Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Detected bavarian.class,silezia.class,vain.class,vload.class by Norton


  • Please log in to reply

#1
pattanayak.abhishek

pattanayak.abhishek

    New Member

  • Member
  • Pip
  • 5 posts
Hi,
I think my PC is infected by trojan /virus from couple of days back.
Norton antivirus detected bavarian.class,silezia.class,vain.class,vload.class these trojans and quarantined the same. But it keeps coming back during each scan and I think do not it is cleared properly. I ran OTL and logs for the same are attached
Can you please help to sort out this issue?

Thanks & Regards,
Abhishek

OTL logfile created on: 21-06-2010 20:24:30 - Run 1
OTL by OldTimer - Version 3.2.6.1 Folder = C:\Users\abhishek\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6002.18005)
Locale: 00004009 | Country: India | Language: ENN | Date Format: dd-MM-yyyy

3.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 43.00% Memory free
6.00 Gb Paging File | 5.00 Gb Available in Paging File | 73.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 115.23 Gb Total Space | 28.57 Gb Free Space | 24.79% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
Drive H: | 107.71 Gb Total Space | 9.20 Gb Free Space | 8.54% Space Free | Partition Type: NTFS
I: Drive not present or media not loaded

Computer Name: ABHISHEK-PC
Current User Name: abhishek
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Standard
Quick Scan

========== Processes (SafeList) ==========

PRC - [2010-06-21 20:23:31 | 000,574,464 | ---- | M] (OldTimer Tools) -- C:\Users\abhishek\Desktop\OTL.exe
PRC - [2010-05-16 16:30:32 | 000,322,352 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files\uTorrent\uTorrent.exe
PRC - [2010-02-26 02:21:50 | 000,126,392 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton AntiVirus\Engine\17.7.0.12\ccsvchst.exe
PRC - [2010-02-03 10:46:52 | 001,531,904 | ---- | M] (Nokia) -- C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe
PRC - [2010-01-27 02:58:38 | 000,256,280 | R--- | M] (Adobe Systems, Inc.) -- C:\Windows\System32\Macromed\Flash\FlashUtil10e.exe
PRC - [2009-10-27 09:26:36 | 000,657,408 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
PRC - [2009-10-27 09:15:44 | 000,132,608 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
PRC - [2009-10-27 09:15:02 | 000,120,832 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
PRC - [2009-10-03 11:44:41 | 000,345,448 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Adobe\Reader 8.0\Reader\AcroRd32.exe
PRC - [2009-07-08 02:53:36 | 000,472,112 | ---- | M] (Cisco Systems, Inc.) -- C:\Program Files\Pure Networks\Network Magic\nmapp.exe
PRC - [2009-07-07 14:48:44 | 000,647,216 | ---- | M] (Cisco Systems, Inc.) -- C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe
PRC - [2009-07-07 14:48:44 | 000,647,216 | ---- | M] (Cisco Systems, Inc.) -- C:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe
PRC - [2009-04-11 00:27:40 | 000,299,520 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Internet Explorer\ieuser.exe
PRC - [2009-04-11 00:27:38 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009-03-06 12:59:12 | 000,020,376 | ---- | M] (WebEx Communications, Inc.) -- C:\Windows\System32\atashost.exe
PRC - [2008-11-24 23:31:12 | 000,087,904 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
PRC - [2008-11-24 23:31:08 | 000,239,968 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
PRC - [2008-01-19 09:38:38 | 001,008,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe
PRC - [2008-01-11 18:50:16 | 000,030,312 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
PRC - [2007-10-31 23:13:44 | 000,921,600 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
PRC - [2007-10-31 18:40:08 | 000,125,440 | ---- | M] (ArcSoft, Inc.) -- C:\Program Files\ArcSoft\Magic-i Visual Effects\uCamMonitor.exe
PRC - [2007-10-30 21:04:08 | 000,748,072 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
PRC - [2007-10-23 03:18:14 | 005,733,664 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\SonicStage Mastering Studio\Audio Filter\SSMSFilter.exe
PRC - [2007-09-29 06:11:44 | 000,292,128 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
PRC - [2007-09-20 19:03:02 | 000,550,776 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Update 3\VAIOUpdt.exe
PRC - [2007-09-19 21:09:58 | 000,311,296 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\ISB Utility\ISBMgr.exe
PRC - [2007-09-11 00:45:04 | 000,124,832 | ---- | M] () -- C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe
PRC - [2007-08-29 01:27:12 | 000,131,072 | ---- | M] (Sony Corporation) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
PRC - [2007-08-29 01:27:10 | 000,192,512 | ---- | M] (Sony Corporation) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
PRC - [2007-08-15 06:05:18 | 000,182,392 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
PRC - [2007-08-15 06:05:18 | 000,100,472 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Event Service\VESMgrSub.exe
PRC - [2007-06-28 17:52:48 | 000,274,432 | ---- | M] (Sony Corporation) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
PRC - [2007-06-15 21:45:20 | 000,469,112 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe
PRC - [2007-01-05 04:48:52 | 000,112,152 | R--- | M] (InterVideo) -- C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
PRC - [2007-01-01 23:22:02 | 003,739,648 | ---- | M] (Google) -- C:\Users\abhishek\AppData\Roaming\Google\Google Talk\googletalk.exe


========== Modules (SafeList) ==========

MOD - [2010-06-21 20:23:31 | 000,574,464 | ---- | M] (OldTimer Tools) -- C:\Users\abhishek\Desktop\OTL.exe
MOD - [2009-04-11 00:21:40 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0\comctl32.dll
MOD - [2008-01-19 09:33:00 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msscript.ocx


========== Win32 Services (SafeList) ==========

SRV - [2010-02-26 02:21:50 | 000,126,392 | R--- | M] (Symantec Corporation) [Unknown | Running] -- C:\Program Files\Norton AntiVirus\Engine\17.7.0.12\ccSvcHst.exe -- (NAV)
SRV - [2009-12-21 11:00:02 | 000,664,944 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VAIO Update 5\VUAgent.exe -- (VUAgent)
SRV - [2009-10-27 09:26:36 | 000,657,408 | ---- | M] (Nokia) [On_Demand | Running] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2009-09-25 03:27:04 | 000,793,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\FntCache.dll -- (FontCache)
SRV - [2009-07-07 14:48:44 | 000,647,216 | ---- | M] (Cisco Systems, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe -- (nmservice)
SRV - [2009-05-27 04:27:04 | 029,262,680 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe -- (MSSQL$MSSMLBIZ) SQL Server (MSSMLBIZ)
SRV - [2009-03-06 12:59:12 | 000,020,376 | ---- | M] (WebEx Communications, Inc.) [Auto | Running] -- C:\Windows\System32\atashost.exe -- (atashost)
SRV - [2008-11-24 23:31:12 | 000,087,904 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe -- (SQLWriter)
SRV - [2008-11-24 23:31:08 | 000,239,968 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe -- (SQLBrowser)
SRV - [2008-11-24 23:31:08 | 000,045,408 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe -- (MSSQLServerADHelper)
SRV - [2008-04-30 05:50:36 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2008-01-19 09:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2008-01-11 18:50:16 | 000,030,312 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe -- (BcmSqlStartupSvc)
SRV - [2007-10-31 18:40:08 | 000,125,440 | ---- | M] (ArcSoft, Inc.) [Auto | Running] -- C:\Program Files\ArcSoft\Magic-i Visual Effects\uCamMonitor.exe -- (uCamMonitor)
SRV - [2007-09-29 06:11:44 | 000,292,128 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe -- (VcmIAlzMgr)
SRV - [2007-09-23 20:36:38 | 002,818,048 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe -- (VAIOMediaPlatform-IntegratedServer-AppServer)
SRV - [2007-09-21 03:52:32 | 000,079,136 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper.exe -- (VcmXmlIfHelper)
SRV - [2007-09-11 00:45:04 | 000,124,832 | ---- | M] () [Auto | Running] -- C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor6.0)
SRV - [2007-08-29 01:27:12 | 000,131,072 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe -- (VzFw)
SRV - [2007-08-29 01:27:10 | 000,192,512 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe -- (VzCdbSvc)
SRV - [2007-08-15 06:05:18 | 000,182,392 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Sony\VAIO Event Service\VESMgr.exe -- (VAIO Event Service)
SRV - [2007-08-09 09:51:32 | 000,499,712 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe -- (VAIOMediaPlatform-Mobile-Gateway)
SRV - [2007-08-09 09:51:30 | 001,089,536 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe -- (VAIOMediaPlatform-UCLS-UPnP) VAIO Media Content Collection (UPnP)
SRV - [2007-08-09 09:51:30 | 001,089,536 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe -- (VAIOMediaPlatform-IntegratedServer-UPnP) VAIO Media Integrated Server (UPnP)
SRV - [2007-08-09 09:51:30 | 000,397,312 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe -- (VAIOMediaPlatform-UCLS-HTTP) VAIO Media Content Collection (HTTP)
SRV - [2007-08-09 09:51:30 | 000,397,312 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe -- (VAIOMediaPlatform-IntegratedServer-HTTP) VAIO Media Integrated Server (HTTP)
SRV - [2007-06-28 17:53:04 | 000,073,728 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe -- (VAIO Entertainment TV Device Arbitration Service)
SRV - [2007-06-28 17:52:48 | 000,274,432 | ---- | M] (Sony Corporation) [On_Demand | Running] -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe -- (Vcsw)
SRV - [2007-06-15 04:07:44 | 000,075,952 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\Image Converter 3\ICScsiSV.exe -- (ICScsiSV)
SRV - [2007-06-15 04:07:36 | 000,059,568 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\Image Converter 3\IcVzMon.exe -- (Image Converter video recording monitor for VAIO Entertainment)
SRV - [2007-01-11 01:51:06 | 000,745,472 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VAIO Media Integrated Server\UCLS.exe -- (VAIOMediaPlatform-UCLS-AppServer)
SRV - [2007-01-05 04:48:52 | 000,112,152 | R--- | M] (InterVideo) [Auto | Running] -- C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe -- (IviRegMgr)
SRV - [2006-12-14 11:21:20 | 000,045,056 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe -- (MSCSPTISRV)
SRV - [2006-12-14 11:02:08 | 000,069,632 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe -- (SPTISRV)
SRV - [2006-12-14 10:46:16 | 000,057,344 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe -- (PACSPTISVR)
SRV - [2005-11-14 10:06:04 | 000,069,632 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe -- (IDriverT)


========== Driver Services (SafeList) ==========

DRV - [2010-05-28 22:04:06 | 000,371,248 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2010-05-28 22:04:06 | 000,102,448 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2010-05-28 21:33:19 | 000,344,112 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_17.0.0.136\Definitions\IPSDefs\20100617.005\IDSvix86.sys -- (IDSVix86)
DRV - [2010-05-22 20:16:04 | 000,691,248 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_17.0.0.136\Definitions\BASHDefs\20100522.001\BHDrvx86.sys -- (BHDrvx86)
DRV - [2010-05-12 21:19:40 | 001,347,504 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_17.0.0.136\Definitions\VirusDefs\20100621.002\NAVEX15.SYS -- (NAVEX15)
DRV - [2010-05-12 21:19:40 | 000,085,552 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_17.0.0.136\Definitions\VirusDefs\20100621.002\NAVENG.SYS -- (NAVENG)
DRV - [2010-05-06 06:01:59 | 000,339,504 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\Drivers\NAV\1107000.00C\SYMTDIV.SYS -- (SYMTDIv)
DRV - [2010-04-29 07:03:51 | 000,116,784 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\system32\drivers\NAV\1107000.00C\Ironx86.SYS -- (SymIRON)
DRV - [2010-04-22 05:02:20 | 000,173,104 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\system32\drivers\NAV\1107000.00C\SYMEFA.SYS -- (SymEFA)
DRV - [2010-04-22 04:29:50 | 000,325,680 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\Drivers\NAV\1107000.00C\SRTSP.SYS -- (SRTSP)
DRV - [2010-04-22 04:29:50 | 000,043,696 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\system32\drivers\NAV\1107000.00C\SRTSPX.SYS -- (SRTSPX) Symantec Real Time Storage Protection (PEL)
DRV - [2010-02-26 14:32:58 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2010-02-26 14:32:46 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2010-02-26 14:32:44 | 000,022,528 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2010-02-26 14:32:44 | 000,018,176 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2010-02-26 14:21:22 | 000,137,344 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nmwcdnsu.sys -- (nmwcdnsu)
DRV - [2010-02-26 14:21:22 | 000,008,320 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nmwcdnsuc.sys -- (nmwcdnsuc)
DRV - [2010-02-26 02:22:57 | 000,501,888 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\system32\drivers\NAV\1107000.00C\ccHPx86.sys -- (ccHP)
DRV - [2009-12-22 00:34:46 | 000,124,976 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2009-11-06 00:06:13 | 000,328,752 | ---- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\NAV\1107000.00C\SYMDS.SYS -- (SymDS)
DRV - [2009-09-02 03:09:24 | 000,176,128 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169)
DRV - [2009-07-07 14:48:44 | 000,027,696 | ---- | M] (Cisco Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\purendis.sys -- (purendis)
DRV - [2009-07-07 14:48:44 | 000,026,672 | ---- | M] (Cisco Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\pnarp.sys -- (pnarp)
DRV - [2008-08-26 09:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2007-11-16 02:29:22 | 000,818,688 | ---- | M] (Texas Instruments) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ti21sony.sys -- (ti21sony)
DRV - [2007-11-15 02:02:30 | 000,017,448 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\btwrchid.sys -- (btwrchid)
DRV - [2007-11-15 02:02:27 | 000,099,880 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\btwavdt.sys -- (btwavdt)
DRV - [2007-11-15 02:02:27 | 000,081,448 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\btwaudio.sys -- (btwaudio)
DRV - [2007-11-15 02:01:19 | 000,028,464 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\btwl2cap.sys -- (btwl2cap)
DRV - [2007-10-30 04:30:30 | 000,017,920 | ---- | M] (ArcSoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ArcSoftKsUFilter.sys -- (ArcSoftKsUFilter)
DRV - [2007-10-19 02:22:07 | 002,930,176 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2007-10-17 02:01:59 | 000,073,472 | ---- | M] (Ricoh) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\R5U870FLx86.sys -- (R5U870FLx86)
DRV - [2007-10-17 02:01:59 | 000,043,904 | ---- | M] (Ricoh) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\R5U870FUx86.sys -- (R5U870FUx86)
DRV - [2007-10-16 05:57:24 | 000,743,424 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2007-10-03 02:04:29 | 000,047,376 | ---- | M] (UPEK Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tcusb.sys -- (TcUsb)
DRV - [2007-09-26 14:12:22 | 002,251,776 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NETw4v32.sys -- (NETw4v32) Intel®
DRV - [2007-09-19 23:38:18 | 000,010,216 | ---- | M] (Sony Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\DMICall.sys -- (DMICall)
DRV - [2007-09-05 02:02:46 | 000,008,192 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio)
DRV - [2007-09-05 02:02:39 | 000,985,600 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSX_DPV.sys -- (HSF_DPV)
DRV - [2007-09-05 02:02:35 | 000,659,968 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSX_CNXT.sys -- (winachsf)
DRV - [2007-09-05 02:02:35 | 000,207,360 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSXHWAZL.sys -- (HSXHWAZL)
DRV - [2007-08-29 03:58:45 | 000,009,344 | ---- | M] (Sony Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SFEP.sys -- (SFEP)
DRV - [2007-05-26 10:03:06 | 000,128,104 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\WimFltr.sys -- (WimFltr)
DRV - [2007-04-18 05:09:28 | 000,011,032 | ---- | M] (InterVideo) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\regi.sys -- (regi)
DRV - [2007-04-08 04:33:12 | 001,761,696 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RTKVHDA.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2007-03-10 03:58:05 | 000,181,560 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SynTP.sys -- (SynTP)
DRV - [2006-11-02 11:51:45 | 000,900,712 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300)
DRV - [2006-11-02 11:51:38 | 000,420,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx)
DRV - [2006-11-02 11:51:34 | 000,316,520 | ---- | M] (Emulex) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor)
DRV - [2006-11-02 11:51:32 | 000,297,576 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci)
DRV - [2006-11-02 11:51:25 | 000,235,112 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci)
DRV - [2006-11-02 11:51:25 | 000,232,040 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV)
DRV - [2006-11-02 11:51:00 | 000,147,048 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320)
DRV - [2006-11-02 11:50:45 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2)
DRV - [2006-11-02 11:50:41 | 000,112,232 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid)
DRV - [2006-11-02 11:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx)
DRV - [2006-11-02 11:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata)
DRV - [2006-11-02 11:50:35 | 000,098,408 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m)
DRV - [2006-11-02 11:50:24 | 000,088,680 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid)
DRV - [2006-11-02 11:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960)
DRV - [2006-11-02 11:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp)
DRV - [2006-11-02 11:50:16 | 000,071,784 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4)
DRV - [2006-11-02 11:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor)
DRV - [2006-11-02 11:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx)
DRV - [2006-11-02 11:50:10 | 000,067,688 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas)
DRV - [2006-11-02 11:50:10 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI)
DRV - [2006-11-02 11:50:10 | 000,038,504 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid2.sys -- (SiSRaid2)
DRV - [2006-11-02 11:50:10 | 000,037,480 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs)
DRV - [2006-11-02 11:50:09 | 000,067,688 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arc.sys -- (arc)
DRV - [2006-11-02 11:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid)
DRV - [2006-11-02 11:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi)
DRV - [2006-11-02 11:50:05 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS)
DRV - [2006-11-02 11:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx)
DRV - [2006-11-02 11:50:04 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC)
DRV - [2006-11-02 11:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3)
DRV - [2006-11-02 11:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x)
DRV - [2006-11-02 11:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi)
DRV - [2006-11-02 11:49:53 | 000,028,776 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasas.sys -- (megasas)
DRV - [2006-11-02 11:49:30 | 000,017,512 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\viaide.sys -- (viaide)
DRV - [2006-11-02 11:49:28 | 000,016,488 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide)
DRV - [2006-11-02 11:49:20 | 000,014,952 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\aliide.sys -- (aliide)
DRV - [2006-11-02 10:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
DRV - [2006-11-02 10:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer)
DRV - [2006-11-02 10:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp)
DRV - [2006-11-02 10:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo)
DRV - [2006-11-02 10:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm)
DRV - [2006-11-02 10:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm)
DRV - [2006-11-02 09:41:49 | 000,200,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VSTAZL3.SYS -- (HSFHWAZL)
DRV - [2006-11-02 09:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi)
DRV - [2006-11-02 09:30:54 | 001,781,760 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NETw3v32.sys -- (NETw3v32) Intel®
DRV - [2006-11-02 09:30:54 | 000,117,760 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60) Intel®


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\..\URLSearchHook: {68f17a93-fc78-4565-8bb4-04105d1725cc} - C:\Program Files\sudeep333\tbsude.dll (Conduit Ltd.)

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://vaio-online.sony.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {68f17a93-fc78-4565-8bb4-04105d1725cc} - C:\Program Files\sudeep333\tbsude.dll (Conduit Ltd.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = 83.136.1.154:8118

========== FireFox ==========

FF - prefs.js..extensions.enabledItems: {BBDA0591-3099-440a-AA10-41764D9DB4DB}:2.0
FF - prefs.js..extensions.enabledItems: {3e450467-892a-45b8-9ed8-90e8d3bf2ad7}:0.4.15
FF - prefs.js..extensions.enabledItems: [email protected]:1.0.0.723
FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:1.0
FF - prefs.js..extensions.enabledItems: {A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}:7.3.2.26
FF - prefs.js..network.proxy.ftp: "83.136.1.154"
FF - prefs.js..network.proxy.ftp_port: 8118
FF - prefs.js..network.proxy.gopher: "83.136.1.154"
FF - prefs.js..network.proxy.gopher_port: 8118
FF - prefs.js..network.proxy.http: "83.136.1.154"
FF - prefs.js..network.proxy.http_port: 8118
FF - prefs.js..network.proxy.no_proxies_on: "localhost,127.0.0.1"
FF - prefs.js..network.proxy.share_proxy_settings: true
FF - prefs.js..network.proxy.socks: "83.136.1.154"
FF - prefs.js..network.proxy.socks_port: 8118
FF - prefs.js..network.proxy.ssl: "83.136.1.154"
FF - prefs.js..network.proxy.ssl_port: 8118

FF - HKLM\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Program Files\Real\RealPlayer\browserrecord [2008-12-07 20:30:15 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_17.0.0.136\IPSFFPlgn\ [2010-05-28 22:04:02 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}: C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension\ [2010-05-26 21:27:04 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\Nokia\Nokia PC Suite 7\bkmrksync\ [2010-05-26 23:01:45 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.19\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010-05-31 20:52:27 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.19\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010-05-31 20:52:28 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Thunderbird\Extensions\\{CCB7D94B-CA92-4E3F-B79D-ADE0F07ADC74}: C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension\ [2010-05-26 21:27:05 | 000,000,000 | ---D | M]

[2009-04-25 00:26:13 | 000,000,000 | ---D | M] -- C:\Users\abhishek\AppData\Roaming\Mozilla\Extensions
[2010-06-15 14:15:36 | 000,000,000 | ---D | M] -- C:\Users\abhishek\AppData\Roaming\Mozilla\Firefox\Profiles\58alugkv.default\extensions
[2009-08-01 19:48:37 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\abhishek\AppData\Roaming\Mozilla\Firefox\Profiles\58alugkv.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2009-10-12 00:20:33 | 000,000,000 | ---D | M] (No name found) -- C:\Users\abhishek\AppData\Roaming\Mozilla\Firefox\Profiles\58alugkv.default\extensions\{3e450467-892a-45b8-9ed8-90e8d3bf2ad7}
[2010-06-15 14:15:36 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010-05-31 20:52:19 | 000,001,538 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazon-en-GB.xml
[2010-05-31 20:52:19 | 000,000,947 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\chambers-en-GB.xml
[2010-05-31 20:52:20 | 000,000,759 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay-en-GB.xml
[2010-05-31 20:52:20 | 000,000,831 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-en-GB.xml

O1 HOSTS File: ([2008-11-18 22:56:20 | 000,000,709 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Skype add-on (mastermind)) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (BHOManager Class) - {474264BC-9571-47C1-85B9-780F756DC9CE} - C:\Windows\System32\BHOManager.dll (Mercury Interactive Corp.)
O2 - BHO: (sudeep333 Toolbar) - {68f17a93-fc78-4565-8bb4-04105d1725cc} - C:\Program Files\sudeep333\tbsude.dll (Conduit Ltd.)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton AntiVirus\Engine\17.7.0.12\ipsbho.dll (Symantec Corporation)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (no name) - - No CLSID value found.
O3 - HKLM\..\Toolbar: (sudeep333 Toolbar) - {68f17a93-fc78-4565-8bb4-04105d1725cc} - C:\Program Files\sudeep333\tbsude.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {472734EA-242A-422B-ADF8-83D1E48CC825} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (sudeep333 Toolbar) - {68F17A93-FC78-4565-8BB4-04105D1725CC} - C:\Program Files\sudeep333\tbsude.dll (Conduit Ltd.)
O4 - HKLM..\Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe File not found
O4 - HKLM..\Run: [IgfxTray] C:\Windows\System32\igfxtray.exe File not found
O4 - HKLM..\Run: [ISBMgr.exe] C:\Program Files\Sony\ISB Utility\ISBMgr.exe (Sony Corporation)
O4 - HKLM..\Run: [nmapp] C:\Program Files\Pure Networks\Network Magic\nmapp.exe (Cisco Systems, Inc.)
O4 - HKLM..\Run: [nmctxth] C:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe (Cisco Systems, Inc.)
O4 - HKLM..\Run: [NokiaMServer] C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe (Nokia)
O4 - HKLM..\Run: [Persistence] C:\Windows\System32\igfxpers.exe File not found
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [Skytel] C:\Windows\SkyTel.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe ()
O4 - HKLM..\Run: [UnlockerAssistant] C:\Program Files\Unlocker\UnlockerAssistant.exe File not found
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [] File not found
O4 - HKCU..\Run: [googletalk] C:\Users\abhishek\AppData\Roaming\Google\Google Talk\googletalk.exe (Google)
O4 - HKCU..\Run: [NokiaOviSuite2] C:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe (Nokia)
O4 - Startup: C:\Users\abhishek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Audio Filter.lnk = C:\Program Files\Sony\SonicStage Mastering Studio\Audio Filter\SSMSFilter.exe (Sony Corporation)
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Transfer by Image Converter 3 - C:\Program Files\Sony\Image Converter 3\menu.htm ()
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {0246ECA8-996F-11D1-BE2F-00A0C9037DFE} http://www.anandabaz...er/tdserver.cab (TDServer Control)
O16 - DPF: {3EA4FA88-E0BE-419A-A732-9B79B87A6ED0} http://dl.tvunetworks.com/TVUAx.cab (CTVUAxCtrl Object)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...r/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} (Reg Error: Value error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 212.54.40.25 212.54.35.25
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\HTLFP - No CLSID value found
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\pure-go {4746C79A-2042-4332-8650-48966E44ABA8} - C:\Program Files\Common Files\Pure Networks Shared\Platform\puresp4.dll (Cisco Systems, Inc.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\vfsp - No CLSID value found
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - File not found
O20 - Winlogon\Notify\VESWinlogon: DllName - VESWinlogon.dll - C:\Windows\System32\VESWinlogon.dll (Sony Corporation)
O24 - Desktop WallPaper: C:\Users\Public\Pictures\Sample Pictures\Dock.jpg
O24 - Desktop BackupWallPaper: C:\Users\Public\Pictures\Sample Pictures\Dock.jpg
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006-09-18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{540de65c-7bdc-11de-b81f-001a80cd2670}\Shell\AutoRun\command - "" = ECLIPSE.EXE
O33 - MountPoints2\{540de65f-7bdc-11de-b81f-001a80cd2670}\Shell - "" = AutoRun
O33 - MountPoints2\{540de65f-7bdc-11de-b81f-001a80cd2670}\Shell\AutoRun\command - "" = G:\LaunchU3.exe -- File not found
O33 - MountPoints2\{7afe31e7-53bc-11df-98e7-001a80cd2670}\Shell\AutoRun\command - "" = G:\APPInst.exe -- File not found
O33 - MountPoints2\{9b67362a-f35c-11dd-b1bb-001a80cd2670}\Shell\AutoRun\command - "" = G:\wdsync.exe -- File not found
O33 - MountPoints2\{b759ed12-3186-11de-8f24-001a80cd2670}\Shell\Auto\command - "" = Folders.exe
O33 - MountPoints2\{b759ed15-3186-11de-8f24-001a80cd2670}\Shell - "" = AutoRun
O33 - MountPoints2\{b759ed15-3186-11de-8f24-001a80cd2670}\Shell\AutoRun\command - "" = I:\LaunchU3.exe -- File not found
O33 - MountPoints2\{f28b2f38-10ef-11df-9c98-001a80cd2670}\Shell\AutoRun\command - "" = G:\tmp\bak.exe -- File not found
O33 - MountPoints2\{f28b2f38-10ef-11df-9c98-001a80cd2670}\Shell\explore\command - "" = G:\tmp\bak.exe -- File not found
O33 - MountPoints2\{f28b2f38-10ef-11df-9c98-001a80cd2670}\Shell\open\comMand - "" = G:\tmp\bak.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias [2008-11-15 00:42:31 | 000,000,000 | ---D | M]
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: Wmi - C:\Windows\System32\wmi.dll (Microsoft Corporation)
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found

Drivers32: aux - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: midi - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: midi1 - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: midi2 - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: midi3 - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: midimapper - C:\Windows\System32\midimap.dll (Microsoft Corporation)
Drivers32: mixer - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: mixer1 - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: mixer2 - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: mixer3 - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: msacm.divxa32 - C:\Windows\System32\divxa32.acm (Kristal StudioDFileDescription)
Drivers32: msacm.imaadpcm - C:\Windows\System32\imaadp32.acm (Microsoft Corporation)
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.msadpcm - C:\Windows\System32\msadp32.acm (Microsoft Corporation)
Drivers32: msacm.msg711 - C:\Windows\System32\msg711.acm (Microsoft Corporation)
Drivers32: msacm.msgsm610 - C:\Windows\System32\msgsm32.acm (Microsoft Corporation)
Drivers32: msacm.sl_anet - C:\Windows\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
Drivers32: VIDC.dvsd - C:\Program Files\Common Files\Sony Shared\VideoLib\sonydv.dll (Sony Corporation)
Drivers32: VIDC.FFDS - C:\Windows\System32\ff_vfw.dll ()
Drivers32: vidc.i420 - C:\Windows\System32\iyuv_32.dll (Microsoft Corporation)
Drivers32: VIDC.IYUV - C:\Windows\System32\iyuv_32.dll (Microsoft Corporation)
Drivers32: vidc.mrle - C:\Windows\System32\msrle32.dll (Microsoft Corporation)
Drivers32: vidc.msvc - C:\Windows\System32\msvidc32.dll (Microsoft Corporation)
Drivers32: VIDC.UYVY - C:\Windows\System32\msyuv.dll (Microsoft Corporation)
Drivers32: vidc.XVID - C:\Windows\System32\xvidvfw.dll ()
Drivers32: VIDC.YUY2 - C:\Windows\System32\msyuv.dll (Microsoft Corporation)
Drivers32: VIDC.YVU9 - C:\Windows\System32\tsbyuv.dll (Microsoft Corporation)
Drivers32: VIDC.YVYU - C:\Windows\System32\msyuv.dll (Microsoft Corporation)
Drivers32: wave - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: wave1 - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: wave2 - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: wave3 - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: wavemapper - C:\Windows\System32\msacm32.drv (Microsoft Corporation)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 90 Days ==========

[2010-06-21 20:23:23 | 000,574,464 | ---- | C] (OldTimer Tools) -- C:\Users\abhishek\Desktop\OTL.exe
[2010-06-21 19:07:44 | 000,000,000 | ---D | C] -- C:\Program Files\Linksys
[2010-06-21 19:02:16 | 000,000,000 | ---D | C] -- C:\Program Files\Pure Networks
[2010-06-21 19:01:55 | 000,076,184 | ---- | C] (WebEx Communications, Inc.) -- C:\Windows\System32\atsckernel.exe
[2010-06-21 19:01:50 | 000,020,376 | ---- | C] (WebEx Communications, Inc.) -- C:\Windows\System32\atashost.exe
[2010-06-21 19:01:45 | 000,000,000 | ---D | C] -- C:\ProgramData\webex
[2010-06-21 18:59:44 | 000,000,000 | ---D | C] -- C:\Windows\LastGood
[2010-06-21 18:59:22 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Pure Networks Shared
[2010-06-21 18:58:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Pure Networks
[2010-06-20 19:04:01 | 000,000,000 | ---D | C] -- C:\Users\abhishek\AppData\Local\Adobe
[2010-06-20 19:03:08 | 000,000,000 | ---D | C] -- C:\Poirot
[2010-06-20 02:54:43 | 000,000,000 | ---D | C] -- C:\!FixIEDef
[2010-06-20 02:37:36 | 000,000,000 | ---D | C] -- C:\Program Files\ERUNT
[2010-06-20 02:36:43 | 000,791,393 | ---- | C] (Lars Hederer ) -- C:\Users\abhishek\Desktop\erunt_setup.exe
[2010-06-20 02:24:58 | 000,444,416 | ---- | C] (OldTimer Tools) -- C:\Users\abhishek\Desktop\TFC.exe
[2010-06-20 02:17:52 | 000,000,000 | ---D | C] -- C:\Users\abhishek\AppData\Roaming\Malwarebytes
[2010-06-20 02:17:38 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010-06-20 02:17:37 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010-06-20 02:17:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010-06-20 02:17:34 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010-06-20 02:11:36 | 006,153,384 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\abhishek\Desktop\mbam-setup.exe
[2010-06-20 01:43:43 | 001,652,688 | ---- | C] (Threat Expert Ltd.) -- C:\Windows\PCTBDCore.dll.old
[2010-06-20 01:40:43 | 000,000,000 | ---D | C] -- C:\Program Files\Spyware Doctor
[2010-06-20 01:40:23 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP
[2010-06-19 23:41:09 | 000,000,000 | ---D | C] -- C:\The.Hunt.For.Red.October.1990.720p.HDDVD.x264-SiNNERS
[2010-06-17 00:53:43 | 000,000,000 | ---D | C] -- C:\Users\abhishek\Desktop\n97 themes
[2010-06-15 14:27:38 | 000,000,000 | ---D | C] -- C:\Users\abhishek\Desktop\Sams.Teach.Yourself.Programming.with.Java.in.24.Hours__www.amaderforum.com
[2010-05-29 19:37:31 | 000,000,000 | ---D | C] -- C:\Users\abhishek\Desktop\SmartMovie converted files
[2010-05-29 19:37:14 | 000,000,000 | ---D | C] -- C:\Program Files\Lonely Cat Games
[2010-05-29 19:36:45 | 000,000,000 | ---D | C] -- C:\Users\abhishek\Desktop\SMART-MOVIE v4.15
[2010-05-29 18:52:26 | 000,000,000 | ---D | C] -- C:\Users\abhishek\Desktop\LCG SmartMovie 4[1].15 S60 v5Cracked by MTOi
[2010-05-26 23:02:32 | 000,000,000 | ---D | C] -- C:\Users\abhishek\AppData\Roaming\PC Suite
[2010-05-26 23:02:31 | 000,000,000 | ---D | C] -- C:\ProgramData\PC Suite
[2010-05-26 23:01:46 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\PCSuite
[2010-05-26 23:01:09 | 000,018,816 | ---- | C] (Nokia) -- C:\Windows\System32\drivers\pccsmcfd.sys
[2010-05-26 22:59:26 | 000,000,000 | ---D | C] -- C:\Program Files\PC Connectivity Solution
[2010-05-26 22:39:37 | 000,000,000 | ---D | C] -- C:\Users\abhishek\{155ea21d-9c3d-447b-8aff-d305f5ddb2df}
[2010-05-26 22:21:28 | 001,018,368 | ---- | C] (Nokia) -- C:\Users\abhishek\Desktop\Nokia_PC_Suite_Cleaner_7_1_1.exe
[2010-05-26 21:38:09 | 000,000,000 | ---D | C] -- C:\Users\abhishek\Documents\Ovi
[2010-05-26 21:32:23 | 000,000,000 | ---D | C] -- C:\Users\abhishek\AppData\Local\NokiaAccount
[2010-05-26 21:26:22 | 000,000,000 | ---D | C] -- C:\ProgramData\OviInstallerCache
[2010-05-16 22:34:36 | 000,000,000 | ---D | C] -- C:\Windows\Sun
[2010-04-30 16:52:01 | 000,000,000 | ---D | C] -- C:\Users\abhishek\Desktop\Sambit's send off
[2010-04-19 01:26:34 | 000,000,000 | ---D | C] -- C:\Users\abhishek\Desktop\RingTone
[2010-04-19 00:24:15 | 000,000,000 | ---D | C] -- C:\Users\abhishek\Desktop\memoryup

========== Files - Modified Within 90 Days ==========

[2010-06-21 20:29:17 | 004,980,736 | -HS- | M] () -- C:\Users\abhishek\ntuser.dat
[2010-06-21 20:25:53 | 002,038,032 | ---- | M] () -- C:\Windows\System32\drivers\NAV\1107000.00C\Cat.DB
[2010-06-21 20:23:31 | 000,574,464 | ---- | M] (OldTimer Tools) -- C:\Users\abhishek\Desktop\OTL.exe
[2010-06-21 20:23:00 | 000,000,920 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3270600614-422760174-1701076347-1003UA.job
[2010-06-21 19:02:20 | 000,001,940 | ---- | M] () -- C:\Users\Public\Desktop\Network Magic.lnk
[2010-06-21 19:01:40 | 008,892,928 | ---- | M] () -- C:\ProgramData\atscie.msi
[2010-06-21 18:47:32 | 000,005,296 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010-06-21 18:47:32 | 000,005,296 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010-06-21 18:47:27 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010-06-21 18:47:24 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010-06-21 18:47:19 | 3219,578,880 | -HS- | M] () -- C:\hiberfil.sys
[2010-06-21 09:59:51 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2010-06-21 09:59:47 | 000,524,288 | -HS- | M] () -- C:\Users\abhishek\ntuser.dat{4a400acf-ec16-11de-9c89-001a80cd2670}.TMContainer00000000000000000001.regtrans-ms
[2010-06-21 09:59:47 | 000,065,536 | -HS- | M] () -- C:\Users\abhishek\ntuser.dat{4a400acf-ec16-11de-9c89-001a80cd2670}.TM.blf
[2010-06-21 09:59:05 | 002,136,160 | -H-- | M] () -- C:\Users\abhishek\AppData\Local\IconCache.db
[2010-06-21 07:27:56 | 000,000,424 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{7E7E64CB-B714-44CB-8064-85D510E98309}.job
[2010-06-21 00:23:00 | 000,000,868 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3270600614-422760174-1701076347-1003Core.job
[2010-06-21 00:21:57 | 000,129,024 | ---- | M] () -- C:\Users\abhishek\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010-06-20 02:37:37 | 000,000,733 | ---- | M] () -- C:\Users\abhishek\Desktop\NTREGOPT.lnk
[2010-06-20 02:36:48 | 000,791,393 | ---- | M] (Lars Hederer ) -- C:\Users\abhishek\Desktop\erunt_setup.exe
[2010-06-20 02:25:04 | 000,444,416 | ---- | M] (OldTimer Tools) -- C:\Users\abhishek\Desktop\TFC.exe
[2010-06-20 02:17:43 | 000,000,818 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010-06-20 02:14:20 | 000,082,756 | ---- | M] () -- C:\Users\abhishek\Desktop\Payment Solution.pptx
[2010-06-20 02:11:54 | 006,153,384 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\abhishek\Desktop\mbam-setup.exe
[2010-06-19 19:43:50 | 000,768,766 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2010-06-19 19:43:50 | 000,655,412 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010-06-19 19:43:50 | 000,126,766 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010-06-15 13:41:11 | 199,700,101 | ---- | M] () -- C:\Users\abhishek\Desktop\eclipse-jee-galileo-SR2-win32.zip
[2010-06-11 23:19:05 | 000,002,019 | ---- | M] () -- C:\Users\abhishek\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2010-06-11 23:19:04 | 000,002,057 | ---- | M] () -- C:\Users\abhishek\Desktop\Google Chrome.lnk
[2010-06-11 22:07:13 | 000,401,328 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2010-05-29 19:37:16 | 000,001,039 | ---- | M] () -- C:\Users\abhishek\Desktop\SmartMovie Converter.lnk
[2010-05-29 19:36:19 | 001,514,164 | ---- | M] () -- C:\Users\abhishek\Desktop\SMART-MOVIE v4.15.rar
[2010-05-29 18:52:13 | 000,640,594 | ---- | M] () -- C:\Users\abhishek\Desktop\LCG SmartMovie 4[1].15 S60 v5Cracked by MTOi.rar
[2010-05-28 21:53:26 | 000,002,125 | ---- | M] () -- C:\Users\Public\Desktop\Norton AntiVirus.lnk
[2010-05-26 23:01:49 | 000,001,903 | ---- | M] () -- C:\Users\Public\Desktop\Nokia PC Suite.lnk
[2010-05-26 22:52:17 | 034,399,664 | ---- | M] () -- C:\Users\abhishek\Desktop\Nokia_PC_Suite_eng_web.exe
[2010-05-26 22:35:11 | 000,002,041 | ---- | M] () -- C:\Users\Public\Desktop\Nokia Software Updater.lnk
[2010-05-26 22:34:33 | 035,607,992 | ---- | M] () -- C:\Users\abhishek\Desktop\NokiaSoftwareUpdaterSetup_en.exe
[2010-05-26 22:29:36 | 000,109,648 | ---- | M] () -- C:\Users\abhishek\AppData\Local\GDIPFONTCACHEV1.DAT
[2010-05-26 22:21:32 | 001,018,368 | ---- | M] (Nokia) -- C:\Users\abhishek\Desktop\Nokia_PC_Suite_Cleaner_7_1_1.exe
[2010-05-26 21:29:22 | 000,001,928 | ---- | M] () -- C:\Users\Public\Desktop\Nokia Ovi Suite.lnk
[2010-05-26 21:18:19 | 098,366,952 | ---- | M] () -- C:\Users\abhishek\Desktop\Nokia_Ovi_Suite_webinstaller_ALL.exe
[2010-05-26 20:47:58 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_ccdcmb_01009.Wdf
[2010-05-26 20:47:55 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\MsftWdf_Kernel_01009_Coinstaller_Critical.Wdf
[2010-05-18 23:59:59 | 000,012,803 | ---- | M] () -- C:\Users\abhishek\Desktop\WASUP_CADS_Effort_Split_UP.xls.xlsx
[2010-05-18 21:53:46 | 000,027,648 | ---- | M] () -- C:\Users\abhishek\Desktop\WASUP_CADS_Effort_Estimation_1.xls
[2010-05-14 08:36:08 | 000,000,172 | ---- | M] () -- C:\Windows\System32\drivers\NAV\1107000.00C\isolate.ini
[2010-05-06 12:45:40 | 037,267,456 | ---- | M] () -- C:\ToadforOracle105SetupFreeware.msi
[2010-05-06 06:01:59 | 000,339,504 | ---- | M] (Symantec Corporation) -- C:\Windows\System32\drivers\NAV\1107000.00C\symtdiv.sys
[2010-05-06 06:01:43 | 000,001,473 | ---- | M] () -- C:\Windows\System32\drivers\NAV\1107000.00C\symnetv.inf
[2010-05-06 06:01:43 | 000,001,445 | ---- | M] () -- C:\Windows\System32\drivers\NAV\1107000.00C\symnet.inf
[2010-04-29 15:39:38 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010-04-29 15:39:26 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010-04-29 07:03:51 | 000,116,784 | ---- | M] (Symantec Corporation) -- C:\Windows\System32\drivers\NAV\1107000.00C\ironx86.sys
[2010-04-29 07:03:51 | 000,007,438 | ---- | M] () -- C:\Windows\System32\drivers\NAV\1107000.00C\iron.cat
[2010-04-29 07:03:51 | 000,000,741 | ---- | M] () -- C:\Windows\System32\drivers\NAV\1107000.00C\iron.inf
[2010-04-26 10:18:40 | 000,007,873 | ---- | M] () -- C:\Windows\System32\drivers\NAV\1107000.00C\symefa.cat
[2010-04-24 13:31:04 | 000,003,373 | ---- | M] () -- C:\Windows\System32\drivers\NAV\1107000.00C\symefa.inf
[2010-04-22 05:02:36 | 000,007,787 | ---- | M] () -- C:\Windows\System32\drivers\NAV\1107000.00C\symnetv.cat
[2010-04-22 05:02:36 | 000,007,368 | ---- | M] () -- C:\Windows\System32\drivers\NAV\1107000.00C\symnet.cat
[2010-04-22 05:02:20 | 000,173,104 | ---- | M] (Symantec Corporation) -- C:\Windows\System32\drivers\NAV\1107000.00C\symefa.sys
[2010-04-22 05:01:56 | 000,007,425 | ---- | M] () -- C:\Windows\System32\drivers\NAV\1107000.00C\symds.cat
[2010-04-22 04:29:50 | 000,325,680 | ---- | M] (Symantec Corporation) -- C:\Windows\System32\drivers\NAV\1107000.00C\srtsp.sys
[2010-04-22 04:29:50 | 000,043,696 | ---- | M] (Symantec Corporation) -- C:\Windows\System32\drivers\NAV\1107000.00C\srtspx.sys
[2010-04-22 04:29:50 | 000,007,442 | ---- | M] () -- C:\Windows\System32\drivers\NAV\1107000.00C\srtspx.cat
[2010-04-22 04:29:50 | 000,007,438 | ---- | M] () -- C:\Windows\System32\drivers\NAV\1107000.00C\srtsp.cat
[2010-04-22 04:29:50 | 000,001,388 | ---- | M] () -- C:\Windows\System32\drivers\NAV\1107000.00C\srtspx.inf
[2010-04-22 04:29:50 | 000,001,382 | ---- | M] () -- C:\Windows\System32\drivers\NAV\1107000.00C\srtsp.inf
[2010-04-11 22:33:43 | 000,497,386 | ---- | M] () -- C:\Users\abhishek\Desktop\Abhi_Austria_1.jpg
[2010-04-11 22:21:47 | 001,194,917 | ---- | M] () -- C:\Users\abhishek\Desktop\Abhi_Austria.jpg
[2010-04-09 20:36:00 | 003,718,029 | ---- | M] () -- C:\Users\abhishek\Desktop\DSC01230.JPG
[2010-04-02 13:26:14 | 003,785,870 | ---- | M] () -- C:\Users\abhishek\Desktop\DSC03558.JPG

========== Files Created - No Company Name ==========

[2010-06-21 19:02:20 | 000,001,940 | ---- | C] () -- C:\Users\Public\Desktop\Network Magic.lnk
[2010-06-21 19:01:38 | 008,892,928 | ---- | C] () -- C:\ProgramData\atscie.msi
[2010-06-20 03:19:31 | 037,267,456 | ---- | C] () -- C:\ToadforOracle105SetupFreeware.msi
[2010-06-20 02:37:37 | 000,000,733 | ---- | C] () -- C:\Users\abhishek\Desktop\NTREGOPT.lnk
[2010-06-20 02:17:43 | 000,000,818 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010-06-20 01:43:44 | 000,767,952 | ---- | C] () -- C:\Windows\BDTSupport.dll.old
[2010-06-19 20:42:25 | 000,082,756 | ---- | C] () -- C:\Users\abhishek\Desktop\Payment Solution.pptx
[2010-06-15 13:41:04 | 199,700,101 | ---- | C] () -- C:\Users\abhishek\Desktop\eclipse-jee-galileo-SR2-win32.zip
[2010-05-29 19:37:16 | 000,001,039 | ---- | C] () -- C:\Users\abhishek\Desktop\SmartMovie Converter.lnk
[2010-05-29 19:36:16 | 001,514,164 | ---- | C] () -- C:\Users\abhishek\Desktop\SMART-MOVIE v4.15.rar
[2010-05-29 18:49:07 | 000,640,594 | ---- | C] () -- C:\Users\abhishek\Desktop\LCG SmartMovie 4[1].15 S60 v5Cracked by MTOi.rar
[2010-05-26 23:01:48 | 000,001,903 | ---- | C] () -- C:\Users\Public\Desktop\Nokia PC Suite.lnk
[2010-05-26 22:34:27 | 035,607,992 | ---- | C] () -- C:\Users\abhishek\Desktop\NokiaSoftwareUpdaterSetup_en.exe
[2010-05-26 21:51:48 | 000,002,041 | ---- | C] () -- C:\Users\Public\Desktop\Nokia Software Updater.lnk
[2010-05-26 21:45:04 | 034,399,664 | ---- | C] () -- C:\Users\abhishek\Desktop\Nokia_PC_Suite_eng_web.exe
[2010-05-26 21:29:21 | 000,001,928 | ---- | C] () -- C:\Users\Public\Desktop\Nokia Ovi Suite.lnk
[2010-05-26 21:18:00 | 098,366,952 | ---- | C] () -- C:\Users\abhishek\Desktop\Nokia_Ovi_Suite_webinstaller_ALL.exe
[2010-05-26 20:47:58 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_ccdcmb_01009.Wdf
[2010-05-26 20:47:55 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\MsftWdf_Kernel_01009_Coinstaller_Critical.Wdf
[2010-05-26 20:47:23 | 000,000,003 | ---- | C] () -- C:\Windows\System32\drivers\MsftWdf_Kernel_01009_Inbox_Critical.Wdf
[2010-05-18 22:23:58 | 000,012,803 | ---- | C] () -- C:\Users\abhishek\Desktop\WASUP_CADS_Effort_Split_UP.xls.xlsx
[2010-05-18 21:53:45 | 000,027,648 | ---- | C] () -- C:\Users\abhishek\Desktop\WASUP_CADS_Effort_Estimation_1.xls
[2010-04-30 05:23:14 | 003,785,870 | ---- | C] () -- C:\Users\abhishek\Desktop\DSC03558.JPG
[2010-04-16 01:16:38 | 001,193,168 | ---- | C] () -- C:\Users\abhishek\Desktop\DSC_1679.JPG
[2010-04-11 22:33:41 | 000,497,386 | ---- | C] () -- C:\Users\abhishek\Desktop\Abhi_Austria_1.jpg
[2010-04-11 22:11:15 | 001,194,917 | ---- | C] () -- C:\Users\abhishek\Desktop\Abhi_Austria.jpg
[2010-04-11 22:08:51 | 003,718,029 | ---- | C] () -- C:\Users\abhishek\Desktop\DSC01230.JPG
[2009-11-17 02:55:12 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009-08-17 13:59:39 | 000,000,066 | ---- | C] () -- C:\Windows\vugen_extra_keywords.ini
[2009-08-17 13:58:57 | 000,000,802 | ---- | C] () -- C:\Windows\vugen.ini
[2009-08-17 13:57:40 | 000,000,060 | ---- | C] () -- C:\Windows\wlrun.ini
[2009-03-05 06:54:58 | 000,073,728 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll
[2008-06-12 21:36:38 | 000,007,680 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2008-04-30 06:04:37 | 000,000,000 | ---- | C] () -- C:\Windows\VAIOUpdt.INI
[2008-04-30 05:46:05 | 000,019,968 | ---- | C] () -- C:\Windows\System32\Cpuinf32.dll
[2008-04-30 05:44:59 | 000,344,064 | ---- | C] () -- C:\Windows\System32\SSMSIppCustom.dll
[2008-04-12 08:41:20 | 000,159,744 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2008-04-12 08:30:20 | 000,561,152 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2008-03-04 19:52:34 | 000,286,720 | ---- | C] () -- C:\Windows\System32\libcurl.dll
[2007-12-20 21:53:57 | 000,204,800 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1295.dll
[2007-12-20 21:53:56 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll
[2007-12-20 04:32:50 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
[2007-10-31 10:39:54 | 000,059,904 | ---- | C] () -- C:\Windows\System32\zlib1.dll
[2007-10-30 20:44:52 | 000,393,216 | ---- | C] () -- C:\Windows\System32\btwhidcs.dll
[2007-05-17 14:58:10 | 000,143,360 | ---- | C] () -- C:\Windows\System32\libexpatw.dll
[2007-02-05 21:05:26 | 000,000,038 | ---- | C] () -- C:\Windows\AviSplitter.INI
[2006-11-02 14:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006-11-02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2001-11-14 23:56:00 | 001,802,240 | ---- | C] () -- C:\Windows\System32\lcppn21.dll
[2001-10-28 18:42:30 | 000,116,224 | ---- | C] () -- C:\Windows\System32\pdfcmnnt.dll

========== LOP Check ==========

[2008-11-18 02:45:38 | 000,000,000 | -HSD | M] -- C:\Users\abhishek\AppData\Roaming\.#
[2010-03-09 20:21:53 | 000,000,000 | ---D | M] -- C:\Users\abhishek\AppData\Roaming\12Voip
[2009-11-26 02:33:56 | 000,000,000 | ---D | M] -- C:\Users\abhishek\AppData\Roaming\Desktopicon
[2009-08-20 19:54:28 | 000,000,000 | ---D | M] -- C:\Users\abhishek\AppData\Roaming\FreeCall
[2010-01-17 21:03:52 | 000,000,000 | ---D | M] -- C:\Users\abhishek\AppData\Roaming\HandBrake
[2009-05-12 23:27:01 | 000,000,000 | ---D | M] -- C:\Users\abhishek\AppData\Roaming\Helios
[2008-10-11 15:51:41 | 000,000,000 | ---D | M] -- C:\Users\abhishek\AppData\Roaming\InterVideo
[2010-05-26 21:35:25 | 000,000,000 | ---D | M] -- C:\Users\abhishek\AppData\Roaming\Nokia
[2009-07-19 00:30:25 | 000,000,000 | ---D | M] -- C:\Users\abhishek\AppData\Roaming\Nseries
[2010-05-26 23:05:05 | 000,000,000 | ---D | M] -- C:\Users\abhishek\AppData\Roaming\PC Suite
[2009-12-22 00:35:10 | 000,000,000 | ---D | M] -- C:\Users\abhishek\AppData\Roaming\Tific
[2010-06-21 20:29:18 | 000,000,000 | ---D | M] -- C:\Users\abhishek\AppData\Roaming\uTorrent
[2010-06-21 09:59:54 | 000,032,552 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2010-06-21 07:27:56 | 000,000,424 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{7E7E64CB-B714-44CB-8064-85D510E98309}.job

========== Purity Check ==========



========== Custom Scans ==========


< %SYSTEMDRIVE%\*.* >
[2009-02-09 03:54:54 | 000,000,072 | ---- | M] () -- C:\asd.bat
[2006-09-18 23:43:36 | 000,000,024 | ---- | M] () -- C:\autoexec.bat
[2009-04-11 00:36:38 | 000,333,257 | RHS- | M] () -- C:\bootmgr
[2007-12-20 21:54:22 | 000,008,192 | R-S- | M] () -- C:\BOOTSECT.BAK
[2006-09-18 23:43:37 | 000,000,010 | ---- | M] () -- C:\config.sys
[2010-06-21 18:47:19 | 3219,578,880 | -HS- | M] () -- C:\hiberfil.sys
[2005-01-03 15:37:18 | 000,000,017 | -H-- | M] () -- C:\initrd.pam
[2007-03-27 23:33:48 | 000,000,067 | -H-- | M] () -- C:\kernel.pam
[2010-06-21 18:47:17 | 3533,373,440 | -HS- | M] () -- C:\pagefile.sys
[2009-08-17 11:44:57 | 000,006,840 | ---- | M] () -- C:\PR_Backup.zip
[2009-01-13 03:51:12 | 000,017,408 | ---- | M] (Microsoft Corporation) -- C:\psapi.dll
[2010-05-06 12:45:40 | 037,267,456 | ---- | M] () -- C:\ToadforOracle105SetupFreeware.msi

< %systemroot%\system32\Spool\prtprocs\w32x86\*.dll >
[2006-11-02 14:35:48 | 000,022,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spool\prtprocs\w32x86\jnwppr.dll
[2009-07-30 20:01:12 | 000,081,240 | ---- | M] (Microsoft Corporation.) -- C:\Windows\System32\spool\prtprocs\w32x86\lmdippr8.dll
[2006-10-26 20:56:12 | 000,033,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spool\prtprocs\w32x86\msonpppr.dll

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[2007-10-19 02:22:06 | 000,344,064 | ---- | M] (Advanced Micro Devices, Inc.) Unable to obtain MD5 -- C:\Windows\System32\ATIDEMGX.dll
[2008-01-19 09:34:08 | 000,347,136 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\dxtmsft.dll
[2008-01-19 09:34:08 | 000,214,528 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\dxtrans.dll
[2009-04-11 00:27:48 | 000,241,128 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\rsaenh.dll
[2009-04-11 00:28:24 | 000,228,352 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\SLC.dll

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\System32\config\*.sav >
[2006-11-02 12:34:05 | 000,008,192 | ---- | M] () -- C:\Windows\System32\config\COMPONENTS.SAV
[2006-11-02 12:34:05 | 000,020,480 | ---- | M] () -- C:\Windows\System32\config\DEFAULT.SAV
[2006-11-02 12:34:05 | 000,008,192 | ---- | M] () -- C:\Windows\System32\config\SECURITY.SAV
[2006-11-02 12:34:08 | 010,133,504 | ---- | M] () -- C:\Windows\System32\config\SOFTWARE.SAV
[2006-11-02 12:34:08 | 001,826,816 | ---- | M] () -- C:\Windows\System32\config\SYSTEM.SAV

< %systemroot%\system32\user32.dll /md5 >
[2009-04-11 00:28:26 | 000,627,712 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\user32.dll

< %systemroot%\system32\ws2_32.dll /md5 >
[2008-01-19 09:37:09 | 000,179,200 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\ws2_32.dll

< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >

========== Alternate Data Streams ==========

@Alternate Data Stream - 122 bytes -> C:\ProgramData\TEMP:A8ADE5D8
@Alternate Data Stream - 121 bytes -> C:\ProgramData\TEMP:DFC5A2B2
< End of report >

Attached Files


Edited by Essexboy, 21 June 2010 - 01:23 PM.

  • 0

Advertisements







Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP