Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

True Love

Started by Rajgirish , Mar 27 2009 02:37 AM

  • Please log in to reply

#1
Rajgirish
Posted 27 March 2009 - 02:37 AM

Rajgirish

    New Member

  • Member
  • Pip
  • 3 posts
I am not able to get FOLDER OPTIONS in TOOLS option (in the title bar)....any pen drive when inserted gets infected with the virus True Love.....OTListIt logfile created on: 3/28/2009 7:01:05 PM - Run 1
OTListIt2 by OldTimer - Version 2.0.7.2 Folder = e:\Downloads\Software
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 1.27 Gb Available Physical Memory | 63.63% Memory free
3.34 Gb Paging File | 2.73 Gb Available in Paging File | 81.79% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048;

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 18.62 Gb Total Space | 7.91 Gb Free Space | 42.47% Space Free | Partition Type: FAT32
Drive D: | 69.84 Gb Total Space | 29.65 Gb Free Space | 42.45% Space Free | Partition Type: FAT32
Drive E: | 69.84 Gb Total Space | 26.96 Gb Free Space | 38.60% Space Free | Partition Type: FAT32
Drive F: | 46.59 Gb Total Space | 45.39 Gb Free Space | 97.41% Space Free | Partition Type: FAT32
Drive G: | 27.92 Gb Total Space | 17.76 Gb Free Space | 63.61% Space Free | Partition Type: FAT32
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: A-9AA19CCF8E264
Current User Name: abc
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Output = Minimal
File Age = 30 Days
Company Name Whitelist: On

========== Processes (SafeList) ==========

PRC - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe (Avira GmbH)
PRC - C:\WINDOWS\system32\MsRun32.exe ()
PRC - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe (Avira GmbH)
PRC - C:\WINDOWS\RTHDCPL.EXE (Realtek Semiconductor Corp.)
PRC - F:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.)
PRC - C:\Program Files\Google\Google Talk\googletalk.exe (Google)
PRC - F:\Program Files\DAEMON Tools\daemon.exe (DT Soft Ltd.)
PRC - C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe (Cyberlink Corp.)
PRC - C:\Program Files\Grisoft\AVG Free\avgcc.exe (GRISOFT, s.r.o.)
PRC - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)
PRC - C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
PRC - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
PRC - C:\Documents and Settings\abc\Local Settings\Application Data\Google\Update\GoogleUpdate.exe (Google Inc.)
PRC - F:\Program Files\RocketDock\RocketDock.exe ()
PRC - C:\WINDOWS\system32\MsRun32.exe ()
PRC - C:\Program Files\WinZip\WZQKPICK.EXE (WinZip Computing, Inc.)
PRC - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe (Avira GmbH)
PRC - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (Apple, Inc.)
PRC - C:\Program Files\Grisoft\AVG Free\avgamsvr.exe (GRISOFT, s.r.o.)
PRC - C:\Program Files\Grisoft\AVG Free\avgupsvc.exe (GRISOFT, s.r.o.)
PRC - C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc.)
PRC - C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe (Microsoft Corporation)
PRC - C:\WINDOWS\system32\nvsvc32.exe (NVIDIA Corporation)
PRC - C:\Program Files\CyberLink\Shared files\RichVideo.exe ()
PRC - C:\Program Files\VMware\VMware Player\vmware-authd.exe (VMware, Inc.)
PRC - C:\Program Files\Common Files\VMware\VMware Virtual Image Editing\vmount2.exe (VMware, Inc.)
PRC - C:\WINDOWS\system32\vmnat.exe (VMware, Inc.)
PRC - C:\WINDOWS\system32\vmnetdhcp.exe (VMware, Inc.)
PRC - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Macrovision Europe Ltd.)
PRC - C:\Program Files\iPod\bin\iPodService.exe (Apple Inc.)
PRC - C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe (Yahoo! Inc.)
PRC - C:\WINDOWS\Explorer.exe (Microsoft Corporation)
PRC - C:\WINDOWS\system32\MsRun32.exe ()
PRC - C:\Documents and Settings\abc\Local Settings\Application Data\Google\Chrome\Application\chrome.exe (Google Inc.)
PRC - C:\Documents and Settings\abc\Local Settings\Application Data\Google\Chrome\Application\chrome.exe (Google Inc.)
PRC - C:\Documents and Settings\abc\Local Settings\Application Data\Google\Chrome\Application\chrome.exe (Google Inc.)
PRC - C:\Documents and Settings\abc\Local Settings\Application Data\Google\Chrome\Application\chrome.exe (Google Inc.)
PRC - f:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - f:\Program Files\Free Download Manager\fdm.exe (FreeDownloadManager.ORG)
PRC - e:\Downloads\Software\OTListIt2.exe (OldTimer Tools)

========== Win32 Services (SafeList) ==========

SRV - (Adobe LM Service [On_Demand | Stopped]) -- C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe (Adobe Systems)
SRV - (AntiVirScheduler [Auto | Running]) -- C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe (Avira GmbH)
SRV - (AntiVirService [Auto | Running]) -- C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe (Avira GmbH)
SRV - (Apple Mobile Device [Auto | Running]) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (Apple, Inc.)
SRV - (aspnet_state [On_Demand | Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (Microsoft Corporation)
SRV - (Autodesk Licensing Service [On_Demand | Stopped]) -- C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe (Autodesk)
SRV - (Avg7Alrt [Auto | Running]) -- C:\Program Files\Grisoft\AVG Free\avgamsvr.exe (GRISOFT, s.r.o.)
SRV - (Avg7UpdSvc [Auto | Running]) -- C:\Program Files\Grisoft\AVG Free\avgupsvc.exe (GRISOFT, s.r.o.)
SRV - (Bonjour Service [Auto | Running]) -- C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc.)
SRV - (clr_optimization_v2.0.50727_32 [On_Demand | Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (FLEXnet Licensing Service [On_Demand | Running]) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Macrovision Europe Ltd.)
SRV - (gusvc [On_Demand | Stopped]) -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe (Google)
SRV - (helpsvc [Auto | Running]) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll (Microsoft Corporation)
SRV - (iPod Service [On_Demand | Running]) -- C:\Program Files\iPod\bin\iPodService.exe (Apple Inc.)
SRV - (MDM [Auto | Running]) -- C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe (Microsoft Corporation)
SRV - (NVSvc [Auto | Running]) -- C:\WINDOWS\system32\nvsvc32.exe (NVIDIA Corporation)
SRV - (RichVideo [Auto | Running]) -- C:\Program Files\CyberLink\Shared files\RichVideo.exe ()
SRV - (VMAuthdService [Auto | Running]) -- C:\Program Files\VMware\VMware Player\vmware-authd.exe (VMware, Inc.)
SRV - (VMnetDHCP [Auto | Running]) -- C:\WINDOWS\system32\vmnetdhcp.exe (VMware, Inc.)
SRV - (vmount2 [Auto | Running]) -- C:\Program Files\Common Files\VMware\VMware Virtual Image Editing\vmount2.exe (VMware, Inc.)
SRV - (VMware NAT Service [Auto | Running]) -- C:\WINDOWS\system32\vmnat.exe (VMware, Inc.)

========== Driver Services (SafeList) ==========

DRV - (Avg7Core [System | Running]) -- C:\WINDOWS\System32\Drivers\avg7core.sys (GRISOFT, s.r.o.)
DRV - (Avg7RsW [System | Running]) -- C:\WINDOWS\System32\Drivers\avg7rsw.sys (GRISOFT, s.r.o.)
DRV - (Avg7RsXP [System | Running]) -- C:\WINDOWS\System32\Drivers\avg7rsxp.sys (GRISOFT, s.r.o.)
DRV - (avgio [System | Running]) -- C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgio.sys (Avira GmbH)
DRV - (avgntflt [On_Demand | Running]) -- C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgntflt.sys (Avira GmbH)
DRV - (avipbb [System | Running]) -- C:\WINDOWS\system32\DRIVERS\avipbb.sys (Avira GmbH)
DRV - (dtscsi [On_Demand | Running]) -- C:\WINDOWS\System32\Drivers\dtscsi.sys ()
DRV - (e1express [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\e1e5132.sys (Intel Corporation)
DRV - (GEARAspiWDM [On_Demand | Running]) -- C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV - (hcmon [Auto | Running]) -- C:\WINDOWS\system32\Drivers\hcmon.sys (VMware, Inc.)
DRV - (HDAudBus [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\HDAudBus.sys (Windows ® Server 2003 DDK provider)
DRV - (HECI [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\HECI.sys (Intel Corporation)
DRV - (IntcAzAudAddService [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\RtkHDAud.sys (Realtek Semiconductor Corp.)
DRV - (nv [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\nv4_mini.sys (NVIDIA Corporation)
DRV - (Ptilink [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\ptilink.sys (Parallel Technologies, Inc.)
DRV - (PxHelp20 [Boot | Running]) -- C:\WINDOWS\System32\Drivers\PxHelp20.sys (Sonic Solutions)
DRV - (RTLE8023xp [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys (Realtek Semiconductor Corporation )
DRV - (Secdrv [Auto | Running]) -- C:\WINDOWS\system32\DRIVERS\secdrv.sys (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)
DRV - (sptd [Boot | Running]) -- C:\WINDOWS\System32\Drivers\sptd.sys ()
DRV - (ssmdrv [System | Running]) -- C:\WINDOWS\system32\DRIVERS\ssmdrv.sys (Avira GmbH)
DRV - (VMnetAdapter [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\vmnetadapter.sys (VMware, Inc.)
DRV - (VMnetBridge [Auto | Running]) -- C:\WINDOWS\system32\DRIVERS\vmnetbridge.sys (VMware, Inc.)
DRV - (VMnetuserif [Auto | Running]) -- C:\WINDOWS\system32\drivers\vmnetuserif.sys (VMware, Inc.)
DRV - (VMparport [Auto | Running]) -- C:\WINDOWS\system32\Drivers\VMparport.sys (VMware, Inc.)
DRV - (vmx86 [Auto | Running]) -- C:\WINDOWS\system32\Drivers\vmx86.sys (VMware, Inc.)
DRV - (vstor2 [Auto | Running]) -- C:\Program Files\Common Files\VMware\VMware Virtual Image Editing\vstor2.sys (VMware, Inc.)

========== Standard Registry (All) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.c...//www.yahoo.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn...st/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomSearch = http://us.rd.yahoo.c...rch/search.html
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,First Home Page = http://www.microsoft...P...pdate&O1=b1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Page_Transitions = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://www.yahoo.com/"
FF - prefs.js..extensions.enabledItems: [email protected]:1.3.4
FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:1.6.2.20080910
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.0


FF - HKLM\software\mozilla\Mozilla Firefox 3.0\extensions\\Components: F:\PROGRAM FILES\MOZILLA FIREFOX\COMPONENTS [2008/12/24 00:38:04 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0\extensions\\Plugins: F:\PROGRAM FILES\MOZILLA FIREFOX\PLUGINS [2008/12/24 00:38:04 | 00,000,000 | ---D | M]

[2008/12/24 00:38:10 | 00,000,000 | ---D | M] -- C:\Documents and Settings\abc\Application Data\mozilla\Extensions
[2008/12/24 00:38:10 | 00,000,000 | ---D | M] -- C:\Documents and Settings\abc\Application Data\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2008/12/24 00:38:10 | 00,000,000 | ---D | M] -- C:\Documents and Settings\abc\Application Data\mozilla\Firefox\Profiles\bybp4idb.default\extensions
[2009/01/26 12:18:30 | 00,000,000 | ---D | M] -- C:\Documents and Settings\abc\Application Data\mozilla\Firefox\Profiles\bybp4idb.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}

