Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

OTL Log

Started by sridharch , Dec 23 2010 08:53 AM

  • Please log in to reply

#1
sridharch
Posted 23 December 2010 - 08:53 AM

sridharch

    New Member

  • Member
  • Pip
  • 1 posts
Hi Friends,

I am attaching the OTL Log file

OTL Log Info:

OTL logfile created on: 12/22/2010 8:11:46 PM - Run 1
OTL by OldTimer - Version 3.2.18.0 Folder = C:\Documents and Settings\Administrator\Desktop
Windows Server 2003 Standard Edition Service Pack 1 (Version = 5.2.3790) - Type = NTServer
Internet Explorer (Version = 6.0.3790.1830)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 71.00% Memory free
8.00 Gb Paging File | 7.00 Gb Available in Paging File | 94.00% Paging File free
Paging file location(s): [Binary data over 100 bytes]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 24.41 Gb Total Space | 9.81 Gb Free Space | 40.17% Space Free | Partition Type: NTFS
Drive D: | 65.12 Gb Total Space | 2.65 Gb Free Space | 4.07% Space Free | Partition Type: NTFS
Drive E: | 17.89 Gb Total Space | 1.15 Gb Free Space | 6.45% Space Free | Partition Type: NTFS
Drive F: | 41.63 Gb Total Space | 0.85 Gb Free Space | 2.05% Space Free | Partition Type: NTFS
Drive H: | 3.72 Gb Total Space | 3.30 Gb Free Space | 88.75% Space Free | Partition Type: FAT32

Computer Name: SYSTEM | User Name: Administrator | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2010/12/22 20:11:03 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\OTL.exe
PRC - [2010/12/22 19:50:22 | 001,659,192 | ---- | M] (Runscanner.net) -- C:\Documents and Settings\Administrator\My Documents\Downloads\runscanner.exe
PRC - [2010/12/12 20:37:22 | 000,995,896 | ---- | M] (Google Inc.) -- C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
PRC - [2010/12/07 18:20:05 | 002,013,992 | ---- | M] (TeamViewer GmbH) -- C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe
PRC - [2010/11/11 17:18:32 | 000,334,448 | ---- | M] (VMware, Inc.) -- C:\WINDOWS\system32\vmnetdhcp.exe
PRC - [2010/11/11 17:18:28 | 000,404,080 | ---- | M] (VMware, Inc.) -- C:\WINDOWS\system32\vmnat.exe
PRC - [2010/11/11 17:17:32 | 000,129,648 | ---- | M] (VMware, Inc.) -- C:\Program Files\VMware\VMware Workstation\vmware-tray.exe
PRC - [2010/11/11 17:17:22 | 000,113,264 | ---- | M] (VMware, Inc.) -- C:\Program Files\VMware\VMware Workstation\vmware-authd.exe
PRC - [2010/11/11 16:01:44 | 000,539,248 | ---- | M] (VMware, Inc.) -- C:\Program Files\Common Files\VMware\USB\vmware-usbarbitrator.exe
PRC - [2010/11/02 21:26:22 | 000,016,856 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\plugin-container.exe
PRC - [2010/11/02 21:26:21 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2010/10/28 21:34:00 | 000,395,640 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files\uTorrent\uTorrent.exe
PRC - [2010/10/21 12:26:38 | 002,754,048 | ---- | M] (SpeedBit Ltd.) -- C:\Program Files\DAP\DAP.exe
PRC - [2009/02/23 18:35:34 | 000,111,856 | ---- | M] (Yahoo! Inc) -- C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe
PRC - [2008/11/10 02:18:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
PRC - [2006/08/29 09:04:05 | 000,648,800 | ---- | M] (SAP AG) -- D:\usr\sap\SRI\SCS01\exe\saposcol.exe
PRC - [2006/03/22 16:30:00 | 001,050,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2005/08/29 22:03:50 | 059,027,456 | ---- | M] (Oracle Corporation) -- c:\oracle\SRI\102\BIN\oracle.exe
PRC - [2005/08/29 19:32:22 | 000,102,400 | ---- | M] () -- c:\oracle\SRI\102\BIN\extjob.exe
PRC - [2005/08/16 01:23:02 | 000,053,248 | ---- | M] (Oracle) -- C:\oracle\SRI\102\BIN\isqlplussvc.exe
PRC - [2005/04/08 19:09:00 | 000,045,161 | ---- | M] () -- C:\oracle\SRI\102\jdk\bin\java.exe


