Remaining Part of OTL log
========== Files/Folders - Created Within 30 Days ==========
[2012/07/22 04:19:42 | 000,595,968 | ---- | C] (OldTimer Tools) -- C:\Users\Ramkishen\Desktop\OTL.exe
[2012/07/22 04:03:54 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2012/07/22 04:00:41 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2012/07/22 03:50:05 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2012/07/22 03:50:05 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2012/07/22 03:50:05 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2012/07/22 03:46:48 | 000,000,000 | ---D | C] -- C:\Qoobox
[2012/07/22 03:46:21 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2012/07/22 03:43:35 | 004,582,474 | R--- | C] (Swearware) -- C:\Users\Ramkishen\Desktop\ComboFix.exe
[2012/07/22 02:01:09 | 000,000,000 | ---D | C] -- C:\FRST
[2012/07/22 01:07:47 | 000,000,000 | ---D | C] -- C:\Users\Ramkishen\Desktop\Trojan
[2012/07/22 00:56:58 | 000,607,260 | R--- | C] (Swearware) -- C:\Users\Ramkishen\Desktop\dds.scr
[2012/07/21 23:56:05 | 001,437,781 | ---- | C] (Farbar) -- C:\Users\Ramkishen\Desktop\FRST64.exe
[2012/07/21 23:40:24 | 002,406,064 | ---- | C] (Trend Micro Inc.) -- C:\Users\Ramkishen\Desktop\HousecallLauncher64.exe
[2012/07/21 21:17:00 | 000,000,000 | -HSD | C] -- C:\Windows\SysNative\%APPDATA%
[2012/07/21 21:13:56 | 000,000,000 | ---D | C] -- C:\ProgramData\225932FD815043E2B091B697F875F002
[2012/07/21 21:10:09 | 000,000,000 | ---D | C] -- C:\Users\Ramkishen\Desktop\recovery-clockwork-2.5.1.2-galaxys
[2012/07/21 19:52:29 | 000,000,000 | ---D | C] -- C:\Users\Ramkishen\Desktop\Phone Backup
[2012/07/21 19:43:37 | 000,000,000 | ---D | C] -- C:\Users\Ramkishen\Desktop\GT_I9000_ZSJW4_ZSJW1_OZSJW4_Sbl
[2012/07/21 18:58:15 | 000,000,000 | ---D | C] -- C:\Users\Ramkishen\Desktop\Odin v1.82_and_512.pit_513.pit_803.pit_files
[2012/07/21 18:35:20 | 000,000,000 | ---D | C] -- C:\Users\Ramkishen\Desktop\Odin3 v1.85
[2012/07/21 18:00:25 | 000,123,520 | ---- | C] (ZTE Incorporated) -- C:\Windows\SysNative\drivers\ZTEusbser6k.sys
[2012/07/21 18:00:25 | 000,123,520 | ---- | C] (ZTE Incorporated) -- C:\Windows\SysNative\drivers\ZTEusbnmea.sys
[2012/07/21 18:00:25 | 000,123,520 | ---- | C] (ZTE Incorporated) -- C:\Windows\SysNative\drivers\ZTEusbmdm6k.sys
[2012/07/21 18:00:25 | 000,011,776 | ---- | C] (MBB Incorporated) -- C:\Windows\SysNative\drivers\massfilter.sys
[2012/07/21 18:00:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Reliance 3G
[2012/07/21 17:59:54 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\SupportAppCB
[2012/07/21 17:59:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Reliance 3G
[2012/07/20 02:22:36 | 000,000,000 | ---D | C] -- C:\Users\Ramkishen\Desktop\com.sec.android.app.memo-20120710-220834
[2012/07/19 06:02:39 | 000,000,000 | ---D | C] -- C:\Users\Ramkishen\Desktop\clockworkmod
[2012/07/08 20:38:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Astro-Vision LifeSign Mini
[2012/07/08 20:38:01 | 000,000,000 | ---D | C] -- C:\Users\Ramkishen\AppData\Roaming\LifeSignMini
[2012/07/08 20:38:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LifeSignMini
[2012/07/05 05:55:54 | 000,000,000 | ---D | C] -- C:\Users\Ramkishen\AppData\Roaming\Malwarebytes
[2012/07/05 05:55:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012/07/05 05:55:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012/07/05 05:55:41 | 000,024,904 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012/07/05 05:55:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012/07/05 05:30:42 | 010,063,000 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\Ramkishen\Desktop\mbam-setup-1.61.0.1400.exe
[2012/07/05 02:45:47 | 000,000,000 | ---D | C] -- C:\Users\Ramkishen\AppData\Local\{A4BAEAC2-2EC3-49D1-AF12-89E40E42895D}
[2012/07/05 02:45:28 | 000,000,000 | ---D | C] -- C:\Users\Ramkishen\AppData\Local\{BBEBDF4A-8FEF-4D6A-B0F2-C3E5CD2153DC}
[2012/07/05 02:45:06 | 000,000,000 | ---D | C] -- C:\Users\Ramkishen\AppData\Local\{E9290719-751C-4D8A-8F5C-8EB71508AF85}
[2012/07/02 02:37:13 | 000,000,000 | ---D | C] -- C:\Users\Ramkishen\Desktop\586643
[2012/06/29 01:05:54 | 000,000,000 | ---D | C] -- C:\Users\Ramkishen\AppData\Local\Macromedia
[1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2012/07/22 05:13:51 | 000,714,580 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/07/22 05:13:51 | 000,620,086 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/07/22 05:13:51 | 000,107,978 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/07/22 05:08:38 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/07/22 05:08:33 | 3180,220,416 | -HS- | M] () -- C:\hiberfil.sys
[2012/07/22 04:51:08 | 000,000,924 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1930665232-349164325-645168838-1000UA.job
[2012/07/22 04:19:42 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\Ramkishen\Desktop\OTL.exe
[2012/07/22 04:11:20 | 000,032,064 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/07/22 04:11:20 | 000,032,064 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/07/22 03:56:37 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2012/07/22 03:44:24 | 004,582,474 | R--- | M] (Swearware) -- C:\Users\Ramkishen\Desktop\ComboFix.exe
[2012/07/22 03:00:09 | 000,050,924 | ---- | M] () -- C:\Users\Ramkishen\Desktop\Untitled1.png
[2012/07/22 01:57:37 | 001,437,781 | ---- | M] (Farbar) -- C:\Users\Ramkishen\Desktop\FRST64.exe
[2012/07/22 01:12:44 | 000,110,872 | ---- | M] () -- C:\Users\Ramkishen\Desktop\Untitled.png
[2012/07/22 00:56:58 | 000,607,260 | R--- | M] (Swearware) -- C:\Users\Ramkishen\Desktop\dds.scr
[2012/07/22 00:56:34 | 000,667,872 | ---- | M] () -- C:\Users\Ramkishen\Desktop\UPDATED 5-step Viruses_Spyware_Malware Preliminary Removal Instructions - TechSpot Forums.mht
[2012/07/22 00:52:52 | 000,302,592 | ---- | M] () -- C:\Users\Ramkishen\Desktop\ufh3ih3c.exe
[2012/07/21 23:42:51 | 000,000,036 | ---- | M] () -- C:\Users\Ramkishen\AppData\Local\housecall.guid.cache
[2012/07/21 23:42:06 | 002,406,064 | ---- | M] (Trend Micro Inc.) -- C:\Users\Ramkishen\Desktop\HousecallLauncher64.exe
[2012/07/21 21:09:58 | 001,804,447 | ---- | M] () -- C:\Users\Ramkishen\Desktop\recovery-clockwork-2.5.1.2-galaxys.zip
[2012/07/21 19:50:01 | 001,596,930 | ---- | M] () -- C:\Users\Ramkishen\Desktop\xda-developers - View Single Post - [Firmwares]Official I9000_I9000M Firmwares collection [Latest_ XWJW8, DDJVB, XWJW7].mht
[2012/07/21 19:42:26 | 161,403,811 | ---- | M] () -- C:\Users\Ramkishen\Desktop\GT_I9000_ZSJW4_ZSJW1_OZSJW4_Sbl.7z
[2012/07/21 18:58:04 | 000,160,881 | ---- | M] () -- C:\Users\Ramkishen\Desktop\Odin v1.82_and_512.pit_513.pit_803.pit_files.7z
[2012/07/21 18:51:05 | 000,000,872 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1930665232-349164325-645168838-1000Core.job
[2012/07/21 18:34:51 | 005,487,403 | ---- | M] () -- C:\Users\Ramkishen\Desktop\Odin3 v1.85.rar
[2012/07/21 18:05:36 | 000,193,404 | ---- | M] () -- C:\Users\Ramkishen\Desktop\mts.xps
[2012/07/21 18:00:15 | 000,001,940 | ---- | M] () -- C:\Users\Public\Desktop\Reliance 3G.lnk
[2012/07/21 05:43:01 | 000,208,034 | ---- | M] () -- C:\Users\Ramkishen\Desktop\MTS.mht
[2012/07/21 04:07:46 | 517,780,083 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2012/07/19 04:56:08 | 000,444,684 | ---- | M] () -- C:\Users\Ramkishen\Desktop\cm-9-20120718-EXPERIMENTAL-galaxysmtd-stk.zip
[2012/07/19 03:36:35 | 000,197,521 | ---- | M] () -- C:\Users\Ramkishen\Desktop\DAD july bill.png
[2012/07/18 07:34:42 | 000,001,109 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/07/15 00:01:19 | 000,000,348 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForRamkishen.job
