cowdenbeath

September 23, 2010

Also, I did a scan using BitDefender and it came up with some peculiar results. I've attached the log file, which shows the 160 objects that couldn't be scanned due to password protection. Also, the scan showed that "No action is possible" on

Gen:Trojan.Heur.xm0@X8SQJ9bi

located at C:\Documents and Settings\Mandeep\Desktop\sys29436.exe=>(NSIS o)=>zlib_nsis0013

Any ideas how to deal with this??

1285123153_1_02.xml

September 23, 2010

Both of those boxes where already unchecked on SuperAntiSpyware. I reinstalled Bitdefender without any problems, but the computer is running noticeably slower than when it wasn't installed. Perhaps Bitdefender is using up lots of RAM also? Is there anything I could do to free some? I performed another OTL scan and got the following log if it's any use:

OTL logfile created on: 23/09/2010 01:17:53 - Run 2

OTL by OldTimer - Version 3.2.14.0 Folder = C:\Documents and Settings\Mandeep\My Documents\Downloads

Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 8.0.6001.18702)

Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

502.00 Mb Total Physical Memory | 94.00 Mb Available Physical Memory | 19.00% Memory free

1.00 Gb Paging File | 0.00 Gb Available in Paging File | 19.00% Paging File free

Paging file location(s): C:\pagefile.sys 756 1512 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files

Drive C: | 71.45 Gb Total Space | 28.24 Gb Free Space | 39.53% Space Free | Partition Type: NTFS

D: Drive not present or media not loaded

E: Drive not present or media not loaded

F: Drive not present or media not loaded

G: Drive not present or media not loaded

H: Drive not present or media not loaded

I: Drive not present or media not loaded

Computer Name: SIDHU

Current User Name: Mandeep

Logged in as Administrator.

Current Boot Mode: Normal

Scan Mode: All users

Company Name Whitelist: On

Skip Microsoft Files: On

File Age = 90 Days

Output = Standard

Quick Scan

========== Processes (SafeList) ==========

PRC - [2010/09/21 01:10:05 | 000,413,696 | ---- | M] (BitDefender SRL) -- C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe

PRC - [2010/09/21 01:10:01 | 001,638,240 | ---- | M] (BitDefender S. R. L.) -- C:\Program Files\BitDefender\BitDefender 2009\vsserv.exe

PRC - [2010/09/21 01:09:57 | 000,675,840 | ---- | M] (BitDefender S.R.L) -- C:\Program Files\BitDefender\BitDefender 2009\uiscan.exe

PRC - [2010/09/21 01:09:53 | 000,442,368 | ---- | M] () -- C:\Program Files\BitDefender\BitDefender 2009\seccenter.exe

PRC - [2010/09/21 01:09:37 | 000,782,336 | ---- | M] (BitDefender S.R.L.) -- C:\Program Files\BitDefender\BitDefender 2009\bdagent.exe

PRC - [2010/09/20 16:11:42 | 000,576,000 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Mandeep\My Documents\Downloads\OTL.exe

PRC - [2010/09/17 00:01:42 | 000,975,928 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Chrome\Application\chrome.exe

PRC - [2010/09/01 07:39:18 | 001,164,584 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe

PRC - [2010/05/14 11:00:26 | 000,249,136 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe

PRC - [2009/10/19 23:20:33 | 000,198,160 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Common Files\Real\Update_OB\realsched.exe

PRC - [2008/04/14 01:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe

PRC - [2008/04/05 20:10:20 | 000,607,576 | ---- | M] (Lavasoft) -- C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe

========== Modules (SafeList) ==========

MOD - [2010/09/20 16:11:42 | 000,576,000 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Mandeep\My Documents\Downloads\OTL.exe

MOD - [2009/10/19 23:21:24 | 000,102,400 | ---- | M] (RealPlayer) -- c:\Program Files\Real\realplayer\browserrecord\chrome\hook\rpchromebrowserrecordhelper.dll

MOD - [2009/08/13 14:55:04 | 001,748,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6001.22319_x-ww_f0b4c2df\GdiPlus.dll

MOD - [2008/05/13 10:13:36 | 000,077,824 | ---- | M] (SuperAdBlocker.com) -- C:\Program Files\SUPERAntiSpyware\SASSEH.DLL

MOD - [2008/04/14 01:10:20 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx

MOD - [2003/03/18 19:14:52 | 000,499,712 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcp71.dll

MOD - [2003/02/21 03:42:22 | 000,348,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcr71.dll

========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- C:\WINDOWS\System32\hidserv.dll -- (HidServ)

SRV - File not found [On_Demand | Stopped] -- C:\WINDOWS\System32\appmgmts.dll -- (AppMgmt)

SRV - [2010/09/21 01:10:05 | 000,413,696 | ---- | M] (BitDefender SRL) [Auto | Running] -- C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe -- (LIVESRV)

SRV - [2010/09/21 01:10:01 | 001,638,240 | ---- | M] (BitDefender S. R. L.) [Auto | Running] -- C:\Program Files\BitDefender\BitDefender 2009\vsserv.exe -- (VSSERV)

SRV - [2010/09/21 01:08:51 | 000,323,584 | ---- | M] (S.C. BitDefender S.R.L) [On_Demand | Stopped] -- C:\Program Files\Common Files\BitDefender\BitDefender Threat Scanner\scan.dll -- (scan)

SRV - [2010/05/14 11:00:26 | 000,249,136 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe -- (SeaPort)

SRV - [2009/09/24 11:59:26 | 001,695,368 | ---- | M] (NanJing Nagasoft Co, LTD.) [Auto | Stopped] -- C:\WINDOWS\system32\nagasoft\vjocx.dll -- (vvdsvc)

SRV - [2009/08/05 22:48:42 | 000,704,864 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Live\Family Safety\fsssvc.exe -- (fsssvc)

SRV - [2008/07/17 12:06:56 | 000,118,784 | ---- | M] (BitDefender S.R.L. http://www.bitdefender.com) [On_Demand | Stopped] -- C:\Program Files\Common Files\BitDefender\BitDefender Arrakis Server\bin\Arrakis3.exe -- (Arrakis3)

SRV - [2008/04/05 20:10:20 | 000,607,576 | ---- | M] (Lavasoft) [Auto | Running] -- C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe -- (aawservice)

SRV - [2007/03/07 15:47:46 | 000,076,848 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\DellSupport\brkrsvc.exe -- (DSBrokerService)

SRV - [2006/10/17 19:17:40 | 000,086,016 | ---- | M] (CACE Technologies) [On_Demand | Stopped] -- C:\Program Files\WinPcap\rpcapd.exe -- (rpcapd) Remote Packet Capture Protocol v.0 (experimental)

SRV - [2006/04/14 11:04:54 | 000,087,840 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe -- (SQLWriter)

SRV - [2005/11/14 02:06:04 | 000,069,632 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe -- (IDriverT)

========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\wanatw4.sys -- (wanatw) WAN Miniport (ATW)

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\Mandeep\LOCALS~1\Temp\mbr.sys -- (mbr)

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Combo-Fix\catchme.sys -- (catchme)

DRV - [2010/09/21 01:09:40 | 000,008,832 | ---- | M] (BitDefender S.R.L.) [Kernel | On_Demand | Running] -- C:\Program Files\BitDefender\BitDefender 2009\bdselfpr.sys -- (BDSelfPr)

DRV - [2010/09/21 01:08:52 | 000,137,224 | ---- | M] (BitDefender LLC) [Kernel | System | Running] -- C:\Program Files\Common Files\BitDefender\BitDefender Firewall\bdftdif.sys -- (bdftdif)

DRV - [2010/09/21 01:08:52 | 000,039,808 | ---- | M] (BitDefender S.R.L.) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\BitDefender\BitDefender Threat Scanner\trufos.sys -- (trufos)

DRV - [2010/07/03 12:34:09 | 000,067,656 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)

DRV - [2010/02/18 23:40:39 | 000,012,872 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS -- (SASDIFSV)

DRV - [2010/02/18 23:40:39 | 000,012,872 | ---- | M] ( SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | On_Demand | Stopped] -- C:\Program Files\SUPERAntiSpyware\SASENUM.SYS -- (SASENUM)

DRV - [2009/08/05 22:48:42 | 000,054,752 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\fssfltr_tdi.sys -- (fssfltr)

DRV - [2008/12/10 19:42:46 | 000,242,184 | ---- | M] (BitDefender S.R.L. Bucharest, ROMANIA) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\bdfsfltr.sys -- (bdfsfltr)

DRV - [2008/09/18 11:09:12 | 000,111,112 | ---- | M] (BitDefender S.R.L. Bucharest, ROMANIA) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\bdfm.sys -- (bdfm)

DRV - [2008/09/02 13:32:06 | 000,013,056 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\BitDefender\BitDefender Threat Scanner\profos.sys -- (profos)

DRV - [2008/04/13 19:53:09 | 000,040,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmnt.sys -- (nm)

DRV - [2008/04/13 19:36:39 | 000,043,008 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\amdagp.sys -- (amdagp)

DRV - [2008/04/13 19:36:39 | 000,040,960 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\sisagp.sys -- (sisagp)

DRV - [2008/04/13 17:36:05 | 000,144,384 | ---- | M] (Windows ® Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)

DRV - [2007/10/25 19:31:08 | 000,616,064 | ---- | M] (PixArt Imaging Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\PFC027.SYS -- (PAC207)

DRV - [2007/06/28 12:44:58 | 000,137,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmwcd.sys -- (nmwcd)

DRV - [2007/06/28 12:44:18 | 000,012,288 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmwcdcm.sys -- (nmwcdcm)

DRV - [2007/06/28 12:44:18 | 000,012,288 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmwcdcj.sys -- (nmwcdcj)

DRV - [2007/06/28 12:44:16 | 000,008,320 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmwcdc.sys -- (nmwcdc)

DRV - [2007/03/13 13:53:47 | 000,252,928 | R--- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\rt73.sys -- (RT73)

DRV - [2007/02/25 12:10:48 | 000,005,376 | --S- | M] (Gteko Ltd.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\dsunidrv.sys -- (dsunidrv)

DRV - [2006/10/17 19:09:04 | 000,035,072 | ---- | M] (CACE Technologies) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\npf.sys -- (NPF)

DRV - [2006/10/05 16:07:28 | 000,004,736 | ---- | M] (Gteko Ltd.) [Kernel | On_Demand | Stopped] -- C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys -- (DSproct)

DRV - [2006/07/14 01:02:22 | 000,013,696 | ---- | M] (SingleClick Systems) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\wsp_pkt.sys -- (wsppkt)

DRV - [2006/07/14 01:01:16 | 000,013,824 | ---- | M] (SingleClick Systems) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\hnm_wrls_pkt.sys -- (hnmwrlspkt)

DRV - [2006/07/14 01:00:58 | 000,013,440 | ---- | M] (SingleClick Systems) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\packet.sys -- (Packet)

DRV - [2006/04/05 12:49:40 | 000,223,128 | ---- | M] (Alcohol Soft Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\Drivers\vaxscsi.sys -- (vaxscsi)

DRV - [2006/04/05 12:47:01 | 000,642,560 | ---- | M] (Duplex Secure Ltd.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)

DRV - [2005/12/19 22:15:34 | 000,223,128 | ---- | M] (DT Soft Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\Drivers\dtscsi.sys -- (dtscsi)

DRV - [2005/08/17 07:41:08 | 001,022,040 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sthda.sys -- (STHDA)

DRV - [2005/05/31 06:33:00 | 000,100,605 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsnudfa.sys -- (tfsnudfa)

DRV - [2005/05/31 06:33:00 | 000,098,716 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsnudf.sys -- (tfsnudf)

DRV - [2005/05/31 06:33:00 | 000,086,876 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsnifs.sys -- (tfsnifs)

DRV - [2005/05/31 06:33:00 | 000,034,845 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsncofs.sys -- (tfsncofs)

DRV - [2005/05/31 06:33:00 | 000,025,725 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsnboio.sys -- (tfsnboio)

DRV - [2005/05/31 06:33:00 | 000,015,069 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsnopio.sys -- (tfsnopio)

DRV - [2005/05/31 06:33:00 | 000,006,365 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsnpool.sys -- (tfsnpool)

DRV - [2005/05/31 06:33:00 | 000,004,125 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsndrct.sys -- (tfsndrct)

DRV - [2005/05/31 06:33:00 | 000,002,241 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsndres.sys -- (tfsndres)

DRV - [2005/05/13 11:37:28 | 000,005,627 | ---- | M] (Sonic Solutions) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\sscdbhk5.sys -- (sscdbhk5)

DRV - [2005/05/13 11:37:20 | 000,023,545 | ---- | M] (Sonic Solutions) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\ssrtln.sys -- (ssrtln)

DRV - [2005/04/22 04:22:00 | 000,088,352 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\drvmcdb.sys -- (drvmcdb)

DRV - [2005/04/21 03:56:00 | 000,040,544 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\drvnddm.sys -- (drvnddm)

DRV - [2005/02/11 12:24:24 | 000,079,488 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\k750obex.sys -- (k750obex)

DRV - [2005/02/11 12:22:48 | 000,081,728 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\k750mgmt.sys -- (k750mgmt)

DRV - [2005/02/11 12:21:10 | 000,089,872 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\k750mdm.sys -- (k750mdm)

DRV - [2005/02/11 12:21:02 | 000,006,576 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\k750mdfl.sys -- (k750mdfl)

DRV - [2005/02/11 12:19:20 | 000,055,216 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\k750bus.sys -- (k750bus) Sony Ericsson 750 driver (WDM)

DRV - [2004/08/03 23:29:56 | 001,897,408 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)

DRV - [2003/12/08 11:53:48 | 000,053,600 | ---- | M] (THOMSON) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\alcan5wn.sys -- (alcan5wn) SpeedTouch USB ADSL PPP Networking Driver (NDISWAN)

DRV - [2003/12/08 11:53:46 | 000,070,688 | ---- | M] (THOMSON) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\alcaudsl.sys -- (alcaudsl)

DRV - [2003/11/17 22:59:20 | 000,212,224 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWBS2.sys -- (HSFHWBS2)

DRV - [2003/11/17 22:58:02 | 000,680,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)

DRV - [2003/11/17 22:56:26 | 001,042,432 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DP.sys -- (HSF_DP)

DRV - [2001/08/17 15:07:44 | 000,019,072 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\sparrow.sys -- (Sparrow)

DRV - [2001/08/17 15:07:42 | 000,030,688 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\sym_u3.sys -- (sym_u3)

DRV - [2001/08/17 15:07:40 | 000,028,384 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\sym_hi.sys -- (sym_hi)

DRV - [2001/08/17 15:07:36 | 000,032,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\symc8xx.sys -- (symc8xx)

DRV - [2001/08/17 15:07:34 | 000,016,256 | ---- | M] (Symbios Logic Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\symc810.sys -- (symc810)

DRV - [2001/08/17 14:57:38 | 000,016,128 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\MODEMCSA.sys -- (MODEMCSA)

DRV - [2001/08/17 14:52:22 | 000,036,736 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\ultra.sys -- (ultra)

DRV - [2001/08/17 14:52:20 | 000,045,312 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\ql12160.sys -- (ql12160)

DRV - [2001/08/17 14:52:20 | 000,040,320 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\ql1080.sys -- (ql1080)

DRV - [2001/08/17 14:52:18 | 000,049,024 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\ql1280.sys -- (ql1280)

DRV - [2001/08/17 14:52:16 | 000,179,584 | ---- | M] (Mylex Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\dac2w2k.sys -- (dac2w2k)

DRV - [2001/08/17 14:52:12 | 000,017,280 | ---- | M] (American Megatrends Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\mraid35x.sys -- (mraid35x)

DRV - [2001/08/17 14:52:00 | 000,026,496 | ---- | M] (Advanced System Products, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\asc.sys -- (asc)

DRV - [2001/08/17 14:51:58 | 000,014,848 | ---- | M] (Advanced System Products, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\asc3550.sys -- (asc3550)

DRV - [2001/08/17 14:51:56 | 000,005,248 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\aliide.sys -- (AliIde)

DRV - [2001/08/17 14:51:54 | 000,006,656 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\cmdide.sys -- (CmdIde)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell.co.uk/myway

IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,First Home Page = http://www.dell.co.uk/myway

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell.co.uk/myway

IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,First Home Page = http://www.dell.co.uk/myway

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-2517947933-2399065429-2790057291-1006\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google

IE - HKU\S-1-5-21-2517947933-2399065429-2790057291-1006\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchTerms}

IE - HKU\S-1-5-21-2517947933-2399065429-2790057291-1006\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20

FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0

FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:1.0

FF - prefs.js..extensions.enabledItems: {27182e60-b5f3-411c-b545-b44205977502}:1.0

FF - prefs.js..extensions.enabledItems: web@veoh.com:1.4

FF - prefs.js..extensions.enabledItems: {85E85FF9-E50C-42DE-8A3D-61485FD6C8DB}:1.4

FF - HKLM\software\mozilla\Firefox\Extensions\\FFToolbar@bitdefender.com: C:\Program Files\BitDefender\BitDefender 2009\FFToolbar\ [2010/09/21 01:39:41 | 000,000,000 | ---D | M]

FF - HKLM\software\mozilla\Mozilla Firefox 3.5.12\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/09/13 18:23:47 | 000,000,000 | ---D | M]

FF - HKLM\software\mozilla\Mozilla Firefox 3.5.12\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/09/13 18:23:47 | 000,000,000 | ---D | M]

[2009/10/31 01:27:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mandeep\Application Data\Mozilla\Extensions

[2009/05/24 02:21:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mandeep\Application Data\Mozilla\Extensions\mozswing@mozswing.org

[2010/09/15 19:22:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mandeep\Application Data\Mozilla\Firefox\Profiles\djvoi36x.default\extensions

[2010/05/20 17:17:56 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Mandeep\Application Data\Mozilla\Firefox\Profiles\djvoi36x.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}

[2010/09/15 19:22:01 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions

[2007/07/21 01:41:42 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Program Files\Mozilla Firefox\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}

[2009/08/20 01:04:11 | 000,000,000 | ---D | M] (VideoGet FireFox extension) -- C:\Program Files\Mozilla Firefox\extensions\{85E85FF9-E50C-42DE-8A3D-61485FD6C8DB}

[2010/09/07 22:06:48 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}

[2010/09/21 01:09:46 | 000,065,536 | ---- | M] () -- C:\Program Files\Mozilla Firefox\components\FFComm.dll

[2008/09/04 01:11:24 | 000,054,600 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npbittorrent.dll

[2010/05/03 17:06:30 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll

[2004/02/20 21:14:09 | 000,176,177 | ---- | M] () -- C:\Program Files\Mozilla Firefox\plugins\npViewpoint.dll

[2009/10/16 19:18:41 | 000,001,538 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazon-en-GB.xml

[2009/10/16 19:18:41 | 000,000,947 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\chambers-en-GB.xml

[2009/10/16 19:18:41 | 000,000,769 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay-en-GB.xml

[2009/10/16 19:18:41 | 000,000,831 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-en-GB.xml

O1 HOSTS File: ([2010/09/11 22:58:20 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts

O1 - Hosts: 127.0.0.1 localhost

O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - c:\Program Files\Real\realplayer\rpbrowserrecordplugin.dll (RealPlayer)

O2 - BHO: (no name) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No CLSID value found.

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.

O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)

O2 - BHO: (no name) - {A057A204-BACC-4D26-9990-79A187E2698E} - No CLSID value found.

O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)

O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)

O3 - HKLM\..\Toolbar: (BitDefender Toolbar) - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2009\IEToolbar.dll (Bitdefender)

O3 - HKU\S-1-5-21-2517947933-2399065429-2790057291-1006\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)

O4 - HKLM..\Run: [bDAgent] C:\Program Files\BitDefender\BitDefender 2009\bdagent.exe (BitDefender S.R.L.)

O4 - HKLM..\Run: [bitDefender Antiphishing Helper] C:\Program Files\BitDefender\BitDefender 2009\IEShow.exe (BitDefender)

O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()

O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)

O4 - HKU\S-1-5-21-2517947933-2399065429-2790057291-1006..\RunOnce: [shockwave Updater] C:\WINDOWS\System32\Adobe\SHOCKW~1\SWHELP~1.EXE -Update -1103472 -Mozilla\4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident\4.0; File not found

O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0

O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323

O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863

O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323

O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863

O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKU\S-1-5-21-2517947933-2399065429-2790057291-1006\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKU\S-1-5-21-2517947933-2399065429-2790057291-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863

O7 - HKU\S-1-5-21-2517947933-2399065429-2790057291-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323

O7 - HKU\S-1-5-21-2517947933-2399065429-2790057291-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0

O9 - Extra Button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)

O9 - Extra 'Tools' menuitem : &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)

O9 - Extra Button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe (PokerStars)

O9 - Extra Button: EmpirePoker - {77E68763-4284-41d6-B7E7-B6E1F053A9E7} - C:\Program Files\EmpirePokerMaster\EmpirePoker\RunEPoker.exe File not found

O9 - Extra 'Tools' menuitem : EmpirePoker - {77E68763-4284-41d6-B7E7-B6E1F053A9E7} - C:\Program Files\EmpirePokerMaster\EmpirePoker\RunEPoker.exe File not found

O9 - Extra Button: Add to VideoGet - {88CFA58B-A63F-4A94-9C54-0C7A58E3333E} - C:\Program Files\Nuclear Coffee\VideoGet\Plugins\VideoGet_IE.dll (Nuclear Coffee Software)

O9 - Extra 'Tools' menuitem : Add to &VideoGet - {88CFA58B-A63F-4A94-9C54-0C7A58E3333E} - C:\Program Files\Nuclear Coffee\VideoGet\Plugins\VideoGet_IE.dll (Nuclear Coffee Software)

O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)

O9 - Extra Button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe File not found

O9 - Extra 'Tools' menuitem : PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe File not found

O15 - HKU\.DEFAULT\..Trusted Domains: aol.com ([objects] * is out of zone range - 5)

O15 - HKU\S-1-5-18\..Trusted Domains: aol.com ([objects] * is out of zone range - 5)

O16 - DPF: {05D44720-58E3-49E6-BDF6-D00330E511D3} http://zone.msn.com/binFrameWork/v10/StagingUI.cab46479.cab (Reg Error: Key error.)

O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab (Reg Error: Key error.)

O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwa...director/sw.cab (Shockwave ActiveX Control)

O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/3/9...heckControl.cab (Windows Genuine Advantage Validation Tool)

O16 - DPF: {339234B4-4E14-4280-B8B4-8BAE5AF99063} http://zone.msn.com/bingame/zpagames/zpa_kqrp.cab46783.cab (Reg Error: Key error.)

O16 - DPF: {341FF14B-00CB-49F5-A427-A164DF1D5E1F} http://musicstore.connect.com/XSL/mb_us/ht...ALStreaming.cab (MALPlaybackCtrl Class)

O16 - DPF: {3BB54395-5982-4788-8AF4-B5388FFDD0D8} http://zone.msn.com/BinFrameWork/v10/ZBuddy.cab32846.cab (Reg Error: Key error.)

O16 - DPF: {4A3CF76B-EC7A-405D-A67D-8DC6B52AB35B} http://aolcc.aolsvc.aol.co.uk/computercheckup/qdiagcc.cab (QDiagAOLCCUpdateObj Class)

O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} http://gfx2.hotmail.com/mail/w2/pr02/resources/MSNPUpld.cab (MSN Photo Upload Tool)

O16 - DPF: {5736C456-EA94-4AAC-BB08-917ABDD035B3} http://zone.msn.com/binframework/v10/ZPAChat.cab32846.cab (Reg Error: Key error.)

O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} http://security.symantec.com/sscv6/SharedC...n/bin/cabsa.cab (Reg Error: Key error.)

O16 - DPF: {70BA88C8-DAE8-4CE9-92BB-979C4A75F53B} http://launch.gamespyarcade.com/software/launch/alaunch.cab (Reg Error: Key error.)

O16 - DPF: {7DFDB8FD-B498-4958-B930-38021B94351D} http://imlive.com/chatsource/ImlCID.cab (Reg Error: Key error.)

O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flash...t/ultrashim.cab (Reg Error: Key error.)

O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} http://acs.pandasoftware.com/activescan/as5free/asinst.cab (Reg Error: Key error.)

O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} http://messenger.msn.com/download/MsnMesse...pDownloader.cab (Reg Error: Key error.)

O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} http://messenger.zone.msn.com/binary/ZIntro.cab47946.cab (Reg Error: Key error.)

O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} http://messenger.zone.msn.com/binary/Bankshot.cab31267.cab (Reg Error: Key error.)

O16 - DPF: {BE833F39-1E0C-468C-BA70-25AAEE55775E} http://www.systemrequirementslab.com/sysreqlab.cab (Reg Error: Key error.)

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.macromedia.com/get/flash...ent/swflash.cab (Shockwave Flash Object)

O16 - DPF: {D4003189-95B1-4A2F-9A87-F2B03665960D} http://www.vexcast.com/download/vexcast.cab (VodClient Control Class)

O16 - DPF: {DA2AA6CF-5C7A-4B71-BC3B-C771BB369937} http://zone.msn.com/binframework/v10/StProxy.cab41227.cab (Reg Error: Key error.)

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)

O16 - DPF: {E5D419D6-A846-4514-9FAD-97E826C84822} http://fdl.msn.com/zone/datafiles/heartbeat.cab (Reg Error: Key error.)

O16 - DPF: {FDDBE2B8-6602-4AD8-946D-94C5A32FA6C5} http://67.15.101.3/g_bin/eng/snooker_2_0_0_28.cab (Reg Error: Key error.)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1

O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - Reg Error: Key error. File not found

O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)

O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)

O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)

O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)

O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)

O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\WINDOWS\System32\igfxdev.dll (Intel Corporation)

O24 - Desktop WallPaper: C:\Documents and Settings\Mandeep\Local Settings\Application Data\Microsoft\Wallpaper1.bmp

O24 - Desktop BackupWallPaper: C:\Documents and Settings\Mandeep\Local Settings\Application Data\Microsoft\Wallpaper1.bmp

O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)

O29 - HKLM SecurityProviders - (zwebauth.dll) - C:\WINDOWS\System32\ZWebAuth.dll ()

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2004/08/10 14:04:08 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]

O34 - HKLM BootExecute: (autocheck autochk *) - File not found

O34 - HKLM BootExecute: (lsdelete) - C:\WINDOWS\System32\lsdelete.exe ()

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37 - HKLM\...com [@ = ComFile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 90 Days ==========

[2010/09/23 01:17:43 | 000,000,000 | -HSD | C] -- C:\RECYCLER

[2010/09/21 00:58:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mandeep\Application Data\BitDefender

[2010/09/21 00:57:35 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\BitDefender

[2010/09/21 00:57:35 | 000,000,000 | ---D | C] -- C:\Program Files\BitDefender

[2010/09/21 00:57:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\BitDefender

[2010/09/20 02:32:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\DivX

[2010/09/11 23:08:49 | 000,000,000 | ---D | C] -- C:\WINDOWS\temp

[2010/09/06 20:05:36 | 000,000,000 | RHSD | C] -- C:\cmdcons

[2010/09/06 19:59:39 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe

[2010/09/06 19:59:39 | 000,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe

[2010/09/06 19:59:39 | 000,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe

[2010/09/06 19:59:39 | 000,031,232 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe

[2010/09/06 19:59:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT

[2010/09/06 19:58:17 | 000,000,000 | ---D | C] -- C:\Qoobox

[2010/09/05 16:03:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mandeep\Desktop\JavaRa

[2010/08/31 02:40:11 | 000,000,000 | -H-D | C] -- C:\WINDOWS\PIF

[2010/08/16 20:58:34 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro

[2010/06/25 21:48:30 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Mandeep\Recent

[2006/11/20 10:01:08 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Program Files\Common Files\AMCap.exe

[13 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

[13 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 90 Days ==========

[2010/09/23 00:46:26 | 000,000,884 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job

[2010/09/23 00:46:09 | 000,000,880 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job

[2010/09/21 01:40:28 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl

[2010/09/21 01:39:59 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT

[2010/09/21 01:39:48 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat

[2010/09/21 01:39:47 | 526,536,704 | -HS- | M] () -- C:\hiberfil.sys

[2010/09/21 01:38:26 | 009,437,184 | ---- | M] () -- C:\Documents and Settings\Mandeep\ntuser.dat

[2010/09/21 01:38:26 | 000,000,178 | -HS- | M] () -- C:\Documents and Settings\Mandeep\ntuser.ini

[2010/09/21 01:38:08 | 000,000,121 | ---- | M] () -- C:\WINDOWS\bdagent.INI

[2010/09/21 01:32:40 | 000,001,004 | ---- | M] () -- C:\WINDOWS\System32\BDUpdateV1.xml

[2010/09/21 01:13:49 | 000,081,984 | ---- | M] () -- C:\WINDOWS\System32\bdod.bin

[2010/09/21 00:59:32 | 003,773,200 | -H-- | M] () -- C:\Documents and Settings\Mandeep\Local Settings\Application Data\IconCache.db

[2010/09/21 00:58:05 | 000,001,863 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\BitDefender Antivirus 2009.lnk

[2010/09/20 15:22:51 | 000,000,690 | ---- | M] () -- C:\Documents and Settings\Mandeep\Desktop\SpywareBlaster.lnk

[2010/09/20 12:47:24 | 000,001,813 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Google Chrome.lnk

[2010/09/20 03:05:58 | 000,001,475 | ---- | M] () -- C:\Documents and Settings\Mandeep\Desktop\DivX Movies.lnk

[2010/09/20 03:04:11 | 000,000,777 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\DivX Plus Player.lnk

[2010/09/20 03:02:28 | 000,000,817 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\DivX Plus Converter.lnk

[2010/09/15 03:11:43 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK

[2010/09/14 02:14:44 | 000,002,137 | ---- | M] () -- C:\Documents and Settings\Mandeep\Desktop\iTunes.lnk

[2010/09/14 01:56:57 | 000,114,176 | ---- | M] () -- C:\Documents and Settings\Mandeep\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2010/09/14 00:47:58 | 000,000,705 | ---- | M] () -- C:\Documents and Settings\Mandeep\Desktop\Shortcut to 100CASIO Wedding.lnk

[2010/09/11 22:58:44 | 000,000,227 | ---- | M] () -- C:\WINDOWS\system.ini

[2010/09/11 22:58:20 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts

[2010/09/11 21:51:58 | 003,842,655 | R--- | M] () -- C:\Documents and Settings\Mandeep\Desktop\Combo-Fix.exe

[2010/09/09 14:35:24 | 000,075,264 | ---- | M] () -- C:\Documents and Settings\Mandeep\Desktop\SystemLook.exe

[2010/09/06 20:05:51 | 000,000,327 | RHS- | M] () -- C:\boot.ini

[2010/09/05 19:45:11 | 000,007,636 | ---- | M] () -- C:\Documents and Settings\Mandeep\My Documents\Turkmenistan Airlines Complaint Letter.doc

[2010/09/05 19:43:24 | 000,016,384 | ---- | M] () -- C:\Documents and Settings\Mandeep\My Documents\Turkmenistan Airlines Complaint Letter.wps

[2010/09/04 22:37:47 | 000,005,705 | ---- | M] () -- C:\Documents and Settings\Mandeep\Desktop\Attach.rar

[2010/09/03 22:18:43 | 000,000,020 | ---- | M] () -- C:\Documents and Settings\Mandeep\defogger_reenable

[2010/08/31 02:38:44 | 000,000,444 | ---- | M] () -- C:\WINDOWS\win.ini

[2010/08/31 02:38:44 | 000,000,211 | ---- | M] () -- C:\Boot.bak

[2010/08/19 01:09:07 | 000,000,385 | ---- | M] () -- C:\WINDOWS\System32\user_gensett.xml

[2010/08/16 20:58:36 | 000,001,734 | ---- | M] () -- C:\Documents and Settings\Mandeep\Desktop\Hijackthis.lnk

[2010/08/14 09:47:11 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job

[2010/08/13 02:20:44 | 000,278,152 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT

[2010/08/12 02:49:52 | 000,508,476 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI

[2010/08/12 02:49:52 | 000,446,124 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat

[2010/08/12 02:49:52 | 000,073,346 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat

[2010/08/05 11:07:02 | 000,010,752 | ---- | M] () -- C:\Documents and Settings\Mandeep\My Documents\CV hameet.doc.wps

[2010/06/25 01:42:59 | 000,000,036 | ---- | M] () -- C:\Documents and Settings\Mandeep\Local Settings\Application Data\housecall.guid.cache

[13 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

[13 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/09/20 03:04:11 | 000,000,777 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\DivX Plus Player.lnk

[2010/09/20 03:02:28 | 000,000,817 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\DivX Plus Converter.lnk

[2010/09/14 00:47:58 | 000,000,705 | ---- | C] () -- C:\Documents and Settings\Mandeep\Desktop\Shortcut to 100CASIO Wedding.lnk

[2010/09/09 14:35:24 | 000,075,264 | ---- | C] () -- C:\Documents and Settings\Mandeep\Desktop\SystemLook.exe

[2010/09/06 20:05:50 | 000,000,211 | ---- | C] () -- C:\Boot.bak

[2010/09/06 20:05:42 | 000,260,272 | RHS- | C] () -- C:\cmldr

[2010/09/06 19:59:39 | 000,256,512 | ---- | C] () -- C:\WINDOWS\PEV.exe

[2010/09/06 19:59:39 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe

[2010/09/06 19:59:39 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe

[2010/09/06 19:59:39 | 000,077,312 | ---- | C] () -- C:\WINDOWS\MBR.exe

[2010/09/06 19:59:39 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe

[2010/09/06 19:54:35 | 003,842,655 | R--- | C] () -- C:\Documents and Settings\Mandeep\Desktop\Combo-Fix.exe

[2010/09/05 19:33:34 | 000,007,636 | ---- | C] () -- C:\Documents and Settings\Mandeep\My Documents\Turkmenistan Airlines Complaint Letter.doc

[2010/09/05 19:32:04 | 000,016,384 | ---- | C] () -- C:\Documents and Settings\Mandeep\My Documents\Turkmenistan Airlines Complaint Letter.wps

[2010/09/04 23:30:33 | 526,536,704 | -HS- | C] () -- C:\hiberfil.sys

[2010/09/03 22:42:31 | 000,005,705 | ---- | C] () -- C:\Documents and Settings\Mandeep\Desktop\Attach.rar

[2010/09/03 22:18:25 | 000,000,020 | ---- | C] () -- C:\Documents and Settings\Mandeep\defogger_reenable

[2010/08/05 11:07:02 | 000,010,752 | ---- | C] () -- C:\Documents and Settings\Mandeep\My Documents\CV hameet.doc.wps

[2010/07/14 20:39:31 | 000,001,374 | ---- | C] () -- C:\WINDOWS\imsins.BAK

[2010/06/25 01:42:59 | 000,000,036 | ---- | C] () -- C:\Documents and Settings\Mandeep\Local Settings\Application Data\housecall.guid.cache

[2009/09/11 16:02:40 | 000,162,304 | ---- | C] () -- C:\WINDOWS\System32\ztvunrar36.dll

[2009/09/11 16:02:40 | 000,153,088 | ---- | C] () -- C:\WINDOWS\System32\UNRAR3.dll

[2009/09/11 16:02:40 | 000,077,312 | ---- | C] () -- C:\WINDOWS\System32\ztvunace26.dll

[2009/09/11 16:02:40 | 000,075,264 | ---- | C] () -- C:\WINDOWS\System32\unacev2.dll

[2009/07/24 02:57:06 | 000,041,872 | ---- | C] () -- C:\WINDOWS\System32\xfcodec.dll

[2009/06/15 18:31:45 | 000,000,121 | ---- | C] () -- C:\WINDOWS\bdagent.INI

[2008/12/31 17:25:42 | 000,000,095 | ---- | C] () -- C:\WINDOWS\wininit.ini

[2008/12/24 19:27:00 | 000,000,472 | ---- | C] () -- C:\WINDOWS\System32\Remover.ini

[2008/10/09 15:31:54 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\txmlutil.dll

[2008/08/11 22:33:40 | 000,000,002 | -HS- | C] () -- C:\Documents and Settings\Mandeep\Application Data\evf

[2008/05/22 18:43:14 | 000,000,025 | ---- | C] () -- C:\WINDOWS\cdplayer.ini

[2008/03/01 16:33:46 | 000,000,130 | ---- | C] () -- C:\Documents and Settings\Mandeep\Local Settings\Application Data\fusioncache.dat

[2007/06/29 12:07:36 | 000,000,566 | ---- | C] () -- C:\WINDOWS\System32\SP207.ini

[2007/04/10 19:27:15 | 000,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI

[2007/02/26 17:49:54 | 000,000,250 | ---- | C] () -- C:\WINDOWS\gmer.ini

[2007/02/26 17:49:53 | 000,565,311 | ---- | C] () -- C:\WINDOWS\gmer.dll

[2007/02/21 18:26:03 | 000,011,776 | ---- | C] () -- C:\WINDOWS\System32\ZPORT4AS.dll

[2007/01/31 13:50:32 | 000,913,408 | ---- | C] () -- C:\WINDOWS\System32\xreglib.dll

[2007/01/02 23:35:30 | 000,000,057 | ---- | C] () -- C:\WINDOWS\System32\peer.ini

[2006/12/18 20:58:54 | 000,000,397 | ---- | C] () -- C:\WINDOWS\lexstat.ini

[2006/12/18 20:58:24 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\lxczvs.dll

[2006/12/18 20:57:50 | 000,000,270 | ---- | C] () -- C:\WINDOWS\System32\lxczcoin.ini

[2006/10/17 19:19:22 | 000,053,299 | ---- | C] () -- C:\WINDOWS\System32\pthreadVC.dll

[2006/08/29 17:43:06 | 000,000,859 | ---- | C] () -- C:\WINDOWS\{0240BDFB-2995-4A3F-8C96-18D41282B716}_WiseFW.ini

[2006/08/20 19:24:22 | 000,102,912 | R--- | C] () -- C:\WINDOWS\System32\JPEGCODE.DLL

[2006/07/05 15:52:32 | 000,005,606 | ---- | C] () -- C:\WINDOWS\System32\stci.dll

[2006/06/10 22:12:58 | 000,000,128 | ---- | C] () -- C:\Documents and Settings\Mandeep\Application Data\iScrobbler.ini

[2006/04/14 20:25:31 | 000,001,767 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache

[2006/04/05 00:05:00 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\xmltok.dll

[2006/04/05 00:05:00 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\xmlparse.dll

[2006/03/28 16:38:21 | 000,000,112 | ---- | C] () -- C:\WINDOWS\ActiveSkin.INI

[2006/03/24 04:01:20 | 000,004,296 | ---- | C] () -- C:\WINDOWS\pp21cn.dll

[2006/02/08 17:15:15 | 000,000,004 | ---- | C] () -- C:\WINDOWS\msoffice.ini

[2005/12/31 19:59:46 | 000,000,272 | ---- | C] () -- C:\WINDOWS\Clony2.ini

[2005/12/30 21:54:32 | 000,114,176 | ---- | C] () -- C:\Documents and Settings\Mandeep\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2005/12/14 23:55:12 | 000,016,973 | ---- | C] () -- C:\WINDOWS\System32\ZWebAuth.dll

[2005/12/14 23:46:59 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\vidx16.dll

[2005/12/14 22:38:55 | 000,000,541 | ---- | C] () -- C:\WINDOWS\AppRun.ini

[2005/12/14 22:38:22 | 000,000,448 | ---- | C] () -- C:\WINDOWS\dellstat.ini

[2005/12/08 16:26:09 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini

[2005/12/08 15:58:30 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\dlbcvs.dll

[2005/12/08 15:58:30 | 000,000,200 | ---- | C] () -- C:\WINDOWS\System32\dlbcplc.ini

[2005/12/08 15:58:28 | 000,000,373 | ---- | C] () -- C:\WINDOWS\System32\dlbccoin.ini

[2005/12/08 15:58:04 | 000,000,402 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI

[2005/05/12 08:25:24 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini

[2004/08/10 14:12:05 | 000,000,780 | ---- | C] () -- C:\WINDOWS\orun32.ini

[2004/08/10 14:01:18 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini

[2003/03/27 17:28:44 | 000,004,955 | ---- | C] () -- C:\WINDOWS\System32\DProg.ini

========== LOP Check ==========

[2010/09/21 01:00:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\BitDefender

[2006/12/18 21:03:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\BVRP Software

[2007/04/24 19:37:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Driving Test Success

[2007/12/14 19:52:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Grisoft

[2007/04/24 19:39:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Hazard Perception Training

[2008/03/27 00:09:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Installations

[2006/11/29 22:36:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\pixelStorm

[2009/09/11 16:02:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Simply Super Software

[2006/07/05 16:14:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SupportSoft

[2009/12/22 20:31:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP

[2008/12/31 19:12:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\SACore

[2009/02/07 22:20:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mandeep\Application Data\AVGTOOLBAR

[2010/09/21 00:58:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mandeep\Application Data\BitDefender

[2010/01/05 05:25:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mandeep\Application Data\BitTorrent

[2009/06/24 17:38:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mandeep\Application Data\DNA

[2010/05/03 16:13:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mandeep\Application Data\Facebook

[2009/02/04 19:48:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mandeep\Application Data\GetRightToGo

[2009/06/21 23:04:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mandeep\Application Data\GrabPro

[2006/06/10 22:14:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mandeep\Application Data\last.fm

[2006/03/09 22:49:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mandeep\Application Data\Leadertech

[2009/05/24 22:04:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mandeep\Application Data\LimeWire

[2006/03/07 23:14:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mandeep\Application Data\MobileAction

[2005/12/31 20:20:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mandeep\Application Data\My Games

[2009/07/01 01:51:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mandeep\Application Data\Orbit

[2007/10/24 17:15:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mandeep\Application Data\PowerChallenge

[2007/01/02 23:28:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mandeep\Application Data\PPLive

[2007/01/13 02:09:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mandeep\Application Data\PPMate

[2008/02/24 16:16:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mandeep\Application Data\ppStream

[2007/05/20 21:56:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mandeep\Application Data\Shareaza

[2009/09/11 16:02:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mandeep\Application Data\Simply Super Software

[2008/06/05 20:02:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mandeep\Application Data\Sports Interactive

[2010/02/14 17:30:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mandeep\Application Data\Spotify

[2009/02/14 22:42:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mandeep\Application Data\SystemRequirementsLab

[2005/12/16 20:46:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mandeep\Application Data\Template

[2010/05/28 23:40:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mandeep\Application Data\uTorrent

[2008/03/24 18:32:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mandeep\Application Data\Viewpoint

========== Purity Check ==========

========== Alternate Data Streams ==========

@Alternate Data Stream - 339 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:05EE1EEF

@Alternate Data Stream - 122 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:CB0AACC9

@Alternate Data Stream - 118 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2

< End of report >

September 20, 2010

OTL logfile created on: 20/09/2010 18:29:48 - Run 1

OTL by OldTimer - Version 3.2.14.0 Folder = C:\Documents and Settings\Mandeep\My Documents\Downloads

Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 8.0.6001.18702)

Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

502.00 Mb Total Physical Memory | 112.00 Mb Available Physical Memory | 22.00% Memory free

1.00 Gb Paging File | 1.00 Gb Available in Paging File | 75.00% Paging File free

Paging file location(s): C:\pagefile.sys 756 1512 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files

Drive C: | 71.45 Gb Total Space | 29.01 Gb Free Space | 40.60% Space Free | Partition Type: NTFS

D: Drive not present or media not loaded

E: Drive not present or media not loaded

F: Drive not present or media not loaded

G: Drive not present or media not loaded

H: Drive not present or media not loaded

I: Drive not present or media not loaded

Computer Name: SIDHU

Current User Name: Mandeep

Logged in as Administrator.

Current Boot Mode: Normal

Scan Mode: All users

Company Name Whitelist: On

Skip Microsoft Files: On

File Age = 90 Days

Output = Standard

Quick Scan

========== Processes (SafeList) ==========

PRC - [2010/09/20 16:11:42 | 000,576,000 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Mandeep\My Documents\Downloads\OTL.exe

PRC - [2010/09/17 00:01:42 | 000,975,928 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Chrome\Application\chrome.exe

PRC - [2010/09/01 07:39:18 | 001,164,584 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe

PRC - [2010/05/14 11:00:26 | 000,249,136 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe

PRC - [2009/10/19 23:20:33 | 000,198,160 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Common Files\Real\Update_OB\realsched.exe

PRC - [2008/04/14 01:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe

PRC - [2008/04/05 20:10:20 | 000,607,576 | ---- | M] (Lavasoft) -- C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe

========== Modules (SafeList) ==========

MOD - [2010/09/20 16:11:42 | 000,576,000 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Mandeep\My Documents\Downloads\OTL.exe

MOD - [2009/10/19 23:21:24 | 000,102,400 | ---- | M] (RealPlayer) -- c:\Program Files\Real\realplayer\browserrecord\chrome\hook\rpchromebrowserrecordhelper.dll

MOD - [2009/10/19 23:20:35 | 000,348,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcr71.dll

MOD - [2009/10/19 23:20:34 | 000,499,712 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcp71.dll

MOD - [2009/08/13 14:55:04 | 001,748,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6001.22319_x-ww_f0b4c2df\GdiPlus.dll

MOD - [2008/04/14 01:10:20 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx

========== Win32 Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- C:\Program Files\Common Files\BitDefender\BitDefender Threat Scanner\scan.dll -- (scan)