========== Modules (SafeList) ==========

MOD - [2010/12/22 20:11:03 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\OTL.exe
MOD - [2005/03/25 00:01:12 | 001,051,136 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.3790.1830_x-ww_7AE38CCF\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- -- (WinHttpAutoProxySvc)
SRV - File not found [Auto | Stopped] -- -- (SAPSRI_01)
SRV - File not found [Auto | Stopped] -- -- (SAPSRI_00)
SRV - File not found [Auto | Stopped] -- -- (OracleSRI102TNSListener)
SRV - File not found [On_Demand | Stopped] -- -- (NMIndexingService)
SRV - File not found [Disabled | Stopped] -- C:\WINDOWS\System32\hidserv.dll -- (HidServ)
SRV - [2010/12/07 18:20:05 | 002,013,992 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe -- (TeamViewer5)
SRV - [2010/11/11 17:18:32 | 000,334,448 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\WINDOWS\system32\vmnetdhcp.exe -- (VMnetDHCP)
SRV - [2010/11/11 17:18:28 | 000,404,080 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\WINDOWS\system32\vmnat.exe -- (VMware NAT Service)
SRV - [2010/11/11 17:17:22 | 000,113,264 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Program Files\VMware\VMware Workstation\vmware-authd.exe -- (VMAuthdService)
SRV - [2010/11/11 16:01:44 | 000,539,248 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Program Files\Common Files\VMware\USB\vmware-usbarbitrator.exe -- (VMUSBArbService)
SRV - [2010/08/19 17:27:14 | 000,191,024 | ---- | M] (VMware, Inc.) [On_Demand | Stopped] -- C:\Program Files\VMware\VMware Workstation\vmware-ufad.exe -- (ufad-ws60)
SRV - [2008/11/10 02:18:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
SRV - [2006/08/29 09:04:05 | 000,648,800 | ---- | M] (SAP AG) [Auto | Running] -- D:\usr\sap\SRI\SCS01\exe\saposcol.exe -- (SAPOsCol)
SRV - [2006/08/29 09:03:35 | 008,062,560 | ---- | M] (SAP AG) [Auto | Stopped] -- D:\usr\sap\SRI\DVEBMGS00\exe\sapccmsr.exe -- (sapccmsr.00)
SRV - [2006/03/22 16:30:00 | 000,791,552 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\ntfrs.exe -- (NtFrs)
SRV - [2006/03/22 16:30:00 | 000,164,352 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\dfssvc.exe -- (Dfs)
SRV - [2006/03/22 16:30:00 | 000,094,720 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\llssrv.exe -- (LicenseService)
SRV - [2006/03/22 16:30:00 | 000,071,168 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\tssdis.exe -- (Tssdis)
SRV - [2006/03/22 16:30:00 | 000,067,072 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\rsopprov.exe -- (RSoPProv)
SRV - [2006/03/22 16:30:00 | 000,050,688 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\trksvr.dll -- (TrkSvr)
SRV - [2006/03/22 16:30:00 | 000,036,352 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\ismserv.exe -- (IsmServ)
SRV - [2006/03/22 16:30:00 | 000,012,288 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\sacsvr.dll -- (sacsvr)
SRV - [2005/08/29 22:03:50 | 059,027,456 | ---- | M] (Oracle Corporation) [Auto | Running] -- c:\oracle\sri\102\bin\ORACLE.EXE -- (OracleServiceSRI)
SRV - [2005/08/29 19:32:22 | 000,102,400 | ---- | M] () [Auto | Running] -- c:\oracle\sri\102\Bin\extjob.exe -- (OracleJobSchedulerSRI)
SRV - [2005/08/16 01:23:02 | 000,053,248 | ---- | M] (Oracle) [Auto | Running] -- C:\oracle\SRI\102\BIN\isqlplussvc.exe -- (OracleSRI102iSQL*Plus)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\ewusbmdm.sys -- (hwdatacard)
DRV - [2010/11/11 17:18:50 | 000,070,768 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\vmci.sys -- (vmci)
DRV - [2010/11/11 17:18:48 | 000,854,128 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\vmx86.sys -- (vmx86)
DRV - [2010/11/11 17:18:12 | 000,023,792 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\vmparport.sys -- (VMparport)
DRV - [2010/11/11 17:17:12 | 000,024,688 | ---- | M] (VMware, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\VMkbd.sys -- (vmkbd)
DRV - [2010/11/11 17:16:12 | 000,032,752 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\vmnetbridge.sys -- (VMnetBridge)
DRV - [2010/11/11 17:16:08 | 000,026,352 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\vmnetuserif.sys -- (VMnetuserif)
DRV - [2010/11/11 16:01:28 | 000,032,368 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\hcmon.sys -- (hcmon)
DRV - [2010/11/11 13:34:52 | 000,016,560 | ---- | M] (VMware, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\vmnetadapter.sys -- (VMnetAdapter)
DRV - [2010/08/19 17:26:38 | 000,022,448 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Program Files\VMware\VMware Workstation\vstor2-ws60.sys -- (vstor2-ws60)
DRV - [2009/08/05 16:21:14 | 000,041,424 | ---- | M] (Sun Microsystems, Inc.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\VBoxUSBMon.sys -- (VBoxUSBMon)
DRV - [2009/08/05 16:20:00 | 000,099,472 | ---- | M] (Sun Microsystems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\VBoxNetFlt.sys -- (VBoxNetFlt)
DRV - [2009/08/05 16:20:00 | 000,091,472 | ---- | M] (Sun Microsystems, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\VBoxNetAdp.sys -- (VBoxNetAdp)
DRV - [2009/08/05 16:19:56 | 000,115,856 | ---- | M] (Sun Microsystems, Inc.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\VBoxDrv.sys -- (VBoxDrv)
DRV - [2006/09/12 16:57:00 | 004,381,184 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.Sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2006/08/14 18:39:48 | 000,083,200 | R--- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp)
DRV - [2006/03/22 16:30:00 | 000,068,608 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\ClusDisk.sys -- (ClusDisk)
DRV - [2006/03/22 16:30:00 | 000,034,816 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\Dfs.sys -- (DfsDriver)
DRV - [2005/07/09 06:26:32 | 000,144,384 | ---- | M] (Windows ® Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2003/03/24 23:09:38 | 000,006,144 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\loop.sys -- (msloop)
DRV - [2003/03/24 21:16:20 | 000,019,528 | ---- | M] (Winbond Electronics Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\W840ND.sys -- (W840ND)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://in.yahoo.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://in.yahoo.com

