OTL logfile created on: 5/30/2010 11:48:38 PM - Run OTLPE by OldTimer - Version 3.1.39.0 Folder = X:\Programs\OTLPE Microsoft Windows XP Service Pack 2 (Version = 5.1.2600) - Type = SYSTEM Internet Explorer (Version = 7.0.5730.11) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 223.00 Mb Total Physical Memory | 53.00 Mb Available Physical Memory | 24.00% Memory free 191.00 Mb Paging File | 77.00 Mb Available in Paging File | 40.00% Paging File free Paging file location(s): C:\pagefile.sys 336 672 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 37.25 Gb Total Space | 7.95 Gb Free Space | 21.35% Space Free | Partition Type: NTFS D: Drive not present or media not loaded E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Drive X: | 280.77 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS Computer Name: REATOGO Current User Name: SYSTEM Logged in as Administrator. Current Boot Mode: Normal Scan Mode: All users Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days Output = Standard Using ControlSet: ControlSet001 [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - [2009/05/21 11:17:26 | 000,600,944 | ---- | M] () [Auto] -- C:\Program Files\iolo\Common\Lib\ioloServiceManager.exe -- (ioloSystemService) SRV - [2009/05/21 11:17:26 | 000,600,944 | ---- | M] () [Auto] -- C:\Program Files\iolo\Common\Lib\ioloServiceManager.exe -- (ioloFileInfoList) SRV - [2006/11/01 00:04:02 | 000,321,088 | ---- | M] (Pure Networks, Inc.) [Auto] -- C:\Program Files\Pure Networks\Network Magic\nmsrvc.exe -- (nmservice) SRV - [2006/10/14 19:21:04 | 000,012,800 | ---- | M] (Pure Networks, Inc.) [On_Demand] -- C:\Program Files\Pure Networks\Network Magic\WebServer\bin\nmraapache.exe -- (nmraapache) SRV - [2006/09/07 19:45:56 | 000,126,976 | ---- | M] (Avanquest Publishing USA, Inc.) [Auto] -- C:\Program Files\VCOM\Fix-It\mxtask.exe -- (Fix-It Task Manager) SRV - [2005/11/14 01:06:04 | 000,069,632 | ---- | M] (Macrovision Corporation) [On_Demand] -- C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe -- (IDriverT) SRV - [2005/10/06 19:12:30 | 000,855,552 | ---- | M] (Microsoft Corporation) [Auto] -- C:\Program Files\Windows Media Connect 2\wmccds.exe -- (WMConnectCDS) SRV - [2004/08/05 20:23:10 | 000,308,352 | ---- | M] (Symantec Corporation) [Auto] -- C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe -- (SymWSC) SRV - [2003/08/06 20:58:26 | 001,376,360 | ---- | M] (America Online, Inc.) [Auto] -- C:\Program Files\Common Files\AOL\ACS\acsd.exe -- (AOL ACS) SRV - [2003/03/17 17:17:00 | 000,049,152 | ---- | M] (CANON INC.) [Auto] -- C:\Program Files\Canon\BJCard\Bjmcmng.exe -- (Bjmcmng) SRV - [2003/01/10 21:13:04 | 000,065,536 | ---- | M] (America Online, Inc.) [Auto] -- C:\WINDOWS\wanmpsvc.exe -- (WANMiniportService) WAN Miniport (ATW) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - File not found [Kernel | On_Demand] -- -- (WDICA) DRV - File not found [Kernel | On_Demand] -- -- (SjyPkt) DRV - File not found [Kernel | On_Demand] -- -- (RTL8187B) DRV - File not found [Kernel | On_Demand] -- -- (PDRFRAME) DRV - File not found [Kernel | On_Demand] -- -- (PDRELI) DRV - File not found [Kernel | On_Demand] -- -- (PDFRAME) DRV - File not found [Kernel | On_Demand] -- -- (PDCOMP) DRV - File not found [Kernel | System] -- -- (PCIDump) DRV - File not found [Kernel | On_Demand] -- -- (PCANDIS5) DRV - File not found [Kernel | System] -- -- (lbrtfdc) DRV - File not found [Kernel | System] -- -- (i2omgmt) DRV - File not found [Kernel | On_Demand] -- -- (GTNDIS5) DRV - File not found [Kernel | System] -- -- (Changer) DRV - [2007/02/08 19:44:22 | 000,026,944 | ---- | M] (Pure Networks, Inc.) [Kernel | Auto] -- C:\WINDOWS\system32\drivers\purendis.sys -- (purendis) DRV - [2007/02/08 19:44:00 | 000,025,792 | ---- | M] (Pure Networks, Inc.) [Kernel | Auto] -- C:\WINDOWS\system32\drivers\pnarp.sys -- (pnarp) DRV - [2006/09/07 19:06:14 | 000,190,480 | ---- | M] (Trend Micro Inc.) [Kernel | Auto] -- C:\Program Files\VCOM\Fix-It\tmxpflt.sys -- (tmxpflt) DRV - [2006/09/07 19:06:12 | 001,022,432 | ---- | M] (Trend Micro Inc.) [Kernel | Auto] -- C:\Program Files\VCOM\Fix-It\Vsapint.sys -- (Vsapint) DRV - [2006/09/07 19:06:12 | 000,031,248 | ---- | M] (Trend Micro Inc.) [Kernel | Auto] -- C:\Program Files\VCOM\Fix-It\tmpreflt.sys -- (tmpreflt) DRV - [2004/08/04 02:10:08 | 000,061,056 | ---- | M] () [Kernel | Boot] -- C:\WINDOWS\system32\drivers\ohci1394.sys -- (ohci1394) DRV - [2004/08/04 02:04:32 | 000,012,672 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\usb8023.sys -- (USB_RNDIS) DRV - [2004/02/11 03:04:09 | 000,008,552 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | Auto] -- C:\WINDOWS\system32\drivers\asctrm.sys -- (ASCTRM) DRV - [2003/10/30 21:43:06 | 000,178,432 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\SynTP.sys -- (SynTP) DRV - [2003/09/26 19:26:54 | 000,272,128 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\camchal.sys -- (CAMCHALA) DRV - [2003/09/26 19:25:06 | 000,291,712 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\camcaud.sys -- (CAMCAUD) DRV - [2003/06/30 22:11:52 | 000,043,136 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\bcm4sbxp.sys -- (bcm4sbxp) DRV - [2003/06/17 05:43:00 | 000,006,528 | ---- | M] (Canon.inc) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\bjhid2.sys -- (FilterService2) DRV - [2003/05/01 17:42:08 | 000,030,592 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto] -- C:\WINDOWS\system32\drivers\strmdisp.sys -- (StreamDispatcher) DRV - [2003/05/01 17:40:56 | 000,165,504 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\HSFHWICH.sys -- (HSFHWICH) DRV - [2003/05/01 17:38:56 | 000,622,848 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf) DRV - [2003/05/01 17:37:46 | 001,107,200 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\HSF_DP.sys -- (HSF_DP) DRV - [2003/04/13 23:25:12 | 000,151,808 | R--- | M] (Linksys) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\LSRTNDS.sys -- (LSWPCv4) DRV - [2003/04/02 19:54:16 | 000,020,648 | R--- | M] (Thomson Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\netrcacm.sys -- (netrcacm) DRV - [2003/01/10 21:13:04 | 000,033,588 | ---- | M] (America Online, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\wanatw4.sys -- (wanatw) WAN Miniport (ATW) DRV - [2002/02/19 14:34:18 | 000,072,576 | R--- | M] (The LinkSys Group, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\netusbxp.sys -- (USBNET_XP) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://home.peoplepc.com/search IE - HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.emachines.com IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\Dad_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.emachines.com/ IE - HKU\Dad_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\Dad_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local IE - HKU\LocalService_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.emachines.com IE - HKU\LocalService_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\NetworkService_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.emachines.com IE - HKU\NetworkService_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\test_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.comcast.net/ IE - HKU\test_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\test_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = IE - HKU\test_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = FF - HKLM\software\mozilla\CompuServe 7.0\Extensions\\: FF - HKLM\software\mozilla\CompuServe 7.0\Extensions\\Components: C:\Program Files\Common Files\csshare\plugins0942 [2008/09/27 20:00:17 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\CompuServe 7.0\Extensions\\Plugins: C:\Program Files\Common Files\csshare\plugins0942 [2008/09/27 20:00:17 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Netscape 6 6.2.1\Extensions\\Components: C:\Program Files\Netscape\Netscape 6\Components [2008/09/27 20:00:17 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Netscape 6 6.2.1\Extensions\\Plugins: C:\Program Files\Netscape\Netscape 6\Plugins [2008/09/27 20:00:17 | 000,000,000 | ---D | M] Hosts file not found O2 - BHO: (no name) - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - No CLSID value found. O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) O2 - BHO: (no name) - {549B5CA7-4A86-11D7-A4DF-000874180BB3} - No CLSID value found. O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (IEWatchObj Class) - {9527D42F-D666-11D3-B8DD-00600838CD5F} - C:\WINDOWS\system32\IETie.dll (Tenebril Incorporated) O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - No CLSID value found. O3 - HKLM\..\Toolbar: (Easy-WebPrint) - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll () O3 - HKU\Dad_ON_C\..\Toolbar\ShellBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found. O3 - HKU\Dad_ON_C\..\Toolbar\WebBrowser: (no name) - {A8FB8EB3-183B-4598-924D-86F0E5E37085} - No CLSID value found. O3 - HKU\Dad_ON_C\..\Toolbar\WebBrowser: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No CLSID value found. O3 - HKU\test_ON_C\..\Toolbar\ShellBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found. O3 - HKU\test_ON_C\..\Toolbar\WebBrowser: (no name) - {A8FB8EB3-183B-4598-924D-86F0E5E37085} - No CLSID value found. O3 - HKU\test_ON_C\..\Toolbar\WebBrowser: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No CLSID value found. O4 - HKLM..\Run: [BJPD HID Control] C:\Program Files\Canon\BJPV\TVMon.exe (Canon Inc.) O4 - HKLM..\Run: [KernelFaultCheck] File not found O4 - HKLM..\Run: [nmapp] C:\Program Files\Pure Networks\Network Magic\nmapp.exe (Pure Networks, Inc.) O4 - HKLM..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe (RealNetworks, Inc.) O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe (Sun Microsystems, Inc.) O4 - HKLM..\Run: [VirusScannerPro] C:\Program Files\VCOM\Fix-It\MemCheck.exe (Avanquest Publishing USA, Inc.) O4 - HKU\Dad_ON_C..\Run: [HSN Skin Tools Alerts] C:\Program Files\HSN\bar\1.bin\hsnSkPly.exe File not found O4 - HKU\test_ON_C..\Run: [H/PC Connection Agent] C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE (Microsoft Corporation) O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\BigFix.lnk = C:\Program Files\BigFix\BigFix.exe (BigFix Inc.) O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Wireless-B Notebook Adapter Utility.lnk = C:\Program Files\Linksys\Wireless-B Notebook Adapter\WPC11Cfg.exe (The Linksys Group, Inc.) O4 - Startup: C:\Documents and Settings\test\Start Menu\Programs\Startup\PowerReg SchedulerV2.exe () O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\Dad_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\LocalService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\NetworkService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\test_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\npjpi160_05.dll (Sun Microsystems, Inc.) O9 - Extra Button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll (Microsoft Corporation) O9 - Extra Button: ICQ - {6224f700-cba3-4071-b251-47cb894244cd} - C:\Program Files\ICQ\Icq.exe () O9 - Extra 'Tools' menuitem : ICQ - {6224f700-cba3-4071-b251-47cb894244cd} - C:\Program Files\ICQ\Icq.exe () O9 - Extra Button: ComcastHSI - {669B269B-0D4E-41FB-A3D8-FD67CA94F646} - File not found O9 - Extra Button: Support - {8828075D-D097-4055-AA02-2DBFA9D85E8A} - File not found O9 - Extra Button: Help - {97809617-3937-4F84-B335-9BB05EF1A8D4} - File not found O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - File not found O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\VCOM\Fix-It\MxAVLsp.dll (Avanquest Publishing USA, Inc.) O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\VCOM\Fix-It\MxAVLsp.dll (Avanquest Publishing USA, Inc.) O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\VCOM\Fix-It\MxAVLsp.dll (Avanquest Publishing USA, Inc.) O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files\VCOM\Fix-It\MxAVLsp.dll (Avanquest Publishing USA, Inc.) O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files\VCOM\Fix-It\MxAVLsp.dll (Avanquest Publishing USA, Inc.) O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Program Files\VCOM\Fix-It\MxAVLsp.dll (Avanquest Publishing USA, Inc.) O16 - DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} http://office.microsoft.com/templates/ieawsdc.cab (Microsoft Office Template and Media Control) O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} http://a1540.g.akamai.net/7/1540/52/20061205/qtinstall.info.apple.com/qtactivex/qtplugin.cab (QuickTime Object) O16 - DPF: {10EC6CEC-5A1D-4E4E-AB85-8CC516F2A687} http://www.cpa-exam.org/AICPATutorial/install/AICPAViewer.cab (AICPAViewer.clsViewer) O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://go.microsoft.com/fwlink/?linkid=39204 (Windows Genuine Advantage Validation Tool) O16 - DPF: {1793DA7C-7D78-4F66-BAB9-E0402564AFC3} http://www.cpa-exam.org/AICPATutorial/install/General.cab (Calculator.UCCalculator) O16 - DPF: {2871FC9B-5E34-4AAE-9E9C-EBD1652D5C92} http://forms.real.com/real/player/download.html?f=windows/mrkt/rhapx/RhapsodyPlayerEngine_Inst_Win.cab (RhapsodyPlayerEngineCtrl Class) O16 - DPF: {2B96D5CC-C5B5-49A5-A69D-CC0A30F9028C} http://wdownload.weatherbug.com/minibug/tricklers/AWS/MiniBugTransporter.cab? (MiniBugTransporterX Class) O16 - DPF: {3107C2A8-9F0B-4404-A58B-21BD85268FBC} http://www.pogo.com/cdl/launcher/PogoWebLauncherInstaller.CAB (PogoWebLauncher Control) O16 - DPF: {3EEFCD4B-E9FD-4601-BE5D-C5C1776E51D3} http://www.cpa-exam.org/AICPATutorial/install/SSItem.cab (AICPASSV.Spreadsheet) O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} http://www2.snapfish.com/SnapfishActivia.cab (Snapfish Activia) O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} http://lads.myspace.com/upload/MySpaceUploader1005.cab (MySpace Uploader Control) O16 - DPF: {4DCCD2FC-132F-45EC-BFDA-72235B85047C} http://www.cpa-exam.org/AICPATutorial/install/SimItems.cab (AICPAAuthLit.AuthLitItem) O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} http://by107fd.bay107.hotmail.msn.com/resources/MsnPUpld.cab (MSN Photo Upload Tool) O16 - DPF: {640B39C1-D713-464F-92C3-75BD972B95EE} http://www.sidestep.com/get/k42037/sb028.cab (Reg Error: Key error.) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab (Java Plug-in 1.6.0_05) O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab (Reg Error: Key error.) O16 - DPF: {909A35CA-61DC-4437-887E-30ED6D89F6C8} http://www.cpa-exam.org/AICPATutorialv2/install/General.cab (AICPAUI.ucHyperlink) O16 - DPF: {96F2228B-0D43-48AC-B857-29972C87EBA4} http://www.cpa-exam.org/AICPATutorialv2/install/CRItem.CAB (AICPACR.ConstructedResponse) O16 - DPF: {A18962F6-E6ED-40B1-97C9-1FB36F38BFA8} http://www.winkflash.com/photo/loaders/ImageUploader3.cab (Aurigma Image Uploader 3.0 Control) O16 - DPF: {C2D46EE6-57E2-4E81-AD94-E4DE41C12C8E} http://www.cpa-exam.org/AICPATutorialv2/install/AICPAViewer.cab (AICPAViewer.clsViewer) O16 - DPF: {CAFEEFAC-0015-0000-0004-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_04-windows-i586.cab (Java Plug-in 1.5.0_04) O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab (Java Plug-in 1.5.0_06) O16 - DPF: {CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_09-windows-i586.cab (Java Plug-in 1.5.0_09) O16 - DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab (Java Plug-in 1.6.0_02) O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab (Java Plug-in 1.6.0_05) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab (Java Plug-in 1.6.0_05) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O16 - DPF: {D4C9E474-9A6C-4FBF-B13A-4BE2BDD34FD5} http://www.cpa-exam.org/AICPATutorialv2/install/AICPAViewerIL.cab (AICPA treeView control) O18 - Protocol\Handler\mctp {d7b95390-b1c5-11d0-b111-0080c712fe82} - C:\Program Files\Microsoft ActiveSync\aatp.dll (Microsoft Corporation) O18 - Protocol\Handler\pure-go {4746C79A-2042-4332-8650-48966E44ABA8} - C:\Program Files\Common Files\Pure Networks Shared\puresp3.dll (Pure Networks, Inc.) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - Winlogon\Notify\igfxcui: DllName - igfxsrvc.dll - C:\WINDOWS\System32\igfxsrvc.dll (Intel Corporation) O24 - Desktop WallPaper: B:\Documents and Settings\Default User\Local Settings\Application Data\Microsoft\Wallpaper1.bmp O24 - Desktop BackupWallPaper: B:\Documents and Settings\Default User\Local Settings\Application Data\Microsoft\Wallpaper1.bmp O28 - HKLM ShellExecuteHooks: {a5780613-492e-4a2a-a7fd-549610edf6cc} - Reg Error: Key error. File not found O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2004/02/11 02:42:12 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O32 - AutoRun File - [2006/03/24 07:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ] O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2010/05/22 10:37:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\test\Local Settings\Application Data\PCHealth [2010/05/22 09:53:44 | 000,000,000 | ---D | C] -- C:\WINDOWS\LastGood [2005/07/23 12:10:42 | 000,774,144 | ---- | C] (RealNetworks, Inc.) -- C:\Program Files\RngInterstitial.dll [3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [2 C:\Documents and Settings\test\My Documents\*.tmp files -> C:\Documents and Settings\test\My Documents\*.tmp -> ] [1 C:\Documents and Settings\Dad\My Documents\*.tmp files -> C:\Documents and Settings\Dad\My Documents\*.tmp -> ] [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2010/05/22 11:34:48 | 000,237,568 | ---- | M] () -- C:\Documents and Settings\NetworkService\NTUSER.DAT [2010/05/22 11:34:48 | 000,237,568 | ---- | M] () -- C:\Documents and Settings\LocalService\NTUSER.DAT [2010/05/22 11:34:45 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT [2010/05/22 11:34:27 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2010/05/22 11:33:32 | 000,000,278 | -HS- | M] () -- C:\Documents and Settings\test\ntuser.ini [2010/05/22 11:33:30 | 003,670,016 | -H-- | M] () -- C:\Documents and Settings\test\ntuser.dat [2010/05/22 11:29:57 | 000,757,288 | -H-- | M] () -- C:\Documents and Settings\test\Local Settings\Application Data\IconCache.db [2010/05/22 11:28:15 | 000,000,128 | ---- | M] () -- C:\WINDOWS\TaxACT04.ini [2010/05/22 11:23:15 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK [2010/05/22 10:38:13 | 000,000,801 | ---- | M] () -- C:\WINDOWS\win.ini [2010/05/22 10:24:16 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2010/05/22 09:36:41 | 234,278,912 | -HS- | M] () -- C:\hiberfil.sys [3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [2 C:\Documents and Settings\test\My Documents\*.tmp files -> C:\Documents and Settings\test\My Documents\*.tmp -> ] [1 C:\Documents and Settings\Dad\My Documents\*.tmp files -> C:\Documents and Settings\Dad\My Documents\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2010/02/21 09:15:52 | 000,940,896 | ---- | C] () -- C:\WINDOWS\System32\Incinerator.dll [2010/02/21 08:52:25 | 000,074,703 | ---- | C] () -- C:\WINDOWS\System32\mfc45.dll [2008/04/26 08:53:31 | 000,000,903 | ---- | C] () -- C:\Documents and Settings\test\.recently-used.xbel [2008/01/01 16:02:21 | 003,670,016 | ---- | C] () -- C:\Documents and Settings\Dad\ntuser.dat [2007/09/25 16:51:32 | 000,018,764 | ---- | C] () -- C:\WINDOWS\System32\ddmon.dll [2007/04/05 21:13:39 | 000,000,000 | -H-- | C] () -- C:\Documents and Settings\Dad\NTUSER.DFG.LOG [2007/03/14 21:18:55 | 003,407,872 | ---- | C] () -- C:\Documents and Settings\Dad\NTUSER.BAK [2007/03/14 21:18:54 | 000,237,568 | ---- | C] () -- C:\Documents and Settings\NetworkService\NTUSER.DAT [2007/03/14 21:18:53 | 000,237,568 | ---- | C] () -- C:\Documents and Settings\LocalService\NTUSER.DAT [2007/01/20 22:59:14 | 000,001,029 | ---- | C] () -- C:\WINDOWS\maxlink.ini [2006/10/01 10:14:09 | 000,007,680 | ---- | C] () -- C:\Documents and Settings\Dad\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2006/09/27 17:53:22 | 000,036,560 | ---- | C] () -- C:\WINDOWS\System32\drivers\pxhelp20.sys [2006/04/10 17:16:19 | 000,000,115 | ---- | C] () -- C:\WINDOWS\TaxACT05.ini [2006/02/24 16:54:42 | 000,073,728 | ---- | C] () -- C:\WINDOWS\System32\deskMenu2.dll [2006/01/08 12:57:36 | 000,000,128 | ---- | C] () -- C:\WINDOWS\TaxACT04.ini [2005/11/01 15:22:01 | 000,000,057 | ---- | C] () -- C:\WINDOWS\uilib.INI [2005/07/05 20:02:06 | 000,008,192 | -H-- | C] () -- C:\Documents and Settings\Dad\ntuser.dat.LOG [2005/07/05 20:02:06 | 000,000,278 | -HS- | C] () -- C:\Documents and Settings\Dad\ntuser.ini [2005/05/11 20:40:15 | 000,000,912 | ---- | C] () -- C:\Documents and Settings\test\reglog.txt [2005/04/09 13:08:28 | 000,061,440 | ---- | C] () -- C:\WINDOWS\System32\a_i_037.dll [2005/03/18 18:47:17 | 000,006,656 | ---- | C] () -- C:\WINDOWS\System32\CNMVS5e.DLL [2004/09/12 12:53:14 | 000,014,848 | ---- | C] () -- C:\WINDOWS\System32\mpnatapi.dll [2004/08/23 19:23:46 | 000,000,581 | ---- | C] () -- C:\Documents and Settings\test\plugin131_02.trace [2004/08/16 11:21:54 | 000,428,032 | ---- | C] () -- C:\WINDOWS\System32\msdtcprx.dll [2004/07/08 11:59:11 | 000,000,045 | ---- | C] () -- C:\WINDOWS\EPSONC64.ini [2004/07/08 10:52:18 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI [2004/07/01 14:49:20 | 000,016,384 | -H-- | C] () -- C:\Documents and Settings\test\ntuser.dat.LOG [2004/07/01 14:49:20 | 000,000,278 | -HS- | C] () -- C:\Documents and Settings\test\ntuser.ini [2004/07/01 14:49:19 | 003,670,016 | -H-- | C] () -- C:\Documents and Settings\test\ntuser.dat [2004/02/11 16:08:24 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini [2004/02/11 15:28:20 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\SynTPCoI.dll [2004/02/11 15:13:43 | 000,196,955 | ---- | C] () -- C:\WINDOWS\System32\ialmdev5.dll [2004/02/11 15:13:43 | 000,096,858 | ---- | C] () -- C:\WINDOWS\System32\drivers\ialmkchw.sys [2004/02/11 03:18:15 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll [2004/02/11 03:02:15 | 000,000,132 | ---- | C] () -- C:\WINDOWS\winamp.ini [2004/02/11 03:01:22 | 000,000,310 | ---- | C] () -- C:\WINDOWS\net2fone.ini [2004/02/11 02:51:28 | 000,151,552 | ---- | C] () -- C:\WINDOWS\System32\shmedia.dll [2004/02/11 02:45:38 | 000,008,192 | -H-- | C] () -- C:\Documents and Settings\LocalService\ntuser.dat.LOG [2004/02/11 02:45:38 | 000,000,020 | -HS- | C] () -- C:\Documents and Settings\LocalService\ntuser.ini [2004/02/11 02:45:37 | 000,008,192 | -H-- | C] () -- C:\Documents and Settings\NetworkService\ntuser.dat.LOG [2004/02/11 02:45:37 | 000,000,020 | -HS- | C] () -- C:\Documents and Settings\NetworkService\ntuser.ini [2004/02/11 01:14:35 | 000,001,094 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini [2004/02/11 01:14:35 | 000,000,466 | ---- | C] () -- C:\WINDOWS\System32\emver.ini [2004/02/11 01:14:16 | 000,311,327 | ---- | C] () -- C:\WINDOWS\System32\wmv8dmod.dll [2004/02/11 01:14:05 | 000,171,008 | ---- | C] () -- C:\WINDOWS\System32\sccsccp.dll [2004/02/11 01:14:01 | 000,713,728 | ---- | C] () -- C:\WINDOWS\System32\opengl32.dll [2004/02/11 01:13:53 | 000,143,360 | ---- | C] () -- C:\WINDOWS\System32\msorcl32.dll [2004/02/11 01:13:50 | 000,119,808 | ---- | C] () -- C:\WINDOWS\System32\mmutilse.dll [2004/02/11 01:13:47 | 000,083,968 | ---- | C] () -- C:\WINDOWS\System32\ipxmontr.dll [2004/02/11 01:13:45 | 000,344,064 | ---- | C] () -- C:\WINDOWS\System32\hnetcfg.dll [2003/07/22 13:53:07 | 000,200,704 | --S- | C] () -- C:\WINDOWS\System32\archlib.dll [2002/01/08 17:57:34 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\Jpeg32.dll [1999/01/22 22:46:58 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\MSRTEDIT.DLL [1998/12/24 14:23:22 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\VBAME.DLL [color=#E56717]========== LOP Check ==========[/color] [2006/04/09 22:20:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\test\Application Data\AICPA [2004/07/19 13:05:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\test\Application Data\funkitron [2008/04/26 08:53:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\test\Application Data\gtk-2.0 [2004/02/11 02:58:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\test\Application Data\InterTrust [2005/11/13 14:19:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\test\Application Data\MailWasher [2005/08/03 20:26:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\test\Application Data\Mind Control Software [2004/11/21 20:30:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\test\Application Data\pixelStorm [2005/11/01 15:02:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\test\Application Data\Tenebril [2007/04/06 20:22:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\test\Application Data\VCOM [2007/04/05 05:38:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dad\Application Data\Avanquest [2007/09/25 16:54:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dad\Application Data\deskPDF [2004/02/11 02:58:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dad\Application Data\InterTrust [2010/02/21 09:18:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dad\Application Data\iolo [2007/07/16 19:51:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dad\Application Data\Snapfish [2007/04/07 15:42:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dad\Application Data\VCOM [2010/03/20 16:30:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\iolo [2007/04/05 19:56:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\VCOM [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Alternate Data Streams ==========[/color] @Alternate Data Stream - 2628 bytes -> C:\WINDOWS\System32\OEMLOGO.BMP:Q30lsldxJoudresxAaaqpcawXc < End of report >