O1 HOSTS File: (734 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (MyWebSearch Search Assistant BHO) - {00A6FAF1-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLL (MyWebSearch.com)
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll (Google Inc.)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll (Google Inc.)
O2 - BHO: (FDMIECookiesBHO Class) - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - f:\Program Files\Free Download Manager\iefdm2.dll ()
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (&Google) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\SHELL32.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Acrobat Assistant 8.0] "C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe" (Adobe Systems Inc.)
O4 - HKLM..\Run: [Alcmtr] ALCMTR.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP (GRISOFT, s.r.o.)
O4 - HKLM..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min (Avira GmbH)
O4 - HKLM..\Run: [DAEMON Tools] "F:\Program Files\DAEMON Tools\daemon.exe" -lang 1033 (DT Soft Ltd.)
O4 - HKLM..\Run: [googletalk] C:\Program Files\Google\Google Talk\googletalk.exe /autostart (Google)
O4 - HKLM..\Run: [iTunesHelper] "F:\Program Files\iTunes\iTunesHelper.exe" (Apple Inc.)
O4 - HKLM..\Run: [LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe" ()
O4 - HKLM..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] nwiz.exe /install ()
O4 - HKLM..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime (Apple Inc.)
O4 - HKLM..\Run: [RealTray] C:\Program Files\Real Alternative\mpclauncher.exe SYSTEMBOOTHIDEPLAYER ()
O4 - HKLM..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" (Cyberlink Corp.)
O4 - HKLM..\Run: [RTHDCPL] RTHDCPL.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [SkyTel] SkyTel.EXE (Realtek Semiconductor Corp.)
O4 - HKCU..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation)
O4 - HKCU..\Run: [fsm] File not found
O4 - HKCU..\Run: [Google Update] "C:\Documents and Settings\abc\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c (Google Inc.)
O4 - HKCU..\Run: [Messenger (Yahoo!)] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet (Yahoo! Inc.)
O4 - HKCU..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background (Microsoft Corporation)
O4 - HKCU..\Run: [MSN Messengger] C:\WINDOWS\system32\MsRun32.exe ()
O4 - HKCU..\Run: [RocketDock] "F:\Program Files\RocketDock\RocketDock.exe" ()
O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Acrobat Speed Launcher.lnk = C:\WINDOWS\Installer\{AC76BA86-1033-F400-7760-000000000003}\_SC_Acrobat.exe ()
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Acrobat Synchronizer.lnk = C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AdobeCollabSync.exe ()
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE (WinZip Computing, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NofolderOptions = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 1
O8 - Extra context menu item: Append to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Download all with Free Download Manager - file://f:\Program Files\Free Download Manager\dlall.htm
O8 - Extra context menu item: Download selected with Free Download Manager - file://f:\Program Files\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Download video with Free Download Manager - file://f:\Program Files\Free Download Manager\dlfvideo.htm
O8 - Extra context menu item: Download with Free Download Manager - file://f:\Program Files\Free Download Manager\dllink.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra Button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll (Microsoft Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [Tcpip] - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [NTDS] - C:\WINDOWS\System32\winrnr.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [Network Location Awareness (NLA) Namespace] - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [mdnsNSP] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} http://ak.exe.imgfar...etup1.0.1.1.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Interfaces\{A4E2592E-F5ED-42BC-A6EC-3D1A3DECDAC2}\\NameServer = 218.248.255.145,218.248.255.193
O18 - Protocol\Filter: - application/octet-stream - C:\WINDOWS\system32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter: - application/x-complus - C:\WINDOWS\system32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter: - application/x-msdownload - C:\WINDOWS\system32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter: - Class Install Handler - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter: - deflate - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter: - gzip - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter: - lzdhtml - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter: - text/webviewhtml - C:\WINDOWS\system32\SHELL32.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\Explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (MsRun32.exe) - C:\WINDOWS\system32\MsRun32.exe ()
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UIHost - (logonui.exe) - C:\WINDOWS\system32\logonui.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (rundll32 shell32) - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") - C:\WINDOWS\system32\sysdm.cpl (Microsoft Corporation)
O20 - Winlogon\Notify\crypt32chain: DllName - crypt32.dll - C:\WINDOWS\system32\crypt32.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cryptnet: DllName - cryptnet.dll - C:\WINDOWS\system32\cryptnet.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cscdll: DllName - cscdll.dll - C:\WINDOWS\system32\cscdll.dll (Microsoft Corporation)
O20 - Winlogon\Notify\ScCertProp: DllName - wlnotify.dll - C:\WINDOWS\system32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\Schedule: DllName - wlnotify.dll - C:\WINDOWS\system32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\sclgntfy: DllName - sclgntfy.dll - C:\WINDOWS\system32\sclgntfy.dll (Microsoft Corporation)
O20 - Winlogon\Notify\SensLogn: DllName - WlNotify.dll - C:\WINDOWS\system32\WlNotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\termsrv: DllName - wlnotify.dll - C:\WINDOWS\system32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\wlballoon: DllName - wlnotify.dll - C:\WINDOWS\system32\wlnotify.dll (Microsoft Corporation)
O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - C:\WINDOWS\system32\SHELL32.dll (Microsoft Corporation)
O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - C:\WINDOWS\system32\SHELL32.dll (Microsoft Corporation)
O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - C:\WINDOWS\system32\stobject.dll (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\WINDOWS\system32\webcheck.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {438755C2-A8BA-11D1-B96B-00A0C90312E1} - Browseui preloader - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Component Categories cache daemon - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
O24 - Desktop Components:0 (My Current Home Page) - About:Home
O27 - HKLM IFEO\Your Image File Name Here without a path: Debugger - C:\WINDOWS\System32\ntsd.exe (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (msapsspc.dll) - C:\WINDOWS\system32\msapsspc.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - ( schannel.dll) - C:\WINDOWS\system32\schannel.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - ( digest.dll) - C:\WINDOWS\system32\digest.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - ( msnsspc.dll) - C:\WINDOWS\system32\msnsspc.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\WINDOWS\System32\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\WINDOWS\System32\wdigest.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 0
O32 - Autorun File - C:\AUTOEXEC.BAT () - [ FAT32 ]
O33 - MountPoints2\{17855496-421b-11d8-a003-005056c00008}\Shell\AutoRun\command - "" = J:\AutoRun\AutoStart.exe -- File not found
O33 - MountPoints2\{17855496-421b-11d8-a003-005056c00008}\Shell\Explore\Command - "" = J:\AutoRun\AutoStart.exe -- File not found
O33 - MountPoints2\{17855496-421b-11d8-a003-005056c00008}\Shell\Open\Command - "" = J:\AutoRun\AutoStart.exe -- File not found
O33 - MountPoints2\{34c8f91a-d8f5-11dd-9fad-001cc0537959}\Shell - "" = AutoRun
O33 - MountPoints2\{34c8f91a-d8f5-11dd-9fad-001cc0537959}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{34c8f91a-d8f5-11dd-9fad-001cc0537959}\Shell\AutoRun\command - "" = J:\MultiRun.exe -- File not found
O33 - MountPoints2\{34c8f91a-d8f5-11dd-9fad-001cc0537959}\Shell\configure\command - "" = J:\ThumbDriveGuardSetup.exe -- File not found
O33 - MountPoints2\{34c8f91a-d8f5-11dd-9fad-001cc0537959}\Shell\install\command - "" = J:\ThumbDriveGuardSetup.exe -- File not found
O33 - MountPoints2\{34c8f91b-d8f5-11dd-9fad-001cc0537959}\Shell\AutoRun\command - "" = K:\System\Security\FlashGuard.exe -- File not found
O33 - MountPoints2\{34c8f91b-d8f5-11dd-9fad-001cc0537959}\Shell\Explore\Command - "" = K:\System\Security\FlashGuard.exe -- File not found
O33 - MountPoints2\{34c8f91b-d8f5-11dd-9fad-001cc0537959}\Shell\Open\Command - "" = K:\System\Security\FlashGuard.exe -- File not found
O33 - MountPoints2\{cbc6dda0-af38-11dd-9f25-001cc0537959}\Shell\AutoRun\command - "" = RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\iuhi64.exe
O33 - MountPoints2\{cbc6dda0-af38-11dd-9f25-001cc0537959}\Shell\open\command - "" = RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\iuhi64.exe
O33 - MountPoints2\{cc2cd78c-b65d-11dd-9f33-001cc0537959}\Shell - "" = AutoRun
O33 - MountPoints2\{cc2cd78c-b65d-11dd-9f33-001cc0537959}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{cc2cd78c-b65d-11dd-9f33-001cc0537959}\Shell\AutoRun\command - "" = C:\WINDOWS\system32\Shell32.DLL -- [2004/08/03 19:26:46 | 08,384,000 | ---- | M] (Microsoft Corporation)
O33 - MountPoints2\{ccbe39f4-b89f-11dd-9f38-001cc0537959}\Shell\aUTOplay\commAnd - "" = J:\udbgt.exe -- File not found
O33 - MountPoints2\{ccbe39f4-b89f-11dd-9f38-001cc0537959}\Shell\AutoRun\command - "" = J:\udbgt.exe -- File not found
O33 - MountPoints2\{ccbe39f4-b89f-11dd-9f38-001cc0537959}\Shell\eXPloRE\Command - "" = J:\udbgt.exe -- File not found
O33 - MountPoints2\{ccbe39f4-b89f-11dd-9f38-001cc0537959}\Shell\OPEn\cOmMand - "" = J:\udbgt.exe -- File not found
O33 - MountPoints2\{df4e63e6-afe4-11dd-9f26-001cc0537959}\Shell\AutoRun\command - "" = J:\RESTORE\S-1-5-21-1482476501-1644491937-682003330-1013\lin32.exe -- File not found
O33 - MountPoints2\{df4e63e6-afe4-11dd-9f26-001cc0537959}\Shell\open\command - "" = J:\RESTORE\S-1-5-21-1482476501-1644491937-682003330-1013\lin32.exe -- File not found
O33 - MountPoints2\{ec9eda42-0cc0-11de-a034-005056c00008}\Shell\AutoRun\command - "" = RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\iuhi64.exe
O33 - MountPoints2\{ec9eda42-0cc0-11de-a034-005056c00008}\Shell\open\command - "" = RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\iuhi64.exe
O33 - MountPoints2\{ff4b422f-d689-11dd-9fa0-001cc0537959}\Shell\AutoRun\command - "" = I:\winf.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found

========== Files/Folders - Created Within 30 Days ==========

File not found -- C:\WINDOWS\System32\autorun.ini
[2009/03/26 23:11:54 | 01,900,305 | RHS- | C] () -- C:\WINDOWS\System32\MsRun32.exe
[2009/03/26 23:11:54 | 01,900,305 | ---- | C] () -- C:\WINDOWS\MsRun32.exe
[2009/03/26 16:11:58 | 00,000,000 | ---D | C] -- C:\Documents and Settings\abc\My Documents\Updater5
[2009/03/26 15:45:28 | 00,000,000 | RHSD | C] -- C:\RESTORE

========== Files - Modified Within 30 Days ==========

[2009/03/28 18:36:04 | 00,054,156 | -H-- | M] () -- C:\WINDOWS\QTFont.qfn
[2009/03/28 18:36:04 | 00,002,337 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Acrobat Speed Launcher.lnk
[2009/03/28 18:35:58 | 00,088,723 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2009/03/28 18:35:56 | 00,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2009/03/28 18:35:56 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009/03/28 18:35:54 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009/03/27 15:15:12 | 00,109,056 | ---- | M] () -- C:\Documents and Settings\abc\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/03/27 00:00:14 | 00,000,918 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-2052111302-616249376-839522115-1003.job
[2009/03/26 15:49:46 | 00,000,202 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2009/03/26 10:09:02 | 01,900,305 | RHS- | M] () -- C:\WINDOWS\System32\MsRun32.exe
[2009/03/26 10:09:02 | 01,900,305 | ---- | M] () -- C:\WINDOWS\MsRun32.exe
[2009/03/08 17:46:48 | 02,105,648 | -H-- | M] () -- C:\Documents and Settings\abc\Local Settings\Application Data\IconCache.db
[2009/03/08 17:29:08 | 00,000,408 | ---- | M] () -- C:\WINDOWS\WINTOYS.INI
[2009/02/27 16:35:56 | 00,002,259 | ---- | M] () -- C:\Documents and Settings\abc\Desktop\Apple Software Update.lnk

========== LOP Check ==========

[2007/07/28 21:27:08 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\All Users\Application Data
[2007/07/28 19:48:58 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Adobe
[2007/07/28 19:49:22 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Adobe Systems
[2008/12/24 00:34:26 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Apple
[2008/12/24 00:34:44 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Apple Computer
[2008/08/14 15:03:40 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Autodesk
[2008/08/13 22:26:52 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Avg7
[2008/08/13 22:30:52 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Avira
[2004/01/03 03:43:50 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\CyberLink
[2004/01/08 21:36:50 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\FLEXnet
[2008/12/24 18:23:48 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\FreeDownloadManager.ORG
[2008/11/13 18:09:08 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Google
[2008/11/13 18:10:06 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\GRETECH
[2004/01/03 03:50:32 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Grisoft
[2007/07/28 21:26:52 | 00,000,000 | --SD | M] -- C:\Documents and Settings\All Users\Application Data\Microsoft
[2008/11/19 23:35:32 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\nView_Profiles
[2008/11/20 19:58:10 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Real
[2004/01/03 03:55:22 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2004/01/05 02:52:28 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ubisoft
[2004/01/08 21:40:00 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\VMware
[2009/01/26 12:17:44 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Yahoo!
[2009/01/26 12:18:28 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Yahoo! Companion
[2007/07/28 21:27:08 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\abc\Application Data
[2007/07/28 19:41:40 | 00,000,000 | ---D | M] -- C:\Documents and Settings\abc\Application Data\ACD Systems
[2007/07/28 19:41:36 | 00,000,000 | ---D | M] -- C:\Documents and Settings\abc\Application Data\ACDInTouch
[2008/12/25 12:51:12 | 00,000,000 | ---D | M] -- C:\Documents and Settings\abc\Application Data\Activision
[2007/07/28 19:51:26 | 00,000,000 | ---D | M] -- C:\Documents and Settings\abc\Application Data\Adobe
[2008/11/13 18:16:00 | 00,000,000 | ---D | M] -- C:\Documents and Settings\abc\Application Data\AdobeUM
[2008/12/24 00:35:14 | 00,000,000 | ---D | M] -- C:\Documents and Settings\abc\Application Data\Apple Computer
[2008/08/14 15:03:40 | 00,000,000 | ---D | M] -- C:\Documents and Settings\abc\Application Data\Autodesk
[2004/01/03 03:50:40 | 00,000,000 | ---D | M] -- C:\Documents and Settings\abc\Application Data\AVG7
[2004/01/03 03:44:38 | 00,000,000 | ---D | M] -- C:\Documents and Settings\abc\Application Data\CyberLink
[2008/12/24 18:23:52 | 00,000,000 | ---D | M] -- C:\Documents and Settings\abc\Application Data\Free Download Manager
[2008/11/13 20:38:42 | 00,000,000 | ---D | M] -- C:\Documents and Settings\abc\Application Data\Google
[2008/11/13 18:09:12 | 00,000,000 | ---D | M] -- C:\Documents and Settings\abc\Application Data\GRETECH
[2008/12/24 20:25:08 | 00,000,000 | ---D | M] -- C:\Documents and Settings\abc\Application Data\Help
[2007/07/28 19:12:20 | 00,000,000 | ---D | M] -- C:\Documents and Settings\abc\Application Data\Identities
[2008/08/15 02:56:44 | 00,000,000 | ---D | M] -- C:\Documents and Settings\abc\Application Data\InstallShield
[2007/07/28 19:45:36 | 00,000,000 | ---D | M] -- C:\Documents and Settings\abc\Application Data\Macromedia
[2008/11/20 20:01:00 | 00,000,000 | ---D | M] -- C:\Documents and Settings\abc\Application Data\Media Player Classic
[2007/07/28 21:26:52 | 00,000,000 | --SD | M] -- C:\Documents and Settings\abc\Application Data\Microsoft
[2008/12/24 00:38:08 | 00,000,000 | ---D | M] -- C:\Documents and Settings\abc\Application Data\Mozilla
[2007/07/28 19:52:08 | 00,000,000 | ---D | M] -- C:\Documents and Settings\abc\Application Data\Real
[2009/01/26 12:18:28 | 00,000,000 | ---D | M] -- C:\Documents and Settings\abc\Application Data\Yahoo!
[2001/08/23 17:30:00 | 00,000,065 | RH-- | M] () -- C:\WINDOWS\Tasks\desktop.ini
[2009/03/28 18:35:56 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\Tasks\SA.DAT
[2009/01/07 21:32:02 | 00,000,284 | ---- | M] () -- C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
[2009/03/27 00:00:14 | 00,000,918 | ---- | M] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-2052111302-616249376-839522115-1003.job

Edited by Rajgirish, 29 March 2009 - 05:13 AM.

  • 0

Advertisements

#2
kahdah
Posted 27 March 2009 - 06:26 AM

kahdah

    GeekU Teacher

  • Retired Staff
  • 15,822 posts
Hello Rajgirish

Welcome to G2Go. :)
=====================
  • Download OTListIt2 to your desktop.
  • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
  • When the window appears, underneath Output at the top change it to Minimal Output.
  • Under the Standard Registry box change it to All.
  • Check the boxes beside LOP Check and Purity Check.
  • Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  • When the scan completes, it will open two notepad windows. OTListIt.Txt and Extras.Txt. These are saved in the same location as OTListIt2.
  • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post it with your next reply.

  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP