Users\a\Desktop\Atomic Structure.pdf [2012/04/25 16:57:20 | 000,001,173 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe InDesign CS5.5.lnk [2012/04/25 16:55:38 | 000,001,147 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CS5.1.lnk [2012/04/25 16:55:05 | 000,001,263 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Media Encoder CS5.5.lnk [2012/04/25 16:51:27 | 000,001,067 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Content Viewer.lnk [2012/04/25 16:51:27 | 000,001,055 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Content Viewer.lnk [2012/04/25 16:49:08 | 000,001,341 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Extension Manager CS5.5.lnk [2012/04/25 16:49:01 | 000,001,513 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ExtendScript Toolkit CS5.5.lnk [2012/04/25 16:48:39 | 000,000,967 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Help.lnk [2012/04/25 16:05:15 | 000,001,013 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Download Assistant.lnk [2012/04/25 15:39:10 | 1210,514,168 | ---- | C] () -- C:\Users\a\Desktop\study material.rar [2012/04/18 16:54:57 | 000,443,404 | ---- | C] () -- C:\Users\a\Desktop\21A-CL-IX-CHE-Matter-v0.3.pdf [2012/04/18 16:54:45 | 000,658,719 | ---- | C] () -- C:\Users\a\Desktop\21A-CL-IX-MAT-Real Nums-v3.pdf [2012/04/18 15:50:37 | 000,183,956 | ---- | C] () -- C:\Users\a\Documents\office lay out.pdf [2012/04/18 14:40:37 | 000,002,459 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Distiller 7.0.lnk [2012/04/18 14:40:37 | 000,002,453 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Designer 7.0.lnk [2012/04/18 14:40:37 | 000,002,453 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Acrobat Speed Launcher.lnk [2012/04/18 14:40:37 | 000,002,447 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat 7.0 Professional.lnk [2012/04/18 14:40:37 | 000,001,989 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Acrobat 7.0 Professional.lnk [2012/04/18 14:37:15 | 000,000,088 | RHS- | C] () -- C:\ProgramData\CED56F63B7.sys [2012/04/18 14:37:14 | 000,002,828 | -HS- | C] () -- C:\ProgramData\KGyGaAvL.sys [2012/04/18 14:29:21 | 000,106,496 | ---- | C] () -- C:\Windows\System32\BuEResNT.dll [2012/04/18 14:05:19 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_ATSwpWDF_01007.Wdf [2012/04/18 13:53:23 | 000,000,830 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2012/02/10 18:05:07 | 000,017,408 | ---- | C] () -- C:\Windows\System32\rpcnetp.dll [2012/02/10 18:04:53 | 000,017,408 | ---- | C] () -- C:\Windows\System32\rpcnetp.exe ========== LOP Check ========== [2012/04/25 16:05:19 | 000,000,000 | ---D | M] -- C:\Users\a\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant [2012/04/20 16:38:22 | 000,000,000 | ---D | M] -- C:\Users\a\AppData\Roaming\Configuration [2012/05/02 15:39:04 | 000,000,000 | ---D | M] -- C:\Users\a\AppData\Roaming\Downloaded Installations [2012/05/08 10:55:20 | 000,000,000 | ---D | M] -- C:\Users\a\AppData\Roaming\K7 Computing [2012/05/02 15:44:04 | 000,000,000 | ---D | M] -- C:\Users\a\AppData\Roaming\Nitro PDF [2012/04/20 16:38:22 | 000,000,000 | ---D | M] -- C:\Users\a\AppData\Roaming\Temp [2012/04/18 14:24:32 | 000,000,000 | ---D | M] -- C:\Users\a\AppData\Roaming\TFPU [2012/04/18 14:04:45 | 000,000,000 | ---D | M] -- C:\Users\a\AppData\Roaming\WinBatch [2009/07/14 10:23:46 | 000,010,866 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT ========== Purity Check ========== < End of report > EXTRAS.txt OTL Extras logfile created on: 5/14/2012 12:01:32 PM - Run 1 OTL by OldTimer - Version 3.2.43.0 Folder = C:\Users\a\Desktop Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 8.0.7600.16385) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 2.99 Gb Total Physical Memory | 1.43 Gb Available Physical Memory | 47.74% Memory free 5.98 Gb Paging File | 4.24 Gb Available in Paging File | 70.93% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 158.14 Gb Total Space | 37.91 Gb Free Space | 23.97% Space Free | Partition Type: NTFS Drive D: | 68.59 Gb Total Space | 50.66 Gb Free Space | 73.86% Space Free | Partition Type: NTFS Drive F: | 465.76 Gb Total Space | 221.19 Gb Free Space | 47.49% Space Free | Partition Type: NTFS Computer Name: 21A-L03 | User Name: a | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Quick Scan Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation) .hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation) ========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [AddToPlaylistVLC] -- C:\Program Files\VideoLAN\VLC\vlc.exe --started-from-file --playlist-enqueue "%1" () Directory [bridge] -- C:\Program Files\Adobe\Adobe Bridge CS5.1\Bridge.exe "%L" (Adobe Systems, Inc.) Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [PlayWithVLC] -- C:\Program Files\VideoLAN\VLC\vlc.exe --started-from-file --no-playlist-enqueue "%1" () Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = Reg Error: Unknown registry data type -- File not found "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] ========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "DisableNotifications" = 0 "EnableFirewall" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "DisableNotifications" = 0 "EnableFirewall" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "DisableNotifications" = 0 "EnableFirewall" = 0 ========== Authorized Applications List ========== ========== Vista Active Open Ports Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{0E44990B-0631-4B6D-BCFE-1AB6688DE4E7}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{0E67A9B1-3838-4177-8F42-03C99EB33115}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | "{20AD95BE-F485-43E2-A722-9D737AF075A4}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{28F740F5-55A2-4179-B11D-749861C0D0A2}" = lport=139 | protocol=6 | dir=in | app=system | "{315F2A0B-5BD1-4553-BA0D-AEE1BECD9D9D}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe | "{3A7ACA63-2B3C-4F1E-8AD6-B67E3229AB39}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{3F17FDAB-19C6-402C-B479-F3C3D56D7721}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | "{4EDCC80B-08DE-4739-BBD4-2F69A49CFE0B}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{6FBC5398-B90E-4725-83B9-959E8DB7E0E4}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{75269774-92D6-432A-8C0A-9147587A9C88}" = lport=137 | protocol=17 | dir=in | app=system | "{85B3ABD8-5B7B-4D54-BE5A-49E1E35F4285}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{8C0BE7E9-A0A0-49CC-956B-0F5881427107}" = lport=138 | protocol=17 | dir=in | app=system | "{96231B5E-D0CA-417F-A0A2-92F042A43E64}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{9CB96BCE-CD98-445B-85D0-D22FB9346036}" = rport=445 | protocol=6 | dir=out | app=system | "{AF0A9E73-323A-492D-86E7-B7955AE05855}" = rport=138 | protocol=17 | dir=out | app=system | "{C8CFDFCA-6DAC-4012-A105-5B5592106CB4}" = rport=10243 | protocol=6 | dir=out | app=system | "{CD0B379D-E9E9-418F-B29D-8DBE79B3B7F9}" = rport=139 | protocol=6 | dir=out | app=system | "{CF52428E-4564-4087-BE65-59D3128FCCE7}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{CFB06A66-F7BB-43D6-B4F8-B73A2730758B}" = lport=10243 | protocol=6 | dir=in | app=system | "{D81B89FA-5D07-48AB-AC36-E04E4640DFA3}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{DD5F4173-9D1B-4611-98BF-4BF0957BBD5D}" = rport=137 | protocol=17 | dir=out | app=system | "{E66705B9-EB3C-4739-A19F-E312E65A8995}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{EDF742B0-C5E1-4275-A6EF-3BA7304FDCB7}" = lport=2869 | protocol=6 | dir=in | app=system | "{FD5084C4-CE72-411D-B691-66695C1883E4}" = lport=445 | protocol=6 | dir=in | app=system | ========== Vista Active Application Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{004C617A-BDD9-4D35-81A9-E943391C31CB}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\groove.exe | "{079C4F0E-E412-4A08-9B6D-A17E66CB1886}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{268AE769-F732-45FD-AAA6-031E4E67EFDD}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | "{2EA3CF41-B182-4BD6-AEF2-A816AB16CA57}" = protocol=17 | dir=in | app=c:\program files\searchqu toolbar\datamngr\toolbar\dtuser.exe | "{359E2DE2-8503-4DCC-A75B-16622FEDD5A4}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{4013180C-183D-406D-9504-7BC005E01EF6}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{4B814748-D6EB-4B93-A687-FDAF96CFCC2B}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | "{68638CA5-C08F-4915-9AA0-05D6395A7CFA}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{6B43E527-49CB-49B4-9227-8740AC9BEE54}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{77036674-0FED-49D0-A8F5-E529E8722F26}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{78376F34-FBD8-4F8A-98B3-F582F2B0CF9F}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | "{8D9906DC-F104-4598-B1A9-AA6D73EB5A3B}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\groove.exe | "{9E687FD8-CC4B-42F9-87F4-847EFCEFD415}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{A0268269-AA78-4BE8-9E10-93CD93955E8C}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{A21FD5A3-516F-4476-BE4A-F50AE8B44452}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{AD68A3E8-A2F0-4DB7-9F5E-1B69A64BF9AD}" = protocol=6 | dir=out | app=system | "{B29D83B7-DD12-46BA-998C-95DA637CAC87}" = protocol=6 | dir=in | app=c:\windows\system32\cnab4rpk.exe | "{B2BE295F-0676-4955-AAE9-E4C729E2377D}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | "{BB229402-6D99-43A4-8B15-03CF17734E62}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | "{D24E39B1-97FF-49EB-849A-98EDDEE7197F}" = protocol=17 | dir=in | app=c:\windows\system32\cnab4rpk.exe | "{D5587A2D-5EE5-4274-9965-95A803C5C924}" = protocol=6 | dir=in | app=c:\program files\searchqu toolbar\datamngr\toolbar\dtuser.exe | "{D7B7F91D-2285-45C0-8B5E-B912B988B766}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{D7DE3205-C8B4-4B5A-B5D8-4D5C5F778564}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | "{EE4B5907-600B-414D-A98F-0EC3D9AFED00}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | "{F6E29CBA-F9BA-4652-A4E3-151F9B51A9AA}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | ========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "_{7F05E704-30A6-421A-97A7-8EEB1C7FF010}" = CorelDRAW® Graphics Suite X4 "_{CE2DA11A-917F-4CF5-AB55-755EC115DD10}" = CorelDRAW® Graphics Suite X4 - Windows Shell Extension "{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86 "{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86 "{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86 "{24D753CA-6AE9-4E30-8F5F-EFC93E08BF3D}" = Skype™ 4.0 "{26A24AE4-039D-4CA4-87B4-2F83216032FF}" = Java 6 Update 32 "{32A3A4F4-B792-11D6-A78A-00B0D0160320}" = Java SE Development Kit 6 Update 32 "{3521BDBD-D453-5D9F-AA55-44B75D214629}" = Adobe Community Help "{44A27085-0616-4181-A0C3-81C7ECA17F73}" = CorelDRAW Graphics Suite X4 "{47FA2C44-D148-4DBC-AF60-B91934AA4842}" = Adobe AIR "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4E33D05D-76CF-5D3C-4D5D-7727530FA161}" = Adobe Content Viewer "{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86 "{73EC658D-A1C6-40CA-8E86-E05821BAACE7}" = Java DB 10.6.2.1 "{77DCDCE3-2DED-62F3-8154-05E745472D07}" = Acrobat.com "{7F05E704-30A6-421A-97A7-8EEB1C7FF010}" = CorelDRAW Graphics SUite X4 - ICA "{7F05E704-30A6-421A-97A7-8EEB1C7FF012}" = CorelDRAW Graphics Suite X4 - Capture "{7F05E704-30A6-421A-97A7-8EEB1C7FF013}" = CorelDRAW Graphics Suite X4 - Draw "{7F05E704-30A6-421A-97A7-8EEB1C7FF014}" = CorelDRAW Graphics Suite X4 - PP "{7F05E704-30A6-421A-97A7-8EEB1C7FF016}" = CorelDRAW Graphics Suite X4 - Content "{7F05E704-30A6-421A-97A7-8EEB1C7FF017}" = CorelDRAW Graphics Suite X4 - Filters "{7F05E704-30A6-421A-97A7-8EEB1C7FF019}" = CorelDRAW Graphics Suite X4 - FontNav "{7F05E704-30A6-421A-97A7-8EEB1C7FF100}" = CorelDRAW Graphics Suite X4 - Lang EN "{83F136F0-2AE5-420C-A0B6-A440AD42591C}" = AuthenTec Fingerprint Software "{857CC5F0-040E-1016-A173-D55ADD80C260}" = Adobe InDesign CS5.5 "{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007 "{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007 "{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007 "{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007 "{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007 "{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007 "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007 "{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007 "{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007 "{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007 "{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007 "{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007 "{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007 "{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007 "{90120000-00B2-0409-0000-0000000FF1CE}" = Microsoft Save as PDF or XPS Add-in for 2007 Microsoft Office programs "{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007 "{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007 "{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007 "{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007 "{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86 "{969E11AA-8F3A-F162-1A5A-0965E216B6CE}" = Adobe Download Assistant "{9D0798D0-AF6C-4E62-94B1-AEBF1A43E00A}" = CorelDRAW Graphics Suite X4 - IPM "{A7760E07-4C23-4766-A99E-F715F298E99C}" = TFPU "{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5 "{AC76BA86-1033-0000-7760-000000000002}" = Adobe Acrobat 7.0 Professional "{AC76BA86-7AD7-1033-7B44-A90000000001}" = Adobe Reader 9 "{B61D21B6-469D-4423-B161-62DB20B8A70E}" = Visual Basic for Applications ® Core - English "{B6D38690-755E-4F40-A35A-23F8BC2B86AC}" = Microsoft_VC90_MFCLOC_x86 "{BF439B41-0252-48DE-8B8B-0430CB26A181}" = CorelDRAW Graphics Suite X4 - VBA "{CE2DA11A-917F-4CF5-AB55-755EC115DD10}" = CorelDRAW® Graphics Suite X4 - Windows Shell Extension "{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86 "{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86 "{DB81779E-7CC5-4630-BCFC-754004956444}" = Visual Basic for Applications ® Core "{FDE8C4BB-8080-476A-8731-97C32C06E569}" = Nitro Pro 7 "Adobe Acrobat 7.0 Professional" = Adobe Acrobat 7.0 Professional "Adobe AIR" = Adobe AIR "Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX "Android SDK Tools" = Android SDK Tools "Canon LBP2900" = Canon LBP2900 "chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help "com.adobe.dmp.contentviewer" = Adobe Content Viewer "com.adobe.downloadassistant.AdobeDownloadAssistant" = Adobe Download Assistant "com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com "eBeamCapture_is1" = eBeam Capture 2.3 "eBeamDeviceService_is1" = eBeam Device Service 2.3 "eBeamInteract_is1" = eBeam Interact 2.3 "ENTERPRISE" = Microsoft Office Enterprise 2007 "K7TotalSecurity" = K7TotalSecurity "Searchqu Toolbar" = Searchqu Toolbar "TFPU{A7760E07-4C23-4766-A99E-F715F298E99C}" = TOSHIBA Fingerprint Utility "VLC media player" = VLC media player 0.9.4 "WinRAR archiver" = WinRAR archiver ========== HKEY_USERS Uninstall List ========== [HKEY_USERS\S-1-5-21-1779918490-3245665379-4120766740-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "Google Chrome" = Google Chrome ========== Last 10 Event Log Errors ========== [ Application Events ] Error - 5/1/2012 5:35:36 AM | Computer Name = 21A-L03 | Source = Application Error | ID = 1000 Description = Faulting application name: EXCEL.EXE, version: 12.0.4518.1014, time stamp: 0x45428263 Faulting module name: VBE6.DLL, version: 6.5.10.20, time stamp: 0x45187577 Exception code: 0xc0000005 Fault offset: 0x00111497 Faulting process id: 0x1328 Faulting application start time: 0x01cd2779fbddd249 Faulting application path: C:\Program Files\Microsoft Office\Office12\EXCEL.EXE Faulting module path: C:\PROGRA~1\COMMON~1\MICROS~1\VBA\VBA6\VBE6.DLL Report Id: 00f38de9-9371-11e1-b008-001e686d1205 Error - 5/1/2012 8:47:11 AM | Computer Name = 21A-L03 | Source = Application Hang | ID = 1002 Description = The program Acrobat.exe version 7.0.0.1333 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel. Process ID: 24b0 Start Time: 01cd27987d443a99 Termination Time: 53 Application Path: C:\Program Files\Adobe\Acrobat 7.0\Acrobat\Acrobat.exe Report Id: c2b04fa0-938b-11e1-b008-001e686d1205 Error - 5/3/2012 4:43:21 AM | Computer Name = 21A-L03 | Source = Application Error | ID = 1000 Description = Faulting application name: Explorer.EXE, version: 6.1.7600.16385, time stamp: 0x4a5bc60d Faulting module name: ntdll.dll, version: 6.1.7600.16385, time stamp: 0x4a5bdadb Exception code: 0xc0000022 Fault offset: 0x0007f49f Faulting process id: 0xb68 Faulting application start time: 0x01cd28f3e17c0d38 Faulting application path: C:\Windows\Explorer.EXE Faulting module path: C:\Windows\SYSTEM32\ntdll.dll Report Id: 0910b53e-94fc-11e1-8013-001e686d1205 Error - 5/5/2012 3:27:01 AM | Computer Name = 21A-L03 | Source = Application Hang | ID = 1002 Description = The program CORELDRW.EXE version 14.0.0.567 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel. Process ID: 16dc Start Time: 01cd2a8f1f13e30f Termination Time: 21 Application Path: c:\Program Files\Corel\CorelDRAW Graphics Suite X4\PROGRAMS\CORELDRW.EXE Report Id: b2ac5a45-9683-11e1-af14-001e686d1205 Error - 5/5/2012 4:41:11 AM | Computer Name = 21A-L03 | Source = MsiInstaller | ID = 11706 Description = Error - 5/5/2012 5:17:45 AM | Computer Name = 21A-L03 | Source = MsiInstaller | ID = 11706 Description = Error - 5/6/2012 12:11:51 AM | Computer Name = 21A-L03 | Source = Application Error | ID = 1000 Description = Faulting application name: EXCEL.EXE, version: 12.0.4518.1014, time stamp: 0x45428263 Faulting module name: VBE6.DLL, version: 6.5.10.20, time stamp: 0x45187577 Exception code: 0xc0000005 Fault offset: 0x00111497 Faulting process id: 0x654 Faulting application start time: 0x01cd2b3226878100 Faulting application path: C:\Program Files\Microsoft Office\Office12\EXCEL.EXE Faulting module path: C:\PROGRA~1\COMMON~1\MICROS~1\VBA\VBA6\VBE6.DLL Report Id: 9ab60792-9731-11e1-aa48-001e686d1205 Error - 5/6/2012 1:47:54 AM | Computer Name = 21A-L03 | Source = Application Error | ID = 1000 Description = Faulting application name: EXCEL.EXE, version: 12.0.4518.1014, time stamp: 0x45428263 Faulting module name: VBE6.DLL, version: 6.5.10.20, time stamp: 0x45187577 Exception code: 0xc0000005 Fault offset: 0x00111497 Faulting process id: 0x8f8 Faulting application start time: 0x01cd2b3e7c3e834a Faulting application path: C:\Program Files\Microsoft Office\Office12\EXCEL.EXE Faulting module path: C:\PROGRA~1\COMMON~1\MICROS~1\VBA\VBA6\VBE6.DLL Report Id: 05ef142e-973f-11e1-aa48-001e686d1205 Error - 5/9/2012 6:41:18 AM | Computer Name = 21A-L03 | Source = Application Error | ID = 1000 Description = Faulting application name: EXCEL.EXE, version: 12.0.4518.1014, time stamp: 0x45428263 Faulting module name: VBE6.DLL, version: 6.5.10.20, time stamp: 0x45187577 Exception code: 0xc0000005 Fault offset: 0x00111497 Faulting process id: 0xc78 Faulting application start time: 0x01cd2c615d8ff6a1 Faulting application path: C:\Program Files\Microsoft Office\Office12\EXCEL.EXE Faulting module path: C:\PROGRA~1\COMMON~1\MICROS~1\VBA\VBA6\VBE6.DLL Report Id: 81d59eaf-99c3-11e1-aa48-001e686d1205 Error - 5/11/2012 6:10:50 AM | Computer Name = 21A-L03 | Source = Application Error | ID = 1000 Description = Faulting application name: eBeamScrapbook.exe, version: 2.3.0.0, time stamp: 0x4b57a0f7 Faulting module name: eBeamScrapbook.exe, version: 2.3.0.0, time stamp: 0x4b57a0f7 Exception code: 0xc000000d Fault offset: 0x001ccc4a Faulting process id: 0xf54 Faulting application start time: 0x01cd2f5e49d37760 Faulting application path: C:\Program Files\Luidia\eBeam Interact\eBeamScrapbook.exe Faulting module path: C:\Program Files\Luidia\eBeam Interact\eBeamScrapbook.exe Report Id: 94fd1b0b-9b51-11e1-a53a-001e686d1205 [ OSession Events ] Error - 4/30/2012 12:14:32 PM | Computer Name = 21A-L03 | Source = Microsoft Office 12 Sessions | ID = 7001 Description = ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 18588 seconds with 300 seconds of active time. This session ended with a crash. Error - 5/1/2012 5:07:59 AM | Computer Name = 21A-L03 | Source = Microsoft Office 12 Sessions | ID = 7001 Description = ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 3087 seconds with 1260 seconds of active time. This session ended with a crash. Error - 5/1/2012 5:35:35 AM | Computer Name = 21A-L03 | Source = Microsoft Office 12 Sessions | ID = 7001 Description = ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 1622 seconds with 1620 seconds of active time. This session ended with a crash. Error - 5/6/2012 12:11:50 AM | Computer Name = 21A-L03 | Source = Microsoft Office 12 Sessions | ID = 7001 Description = ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 5245 seconds with 540 seconds of active time. This session ended with a crash. Error - 5/6/2012 1:47:54 AM | Computer Name = 21A-L03 | Source = Microsoft Office 12 Sessions | ID = 7001 Description = ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 5710 seconds with 480 seconds of active time. This session ended with a crash. Error - 5/9/2012 6:41:18 AM | Computer Name = 21A-L03 | Source = Microsoft Office 12 Sessions | ID = 7001 Description = ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 157582 seconds with 5940 seconds of active time. This session ended with a crash. [ System Events ] Error - 5/3/2012 2:10:18 AM | Computer Name = 21A-L03 | Source = Service Control Manager | ID = 7034 Description = The K7Carnivore Service service terminated unexpectedly. It has done this 1 time(s). Error - 5/3/2012 2:10:18 AM | Computer Name = 21A-L03 | Source = Service Control Manager | ID = 7034 Description = The K7Privacy Services service terminated unexpectedly. It has done this 1 time(s). Error - 5/3/2012 2:10:19 AM | Computer Name = 21A-L03 | Source = Service Control Manager | ID = 7034 Description = The K7RealTime AntiVirus Services service terminated unexpectedly. It has done this 1 time(s). Error - 5/3/2012 2:10:19 AM | Computer Name = 21A-L03 | Source = Service Control Manager | ID = 7034 Description = The K7Firewall Services service terminated unexpectedly. It has done this 1 time(s). Error - 5/3/2012 2:10:24 AM | Computer Name = 21A-L03 | Source = Service Control Manager | ID = 7030 Description = The K7Computng - EMail Proxy Server service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly. Error - 5/3/2012 2:10:25 AM | Computer Name = 21A-L03 | Source = Service Control Manager | ID = 7030 Description = The K7Firewall Services service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly. Error - 5/7/2012 2:06:06 AM | Computer Name = 21A-L03 | Source = Service Control Manager | ID = 7011 Description = A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Netman service. Error - 5/7/2012 9:50:19 PM | Computer Name = 21A-L03 | Source = Service Control Manager | ID = 7011 Description = A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Wlansvc service. Error - 5/10/2012 12:48:09 AM | Computer Name = 21A-L03 | Source = EventLog | ID = 6008 Description = The previous system shutdown at 10:10:04 PM on ?5/?9/?2012 was unexpected. Error - 5/13/2012 1:44:08 AM | Computer Name = 21A-L03 | Source = ACPI | ID = 327693 Description = : The embedded controller (EC) did not respond within the specified timeout period. This may indicate that there is an error in the EC hardware or firmware or that the BIOS is accessing the EC incorrectly. You should check with your computer manufacturer for an upgraded BIOS. In some situations, this error may cause the computer to function incorrectly. < End of report >
  4. raviaditya
    Could you please help me remove searchnu.com/406 redirect malware from my system.... Following is the output of OTL.txt and EXTRAS.t
  5. raviaditya
    Please help me get rid of searchnu.com/406 redirect. I believe i got it with ilivid download, foolish me. Thanks for all the help - raviaditya
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.