OTL logfile created on: 1/6/2012 10:29:06 PM - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Prasad\Documents\Downloads\Programs
Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1.97 Gb Total Physical Memory | 1.10 Gb Available Physical Memory | 56.15% Memory free
3.93 Gb Paging File | 2.91 Gb Available in Paging File | 74.11% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 29.19 Gb Total Space | 8.70 Gb Free Space | 29.80% Space Free | Partition Type: NTFS
Drive D: | 36.13 Gb Total Space | 1.66 Gb Free Space | 4.60% Space Free | Partition Type: NTFS
Drive E: | 6.83 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF
Drive F: | 36.34 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive I: | 9.10 Gb Total Space | 2.92 Gb Free Space | 32.11% Space Free | Partition Type: NTFS
Computer Name: PRASAD-PC | User Name: Prasad | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2012/01/06 22:26:22 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Prasad\My Documents\Downloads\Programs\OTL.EXE
PRC - [2012/01/03 15:39:39 | 000,247,968 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\System32\Macromed\Flash\FlashUtil11e_ActiveX.exe
PRC - [2011/10/13 19:19:06 | 000,217,478 | ---- | M] () -- C:\Program Files\Tata Photon+\Huawei\Tata Photon+.exe
PRC - [2010/11/16 19:07:38 | 000,264,704 | ---- | M] () -- C:\ProgramData\DatacardService\HWDeviceService.exe
PRC - [2010/11/16 19:07:30 | 000,230,912 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\ProgramData\DatacardService\DCSHelper.exe
PRC - [2010/10/21 15:09:38 | 000,247,649 | ---- | M] () -- C:\Users\Prasad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\cssrs.exe
PRC - [2010/09/07 20:42:02 | 002,838,912 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
PRC - [2010/09/07 20:41:59 | 000,040,384 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2010/09/07 20:41:44 | 000,119,200 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\afwServ.exe
PRC - [2010/08/11 09:02:14 | 001,690,224 | ---- | M] (VIA) -- C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe
PRC - [2009/10/16 09:43:00 | 003,134,896 | ---- | M] (Tonec Inc.) -- C:\Program Files\Internet Download Manager\IDMan.exe
PRC - [2009/10/15 15:21:51 | 000,263,600 | ---- | M] (Tonec Inc.) -- C:\Program Files\Internet Download Manager\IEMonitor.exe
PRC - [2009/07/14 06:44:42 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2009/07/14 06:44:20 | 002,613,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009/07/14 06:44:12 | 000,100,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\audiodg.exe
========== Modules (No Company Name) ==========
MOD - [2011/10/13 19:19:06 | 000,217,478 | ---- | M] () -- C:\Program Files\Tata Photon+\Huawei\Tata Photon+.exe
MOD - [2011/10/13 19:19:04 | 000,635,314 | ---- | M] () -- C:\Program Files\Tata Photon+\Huawei\atcomm.dll
MOD - [2011/10/13 19:19:04 | 000,266,657 | ---- | M] () -- C:\Program Files\Tata Photon+\Huawei\DeviceMgrUIPlugin.dll
MOD - [2011/10/13 19:19:04 | 000,262,677 | ---- | M] () -- C:\Program Files\Tata Photon+\Huawei\SMSPlugin.dll
MOD - [2011/10/13 19:19:04 | 000,258,560 | ---- | M] () -- C:\Program Files\Tata Photon+\Huawei\DetectDev.dll
MOD - [2011/10/13 19:19:04 | 000,242,035 | ---- | M] () -- C:\Program Files\Tata Photon+\Huawei\LocaleMgrPlugin.dll
MOD - [2011/10/13 19:19:04 | 000,209,235 | ---- | M] () -- C:\Program Files\Tata Photon+\Huawei\DeviceMgrPlugin.dll
MOD - [2011/10/13 19:19:04 | 000,205,229 | ---- | M] () -- C:\Program Files\Tata Photon+\Huawei\NetInfoPlugin.dll
MOD - [2011/10/13 19:19:04 | 000,197,115 | ---- | M] () -- C:\Program Files\Tata Photon+\Huawei\FileManager.dll
MOD - [2011/10/13 19:19:04 | 000,193,009 | ---- | M] () -- C:\Program Files\Tata Photon+\Huawei\DialUpPlugin.dll
MOD - [2011/10/13 19:19:04 | 000,188,859 | ---- | M] () -- C:\Program Files\Tata Photon+\Huawei\CallPlugin.dll
MOD - [2011/10/13 19:19:04 | 000,168,400 | ---- | M] () -- C:\Program Files\Tata Photon+\Huawei\XCodec.dll
MOD - [2011/10/13 19:19:04 | 000,168,343 | ---- | M] () -- C:\Program Files\Tata Photon+\Huawei\DeviceOperate.dll
MOD - [2011/10/13 19:19:04 | 000,164,349 | ---- | M] () -- C:\Program Files\Tata Photon+\Huawei\ConfigFilePlugin.dll
MOD - [2011/10/13 19:19:04 | 000,139,645 | ---- | M] () -- C:\Program Files\Tata Photon+\Huawei\NotifyServicePlugin.dll
MOD - [2011/10/13 19:19:04 | 000,119,709 | ---- | M] () -- C:\Program Files\Tata Photon+\Huawei\isaputrace.dll
MOD - [2010/10/21 15:09:38 | 000,247,649 | ---- | M] () -- C:\Users\Prasad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\cssrs.exe
MOD - [2010/08/11 09:02:20 | 000,100,976 | ---- | M] () -- C:\Program Files\VIA\VIAudioi\VDeck\VMicApi.dll
MOD - [2010/08/11 09:02:10 | 064,663,664 | ---- | M] () -- C:\Program Files\VIA\VIAudioi\VDeck\skin.dll
MOD - [2010/08/11 09:02:06 | 000,080,496 | ---- | M] () -- C:\Program Files\VIA\VIAudioi\VDeck\QsApoApi.dll
MOD - [2010/08/11 09:02:04 | 000,113,264 | ---- | M] () -- C:\Program Files\VIA\VIAudioi\VDeck\Dts2ApoApi.dll
========== Win32 Services (SafeList) ==========
SRV - File not found [Auto | Running] -- -- (HWDeviceService.exe)
SRV - [2010/09/07 20:41:59 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Web Scanner)
SRV - [2010/09/07 20:41:59 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Mail Scanner)
SRV - [2010/09/07 20:41:59 | 000,040,384 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2010/09/07 20:41:44 | 000,119,200 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\afwServ.exe -- (avast! Firewall)
SRV - [2009/07/14 06:46:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/14 06:46:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009/07/14 06:45:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
========== Driver Services (SafeList) ==========
DRV - [2011/10/13 19:19:04 | 000,193,792 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ewusbmdm.sys -- (hwdatacard)
DRV - [2011/10/13 19:19:04 | 000,102,784 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ew_hwusbdev.sys -- (ew_hwusbdev)
DRV - [2010/09/07 20:24:16 | 000,099,792 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswFW.sys -- (aswFW)
DRV - [2010/09/07 20:23:58 | 000,340,048 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2010/09/07 20:23:35 | 000,190,416 | ---- | M] (AVAST Software) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\aswNdis2.sys -- (aswNdis2)
DRV - [2010/09/07 20:22:25 | 000,046,672 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2010/09/07 20:22:03 | 000,165,584 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2010/09/07 20:17:46 | 000,023,376 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2010/09/07 20:17:30 | 000,050,768 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2010/09/07 20:17:07 | 000,017,744 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2010/08/04 18:47:00 | 001,143,920 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\viahduaa.sys -- (VIAHdAudAddService)
DRV - [2009/07/14 06:49:10 | 000,175,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vmbus.sys -- (vmbus)
DRV - [2009/07/14 06:49:10 | 000,040,896 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\vmstorfl.sys -- (storflt)
DRV - [2009/07/14 06:49:10 | 000,028,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\storvsc.sys -- (storvsc)
DRV - [2009/07/14 04:58:47 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vms3cap.sys -- (s3cap)
DRV - [2009/07/14 04:58:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\VMBusHID.sys -- (VMBusHID)
DRV - [2009/07/14 03:32:47 | 000,050,688 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\L1C62x86.sys -- (L1C) NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.114116.info
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Preserve
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.114116.info
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\mozilla_cc@internetdownloadmanager.com: C:\Users\Prasad\AppData\Roaming\IDM\idmmzcc3 [2011/10/30 16:05:26 | 000,000,000 | ---D | M]
O1 HOSTS File: ([2009/06/11 03:09:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (IDMIEHlprObj Class) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll (Tonec Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {1392B8D2-5C05-419F-A8F6-B9F15A596612} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - No CLSID value found.
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [HDAudDeck] C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe (VIA)
O4 - HKCU..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe (Tonec Inc.)
O4 - Startup: C:\Users\Prasad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\cssrs.exe ()
O4 - Startup: C:\Users\Prasad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\cssrsmgr.exe ()
O4 - Startup: C:\Users\Prasad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\efayyvfe.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8 - Extra context menu item: Download all links with IDM - C:\Program Files\Internet Download Manager\IEGetAll.htm ()
O8 - Extra context menu item: Download FLV video content with IDM - C:\Program Files\Internet Download Manager\IEGetVL.htm ()
O8 - Extra context menu item: Download with IDM - C:\Program Files\Internet Download Manager\IEExt.htm ()
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab (Java Plug-in 1.6.0_27)
O16 - DPF: {CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab (Java Plug-in 1.6.0_27)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab (Java Plug-in 1.6.0_27)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B6D896AA-E82F-4F85-9F08-84C8C93FA636}: NameServer = 4.2.2.2 121.242.190.180
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) -C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/11 03:12:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2010/11/19 18:37:38 | 000,142,336 | R--- | M] () - F:\AutoRun.exe -- [ CDFS ]
O32 - AutoRun File - [2007/11/25 00:41:52 | 000,000,047 | R--- | M] () - F:\AUTORUN.INF -- [ CDFS ]
O32 - AutoRun File - [2009/07/03 14:13:04 | 000,000,094 | R--- | M] () - F:\autorun.sh -- [ CDFS ]
O33 - MountPoints2\{0b54b152-ec46-11e0-880c-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{0b54b152-ec46-11e0-880c-806e6f6e6963}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- [2010/11/19 18:37:38 | 000,142,336 | R--- | M] ()
O33 - MountPoints2\{3fb9b6c9-ee8c-11e0-8860-8c89a533a41d}\Shell - "" = AutoRun
O33 - MountPoints2\{3fb9b6c9-ee8c-11e0-8860-8c89a533a41d}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- [2010/11/19 18:37:38 | 000,142,336 | R--- | M] ()
O33 - MountPoints2\F\Shell - "" = AutoRun
O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\AutoRun.exe -- [2010/11/19 18:37:38 | 000,142,336 | R--- | M] ()
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: NTDS - File not found
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vmms - Service
SafeBootMin: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: NTDS - File not found
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vmms - Service
SafeBootNet: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Macromedia Shockwave Flash
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
========== Files/Folders - Created Within 30 Days ==========
[2012/01/04 21:26:10 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2012/01/02 22:20:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
[2012/01/02 22:20:21 | 000,000,000 | ---D | C] -- C:\Program Files\7-Zip
[2012/01/02 21:55:08 | 000,000,000 | -HSD | C] -- C:\Config.Msi
========== Files - Modified Within 30 Days ==========
[2012/01/06 21:40:03 | 000,010,016 | ---- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/01/06 21:40:03 | 000,010,016 | ---- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/01/06 21:34:25 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/01/06 21:34:16 | 1583,226,880 | -HS- | M] () -- C:\hiberfil.sys
[2012/01/05 18:15:29 | 000,101,872 | ---- | M] () -- C:\Users\Prasad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\efayyvfe.exe
[2012/01/05 18:15:29 | 000,101,872 | ---- | M] () -- C:\Users\Prasad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\cssrsmgr.exe
[2012/01/03 15:39:39 | 000,414,368 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2012/01/02 23:07:25 | 000,101,872 | ---- | M] () -- C:\Users\Prasad\AppData\Roaming\cssrsmgr.exe
[2012/01/02 22:03:31 | 000,615,122 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012/01/02 22:03:31 | 000,103,496 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012/01/02 21:55:13 | 000,001,984 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
========== Files Created - No Company Name ==========
[2012/01/02 22:21:57 | 004,249,600 | ---- | C] () -- C:\Users\Prasad\Desktop\26113__9780471317517__9780585256054__0471317519.tar_2
[2011/12/25 22:13:11 | 002,073,213 | ---- | C] () -- C:\Users\Prasad\Desktop\Ch2_SM.pdf
[2011/10/13 20:25:28 | 000,021,412 | ---- | C] () -- C:\Windows\System32\emptyregdb.dat
[2011/10/08 21:12:49 | 000,057,344 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2011/09/22 20:50:33 | 000,000,000 | ---- | C] () -- C:\Windows\PROTOCOL.INI
[2011/09/18 00:41:29 | 000,101,872 | ---- | C] () -- C:\Users\Prasad\AppData\Roaming\cssrsmgr.exe
[2011/09/17 21:06:34 | 000,247,649 | -HS- | C] () -- C:\Users\Prasad\AppData\Roaming\cssrs.exe
[2011/09/17 11:34:14 | 000,140,288 | ---- | C] () -- C:\Windows\System32\igfxtvcx.dll
[2011/09/17 11:24:17 | 000,982,220 | ---- | C] () -- C:\Windows\System32\igkrng500.bin
[2011/09/17 11:24:17 | 000,439,300 | ---- | C] () -- C:\Windows\System32\igcompkrng500.bin
[2011/09/17 11:24:17 | 000,092,216 | ---- | C] () -- C:\Windows\System32\igfcg500m.bin
[2011/09/17 11:24:15 | 000,134,592 | ---- | C] () -- C:\Windows\System32\igfcg500.bin
[2009/07/14 10:27:37 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009/07/14 10:03:53 | 000,408,520 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2009/07/14 07:35:48 | 000,615,122 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2009/07/14 07:35:48 | 000,291,294 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2009/07/14 07:35:48 | 000,103,496 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2009/07/14 07:35:48 | 000,031,548 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2009/07/14 07:35:05 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2009/07/14 07:34:11 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2009/07/14 05:49:49 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
[2009/07/14 05:25:01 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009/07/14 05:21:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll
[2009/07/14 05:12:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll
[2009/06/11 02:56:10 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
========== Custom Scans ==========
< %APPDATA%\Microsoft\*.* >
< %systemroot%\system32\config\systemprofile\*.dat /x >
< %USERPROFILE%\Desktop\*.exe >
[2010/10/21 15:09:38 | 000,247,649 | ---- | M] () -- C:\Users\Prasad\Desktop\idman5.18.4.full.rox1234.exe
< %PROGRAMFILES%\Common Files\*.* >
< %systemroot%\winn32\*.* >
< %USERPROFILE%\My Documents\*.exe >
< %USERPROFILE%\*.exe >
< %PROGRAMFILES%\Mozilla Firefox\*.exe >
< %ProgramFiles%\TinyProxy. >
< %systemroot%\system32\*.* /lockedfiles >
< %systemroot%\Tasks\*.job /lockedfiles >
< %systemroot%\system32\drivers\*.* /lockedfiles >
< %PROGRAMFILES%\*. >
[2012/01/02 22:20:22 | 000,000,000 | ---D | M] -- C:\Program Files\7-Zip
[2011/10/30 15:59:24 | 000,000,000 | ---D | M] -- C:\Program Files\Adobe
[2011/10/30 15:59:26 | 000,000,000 | ---D | M] -- C:\Program Files\Alwil Software
[2011/10/30 15:59:34 | 000,000,000 | ---D | M] -- C:\Program Files\C-Free 5
[2011/10/30 15:59:35 | 000,000,000 | ---D | M] -- C:\Program Files\CCleaner
[2011/10/30 15:59:35 | 000,000,000 | ---D | M] -- C:\Program Files\Common Files
[2011/10/30 15:59:43 | 000,000,000 | ---D | M] -- C:\Program Files\Cucusoft
[2009/07/14 13:20:29 | 000,000,000 | ---D | M] -- C:\Program Files\DVD Maker
[2011/10/30 15:59:43 | 000,000,000 | ---D | M] -- C:\Program Files\Google
[2011/10/30 15:59:49 | 000,000,000 | ---D | M] -- C:\Program Files\ImgBurn
[2011/11/14 18:06:07 | 000,000,000 | -H-D | M] -- C:\Program Files\InstallShield Installation Information
[2011/10/30 18:08:31 | 000,000,000 | ---D | M] -- C:\Program Files\Intel
[2011/10/31 22:32:13 | 000,000,000 | ---D | M] -- C:\Program Files\Internet Download Manager
[2009/07/14 10:26:49 | 000,000,000 | ---D | M] -- C:\Program Files\Internet Explorer
[2011/10/30 15:59:49 | 000,000,000 | ---D | M] -- C:\Program Files\Java
[2011/11/07 12:17:45 | 000,000,000 | ---D | M] -- C:\Program Files\MATLAB
[2009/07/14 13:20:24 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Games
[2011/10/30 16:00:22 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Office
[2011/10/30 16:00:22 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Visual Studio
[2011/10/30 16:00:23 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Visual Studio 8
[2011/10/30 16:00:23 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Works
[2011/10/30 16:00:23 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft.NET
[2011/10/30 16:00:23 | 000,000,000 | ---D | M] -- C:\Program Files\MSBuild
[2009/07/14 10:22:30 | 000,000,000 | ---D | M] -- C:\Program Files\Reference Assemblies
[2011/10/30 16:00:23 | 000,000,000 | ---D | M] -- C:\Program Files\Softland
[2011/10/30 16:00:23 | 000,000,000 | ---D | M] -- C:\Program Files\Tata Photon+
[2009/07/14 10:23:23 | 000,000,000 | -H-D | M] -- C:\Program Files\Uninstall Information
[2011/10/30 16:00:28 | 000,000,000 | ---D | M] -- C:\Program Files\VIA
[2011/10/30 16:00:28 | 000,000,000 | ---D | M] -- C:\Program Files\VideoLAN
[2009/07/14 10:26:49 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Defender
[2009/07/14 13:20:04 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Journal
[2009/07/14 10:26:49 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Mail
[2009/07/14 10:26:49 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Media Player
[2009/07/14 10:22:30 | 000,000,000 | ---D | M] -- C:\Program Files\Windows NT
[2009/07/14 10:26:49 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Photo Viewer
[2009/07/14 10:22:32 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Portable Devices
[2009/07/14 10:26:49 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Sidebar
[2011/10/31 22:32:14 | 000,000,000 | ---D | M] -- C:\Program Files\WinRAR
< MD5 for: AGP440.SYS >
[2009/07/14 06:56:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\drivers\AGP440.sys
[2009/07/14 06:56:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_x86_neutral_65848c2d7375a720\AGP440.sys
[2009/07/14 06:56:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_b9e9435f20046eeb\AGP440.sys
< MD5 for: ATAPI.SYS >
[2009/07/14 06:56:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\drivers\atapi.sys
[2009/07/14 06:56:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_f64b9c35a3a5be81\atapi.sys
[2009/07/14 06:56:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_dd0e7e3d82dd640d\atapi.sys
< MD5 for: DISK.SYS >
[2009/07/14 06:50:27 | 000,057,424 | ---- | M] (Microsoft Corporation) MD5=565003F326F99802E68CA78F2A68E9FF -- C:\Windows\System32\drivers\disk.sys
[2009/07/14 06:50:27 | 000,057,424 | ---- | M] (Microsoft Corporation) MD5=565003F326F99802E68CA78F2A68E9FF -- C:\Windows\System32\DriverStore\FileRepository\disk.inf_x86_neutral_b431b61a11f8df6c\disk.sys
[2009/07/14 06:50:27 | 000,057,424 | ---- | M] (Microsoft Corporation) MD5=565003F326F99802E68CA78F2A68E9FF -- C:\Windows\winsxs\x86_disk.inf_31bf3856ad364e35_6.1.7600.16385_none_f99cd807d58018cb\disk.sys
< MD5 for: NETLOGON.DLL >
[2009/07/14 06:46:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\System32\netlogon.dll
[2009/07/14 06:46:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_fd8e0d66994d7dc8\netlogon.dll
< MD5 for: NVSTOR.SYS >
[2009/07/14 06:50:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- C:\Windows\System32\drivers\nvstor.sys
[2009/07/14 06:50:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_5bde3fe2945bce9e\nvstor.sys
[2009/07/14 06:50:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_39b1194b205239d8\nvstor.sys
< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
< hklm\software\clients\startmenuinternet|command /rs >
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\Windows\System32\ie4uinit.exe" -show [2009/07/14 06:44:21 | 000,176,128 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\Windows\System32\ie4uinit.exe" -reinstall [2009/07/14 06:44:21 | 000,176,128 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\Windows\System32\ie4uinit.exe" -hide [2009/07/14 06:44:21 | 000,176,128 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" -extoff [2009/07/14 06:47:29 | 000,673,048 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\Program Files\Internet Explorer\iexplore.exe [2009/07/14 06:47:29 | 000,673,048 | ---- | M] (Microsoft Corporation)
< hklm\software\clients\startmenuinternet|command /64 /rs >
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\Windows\System32\ie4uinit.exe" -show [2009/07/14 06:44:21 | 000,176,128 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\Windows\System32\ie4uinit.exe" -reinstall [2009/07/14 06:44:21 | 000,176,128 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\Windows\System32\ie4uinit.exe" -hide [2009/07/14 06:44:21 | 000,176,128 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" -extoff [2009/07/14 06:47:29 | 000,673,048 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\Program Files\Internet Explorer\iexplore.exe [2009/07/14 06:47:29 | 000,673,048 | ---- | M] (Microsoft Corporation)
< End of report >
aswMBR version 0.9.9.1156 Copyright(c) 2011 AVAST Software
Run date: 2012-01-06 23:00:37
-----------------------------
23:00:37.354 OS Version: Windows 6.1.7600
23:00:37.354 Number of processors: 2 586 0x170A
23:00:37.354 ComputerName: PRASAD-PC UserName: Prasad
23:00:38.336 Initialize success
23:00:38.882 AVAST engine defs: 10092400
23:00:56.557 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
23:00:56.573 Disk 0 Vendor: ST380011A 8.01 Size: 76319MB BusType: 3
23:00:56.588 Disk 0 MBR read successfully
23:00:56.604 Disk 0 MBR scan
23:00:56.604 Disk 0 Windows 7 default MBR code
23:00:56.604 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
23:00:56.620 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 29895 MB offset 206848
23:00:56.635 Disk 0 Partition - 00 0F Extended LBA 37001 MB offset 61432560
23:00:56.666 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 9319 MB offset 137211904
23:00:56.698 Disk 0 Partition 4 00 07 HPFS/NTFS NTFS 37001 MB offset 61432623
23:00:56.713 Disk 0 scanning sectors +156297216
23:00:56.791 Disk 0 scanning C:\Windows\system32\drivers
23:01:05.434 Service scanning
23:01:06.963 Modules scanning
23:01:29.941 Disk 0 trace - called modules:
23:01:29.973 ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys halmacpi.dll ataport.SYS intelide.sys PCIIDEX.SYS atapi.sys
23:01:29.973 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x85a0fac8]
23:01:29.973 3 CLASSPNP.SYS[88dc959e] -> nt!IofCallDriver -> [0x859368a8]
23:01:29.988 5 ACPI.sys[888253b2] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0x85921908]
23:01:30.612 AVAST engine scan C:\Windows
23:01:31.876 AVAST engine scan C:\Windows\system32
23:02:49.533 AVAST engine scan C:\Windows\system32\drivers
23:02:55.414 AVAST engine scan C:\Users\Prasad
23:06:51.427 Disk 0 MBR has been saved successfully to "C:\Users\Prasad\Desktop\MBR.dat"
23:06:51.427 The log file has been saved successfully to "C:\Users\Prasad\Desktop\aswMBR.txt"
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Prasad\Documents\Downloads\Programs
Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1.97 Gb Total Physical Memory | 1.10 Gb Available Physical Memory | 56.15% Memory free
3.93 Gb Paging File | 2.91 Gb Available in Paging File | 74.11% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 29.19 Gb Total Space | 8.70 Gb Free Space | 29.80% Space Free | Partition Type: NTFS
Drive D: | 36.13 Gb Total Space | 1.66 Gb Free Space | 4.60% Space Free | Partition Type: NTFS
Drive E: | 6.83 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF
Drive F: | 36.34 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive I: | 9.10 Gb Total Space | 2.92 Gb Free Space | 32.11% Space Free | Partition Type: NTFS
Computer Name: PRASAD-PC | User Name: Prasad | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2012/01/06 22:26:22 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Prasad\My Documents\Downloads\Programs\OTL.EXE
PRC - [2012/01/03 15:39:39 | 000,247,968 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\System32\Macromed\Flash\FlashUtil11e_ActiveX.exe
PRC - [2011/10/13 19:19:06 | 000,217,478 | ---- | M] () -- C:\Program Files\Tata Photon+\Huawei\Tata Photon+.exe
PRC - [2010/11/16 19:07:38 | 000,264,704 | ---- | M] () -- C:\ProgramData\DatacardService\HWDeviceService.exe
PRC - [2010/11/16 19:07:30 | 000,230,912 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\ProgramData\DatacardService\DCSHelper.exe
PRC - [2010/10/21 15:09:38 | 000,247,649 | ---- | M] () -- C:\Users\Prasad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\cssrs.exe
PRC - [2010/09/07 20:42:02 | 002,838,912 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
PRC - [2010/09/07 20:41:59 | 000,040,384 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2010/09/07 20:41:44 | 000,119,200 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\afwServ.exe
PRC - [2010/08/11 09:02:14 | 001,690,224 | ---- | M] (VIA) -- C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe
PRC - [2009/10/16 09:43:00 | 003,134,896 | ---- | M] (Tonec Inc.) -- C:\Program Files\Internet Download Manager\IDMan.exe
PRC - [2009/10/15 15:21:51 | 000,263,600 | ---- | M] (Tonec Inc.) -- C:\Program Files\Internet Download Manager\IEMonitor.exe
PRC - [2009/07/14 06:44:42 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2009/07/14 06:44:20 | 002,613,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009/07/14 06:44:12 | 000,100,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\audiodg.exe
========== Modules (No Company Name) ==========
MOD - [2011/10/13 19:19:06 | 000,217,478 | ---- | M] () -- C:\Program Files\Tata Photon+\Huawei\Tata Photon+.exe
MOD - [2011/10/13 19:19:04 | 000,635,314 | ---- | M] () -- C:\Program Files\Tata Photon+\Huawei\atcomm.dll
MOD - [2011/10/13 19:19:04 | 000,266,657 | ---- | M] () -- C:\Program Files\Tata Photon+\Huawei\DeviceMgrUIPlugin.dll
MOD - [2011/10/13 19:19:04 | 000,262,677 | ---- | M] () -- C:\Program Files\Tata Photon+\Huawei\SMSPlugin.dll
MOD - [2011/10/13 19:19:04 | 000,258,560 | ---- | M] () -- C:\Program Files\Tata Photon+\Huawei\DetectDev.dll
MOD - [2011/10/13 19:19:04 | 000,242,035 | ---- | M] () -- C:\Program Files\Tata Photon+\Huawei\LocaleMgrPlugin.dll
MOD - [2011/10/13 19:19:04 | 000,209,235 | ---- | M] () -- C:\Program Files\Tata Photon+\Huawei\DeviceMgrPlugin.dll
MOD - [2011/10/13 19:19:04 | 000,205,229 | ---- | M] () -- C:\Program Files\Tata Photon+\Huawei\NetInfoPlugin.dll
MOD - [2011/10/13 19:19:04 | 000,197,115 | ---- | M] () -- C:\Program Files\Tata Photon+\Huawei\FileManager.dll
MOD - [2011/10/13 19:19:04 | 000,193,009 | ---- | M] () -- C:\Program Files\Tata Photon+\Huawei\DialUpPlugin.dll
MOD - [2011/10/13 19:19:04 | 000,188,859 | ---- | M] () -- C:\Program Files\Tata Photon+\Huawei\CallPlugin.dll
MOD - [2011/10/13 19:19:04 | 000,168,400 | ---- | M] () -- C:\Program Files\Tata Photon+\Huawei\XCodec.dll
MOD - [2011/10/13 19:19:04 | 000,168,343 | ---- | M] () -- C:\Program Files\Tata Photon+\Huawei\DeviceOperate.dll
MOD - [2011/10/13 19:19:04 | 000,164,349 | ---- | M] () -- C:\Program Files\Tata Photon+\Huawei\ConfigFilePlugin.dll
MOD - [2011/10/13 19:19:04 | 000,139,645 | ---- | M] () -- C:\Program Files\Tata Photon+\Huawei\NotifyServicePlugin.dll
MOD - [2011/10/13 19:19:04 | 000,119,709 | ---- | M] () -- C:\Program Files\Tata Photon+\Huawei\isaputrace.dll
MOD - [2010/10/21 15:09:38 | 000,247,649 | ---- | M] () -- C:\Users\Prasad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\cssrs.exe
MOD - [2010/08/11 09:02:20 | 000,100,976 | ---- | M] () -- C:\Program Files\VIA\VIAudioi\VDeck\VMicApi.dll
MOD - [2010/08/11 09:02:10 | 064,663,664 | ---- | M] () -- C:\Program Files\VIA\VIAudioi\VDeck\skin.dll
MOD - [2010/08/11 09:02:06 | 000,080,496 | ---- | M] () -- C:\Program Files\VIA\VIAudioi\VDeck\QsApoApi.dll
MOD - [2010/08/11 09:02:04 | 000,113,264 | ---- | M] () -- C:\Program Files\VIA\VIAudioi\VDeck\Dts2ApoApi.dll
========== Win32 Services (SafeList) ==========
SRV - File not found [Auto | Running] -- -- (HWDeviceService.exe)
SRV - [2010/09/07 20:41:59 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Web Scanner)
SRV - [2010/09/07 20:41:59 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Mail Scanner)
SRV - [2010/09/07 20:41:59 | 000,040,384 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2010/09/07 20:41:44 | 000,119,200 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\afwServ.exe -- (avast! Firewall)
SRV - [2009/07/14 06:46:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/14 06:46:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009/07/14 06:45:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
========== Driver Services (SafeList) ==========
DRV - [2011/10/13 19:19:04 | 000,193,792 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ewusbmdm.sys -- (hwdatacard)
DRV - [2011/10/13 19:19:04 | 000,102,784 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ew_hwusbdev.sys -- (ew_hwusbdev)
DRV - [2010/09/07 20:24:16 | 000,099,792 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswFW.sys -- (aswFW)
DRV - [2010/09/07 20:23:58 | 000,340,048 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2010/09/07 20:23:35 | 000,190,416 | ---- | M] (AVAST Software) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\aswNdis2.sys -- (aswNdis2)
DRV - [2010/09/07 20:22:25 | 000,046,672 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2010/09/07 20:22:03 | 000,165,584 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2010/09/07 20:17:46 | 000,023,376 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2010/09/07 20:17:30 | 000,050,768 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2010/09/07 20:17:07 | 000,017,744 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2010/08/04 18:47:00 | 001,143,920 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\viahduaa.sys -- (VIAHdAudAddService)
DRV - [2009/07/14 06:49:10 | 000,175,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vmbus.sys -- (vmbus)
DRV - [2009/07/14 06:49:10 | 000,040,896 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\vmstorfl.sys -- (storflt)
DRV - [2009/07/14 06:49:10 | 000,028,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\storvsc.sys -- (storvsc)
DRV - [2009/07/14 04:58:47 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vms3cap.sys -- (s3cap)
DRV - [2009/07/14 04:58:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\VMBusHID.sys -- (VMBusHID)
DRV - [2009/07/14 03:32:47 | 000,050,688 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\L1C62x86.sys -- (L1C) NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.114116.info
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Preserve
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.114116.info
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\mozilla_cc@internetdownloadmanager.com: C:\Users\Prasad\AppData\Roaming\IDM\idmmzcc3 [2011/10/30 16:05:26 | 000,000,000 | ---D | M]
O1 HOSTS File: ([2009/06/11 03:09:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (IDMIEHlprObj Class) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll (Tonec Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {1392B8D2-5C05-419F-A8F6-B9F15A596612} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - No CLSID value found.
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [HDAudDeck] C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe (VIA)
O4 - HKCU..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe (Tonec Inc.)
O4 - Startup: C:\Users\Prasad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\cssrs.exe ()
O4 - Startup: C:\Users\Prasad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\cssrsmgr.exe ()
O4 - Startup: C:\Users\Prasad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\efayyvfe.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8 - Extra context menu item: Download all links with IDM - C:\Program Files\Internet Download Manager\IEGetAll.htm ()
O8 - Extra context menu item: Download FLV video content with IDM - C:\Program Files\Internet Download Manager\IEGetVL.htm ()
O8 - Extra context menu item: Download with IDM - C:\Program Files\Internet Download Manager\IEExt.htm ()
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab (Java Plug-in 1.6.0_27)
O16 - DPF: {CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab (Java Plug-in 1.6.0_27)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab (Java Plug-in 1.6.0_27)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B6D896AA-E82F-4F85-9F08-84C8C93FA636}: NameServer = 4.2.2.2 121.242.190.180
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) -C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/11 03:12:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2010/11/19 18:37:38 | 000,142,336 | R--- | M] () - F:\AutoRun.exe -- [ CDFS ]
O32 - AutoRun File - [2007/11/25 00:41:52 | 000,000,047 | R--- | M] () - F:\AUTORUN.INF -- [ CDFS ]
O32 - AutoRun File - [2009/07/03 14:13:04 | 000,000,094 | R--- | M] () - F:\autorun.sh -- [ CDFS ]
O33 - MountPoints2\{0b54b152-ec46-11e0-880c-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{0b54b152-ec46-11e0-880c-806e6f6e6963}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- [2010/11/19 18:37:38 | 000,142,336 | R--- | M] ()
O33 - MountPoints2\{3fb9b6c9-ee8c-11e0-8860-8c89a533a41d}\Shell - "" = AutoRun
O33 - MountPoints2\{3fb9b6c9-ee8c-11e0-8860-8c89a533a41d}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- [2010/11/19 18:37:38 | 000,142,336 | R--- | M] ()
O33 - MountPoints2\F\Shell - "" = AutoRun
O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\AutoRun.exe -- [2010/11/19 18:37:38 | 000,142,336 | R--- | M] ()
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: NTDS - File not found
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vmms - Service
SafeBootMin: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: NTDS - File not found
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vmms - Service
SafeBootNet: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Macromedia Shockwave Flash
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
========== Files/Folders - Created Within 30 Days ==========
[2012/01/04 21:26:10 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2012/01/02 22:20:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
[2012/01/02 22:20:21 | 000,000,000 | ---D | C] -- C:\Program Files\7-Zip
[2012/01/02 21:55:08 | 000,000,000 | -HSD | C] -- C:\Config.Msi
========== Files - Modified Within 30 Days ==========
[2012/01/06 21:40:03 | 000,010,016 | ---- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/01/06 21:40:03 | 000,010,016 | ---- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/01/06 21:34:25 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/01/06 21:34:16 | 1583,226,880 | -HS- | M] () -- C:\hiberfil.sys
[2012/01/05 18:15:29 | 000,101,872 | ---- | M] () -- C:\Users\Prasad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\efayyvfe.exe
[2012/01/05 18:15:29 | 000,101,872 | ---- | M] () -- C:\Users\Prasad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\cssrsmgr.exe
[2012/01/03 15:39:39 | 000,414,368 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2012/01/02 23:07:25 | 000,101,872 | ---- | M] () -- C:\Users\Prasad\AppData\Roaming\cssrsmgr.exe
[2012/01/02 22:03:31 | 000,615,122 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012/01/02 22:03:31 | 000,103,496 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012/01/02 21:55:13 | 000,001,984 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
========== Files Created - No Company Name ==========
[2012/01/02 22:21:57 | 004,249,600 | ---- | C] () -- C:\Users\Prasad\Desktop\26113__9780471317517__9780585256054__0471317519.tar_2
[2011/12/25 22:13:11 | 002,073,213 | ---- | C] () -- C:\Users\Prasad\Desktop\Ch2_SM.pdf
[2011/10/13 20:25:28 | 000,021,412 | ---- | C] () -- C:\Windows\System32\emptyregdb.dat
[2011/10/08 21:12:49 | 000,057,344 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2011/09/22 20:50:33 | 000,000,000 | ---- | C] () -- C:\Windows\PROTOCOL.INI
[2011/09/18 00:41:29 | 000,101,872 | ---- | C] () -- C:\Users\Prasad\AppData\Roaming\cssrsmgr.exe
[2011/09/17 21:06:34 | 000,247,649 | -HS- | C] () -- C:\Users\Prasad\AppData\Roaming\cssrs.exe
[2011/09/17 11:34:14 | 000,140,288 | ---- | C] () -- C:\Windows\System32\igfxtvcx.dll
[2011/09/17 11:24:17 | 000,982,220 | ---- | C] () -- C:\Windows\System32\igkrng500.bin
[2011/09/17 11:24:17 | 000,439,300 | ---- | C] () -- C:\Windows\System32\igcompkrng500.bin
[2011/09/17 11:24:17 | 000,092,216 | ---- | C] () -- C:\Windows\System32\igfcg500m.bin
[2011/09/17 11:24:15 | 000,134,592 | ---- | C] () -- C:\Windows\System32\igfcg500.bin
[2009/07/14 10:27:37 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009/07/14 10:03:53 | 000,408,520 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2009/07/14 07:35:48 | 000,615,122 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2009/07/14 07:35:48 | 000,291,294 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2009/07/14 07:35:48 | 000,103,496 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2009/07/14 07:35:48 | 000,031,548 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2009/07/14 07:35:05 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2009/07/14 07:34:11 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2009/07/14 05:49:49 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
[2009/07/14 05:25:01 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009/07/14 05:21:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll
[2009/07/14 05:12:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll
[2009/06/11 02:56:10 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
========== Custom Scans ==========
< %APPDATA%\Microsoft\*.* >
< %systemroot%\system32\config\systemprofile\*.dat /x >
< %USERPROFILE%\Desktop\*.exe >
[2010/10/21 15:09:38 | 000,247,649 | ---- | M] () -- C:\Users\Prasad\Desktop\idman5.18.4.full.rox1234.exe
< %PROGRAMFILES%\Common Files\*.* >
< %systemroot%\winn32\*.* >
< %USERPROFILE%\My Documents\*.exe >
< %USERPROFILE%\*.exe >
< %PROGRAMFILES%\Mozilla Firefox\*.exe >
< %ProgramFiles%\TinyProxy. >
< %systemroot%\system32\*.* /lockedfiles >
< %systemroot%\Tasks\*.job /lockedfiles >
< %systemroot%\system32\drivers\*.* /lockedfiles >
< %PROGRAMFILES%\*. >
[2012/01/02 22:20:22 | 000,000,000 | ---D | M] -- C:\Program Files\7-Zip
[2011/10/30 15:59:24 | 000,000,000 | ---D | M] -- C:\Program Files\Adobe
[2011/10/30 15:59:26 | 000,000,000 | ---D | M] -- C:\Program Files\Alwil Software
[2011/10/30 15:59:34 | 000,000,000 | ---D | M] -- C:\Program Files\C-Free 5
[2011/10/30 15:59:35 | 000,000,000 | ---D | M] -- C:\Program Files\CCleaner
[2011/10/30 15:59:35 | 000,000,000 | ---D | M] -- C:\Program Files\Common Files
[2011/10/30 15:59:43 | 000,000,000 | ---D | M] -- C:\Program Files\Cucusoft
[2009/07/14 13:20:29 | 000,000,000 | ---D | M] -- C:\Program Files\DVD Maker
[2011/10/30 15:59:43 | 000,000,000 | ---D | M] -- C:\Program Files\Google
[2011/10/30 15:59:49 | 000,000,000 | ---D | M] -- C:\Program Files\ImgBurn
[2011/11/14 18:06:07 | 000,000,000 | -H-D | M] -- C:\Program Files\InstallShield Installation Information
[2011/10/30 18:08:31 | 000,000,000 | ---D | M] -- C:\Program Files\Intel
[2011/10/31 22:32:13 | 000,000,000 | ---D | M] -- C:\Program Files\Internet Download Manager
[2009/07/14 10:26:49 | 000,000,000 | ---D | M] -- C:\Program Files\Internet Explorer
[2011/10/30 15:59:49 | 000,000,000 | ---D | M] -- C:\Program Files\Java
[2011/11/07 12:17:45 | 000,000,000 | ---D | M] -- C:\Program Files\MATLAB
[2009/07/14 13:20:24 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Games
[2011/10/30 16:00:22 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Office
[2011/10/30 16:00:22 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Visual Studio
[2011/10/30 16:00:23 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Visual Studio 8
[2011/10/30 16:00:23 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Works
[2011/10/30 16:00:23 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft.NET
[2011/10/30 16:00:23 | 000,000,000 | ---D | M] -- C:\Program Files\MSBuild
[2009/07/14 10:22:30 | 000,000,000 | ---D | M] -- C:\Program Files\Reference Assemblies
[2011/10/30 16:00:23 | 000,000,000 | ---D | M] -- C:\Program Files\Softland
[2011/10/30 16:00:23 | 000,000,000 | ---D | M] -- C:\Program Files\Tata Photon+
[2009/07/14 10:23:23 | 000,000,000 | -H-D | M] -- C:\Program Files\Uninstall Information
[2011/10/30 16:00:28 | 000,000,000 | ---D | M] -- C:\Program Files\VIA
[2011/10/30 16:00:28 | 000,000,000 | ---D | M] -- C:\Program Files\VideoLAN
[2009/07/14 10:26:49 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Defender
[2009/07/14 13:20:04 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Journal
[2009/07/14 10:26:49 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Mail
[2009/07/14 10:26:49 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Media Player
[2009/07/14 10:22:30 | 000,000,000 | ---D | M] -- C:\Program Files\Windows NT
[2009/07/14 10:26:49 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Photo Viewer
[2009/07/14 10:22:32 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Portable Devices
[2009/07/14 10:26:49 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Sidebar
[2011/10/31 22:32:14 | 000,000,000 | ---D | M] -- C:\Program Files\WinRAR
< MD5 for: AGP440.SYS >
[2009/07/14 06:56:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\drivers\AGP440.sys
[2009/07/14 06:56:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_x86_neutral_65848c2d7375a720\AGP440.sys
[2009/07/14 06:56:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_b9e9435f20046eeb\AGP440.sys
< MD5 for: ATAPI.SYS >
[2009/07/14 06:56:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\drivers\atapi.sys
[2009/07/14 06:56:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_f64b9c35a3a5be81\atapi.sys
[2009/07/14 06:56:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_dd0e7e3d82dd640d\atapi.sys
< MD5 for: DISK.SYS >
[2009/07/14 06:50:27 | 000,057,424 | ---- | M] (Microsoft Corporation) MD5=565003F326F99802E68CA78F2A68E9FF -- C:\Windows\System32\drivers\disk.sys
[2009/07/14 06:50:27 | 000,057,424 | ---- | M] (Microsoft Corporation) MD5=565003F326F99802E68CA78F2A68E9FF -- C:\Windows\System32\DriverStore\FileRepository\disk.inf_x86_neutral_b431b61a11f8df6c\disk.sys
[2009/07/14 06:50:27 | 000,057,424 | ---- | M] (Microsoft Corporation) MD5=565003F326F99802E68CA78F2A68E9FF -- C:\Windows\winsxs\x86_disk.inf_31bf3856ad364e35_6.1.7600.16385_none_f99cd807d58018cb\disk.sys
< MD5 for: NETLOGON.DLL >
[2009/07/14 06:46:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\System32\netlogon.dll
[2009/07/14 06:46:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_fd8e0d66994d7dc8\netlogon.dll
< MD5 for: NVSTOR.SYS >
[2009/07/14 06:50:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- C:\Windows\System32\drivers\nvstor.sys
[2009/07/14 06:50:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_5bde3fe2945bce9e\nvstor.sys
[2009/07/14 06:50:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_39b1194b205239d8\nvstor.sys
< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
< hklm\software\clients\startmenuinternet|command /rs >
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\Windows\System32\ie4uinit.exe" -show [2009/07/14 06:44:21 | 000,176,128 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\Windows\System32\ie4uinit.exe" -reinstall [2009/07/14 06:44:21 | 000,176,128 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\Windows\System32\ie4uinit.exe" -hide [2009/07/14 06:44:21 | 000,176,128 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" -extoff [2009/07/14 06:47:29 | 000,673,048 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\Program Files\Internet Explorer\iexplore.exe [2009/07/14 06:47:29 | 000,673,048 | ---- | M] (Microsoft Corporation)
< hklm\software\clients\startmenuinternet|command /64 /rs >
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\Windows\System32\ie4uinit.exe" -show [2009/07/14 06:44:21 | 000,176,128 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\Windows\System32\ie4uinit.exe" -reinstall [2009/07/14 06:44:21 | 000,176,128 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\Windows\System32\ie4uinit.exe" -hide [2009/07/14 06:44:21 | 000,176,128 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" -extoff [2009/07/14 06:47:29 | 000,673,048 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\Program Files\Internet Explorer\iexplore.exe [2009/07/14 06:47:29 | 000,673,048 | ---- | M] (Microsoft Corporation)
< End of report >
aswMBR version 0.9.9.1156 Copyright(c) 2011 AVAST Software
Run date: 2012-01-06 23:00:37
-----------------------------
23:00:37.354 OS Version: Windows 6.1.7600
23:00:37.354 Number of processors: 2 586 0x170A
23:00:37.354 ComputerName: PRASAD-PC UserName: Prasad
23:00:38.336 Initialize success
23:00:38.882 AVAST engine defs: 10092400
23:00:56.557 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
23:00:56.573 Disk 0 Vendor: ST380011A 8.01 Size: 76319MB BusType: 3
23:00:56.588 Disk 0 MBR read successfully
23:00:56.604 Disk 0 MBR scan
23:00:56.604 Disk 0 Windows 7 default MBR code
23:00:56.604 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
23:00:56.620 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 29895 MB offset 206848
23:00:56.635 Disk 0 Partition - 00 0F Extended LBA 37001 MB offset 61432560
23:00:56.666 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 9319 MB offset 137211904
23:00:56.698 Disk 0 Partition 4 00 07 HPFS/NTFS NTFS 37001 MB offset 61432623
23:00:56.713 Disk 0 scanning sectors +156297216
23:00:56.791 Disk 0 scanning C:\Windows\system32\drivers
23:01:05.434 Service scanning
23:01:06.963 Modules scanning
23:01:29.941 Disk 0 trace - called modules:
23:01:29.973 ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys halmacpi.dll ataport.SYS intelide.sys PCIIDEX.SYS atapi.sys
23:01:29.973 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x85a0fac8]
23:01:29.973 3 CLASSPNP.SYS[88dc959e] -> nt!IofCallDriver -> [0x859368a8]
23:01:29.988 5 ACPI.sys[888253b2] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0x85921908]
23:01:30.612 AVAST engine scan C:\Windows
23:01:31.876 AVAST engine scan C:\Windows\system32
23:02:49.533 AVAST engine scan C:\Windows\system32\drivers
23:02:55.414 AVAST engine scan C:\Users\Prasad
23:06:51.427 Disk 0 MBR has been saved successfully to "C:\Users\Prasad\Desktop\MBR.dat"
23:06:51.427 The log file has been saved successfully to "C:\Users\Prasad\Desktop\aswMBR.txt"