Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

jumping curser


  • Please log in to reply

#1
rajeevmariner

rajeevmariner

    New Member

  • Member
  • Pip
  • 1 posts
while typing or working with any thing on my laptop my cursor goes to bottom of the text. again i have to use up arrow to move it up wards. sometimes it works some times it takes some seconds to come up wards. some times it came up and am pressing down. then it is jumping between up and down.Attached File  OTL.Txt   64.93KB   17 downloads

OTL logfile created on: 06-02-2013 13:54:49 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\rajeev\Downloads
Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00004009 | Country: India | Language: ENN | Date Format: dd-MM-yyyy

2.30 Gb Total Physical Memory | 1.46 Gb Available Physical Memory | 63.33% Memory free
6.91 Gb Paging File | 5.60 Gb Available in Paging File | 81.05% Paging File free
Paging file location(s): d:\pagefile.sys 0 0e:\pagefile.sys 0 0 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 48.73 Gb Total Space | 27.46 Gb Free Space | 56.36% Space Free | Partition Type: NTFS
Drive D: | 136.71 Gb Total Space | 46.39 Gb Free Space | 33.93% Space Free | Partition Type: NTFS
Drive E: | 112.54 Gb Total Space | 74.53 Gb Free Space | 66.23% Space Free | Partition Type: NTFS
Drive H: | 11.87 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: RAJEEV-PC | User Name: rajeev | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013-02-06 13:53:01 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\rajeev\Downloads\OTL.exe
PRC - [2013-01-30 22:02:09 | 001,808,392 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_11_5_502_146.exe
PRC - [2012-09-05 21:27:26 | 000,271,808 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee Security Scan\3.0.285\SSScheduler.exe
PRC - [2012-02-16 20:25:34 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2011-11-15 09:20:22 | 000,312,376 | ---- | M] (Power Software Ltd) -- C:\Program Files\PowerISO\PWRISOVM.EXE
PRC - [2011-11-07 13:56:14 | 000,025,472 | ---- | M] (Uniblue Systems Limited) -- C:\Program Files\Uniblue\RegistryBooster\rbmonitor.exe
PRC - [2011-09-03 15:28:02 | 000,536,576 | ---- | M] () -- C:\Program Files\Mobile Broadband\Mobile Broadband.exe
PRC - [2010-11-02 22:06:06 | 000,365,336 | ---- | M] (Kaspersky Lab ZAO) -- C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2011\avp.exe
PRC - [2010-09-27 09:37:24 | 004,180,576 | ---- | M] (SafeNet Inc.) -- C:\Windows\System32\hasplms.exe
PRC - [2009-07-14 06:44:42 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2009-07-14 06:44:21 | 000,013,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\inetsrv\inetinfo.exe
PRC - [2009-07-14 06:44:20 | 002,613,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009-07-14 06:44:12 | 000,100,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\audiodg.exe
PRC - [2008-07-25 12:18:36 | 000,062,912 | ---- | M] (CANON INC.) -- C:\Windows\System32\CNAB6RPK.EXE
PRC - [2008-06-03 14:35:37 | 000,351,000 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Student\Microsoft Student with Encarta Premium 2009 DVD\EDICT.EXE


========== Modules (No Company Name) ==========

MOD - [2013-01-30 22:02:09 | 014,586,888 | ---- | M] () -- C:\Windows\System32\Macromed\Flash\NPSWF32_11_5_502_146.dll
MOD - [2012-02-16 20:25:34 | 001,911,768 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2011-09-03 15:28:02 | 000,536,576 | ---- | M] () -- C:\Program Files\Mobile Broadband\Mobile Broadband.exe
MOD - [2010-01-21 01:34:10 | 008,793,952 | ---- | M] () -- C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
MOD - [2010-01-09 20:18:18 | 004,254,560 | ---- | M] () -- C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
MOD - [2010-01-05 10:37:26 | 000,991,232 | R--- | M] () -- C:\Program Files\Mobile Broadband\NDISAPI.dll
MOD - [2010-01-05 10:37:26 | 000,598,016 | R--- | M] () -- C:\Program Files\Mobile Broadband\atcomm.dll
MOD - [2010-01-05 10:37:26 | 000,229,376 | R--- | M] () -- C:\Program Files\Mobile Broadband\DeviceMgrUIPlugin.dll
MOD - [2010-01-05 10:37:26 | 000,167,936 | R--- | M] () -- C:\Program Files\Mobile Broadband\DetectDev.dll
MOD - [2010-01-05 10:37:26 | 000,163,840 | R--- | M] () -- C:\Program Files\Mobile Broadband\SMSPlugin.dll
MOD - [2010-01-05 10:37:26 | 000,151,552 | R--- | M] () -- C:\Program Files\Mobile Broadband\NetInfoPlugin.dll
MOD - [2010-01-05 10:37:26 | 000,143,360 | R--- | M] () -- C:\Program Files\Mobile Broadband\LocaleMgrPlugin.dll
MOD - [2010-01-05 10:37:26 | 000,114,688 | R--- | M] () -- C:\Program Files\Mobile Broadband\DeviceMgrPlugin.dll
MOD - [2010-01-05 10:37:26 | 000,090,112 | R--- | M] () -- C:\Program Files\Mobile Broadband\FileManager.dll
MOD - [2010-01-05 10:37:26 | 000,090,112 | R--- | M] () -- C:\Program Files\Mobile Broadband\DialUpPlugin.dll
MOD - [2010-01-05 10:37:26 | 000,073,728 | R--- | M] () -- C:\Program Files\Mobile Broadband\CallPlugin.dll
MOD - [2010-01-05 10:37:26 | 000,061,440 | R--- | M] () -- C:\Program Files\Mobile Broadband\XCodec.dll
MOD - [2010-01-05 10:37:26 | 000,061,440 | R--- | M] () -- C:\Program Files\Mobile Broadband\DeviceOperate.dll
MOD - [2010-01-05 10:37:26 | 000,061,440 | R--- | M] () -- C:\Program Files\Mobile Broadband\ConfigFilePlugin.dll
MOD - [2010-01-05 10:37:26 | 000,032,768 | R--- | M] () -- C:\Program Files\Mobile Broadband\NotifyServicePlugin.dll
MOD - [2010-01-05 10:37:26 | 000,014,848 | R--- | M] () -- C:\Program Files\Mobile Broadband\isaputrace.dll
MOD - [2008-06-03 14:36:14 | 000,351,000 | ---- | M] () -- C:\Program Files\Common Files\microsoft shared\Reference 2009\MSENCXML.DLL
MOD - [2008-06-03 14:36:14 | 000,269,080 | ---- | M] () -- C:\Program Files\Common Files\microsoft shared\Reference 2009\ERSREGPR.DLL
MOD - [2008-06-03 14:36:14 | 000,228,120 | ---- | M] () -- C:\Program Files\Common Files\microsoft shared\Reference 2009\MSENCDAT.DLL
MOD - [2008-06-03 14:36:14 | 000,178,968 | ---- | M] () -- C:\Program Files\Common Files\microsoft shared\Reference 2009\ENCCONT.DLL
MOD - [2008-06-03 14:35:37 | 000,068,376 | ---- | M] () -- C:\Program Files\Microsoft Student\Microsoft Student with Encarta Premium 2009 DVD\EDICTEIT.EBK


========== Services (SafeList) ==========

SRV - [2012-09-05 21:26:44 | 000,234,776 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee Security Scan\3.0.285\McCHSvc.exe -- (McComponentHostService)
SRV - [2012-06-30 19:11:34 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2010-11-02 22:06:06 | 000,365,336 | ---- | M] (Kaspersky Lab ZAO) [Auto | Running] -- C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2011\avp.exe -- (AVP)
SRV - [2010-09-27 09:37:24 | 004,180,576 | ---- | M] (SafeNet Inc.) [Auto | Running] -- C:\Windows\System32\hasplms.exe -- (hasplms)
SRV - [2010-01-21 17:51:12 | 030,963,576 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE -- (Microsoft SharePoint Workspace Audit Service)
SRV - [2009-07-14 06:46:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009-07-14 06:46:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009-07-14 06:45:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2009-07-14 06:45:31 | 000,396,288 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\inetsrv\iisw3adm.dll -- (WAS)
SRV - [2009-07-14 06:45:31 | 000,396,288 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\inetsrv\iisw3adm.dll -- (W3SVC)
SRV - [2009-07-14 06:44:53 | 000,061,440 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\inetsrv\apphostsvc.dll -- (AppHostSvc)
SRV - [2009-07-14 06:44:48 | 000,009,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\inetsrv\WMSvc.exe -- (WMSVC)
SRV - [2009-07-14 06:44:21 | 000,013,824 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\inetsrv\inetinfo.exe -- (IISADMIN)
SRV - [2006-11-04 03:04:00 | 000,060,416 | ---- | M] () [On_Demand | Stopped] -- C:\Windows\System32\opcenum.exe -- (OpcEnum)


========== Driver Services (SafeList) ==========

DRV - [2012-06-18 13:05:59 | 000,488,536 | ---- | M] (Kaspersky Lab) [File_System | System | Running] -- C:\Windows\System32\drivers\klif.sys -- (KLIF)
DRV - [2011-11-15 09:20:16 | 000,112,096 | ---- | M] (Power Software Ltd) [Kernel | System | Running] -- C:\Windows\System32\drivers\scdemu.sys -- (SCDEmu)
DRV - [2010-09-27 14:24:50 | 000,356,864 | ---- | M] (SafeNet Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\aksfridge.sys -- (aksfridge)
DRV - [2010-06-09 16:43:52 | 000,011,352 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\System32\drivers\kl2.sys -- (kl2)
DRV - [2010-06-09 16:43:50 | 000,132,184 | ---- | M] (Kaspersky Lab ZAO) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\kl1.sys -- (KL1)
DRV - [2010-04-22 18:07:34 | 000,022,104 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\System32\drivers\klim6.sys -- (KLIM6)
DRV - [2010-01-05 10:37:28 | 000,198,656 | R--- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ewusbnet.sys -- (ewusbnet)
DRV - [2010-01-05 10:37:28 | 000,102,912 | R--- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ewusbmdm.sys -- (hwdatacard)
DRV - [2010-01-05 10:37:28 | 000,101,120 | R--- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ewusbdev.sys -- (hwusbdev)
DRV - [2009-12-09 22:27:18 | 000,588,800 | ---- | M] (SafeNet Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\hardlock.sys -- (hardlock)
DRV - [2009-11-02 19:27:16 | 000,019,984 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\klmouflt.sys -- (klmouflt)
DRV - [2009-10-26 02:16:40 | 000,200,192 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\IntcDAud.sys -- (IntcDAud)
DRV - [2009-10-26 02:16:40 | 000,125,056 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Impcd.sys -- (Impcd)
DRV - [2009-09-17 10:24:14 | 000,041,088 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HECI.sys -- (HECI)
DRV - [2009-08-07 15:48:28 | 000,212,528 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Apfiltr.sys -- (ApfiltrService)
DRV - [2009-07-14 06:49:10 | 000,175,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus)
DRV - [2009-07-14 06:49:10 | 000,040,896 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
DRV - [2009-07-14 06:49:10 | 000,028,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc)
DRV - [2009-07-14 05:22:10 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vwifimp.sys -- (vwifimp)
DRV - [2009-07-14 05:21:11 | 000,034,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2009-07-14 04:58:47 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap)
DRV - [2009-07-14 04:58:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2009-07-14 03:32:46 | 001,096,704 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2009-06-07 00:36:40 | 000,273,448 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\k57nd60x.sys -- (k57nd60x)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.maxiwe.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.maxiwe.com
IE - HKLM\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = http://dts.search-re...q={searchTerms}

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.maxiwe.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.maxiwe.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://in.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-in
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0D 93 0A 62 E9 3A CD 01 [binary data]
IE - HKCU\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylo...000001e101fb45e
IE - HKCU\..\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}: "URL" = http://tbsearch.ask....hTerms}&locale=
IE - HKCU\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = http://dts.search-re...q={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Search Results"
FF - prefs.js..browser.search.order.1: "Search Results"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "http://www.searchnu.com/406"
FF - prefs.js..keyword.URL: "http://dts.search-re...id=406&sr=0&q="
FF - prefs.js..network.proxy.type: 0


FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_5_502_146.dll ()
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2011\FFExt\[email protected] [2012-06-20 08:12:03 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2011\FFExt\[email protected] [2012-06-20 08:12:03 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012-07-10 19:56:13 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins

[2012-08-20 12:36:39 | 000,000,000 | ---D | M] (No name found) -- C:\Users\rajeev\AppData\Roaming\Mozilla\Extensions
[2012-11-04 09:31:26 | 000,000,000 | ---D | M] (No name found) -- C:\Users\rajeev\AppData\Roaming\Mozilla\Firefox\Profiles\v4t8a4du.default\extensions
[2009-07-10 17:26:08 | 000,002,257 | ---- | M] () -- C:\Users\rajeev\AppData\Roaming\Mozilla\Firefox\Profiles\v4t8a4du.default\searchplugins\askcom.xml
[2012-08-20 12:19:04 | 000,002,519 | ---- | M] () -- C:\Users\rajeev\AppData\Roaming\Mozilla\Firefox\Profiles\v4t8a4du.default\searchplugins\Search_Results.xml
[2012-08-20 12:36:39 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012-06-18 13:07:25 | 000,000,000 | ---D | M] (Kaspersky URL Advisor) -- C:\Program Files\Mozilla Firefox\extensions\[email protected]_bak
[2012-02-16 20:25:34 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012-02-16 16:38:43 | 000,001,538 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-en-GB.xml
[2012-07-10 19:48:06 | 000,002,351 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\babylon.xml
[2012-02-16 16:18:01 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012-02-16 16:38:43 | 000,000,947 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\chambers-en-GB.xml
[2012-02-16 16:38:43 | 000,001,180 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-en-GB.xml
[2012-08-20 12:19:04 | 000,002,519 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\Search_Results.xml
[2012-02-16 16:38:43 | 000,001,135 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-en-GB.xml

O1 HOSTS File: ([2009-06-11 03:09:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2011\ievkbd.dll (Kaspersky Lab ZAO)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - Reg Error: Value error. File not found
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2011\klwtbbho.dll (Kaspersky Lab ZAO)
O3 - HKLM\..\Toolbar: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - Reg Error: Value error. File not found
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O4 - HKLM..\Run: [AutoKMS] C:\Windows\AutoKMS.exe ()
O4 - HKLM..\Run: [AVP] C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2011\avp.exe (Kaspersky Lab ZAO)
O4 - HKLM..\Run: [BCSSync] C:\Program Files\Microsoft Office\Office14\BCSSync.exe (Microsoft Corporation)
O4 - HKLM..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE (Power Software Ltd)
O4 - HKCU..\Run: [L09AXLRD_2625325] C:\Program Files\Microsoft Student\Microsoft Student with Encarta Premium 2009 DVD\EDICT.EXE (Microsoft Corporation)
O4 - HKCU..\Run: [RegistryBooster] C:\Program Files\Uniblue\RegistryBooster\launcher.exe (Uniblue Systems Limited)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: &Virtual Keyboard - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2011\klwtbbho.dll (Kaspersky Lab ZAO)
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: URLs c&heck - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2011\klwtbbho.dll (Kaspersky Lab ZAO)
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{16F94E12-94ED-4E8B-B6B1-012AAF772CAC}: NameServer = 59.144.127.117 59.144.144.100
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{54E73A04-6B6E-4867-85AF-C20E3AC57D73}: NameServer = 59.144.127.117 59.144.144.100
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{78B31252-EDB0-4A2C-9FCE-B950B3A110FE}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{ACE20B12-DB07-4A6B-A665-6B5A8B207579}: NameServer = 59.144.127.117 59.144.144.100
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - Winlogon\Notify\klogon: DllName - (C:\Windows\system32\klogon.dll) - C:\Windows\System32\klogon.dll (Kaspersky Lab ZAO)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009-06-11 03:12:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2011-07-05 13:11:04 | 000,000,059 | R--- | M] () - H:\AUTORUN.INF -- [ CDFS ]
O33 - MountPoints2\{357177c8-a673-11e1-84ce-705ab6339196}\Shell - "" = AutoRun
O33 - MountPoints2\{357177c8-a673-11e1-84ce-705ab6339196}\Shell\AutoRun\command - "" = G:\DataCard_Setup.exe
O33 - MountPoints2\{52ff19ff-a725-11e1-ad9a-001e101fe5e1}\Shell - "" = AutoRun
O33 - MountPoints2\{52ff19ff-a725-11e1-ad9a-001e101fe5e1}\Shell\AutoRun\command - "" = H:\DataCard_Setup.exe -- [2010-04-10 07:30:00 | 000,143,360 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\{655266c6-a6d7-11e1-8ff4-705ab6339196}\Shell - "" = AutoRun
O33 - MountPoints2\{655266c6-a6d7-11e1-8ff4-705ab6339196}\Shell\AutoRun\command - "" = G:\DataCard_Setup.exe
O33 - MountPoints2\{655266d7-a6d7-11e1-8ff4-705ab6339196}\Shell - "" = AutoRun
O33 - MountPoints2\{655266d7-a6d7-11e1-8ff4-705ab6339196}\Shell\AutoRun\command - "" = H:\DataCard_Setup.exe -- [2010-04-10 07:30:00 | 000,143,360 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\{cf34ed02-a407-11e1-8f7f-999e73712689}\Shell - "" = AutoRun
O33 - MountPoints2\{cf34ed02-a407-11e1-8f7f-999e73712689}\Shell\AutoRun\command - "" = H:\DataCard_Setup.exe -- [2010-04-10 07:30:00 | 000,143,360 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\{cf3e3f4e-a7af-11e1-9416-705ab6339196}\Shell - "" = AutoRun
O33 - MountPoints2\{cf3e3f4e-a7af-11e1-9416-705ab6339196}\Shell\AutoRun\command - "" = H:\DataCard_Setup.exe -- [2010-04-10 07:30:00 | 000,143,360 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\{defd3d91-a40a-11e1-b52e-705ab6339196}\Shell - "" = AutoRun
O33 - MountPoints2\{defd3d91-a40a-11e1-b52e-705ab6339196}\Shell\AutoRun\command - "" = H:\DataCard_Setup.exe -- [2010-04-10 07:30:00 | 000,143,360 | R--- | M] (Huawei Technologies Co., Ltd.)
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2013-02-05 07:14:55 | 000,000,000 | ---D | C] -- C:\Users\rajeev\AppData\Local\Temp
[2013-02-05 07:14:27 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2013-02-04 17:57:16 | 000,000,000 | ---D | C] -- C:\Users\rajeev\Desktop\BSC NOTES
[2013-02-03 23:14:29 | 000,000,000 | ---D | C] -- C:\Users\rajeev\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\YouTube Downloader
[2013-02-03 23:14:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YouTube Downloader
[2013-02-03 23:14:28 | 000,000,000 | ---D | C] -- C:\Program Files\YouTube Downloader
[2013-01-31 18:13:58 | 000,000,000 | ---D | C] -- C:\Users\rajeev\AppData\Roaming\Macromedia
[2013-01-31 18:13:58 | 000,000,000 | ---D | C] -- C:\Users\rajeev\AppData\Local\Macromedia
[2013-01-30 22:02:24 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee Security Scan
[2013-01-30 22:02:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
[2013-01-30 22:02:14 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee
[2013-01-30 22:02:13 | 000,000,000 | ---D | C] -- C:\Program Files\McAfee Security Scan
[2013-01-30 22:02:08 | 000,000,000 | ---D | C] -- C:\Windows\System32\Macromed

========== Files - Modified Within 30 Days ==========

[2013-02-06 13:34:20 | 000,690,434 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013-02-06 13:34:20 | 000,131,986 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2013-02-06 13:28:11 | 000,000,334 | ---- | M] () -- C:\Windows\tasks\RegistryBooster.job
[2013-02-06 13:27:53 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013-02-06 13:27:47 | 1854,959,616 | -HS- | M] () -- C:\hiberfil.sys
[2013-02-04 22:51:25 | 000,000,090 | ---- | M] () -- C:\0.bak
[2013-02-04 18:00:04 | 000,000,446 | ---- | M] () -- C:\Windows\tasks\ParetoLogic Registration3.job
[2013-02-03 23:14:29 | 000,001,040 | ---- | M] () -- C:\Users\rajeev\Desktop\YouTube Downloader.lnk
[2013-02-03 11:59:04 | 000,008,449 | ---- | M] () -- C:\Users\rajeev\Desktop\tamil48s.gif
[2013-01-31 18:44:06 | 000,000,331 | ---- | M] () -- C:\0
[2013-01-31 18:07:57 | 000,102,015 | ---- | M] () -- C:\Users\rajeev\Desktop\RAJEEV DVD TO ASG 31 MAY 13.pdf
[2013-01-30 22:02:14 | 000,002,072 | ---- | M] () -- C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
[2013-01-30 22:02:14 | 000,002,072 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
[2013-01-28 19:21:31 | 000,102,799 | ---- | M] () -- C:\Users\rajeev\Desktop\MAS TO SBC 15 FEB 13.pdf
[2013-01-28 19:04:02 | 000,102,694 | ---- | M] () -- C:\Users\rajeev\Desktop\Sanjay.pdf
[2013-01-27 22:39:16 | 000,102,624 | ---- | M] () -- C:\Users\rajeev\Desktop\Sanjay Khiriya.pdf
[2013-01-27 22:04:56 | 000,102,025 | ---- | M] () -- C:\Users\rajeev\Desktop\IRCTC Ltd,Booked Ticket Printing.pdf
[2013-01-27 21:57:23 | 000,357,779 | ---- | M] () -- C:\Users\rajeev\Desktop\MMT bus e-ticket_NU27011932334427_Bangalore-Goa.pdf

========== Files Created - No Company Name ==========

[2013-02-04 22:51:25 | 000,000,090 | ---- | C] () -- C:\0.bak
[2013-02-03 23:14:29 | 000,001,040 | ---- | C] () -- C:\Users\rajeev\Desktop\YouTube Downloader.lnk
[2013-02-03 17:30:18 | 000,008,449 | ---- | C] () -- C:\Users\rajeev\Desktop\tamil48s.gif
[2013-01-31 18:07:57 | 000,102,015 | ---- | C] () -- C:\Users\rajeev\Desktop\RAJEEV DVD TO ASG 31 MAY 13.pdf
[2013-01-30 22:02:14 | 000,002,072 | ---- | C] () -- C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
[2013-01-30 22:02:14 | 000,002,072 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
[2013-01-28 19:21:31 | 000,102,799 | ---- | C] () -- C:\Users\rajeev\Desktop\MAS TO SBC 15 FEB 13.pdf
[2013-01-28 19:04:02 | 000,102,694 | ---- | C] () -- C:\Users\rajeev\Desktop\Sanjay.pdf
[2013-01-27 22:39:16 | 000,102,624 | ---- | C] () -- C:\Users\rajeev\Desktop\Sanjay Khiriya.pdf
[2013-01-27 22:04:56 | 000,102,025 | ---- | C] () -- C:\Users\rajeev\Desktop\IRCTC Ltd,Booked Ticket Printing.pdf
[2013-01-27 21:57:22 | 000,357,779 | ---- | C] () -- C:\Users\rajeev\Desktop\MMT bus e-ticket_NU27011932334427_Bangalore-Goa.pdf
[2012-08-26 21:12:50 | 000,020,400 | ---- | C] () -- C:\Users\rajeev\TEST.pro
[2012-08-16 18:36:53 | 000,007,597 | ---- | C] () -- C:\Users\rajeev\AppData\Local\Resmon.ResmonCfg
[2012-08-10 21:17:27 | 000,140,288 | ---- | C] () -- C:\Windows\System32\igfxtvcx.dll
[2012-08-06 20:29:45 | 000,615,936 | ---- | C] () -- C:\Windows\AutoKMS.exe
[2012-08-06 20:29:45 | 000,000,161 | ---- | C] () -- C:\Windows\AutoKMS.ini
[2012-06-18 13:07:16 | 000,116,189 | ---- | C] () -- C:\Windows\System32\drivers\klin.dat
[2012-06-18 13:07:16 | 000,098,168 | ---- | C] () -- C:\Windows\System32\drivers\klick.dat
[2011-08-25 21:41:03 | 000,874,032 | ---- | C] () -- C:\Windows\System32\igkrng575.bin
[2011-08-25 21:41:03 | 000,208,896 | ---- | C] () -- C:\Windows\System32\iglhsip32.dll
[2011-08-25 21:41:03 | 000,147,456 | ---- | C] () -- C:\Windows\System32\iglhcp32.dll
[2011-08-25 21:40:55 | 000,004,096 | ---- | C] ( ) -- C:\Windows\System32\IGFXDEVLib.dll
[2011-08-25 21:40:54 | 000,049,712 | ---- | C] () -- C:\Windows\System32\igfcg575m.bin
[2011-08-25 21:40:46 | 000,127,896 | ---- | C] () -- C:\Windows\System32\igcompkrng575.bin
[2011-08-25 21:40:38 | 000,000,151 | ---- | C] () -- C:\Windows\System32\GfxUI.exe.config

========== ZeroAccess Check ==========

[2009-07-14 10:12:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2009-07-14 06:46:14 | 012,866,560 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009-07-14 06:45:20 | 000,605,696 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009-07-14 06:46:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2012-07-22 13:06:42 | 000,000,000 | ---D | M] -- C:\Users\rajeev\AppData\Roaming\Ashampoo
[2012-07-10 19:47:47 | 000,000,000 | ---D | M] -- C:\Users\rajeev\AppData\Roaming\Babylon
[2012-07-22 12:27:53 | 000,000,000 | ---D | M] -- C:\Users\rajeev\AppData\Roaming\BitTorrent
[2012-12-03 19:57:30 | 000,000,000 | ---D | M] -- C:\Users\rajeev\AppData\Roaming\Bullzip
[2012-07-10 19:25:27 | 000,000,000 | ---D | M] -- C:\Users\rajeev\AppData\Roaming\DriverCure
[2012-07-10 19:25:27 | 000,000,000 | ---D | M] -- C:\Users\rajeev\AppData\Roaming\ParetoLogic
[2012-08-10 21:11:54 | 000,000,000 | ---D | M] -- C:\Users\rajeev\AppData\Roaming\Rovio
[2012-08-11 19:17:21 | 000,000,000 | ---D | M] -- C:\Users\rajeev\AppData\Roaming\Uniblue
[2012-07-10 19:47:42 | 000,000,000 | ---D | M] -- C:\Users\rajeev\AppData\Roaming\YourFileDownloader

========== Purity Check ==========



< End of report >
  • 0

Advertisements







Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP