CPU Usage keeps on increasing

Hey!

The issue is that whenever I start my laptop, lets say the CPU usage at startup is 230MB, then, it starts on increasing with 1 MB or 2MB, I meant that it'll go to 232MB in 1 second, then, 233, then 234, then, it'll keep on increasing like this when in idle state , it'll go on till around 1.40 GB, at which point I'm left with no choice but to shut it down.

Its the same thing in safe mode also.

And, about the tools I've already ran are - MBAM, Superantispyware, Hijackthis, all the malware removal tools available on kaspersky's website including rootkit removal (TDSS Killer) and virut removal tool, nothing seems to be working. There's nothing suspicious in the startup, my sis got corel draw installed on the computer, and since then, this starts happening, maybe the transfer media would have been infected, but nothing is getting detected, so what to remove

Then, I ran the tool which I prefer as the last option - Hitman Pro, it scanned and showed that svchost.exe and other such system files are infected, but I couldn't remove them, because I had faced the same case with a friend of mine a long time ago, and when we did this removal, his computer won't even go into safe mode, so we had to install a fresh copy of OS on his system, and I don't want that.

I did a lot research before posting, and this is not a "virut" infection as i already have ran its removal tool.

Also, then I thought to run the best antiviruses on the system, first I tried with Kaspersky, it detected some infections in system files, but it just freezes on 4% scanning and that's it.
Then, I tried Bitdefender, nothing, its not able to remove the detected/infected files.

What to do now, can anyone suggest anything. Please don't suggest OS Re-install...

Anything would be appreciated...

Hello.

Download OTL by OldTimer to your Desktop.

• Close all windows and double click OTL.exe
  
• Click Run Scan and let the program run uninterrupted
  
• It will produce two logs for you, one will pop up - OTL.txt, the other will be saved on your Desktop - Extras.txt. Post both logs in this thread.
  
• You may need to use two posts to get it all.
  

OTL.txt :-


OTL logfile created on: 5/17/2011 8:35:57 PM - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\A
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1,013.00 Mb Total Physical Memory | 597.00 Mb Available Physical Memory | 59.00% Memory free
2.00 Gb Paging File | 2.00 Gb Available in Paging File | 90.00% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 138.05 Gb Total Space | 6.79 Gb Free Space | 4.92% Space Free | Partition Type: NTFS
Drive D: | 122.24 Mb Total Space | 118.06 Mb Free Space | 96.58% Space Free | Partition Type: FAT

Computer Name: ACER-29E9B3877F | User Name: India | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/05/17 20:34:14 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\A\OTL.exe
PRC - [2010/02/12 09:14:07 | 000,516,592 | ---- | M] (Google Inc.) -- C:\Documents and Settings\India\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
PRC - [2008/04/14 17:30:00 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe


========== Modules (SafeList) ==========

MOD - [2011/05/17 20:34:14 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\A\OTL.exe
MOD - [2008/04/14 17:30:00 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- -- (AppMgmt)
SRV - [2011/05/17 20:10:04 | 000,340,520 | ---- | M] (Kaspersky Lab) [Auto | Stopped] -- C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe -- (AVP)
SRV - [2011/01/27 21:21:05 | 002,253,688 | ---- | M] (TeamViewer GmbH) [Disabled | Stopped] -- C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe -- (TeamViewer6)
SRV - [2011/01/25 15:08:32 | 000,032,768 | ---- | M] (BCL Technologies) [Disabled | Stopped] -- C:\Program Files\BCL Technologies\easyPDF Server 6\easyPDFService.exe -- (BCL easyPDF Server)
SRV - [2010/09/27 21:06:24 | 000,176,408 | ---- | M] (iWin Inc.) [Disabled | Stopped] -- C:\Program Files\iWin Games\iWinTrusted.exe -- (iWinTrusted)
SRV - [2010/04/29 15:39:34 | 000,304,464 | ---- | M] (Malwarebytes Corporation) [Disabled | Stopped] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2010/01/13 14:33:48 | 000,109,648 | ---- | M] (Dritek System Inc.) [Disabled | Stopped] -- C:\Program Files\Launch Manager\dsiwmis.exe -- (DsiWMIService)
SRV - [2009/09/10 19:12:46 | 000,305,448 | ---- | M] () [Disabled | Stopped] -- C:\Program Files\EgisTec\MyWinLocker 3\x86\\MWLService.exe -- (MWLService)
SRV - [2009/07/04 08:17:12 | 000,240,160 | ---- | M] (Acer) [Disabled | Stopped] -- C:\Program Files\Acer\Acer Updater\UpdaterService.exe -- (Updater Service)
SRV - [2009/06/05 08:33:06 | 000,354,840 | ---- | M] (Intel Corporation) [Disabled | Stopped] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel(R)
SRV - [2008/11/10 02:18:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Disabled | Stopped] -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)


========== Driver Services (SafeList) ==========

DRV - [2011/05/04 14:46:37 | 000,315,408 | ---- | M] (Kaspersky Lab) [File_System | System | Stopped] -- C:\WINDOWS\system32\drivers\klif.sys -- (KLIF)
DRV - [2011/02/09 17:00:49 | 000,106,880 | ---- | M] (AnyDATA.NET INC.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\adusbser.sys -- (adusbser)
DRV - [2011/01/25 16:10:06 | 000,097,112 | ---- | M] (Tonec Inc.) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\idmtdi.sys -- (IDMTDI)
DRV - [2011/01/12 15:12:12 | 000,025,088 | ---- | M] (TeamViewer GmbH) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\teamviewervpn.sys -- (teamviewervpn)
DRV - [2010/07/30 14:16:46 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2010/07/30 14:16:44 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2010/07/30 14:16:42 | 000,023,040 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2010/07/30 14:16:38 | 000,018,048 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2010/05/11 00:11:30 | 000,067,656 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Stopped] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2010/04/29 15:39:38 | 000,038,224 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy)
DRV - [2010/04/29 15:39:26 | 000,020,952 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2010/02/18 21:16:14 | 000,023,552 | ---- | M] (VMC India Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pppoe.sys -- (PPPOEP)
DRV - [2010/02/18 21:16:14 | 000,023,552 | ---- | M] (VMC India Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\pppoe.sys -- (PPPOEMP)
DRV - [2010/02/17 23:55:48 | 000,012,872 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Stopped] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2010/02/03 15:35:32 | 000,108,752 | ---- | M] (ENE Technology Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\EUCR6SK.sys -- (EUCR)
DRV - [2010/01/13 10:55:54 | 001,766,784 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\snp2uvc.sys -- (SNP2UVC) USB2.0 PC Camera (SNP2UVC)
DRV - [2010/01/05 06:24:48 | 001,602,856 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\athw.sys -- (AR5416)
DRV - [2009/12/09 15:22:54 | 006,017,568 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2009/11/18 04:47:00 | 001,395,800 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Monfilt.sys -- (Monfilt)
DRV - [2009/11/18 04:46:00 | 001,691,480 | ---- | M] (Creative) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Ambfilt.sys -- (Ambfilt)
DRV - [2009/10/14 20:18:34 | 000,036,880 | ---- | M] (Kaspersky Lab) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\klbg.sys -- (klbg)
DRV - [2009/10/02 18:39:44 | 000,019,472 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\klmouflt.sys -- (klmouflt)
DRV - [2009/09/19 02:24:38 | 000,533,152 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btaudio.sys -- (btaudio)
DRV - [2009/09/14 13:42:46 | 000,032,272 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\klim5.sys -- (klim5)
DRV - [2009/09/09 10:24:44 | 000,045,984 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btwusb.sys -- (BTWUSB)
DRV - [2009/09/04 11:16:08 | 000,045,056 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\l1c51x86.sys -- (L1c)
DRV - [2009/09/01 14:29:50 | 000,128,016 | ---- | M] (Kaspersky Lab) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\kl1.sys -- (kl1)
DRV - [2009/07/10 01:15:00 | 000,991,264 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btkrnl.sys -- (BTKRNL)
DRV - [2009/05/12 03:15:26 | 000,056,992 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btwhid.sys -- (btwhid)
DRV - [2008/12/02 09:22:00 | 000,058,800 | ---- | M] (Egis Incorporated.) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\mwlPSDVDisk.sys -- (mwlPSDVDisk)
DRV - [2008/12/02 09:22:00 | 000,017,840 | ---- | M] (Egis Incorporated.) [File_System | System | Stopped] -- C:\WINDOWS\system32\drivers\mwlPSDFilter.sys -- (mwlPSDFilter)
DRV - [2008/12/02 09:22:00 | 000,015,280 | ---- | M] (Egis Incorporated.) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\mwlPSDNserv.sys -- (mwlPSDNServ)
DRV - [2008/08/26 16:17:04 | 000,113,664 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ewusbnet.sys -- (ewusbnet)
DRV - [2008/08/26 10:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2008/07/25 06:07:10 | 000,156,816 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btwdndis.sys -- (BTWDNDIS)
DRV - [2008/07/24 12:02:36 | 000,101,376 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ewusbmdm.sys -- (hwdatacard)
DRV - [2008/02/05 06:27:44 | 000,037,160 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btport.sys -- (BTDriver)
DRV - [2008/02/05 06:27:30 | 000,037,032 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btwmodem.sys -- (btwmodem)
DRV - [2007/10/16 11:40:50 | 000,097,408 | ---- | M] (Mobile Connector) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\cmusbser.sys -- (qcusbser)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACAW&l=0409&m=ao532h&r=0xph0710w115l0404wuj5w55j2r26r
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [Binary data over 100 bytes]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = [Binary data over 100 bytes]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer.com/rdr.aspx?b=ACAW&l=0409&m=ao532h&r=0xph0710w115l0404wuj5w55j2r26r

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://google.com/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: linkfilter@kaspersky.ru:9.0.0.736
FF - prefs.js..extensions.enabledItems: {000a9d1c-beef-4f90-9363-039d445309b8}:0.5.36.0
FF - prefs.js..extensions.enabledItems: bkmrksync@nokia.com:1.0.0.732
FF - prefs.js..extensions.enabledItems: {A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}:7.3.3.42
FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:5.0.0.6906
FF - prefs.js..extensions.enabledItems: mozilla_cc@internetdownloadmanager.com:7.2.5
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.3
FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.8.3
FF - prefs.js..extensions.enabledItems: noia2_option@kk.noia:3.76
FF - prefs.js..extensions.enabledItems: {C0CB8BA3-6C1B-47e8-A6AB-1FAB889562D9}:0.6.0.6
FF - prefs.js..extensions.enabledItems: {ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a}:1.4.1
FF - prefs.js..extensions.enabledItems: {73a6fe31-595d-460b-a920-fcc0f8843232}:2.0.9.8
FF - prefs.js..extensions.enabledItems: personas@christopher.beard:1.6.1
FF - prefs.js..extensions.enabledItems: {1280606b-2510-4fe0-97ef-9b5a22eafe80}:0.7
FF - prefs.js..extensions.enabledItems: {9f08cb5a-76b1-4bcf-aff9-90e1a5d60b1e}:3.76

FF - HKLM\software\mozilla\Firefox\Extensions\\{000a9d1c-beef-4f90-9363-039d445309b8}: C:\Program Files\Google\Google Gears\Firefox\ [2010/09/09 08:51:47 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\bkmrksync@nokia.com: C:\Program Files\Nokia\Nokia PC Suite 7\bkmrksync\ [2010/09/16 12:45:24 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}: C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension\ [2010/11/26 10:29:43 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{98e34367-8df7-42b4-837b-20b892ff0849}: C:\Program Files\iWin Games\firefox\ [2011/01/05 20:09:26 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{6E19037A-12E3-4295-8915-ED48BC341614}: C:\Program Files\RelevantKnowledge
FF - HKLM\software\mozilla\Mozilla Firefox 4.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/04/09 00:03:02 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/04/09 00:03:01 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1.7\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2011/01/07 22:55:20 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1.7\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins
FF - HKLM\software\mozilla\Thunderbird\Extensions\\{CCB7D94B-CA92-4E3F-B79D-ADE0F07ADC74}: C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension\ [2010/11/26 10:29:44 | 000,000,000 | ---D | M]

[2010/08/16 00:37:52 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\India\Application Data\Mozilla\Extensions
[2010/08/16 00:37:52 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\India\Application Data\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2011/05/17 20:22:26 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\India\Application Data\Mozilla\Firefox\Profiles\zw0skdf1.default\extensions
[2011/03/05 10:12:14 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\India\Application Data\Mozilla\Firefox\Profiles\zw0skdf1.default\extensions\{1280606b-2510-4fe0-97ef-9b5a22eafe80}
[2011/03/05 08:46:05 | 000,000,000 | ---D | M] (Noia 2.0 (eXtreme)) -- C:\Documents and Settings\India\Application Data\Mozilla\Firefox\Profiles\zw0skdf1.default\extensions\{9f08cb5a-76b1-4bcf-aff9-90e1a5d60b1e}
[2011/04/09 00:51:07 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Documents and Settings\India\Application Data\Mozilla\Firefox\Profiles\zw0skdf1.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2011/03/05 08:50:17 | 000,000,000 | ---D | M] (Noia 2.0 eXtreme OPT) -- C:\Documents and Settings\India\Application Data\Mozilla\Firefox\Profiles\zw0skdf1.default\extensions\noia2_option@kk.noia
[2011/03/05 08:50:17 | 000,000,000 | ---D | M] (SkipScreen) -- C:\Documents and Settings\India\Application Data\Mozilla\Firefox\Profiles\zw0skdf1.default\extensions\SkipScreen@SkipScreen
[2011/04/17 21:43:46 | 000,000,000 | ---D | M] (LogMeIn, Inc. Rescue Technician Console) -- C:\Documents and Settings\India\Application Data\Mozilla\Firefox\Profiles\zw0skdf1.default\extensions\TechnicianConsole@logmeinrescue.com
[2010/11/10 22:45:21 | 000,002,243 | ---- | M] () -- C:\Documents and Settings\India\Application Data\Mozilla\Firefox\Profiles\zw0skdf1.default\searchplugins\extratorrentcom-torrent-search.xml
[2010/07/23 21:48:10 | 000,001,504 | ---- | M] () -- C:\Documents and Settings\India\Application Data\Mozilla\Firefox\Profiles\zw0skdf1.default\searchplugins\imdb.xml
[2011/05/17 20:28:36 | 000,004,873 | ---- | M] () -- C:\Documents and Settings\India\Application Data\Mozilla\Firefox\Profiles\zw0skdf1.default\searchplugins\isohunt--bt-search.xml
[2010/07/23 21:45:23 | 000,001,620 | ---- | M] () -- C:\Documents and Settings\India\Application Data\Mozilla\Firefox\Profiles\zw0skdf1.default\searchplugins\mozilla-add-ons.xml
[2010/07/23 21:50:38 | 000,004,140 | ---- | M] () -- C:\Documents and Settings\India\Application Data\Mozilla\Firefox\Profiles\zw0skdf1.default\searchplugins\youtube.xml
[2011/04/09 00:03:02 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011/01/09 12:54:58 | 000,000,000 | ---D | M] (Skype extension) -- C:\Program Files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
[2010/07/23 22:21:53 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010/08/26 01:47:43 | 000,000,000 | ---D | M] (Kaspersky URL Advisor) -- C:\Program Files\Mozilla Firefox\extensions\linkfilter@kaspersky.ru
File not found (No name found) --
[2011/02/17 22:04:33 | 000,000,000 | ---D | M] (IDM CC) -- C:\DOCUMENTS AND SETTINGS\INDIA\APPLICATION DATA\IDM\IDMMZCC3
() (No name found) -- C:\DOCUMENTS AND SETTINGS\INDIA\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\ZW0SKDF1.DEFAULT\EXTENSIONS\{73A6FE31-595D-460B-A920-FCC0F8843232}.XPI
() (No name found) -- C:\DOCUMENTS AND SETTINGS\INDIA\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\ZW0SKDF1.DEFAULT\EXTENSIONS\{C0CB8BA3-6C1B-47E8-A6AB-1FAB889562D9}.XPI
() (No name found) -- C:\DOCUMENTS AND SETTINGS\INDIA\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\ZW0SKDF1.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
() (No name found) -- C:\DOCUMENTS AND SETTINGS\INDIA\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\ZW0SKDF1.DEFAULT\EXTENSIONS\{EF4E370E-D9F0-4E00-B93E-A4F274CFDD5A}.XPI
() (No name found) -- C:\DOCUMENTS AND SETTINGS\INDIA\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\ZW0SKDF1.DEFAULT\EXTENSIONS\PERSONAS@CHRISTOPHER.BEARD.XPI
[2010/07/23 22:21:38 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2011/03/18 23:23:24 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\browsercomps.dll
[2010/07/23 22:21:38 | 000,423,656 | ---- | M] (Oracle) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2010/07/12 22:03:56 | 000,077,728 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npwachk.dll
[2010/01/01 13:30:00 | 000,002,252 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\bing.xml

O1 HOSTS File: ([2008/04/14 17:30:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (IDMIEHlprObj Class) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll (Internet Download Manager, Tonec Inc.)
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\ievkbd.dll (Kaspersky Lab)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Google Gears Helper) - {E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll (Google Inc.)
O2 - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\klwtbbho.dll (Kaspersky Lab)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O4 - HKLM..\Run: [AVP] C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe (Kaspersky Lab)
O4 - HKLM..\Run: [AzMixerSel] C:\Program Files\Realtek\Audio\Drivers\AzMixerSel.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [LManager] C:\Program Files\Launch Manager\LManager.exe (Dritek System Inc.)
O4 - HKCU..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe (Tonec Inc.)
O4 - HKCU..\RunOnce: [FlashPlayerUpdate] C:\WINDOWS\System32\Macromed\Flash\FlashUtil10m_Plugin.exe (Adobe Systems, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Bluetooth.lnk = C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 28
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Download all links with IDM - C:\Program Files\Internet Download Manager\IEGetAll.htm ()
O8 - Extra context menu item: Download FLV video content with IDM - C:\Program Files\Internet Download Manager\IEGetVL.htm ()
O8 - Extra context menu item: Download with IDM - C:\Program Files\Internet Download Manager\IEExt.htm ()
O9 - Extra 'Tools' menuitem : &Gears Settings - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll (Google Inc.)
O9 - Extra Button: &Virtual keyboard - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\klwtbbho.dll (Kaspersky Lab)
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: URLs c&heck - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\klwtbbho.dll (Kaspersky Lab)
O16 - DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} file:///C:/Program%20Files/Heroes%20of%20Hellas/Images/stg_drm.ocx (SpinTop DRM Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} file:///C:/Program%20Files/Heroes%20of%20Hellas/Images/armhelper.ocx (ArmHelper Control)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - AppInit_DLLs: (C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll) - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\mzvkbd3.dll (Kaspersky Lab)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (c:\program files\microsoft\watermark.exe) - c:\Program Files\Microsoft\WaterMark.exe ()
O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O20 - Winlogon\Notify\klogon: DllName - C:\WINDOWS\system32\klogon.dll - C:\WINDOWS\system32\klogon.dll (Kaspersky Lab)
O24 - Desktop WallPaper: C:\Documents and Settings\India\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\India\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010/02/25 15:14:46 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2011/04/30 19:31:16 | 000,008,492 | RHS- | M] () - D:\autorun.inf -- [ FAT ]
O33 - MountPoints2\{f94cbd0e-96ad-11df-8153-78e40001c92e}\Shell\AutoRun\command - "" = D:\vircure/vircure32.exe
O33 - MountPoints2\{f94cbd0e-96ad-11df-8153-78e40001c92e}\Shell\explore\command - "" = D:\vircure/vircure32.exe
O33 - MountPoints2\{f94cbd0e-96ad-11df-8153-78e40001c92e}\Shell\open\command - "" = D:\vircure/vircure32.exe
O33 - MountPoints2\{faa7de57-a8fa-11df-81ba-78e40001c92e}\Shell - "" = AutoRun
O33 - MountPoints2\{faa7de57-a8fa-11df-81ba-78e40001c92e}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{faa7de57-a8fa-11df-81ba-78e40001c92e}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/05/17 20:22:29 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\India\Recent
[2011/05/04 14:47:08 | 000,000,000 | ---D | C] -- C:\Program Files\Kaspersky Lab
[2011/05/04 14:47:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Kaspersky Anti-Virus 2010
[2011/05/04 14:46:37 | 000,315,408 | ---- | C] (Kaspersky Lab) -- C:\WINDOWS\System32\drivers\klif.sys
[2011/05/04 08:25:35 | 000,000,000 | ---D | C] -- C:\Program Files\Hitman Pro 3.5
[2011/05/04 08:25:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Hitman Pro 3.5
[2011/05/04 08:24:08 | 000,134,464 | ---- | C] (SurfRight B.V.) -- C:\WINDOWS\System32\LnkProtect.dll
[2011/04/30 19:36:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\Corel
[2011/04/30 19:35:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Corel Graphics Suite 11
[2011/04/30 19:35:16 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Corel
[2011/04/26 08:20:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\India\Local Settings\Application Data\HP
[2011/04/26 08:20:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\India\My Documents\OneNote Notebooks
[2011/04/18 01:33:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\speech
[2011/04/18 01:33:45 | 000,000,000 | ---D | C] -- C:\Program Files\NextUp Talker
[2011/04/18 01:14:53 | 000,000,000 | ---D | C] -- C:\Program Files\NaturalSoft
[2011/04/18 01:09:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\India\My Documents\naturalsoft
[2010/07/05 02:38:34 | 000,049,464 | ---- | C] ( ) -- C:\WINDOWS\AutosetFrequency.exe
[2010/07/05 02:32:26 | 000,245,120 | ---- | C] ( ) -- C:\WINDOWS\System32\rsnp2uvc.dll
[2010/07/05 02:32:26 | 000,202,112 | ---- | C] ( ) -- C:\WINDOWS\System32\csnp2uvc.dll
[2008/12/19 11:19:16 | 000,077,824 | ---- | C] ( ) -- C:\WINDOWS\Interop.DAO.dll
[11 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[10 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\*.tmp files -> C:\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/05/17 20:38:42 | 000,000,016 | ---- | M] () -- C:\WINDOWS\System32\dmlconf.dat
[2011/05/17 20:21:26 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/05/17 20:09:40 | 000,115,267 | ---- | M] () -- C:\WINDOWS\System32\drivers\klin.dat
[2011/05/17 20:09:39 | 000,097,859 | ---- | M] () -- C:\WINDOWS\System32\drivers\klick.dat
[2011/05/17 20:07:03 | 000,950,394 | ---- | M] () -- C:\c0.reg
[2011/05/17 19:56:08 | 000,000,466 | -HS- | M] () -- C:\WINDOWS\KLIF.spi
[2011/05/17 19:55:00 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011/05/17 19:11:28 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011/05/17 19:11:12 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/05/06 07:06:18 | 000,134,464 | ---- | M] (SurfRight B.V.) -- C:\WINDOWS\System32\LnkProtect.dll
[2011/05/04 14:46:37 | 000,315,408 | ---- | M] (Kaspersky Lab) -- C:\WINDOWS\System32\drivers\klif.sys
[2011/05/04 08:30:53 | 000,016,968 | ---- | M] () -- C:\WINDOWS\System32\drivers\hitmanpro35.sys
[2011/05/01 01:48:56 | 000,000,211 | RHS- | M] () -- C:\boot.ini
[2011/05/01 01:36:07 | 000,205,312 | ---- | M] () -- C:\Documents and Settings\India\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/04/30 23:10:49 | 000,368,096 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011/04/28 23:30:11 | 000,530,540 | ---- | M] () -- C:\Documents and Settings\India\My Documents\28042011275.jpg
[2011/04/26 08:26:25 | 000,403,575 | ---- | M] () -- C:\Documents and Settings\India\Desktop\Scan 004.jpg
[2011/04/26 08:25:12 | 000,398,048 | ---- | M] () -- C:\Documents and Settings\India\Desktop\Scan 003.jpg
[2011/04/26 08:23:53 | 000,575,679 | ---- | M] () -- C:\Documents and Settings\India\Desktop\Scan 002.jpg
[2011/04/26 08:22:59 | 000,559,781 | ---- | M] () -- C:\Documents and Settings\India\Desktop\Scan 001.jpg
[2011/04/26 08:21:41 | 000,521,790 | ---- | M] () -- C:\Documents and Settings\India\Desktop\Scan.jpg
[2011/04/26 08:20:24 | 000,000,955 | ---- | M] () -- C:\Documents and Settings\India\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk
[2011/04/25 02:07:22 | 000,001,136 | ---- | M] () -- C:\WINDOWS\GTA-SA_Trn_Settings.ini
[2011/04/24 18:03:35 | 000,020,502 | ---- | M] () -- C:\Documents and Settings\India\My Documents\cc_20110424_180330.reg
[2011/04/19 22:32:45 | 053,363,527 | ---- | M] () -- C:\Documents and Settings\All Users\Documents\Nitin Gupta ( Rivaldo) on Dropadi Cheerharan ( Hindi).flv
[2011/04/18 08:52:06 | 009,677,252 | ---- | M] () -- C:\Documents and Settings\All Users\Documents\Respire - trailer.mp4
[2011/04/18 00:40:57 | 004,315,618 | ---- | M] () -- C:\Documents and Settings\All Users\Documents\Shadow Goes Wild in Class.mp4
[2011/04/18 00:38:12 | 013,573,066 | ---- | M] () -- C:\Documents and Settings\All Users\Documents\Do Try THis aT hOmE... [HQ].mp4
[2011/04/17 23:54:00 | 001,641,766 | ---- | M] () -- C:\Documents and Settings\All Users\Documents\Clever Thinking or Cheating -.mp4
[2011/04/17 23:44:04 | 005,712,816 | ---- | M] () -- C:\Documents and Settings\All Users\Documents\Learning English [HQ].mp4
[2011/04/17 23:30:48 | 002,175,813 | ---- | M] () -- C:\Documents and Settings\All Users\Documents\How to make your Employee More Productive!!!.mp4
[2011/04/17 23:25:42 | 001,901,901 | ---- | M] () -- C:\Documents and Settings\All Users\Documents\Reading Inspires Kids.mp4
[2011/04/17 23:21:10 | 003,181,846 | ---- | M] () -- C:\Documents and Settings\All Users\Documents\How Ships are Launched ....!!.mp4
[2011/04/17 22:49:22 | 002,407,349 | ---- | M] () -- C:\Documents and Settings\All Users\Documents\Corporate Mathematics.mp4
[2011/04/17 22:46:05 | 004,988,925 | ---- | M] () -- C:\Documents and Settings\All Users\Documents\45000 ppl singing VANDEMATARAM...@ CWC 2011 finals [HQ].mp4
[2011/04/17 22:21:50 | 000,209,823 | ---- | M] () -- C:\Documents and Settings\All Users\Documents\131803.jpg
[11 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[10 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\*.tmp files -> C:\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/05/17 20:06:21 | 000,950,394 | ---- | C] () -- C:\c0.reg
[2011/05/17 19:17:44 | 000,000,466 | -HS- | C] () -- C:\WINDOWS\KLIF.spi
[2011/05/04 14:48:40 | 000,115,267 | ---- | C] () -- C:\WINDOWS\System32\drivers\klin.dat
[2011/05/04 14:48:39 | 000,097,859 | ---- | C] () -- C:\WINDOWS\System32\drivers\klick.dat
[2011/05/04 08:30:53 | 000,016,968 | ---- | C] () -- C:\WINDOWS\System32\drivers\hitmanpro35.sys
[2011/04/30 19:31:13 | 000,000,016 | ---- | C] () -- C:\WINDOWS\System32\dmlconf.dat
[2011/04/28 23:28:20 | 000,530,540 | ---- | C] () -- C:\Documents and Settings\India\My Documents\28042011275.jpg
[2011/04/26 08:26:03 | 000,403,575 | ---- | C] () -- C:\Documents and Settings\India\Desktop\Scan 004.jpg
[2011/04/26 08:24:50 | 000,398,048 | ---- | C] () -- C:\Documents and Settings\India\Desktop\Scan 003.jpg
[2011/04/26 08:23:31 | 000,575,679 | ---- | C] () -- C:\Documents and Settings\India\Desktop\Scan 002.jpg
[2011/04/26 08:22:36 | 000,559,781 | ---- | C] () -- C:\Documents and Settings\India\Desktop\Scan 001.jpg
[2011/04/26 08:21:07 | 000,521,790 | ---- | C] () -- C:\Documents and Settings\India\Desktop\Scan.jpg
[2011/04/26 08:20:24 | 000,000,955 | ---- | C] () -- C:\Documents and Settings\India\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk
[2011/04/24 18:03:33 | 000,020,502 | ---- | C] () -- C:\Documents and Settings\India\My Documents\cc_20110424_180330.reg
[2011/04/19 22:19:04 | 053,363,527 | ---- | C] () -- C:\Documents and Settings\All Users\Documents\Nitin Gupta ( Rivaldo) on Dropadi Cheerharan ( Hindi).flv
[2011/04/18 08:49:31 | 009,677,252 | ---- | C] () -- C:\Documents and Settings\All Users\Documents\Respire - trailer.mp4
[2011/04/18 00:43:42 | 004,315,618 | ---- | C] () -- C:\Documents and Settings\All Users\Documents\Shadow Goes Wild in Class.mp4
[2011/04/18 00:34:45 | 013,573,066 | ---- | C] () -- C:\Documents and Settings\All Users\Documents\Do Try THis aT hOmE... [HQ].mp4
[2011/04/17 23:54:54 | 001,641,766 | ---- | C] () -- C:\Documents and Settings\All Users\Documents\Clever Thinking or Cheating -.mp4
[2011/04/17 23:42:31 | 005,712,816 | ---- | C] () -- C:\Documents and Settings\All Users\Documents\Learning English [HQ].mp4
[2011/04/17 23:32:56 | 002,175,813 | ---- | C] () -- C:\Documents and Settings\All Users\Documents\How to make your Employee More Productive!!!.mp4
[2011/04/17 23:27:04 | 001,901,901 | ---- | C] () -- C:\Documents and Settings\All Users\Documents\Reading Inspires Kids.mp4
[2011/04/17 23:23:11 | 003,181,846 | ---- | C] () -- C:\Documents and Settings\All Users\Documents\How Ships are Launched ....!!.mp4
[2011/04/17 22:49:37 | 002,407,349 | ---- | C] () -- C:\Documents and Settings\All Users\Documents\Corporate Mathematics.mp4
[2011/04/17 22:47:45 | 004,988,925 | ---- | C] () -- C:\Documents and Settings\All Users\Documents\45000 ppl singing VANDEMATARAM...@ CWC 2011 finals [HQ].mp4
[2011/04/17 22:21:49 | 000,209,823 | ---- | C] () -- C:\Documents and Settings\All Users\Documents\131803.jpg
[2011/03/26 09:38:39 | 000,001,136 | ---- | C] () -- C:\WINDOWS\GTA-SA_Trn_Settings.ini
[2011/03/23 11:44:59 | 000,191,788 | ---- | C] () -- C:\WINDOWS\GTA San Andreas Uninstaller.exe
[2011/02/13 21:33:29 | 000,000,173 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2011/02/09 17:01:24 | 000,000,355 | ---- | C] () -- C:\WINDOWS\red_dialer.ini
[2011/01/15 10:39:26 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\India\Application Data\wklnhst.dat
[2011/01/09 12:56:17 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2011/01/04 17:46:23 | 000,000,315 | ---- | C] () -- C:\WINDOWS\atomcl.ini
[2010/11/07 16:58:16 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010/11/07 16:18:42 | 000,587,688 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2010/09/15 10:42:34 | 000,157,486 | ---- | C] () -- C:\WINDOWS\hpoins28.dat
[2010/09/15 10:42:34 | 000,000,932 | ---- | C] () -- C:\WINDOWS\hpomdl28.dat
[2010/07/29 19:20:45 | 000,205,312 | ---- | C] () -- C:\Documents and Settings\India\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/07/27 16:01:21 | 000,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.ini
[2010/07/27 16:01:14 | 000,790,528 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2010/07/27 16:01:14 | 000,134,144 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2010/07/27 16:01:13 | 000,108,032 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2010/07/23 22:05:00 | 000,165,376 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2010/07/23 17:21:49 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2010/07/05 02:38:34 | 000,632,056 | ---- | C] () -- C:\WINDOWS\Image.dll
[2010/07/05 02:38:34 | 000,206,208 | ---- | C] () -- C:\WINDOWS\PLFSetI.exe
[2010/07/05 02:38:34 | 000,025,848 | ---- | C] () -- C:\WINDOWS\USB_VIDEO_REG.exe
[2010/07/05 02:38:34 | 000,000,637 | ---- | C] () -- C:\WINDOWS\AutoSetFrequency.ini
[2010/07/05 02:32:26 | 001,766,784 | ---- | C] () -- C:\WINDOWS\System32\drivers\snp2uvc.sys
[2010/07/05 02:32:26 | 000,034,048 | ---- | C] () -- C:\WINDOWS\System32\drivers\sncduvc.sys
[2010/07/05 02:32:26 | 000,030,080 | ---- | C] () -- C:\WINDOWS\snuvcdsm.exe
[2010/07/05 02:32:26 | 000,000,378 | ---- | C] () -- C:\WINDOWS\PidList.ini
[2010/02/25 17:35:24 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2010/02/25 16:34:54 | 000,361,808 | ---- | C] () -- C:\WINDOWS\EMCRI_E.dll
[2010/02/25 16:28:02 | 000,231,056 | ---- | C] () -- C:\WINDOWS\System32\drivers\RTConvEQ.dat
[2010/02/25 16:28:02 | 000,001,352 | ---- | C] () -- C:\WINDOWS\System32\drivers\RtHdatEx.dat
[2010/02/25 16:28:02 | 000,000,712 | ---- | C] () -- C:\WINDOWS\System32\drivers\SamSfPa.dat
[2010/02/25 16:28:02 | 000,000,520 | ---- | C] () -- C:\WINDOWS\System32\drivers\RTEQEX2.dat
[2010/02/25 16:28:02 | 000,000,520 | ---- | C] () -- C:\WINDOWS\System32\drivers\RTEQEX1.dat
[2010/02/25 16:28:02 | 000,000,520 | ---- | C] () -- C:\WINDOWS\System32\drivers\RTEQEX0.dat
[2010/02/25 16:28:02 | 000,000,008 | ---- | C] () -- C:\WINDOWS\System32\drivers\rtkhdaud.dat
[2010/02/25 15:17:32 | 000,032,768 | ---- | C] () -- C:\WINDOWS\AMove.exe
[2010/02/25 15:16:30 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2010/02/25 15:12:58 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2010/02/25 15:12:10 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2010/02/25 14:52:59 | 000,020,480 | ---- | C] () -- C:\WINDOWS\LauncheRyDiscCalc.exe
[2010/02/25 14:52:59 | 000,007,003 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2010/02/25 14:52:39 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2010/02/25 14:52:37 | 000,454,264 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2010/02/25 14:52:37 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2010/02/25 14:52:37 | 000,076,368 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2010/02/25 14:52:37 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2010/02/25 14:52:36 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2010/02/25 14:52:36 | 000,004,524 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2010/02/25 14:52:35 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2010/02/25 14:52:33 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2010/02/25 14:52:33 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2010/02/25 14:52:28 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2010/02/25 14:52:26 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin
[2010/02/25 07:09:18 | 000,004,401 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2010/02/25 07:08:33 | 000,368,096 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2009/09/25 23:58:36 | 002,854,976 | ---- | C] () -- C:\WINDOWS\System32\btwicons.dll
[2009/09/09 18:01:40 | 000,027,675 | ---- | C] () -- C:\WINDOWS\System32\drivers\klopp.dat
[2002/09/18 00:45:00 | 000,119,808 | ---- | C] () -- C:\WINDOWS\lsb_un20.exe
[2001/11/14 13:56:00 | 001,802,240 | ---- | C] () -- C:\WINDOWS\System32\lcppn21.dll

========== Alternate Data Streams ==========

@Alternate Data Stream - 152 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:AB689DEA
@Alternate Data Stream - 144 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5D7E5A8F
@Alternate Data Stream - 139 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:93DE1838
@Alternate Data Stream - 139 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:127BB39D
@Alternate Data Stream - 132 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:4D066AD2
@Alternate Data Stream - 128 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:ABE89FFE
@Alternate Data Stream - 127 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:0B9176C0
@Alternate Data Stream - 125 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:E3C56885
@Alternate Data Stream - 119 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:9DF0785A
@Alternate Data Stream - 118 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:4CF61E54
@Alternate Data Stream - 115 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:C9E1E431

< End of report >

Extras.txt :-




OTL Extras logfile created on: 5/17/2011 8:35:57 PM - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\A
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1,013.00 Mb Total Physical Memory | 597.00 Mb Available Physical Memory | 59.00% Memory free
2.00 Gb Paging File | 2.00 Gb Available in Paging File | 90.00% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 138.05 Gb Total Space | 6.79 Gb Free Space | 4.92% Space Free | Partition Type: NTFS
Drive D: | 122.24 Mb Total Space | 118.06 Mb Free Space | 96.58% Space Free | Partition Type: FAT

Computer Name: ACER-29E9B3877F | User Name: India | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*

[HKEY_CURRENT_USER\SOFTWARE\Classes\]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
http [open] -- Reg Error: Key error.
https [open] -- Reg Error: Key error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- C:\Program Files\VideoLAN\VLC\vlc.exe --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- C:\Program Files\VideoLAN\VLC\vlc.exe --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"FirewallDisableNotify" = 0
"AntiVirusOverride" = 1
"FirewallOverride" = 0
"AntiVirusDisableNotify" = 1
"UpdatesDisableNotify" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring" = 1
"" =

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"10777:UDP" = 10777:UDP:LocalSubNet:Enabled:Passware Kit Enterprise 10.3

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\uTorrent\uTorrent.exe" = C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.)
"C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe
"C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe
"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe" = C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe" = C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe:*:Enabled:hpiscnapp.exe -- (Hewlett-Packard)
"C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe
"C:\Program Files\Common Files\Nokia\Service Layer\A\nsl_host_process.exe" = C:\Program Files\Common Files\Nokia\Service Layer\A\nsl_host_process.exe:*:Enabled:Nokia Service Layer Host Process -- (Nokia Corporation)
"C:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe" = C:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe:*:Enabled:Nokia Ovi Suite 2 -- (Nokia)
"C:\Program Files\Mozilla Firefox\firefox.exe" = C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox -- (Mozilla Corporation)
"C:\Program Files\iWin Games\iWinGames.exe" = C:\Program Files\iWin Games\iWinGames.exe:*:Enabled:iWin Games application. -- (iWin Inc.)
"C:\Program Files\iWin Games\WebUpdater.exe" = C:\Program Files\iWin Games\WebUpdater.exe:*:Enabled:iWin Games updater. -- ()
"C:\Program Files\Acer\Acer VCM\VC.exe" = C:\Program Files\Acer\Acer VCM\VC.exe:*:Enabled:Acer Video Quality Enhancement -- (Acer Incoporated)
"C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" = C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger -- (Yahoo! Inc.)
"C:\Program Files\TeamViewer\Version6\TeamViewer.exe" = C:\Program Files\TeamViewer\Version6\TeamViewer.exe:*:Enabled:Teamviewer Remote Control Application -- (TeamViewer GmbH)
"C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe" = C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe:*:Enabled:Teamviewer Remote Control Service -- (TeamViewer GmbH)
"C:\Documents and Settings\Rashmi\My Documents\tally\Tally7.2\tally72.exe" = C:\Documents and Settings\Rashmi\My Documents\tally\Tally7.2\tally72.exe:*:Enabled:tally72
"c:\program files\relevantknowledge\rlvknlg.exe" = c:\program files\relevantknowledge\rlvknlg.exe:*:Enabled:rlvknlg.exe


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{047F790A-7A2A-4B6A-AD02-38092BA63DAC}" = Acer VCM
"{05AB8EF0-F783-11DF-83AC-001279CD8240}" = Google Earth Plug-in
"{07A540AB-D785-11D5-8E89-0090275862A0}" = Corel Graphics Suite 11
"{0F7C2E47-089E-4d23-B9F7-39BE00100776}" = Toolbox
"{1226B9A5-FBFD-4120-9AED-08CABCDAF3AB}" = Nokia Ovi Player
"{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}" = Microsoft Works
"{15D967B5-A4BE-42AE-9E84-64CD062B25AA}" = eSobi v2
"{178832DE-9DE0-4C87-9F82-9315A9B03985}" = Windows Live Writer
"{18669FF9-C8FE-407a-9F70-E674896B1DB4}" = GPBaseService
"{1AC3BE1A-A59E-48F4-82CB-DF4FBB16990C}" = Passware Kit Enterprise 10.3
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{225DB4AA-3CFF-47E8-B3C8-6DAD713E986E}" = Nokia PC Suite
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26A24AE4-039D-4CA4-87B4-2F83216021FF}" = Java(TM) 6 Update 21
"{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com
"{2FA41EBB-3F5A-35C3-85D6-51EC72A11FBD}" = Google Gears
"{3027FABA-9BF3-4D8B-94FC-896250F6A013}" = VMC PPPoE Dialer
"{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver
"{34E0B96C-427D-4CF7-AEB7-8B23D7BA9074}" = VideoConverter
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{36FDBE6E-6684-462b-AE98-9A39A1B200CC}" = HPProductAssistant
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3C9FC09B-F67E-4866-8F40-3D89D5158E68}" = BCL easyPDF Server 6.3
"{45338B07-A236-4270-9A77-EBB4115517B5}" = Windows Live Sign-in Assistant
"{45DF6D99-666D-41FA-8D62-0E183B6240F3}" = PC Connectivity Solution
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4D9C7DA3-D532-432D-A556-5F6CD186B0A5}" = DJ_AIO_03_F4200_ProductContext
"{5545EEE1-FA36-4F76-B6BE-5696E7F4E2D6}" = VBA (2627.01)
"{62653245-3DC5-4019-AF6B-4E62D6150D9E}" = F4200_Help
"{6412CECE-8172-4BE5-935B-6CECACD2CA87}" = Windows Live Mail
"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder
"{67DFCE0D-BBA9-43AC-90B3-548390ECE522}" = F4200
"{68301905-2DEA-41CE-A4D4-E8B443B099BA}" = MyWinLocker
"{687FEF8A-8597-40b4-832C-297EA3F35817}" = BufferChm
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{749A1EDD-16C2-4C63-B013-D38F0F953973}" = OviMPlatform
"{74EB6CD5-DD4F-4DC4-9FE5-22E98C679AE0}" = Premium Calculator .Net
"{7760D94E-B1B5-40A0-9AA0-ABF942108755}" = Acer Crystal Eye Webcam
"{7E20EFE6-E604-48C6-8B39-BA4742F2CDB4}" = Zune Desktop Theme
"{7F811A54-5A09-4579-90E1-C93498E230D9}" = Acer eRecovery Management
"{81128EE8-8EAD-4DB0-85C6-17C2CE50FF71}" = Windows Live Essentials
"{8112C6B3-91E1-4560-8AB9-876DADFA37C5}" = Ovi Desktop Sync Engine
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110209593}" = Chicken Invaders 2
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110551697}" = Granny In Paradise
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112662477}" = Merriam Websters Spell Jam
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113786380}" = Heroes of Hellas
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113832110}" = Dream Day First Home
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115053100}" = Dairy Dash
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115208410}" = First Class Flurry
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11531173}" = Farm Frenzy 2
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{84814E6B-2581-46EC-926A-823BD1C670F6}" = WIDCOMM Bluetooth Software
"{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}" = Windows Live Sync
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A85DEAD-7C1F-4368-881C-72AC74CB2E91}" = UnloadSupport
"{8ed9688e-4f79-4308-91ca-f1c37ca142b4}_is1" = Acer GameZone Console
"{8F651796-EC48-4A33-87D9-6866D3022052}" = Nokia Connectivity Cable Driver
"{90120000-0010-0409-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (English) 12
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{943B6738-4801-4982-90EC-0442EF7AEB16}" = Kaspersky Anti-Virus 2010
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9DBCE8C7-FE94-4D8F-9FF0-38EF3D8BC99E}" = DJ_AIO_03_F4200_Software
"{A11409F1-CD33-4076-85CB-4EE4A8439BFE}" = Scan
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A5AB9D5E-52E2-440e-A3ED-9512E253C81A}" = SolutionCenter
"{A85FD55B-891B-4314-97A5-EA96C0BD80B5}" = Windows Live Messenger
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-FFFF-7B44-A91000000001}" = Adobe Reader 9.1 MUI
"{AE9A67F9-ADF1-4a44-BAB5-C1DB302B37A2}" = HP Deskjet F4200 All-In-One Driver Software 10.0 Rel .3
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{B29B526D-F027-4122-BC7A-D9E5BC86CC40}" = DJ_AIO_03_F4200_Software_Min
"{B8B4446F-87E1-4423-A47A-16832C24A199}" = Nokia Ovi Suite
"{B8DBED1E-8BC3-4d08-B94A-F9D7D88E9BBF}" = HPSSupply
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C57BCDE1-7CB9-467D-B3BA-7E119916CDC1}" = Norton Online Backup
"{C9E4932C-8417-4E4C-A0E3-EE534810AB4D}" = ClearType Tuning Control Panel Applet
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CCB9B81A-167F-4832-B305-D2A0430840B3}" = WebReg
"{CD95D125-2992-4858-B3EF-5F6FB52FBAD6}" = Skype Toolbars
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D6C75F0B-3BC1-4FC9-B8C5-3F7E8ED059CA}" = Windows Live Photo Gallery
"{E0B19DF7-B1C7-4937-82C4-0E4B1E346965}" = eBay Worldwide
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
"{E4423F16-0E98-4855-BFF4-3EF016C55D67}" = Nokia_Multimedia_Common_Components_2_5
"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant
"{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.1
"{EE171732-BEB4-4576-887D-CB62727F01CA}" = Acer Updater
"{EE5B5B24-EEFC-4C8B-BF8B-256D705BAD89}" = Nokia Ovi Suite Software Updater
"{F042F206-13CF-43DB-BDF5-FFFE46357E5A}" = 3G USB Modem
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F1E63043-54FC-429B-AB2C-31AF9FBA4BC7}" = 32 Bit HP CIO Components Installer
"{F6BD194C-4190-4D73-B1B1-C48C99921BFE}" = Windows Live Call
"{FC9B811E-39BC-4813-9E29-B83CCF700010}" = WebCam
"2127ABE5E1966BDA60C24138AD02D2431C7A6FAA" = ENE USB Card Reader Driver
"34EA302E7F4CBD17A19E33BBCB72363234956D7E" = Windows Driver Package - Nokia Modem (06/09/2010 4.5)
"504244733D18C8F63FF584AEB290E3904E791693" = Windows Driver Package - Nokia pccsmcfd (08/22/2008 7.0.0.0)
"Acer Screensaver" = Acer ScreenSaver
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Celestia_is1" = Celestia 1.6.0
"DiskCleaner" = Disk Cleaner (remove only)
"EEEE705096F837B7907659F100C9FE6DA001970F" = Windows Driver Package - Nokia Modem (06/09/2010 7.01.0.7)
"ENTERPRISE" = Microsoft Office Enterprise 2007
"foobar2000" = foobar2000 v1.1.1
"Foxit PDF Editor" = Foxit PDF Editor
"GTA San Andreas" = GTA San Andreas
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"House MD1.0" = House MD
"HP Solution Center & Imaging Support Tools" = HP Solution Center 10.0
"Huawei Access Manager" = Huawei Access Manager
"Identity Card" = Identity Card
"ie8" = Windows Internet Explorer 8
"InstallShield_{15D967B5-A4BE-42AE-9E84-64CD062B25AA}" = eSobi v2
"InstallShield_{F042F206-13CF-43DB-BDF5-FFFE46357E5A}" = 3G USB Modem
"InstallWIX_{943B6738-4801-4982-90EC-0442EF7AEB16}" = Kaspersky Anti-Virus 2010
"Internet Download Manager" = Internet Download Manager
"iWinArcade" = iWin Games (remove only)
"KLiteCodecPack_is1" = K-Lite Codec Pack 6.2.0 (Full)
"LManager" = Launch Manager
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox 4.0 (x86 en-US)" = Mozilla Firefox 4.0 (x86 en-US)
"Mozilla Thunderbird (3.1.7)" = Mozilla Thunderbird (3.1.7)
"MSNINST" = MSN
"MSTTS" = Microsoft Text-to-Speech Engine 4.0 (English)
"Nokia Ovi Suite" = Nokia Ovi Suite
"Nokia PC Suite" = Nokia PC Suite
"Screen Clock (demo version)_is1" = Screen Clock version 2.5
"Shop for HP Supplies" = Shop for HP Supplies
"Stickies 6.7a" = Stickies 6.7a
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"TeamViewer 6" = TeamViewer 6
"Temp Cleaner" = Temp Cleaner
"uTorrent" = µTorrent
"VLC media player" = VideoLAN VLC media player 0.8.6a
"Winamp" = Winamp
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 10
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR archiver
"Yahoo! Companion" = Yahoo! Toolbar
"Yahoo! Messenger" = Yahoo! Messenger
"Yahoo! Software Update" = Yahoo! Software Update

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
"Winamp Detect" = Winamp Detector Plug-in

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 4/25/2011 2:41:10 PM | Computer Name = ACER-29E9B3877F | Source = Application Error | ID = 1000
Description = Faulting application explorer.exe, version 6.0.2900.5512, faulting
module ffdshow.ax, version 1.1.3509.0, fault address 0x0026936c.

Error - 4/25/2011 2:42:13 PM | Computer Name = ACER-29E9B3877F | Source = Application Error | ID = 1000
Description = Faulting application explorer.exe, version 6.0.2900.5512, faulting
module ffdshow.ax, version 1.1.3509.0, fault address 0x0026936c.

Error - 4/25/2011 10:50:54 PM | Computer Name = ACER-29E9B3877F | Source = MsiInstaller | ID = 11706
Description = Product: SolutionCenter -- Error 1706. An installation package for
the product SolutionCenter cannot be found. Try the installation again using a
valid copy of the installation package 'SolutionCenter.msi'.

Error - 4/29/2011 6:33:45 AM | Computer Name = ACER-29E9B3877F | Source = Application Error | ID = 1000
Description = Faulting application explorer.exe, version 6.0.2900.5512, faulting
module ffdshow.ax, version 1.1.3509.0, fault address 0x0026936c.

Error - 4/30/2011 4:04:47 PM | Computer Name = ACER-29E9B3877F | Source = Application Error | ID = 1000
Description = Faulting application mediainfo.exe, version 0.0.0.0, faulting module
kernel32.dll, version 5.1.2600.5781, fault address 0x00012afb.

Error - 5/1/2011 10:08:19 AM | Computer Name = ACER-29E9B3877F | Source = EventSystem | ID = 4609
Description = The COM+ Event System detected a bad return code during its internal
processing. HRESULT was 800706BA from line 44 of d:\comxp_sp3\com\com1x\src\events\tier1\eventsystemobj.cpp.
Please contact Microsoft Product Support Services to report this erro

Error - 5/1/2011 10:45:08 AM | Computer Name = ACER-29E9B3877F | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from:
with error: The server name or address could not be resolved

Error - 5/3/2011 11:16:26 PM | Computer Name = ACER-29E9B3877F | Source = Application Error | ID = 1000
Description = Faulting application winrar.exe, version 3.90.0.0, faulting module
winrar.exe, version 3.90.0.0, fault address 0x00007082.

Error - 5/5/2011 10:12:13 PM | Computer Name = ACER-29E9B3877F | Source = Application Error | ID = 1000
Description = Faulting application rundll32.exe, version 5.1.2600.5512, faulting
module hotplug.dll, version 5.1.2600.5512, fault address 0x000054b2.

Error - 5/5/2011 10:15:08 PM | Computer Name = ACER-29E9B3877F | Source = EventSystem | ID = 4609
Description = The COM+ Event System detected a bad return code during its internal
processing. HRESULT was 800706BA from line 44 of d:\comxp_sp3\com\com1x\src\events\tier1\eventsystemobj.cpp.
Please contact Microsoft Product Support Services to report this erro

[ OSession Events ]
Error - 11/30/2010 3:00:47 AM | Computer Name = ACER-29E9B3877F | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6425.1000, Microsoft Office Version: 12.0.6425.1000. This session lasted 140
seconds with 60 seconds of active time. This session ended with a crash.

Error - 12/10/2010 1:11:21 AM | Computer Name = ACER-29E9B3877F | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6425.1000, Microsoft Office Version: 12.0.6425.1000. This session lasted 46
seconds with 0 seconds of active time. This session ended with a crash.

Error - 12/13/2010 9:24:17 PM | Computer Name = ACER-29E9B3877F | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.6425.1000. This session lasted 110805
seconds with 2400 seconds of active time. This session ended with a crash.

Error - 12/14/2010 9:14:39 PM | Computer Name = ACER-29E9B3877F | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.6425.1000. This session lasted 72346
seconds with 3000 seconds of active time. This session ended with a crash.

Error - 12/16/2010 9:43:58 AM | Computer Name = ACER-29E9B3877F | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.6425.1000. This session lasted 33
seconds with 0 seconds of active time. This session ended with a crash.

Error - 12/16/2010 9:44:40 AM | Computer Name = ACER-29E9B3877F | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.6425.1000. This session lasted 18
seconds with 0 seconds of active time. This session ended with a crash.

Error - 12/16/2010 10:49:35 AM | Computer Name = ACER-29E9B3877F | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.6425.1000. This session lasted 876
seconds with 240 seconds of active time. This session ended with a crash.

Error - 12/16/2010 10:50:53 AM | Computer Name = ACER-29E9B3877F | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.6425.1000. This session lasted 71
seconds with 60 seconds of active time. This session ended with a crash.

Error - 12/27/2010 11:20:26 AM | Computer Name = ACER-29E9B3877F | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.6425.1000. This session lasted 11588
seconds with 0 seconds of active time. This session ended with a crash.

Error - 4/28/2011 4:02:04 AM | Computer Name = ACER-29E9B3877F | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.6425.1000. This session lasted 20512
seconds with 120 seconds of active time. This session ended with a crash.

[ System Events ]
Error - 5/17/2011 10:00:18 AM | Computer Name = ACER-29E9B3877F | Source = Service Control Manager | ID = 7034
Description = The Raw Socket Service service terminated unexpectedly. It has done
this 1 time(s).

Error - 5/17/2011 10:13:03 AM | Computer Name = ACER-29E9B3877F | Source = Service Control Manager | ID = 7034
Description = The TCP/IP NetBIOS Helper service terminated unexpectedly. It has
done this 1 time(s).

Error - 5/17/2011 10:13:03 AM | Computer Name = ACER-29E9B3877F | Source = Service Control Manager | ID = 7034
Description = The SSDP Discovery Service service terminated unexpectedly. It has
done this 1 time(s).

Error - 5/17/2011 10:13:05 AM | Computer Name = ACER-29E9B3877F | Source = Service Control Manager | ID = 7034
Description = The WebClient service terminated unexpectedly. It has done this 1
time(s).

Error - 5/17/2011 10:17:44 AM | Computer Name = ACER-29E9B3877F | Source = Service Control Manager | ID = 7034
Description = The Net Driver HPZ12 service terminated unexpectedly. It has done
this 1 time(s).

Error - 5/17/2011 10:27:42 AM | Computer Name = ACER-29E9B3877F | Source = Service Control Manager | ID = 7034
Description = The Application Layer Gateway Service service terminated unexpectedly.
It has done this 1 time(s).

Error - 5/17/2011 10:51:51 AM | Computer Name = ACER-29E9B3877F | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service StiSvc with
arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}

Error - 5/17/2011 10:51:51 AM | Computer Name = ACER-29E9B3877F | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service StiSvc with
arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}

Error - 5/17/2011 10:52:01 AM | Computer Name = ACER-29E9B3877F | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service EventSystem
with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}

Error - 5/17/2011 10:53:07 AM | Computer Name = ACER-29E9B3877F | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
Fips intelppm kl1 KLIF mwlPSDFilter mwlPSDNServ mwlPSDVDisk SASDIFSV SASKUTIL


< End of report >

What now??

I did a lot research before posting, and this is not a "virut" infection as i already have ran its removal tool.

You were close though. This infection is an aweful lot like Virut, it's called Rammnit, but it does the same thing. This system can't be saved.

Attention: Your computer is severely infected with Win32\Rammnit what is now called, a cocktail infection. This is an infection that is comprised of many different types of viruses and other malware, to damage your computer, and use it as a zombie for its backdoor network. In other words, your computer is under control of a hacker, and regaining control is now next to impossible.

The first component is a backdoor trojan, which is a type of trojan that communicates with a hacker: to transfer personal information about you, use your computer to help perform a denial-of-service attack, redirect your internet searches in order to make money off of your browsing habits, and can be a keylogger to steal personal identifiable information to help rob your identity.

The second component is a rootkit, which is a type of malware to take control over your computer at administrator access, having full permission to modify all of your device drivers, and allowing itself to hide all the malware on the system. In other words, it is a hackers way of taking control of your computer, and hiding in the dark at the same time. This is a prime initiative of hackers to help keep access to your computer, robbing all of your personal information, and using your computer to send spam across the internet.

The third component is a file infector, which is a type of virus to purposely damage as many files as possible, in order to keep control of your system, so you have as little access as possible.

Not only has your system been compromised severely, it is also highly damaged, and if you do not commit to my suggested removal method below, then your computer may not function anymore.

If you do any banking or other financial transactions on the PC or if it should contain any other sensitive information, please get to a known clean computer and change all passwords where applicable. Do NOT change passwords or do any transactions while using the infected computer because the attacker may get the new passwords and transaction information. (If using a router, you need to reset it with a strong logon/password so the malware cannot gain control before connecting again.) Banking and credit card institutions should be notified to apprise them of your situation (possible security breach). To protect your information that may have been compromised, I recommend reading these references:

• How Do I Handle Possible Identify Theft, Internet Fraud and CC Fraud?
  
• What Should I Do If I've Become A Victim Of Identity Theft?
  
• Identity Theft Victims Guide - What to do
  

Removal method:

It is recommended to do a reformat and reinstall of your operating system. The experts in the Advanced Malware Analysts security community believe that once infected with such a piece of malware, the best course of action would be a reformat and clean reinstall of the OS. This is something I don't like to recommend normally, but in most cases it is the best solution for your safety.

I recommend the following articles to read:

• When should I re-format? How should I reinstall?
  
• Help: I Got Hacked. Now What Do I Do?
  
• Help: I Got Hacked. Now What Do I Do? Part II
  
• Where to draw the line? When to recommend a format and reinstall?
  

Guides for format and reinstall:

How to reformat and reinstall your Operating System

How to reformat and reinstall your Operating System - the easy way

Please let me know what you have decided to do in your next post. Should you have any questions, please feel free to ask.