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = res://shdoclc.dll/hardAdmin.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://in.rd.yahoo.c...://in.yahoo.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://in.yahoo.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
IE - HKCU\..\URLSearchHook: {F4F10C1D-87C7-404A-B4B3-000000000000} - C:\Program Files\DAP\SBSearch.dll (SpeedBit Ltd.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = 192.168.2.4:8080

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Yahoo"
FF - prefs.js..browser.search.defaulturl: "http://in.search.yah...ch?fr=ffsp1&p="
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "http://in.yahoo.com"
FF - prefs.js..extensions.enabledItems: {F17C1572-C9EC-4e5c-A542-D05CBB5C5A08}:9.2.0.5
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: [email protected]:1.0.0
FF - prefs.js..extensions.enabledItems: [email protected]:1.0.0
FF - prefs.js..extensions.enabledItems: [email protected]:1.0.0
FF - prefs.js..extensions.enabledItems: [email protected]:1.0.0
FF - prefs.js..extensions.enabledItems: [email protected]:1.0.0
FF - prefs.js..extensions.enabledItems: [email protected]:1.0.0
FF - prefs.js..extensions.enabledItems: [email protected]:1.0.0
FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:2.1.1.20091029021655
FF - prefs.js..keyword.URL: "http://in.search.yah...ch?fr=ffds1&p="
FF - prefs.js..network.proxy.http: "192.168.2.4"
FF - prefs.js..network.proxy.http_port: 8080
FF - prefs.js..network.proxy.type: 0


FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/11/02 21:26:23 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/11/02 21:26:23 | 000,000,000 | ---D | M]

[2010/10/17 11:34:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Extensions
[2010/12/22 19:50:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\nekx7wf5.default\extensions
[2010/12/20 10:08:59 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\nekx7wf5.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2010/12/22 19:50:07 | 000,000,000 | ---D | M] (Selenium IDE) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\nekx7wf5.default\extensions\{a6fd85ed-e919-4a43-a5af-8da18bda539f}
[2010/11/03 19:48:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\nekx7wf5.default\extensions\[email protected]
[2010/11/03 19:48:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\nekx7wf5.default\extensions\[email protected]
[2010/11/03 19:48:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\nekx7wf5.default\extensions\[email protected]
[2010/11/03 19:48:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\nekx7wf5.default\extensions\[email protected]
[2010/11/03 19:48:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\nekx7wf5.default\extensions\[email protected]
[2010/11/03 19:48:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\nekx7wf5.default\extensions\[email protected]
[2010/11/03 19:48:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\nekx7wf5.default\extensions\[email protected]
[2010/11/03 19:48:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\nekx7wf5.default\extensions\staged-xpis
[2010/12/22 17:13:14 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010/10/29 21:31:31 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010/10/29 21:31:25 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll

O1 HOSTS File: ([2010/10/17 11:52:04 | 000,000,752 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 192.168.1.1 system
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Plugin Class) - {56CD20F0-7C09-11D5-A768-0050042307CE} - C:\PlayerIE\PlayerIE.dll (SAP AG)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (Yahoo! Inc)
O2 - BHO: (DAPIELoader Class) - {FF6C3CF0-4B15-11D1-ABED-709549C10000} - C:\Program Files\DAP\dapieloader.dll (SpeedBit Ltd.)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [SkyTel] C:\WINDOWS\SkyTel.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [vmware-tray] C:\Program Files\VMware\VMware Workstation\vmware-tray.exe (VMware, Inc.)
O4 - HKLM..\Run: [YSearchProtection] C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe (Yahoo! Inc)
O4 - HKCU..\Run: [uTorrent] C:\Program Files\uTorrent\uTorrent.exe (BitTorrent, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ShowSuperHidden = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: disablecad = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: &Clean Traces - C:\Program Files\DAP\Privacy Package\dapcleanerie.htm ()
O8 - Extra context menu item: &Download with &DAP - C:\Program Files\DAP\dapextie.htm ()
O8 - Extra context menu item: Download &all with DAP - C:\Program Files\DAP\dapextie2.htm ()
O10 - Protocol_Catalog9\Catalog_Entries\000000000026 - C:\Program Files\VMware\VMware Workstation\vsocklib.dll (VMware, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000027 - C:\Program Files\VMware\VMware Workstation\vsocklib.dll (VMware, Inc.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0014-0002-0018-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.4.2_18)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 113.193.0.148 113.193.1.14
O18 - Protocol\Handler\saphtmlp {D1F8BD1E-7967-11D2-B43A-006094B9EADB} - c:\Program Files\SAP\FrontEnd\SAPgui\SAPHTMLP.DLL (SAP AG, Walldorf)
O18 - Protocol\Handler\sapr3 {D1F8BD1E-7967-11D2-B43A-006094B9EADB} - c:\Program Files\SAP\FrontEnd\SAPgui\SAPHTMLP.DLL (SAP AG, Walldorf)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: TaskMan - (C:\Documents and Settings\Administrator\jahcii.exe) - C:\Documents and Settings\Administrator\jahcii.exe ()
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010/10/16 22:00:49 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{c2d4f086-dc56-11df-b06c-00196640f111}\Shell - "" = AutoRun
O33 - MountPoints2\{c2d4f086-dc56-11df-b06c-00196640f111}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{c2d4f0a6-dc56-11df-b06c-00196640f111}\Shell - "" = AutoRun
O33 - MountPoints2\{c2d4f0a6-dc56-11df-b06c-00196640f111}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\H\Shell - "" = AutoRun
O33 - MountPoints2\H\Shell\AutoRun - "" = Auto&Play
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010/12/22 20:10:51 | 000,602,624 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\OTL.exe
[2010/12/22 19:50:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\Runscanner.net
[2010/12/22 18:32:40 | 000,000,000 | ---D | C] -- C:\Program Files\Glarysoft
[2010/12/22 18:09:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\MFAData
[2010/12/22 18:06:23 | 000,000,000 | ---D | C] -- C:\Program Files\AML Products
[2010/12/21 00:04:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Desktop\Docstoc Public Documents
[2010/12/20 23:58:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\OneClick
[2010/12/20 23:58:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Local Settings\Application Data\ApplicationHistory
[2010/12/20 23:58:41 | 000,000,000 | ---D | C] -- C:\Program Files\Docstoc
[2010/12/20 17:01:04 | 000,000,000 | ---D | C] -- C:\sap trial
[2010/12/20 10:09:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Local Settings\Application Data\Yahoo
[2010/12/20 10:08:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Yahoo! Companion
[2010/12/20 10:08:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\Yahoo!
[2010/12/20 10:08:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Yahoo!
[2010/12/20 09:57:57 | 000,000,000 | ---D | C] -- C:\Program Files\Yahoo!
[2010/12/20 00:27:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\TeamViewer
[2010/12/20 00:27:28 | 000,000,000 | ---D | C] -- C:\Program Files\TeamViewer
[2010/12/20 00:27:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\temp
[2010/10/19 18:09:25 | 003,125,248 | ---- | C] (SAP Technology,Inc) -- C:\Program Files\Common Files\sapxlhelper.dll
[2010/10/19 18:09:25 | 000,192,512 | ---- | C] (SAP Tech Inc.) -- C:\Program Files\Common Files\sapconsr3.dll
[2010/10/19 18:09:24 | 000,626,688 | ---- | C] (SAP AG) -- C:\Program Files\Common Files\sapconsaccess.dll
[2010/10/19 18:09:22 | 000,040,960 | ---- | C] (SAP-TECHNOLOGY) -- C:\Program Files\Common Files\DigitalSignature.ocx

========== Files - Modified Within 30 Days ==========

[2010/12/22 20:11:03 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\OTL.exe
[2010/12/22 20:02:00 | 000,001,010 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1325586038-796457868-3753420791-500UA.job
[2010/12/22 19:52:49 | 000,151,831 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\runscanner.run
[2010/12/22 19:50:25 | 000,407,478 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010/12/22 19:50:25 | 000,062,240 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010/12/22 19:45:56 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/12/22 19:45:41 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/12/22 19:45:40 | 2138,365,952 | -HS- | M] () -- C:\hiberfil.sys
[2010/12/22 19:45:40 | 000,114,968 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/12/22 19:36:34 | 000,000,793 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\AML Free Registry Cleaner.lnk
[2010/12/22 19:25:20 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010/12/21 10:37:16 | 000,012,851 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\index.php.htm
[2010/12/20 23:58:43 | 000,000,136 | ---- | M] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\fusioncache.dat
[2010/12/20 22:02:00 | 000,000,958 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1325586038-796457868-3753420791-500Core.job
[2010/12/20 19:15:42 | 000,168,960 | RHS- | M] () -- C:\Documents and Settings\Administrator\jahcii.exe
[2010/12/20 19:12:35 | 000,000,162 | -H-- | M] () -- C:\Documents and Settings\Administrator\Desktop\~$P NW INSTALLATION SCREENSHOTS.doc
[2010/12/20 17:15:28 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\videoplayback.dap
[2010/12/20 10:46:14 | 000,000,209 | ---- | M] () -- C:\WINDOWS\POD.INI
[2010/12/20 10:45:36 | 000,000,491 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\Shortcut to POD.EXE.lnk
[2010/12/20 10:08:34 | 000,000,820 | ---- | M] () -- C:\Documents and Settings\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Yahoo! Messenger India.lnk
[2010/12/20 10:08:34 | 000,000,802 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Yahoo! Messenger India.lnk
[2010/12/20 00:39:49 | 000,000,815 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\TeamViewer 5.lnk
[2010/12/20 00:12:13 | 053,353,642 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\dormir.mp3
[2010/12/15 19:29:54 | 000,065,024 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\Shashi_Resume_Main-1.doc

========== Files Created - No Company Name ==========

[2010/12/22 19:52:48 | 000,151,831 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\runscanner.run
[2010/12/22 19:36:34 | 000,000,793 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\AML Free Registry Cleaner.lnk
[2010/12/21 16:36:42 | 000,065,024 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\Shashi_Resume_Main-1.doc
[2010/12/21 10:37:16 | 000,012,851 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\index.php.htm
[2010/12/20 23:58:43 | 000,000,136 | ---- | C] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\fusioncache.dat
[2010/12/20 19:15:43 | 000,168,960 | RHS- | C] () -- C:\Documents and Settings\Administrator\jahcii.exe
[2010/12/20 19:12:35 | 000,000,162 | -H-- | C] () -- C:\Documents and Settings\Administrator\Desktop\~$P NW INSTALLATION SCREENSHOTS.doc
[2010/12/20 17:15:28 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\videoplayback.dap
[2010/12/20 10:46:14 | 000,000,209 | ---- | C] () -- C:\WINDOWS\POD.INI
[2010/12/20 10:45:36 | 000,000,491 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\Shortcut to POD.EXE.lnk
[2010/12/20 10:08:34 | 000,000,820 | ---- | C] () -- C:\Documents and Settings\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Yahoo! Messenger India.lnk
[2010/12/20 10:08:34 | 000,000,802 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Yahoo! Messenger India.lnk
[2010/12/20 00:39:49 | 000,000,815 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\TeamViewer 5.lnk
[2010/12/15 08:29:22 | 008,869,384 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\For.Dummies.C.Sharp.2005.For.Dummies.Oct.2005.eBook-LinG.pdf
[2010/10/29 22:42:55 | 000,168,448 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2010/10/21 20:04:06 | 000,000,694 | ---- | C] () -- C:\WINDOWS\saplogon.ini
[2010/10/19 18:09:23 | 001,229,312 | ---- | C] () -- C:\Program Files\Common Files\SAPActiveXL_nosig.xlt
[2010/10/19 18:09:23 | 001,167,872 | ---- | C] () -- C:\Program Files\Common Files\SAPActiveXL.xlt
[2010/10/19 18:07:10 | 001,064,960 | ---- | C] () -- C:\WINDOWS\System32\h5krnl32.dll
[2010/10/19 18:07:10 | 000,188,928 | ---- | C] () -- C:\WINDOWS\System32\h5icon32.dll
[2010/10/19 18:07:10 | 000,175,616 | ---- | C] () -- C:\WINDOWS\System32\h5menu32.dll
[2010/10/19 18:07:10 | 000,095,744 | ---- | C] () -- C:\WINDOWS\System32\h5rtf32.dll
[2010/10/19 18:07:10 | 000,051,200 | ---- | C] () -- C:\WINDOWS\System32\h5tool32.dll
[2010/10/19 18:07:06 | 000,015,872 | ---- | C] () -- C:\WINDOWS\System32\vtssm32.dll
[2010/10/17 10:29:20 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2010/10/17 03:22:48 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2010/10/16 22:31:09 | 000,143,360 | R--- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll
[2010/10/16 22:27:00 | 000,004,694 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini
[2010/10/16 22:26:59 | 000,010,288 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS
[2006/03/22 16:30:00 | 000,179,577 | ---- | C] () -- C:\WINDOWS\System32\schema.ini
[2006/03/22 16:30:00 | 000,082,432 | ---- | C] () -- C:\WINDOWS\System32\ieencode.dll
[2006/03/22 16:30:00 | 000,024,819 | ---- | C] () -- C:\WINDOWS\System32\ntdsctrs.ini
[2006/03/22 16:30:00 | 000,020,386 | ---- | C] () -- C:\WINDOWS\System32\ntfrsrep.ini
[2006/03/22 16:30:00 | 000,011,817 | ---- | C] () -- C:\WINDOWS\System32\iasperf.ini
[2006/03/22 16:30:00 | 000,011,030 | ---- | C] () -- C:\WINDOWS\System32\ipsecprf.ini
[2006/03/22 16:30:00 | 000,005,597 | ---- | C] () -- C:\WINDOWS\System32\ntfrscon.ini
[2003/01/07 20:35:08 | 000,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI

========== LOP Check ==========

[2010/10/24 20:01:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Bullzip
[2010/10/30 06:24:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\GetRightToGo
[2010/10/24 17:30:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\ibibo
[2010/12/21 00:01:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\OneClick
[2010/12/22 19:50:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Runscanner.net
[2010/12/20 00:27:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\TeamViewer
[2010/10/24 17:30:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Tencent
[2010/12/22 20:06:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\uTorrent
[2010/10/22 15:19:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Applications
[2010/12/22 18:11:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MFAData
[2010/10/21 12:26:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SpeedBit
[2010/12/22 20:10:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2010/12/22 19:44:22 | 000,032,332 | ---- | M] () -- C:\WINDOWS\Tasks\SchedLgU.Txt

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 132 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:A9662AE0
@Alternate Data Stream - 120 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:0D786AE3

< End of report >

Attached Files

  • Attached File  OTL.Txt   65.06KB   76 downloads

  • 0

Advertisements

Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP