Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

NTDVM problem


  • Please log in to reply

#16
ilyasjed

ilyasjed

    Member

  • Topic Starter
  • Member
  • PipPip
  • 13 posts
there is no button called "Export Now".... after scan i got message that "Today you are not infected"

Thanks
  • 0

Advertisements


#17
kahdah

kahdah

    GeekU Teacher

  • Retired Staff
  • 15,822 posts
  • Double click on Otlistit to run it. Make sure all other windows are closed and to let it run uninterrupted.
  • When the window appears, underneath Output at the top change it to Minimal Output.
  • Under the Standard Registry box change it to All.
  • Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  • When the scan completes, it will open one notepad window. OTListIt.Txt a This is saved in the same location as OTListIt2.
  • Please copy (Edit->Select All, Edit->Copy) the contents of this file and post it with your next reply.

  • 0

#18
ilyasjed

ilyasjed

    Member

  • Topic Starter
  • Member
  • PipPip
  • 13 posts
log file after scan OTListIt

OTListIt logfile created on: 04/04/2009 09:01:35 AM - Run 2
OTListIt2 by OldTimer - Version 2.0.7.2 Folder = C:\Documents and Settings\ilyas\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

2.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 100.00% Memory free
4.00 Gb Paging File | 4.00 Gb Available in Paging File | 100.00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092;

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 39.06 Gb Total Space | 11.65 Gb Free Space | 29.82% Space Free | Partition Type: NTFS
Drive D: | 35.47 Gb Total Space | 1.30 Gb Free Space | 3.66% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Drive Q: | 19.53 Gb Total Space | 2.91 Gb Free Space | 14.90% Space Free | Partition Type: NTFS
Drive V: | 95.62 Gb Total Space | 22.37 Gb Free Space | 23.40% Space Free | Partition Type: NTFS
Drive W: | 34.22 Gb Total Space | 22.77 Gb Free Space | 66.55% Space Free | Partition Type: NTFS
Drive X: | 95.62 Gb Total Space | 22.37 Gb Free Space | 23.40% Space Free | Partition Type: NTFS
Drive Y: | 4.89 Gb Total Space | 0.51 Gb Free Space | 10.51% Space Free | Partition Type: NTFS
Drive Z: | 29.29 Gb Total Space | 9.43 Gb Free Space | 32.20% Space Free | Partition Type: NTFS

Computer Name: ILYAS
Current User Name: ilyas
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Output = Minimal
File Age = 30 Days
Company Name Whitelist: On

========== Processes (SafeList) ==========

PRC - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0 for Windows Workstations\avp.exe (Kaspersky Lab)
PRC - C:\Program Files\Kaspersky Lab\NetworkAgent\klnagent.exe (Kaspersky Lab)
PRC - C:\Program Files\Microsoft SQL Server\MSSQL10.HRD\MSSQL\Binn\sqlservr.exe (Microsoft Corporation)
PRC - C:\Program Files\Microsoft SQL Server\MSSQL\Binn\sqlservr.exe (Microsoft Corporation)
PRC - C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corp.)
PRC - C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe (Microsoft Corporation)
PRC - C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe (Microsoft Corporation)
PRC - C:\WINDOWS\Explorer.EXE (Microsoft Corporation)
PRC - C:\WINDOWS\system32\hkcmd.exe (Intel Corporation)
PRC - C:\WINDOWS\system32\igfxpers.exe (Intel Corporation)
PRC - C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
PRC - C:\Program Files\Analog Devices\Core\smax4pnp.exe (Analog Devices, Inc.)
PRC - C:\Program Files\Google\Google Talk\googletalk.exe (Google)
PRC - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0 for Windows Workstations\avp.exe (Kaspersky Lab)
PRC - C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe (Microsoft Corporation)
PRC - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
PRC - C:\Program Files\Tavultesoft\Keyman-thamizha\keyman.exe (Tavultesoft)
PRC - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
PRC - C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe (Nokia)
PRC - C:\Program Files\MP4 Player\mp4Player.exe ()
PRC - C:\Program Files\Microsoft Firewall Client\ISATRAY.EXE (Microsoft Corporation)
PRC - C:\Program Files\Microsoft Office\Office\OSA.EXE ()
PRC - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe (Nokia.)
PRC - C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe ()
PRC - C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe ()
PRC - C:\Program Files\PC Connectivity Solution\Transports\NclMSBTSrv.exe ()
PRC - C:\Program Files\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation)
PRC - C:\Program Files\Mozilla Firefox 3 Beta 2\firefox.exe (Mozilla Corporation)
PRC - C:\Documents and Settings\ilyas\Desktop\OTListIt2.exe (OldTimer Tools)

========== Win32 Services (SafeList) ==========

SRV - (aspnet_state [On_Demand | Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (Microsoft Corporation)
SRV - (AVP [Auto | Running]) -- C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0 for Windows Workstations\avp.exe (Kaspersky Lab)
SRV - (clr_optimization_v2.0.50727_32 [On_Demand | Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (FontCache3.0.0.0 [On_Demand | Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe (Microsoft Corporation)
SRV - (fsssvc [On_Demand | Stopped]) -- C:\Program Files\Windows Live\Family Safety\fsssvc.exe (Microsoft Corporation)
SRV - (gusvc [On_Demand | Stopped]) -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe (Google)
SRV - (helpsvc [Auto | Running]) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll (Microsoft Corporation)
SRV - (idsvc [Unknown | Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe (Microsoft Corporation)
SRV - (klnagent [Auto | Running]) -- C:\Program Files\Kaspersky Lab\NetworkAgent\klnagent.exe (Kaspersky Lab)
SRV - (MSSQL$HRD [Auto | Running]) -- C:\Program Files\Microsoft SQL Server\MSSQL10.HRD\MSSQL\Binn\sqlservr.exe (Microsoft Corporation)
SRV - (MSSQLSERVER [Auto | Running]) -- C:\Program Files\Microsoft SQL Server\MSSQL\Binn\sqlservr.exe (Microsoft Corporation)
SRV - (MSSQLServerADHelper100 [Disabled | Stopped]) -- C:\Program Files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE (Microsoft Corporation)
SRV - (NetTcpPortSharing [Disabled | Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe (Microsoft Corporation)
SRV - (ose [On_Demand | Stopped]) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)
SRV - (SeaPort [Auto | Running]) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corp.)
SRV - (ServiceLayer [On_Demand | Running]) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe (Nokia.)
SRV - (SQLAgent$HRD [Disabled | Stopped]) -- C:\Program Files\Microsoft SQL Server\MSSQL10.HRD\MSSQL\Binn\SQLAGENT.EXE (Microsoft Corporation)
SRV - (SQLBrowser [Auto | Running]) -- C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe (Microsoft Corporation)
SRV - (SQLSERVERAGENT [On_Demand | Stopped]) -- C:\Program Files\Microsoft SQL Server\MSSQL\Binn\sqlagent.EXE (Microsoft Corporation)
SRV - (SQLWriter [Auto | Running]) -- C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe (Microsoft Corporation)
SRV - (WMPNetworkSvc [On_Demand | Stopped]) -- C:\Program Files\Windows Media Player\WMPNetwk.exe (Microsoft Corporation)

========== Driver Services (SafeList) ==========

DRV - (ADIHdAudAddService [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\ADIHdAud.sys (Analog Devices, Inc.)
DRV - (b57w2k [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\b57xp32.sys (Broadcom Corporation)
DRV - (fssfltr [Auto | Running]) -- C:\WINDOWS\system32\DRIVERS\fssfltr_tdi.sys (Microsoft Corporation)
DRV - (HDAudBus [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\HDAudBus.sys (Windows ® Server 2003 DDK provider)
DRV - (ialm [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\igxpmp32.sys (Intel Corporation)
DRV - (kl1 [Boot | Running]) -- C:\WINDOWS\system32\drivers\kl1.sys (Kaspersky Lab)
DRV - (klif [System | Running]) -- C:\WINDOWS\system32\drivers\klif.sys (Kaspersky Lab)
DRV - (klim5 [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\klim5.sys (Kaspersky Lab)
DRV - (nmwcd [On_Demand | Stopped]) -- C:\WINDOWS\system32\drivers\ccdcmb.sys (Nokia)
DRV - (nmwcdc [On_Demand | Stopped]) -- C:\WINDOWS\system32\drivers\ccdcmbo.sys (Nokia)
DRV - (pavboot [Boot | Running]) -- C:\WINDOWS\system32\drivers\pavboot.sys (Panda Security, S.L.)
DRV - (pccsmcfd [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys (Nokia)
DRV - (Ptilink [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\ptilink.sys (Parallel Technologies, Inc.)
DRV - (RsFx0102 [Disabled | Stopped]) -- C:\WINDOWS\system32\DRIVERS\RsFx0102.sys (Microsoft Corporation)
DRV - (rtl8139 [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\RTL8139.SYS (Realtek Semiconductor Corporation)
DRV - (Secdrv [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\secdrv.sys (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)
DRV - (SenFiltService [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\Senfilt.sys (Sensaura)
DRV - (upperdev [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys (Windows ® Codename Longhorn DDK provider)
DRV - (usbser [On_Demand | Stopped]) -- C:\WINDOWS\system32\drivers\usbser.sys (Microsoft Corporation)
DRV - (UsbserFilt [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys (Windows ® Codename Longhorn DDK provider)

========== Standard Registry (All) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn...st/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomSearch = http://us.rd.yahoo.c...rch/search.html
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn...st/srchasst.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...amp;ar=iesearch
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.co...q={searchTerms}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.freewebto...login.live.html
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Live Search"
FF - prefs.js..browser.search.defaulturl: "http://search.live.c...?FORM=IEFM1&q="
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "http://go.microsoft..../?LinkId=69157"
FF - prefs.js..extensions.enabledItems: [email protected]:1.0.0.685
FF - prefs.js..extensions.enabledItems: {EEE6C361-6118-11DC-9C72-001320C79847}:1.0.0.8
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.0.8
FF - prefs.js..keyword.URL: "http://search.live.c...?FORM=IEFM1&q="
FF - prefs.js..sweetim.toolbar.previous.keyword.URL: "chrome://browser-region/locale/region.properties"

FF - HKLM\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\PROGRAM FILES\REAL\REALPLAYER\BROWSERRECORD [2008/06/18 10:16:28 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION\ [2009/01/19 20:42:20 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\[email protected]: C:\PROGRAM FILES\NOKIA\NOKIA PC SUITE 7\BKMRKSYNC\ [2009/02/01 13:39:46 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.8\extensions\\Components: C:\PROGRAM FILES\MOZILLA FIREFOX 3 BETA 2\COMPONENTS [2009/03/28 15:12:18 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.8\extensions\\Plugins: C:\PROGRAM FILES\MOZILLA FIREFOX 3 BETA 2\PLUGINS [2009/03/28 15:12:30 | 00,000,000 | ---D | M]

[2008/04/12 08:21:07 | 00,000,000 | ---D | M] -- C:\Documents and Settings\ilyas\Application Data\mozilla\Extensions
[2008/04/12 08:21:07 | 00,000,000 | ---D | M] -- C:\Documents and Settings\ilyas\Application Data\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2009/04/01 16:45:41 | 00,000,000 | ---D | M] -- C:\Documents and Settings\ilyas\Application Data\mozilla\Firefox\Profiles\g1j2ma1n.default\extensions
[2008/11/01 09:03:35 | 00,000,000 | ---D | M] -- C:\Documents and Settings\ilyas\Application Data\mozilla\Firefox\Profiles\g1j2ma1n.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}
[2009/03/28 10:41:06 | 00,001,632 | ---- | M] () -- C:\Documents and Settings\ilyas\Application Data\Mozilla\FireFox\Profiles\g1j2ma1n.default\searchplugins\live-search.xml
[2008/11/01 09:03:33 | 00,003,915 | ---- | M] () -- C:\Documents and Settings\ilyas\Application Data\Mozilla\FireFox\Profiles\g1j2ma1n.default\searchplugins\sweetim.xml

O1 HOSTS File: (27 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll File not found
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Megaupload Toolbar) - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\Program Files\MegauploadToolbar\megauploadtoolbar.dll (MEGAUPLOAD )
O2 - BHO: (Yahoo! IE Services Button) - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll (Yahoo! Inc.)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - Reg Error: Key error. File not found
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll (Microsoft Corp.)
O2 - BHO: (Windows Live Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll (Google Inc.)
O2 - BHO: (IeMonitorBho Class) - {bf00e119-21a3-4fd1-b178-3b8537e75c92} - C:\Program Files\Megaupload\Mega Manager\MegaIEMn.dll (Megaupload Limited)
O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O2 - BHO: (SweetIM Toolbar Helper) - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (&Google) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Megaupload Toolbar) - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\Program Files\MegauploadToolbar\megauploadtoolbar.dll (MEGAUPLOAD )
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\Program Files\MegauploadToolbar\megauploadtoolbar.dll (MEGAUPLOAD )
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\SHELL32.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\Program Files\MegauploadToolbar\megauploadtoolbar.dll (MEGAUPLOAD )
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - Reg Error: Key error. File not found
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O4 - HKLM..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0 for Windows Workstations\avp.exe" (Kaspersky Lab)
O4 - HKLM..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent (Microsoft Corporation)
O4 - HKLM..\Run: [googletalk] C:\Program Files\Google\Google Talk\googletalk.exe /autostart (Google)
O4 - HKLM..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe (Intel Corporation)
O4 - HKLM..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe (Intel Corporation)
O4 - HKLM..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32 (Microsoft Corporation)
O4 - HKLM..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC File not found
O4 - HKLM..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe (Intel Corporation)
O4 - HKLM..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName File not found
O4 - HKLM..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC File not found
O4 - HKLM..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe (Analog Devices, Inc.)
O4 - HKLM..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot (RealNetworks, Inc.)
O4 - HKCU..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation)
O4 - HKCU..\Run: [keyman.exe-thamizha] C:\Program Files\Tavultesoft\Keyman-thamizha\keyman.exe (Tavultesoft)
O4 - HKCU..\Run: [MP4 Player] "C:\Program Files\MP4 Player\mp4Player.exe" hmw ()
O4 - HKCU..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background (Microsoft Corporation)
O4 - HKCU..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background (Microsoft Corporation)
O4 - HKCU..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray (Nokia)
O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe (Google Inc.)
O4 - HKCU..\Run: [Yahoo! Pager] "C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet (Yahoo! Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe (Adobe Systems Incorporated)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Firewall Client Connectivity Monitor.LNK = C:\Program Files\Microsoft Firewall Client\ISATRAY.EXE (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\ilyas\Start Menu\Programs\Startup\Office Startup.lnk = C:\Program Files\Microsoft Office\Office\OSA.EXE ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableCAD = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Add to Anti-Banner - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0 for Windows Workstations\ie_banner_deny.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.liv...m/quickadd.aspx
O8 - Extra context menu item: Download Link Using Mega Manager... - C:\Program Files\Megaupload\Mega Manager\mm_file.htm
O8 - Extra context menu item: Open in new background tab - res://C:\Program Files\Windows Live Toolbar\Components\en-in\msntabres.dll.mui/229?0d734d2045c44ec981b07ca01bfcdb37
O8 - Extra context menu item: Open in new foreground tab - res://C:\Program Files\Windows Live Toolbar\Components\en-in\msntabres.dll.mui/230?0d734d2045c44ec981b07ca01bfcdb37
O9 - Extra Button: Web Anti-Virus statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0 for Windows Workstations\SCIEPlgn.dll (Kaspersky Lab)
O9 - Extra Button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll (Yahoo! Inc.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (Microsoft Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [WinSock Proxy Name Space provider] - C:\Program Files\Microsoft Firewall Client\wspwsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [Tcpip] - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [NTDS] - C:\WINDOWS\System32\winrnr.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [Network Location Awareness (NLA) Namespace] - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [Bluetooth Namespace] - C:\WINDOWS\system32\wshbth.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\Microsoft Firewall Client\wspwsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\Microsoft Firewall Client\wspwsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\Microsoft Firewall Client\wspwsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files\Microsoft Firewall Client\wspwsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files\Microsoft Firewall Client\wspwsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files\Microsoft Firewall Client\wspwsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Program Files\Microsoft Firewall Client\wspwsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Program Files\Microsoft Firewall Client\wspwsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Program Files\Microsoft Firewall Client\wspwsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Program Files\Microsoft Firewall Client\wspwsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Program Files\Microsoft Firewall Client\wspwsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Program Files\Microsoft Firewall Client\wspwsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Program Files\Microsoft Firewall Client\wspwsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\Program Files\Microsoft Firewall Client\wspwsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\Program Files\Microsoft Firewall Client\wspwsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\Program Files\Microsoft Firewall Client\wspwsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\Program Files\Microsoft Firewall Client\wspwsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\Program Files\Microsoft Firewall Client\wspwsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\Program Files\Microsoft Firewall Client\wspwsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\Program Files\Microsoft Firewall Client\wspwsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - C:\Program Files\Microsoft Firewall Client\wspwsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000022 - C:\Program Files\Microsoft Firewall Client\wspwsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000023 - C:\Program Files\Microsoft Firewall Client\wspwsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000024 - C:\Program Files\Microsoft Firewall Client\wspwsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000025 - C:\Program Files\Microsoft Firewall Client\wspwsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000026 - C:\Program Files\Microsoft Firewall Client\wspwsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000027 - C:\Program Files\Microsoft Firewall Client\wspwsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000028 - C:\Program Files\Microsoft Firewall Client\wspwsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000029 - C:\Program Files\Microsoft Firewall Client\wspwsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000030 - C:\Program Files\Microsoft Firewall Client\wspwsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000031 - C:\Program Files\Microsoft Firewall Client\wspwsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000032 - C:\Program Files\Microsoft Firewall Client\wspwsp.dll (Microsoft Corporation)
O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {0246ECA8-996F-11D1-BE2F-00A0C9037DFE} http://www.kumudam.c...er/tdserver.cab (TDServer Control)
O16 - DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} http://support.asus....ek_sys_ctrl.cab (asusTek_sysctrl Class)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\Yinsthelper.dll (Installation Support)
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} http://gfx2.hotmail....es/MSNPUpld.cab (MSN Photo Upload Tool)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://www.update.mi...b?1200903192346 (WUWebControl Class)
O16 - DPF: {745395C8-D0E1-4227-8586-624CA9A10A8D} http://68.191.181.82/activex/AMC.cab (AxisMediaControl Class)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...t/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} http://demo.xiden.co...sCamControl.cab (CamImage Class)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zon...nt.cab56907.cab (MessengerStatsClient Class)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macr...ash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = RPD-ADMIN.COM
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Interfaces\{C7E8496F-EB74-46CC-96C6-E2903C394672}\\NameServer = 155.155.1.95
O18 - Protocol\Filter: - application/octet-stream - C:\WINDOWS\system32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter: - application/x-complus - C:\WINDOWS\system32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter: - application/x-msdownload - C:\WINDOWS\system32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter: - Class Install Handler - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter: - deflate - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter: - gzip - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter: - lzdhtml - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter: - text/webviewhtml - C:\WINDOWS\system32\SHELL32.dll (Microsoft Corporation)
O18 - Protocol\Filter: - text/xml - C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\Explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UIHost - (logonui.exe) - C:\WINDOWS\system32\logonui.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (rundll32 shell32) - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") - C:\WINDOWS\system32\sysdm.cpl (Microsoft Corporation)
O20 - Winlogon\Notify\crypt32chain: DllName - crypt32.dll - C:\WINDOWS\system32\crypt32.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cryptnet: DllName - cryptnet.dll - C:\WINDOWS\system32\cryptnet.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cscdll: DllName - cscdll.dll - C:\WINDOWS\system32\cscdll.dll (Microsoft Corporation)
O20 - Winlogon\Notify\dimsntfy: DllName - %SystemRoot%\System32\dimsntfy.dll - C:\WINDOWS\System32\dimsntfy.dll (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
O20 - Winlogon\Notify\klogon: DllName - C:\WINDOWS\system32\klogon.dll - C:\WINDOWS\system32\klogon.dll (Kaspersky Lab)
O20 - Winlogon\Notify\NavLogon: DllName - Reg Error: Value error. - Reg Error: Value error. File not found
O20 - Winlogon\Notify\ScCertProp: DllName - wlnotify.dll - C:\WINDOWS\system32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\Schedule: DllName - wlnotify.dll - C:\WINDOWS\system32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\sclgntfy: DllName - sclgntfy.dll - C:\WINDOWS\system32\sclgntfy.dll (Microsoft Corporation)
O20 - Winlogon\Notify\SensLogn: DllName - WlNotify.dll - C:\WINDOWS\system32\WlNotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\termsrv: DllName - wlnotify.dll - C:\WINDOWS\system32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\WgaLogon: DllName - WgaLogon.dll - C:\WINDOWS\system32\WgaLogon.dll (Microsoft Corporation)
O20 - Winlogon\Notify\wlballoon: DllName - wlnotify.dll - C:\WINDOWS\system32\wlnotify.dll (Microsoft Corporation)
O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - C:\WINDOWS\system32\SHELL32.dll (Microsoft Corporation)
O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - C:\WINDOWS\system32\SHELL32.dll (Microsoft Corporation)
O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - C:\WINDOWS\system32\stobject.dll (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\WINDOWS\system32\webcheck.dll (Microsoft Corporation)
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {438755C2-A8BA-11D1-B96B-00A0C90312E1} - Browseui preloader - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Component Categories cache daemon - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
O24 - Desktop Components:0 (My Current Home Page) - About:Home
O27 - HKLM IFEO\Your Image File Name Here without a path: Debugger - C:\WINDOWS\System32\ntsd.exe (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (msapsspc.dll) - C:\WINDOWS\system32\msapsspc.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - ( schannel.dll) - C:\WINDOWS\system32\schannel.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - ( digest.dll) - C:\WINDOWS\system32\digest.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - ( msnsspc.dll) - C:\WINDOWS\system32\msnsspc.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\WINDOWS\System32\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\WINDOWS\System32\wdigest.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - Autorun File - C:\AUTOEXEC.BAT () - [ NTFS ]
O32 - Autorun File - D:\autocomplete [2008/01/21 11:06:32 | 00,000,000 | ---D | M] - [ NTFS ]
O32 - Autorun File - D:\Automatic_16768011272003.zip () - [ NTFS ]
O32 - Autorun File - D:\autoswitch [2008/01/21 11:06:32 | 00,000,000 | ---D | M] - [ NTFS ]
O32 - Autorun File - D:\autotabs.zip () - [ NTFS ]
O32 - Autorun File - X:\autorun.inf () - [ NTFS ]
O32 - Autorun File - Z:\autorun.inf () - [ NTFS ]
O33 - MountPoints2\##sbg-backup#ephotos\Shell - "" = AutoRun
O33 - MountPoints2\##sbg-backup#ephotos\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\##sbg-backup#ephotos\Shell\AutoRun\command - "" = C:\WINDOWS\system32\Shell32.DLL -- [2008/06/17 22:02:19 | 08,461,312 | ---- | M] (Microsoft Corporation)
O33 - MountPoints2\##sbgrpd#data\Shell - "" = AutoRun
O33 - MountPoints2\##sbgrpd#data\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\##sbgrpd#data\Shell\AutoRun\command - "" = C:\WINDOWS\system32\Shell32.DLL -- [2008/06/17 22:02:19 | 08,461,312 | ---- | M] (Microsoft Corporation)
O33 - MountPoints2\##sbgrpd#psystemold\Shell - "" = AutoRun
O33 - MountPoints2\##sbgrpd#psystemold\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\##sbgrpd#psystemold\Shell\AutoRun\command - "" = C:\WINDOWS\system32\Shell32.DLL -- [2008/06/17 22:02:19 | 08,461,312 | ---- | M] (Microsoft Corporation)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found

========== Files/Folders - Created Within 30 Days ==========

[234 C:\*.tmp files]
[6 C:\WINDOWS\System32\*.tmp files]
[7 C:\WINDOWS\*.tmp files]
[2009/04/01 16:48:37 | 00,028,544 | ---- | C] (Panda Security, S.L.) -- C:\WINDOWS\System32\drivers\pavboot.sys
[2009/04/01 16:27:19 | 00,000,000 | ---D | C] -- C:\Program Files\Panda Security
[2009/04/01 16:25:56 | 00,175,504 | ---- | C] () -- C:\Documents and Settings\ilyas\Desktop\activescan2_en.exe
[2009/04/01 13:19:48 | 22,734,3430 | ---- | C] () -- C:\Documents and Settings\ilyas\Desktop\Raaam.zip
[2009/04/01 08:48:03 | 00,000,200 | ---- | C] () -- C:\Documents and Settings\ilyas\Desktop\DrWeb.csv
[2009/03/31 15:52:56 | 00,000,000 | ---D | C] -- C:\9700
[2009/03/31 15:48:01 | 00,505,921 | ---- | C] () -- C:\Documents and Settings\ilyas\Desktop\Load-drw.exe
[2009/03/30 16:47:49 | 00,000,000 | ---D | C] -- C:\_OTListIt
[2009/03/30 13:38:47 | 00,017,920 | ---- | C] () -- C:\Documents and Settings\ilyas\My Documents\triv.xls
[2009/03/30 08:16:38 | 00,498,688 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\ilyas\Desktop\OTListIt2.exe
[2009/03/29 08:28:21 | 00,000,000 | ---D | C] -- C:\Documents and Settings\ilyas\Application Data\Malwarebytes
[2009/03/29 08:28:19 | 00,015,504 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2009/03/29 08:28:19 | 00,000,696 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2009/03/29 08:28:16 | 00,038,496 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2009/03/29 08:28:15 | 00,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2009/03/29 08:28:15 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2009/03/29 08:16:48 | 02,906,240 | ---- | C] (Malwarebytes Corporation ) -- C:\Documents and Settings\ilyas\Desktop\mbam-setup.exe
[2009/03/28 16:05:21 | 00,000,000 | -HSD | C] -- C:\RECYCLER
[2009/03/28 15:41:40 | 00,000,000 | ---D | C] -- C:\ComboFix
[2009/03/28 15:18:26 | 00,389,120 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\ilyas\Desktop\OTMoveIt3.exe
[2009/03/28 15:14:47 | 01,228,648 | ---- | C] (Registry Fix ) -- C:\Documents and Settings\ilyas\Desktop\registryfix.exe
[2009/03/28 13:01:40 | 00,724,952 | ---- | C] () -- C:\Documents and Settings\ilyas\Desktop\avenger.zip
[2009/03/28 12:12:57 | 00,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2009/03/28 12:12:57 | 00,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2009/03/28 12:12:57 | 00,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2009/03/28 12:12:57 | 00,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2009/03/28 12:12:57 | 00,089,504 | ---- | C] (Smallfrogs Studio) -- C:\WINDOWS\fdsv.exe
[2009/03/28 12:12:57 | 00,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2009/03/28 12:12:57 | 00,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2009/03/28 12:12:57 | 00,049,152 | ---- | C] () -- C:\WINDOWS\VFIND.exe
[2009/03/28 12:12:57 | 00,029,696 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2009/03/28 12:12:30 | 00,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2009/03/28 12:11:27 | 00,000,000 | ---D | C] -- C:\Qoobox
[2009/03/28 11:45:53 | 02,936,496 | R--- | C] () -- C:\Documents and Settings\ilyas\Desktop\ComboFix.exe
[2009/03/28 08:19:58 | 26,437,596 | ---- | C] () -- C:\Documents and Settings\ilyas\Desktop\Kannathil Muthamittal.rar
[2009/03/23 15:08:25 | 00,000,000 | ---D | C] -- C:\Documents and Settings\ilyas\My Documents\My Weblog Posts
[2009/03/23 15:08:25 | 00,000,000 | ---D | C] -- C:\Documents and Settings\ilyas\Local Settings\Application Data\Windows Live Writer
[2009/03/23 15:08:25 | 00,000,000 | ---D | C] -- C:\Documents and Settings\ilyas\Application Data\Windows Live Writer
[2009/03/23 14:53:17 | 00,233,414 | ---- | C] () -- C:\Documents and Settings\ilyas\Desktop\shamiuddin.pdf
[2009/03/23 10:00:29 | 00,000,000 | ---D | C] -- C:\200903A0
[2009/03/22 16:33:14 | 00,019,968 | ---- | C] () -- C:\Documents and Settings\ilyas\My Documents\internet.xls
[2009/03/22 11:49:15 | 00,000,000 | R-SD | C] -- C:\Documents and Settings\ilyas\My Documents\My Stationery
[2009/03/22 10:35:24 | 00,095,950 | ---- | C] () -- C:\Documents and Settings\ilyas\Desktop\Est_TPQ482_from_TIME_PULSE(3).pdf
[2009/03/22 10:32:28 | 00,095,950 | ---- | C] () -- C:\Documents and Settings\ilyas\Desktop\Est_TPQ482_from_TIME_PULSE(2).pdf
[2009/03/22 10:00:49 | 00,081,212 | ---- | C] () -- C:\Documents and Settings\ilyas\Desktop\BT-CV.pdf
[2009/03/22 09:36:16 | 00,773,120 | ---- | C] () -- C:\Documents and Settings\ilyas\Desktop\082 03 09 QJIM LL Binladen RPD HR.doc
[2009/03/22 09:09:49 | 00,000,000 | ---D | C] -- C:\Program Files\Microsoft Office Outlook Connector
[2009/03/22 09:09:22 | 00,055,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\fssfltr_tdi.sys
[2009/03/22 09:08:14 | 00,000,000 | ---D | C] -- C:\Program Files\Microsoft Sync Framework
[2009/03/22 09:04:37 | 00,000,000 | ---D | C] -- C:\Program Files\Microsoft
[2009/03/22 09:04:24 | 00,000,000 | ---D | C] -- C:\Program Files\Windows Live SkyDrive
[2009/03/21 08:43:05 | 00,167,505 | ---- | C] () -- C:\Documents and Settings\ilyas\Desktop\Company Profile(2).pdf
[2009/03/21 08:40:13 | 00,095,046 | ---- | C] () -- C:\Documents and Settings\ilyas\Desktop\Company Profile.pdf
[2009/03/21 08:37:27 | 00,083,114 | ---- | C] () -- C:\Documents and Settings\ilyas\Desktop\SLA.pdf
[2009/03/21 08:37:11 | 00,095,942 | ---- | C] () -- C:\Documents and Settings\ilyas\Desktop\Est_TPQ482_from_TIME_PULSE.pdf
[2009/03/19 16:43:26 | 03,426,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_32.dll
[2009/03/19 13:26:42 | 01,254,262 | ---- | C] () -- C:\Documents and Settings\ilyas\Desktop\Microsoft Word - R.P.D(2).PDF
[2009/03/19 12:52:35 | 01,230,932 | ---- | C] () -- C:\Documents and Settings\ilyas\Desktop\Microsoft Word - R.P.D.PDF
[2009/03/19 11:48:53 | 00,041,644 | ---- | C] () -- C:\Documents and Settings\ilyas\Desktop\IMG000018.jpg
[2009/03/19 11:13:56 | 00,038,912 | ---- | C] () -- C:\Documents and Settings\ilyas\Desktop\awalnet.doc
[2009/03/18 16:40:18 | 00,000,000 | ---D | C] -- C:\Documents and Settings\ilyas\Desktop\فبراير - ثول والتحلية
[2009/03/18 08:45:03 | 00,144,384 | ---- | C] () -- C:\Documents and Settings\ilyas\Desktop\تيم+شيت+م...xls
[2009/03/18 08:17:01 | 00,161,280 | ---- | C] () -- C:\Documents and Settings\ilyas\Desktop\تيم+شيت+ش...xls
[2009/03/17 15:06:29 | 00,100,818 | ---- | C] () -- C:\Documents and Settings\ilyas\Desktop\mak0209.xls
[2009/03/17 14:34:06 | 00,087,552 | ---- | C] () -- C:\Documents and Settings\ilyas\Desktop\Timesheet-February-09.xls
[2009/03/16 09:51:59 | 00,000,000 | ---D | C] -- C:\Documents and Settings\ilyas\Local Settings\Application Data\Microsoft_Corporation
[2009/03/16 09:44:37 | 00,000,000 | ---D | C] -- C:\Documents and Settings\ilyas\My Documents\Integration Services Script Component
[2009/03/16 09:43:05 | 00,000,000 | ---D | C] -- C:\Documents and Settings\ilyas\My Documents\Integration Services Script Task
[2009/03/16 09:42:18 | 00,000,000 | ---D | C] -- C:\Documents and Settings\ilyas\My Documents\SQL Server Management Studio
[2009/03/16 09:42:14 | 00,050,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\perf-SQLAgent$HRD-sqlagtctr10.0.1600.22.dll
[2009/03/16 09:41:58 | 00,079,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\perf-MSSQL$HRD-sqlctr10.0.1600.22.dll
[2009/03/16 09:36:10 | 00,000,000 | ---D | C] -- C:\Program Files\Microsoft Synchronization Services
[2009/03/16 09:35:04 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\RsFx
[2009/03/16 09:32:01 | 00,000,000 | ---D | C] -- C:\Program Files\Microsoft SQL Server Compact Edition
[2009/03/16 09:25:55 | 00,000,000 | ---D | C] -- C:\Program Files\MSXML 6.0
[2009/03/15 13:30:01 | 00,132,099 | ---- | C] () -- C:\Documents and Settings\ilyas\Desktop\TS P-999-02- 09 Email.xlsx
[2009/03/15 13:26:41 | 00,105,472 | ---- | C] () -- C:\Documents and Settings\ilyas\Desktop\Timesheet for Saudi's Jan.09.2
[2009/03/15 13:26:21 | 00,112,898 | ---- | C] () -- C:\Documents and Settings\ilyas\Desktop\Timesheet for Saudi's Jan.09.1
[2009/03/15 13:25:41 | 00,028,160 | ---- | C] () -- C:\Documents and Settings\ilyas\Desktop\Timesheet for Sakan Jan.09
[2009/03/15 13:24:43 | 00,185,344 | ---- | C] () -- C:\Documents and Settings\ilyas\Desktop\Monthly timesheet Makkah area Jan.09
[2009/03/12 09:48:30 | 01,091,051 | ---- | C] () -- C:\Documents and Settings\ilyas\Desktop\WECPSetup.exe
[2009/03/11 14:56:52 | 00,000,000 | ---D | C] -- C:\VIDEO_TS
[2009/03/11 09:29:52 | 00,000,000 | ---D | C] -- C:\Documents and Settings\ilyas\Application Data\Sun
[2009/03/08 10:46:49 | 00,832,880 | ---- | C] ( ) -- C:\Documents and Settings\ilyas\Desktop\gimp-2.6.4-i686-setup.exe
[2009/03/07 08:06:19 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Documents\microsoft

========== Files - Modified Within 30 Days ==========

[234 C:\*.tmp files]
[6 C:\WINDOWS\System32\*.tmp files]
[7 C:\WINDOWS\*.tmp files]
[2009/04/04 08:51:49 | 00,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2009/04/04 08:51:34 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009/04/04 08:51:31 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009/04/04 08:50:54 | 35,639,328 | -HS- | M] () -- C:\WINDOWS\System32\drivers\fidbox.dat
[2009/04/04 08:50:54 | 00,639,520 | -HS- | M] () -- C:\WINDOWS\System32\drivers\fidbox2.dat
[2009/04/04 08:50:54 | 00,473,876 | -HS- | M] () -- C:\WINDOWS\System32\drivers\fidbox.idx
[2009/04/04 08:50:54 | 00,068,636 | -HS- | M] () -- C:\WINDOWS\System32\drivers\fidbox2.idx
[2009/04/03 19:33:30 | 00,201,504 | ---- | M] (Kaspersky Lab) -- C:\WINDOWS\System32\drivers\klif.sys
[2009/04/02 13:22:55 | 00,001,858 | -H-- | M] () -- C:\Documents and Settings\ilyas\My Documents\Default.rdp
[2009/04/02 08:57:15 | 00,000,086 | ---- | M] () -- C:\WINDOWS\vbaddin.ini
[2009/04/01 20:27:56 | 22,734,3430 | ---- | M] () -- C:\Documents and Settings\ilyas\Desktop\Raaam.zip
[2009/04/01 16:26:34 | 00,175,504 | ---- | M] () -- C:\Documents and Settings\ilyas\Desktop\activescan2_en.exe
[2009/04/01 08:48:03 | 00,000,200 | ---- | M] () -- C:\Documents and Settings\ilyas\Desktop\DrWeb.csv
[2009/03/31 15:51:20 | 00,505,921 | ---- | M] () -- C:\Documents and Settings\ilyas\Desktop\Load-drw.exe
[2009/03/30 13:38:47 | 00,017,920 | ---- | M] () -- C:\Documents and Settings\ilyas\My Documents\triv.xls
[2009/03/30 08:18:32 | 00,498,688 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\ilyas\Desktop\OTListIt2.exe
[2009/03/29 14:05:53 | 00,254,536 | -H-- | M] () -- C:\WINDOWS\System32\mlfcache.dat
[2009/03/29 08:28:19 | 00,000,696 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2009/03/29 08:27:14 | 02,906,240 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\ilyas\Desktop\mbam-setup.exe
[2009/03/28 15:54:07 | 00,000,603 | ---- | M] () -- C:\WINDOWS\win.ini
[2009/03/28 15:54:07 | 00,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
[2009/03/28 15:54:07 | 00,000,211 | -HS- | M] () -- C:\boot.ini
[2009/03/28 15:24:44 | 01,228,648 | ---- | M] (Registry Fix ) -- C:\Documents and Settings\ilyas\Desktop\registryfix.exe
[2009/03/28 15:21:00 | 00,389,120 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\ilyas\Desktop\OTMoveIt3.exe
[2009/03/28 15:05:10 | 21,453,86496 | ---- | M] () -- C:\WINDOWS\MEMORY.DMP
[2009/03/28 13:08:12 | 00,724,952 | ---- | M] () -- C:\Documents and Settings\ilyas\Desktop\avenger.zip
[2009/03/28 12:26:17 | 00,655,856 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2009/03/28 12:26:17 | 00,536,546 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2009/03/28 12:26:17 | 00,107,000 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2009/03/28 12:21:56 | 00,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.msn
[2009/03/28 12:21:56 | 00,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2009/03/28 12:09:13 | 02,936,496 | R--- | M] () -- C:\Documents and Settings\ilyas\Desktop\ComboFix.exe
[2009/03/28 11:56:36 | 26,437,596 | ---- | M] () -- C:\Documents and Settings\ilyas\Desktop\Kannathil Muthamittal.rar
[2009/03/28 10:25:25 | 01,080,520 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2009/03/26 16:49:56 | 00,038,496 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2009/03/26 16:49:50 | 00,015,504 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2009/03/25 16:14:46 | 00,058,880 | ---- | M] () -- C:\Documents and Settings\ilyas\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/03/23 14:53:17 | 00,233,414 | ---- | M] () -- C:\Documents and Settings\ilyas\Desktop\shamiuddin.pdf
[2009/03/22 16:33:15 | 00,019,968 | ---- | M] () -- C:\Documents and Settings\ilyas\My Documents\internet.xls
[2009/03/22 10:35:53 | 00,095,950 | ---- | M] () -- C:\Documents and Settings\ilyas\Desktop\Est_TPQ482_from_TIME_PULSE(3).pdf
[2009/03/22 10:32:54 | 00,095,950 | ---- | M] () -- C:\Documents and Settings\ilyas\Desktop\Est_TPQ482_from_TIME_PULSE(2).pdf
[2009/03/22 10:01:07 | 00,081,212 | ---- | M] () -- C:\Documents and Settings\ilyas\Desktop\BT-CV.pdf
[2009/03/22 09:39:01 | 00,773,120 | ---- | M] () -- C:\Documents and Settings\ilyas\Desktop\082 03 09 QJIM LL Binladen RPD HR.doc
[2009/03/22 09:06:23 | 00,000,899 | ---- | M] () -- C:\Documents and Settings\ilyas\My Documents\My Sharing Folders.lnk
[2009/03/21 08:44:48 | 00,167,505 | ---- | M] () -- C:\Documents and Settings\ilyas\Desktop\Company Profile(2).pdf
[2009/03/21 08:42:16 | 00,095,046 | ---- | M] () -- C:\Documents and Settings\ilyas\Desktop\Company Profile.pdf
[2009/03/21 08:38:12 | 00,083,114 | ---- | M] () -- C:\Documents and Settings\ilyas\Desktop\SLA.pdf
[2009/03/21 08:37:58 | 00,095,942 | ---- | M] () -- C:\Documents and Settings\ilyas\Desktop\Est_TPQ482_from_TIME_PULSE.pdf
[2009/03/21 08:20:12 | 00,411,720 | ---- | M] () -- C:\Documents and Settings\ilyas\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2009/03/19 13:47:38 | 01,254,262 | ---- | M] () -- C:\Documents and Settings\ilyas\Desktop\Microsoft Word - R.P.D(2).PDF
[2009/03/19 13:07:20 | 01,230,932 | ---- | M] () -- C:\Documents and Settings\ilyas\Desktop\Microsoft Word - R.P.D.PDF
[2009/03/19 11:49:03 | 00,041,644 | ---- | M] () -- C:\Documents and Settings\ilyas\Desktop\IMG000018.jpg
[2009/03/19 11:13:57 | 00,038,912 | ---- | M] () -- C:\Documents and Settings\ilyas\Desktop\awalnet.doc
[2009/03/18 08:45:10 | 00,144,384 | ---- | M] () -- C:\Documents and Settings\ilyas\Desktop\تيم+شيت+م...xls
[2009/03/18 08:43:22 | 00,161,280 | ---- | M] () -- C:\Documents and Settings\ilyas\Desktop\تيم+شيت+ش...xls
[2009/03/18 08:14:30 | 00,087,552 | ---- | M] () -- C:\Documents and Settings\ilyas\Desktop\Timesheet-February-09.xls
[2009/03/17 16:12:28 | 42,448,0768 | ---- | M] () -- C:\Documents and Settings\ilyas\Desktop\Pers2000.mdb
[2009/03/17 15:58:59 | 75,302,912 | ---- | M] () -- C:\Documents and Settings\ilyas\Desktop\PERS.MDW
[2009/03/17 15:08:42 | 00,100,818 | ---- | M] () -- C:\Documents and Settings\ilyas\Desktop\mak0209.xls
[2009/03/15 13:30:21 | 00,132,099 | ---- | M] () -- C:\Documents and Settings\ilyas\Desktop\TS P-999-02- 09 Email.xlsx
[2009/03/15 13:28:06 | 00,112,898 | ---- | M] () -- C:\Documents and Settings\ilyas\Desktop\Timesheet for Saudi's Jan.09.1
[2009/03/15 13:27:21 | 00,105,472 | ---- | M] () -- C:\Documents and Settings\ilyas\Desktop\Timesheet for Saudi's Jan.09.2
[2009/03/15 13:26:35 | 00,028,160 | ---- | M] () -- C:\Documents and Settings\ilyas\Desktop\Timesheet for Sakan Jan.09
[2009/03/15 13:25:48 | 00,185,344 | ---- | M] () -- C:\Documents and Settings\ilyas\Desktop\Monthly timesheet Makkah area Jan.09
[2009/03/12 10:01:04 | 01,091,051 | ---- | M] () -- C:\Documents and Settings\ilyas\Desktop\WECPSetup.exe
[2009/03/11 08:17:10 | 00,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2009/03/08 10:58:52 | 00,832,880 | ---- | M] ( ) -- C:\Documents and Settings\ilyas\Desktop\gimp-2.6.4-i686-setup.exe
[2009/03/07 14:57:00 | 00,019,186 | ---- | M] () -- C:\Documents and Settings\ilyas\My Documents\thrwat-palace.xls
< End of report >
  • 0

#19
kahdah

kahdah

    GeekU Teacher

  • Retired Staff
  • 15,822 posts
Looks good how are things running?
  • 0

#20
ilyasjed

ilyasjed

    Member

  • Topic Starter
  • Member
  • PipPip
  • 13 posts
seems everything fine.... thank you very much...
but now i face another problem than, i cant browse all computers through Entire Network .
when i double click the <Domain Name> i m getting following error message
<domain> is not accessible. you may not have permission to use this network resource

Pls advice
Thanks
  • 0

#21
ilyasjed

ilyasjed

    Member

  • Topic Starter
  • Member
  • PipPip
  • 13 posts
Thanks Mr. Kahdah for your help.....
now i can browse the entire network... after i unchecked AntiHacker in my Kaspersky antivirus i can browse ....

Thank you very much
  • 0

#22
kahdah

kahdah

    GeekU Teacher

  • Retired Staff
  • 15,822 posts
Run OTList2.exe
  • Under the Custom Scans/Fixes box at the bottom, paste in the following
    :OTLI
    O32 - Autorun File - X:\autorun.inf () - [ NTFS ]
    O32 - Autorun File - Z:\autorun.inf () - [ NTFS ]
  • Then click the Run Fix button at the top
  • Let the program run unhindered
  • It will say "Fix complete click ok to open the log".
  • post the contents ofthat log here.

  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP