OTL logfile created on: 06-02-2013 13:54:49 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\rajeev\Downloads
 Ultimate Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00004009 | Country: India | Language: ENN | Date Format: dd-MM-yyyy
 
2.30 Gb Total Physical Memory | 1.46 Gb Available Physical Memory | 63.33% Memory free
6.91 Gb Paging File | 5.60 Gb Available in Paging File | 81.05% Paging File free
Paging file location(s): d:\pagefile.sys 0 0e:\pagefile.sys 0 0 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 48.73 Gb Total Space | 27.46 Gb Free Space | 56.36% Space Free | Partition Type: NTFS
Drive D: | 136.71 Gb Total Space | 46.39 Gb Free Space | 33.93% Space Free | Partition Type: NTFS
Drive E: | 112.54 Gb Total Space | 74.53 Gb Free Space | 66.23% Space Free | Partition Type: NTFS
Drive H: | 11.87 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
 
Computer Name: RAJEEV-PC | User Name: rajeev | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
[color=#E56717]========== Processes (SafeList) ==========[/color]
 
PRC - [2013-02-06 13:53:01 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\rajeev\Downloads\OTL.exe
PRC - [2013-01-30 22:02:09 | 001,808,392 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_11_5_502_146.exe
PRC - [2012-09-05 21:27:26 | 000,271,808 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee Security Scan\3.0.285\SSScheduler.exe
PRC - [2012-02-16 20:25:34 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2011-11-15 09:20:22 | 000,312,376 | ---- | M] (Power Software Ltd) -- C:\Program Files\PowerISO\PWRISOVM.EXE
PRC - [2011-11-07 13:56:14 | 000,025,472 | ---- | M] (Uniblue Systems Limited) -- C:\Program Files\Uniblue\RegistryBooster\rbmonitor.exe
PRC - [2011-09-03 15:28:02 | 000,536,576 | ---- | M] () -- C:\Program Files\Mobile Broadband\Mobile Broadband.exe
PRC - [2010-11-02 22:06:06 | 000,365,336 | ---- | M] (Kaspersky Lab ZAO) -- C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2011\avp.exe
PRC - [2010-09-27 09:37:24 | 004,180,576 | ---- | M] (SafeNet Inc.) -- C:\Windows\System32\hasplms.exe
PRC - [2009-07-14 06:44:42 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2009-07-14 06:44:21 | 000,013,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\inetsrv\inetinfo.exe
PRC - [2009-07-14 06:44:20 | 002,613,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009-07-14 06:44:12 | 000,100,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\audiodg.exe
PRC - [2008-07-25 12:18:36 | 000,062,912 | ---- | M] (CANON INC.) -- C:\Windows\System32\CNAB6RPK.EXE
PRC - [2008-06-03 14:35:37 | 000,351,000 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Student\Microsoft Student with Encarta Premium 2009 DVD\EDICT.EXE
 
 
[color=#E56717]========== Modules (No Company Name) ==========[/color]
 
MOD - [2013-01-30 22:02:09 | 014,586,888 | ---- | M] () -- C:\Windows\System32\Macromed\Flash\NPSWF32_11_5_502_146.dll
MOD - [2012-02-16 20:25:34 | 001,911,768 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2011-09-03 15:28:02 | 000,536,576 | ---- | M] () -- C:\Program Files\Mobile Broadband\Mobile Broadband.exe
MOD - [2010-01-21 01:34:10 | 008,793,952 | ---- | M] () -- C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
MOD - [2010-01-09 20:18:18 | 004,254,560 | ---- | M] () -- C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
MOD - [2010-01-05 10:37:26 | 000,991,232 | R--- | M] () -- C:\Program Files\Mobile Broadband\NDISAPI.dll
MOD - [2010-01-05 10:37:26 | 000,598,016 | R--- | M] () -- C:\Program Files\Mobile Broadband\atcomm.dll
MOD - [2010-01-05 10:37:26 | 000,229,376 | R--- | M] () -- C:\Program Files\Mobile Broadband\DeviceMgrUIPlugin.dll
MOD - [2010-01-05 10:37:26 | 000,167,936 | R--- | M] () -- C:\Program Files\Mobile Broadband\DetectDev.dll
MOD - [2010-01-05 10:37:26 | 000,163,840 | R--- | M] () -- C:\Program Files\Mobile Broadband\SMSPlugin.dll
MOD - [2010-01-05 10:37:26 | 000,151,552 | R--- | M] () -- C:\Program Files\Mobile Broadband\NetInfoPlugin.dll
MOD - [2010-01-05 10:37:26 | 000,143,360 | R--- | M] () -- C:\Program Files\Mobile Broadband\LocaleMgrPlugin.dll
MOD - [2010-01-05 10:37:26 | 000,114,688 | R--- | M] () -- C:\Program Files\Mobile Broadband\DeviceMgrPlugin.dll
MOD - [2010-01-05 10:37:26 | 000,090,112 | R--- | M] () -- C:\Program Files\Mobile Broadband\FileManager.dll
MOD - [2010-01-05 10:37:26 | 000,090,112 | R--- | M] () -- C:\Program Files\Mobile Broadband\DialUpPlugin.dll
MOD - [2010-01-05 10:37:26 | 000,073,728 | R--- | M] () -- C:\Program Files\Mobile Broadband\CallPlugin.dll
MOD - [2010-01-05 10:37:26 | 000,061,440 | R--- | M] () -- C:\Program Files\Mobile Broadband\XCodec.dll
MOD - [2010-01-05 10:37:26 | 000,061,440 | R--- | M] () -- C:\Program Files\Mobile Broadband\DeviceOperate.dll
MOD - [2010-01-05 10:37:26 | 000,061,440 | R--- | M] () -- C:\Program Files\Mobile Broadband\ConfigFilePlugin.dll
MOD - [2010-01-05 10:37:26 | 000,032,768 | R--- | M] () -- C:\Program Files\Mobile Broadband\NotifyServicePlugin.dll
MOD - [2010-01-05 10:37:26 | 000,014,848 | R--- | M] () -- C:\Program Files\Mobile Broadband\isaputrace.dll
MOD - [2008-06-03 14:36:14 | 000,351,000 | ---- | M] () -- C:\Program Files\Common Files\microsoft shared\Reference 2009\MSENCXML.DLL
MOD - [2008-06-03 14:36:14 | 000,269,080 | ---- | M] () -- C:\Program Files\Common Files\microsoft shared\Reference 2009\ERSREGPR.DLL
MOD - [2008-06-03 14:36:14 | 000,228,120 | ---- | M] () -- C:\Program Files\Common Files\microsoft shared\Reference 2009\MSENCDAT.DLL
MOD - [2008-06-03 14:36:14 | 000,178,968 | ---- | M] () -- C:\Program Files\Common Files\microsoft shared\Reference 2009\ENCCONT.DLL
MOD - [2008-06-03 14:35:37 | 000,068,376 | ---- | M] () -- C:\Program Files\Microsoft Student\Microsoft Student with Encarta Premium 2009 DVD\EDICTEIT.EBK
 
 
[color=#E56717]========== Services (SafeList) ==========[/color]
 
SRV - [2012-09-05 21:26:44 | 000,234,776 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee Security Scan\3.0.285\McCHSvc.exe -- (McComponentHostService)
SRV - [2012-06-30 19:11:34 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2010-11-02 22:06:06 | 000,365,336 | ---- | M] (Kaspersky Lab ZAO) [Auto | Running] -- C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2011\avp.exe -- (AVP)
SRV - [2010-09-27 09:37:24 | 004,180,576 | ---- | M] (SafeNet Inc.) [Auto | Running] -- C:\Windows\System32\hasplms.exe -- (hasplms)
SRV - [2010-01-21 17:51:12 | 030,963,576 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE -- (Microsoft SharePoint Workspace Audit Service)
SRV - [2009-07-14 06:46:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009-07-14 06:46:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009-07-14 06:45:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2009-07-14 06:45:31 | 000,396,288 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\inetsrv\iisw3adm.dll -- (WAS)
SRV - [2009-07-14 06:45:31 | 000,396,288 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\inetsrv\iisw3adm.dll -- (W3SVC)
SRV - [2009-07-14 06:44:53 | 000,061,440 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\inetsrv\apphostsvc.dll -- (AppHostSvc)
SRV - [2009-07-14 06:44:48 | 000,009,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\inetsrv\WMSvc.exe -- (WMSVC)
SRV - [2009-07-14 06:44:21 | 000,013,824 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\inetsrv\inetinfo.exe -- (IISADMIN)
SRV - [2006-11-04 03:04:00 | 000,060,416 | ---- | M] () [On_Demand | Stopped] -- C:\Windows\System32\opcenum.exe -- (OpcEnum)
 
 
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
 
DRV - [2012-06-18 13:05:59 | 000,488,536 | ---- | M] (Kaspersky Lab) [File_System | System | Running] -- C:\Windows\System32\drivers\klif.sys -- (KLIF)
DRV - [2011-11-15 09:20:16 | 000,112,096 | ---- | M] (Power Software Ltd) [Kernel | System | Running] -- C:\Windows\System32\drivers\scdemu.sys -- (SCDEmu)
DRV - [2010-09-27 14:24:50 | 000,356,864 | ---- | M] (SafeNet Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\aksfridge.sys -- (aksfridge)
DRV - [2010-06-09 16:43:52 | 000,011,352 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\System32\drivers\kl2.sys -- (kl2)
DRV - [2010-06-09 16:43:50 | 000,132,184 | ---- | M] (Kaspersky Lab ZAO) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\kl1.sys -- (KL1)
DRV - [2010-04-22 18:07:34 | 000,022,104 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\System32\drivers\klim6.sys -- (KLIM6)
DRV - [2010-01-05 10:37:28 | 000,198,656 | R--- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ewusbnet.sys -- (ewusbnet)
DRV - [2010-01-05 10:37:28 | 000,102,912 | R--- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ewusbmdm.sys -- (hwdatacard)
DRV - [2010-01-05 10:37:28 | 000,101,120 | R--- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ewusbdev.sys -- (hwusbdev)
DRV - [2009-12-09 22:27:18 | 000,588,800 | ---- | M] (SafeNet Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\hardlock.sys -- (hardlock)
DRV - [2009-11-02 19:27:16 | 000,019,984 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\klmouflt.sys -- (klmouflt)
DRV - [2009-10-26 02:16:40 | 000,200,192 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\IntcDAud.sys -- (IntcDAud)
DRV - [2009-10-26 02:16:40 | 000,125,056 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Impcd.sys -- (Impcd)
DRV - [2009-09-17 10:24:14 | 000,041,088 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HECI.sys -- (HECI)
DRV - [2009-08-07 15:48:28 | 000,212,528 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Apfiltr.sys -- (ApfiltrService)
DRV - [2009-07-14 06:49:10 | 000,175,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus)
DRV - [2009-07-14 06:49:10 | 000,040,896 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
DRV - [2009-07-14 06:49:10 | 000,028,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc)
DRV - [2009-07-14 05:22:10 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vwifimp.sys -- (vwifimp)
DRV - [2009-07-14 05:21:11 | 000,034,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2009-07-14 04:58:47 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap)
DRV - [2009-07-14 04:58:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2009-07-14 03:32:46 | 001,096,704 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2009-06-07 00:36:40 | 000,273,448 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\k57nd60x.sys -- (k57nd60x)
 
 
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== Internet Explorer ==========[/color]
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.maxiwe.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.maxiwe.com
IE - HKLM\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = http://dts.search-results.com/sr?src=ieb&appid=390&systemid=406&sr=0&q={searchTerms}
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.maxiwe.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.maxiwe.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://in.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-in
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0D 93 0A 62 E9 3A CD 01  [binary data]
IE - HKCU\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylon.com/?q={searchTerms}&affID=112555&tt=010712_5&babsrc=SP_ss&mntrId=f21bae25000000000000001e101fb45e
IE - HKCU\..\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}: "URL" = http://tbsearch.ask.com/redirect?client=ie&tb=BT3&o=&src=crm&q={searchTerms}&locale=
IE - HKCU\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = http://dts.search-results.com/sr?src=ieb&appid=390&systemid=406&sr=0&q={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
[color=#E56717]========== FireFox ==========[/color]
 
FF - prefs.js..browser.search.defaultenginename: "Search Results"
FF - prefs.js..browser.search.order.1: "Search Results"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "http://www.searchnu.com/406"
FF - prefs.js..keyword.URL: "http://dts.search-results.com/sr?src=ffb&appid=390&systemid=406&sr=0&q="
FF - prefs.js..network.proxy.type: 0
 
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_5_502_146.dll ()
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\virtualKeyboard@kaspersky.ru: C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2011\FFExt\virtualKeyboard@kaspersky.ru [2012-06-20 08:12:03 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\linkfilter@kaspersky.ru: C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2011\FFExt\linkfilter@kaspersky.ru [2012-06-20 08:12:03 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012-07-10 19:56:13 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
 
[2012-08-20 12:36:39 | 000,000,000 | ---D | M] (No name found) -- C:\Users\rajeev\AppData\Roaming\Mozilla\Extensions
[2012-11-04 09:31:26 | 000,000,000 | ---D | M] (No name found) -- C:\Users\rajeev\AppData\Roaming\Mozilla\Firefox\Profiles\v4t8a4du.default\extensions
[2009-07-10 17:26:08 | 000,002,257 | ---- | M] () -- C:\Users\rajeev\AppData\Roaming\Mozilla\Firefox\Profiles\v4t8a4du.default\searchplugins\askcom.xml
[2012-08-20 12:19:04 | 000,002,519 | ---- | M] () -- C:\Users\rajeev\AppData\Roaming\Mozilla\Firefox\Profiles\v4t8a4du.default\searchplugins\Search_Results.xml
[2012-08-20 12:36:39 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012-06-18 13:07:25 | 000,000,000 | ---D | M] (Kaspersky URL Advisor) -- C:\Program Files\Mozilla Firefox\extensions\linkfilter@kaspersky.ru_bak
[2012-02-16 20:25:34 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012-02-16 16:38:43 | 000,001,538 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-en-GB.xml
[2012-07-10 19:48:06 | 000,002,351 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\babylon.xml
[2012-02-16 16:18:01 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012-02-16 16:38:43 | 000,000,947 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\chambers-en-GB.xml
[2012-02-16 16:38:43 | 000,001,180 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-en-GB.xml
[2012-08-20 12:19:04 | 000,002,519 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\Search_Results.xml
[2012-02-16 16:38:43 | 000,001,135 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-en-GB.xml
 
O1 HOSTS File: ([2009-06-11 03:09:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2011\ievkbd.dll (Kaspersky Lab ZAO)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - Reg Error: Value error. File not found
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2011\klwtbbho.dll (Kaspersky Lab ZAO)
O3 - HKLM\..\Toolbar: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - Reg Error: Value error. File not found
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O4 - HKLM..\Run: [AutoKMS] C:\Windows\AutoKMS.exe ()
O4 - HKLM..\Run: [AVP] C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2011\avp.exe (Kaspersky Lab ZAO)
O4 - HKLM..\Run: [BCSSync] C:\Program Files\Microsoft Office\Office14\BCSSync.exe (Microsoft Corporation)
O4 - HKLM..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE (Power Software Ltd)
O4 - HKCU..\Run: [L09AXLRD_2625325] C:\Program Files\Microsoft Student\Microsoft Student with Encarta Premium 2009 DVD\EDICT.EXE (Microsoft Corporation)
O4 - HKCU..\Run: [RegistryBooster] C:\Program Files\Uniblue\RegistryBooster\launcher.exe (Uniblue Systems Limited)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: &Virtual Keyboard - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2011\klwtbbho.dll (Kaspersky Lab ZAO)
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: URLs c&heck - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2011\klwtbbho.dll (Kaspersky Lab ZAO)
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{16F94E12-94ED-4E8B-B6B1-012AAF772CAC}: NameServer = 59.144.127.117 59.144.144.100
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{54E73A04-6B6E-4867-85AF-C20E3AC57D73}: NameServer = 59.144.127.117 59.144.144.100
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{78B31252-EDB0-4A2C-9FCE-B950B3A110FE}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{ACE20B12-DB07-4A6B-A665-6B5A8B207579}: NameServer = 59.144.127.117 59.144.144.100
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - Winlogon\Notify\klogon: DllName - (C:\Windows\system32\klogon.dll) - C:\Windows\System32\klogon.dll (Kaspersky Lab ZAO)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009-06-11 03:12:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2011-07-05 13:11:04 | 000,000,059 | R--- | M] () - H:\AUTORUN.INF -- [ CDFS ]
O33 - MountPoints2\{357177c8-a673-11e1-84ce-705ab6339196}\Shell - "" = AutoRun
O33 - MountPoints2\{357177c8-a673-11e1-84ce-705ab6339196}\Shell\AutoRun\command - "" = G:\DataCard_Setup.exe
O33 - MountPoints2\{52ff19ff-a725-11e1-ad9a-001e101fe5e1}\Shell - "" = AutoRun
O33 - MountPoints2\{52ff19ff-a725-11e1-ad9a-001e101fe5e1}\Shell\AutoRun\command - "" = H:\DataCard_Setup.exe -- [2010-04-10 07:30:00 | 000,143,360 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\{655266c6-a6d7-11e1-8ff4-705ab6339196}\Shell - "" = AutoRun
O33 - MountPoints2\{655266c6-a6d7-11e1-8ff4-705ab6339196}\Shell\AutoRun\command - "" = G:\DataCard_Setup.exe
O33 - MountPoints2\{655266d7-a6d7-11e1-8ff4-705ab6339196}\Shell - "" = AutoRun
O33 - MountPoints2\{655266d7-a6d7-11e1-8ff4-705ab6339196}\Shell\AutoRun\command - "" = H:\DataCard_Setup.exe -- [2010-04-10 07:30:00 | 000,143,360 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\{cf34ed02-a407-11e1-8f7f-999e73712689}\Shell - "" = AutoRun
O33 - MountPoints2\{cf34ed02-a407-11e1-8f7f-999e73712689}\Shell\AutoRun\command - "" = H:\DataCard_Setup.exe -- [2010-04-10 07:30:00 | 000,143,360 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\{cf3e3f4e-a7af-11e1-9416-705ab6339196}\Shell - "" = AutoRun
O33 - MountPoints2\{cf3e3f4e-a7af-11e1-9416-705ab6339196}\Shell\AutoRun\command - "" = H:\DataCard_Setup.exe -- [2010-04-10 07:30:00 | 000,143,360 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\{defd3d91-a40a-11e1-b52e-705ab6339196}\Shell - "" = AutoRun
O33 - MountPoints2\{defd3d91-a40a-11e1-b52e-705ab6339196}\Shell\AutoRun\command - "" = H:\DataCard_Setup.exe -- [2010-04-10 07:30:00 | 000,143,360 | R--- | M] (Huawei Technologies Co., Ltd.)
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
 
[2013-02-05 07:14:55 | 000,000,000 | ---D | C] -- C:\Users\rajeev\AppData\Local\Temp
[2013-02-05 07:14:27 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2013-02-04 17:57:16 | 000,000,000 | ---D | C] -- C:\Users\rajeev\Desktop\BSC NOTES
[2013-02-03 23:14:29 | 000,000,000 | ---D | C] -- C:\Users\rajeev\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\YouTube Downloader
[2013-02-03 23:14:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YouTube Downloader
[2013-02-03 23:14:28 | 000,000,000 | ---D | C] -- C:\Program Files\YouTube Downloader
[2013-01-31 18:13:58 | 000,000,000 | ---D | C] -- C:\Users\rajeev\AppData\Roaming\Macromedia
[2013-01-31 18:13:58 | 000,000,000 | ---D | C] -- C:\Users\rajeev\AppData\Local\Macromedia
[2013-01-30 22:02:24 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee Security Scan
[2013-01-30 22:02:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
[2013-01-30 22:02:14 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee
[2013-01-30 22:02:13 | 000,000,000 | ---D | C] -- C:\Program Files\McAfee Security Scan
[2013-01-30 22:02:08 | 000,000,000 | ---D | C] -- C:\Windows\System32\Macromed
 
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
 
[2013-02-06 13:34:20 | 000,690,434 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013-02-06 13:34:20 | 000,131,986 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2013-02-06 13:28:11 | 000,000,334 | ---- | M] () -- C:\Windows\tasks\RegistryBooster.job
[2013-02-06 13:27:53 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013-02-06 13:27:47 | 1854,959,616 | -HS- | M] () -- C:\hiberfil.sys
[2013-02-04 22:51:25 | 000,000,090 | ---- | M] () -- C:\0.bak
[2013-02-04 18:00:04 | 000,000,446 | ---- | M] () -- C:\Windows\tasks\ParetoLogic Registration3.job
[2013-02-03 23:14:29 | 000,001,040 | ---- | M] () -- C:\Users\rajeev\Desktop\YouTube Downloader.lnk
[2013-02-03 11:59:04 | 000,008,449 | ---- | M] () -- C:\Users\rajeev\Desktop\tamil48s.gif
[2013-01-31 18:44:06 | 000,000,331 | ---- | M] () -- C:\0
[2013-01-31 18:07:57 | 000,102,015 | ---- | M] () -- C:\Users\rajeev\Desktop\RAJEEV DVD TO ASG 31 MAY 13.pdf
[2013-01-30 22:02:14 | 000,002,072 | ---- | M] () -- C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
[2013-01-30 22:02:14 | 000,002,072 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
[2013-01-28 19:21:31 | 000,102,799 | ---- | M] () -- C:\Users\rajeev\Desktop\MAS TO SBC 15 FEB 13.pdf
[2013-01-28 19:04:02 | 000,102,694 | ---- | M] () -- C:\Users\rajeev\Desktop\Sanjay.pdf
[2013-01-27 22:39:16 | 000,102,624 | ---- | M] () -- C:\Users\rajeev\Desktop\Sanjay Khiriya.pdf
[2013-01-27 22:04:56 | 000,102,025 | ---- | M] () -- C:\Users\rajeev\Desktop\IRCTC Ltd,Booked Ticket Printing.pdf
[2013-01-27 21:57:23 | 000,357,779 | ---- | M] () -- C:\Users\rajeev\Desktop\MMT bus e-ticket_NU27011932334427_Bangalore-Goa.pdf
 
[color=#E56717]========== Files Created - No Company Name ==========[/color]
 
[2013-02-04 22:51:25 | 000,000,090 | ---- | C] () -- C:\0.bak
[2013-02-03 23:14:29 | 000,001,040 | ---- | C] () -- C:\Users\rajeev\Desktop\YouTube Downloader.lnk
[2013-02-03 17:30:18 | 000,008,449 | ---- | C] () -- C:\Users\rajeev\Desktop\tamil48s.gif
[2013-01-31 18:07:57 | 000,102,015 | ---- | C] () -- C:\Users\rajeev\Desktop\RAJEEV DVD TO ASG 31 MAY 13.pdf
[2013-01-30 22:02:14 | 000,002,072 | ---- | C] () -- C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
[2013-01-30 22:02:14 | 000,002,072 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
[2013-01-28 19:21:31 | 000,102,799 | ---- | C] () -- C:\Users\rajeev\Desktop\MAS TO SBC 15 FEB 13.pdf
[2013-01-28 19:04:02 | 000,102,694 | ---- | C] () -- C:\Users\rajeev\Desktop\Sanjay.pdf
[2013-01-27 22:39:16 | 000,102,624 | ---- | C] () -- C:\Users\rajeev\Desktop\Sanjay Khiriya.pdf
[2013-01-27 22:04:56 | 000,102,025 | ---- | C] () -- C:\Users\rajeev\Desktop\IRCTC Ltd,Booked Ticket Printing.pdf
[2013-01-27 21:57:22 | 000,357,779 | ---- | C] () -- C:\Users\rajeev\Desktop\MMT bus e-ticket_NU27011932334427_Bangalore-Goa.pdf
[2012-08-26 21:12:50 | 000,020,400 | ---- | C] () -- C:\Users\rajeev\TEST.pro
[2012-08-16 18:36:53 | 000,007,597 | ---- | C] () -- C:\Users\rajeev\AppData\Local\Resmon.ResmonCfg
[2012-08-10 21:17:27 | 000,140,288 | ---- | C] () -- C:\Windows\System32\igfxtvcx.dll
[2012-08-06 20:29:45 | 000,615,936 | ---- | C] () -- C:\Windows\AutoKMS.exe
[2012-08-06 20:29:45 | 000,000,161 | ---- | C] () -- C:\Windows\AutoKMS.ini
[2012-06-18 13:07:16 | 000,116,189 | ---- | C] () -- C:\Windows\System32\drivers\klin.dat
[2012-06-18 13:07:16 | 000,098,168 | ---- | C] () -- C:\Windows\System32\drivers\klick.dat
[2011-08-25 21:41:03 | 000,874,032 | ---- | C] () -- C:\Windows\System32\igkrng575.bin
[2011-08-25 21:41:03 | 000,208,896 | ---- | C] () -- C:\Windows\System32\iglhsip32.dll
[2011-08-25 21:41:03 | 000,147,456 | ---- | C] () -- C:\Windows\System32\iglhcp32.dll
[2011-08-25 21:40:55 | 000,004,096 | ---- | C] ( ) -- C:\Windows\System32\IGFXDEVLib.dll
[2011-08-25 21:40:54 | 000,049,712 | ---- | C] () -- C:\Windows\System32\igfcg575m.bin
[2011-08-25 21:40:46 | 000,127,896 | ---- | C] () -- C:\Windows\System32\igcompkrng575.bin
[2011-08-25 21:40:38 | 000,000,151 | ---- | C] () -- C:\Windows\System32\GfxUI.exe.config
 
[color=#E56717]========== ZeroAccess Check ==========[/color]
 
[2009-07-14 10:12:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2009-07-14 06:46:14 | 012,866,560 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009-07-14 06:45:20 | 000,605,696 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009-07-14 06:46:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[color=#E56717]========== LOP Check ==========[/color]
 
[2012-07-22 13:06:42 | 000,000,000 | ---D | M] -- C:\Users\rajeev\AppData\Roaming\Ashampoo
[2012-07-10 19:47:47 | 000,000,000 | ---D | M] -- C:\Users\rajeev\AppData\Roaming\Babylon
[2012-07-22 12:27:53 | 000,000,000 | ---D | M] -- C:\Users\rajeev\AppData\Roaming\BitTorrent
[2012-12-03 19:57:30 | 000,000,000 | ---D | M] -- C:\Users\rajeev\AppData\Roaming\Bullzip
[2012-07-10 19:25:27 | 000,000,000 | ---D | M] -- C:\Users\rajeev\AppData\Roaming\DriverCure
[2012-07-10 19:25:27 | 000,000,000 | ---D | M] -- C:\Users\rajeev\AppData\Roaming\ParetoLogic
[2012-08-10 21:11:54 | 000,000,000 | ---D | M] -- C:\Users\rajeev\AppData\Roaming\Rovio
[2012-08-11 19:17:21 | 000,000,000 | ---D | M] -- C:\Users\rajeev\AppData\Roaming\Uniblue
[2012-07-10 19:47:42 | 000,000,000 | ---D | M] -- C:\Users\rajeev\AppData\Roaming\YourFileDownloader
 
[color=#E56717]========== Purity Check ==========[/color]
 
 

< End of report >