[2012/07/11 03:38:34 | 000,027,751 | ---- | M] () -- C:\Users\Ramkishen\Desktop\com.sec.android.app.memo-20120710-220834.tar.gz
[2012/07/11 03:33:56 | 000,950,058 | ---- | M] () -- C:\Users\Ramkishen\Desktop\FULL - DarkyROM v11.0 Black Edition [Android 4.0.4 ICS] _ DarkyROM.mht
[2012/07/11 02:21:37 | 000,719,839 | ---- | M] () -- C:\Users\Ramkishen\Desktop\IndianOfficer - [Toppers Interview] Arvind Menon (AIR 201_CSE 2011).mht
[2012/07/11 02:05:45 | 000,280,656 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012/07/05 05:33:11 | 010,063,000 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\Ramkishen\Desktop\mbam-setup-1.61.0.1400.exe
[2012/07/04 02:54:10 | 000,060,066 | ---- | M] () -- C:\Users\Ramkishen\Desktop\lol.xps
[2012/07/04 00:13:33 | 000,749,793 | ---- | M] () -- C:\Users\Ramkishen\Desktop\Mrunal.mht
[2012/07/03 13:46:44 | 000,024,904 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012/07/02 21:02:48 | 000,048,543 | ---- | M] () -- C:\Users\Ramkishen\Desktop\pirate-1341262968465.jpeg
[2012/07/02 02:28:28 | 000,029,568 | ---- | M] () -- C:\Users\Ramkishen\Desktop\586643.zip
[1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files Created - No Company Name ==========
[2012/07/22 03:50:05 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2012/07/22 03:50:05 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2012/07/22 03:50:05 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2012/07/22 03:50:05 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2012/07/22 03:50:05 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2012/07/22 03:00:08 | 000,050,924 | ---- | C] () -- C:\Users\Ramkishen\Desktop\Untitled1.png
[2012/07/22 01:12:44 | 000,110,872 | ---- | C] () -- C:\Users\Ramkishen\Desktop\Untitled.png
[2012/07/22 00:56:32 | 000,667,872 | ---- | C] () -- C:\Users\Ramkishen\Desktop\UPDATED 5-step Viruses_Spyware_Malware Preliminary Removal Instructions - TechSpot Forums.mht
[2012/07/22 00:52:52 | 000,302,592 | ---- | C] () -- C:\Users\Ramkishen\Desktop\ufh3ih3c.exe
[2012/07/21 23:42:51 | 000,000,036 | ---- | C] () -- C:\Users\Ramkishen\AppData\Local\housecall.guid.cache
[2012/07/21 21:09:40 | 001,804,447 | ---- | C] () -- C:\Users\Ramkishen\Desktop\recovery-clockwork-2.5.1.2-galaxys.zip
[2012/07/21 19:50:01 | 001,596,930 | ---- | C] () -- C:\Users\Ramkishen\Desktop\xda-developers - View Single Post - [Firmwares]Official I9000_I9000M Firmwares collection [Latest_ XWJW8, DDJVB, XWJW7].mht
[2012/07/21 19:00:21 | 161,403,811 | ---- | C] () -- C:\Users\Ramkishen\Desktop\GT_I9000_ZSJW4_ZSJW1_OZSJW4_Sbl.7z
[2012/07/21 18:58:04 | 000,160,881 | ---- | C] () -- C:\Users\Ramkishen\Desktop\Odin v1.82_and_512.pit_513.pit_803.pit_files.7z
[2012/07/21 18:33:59 | 005,487,403 | ---- | C] () -- C:\Users\Ramkishen\Desktop\Odin3 v1.85.rar
[2012/07/21 18:05:35 | 000,193,404 | ---- | C] () -- C:\Users\Ramkishen\Desktop\mts.xps
[2012/07/21 18:00:15 | 000,001,940 | ---- | C] () -- C:\Users\Public\Desktop\Reliance 3G.lnk
[2012/07/21 05:43:01 | 000,208,034 | ---- | C] () -- C:\Users\Ramkishen\Desktop\MTS.mht
[2012/07/20 02:22:30 | 000,027,751 | ---- | C] () -- C:\Users\Ramkishen\Desktop\com.sec.android.app.memo-20120710-220834.tar.gz
[2012/07/19 04:55:49 | 000,444,684 | ---- | C] () -- C:\Users\Ramkishen\Desktop\cm-9-20120718-EXPERIMENTAL-galaxysmtd-stk.zip
[2012/07/19 04:11:23 | 000,048,543 | ---- | C] () -- C:\Users\Ramkishen\Desktop\pirate-1341262968465.jpeg
[2012/07/19 03:36:35 | 000,197,521 | ---- | C] () -- C:\Users\Ramkishen\Desktop\DAD july bill.png
[2012/07/11 03:33:55 | 000,950,058 | ---- | C] () -- C:\Users\Ramkishen\Desktop\FULL - DarkyROM v11.0 Black Edition [Android 4.0.4 ICS] _ DarkyROM.mht
[2012/07/11 02:21:37 | 000,719,839 | ---- | C] () -- C:\Users\Ramkishen\Desktop\IndianOfficer - [Toppers Interview] Arvind Menon (AIR 201_CSE 2011).mht
[2012/07/05 05:55:44 | 000,001,109 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/07/04 02:54:09 | 000,060,066 | ---- | C] () -- C:\Users\Ramkishen\Desktop\lol.xps
[2012/07/04 00:13:33 | 000,749,793 | ---- | C] () -- C:\Users\Ramkishen\Desktop\Mrunal.mht
[2012/07/02 02:28:28 | 000,029,568 | ---- | C] () -- C:\Users\Ramkishen\Desktop\586643.zip
[2012/05/26 04:03:00 | 000,000,041 | ---- | C] () -- C:\Users\Ramkishen\ziprecovery.ini
[2012/01/14 03:12:46 | 000,722,802 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011/09/30 22:42:20 | 000,053,760 | ---- | C] () -- C:\Windows\SysWow64\OVDecode.dll
[2011/08/09 08:30:02 | 000,216,000 | ---- | C] () -- C:\Windows\SysWow64\igfcg600m.bin
[2011/08/09 08:23:26 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
[2011/08/09 07:58:38 | 013,903,872 | ---- | C] () -- C:\Windows\SysWow64\ig4icd32.dll
[2011/08/05 11:57:16 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2011/08/05 11:54:35 | 000,014,051 | ---- | C] () -- C:\Windows\SysWow64\RaCoInst.dat
[2011/08/05 11:50:56 | 000,003,155 | ---- | C] () -- C:\Windows\SysWow64\atipblup.dat
[2011/08/05 11:49:44 | 000,145,804 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin
[2011/04/09 18:55:28 | 000,179,261 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2011/03/25 22:16:08 | 000,963,116 | ---- | C] () -- C:\Windows\SysWow64\igkrng600.bin
[2011/03/17 13:51:46 | 000,003,929 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2011/02/23 05:10:34 | 000,007,736 | ---- | C] () -- C:\Windows\hpDSTRES.DLL
[2010/12/17 07:56:22 | 000,066,856 | ---- | C] () -- C:\Windows\SysWow64\SynTPEnhPS.dll
========== LOP Check ==========
[2012/03/06 23:44:37 | 000,000,000 | ---D | M] -- C:\Users\Default\AppData\Roaming\ZTEEVDO
[2012/03/06 23:44:37 | 000,000,000 | ---D | M] -- C:\Users\Default User\AppData\Roaming\ZTEEVDO
[2012/02/20 23:17:05 | 000,000,000 | ---D | M] -- C:\Users\Ramkishen\AppData\Roaming\AnvSoft
[2012/06/02 22:47:04 | 000,000,000 | ---D | M] -- C:\Users\Ramkishen\AppData\Roaming\Big Fish Games
[2012/03/01 09:11:41 | 000,000,000 | ---D | M] -- C:\Users\Ramkishen\AppData\Roaming\DiskAid
[2012/03/01 21:13:48 | 000,000,000 | ---D | M] -- C:\Users\Ramkishen\AppData\Roaming\ESET
[2012/01/01 23:40:37 | 000,000,000 | ---D | M] -- C:\Users\Ramkishen\AppData\Roaming\Flood Light Games
[2012/02/07 03:31:38 | 000,000,000 | ---D | M] -- C:\Users\Ramkishen\AppData\Roaming\funkitron
[2011/12/30 14:11:44 | 000,000,000 | ---D | M] -- C:\Users\Ramkishen\AppData\Roaming\IDT
[2012/07/08 21:05:33 | 000,000,000 | ---D | M] -- C:\Users\Ramkishen\AppData\Roaming\LifeSignMini
[2012/03/25 20:48:31 | 000,000,000 | ---D | M] -- C:\Users\Ramkishen\AppData\Roaming\ooVoo Details
[2012/01/03 00:54:21 | 000,000,000 | ---D | M] -- C:\Users\Ramkishen\AppData\Roaming\Opera
[2012/04/09 01:37:55 | 000,000,000 | ---D | M] -- C:\Users\Ramkishen\AppData\Roaming\PlayFirst
[2012/07/09 01:56:16 | 000,000,000 | ---D | M] -- C:\Users\Ramkishen\AppData\Roaming\SoftGrid Client
[2011/12/30 07:30:18 | 000,000,000 | ---D | M] -- C:\Users\Ramkishen\AppData\Roaming\Synaptics
[2012/01/14 03:13:12 | 000,000,000 | ---D | M] -- C:\Users\Ramkishen\AppData\Roaming\TP
[2012/07/16 00:13:16 | 000,000,000 | ---D | M] -- C:\Users\Ramkishen\AppData\Roaming\uTorrent
[2012/01/22 01:50:32 | 000,000,000 | ---D | M] -- C:\Users\Ramkishen\AppData\Roaming\VitySoft
[2012/01/07 20:19:33 | 000,000,000 | ---D | M] -- C:\Users\Ramkishen\AppData\Roaming\ZTEEVDO
[2012/06/30 21:05:12 | 000,032,608 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 150 bytes -> C:\ProgramData\Temp:70B9C530
@Alternate Data Stream - 122 bytes -> C:\ProgramData\Temp:661DFA1C
< End of report >
========== Files/Folders - Created Within 30 Days ==========
[2012/07/22 04:19:42 | 000,595,968 | ---- | C] (OldTimer Tools) -- C:\Users\Ramkishen\Desktop\OTL.exe
[2012/07/22 04:03:54 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2012/07/22 04:00:41 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2012/07/22 03:50:05 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2012/07/22 03:50:05 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2012/07/22 03:50:05 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2012/07/22 03:46:48 | 000,000,000 | ---D | C] -- C:\Qoobox
[2012/07/22 03:46:21 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2012/07/22 03:43:35 | 004,582,474 | R--- | C] (Swearware) -- C:\Users\Ramkishen\Desktop\ComboFix.exe
[2012/07/22 02:01:09 | 000,000,000 | ---D | C] -- C:\FRST
[2012/07/22 01:07:47 | 000,000,000 | ---D | C] -- C:\Users\Ramkishen\Desktop\Trojan
[2012/07/22 00:56:58 | 000,607,260 | R--- | C] (Swearware) -- C:\Users\Ramkishen\Desktop\dds.scr
[2012/07/21 23:56:05 | 001,437,781 | ---- | C] (Farbar) -- C:\Users\Ramkishen\Desktop\FRST64.exe
[2012/07/21 23:40:24 | 002,406,064 | ---- | C] (Trend Micro Inc.) -- C:\Users\Ramkishen\Desktop\HousecallLauncher64.exe
[2012/07/21 21:17:00 | 000,000,000 | -HSD | C] -- C:\Windows\SysNative\%APPDATA%
[2012/07/21 21:13:56 | 000,000,000 | ---D | C] -- C:\ProgramData\225932FD815043E2B091B697F875F002
[2012/07/21 21:10:09 | 000,000,000 | ---D | C] -- C:\Users\Ramkishen\Desktop\recovery-clockwork-2.5.1.2-galaxys
[2012/07/21 19:52:29 | 000,000,000 | ---D | C] -- C:\Users\Ramkishen\Desktop\Phone Backup
[2012/07/21 19:43:37 | 000,000,000 | ---D | C] -- C:\Users\Ramkishen\Desktop\GT_I9000_ZSJW4_ZSJW1_OZSJW4_Sbl
[2012/07/21 18:58:15 | 000,000,000 | ---D | C] -- C:\Users\Ramkishen\Desktop\Odin v1.82_and_512.pit_513.pit_803.pit_files
[2012/07/21 18:35:20 | 000,000,000 | ---D | C] -- C:\Users\Ramkishen\Desktop\Odin3 v1.85
[2012/07/21 18:00:25 | 000,123,520 | ---- | C] (ZTE Incorporated) -- C:\Windows\SysNative\drivers\ZTEusbser6k.sys
[2012/07/21 18:00:25 | 000,123,520 | ---- | C] (ZTE Incorporated) -- C:\Windows\SysNative\drivers\ZTEusbnmea.sys
[2012/07/21 18:00:25 | 000,123,520 | ---- | C] (ZTE Incorporated) -- C:\Windows\SysNative\drivers\ZTEusbmdm6k.sys
[2012/07/21 18:00:25 | 000,011,776 | ---- | C] (MBB Incorporated) -- C:\Windows\SysNative\drivers\massfilter.sys
[2012/07/21 18:00:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Reliance 3G
[2012/07/21 17:59:54 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\SupportAppCB
[2012/07/21 17:59:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Reliance 3G
[2012/07/20 02:22:36 | 000,000,000 | ---D | C] -- C:\Users\Ramkishen\Desktop\com.sec.android.app.memo-20120710-220834
[2012/07/19 06:02:39 | 000,000,000 | ---D | C] -- C:\Users\Ramkishen\Desktop\clockworkmod
[2012/07/08 20:38:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Astro-Vision LifeSign Mini
[2012/07/08 20:38:01 | 000,000,000 | ---D | C] -- C:\Users\Ramkishen\AppData\Roaming\LifeSignMini
[2012/07/08 20:38:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LifeSignMini
[2012/07/05 05:55:54 | 000,000,000 | ---D | C] -- C:\Users\Ramkishen\AppData\Roaming\Malwarebytes
[2012/07/05 05:55:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012/07/05 05:55:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012/07/05 05:55:41 | 000,024,904 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012/07/05 05:55:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012/07/05 05:30:42 | 010,063,000 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\Ramkishen\Desktop\mbam-setup-1.61.0.1400.exe
[2012/07/05 02:45:47 | 000,000,000 | ---D | C] -- C:\Users\Ramkishen\AppData\Local\{A4BAEAC2-2EC3-49D1-AF12-89E40E42895D}
[2012/07/05 02:45:28 | 000,000,000 | ---D | C] -- C:\Users\Ramkishen\AppData\Local\{BBEBDF4A-8FEF-4D6A-B0F2-C3E5CD2153DC}
[2012/07/05 02:45:06 | 000,000,000 | ---D | C] -- C:\Users\Ramkishen\AppData\Local\{E9290719-751C-4D8A-8F5C-8EB71508AF85}
[2012/07/02 02:37:13 | 000,000,000 | ---D | C] -- C:\Users\Ramkishen\Desktop\586643
[2012/06/29 01:05:54 | 000,000,000 | ---D | C] -- C:\Users\Ramkishen\AppData\Local\Macromedia
[1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2012/07/22 05:13:51 | 000,714,580 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/07/22 05:13:51 | 000,620,086 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/07/22 05:13:51 | 000,107,978 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/07/22 05:08:38 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/07/22 05:08:33 | 3180,220,416 | -HS- | M] () -- C:\hiberfil.sys
[2012/07/22 04:51:08 | 000,000,924 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1930665232-349164325-645168838-1000UA.job
[2012/07/22 04:19:42 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\Ramkishen\Desktop\OTL.exe
[2012/07/22 04:11:20 | 000,032,064 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/07/22 04:11:20 | 000,032,064 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/07/22 03:56:37 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2012/07/22 03:44:24 | 004,582,474 | R--- | M] (Swearware) -- C:\Users\Ramkishen\Desktop\ComboFix.exe
[2012/07/22 03:00:09 | 000,050,924 | ---- | M] () -- C:\Users\Ramkishen\Desktop\Untitled1.png
[2012/07/22 01:57:37 | 001,437,781 | ---- | M] (Farbar) -- C:\Users\Ramkishen\Desktop\FRST64.exe
[2012/07/22 01:12:44 | 000,110,872 | ---- | M] () -- C:\Users\Ramkishen\Desktop\Untitled.png
[2012/07/22 00:56:58 | 000,607,260 | R--- | M] (Swearware) -- C:\Users\Ramkishen\Desktop\dds.scr
[2012/07/22 00:56:34 | 000,667,872 | ---- | M] () -- C:\Users\Ramkishen\Desktop\UPDATED 5-step Viruses_Spyware_Malware Preliminary Removal Instructions - TechSpot Forums.mht
[2012/07/22 00:52:52 | 000,302,592 | ---- | M] () -- C:\Users\Ramkishen\Desktop\ufh3ih3c.exe
[2012/07/21 23:42:51 | 000,000,036 | ---- | M] () -- C:\Users\Ramkishen\AppData\Local\housecall.guid.cache
[2012/07/21 23:42:06 | 002,406,064 | ---- | M] (Trend Micro Inc.) -- C:\Users\Ramkishen\Desktop\HousecallLauncher64.exe
[2012/07/21 21:09:58 | 001,804,447 | ---- | M] () -- C:\Users\Ramkishen\Desktop\recovery-clockwork-2.5.1.2-galaxys.zip
[2012/07/21 19:50:01 | 001,596,930 | ---- | M] () -- C:\Users\Ramkishen\Desktop\xda-developers - View Single Post - [Firmwares]Official I9000_I9000M Firmwares collection [Latest_ XWJW8, DDJVB, XWJW7].mht
[2012/07/21 19:42:26 | 161,403,811 | ---- | M] () -- C:\Users\Ramkishen\Desktop\GT_I9000_ZSJW4_ZSJW1_OZSJW4_Sbl.7z
[2012/07/21 18:58:04 | 000,160,881 | ---- | M] () -- C:\Users\Ramkishen\Desktop\Odin v1.82_and_512.pit_513.pit_803.pit_files.7z
[2012/07/21 18:51:05 | 000,000,872 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1930665232-349164325-645168838-1000Core.job
[2012/07/21 18:34:51 | 005,487,403 | ---- | M] () -- C:\Users\Ramkishen\Desktop\Odin3 v1.85.rar
[2012/07/21 18:05:36 | 000,193,404 | ---- | M] () -- C:\Users\Ramkishen\Desktop\mts.xps
[2012/07/21 18:00:15 | 000,001,940 | ---- | M] () -- C:\Users\Public\Desktop\Reliance 3G.lnk
[2012/07/21 05:43:01 | 000,208,034 | ---- | M] () -- C:\Users\Ramkishen\Desktop\MTS.mht
[2012/07/21 04:07:46 | 517,780,083 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2012/07/19 04:56:08 | 000,444,684 | ---- | M] () -- C:\Users\Ramkishen\Desktop\cm-9-20120718-EXPERIMENTAL-galaxysmtd-stk.zip
[2012/07/19 03:36:35 | 000,197,521 | ---- | M] () -- C:\Users\Ramkishen\Desktop\DAD july bill.png
[2012/07/18 07:34:42 | 000,001,109 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/07/15 00:01:19 | 000,000,348 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForRamkishen.job
[2012/07/11 03:38:34 | 000,027,751 | ---- | M] () -- C:\Users\Ramkishen\Desktop\com.sec.android.app.memo-20120710-220834.tar.gz
[2012/07/11 03:33:56 | 000,950,058 | ---- | M] () -- C:\Users\Ramkishen\Desktop\FULL - DarkyROM v11.0 Black Edition [Android 4.0.4 ICS] _ DarkyROM.mht
[2012/07/11 02:21:37 | 000,719,839 | ---- | M] () -- C:\Users\Ramkishen\Desktop\IndianOfficer - [Toppers Interview] Arvind Menon (AIR 201_CSE 2011).mht
[2012/07/11 02:05:45 | 000,280,656 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012/07/05 05:33:11 | 010,063,000 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\Ramkishen\Desktop\mbam-setup-1.61.0.1400.exe
[2012/07/04 02:54:10 | 000,060,066 | ---- | M] () -- C:\Users\Ramkishen\Desktop\lol.xps
[2012/07/04 00:13:33 | 000,749,793 | ---- | M] () -- C:\Users\Ramkishen\Desktop\Mrunal.mht
[2012/07/03 13:46:44 | 000,024,904 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012/07/02 21:02:48 | 000,048,543 | ---- | M] () -- C:\Users\Ramkishen\Desktop\pirate-1341262968465.jpeg
[2012/07/02 02:28:28 | 000,029,568 | ---- | M] () -- C:\Users\Ramkishen\Desktop\586643.zip
[1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files Created - No Company Name ==========
[2012/07/22 03:50:05 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2012/07/22 03:50:05 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2012/07/22 03:50:05 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2012/07/22 03:50:05 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2012/07/22 03:50:05 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2012/07/22 03:00:08 | 000,050,924 | ---- | C] () -- C:\Users\Ramkishen\Desktop\Untitled1.png
[2012/07/22 01:12:44 | 000,110,872 | ---- | C] () -- C:\Users\Ramkishen\Desktop\Untitled.png
[2012/07/22 00:56:32 | 000,667,872 | ---- | C] () -- C:\Users\Ramkishen\Desktop\UPDATED 5-step Viruses_Spyware_Malware Preliminary Removal Instructions - TechSpot Forums.mht
[2012/07/22 00:52:52 | 000,302,592 | ---- | C] () -- C:\Users\Ramkishen\Desktop\ufh3ih3c.exe
[2012/07/21 23:42:51 | 000,000,036 | ---- | C] () -- C:\Users\Ramkishen\AppData\Local\housecall.guid.cache
[2012/07/21 21:09:40 | 001,804,447 | ---- | C] () -- C:\Users\Ramkishen\Desktop\recovery-clockwork-2.5.1.2-galaxys.zip
[2012/07/21 19:50:01 | 001,596,930 | ---- | C] () -- C:\Users\Ramkishen\Desktop\xda-developers - View Single Post - [Firmwares]Official I9000_I9000M Firmwares collection [Latest_ XWJW8, DDJVB, XWJW7].mht
[2012/07/21 19:00:21 | 161,403,811 | ---- | C] () -- C:\Users\Ramkishen\Desktop\GT_I9000_ZSJW4_ZSJW1_OZSJW4_Sbl.7z
[2012/07/21 18:58:04 | 000,160,881 | ---- | C] () -- C:\Users\Ramkishen\Desktop\Odin v1.82_and_512.pit_513.pit_803.pit_files.7z
[2012/07/21 18:33:59 | 005,487,403 | ---- | C] () -- C:\Users\Ramkishen\Desktop\Odin3 v1.85.rar
[2012/07/21 18:05:35 | 000,193,404 | ---- | C] () -- C:\Users\Ramkishen\Desktop\mts.xps
[2012/07/21 18:00:15 | 000,001,940 | ---- | C] () -- C:\Users\Public\Desktop\Reliance 3G.lnk
[2012/07/21 05:43:01 | 000,208,034 | ---- | C] () -- C:\Users\Ramkishen\Desktop\MTS.mht
[2012/07/20 02:22:30 | 000,027,751 | ---- | C] () -- C:\Users\Ramkishen\Desktop\com.sec.android.app.memo-20120710-220834.tar.gz
[2012/07/19 04:55:49 | 000,444,684 | ---- | C] () -- C:\Users\Ramkishen\Desktop\cm-9-20120718-EXPERIMENTAL-galaxysmtd-stk.zip
[2012/07/19 04:11:23 | 000,048,543 | ---- | C] () -- C:\Users\Ramkishen\Desktop\pirate-1341262968465.jpeg
[2012/07/19 03:36:35 | 000,197,521 | ---- | C] () -- C:\Users\Ramkishen\Desktop\DAD july bill.png
[2012/07/11 03:33:55 | 000,950,058 | ---- | C] () -- C:\Users\Ramkishen\Desktop\FULL - DarkyROM v11.0 Black Edition [Android 4.0.4 ICS] _ DarkyROM.mht
[2012/07/11 02:21:37 | 000,719,839 | ---- | C] () -- C:\Users\Ramkishen\Desktop\IndianOfficer - [Toppers Interview] Arvind Menon (AIR 201_CSE 2011).mht
[2012/07/05 05:55:44 | 000,001,109 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/07/04 02:54:09 | 000,060,066 | ---- | C] () -- C:\Users\Ramkishen\Desktop\lol.xps
[2012/07/04 00:13:33 | 000,749,793 | ---- | C] () -- C:\Users\Ramkishen\Desktop\Mrunal.mht
[2012/07/02 02:28:28 | 000,029,568 | ---- | C] () -- C:\Users\Ramkishen\Desktop\586643.zip
[2012/05/26 04:03:00 | 000,000,041 | ---- | C] () -- C:\Users\Ramkishen\ziprecovery.ini
[2012/01/14 03:12:46 | 000,722,802 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011/09/30 22:42:20 | 000,053,760 | ---- | C] () -- C:\Windows\SysWow64\OVDecode.dll
[2011/08/09 08:30:02 | 000,216,000 | ---- | C] () -- C:\Windows\SysWow64\igfcg600m.bin
[2011/08/09 08:23:26 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
[2011/08/09 07:58:38 | 013,903,872 | ---- | C] () -- C:\Windows\SysWow64\ig4icd32.dll
[2011/08/05 11:57:16 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2011/08/05 11:54:35 | 000,014,051 | ---- | C] () -- C:\Windows\SysWow64\RaCoInst.dat
[2011/08/05 11:50:56 | 000,003,155 | ---- | C] () -- C:\Windows\SysWow64\atipblup.dat
[2011/08/05 11:49:44 | 000,145,804 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin
[2011/04/09 18:55:28 | 000,179,261 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2011/03/25 22:16:08 | 000,963,116 | ---- | C] () -- C:\Windows\SysWow64\igkrng600.bin
[2011/03/17 13:51:46 | 000,003,929 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2011/02/23 05:10:34 | 000,007,736 | ---- | C] () -- C:\Windows\hpDSTRES.DLL
[2010/12/17 07:56:22 | 000,066,856 | ---- | C] () -- C:\Windows\SysWow64\SynTPEnhPS.dll
========== LOP Check ==========
[2012/03/06 23:44:37 | 000,000,000 | ---D | M] -- C:\Users\Default\AppData\Roaming\ZTEEVDO
[2012/03/06 23:44:37 | 000,000,000 | ---D | M] -- C:\Users\Default User\AppData\Roaming\ZTEEVDO
[2012/02/20 23:17:05 | 000,000,000 | ---D | M] -- C:\Users\Ramkishen\AppData\Roaming\AnvSoft
[2012/06/02 22:47:04 | 000,000,000 | ---D | M] -- C:\Users\Ramkishen\AppData\Roaming\Big Fish Games
[2012/03/01 09:11:41 | 000,000,000 | ---D | M] -- C:\Users\Ramkishen\AppData\Roaming\DiskAid
[2012/03/01 21:13:48 | 000,000,000 | ---D | M] -- C:\Users\Ramkishen\AppData\Roaming\ESET
[2012/01/01 23:40:37 | 000,000,000 | ---D | M] -- C:\Users\Ramkishen\AppData\Roaming\Flood Light Games
[2012/02/07 03:31:38 | 000,000,000 | ---D | M] -- C:\Users\Ramkishen\AppData\Roaming\funkitron
[2011/12/30 14:11:44 | 000,000,000 | ---D | M] -- C:\Users\Ramkishen\AppData\Roaming\IDT
[2012/07/08 21:05:33 | 000,000,000 | ---D | M] -- C:\Users\Ramkishen\AppData\Roaming\LifeSignMini
[2012/03/25 20:48:31 | 000,000,000 | ---D | M] -- C:\Users\Ramkishen\AppData\Roaming\ooVoo Details
[2012/01/03 00:54:21 | 000,000,000 | ---D | M] -- C:\Users\Ramkishen\AppData\Roaming\Opera
[2012/04/09 01:37:55 | 000,000,000 | ---D | M] -- C:\Users\Ramkishen\AppData\Roaming\PlayFirst
[2012/07/09 01:56:16 | 000,000,000 | ---D | M] -- C:\Users\Ramkishen\AppData\Roaming\SoftGrid Client
[2011/12/30 07:30:18 | 000,000,000 | ---D | M] -- C:\Users\Ramkishen\AppData\Roaming\Synaptics
[2012/01/14 03:13:12 | 000,000,000 | ---D | M] -- C:\Users\Ramkishen\AppData\Roaming\TP
[2012/07/16 00:13:16 | 000,000,000 | ---D | M] -- C:\Users\Ramkishen\AppData\Roaming\uTorrent
[2012/01/22 01:50:32 | 000,000,000 | ---D | M] -- C:\Users\Ramkishen\AppData\Roaming\VitySoft
[2012/01/07 20:19:33 | 000,000,000 | ---D | M] -- C:\Users\Ramkishen\AppData\Roaming\ZTEEVDO
[2012/06/30 21:05:12 | 000,032,608 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 150 bytes -> C:\ProgramData\Temp:70B9C530
@Alternate Data Stream - 122 bytes -> C:\ProgramData\Temp:661DFA1C
< End of report >