OTL logfile created on: 5/23/2011 3:01:14 PM - Run 1
OTL by OldTimer - Version 3.2.23.0     Folder = C:\Documents and Settings\Administrator\Desktop
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
1023.48 Mb Total Physical Memory | 561.88 Mb Available Physical Memory | 54.90% Memory free
2.40 Gb Paging File | 2.03 Gb Available in Paging File | 84.53% Paging File free
Paging file location(s): C:\pagefile.sys 1534 1536 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 232.88 Gb Total Space | 117.41 Gb Free Space | 50.42% Space Free | Partition Type: NTFS
Drive F: | 37.09 Gb Total Space | 5.69 Gb Free Space | 15.35% Space Free | Partition Type: NTFS
Drive G: | 36.73 Gb Total Space | 30.25 Gb Free Space | 82.36% Space Free | Partition Type: NTFS
Drive H: | 3.92 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF
 
Computer Name: MINE-NIG7G6PLHG | User Name: Administrator | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
[color=#E56717]========== Processes (SafeList) ==========[/color]
 
PRC - [2011/05/23 15:00:06 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\OTL.exe
PRC - [2011/05/07 04:57:16 | 001,010,232 | ---- | M] (Google Inc.) -- C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
PRC - [2011/03/31 14:27:40 | 001,443,712 | ---- | M] (BitDefender S.R.L.) -- C:\Program Files\BitDefender\BitDefender 2011\bdagent.exe
PRC - [2010/11/02 19:48:52 | 000,274,608 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Real\RealPlayer\Update\realsched.exe
PRC - [2009/11/22 16:44:16 | 002,384,240 | ---- | M] (Check Point Software Technologies LTD) -- C:\WINDOWS\system32\ZoneLabs\vsmon.exe
PRC - [2009/11/22 16:42:50 | 001,037,192 | ---- | M] (Check Point Software Technologies LTD) -- C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
PRC - [2009/10/14 06:30:26 | 000,476,528 | ---- | M] (Check Point Software Technologies) -- C:\Program Files\CheckPoint\ZAForceField\ISWSVC.exe
PRC - [2009/10/14 06:30:06 | 000,730,480 | ---- | M] (Check Point Software Technologies) -- C:\Program Files\CheckPoint\ZAForceField\ForceField.exe
PRC - [2007/06/13 03:23:08 | 001,033,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/04/19 21:29:44 | 000,411,168 | ---- | M] (Acronis) -- C:\Program Files\Common Files\Seagate\Schedule2\schedul2.exe
PRC - [2006/11/30 01:57:38 | 000,895,088 | ---- | M] (PC Tools Research Pty Ltd) -- C:\Program Files\Spyware Doctor\sdhelp.exe
PRC - [2005/06/06 23:46:24 | 000,057,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe
PRC - [2003/01/10 17:13:04 | 000,065,536 | ---- | M] (America Online, Inc.) -- C:\WINDOWS\wanmpsvc.exe
PRC - [2001/07/31 10:25:22 | 000,118,784 | ---- | M] (Ontrack Data International) -- C:\Program Files\Ontrack\Fix-It\mxtask.exe
 
 
[color=#E56717]========== Modules (SafeList) ==========[/color]
 
MOD - [2011/05/23 15:00:06 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\OTL.exe
MOD - [2010/11/02 19:49:51 | 000,040,448 | ---- | M] (RealNetworks, Inc.) -- C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Chrome\Hook\rpchromebrowserrecordhelper.dll
MOD - [2009/10/14 06:30:36 | 000,628,080 | ---- | M] (Check Point Software Technologies) -- C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll
MOD - [2008/07/29 08:05:08 | 000,655,872 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_6f74963e\msvcr90.dll
MOD - [2008/07/29 08:05:08 | 000,572,928 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_6f74963e\msvcp90.dll
MOD - [2008/07/25 11:17:20 | 000,635,904 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.3053_x-ww_b80fa8ca\msvcr80.dll
MOD - [2008/07/25 11:17:20 | 000,558,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.3053_x-ww_b80fa8ca\msvcp80.dll
MOD - [2006/11/30 01:57:20 | 000,101,448 | ---- | M] (PC Tools) -- C:\Program Files\Spyware Doctor\tools\swpg.DAT
MOD - [2006/08/25 08:45:56 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
MOD - [2004/08/04 00:56:42 | 001,852,416 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\AppPatch\acgenral.dll
MOD - [2004/08/04 00:56:42 | 000,071,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msacm32.dll
 
 
[color=#E56717]========== Win32 Services (SafeList) ==========[/color]
 
SRV - [2010/11/30 07:19:06 | 000,307,544 | ---- | M] (BitDefender) [On_Demand | Stopped] -- C:\Program Files\Common Files\BitDefender\BitDefender Arrakis Server\bin\arrakis3.exe -- (Update Server)
SRV - [2010/09/01 15:52:56 | 000,066,112 | ---- | M] (NOS Microsystems Ltd.) [On_Demand | Stopped] -- C:\Program Files\NOS\bin\getPlus_Helper_3004.dll -- (nosGetPlusHelper) getPlus(R)
SRV - [2009/11/22 16:44:16 | 002,384,240 | ---- | M] (Check Point Software Technologies LTD) [Auto | Running] -- C:\WINDOWS\System32\ZoneLabs\vsmon.exe -- (vsmon)
SRV - [2009/10/14 06:30:26 | 000,476,528 | ---- | M] (Check Point Software Technologies) [Auto | Running] -- C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe -- (IswSvc)
SRV - [2007/10/11 03:20:40 | 000,042,368 | R--- | M] (AOL LLC) [Auto | Stopped] -- C:\Program Files\Common Files\AOL\ACS\acsd.exe -- (AOL ACS)
SRV - [2007/04/19 21:29:44 | 000,411,168 | ---- | M] (Acronis) [Auto | Running] -- C:\Program Files\Common Files\Seagate\Schedule2\schedul2.exe -- (AcrSch2Svc)
SRV - [2006/11/30 01:57:38 | 000,895,088 | ---- | M] (PC Tools Research Pty Ltd) [Auto | Running] -- C:\Program Files\Spyware Doctor\sdhelp.exe -- (SDhelper)
SRV - [2003/01/10 17:13:04 | 000,065,536 | ---- | M] (America Online, Inc.) [Auto | Running] -- C:\WINDOWS\wanmpsvc.exe -- (WANMiniportService) WAN Miniport (ATW)
SRV - [2001/07/31 10:25:22 | 000,118,784 | ---- | M] (Ontrack Data International) [Auto | Running] -- C:\Program Files\Ontrack\Fix-It\mxtask.exe -- (Fix-It Task Manager)
 
 
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
 
DRV - [2010/11/02 08:38:35 | 000,138,016 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\PnkBstrK.sys -- (PnkBstrK)
DRV - [2009/11/22 16:42:54 | 000,486,280 | ---- | M] (Check Point Software Technologies LTD) [Kernel | System | Running] -- C:\WINDOWS\system32\vsdatant.sys -- (vsdatant)
DRV - [2009/10/14 06:30:02 | 000,025,208 | ---- | M] (Check Point Software Technologies) [Kernel | Auto | Running] -- C:\Program Files\CheckPoint\ZAForceField\ISWKL.sys -- (ISWKL)
DRV - [2009/09/11 13:48:04 | 000,066,056 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\WmXlCore.sys -- (WmXlCore)
DRV - [2009/09/11 13:47:54 | 000,014,984 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\WmVirHid.sys -- (WmVirHid)
DRV - [2009/09/11 13:47:32 | 000,035,592 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\WmFilter.sys -- (WmFilter)
DRV - [2009/09/11 13:47:22 | 000,022,792 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\WmBEnum.sys -- (WmBEnum)
DRV - [2008/06/15 16:00:48 | 000,392,320 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\timntr.sys -- (timounter)
DRV - [2008/06/15 16:00:48 | 000,032,768 | ---- | M] (Acronis) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\tifsfilt.sys -- (tifsfilter)
DRV - [2008/06/15 16:00:42 | 000,120,992 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\snapman.sys -- (snapman)
DRV - [2006/09/24 06:28:46 | 000,005,248 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | Boot | Running] -- C:\WINDOWS\system32\speedfan.sys -- (speedfan)
DRV - [2006/08/24 11:40:36 | 000,051,072 | ---- | M] (PCTools Research Pty Ltd.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ikhlayer.sys -- (ikhlayer)
DRV - [2006/07/10 16:38:38 | 000,030,592 | ---- | M] (PCTools Research Pty Ltd.) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\ikhfile.sys -- (ikhfile)
DRV - [2005/12/01 11:49:22 | 000,023,600 | ---- | M] (Licensed for Gebhard Software) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\drhard.sys -- (drhard)
DRV - [2004/08/04 00:08:22 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum)
DRV - [2004/08/03 22:31:34 | 000,032,768 | ---- | M] (SiS Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sisnic.sys -- (SISNIC)
DRV - [2003/07/18 10:58:20 | 000,036,992 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\SISAGPX.sys -- (sisagp)
DRV - [2003/03/27 10:55:58 | 000,033,588 | ---- | M] (America Online, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\wanatw4.sys -- (wanatw) WAN Miniport (ATW)
DRV - [2001/09/18 12:00:00 | 000,167,816 | ---- | M] (OmniVision Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\omcamvid.sys -- (OVT511Plus)
DRV - [2001/08/17 15:02:32 | 000,008,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\hidgame.sys -- (hidgame)
DRV - [2001/08/17 13:28:26 | 000,113,762 | ---- | M] (U.S. Robotics Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\USRpdA.sys -- (USRpdA)
DRV - [2001/08/01 14:29:36 | 000,056,928 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\Ontrack\Fix-It\mxDisk.sys -- (mxDisk)
DRV - [1999/11/01 11:02:22 | 000,006,600 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\Ontrack\Fix-It\dgs.sys -- (I97DRIVER)
DRV - [1996/04/03 12:33:26 | 000,005,248 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\giveio.sys -- (giveio)
 
 
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== Internet Explorer ==========[/color]
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomSearch = http://red.clientapps.yahoo.com/customize/ie/defaults/cs/ymsgr6/*http://www.yahoo.com/ext/search/search.html
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://red.clientapps.yahoo.com/customize/ie/defaults/sp/ymsgr6/*http://www.yahoo.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Yahoo! Search
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = 127.0.0.1
 
FF - HKLM\software\mozilla\Firefox\Extensions\\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}: C:\Program Files\CheckPoint\ZAForceField\TrustChecker [2011/02/07 09:14:40 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2010/11/02 19:49:56 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\FFToolbar@bitdefender.com: C:\Program Files\BitDefender\BitDefender 2011\bdaphffext\ [2011/05/20 16:27:09 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/05/18 16:11:04 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/11/06 18:53:07 | 000,000,000 | ---D | M]
 
[2009/01/12 19:18:05 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Extensions
[2011/05/18 15:57:11 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.m93\extensions
[2009/11/05 20:42:31 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.m93\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2009/03/17 15:14:04 | 000,000,000 | ---D | M] (Interclue) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.m93\extensions\{c33c5b47-69c8-45a4-a5e0-af85bbe628dd}
[2010/11/06 18:39:31 | 000,000,000 | ---D | M] (Adobe DLM (powered by getPlus(R))) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.m93\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}
[2010/05/19 17:04:29 | 000,000,000 | ---D | M] (Oberon Game Host) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.m93\extensions\OberonGameHost@OberonGames.com
[2010/12/15 19:59:55 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010/11/06 17:35:07 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010/11/06 17:32:56 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2010/12/15 19:59:55 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2005/09/15 18:26:00 | 000,044,153 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\inspector.dll
[2003/12/16 17:51:00 | 000,235,008 | ---- | M] (ParallelGraphics) -- C:\Program Files\Mozilla Firefox\plugins\npCortona.dll
[2010/11/12 19:53:06 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
 
O1 HOSTS File: ([2001/08/23 13:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2 - BHO: (Yahoo! Companion BHO) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_3_12_0.dll (Yahoo! Inc.)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (ShopSafeBrowserHelper Class) - {333F6B96-3992-4D58-A499-145A10FE48C3} - C:\WINDOWS\system32\BhoSSafe.dll (Orbiscom Ltd. All rights reserved.)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (PCTools Site Guard) - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - C:\Program Files\Spyware Doctor\tools\iesdsg.dll (PC Tools)
O2 - BHO: (ZoneAlarm Toolbar Registrar) - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Program Files\CheckPoint\ZAForceField\Trustchecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O2 - BHO: (PCTools Browser Monitor) - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - C:\Program Files\Spyware Doctor\tools\iesdpb.dll (PC Tools)
O2 - BHO: (FDMIECookiesBHO Class) - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - F:\Free Download Manager\iefdm2.dll ()
O3 - HKLM\..\Toolbar: (Bitdefender Toolbar) - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2011\ietoolbar.dll (BitDefender S.R.L.)
O3 - HKLM\..\Toolbar: (no name) - {BA52B914-B692-46c4-B683-905236F6F655} - No CLSID value found.
O3 - HKLM\..\Toolbar: (ZoneAlarm Toolbar) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\Trustchecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O3 - HKLM\..\Toolbar: (&Yahoo! Companion) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_3_12_0.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\ShellBrowser: (&Yahoo! Companion) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_3_12_0.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (ZoneAlarm Toolbar) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\Trustchecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O3 - HKCU\..\Toolbar\WebBrowser: (&Yahoo! Companion) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_3_12_0.dll (Yahoo! Inc.)
O4 - HKLM..\Run: [Adobe Photo Downloader] C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [BDAgent] C:\Program Files\BitDefender\BitDefender 2011\bdagent.exe (BitDefender S.R.L.)
O4 - HKLM..\Run: [BitDefender Antiphishing Helper] C:\Program Files\BitDefender\BitDefender 2011\ieshow.exe (BitDefender S.R.L.)
O4 - HKLM..\Run: [ISW] C:\Program Files\CheckPoint\ZAForceField\ForceField.exe (Check Point Software Technologies)
O4 - HKLM..\Run: [KernelFaultCheck]  File not found
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz]  File not found
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Real\RealPlayer\update\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [ZoneAlarm Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe (Check Point Software Technologies LTD)
O4 - HKCU..\Run: [Messenger (Yahoo!)] C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
O4 - HKCU..\Run: [SiSUSBRG] C:\WINDOWS\SiSUSBrg.exe (Silicon Integrated Systems Corp.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O8 - Extra context menu item: &Yahoo! Search - C:\Program Files\Yahoo!\Common [2009/02/03 12:51:57 | 000,000,000 | ---D | M]
O8 - Extra context menu item: Download all with Free Download Manager - F:\Free Download Manager\dlall.htm ()
O8 - Extra context menu item: Download selected with Free Download Manager - F:\Free Download Manager\dlselected.htm ()
O8 - Extra context menu item: Download video with Free Download Manager - F:\Free Download Manager\dlfvideo.htm ()
O8 - Extra context menu item: Download with Free Download Manager - F:\Free Download Manager\dllink.htm ()
O8 - Extra context menu item: Yahoo! &Dictionary - C:\Program Files\Yahoo!\Common [2009/02/03 12:51:57 | 000,000,000 | ---D | M]
O8 - Extra context menu item: Yahoo! &Maps - C:\Program Files\Yahoo!\Common [2009/02/03 12:51:57 | 000,000,000 | ---D | M]
O9 - Extra Button: Yahoo! Login - {2499216C-4BA5-11D5-BD9C-000103C116D5} - C:\Program Files\Yahoo!\Common\ylogin.dll (Yahoo! Inc.)
O9 - Extra 'Tools' menuitem : Yahoo! Login - {2499216C-4BA5-11D5-BD9C-000103C116D5} - C:\Program Files\Yahoo!\Common\ylogin.dll (Yahoo! Inc.)
O9 - Extra Button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes0521.dll (Yahoo! Inc.)
O9 - Extra 'Tools' menuitem : Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes0521.dll (Yahoo! Inc.)
O9 - Extra Button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe (America Online, Inc.)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O15 - HKCU\..Trusted Domains:   ([]msn in My Computer)
O15 - HKCU\..Trusted Domains: aol.com ([objects] * is out of zone range -  5)
O16 - DPF: {00000075-9980-0010-8000-00AA00389B71} http://codecs.microsoft.com/codecs/i386/voxacm.CAB (Reg Error: Key error.)
O16 - DPF: {0B195D55-0AB4-48C7-828F-34BE10BA4266} http://www.worldwinner.com/games/v53/dealornodeal/dealornodeal.cab (DealOrNoDeal Control)
O16 - DPF: {1A1F56AA-3401-46F9-B277-D57F3421F821} http://www.worldwinner.com/games/v47/shared/FunGamesLoader.cab (FunGamesLoader Object)
O16 - DPF: {33363249-0000-0010-8000-00AA00389B71} http://codecs.microsoft.com/codecs/i386/i263_32.cab (Reg Error: Key error.)
O16 - DPF: {3D3DBC64-0D21-4EA4-94EE-86D6D9B31C0C} http://www.worldwinner.com/games/v45/moneylist/moneylist.cab (MoneyList Control)
O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} http://a1540.g.akamai.net/7/1540/52/20030530/qtinstall.info.apple.com/bonnie/us/win/QuickTimeInstaller.exe (Reg Error: Key error.)
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} Reg Error: Key error. (Reg Error: Key error.)
O16 - DPF: {58FC4C77-71C2-4972-A8CD-78691AD85158} http://www.worldwinner.com/games/v63/bjattack/bja.cab (BJA Control)
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} http://download.bitdefender.com/resources/scanner/sources/en/scan8/oscan8.cab (BDSCANONLINE Control)
O16 - DPF: {8A94C905-FF9D-43B6-8708-F0F22D22B1CB} http://www.worldwinner.com/games/shared/wwlaunch.cab (Wwlaunch Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {8F6E7FB2-E56B-4F66-A4E1-9765D2565280} http://www.worldwinner.com/games/launcher/ie/v2.22.01.0/iewwload.cab (WorldWinner ActiveX Launcher Control)
O16 - DPF: {94299420-321F-4FF9-A247-62A23EBB640B} http://www.worldwinner.com/games/v46/wordmojo/wordmojo.cab (WordMojo Control)
O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} http://v4.windowsupdate.microsoft.com/CAB/x86/unicode/iuctl.CAB?37776.8269444444 (Reg Error: Key error.)
O16 - DPF: {A3256902-51FA-45A0-8A97-FC1143C169D9} http://support.microsoft.com/mats/DiagWebControl.cab (Diagnostics ActiveX WebControl)
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} http://download.av.aol.com/molbin/shared/mcgdmgr/en-us/1,0,0,18/mcgdmgr.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0014-0001-0003-ABCDEFFEDCBA} Reg Error: Key error. (Java Plug-in 1.4.1_03)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab (Java Plug-in 1.6.0_03)
O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O18 - Protocol\Handler\cetihpz {CF184AD3-CDCB-4168-A3F7-8E447D129300} - C:\Program Files\HP\hpcoretech\comp\hpuiprot.dll (Hewlett-Packard Company)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O30 - LSA: Authentication Packages - (relog_ap) - C:\WINDOWS\System32\relog_ap.dll (Acronis)
O30 - LSA: Authentication Packages - (hgdcax.dll) -  File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004/03/21 22:08:04 | 000,000,496 | ---- | M] () - C:\Autoexec.Bat -- [ NTFS ]
O32 - AutoRun File - [2002/08/18 00:59:18 | 000,000,258 | ---- | M] () - C:\AUTOEXEC.NS0 -- [ NTFS ]
O32 - AutoRun File - [2002/12/20 04:49:20 | 000,000,258 | ---- | M] () - C:\AUTOEXEC.NS1 -- [ NTFS ]
O32 - AutoRun File - [2002/08/18 01:53:18 | 000,000,650 | -HS- | M] () - C:\AUTOEXEC.OLD -- [ NTFS ]
O32 - AutoRun File - [2005/02/25 15:24:44 | 000,000,051 | R--- | M] () - H:\autorun.inf -- [ UDF ]
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
 
[2011/05/23 15:00:04 | 000,580,096 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\OTL.exe
[2011/05/21 14:39:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Desktop\autoruns
[2011/05/20 16:27:27 | 000,149,520 | ---- | C] (BitDefender S.R.L. Bucharest, ROMANIA) -- C:\WINDOWS\System32\drivers\bdfm.sys
[2011/05/20 16:27:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\BitDefender 2011
[2011/05/20 16:27:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\BitDefender
[2011/05/20 16:26:25 | 000,000,000 | ---D | C] -- C:\Program Files\BitDefender
[2011/05/20 16:19:53 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\BitDefender
[2011/05/20 16:19:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\BitDefender
[2011/05/20 16:19:21 | 000,308,296 | ---- | C] (BitDefender S.R.L.) -- C:\WINDOWS\System32\drivers\Trufos.sys
[2011/05/20 16:19:18 | 000,353,096 | ---- | C] (BitDefender) -- C:\WINDOWS\System32\drivers\bdfsfltr.sys
[2011/05/20 16:19:18 | 000,012,960 | ---- | C] (BITDEFENDER LLC) -- C:\WINDOWS\System32\drivers\bdrawpr.sys
[2011/05/14 18:01:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\65410000-ddb8-40d4-8234-8c2947ed59b9
[2011/05/14 17:37:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\8b6d0000-f896-412d-7516-80297764fbaa
[2011/05/14 17:18:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\QuickScan
[2011/05/12 14:37:52 | 000,000,000 | ---D | C] -- C:\WINDOWS\BDOSCAN8
[2011/04/30 19:38:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Desktop\Graphics
[2011/04/24 22:06:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\My Documents\Zip
[2008/05/16 21:16:10 | 000,262,144 | ---- | C] (ZoneAlarm) -- C:\Program Files\Uninstall Spy Blocker.dll
[2001/07/23 18:32:46 | 000,442,368 | ---- | C] ( ) -- C:\WINDOWS\System32\comintfs.dll
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
 
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
 
[2011/05/23 15:00:06 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\OTL.exe
[2011/05/23 14:26:48 | 000,001,010 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1957994488-854245398-272297891-500UA.job
[2011/05/23 14:21:33 | 000,004,212 | -H-- | M] () -- C:\WINDOWS\System32\zllictbl.dat
[2011/05/23 14:01:36 | 000,244,629 | ---- | M] () -- C:\WINDOWS\System32\NvApps.xml
[2011/05/23 14:01:27 | 000,000,294 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-1957994488-854245398-272297891-500.job
[2011/05/23 13:58:38 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/05/22 18:07:07 | 000,002,262 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/05/20 22:52:41 | 000,000,211 | -HS- | M] () -- C:\boot.ini
[2011/05/20 16:34:32 | 002,128,250 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\bdinstall.bin
[2011/05/20 16:32:41 | 000,000,415 | ---- | M] () -- C:\WINDOWS\System32\user_gensett.xml
[2011/05/20 16:27:24 | 000,001,869 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\BitDefender Antivirus Pro 2011.lnk
[2011/05/20 11:26:02 | 000,000,958 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1957994488-854245398-272297891-500Core.job
[2011/05/18 13:56:10 | 000,233,984 | ---- | M] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/05/18 13:55:51 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2011/05/16 10:44:25 | 000,000,376 | ---- | M] () -- C:\Documents and Settings\Administrator\Application Dataprivacy.xml
[2011/05/14 18:28:12 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\imblacklist.dat
[2011/05/14 18:27:40 | 000,000,415 | ---- | M] () -- C:\Documents and Settings\Administrator\Application Datauser_gensett.xml
[2011/05/14 16:58:02 | 001,359,304 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\bitdefender_antivirus.exe
[2011/05/14 16:31:21 | 000,081,984 | ---- | M] () -- C:\WINDOWS\System32\bdod.bin
[2011/05/12 16:31:41 | 000,000,302 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-1957994488-854245398-272297891-500.job
[2011/05/12 14:00:23 | 000,002,322 | ---- | M] () -- C:\Documents and Settings\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2011/05/12 14:00:22 | 000,002,344 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\Google Chrome.lnk
[2011/04/30 19:40:14 | 000,000,012 | ---- | M] () -- C:\Documents and Settings\Administrator\data
[2011/04/26 08:53:36 | 000,001,004 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\Shortcut to F4AFManual.pdf.lnk
[2011/04/24 22:06:05 | 000,024,288 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\Zip.zip
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
 
[color=#E56717]========== Files Created - No Company Name ==========[/color]
 
[2011/05/20 16:32:40 | 000,000,415 | ---- | C] () -- C:\WINDOWS\System32\user_gensett.xml
[2011/05/20 16:27:24 | 000,001,869 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\BitDefender Antivirus Pro 2011.lnk
[2011/05/16 10:44:25 | 000,000,376 | ---- | C] () -- C:\Documents and Settings\Administrator\Application Dataprivacy.xml
[2011/05/14 18:28:12 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\imblacklist.dat
[2011/05/14 18:27:40 | 000,000,415 | ---- | C] () -- C:\Documents and Settings\Administrator\Application Datauser_gensett.xml
[2011/05/14 17:14:37 | 002,128,250 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\bdinstall.bin
[2011/05/14 16:57:58 | 001,359,304 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\bitdefender_antivirus.exe
[2011/04/30 19:40:09 | 000,000,012 | ---- | C] () -- C:\Documents and Settings\Administrator\data
[2011/04/26 08:53:36 | 000,001,004 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\Shortcut to F4AFManual.pdf.lnk
[2011/04/24 22:06:05 | 000,024,288 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\Zip.zip
[2010/11/23 16:39:11 | 000,000,622 | ---- | C] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\index.xml
[2010/07/25 14:41:31 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\opommk.dll
[2010/07/08 10:37:14 | 000,101,544 | ---- | C] () -- C:\Program Files\Common Files\LinkInstaller.exe
[2009/07/14 11:54:00 | 001,597,690 | ---- | C] () -- C:\WINDOWS\System32\nvdata.bin
[2009/06/08 10:32:51 | 000,000,000 | ---- | C] () -- C:\WINDOWS\PowerReg.dat
[2009/01/21 20:38:37 | 000,000,180 | ---- | C] () -- C:\WINDOWS\System32\sam.ini
[2009/01/21 17:52:27 | 000,487,424 | ---- | C] () -- C:\WINDOWS\System32\FDRpage.dll
[2009/01/21 17:51:41 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\CreateDir.exe
[2009/01/05 15:44:10 | 000,053,248 | ---- | C] () -- C:\WINDOWS\bdoscandel.exe
[2009/01/05 15:44:10 | 000,000,453 | ---- | C] () -- C:\WINDOWS\bdoscandellang.ini
[2008/07/01 13:32:18 | 000,138,016 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2008/07/01 13:21:06 | 000,189,392 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrB.exe
[2008/07/01 13:21:05 | 000,075,064 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrA.exe
[2008/07/01 13:12:17 | 000,674,600 | ---- | C] () -- C:\WINDOWS\System32\pbsvc(1).exe
[2008/06/30 17:43:21 | 000,674,600 | ---- | C] () -- C:\WINDOWS\System32\pbsvc.exe
[2008/06/24 19:17:31 | 000,000,121 | ---- | C] () -- C:\WINDOWS\bdagent.INI
[2008/06/24 18:11:34 | 000,081,984 | ---- | C] () -- C:\WINDOWS\System32\bdod.bin
[2008/06/23 15:10:22 | 000,674,600 | ---- | C] () -- C:\WINDOWS\System32\pbsvc(2).exe
[2008/05/30 14:08:45 | 000,022,328 | ---- | C] () -- C:\Documents and Settings\Administrator\Application Data\PnkBstrK.sys
[2008/05/30 13:38:10 | 000,479,232 | ---- | C] () -- C:\WINDOWS\System32\drivers\pbcl.dll
[2008/04/03 14:12:47 | 000,691,545 | ---- | C] () -- C:\WINDOWS\unins001.exe
[2008/04/03 14:12:47 | 000,002,558 | ---- | C] () -- C:\WINDOWS\unins001.dat
[2007/08/01 12:41:53 | 000,673,546 | ---- | C] () -- C:\WINDOWS\unins000.exe
[2007/08/01 12:41:52 | 000,003,786 | ---- | C] () -- C:\WINDOWS\unins000.dat
[2007/01/31 14:50:32 | 000,913,408 | ---- | C] () -- C:\WINDOWS\System32\xreglib.dll
[2007/01/31 07:32:57 | 000,000,107 | ---- | C] () -- C:\WINDOWS\wpd99.drv
[2007/01/31 07:32:28 | 000,118,784 | ---- | C] () -- C:\WINDOWS\System32\pdfmona.dll
[2007/01/31 07:32:28 | 000,051,716 | ---- | C] () -- C:\WINDOWS\System32\pdf995mon.dll
[2006/11/23 22:43:37 | 000,000,074 | ---- | C] () -- C:\WINDOWS\KPD.INI
[2006/06/20 12:21:57 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2006/05/01 00:56:02 | 000,000,017 | ---- | C] () -- C:\WINDOWS\popcinfo.dat
[2006/04/15 21:28:32 | 000,000,206 | ---- | C] () -- C:\WINDOWS\HPGdiPlus.ini
[2005/12/05 02:31:13 | 000,000,000 | ---- | C] () -- C:\WINDOWS\EAREMOVE.INI
[2005/11/03 16:51:54 | 000,000,008 | ---- | C] () -- C:\WINDOWS\msoffice.ini
[2005/10/21 17:07:07 | 000,004,096 | ---- | C] () -- C:\WINDOWS\d3dx.dat
[2005/03/08 18:29:46 | 000,000,004 | ---- | C] () -- C:\WINDOWS\RM_RESULT.DAT
[2005/02/12 17:17:11 | 000,010,765 | ---- | C] () -- C:\WINDOWS\hpdj3740.ini
[2005/01/04 16:02:24 | 000,056,320 | ---- | C] () -- C:\WINDOWS\System32\iyvu9_32.dll
[2004/12/19 21:32:20 | 000,000,000 | ---- | C] () -- C:\WINDOWS\slingo.INI
[2004/09/15 17:33:16 | 000,006,550 | ---- | C] () -- C:\WINDOWS\jautoexp.dat
[2004/08/29 11:11:42 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004/07/19 00:39:29 | 000,099,965 | ---- | C] () -- C:\WINDOWS\UninstallFirefox.exe
[2004/07/19 00:39:11 | 000,010,381 | ---- | C] () -- C:\WINDOWS\mozver.dat
[2004/05/31 14:57:56 | 000,000,030 | ---- | C] () -- C:\WINDOWS\upth.ini
[2004/05/31 14:57:56 | 000,000,026 | ---- | C] () -- C:\WINDOWS\atid.ini
[2004/05/23 02:00:28 | 001,900,544 | ---- | C] () -- C:\WINDOWS\System32\cmiwcnfg.dll
[2004/05/23 02:00:28 | 000,233,472 | ---- | C] () -- C:\WINDOWS\System32\cmirmdrv.exe
[2004/05/23 02:00:28 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\cmirmdrv.dll
[2004/04/14 17:15:18 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\xmltok.dll
[2004/04/14 17:15:17 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\xmlparse.dll
[2004/03/23 20:00:33 | 000,000,000 | ---- | C] () -- C:\WINDOWS\slingox.INI
[2004/03/22 12:44:31 | 000,001,733 | ---- | C] () -- C:\WINDOWS\TSearch.INI
[2004/03/17 05:12:48 | 000,000,362 | ---- | C] () -- C:\WINDOWS\hpfins_s04_main.dat
[2004/03/17 05:11:51 | 000,005,428 | ---- | C] () -- C:\WINDOWS\hpfmdl_s04_main.dat
[2004/02/11 02:13:40 | 000,037,027 | ---- | C] () -- C:\WINDOWS\atmoUn.exe
[2003/12/25 10:32:37 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2003/11/03 15:38:02 | 000,007,731 | ---- | C] () -- C:\WINDOWS\System32\DAntivirus.ini
[2003/10/05 21:54:43 | 000,004,212 | -H-- | C] () -- C:\WINDOWS\System32\zllictbl.dat
[2003/09/13 15:12:10 | 000,000,026 | ---- | C] () -- C:\WINDOWS\UP9ASP.INI
[2003/09/09 07:25:47 | 000,071,749 | ---- | C] () -- C:\WINDOWS\HCExtOutput.dll
[2003/09/09 07:25:47 | 000,000,679 | ---- | C] () -- C:\WINDOWS\TSC.ini
[2003/09/09 07:25:16 | 000,000,156 | ---- | C] () -- C:\WINDOWS\GetServer.ini
[2003/09/09 04:43:17 | 000,000,074 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2003/09/03 21:29:43 | 000,003,484 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2003/08/04 03:34:56 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2003/07/02 23:47:39 | 000,000,028 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2003/07/02 21:07:59 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2003/06/15 18:45:15 | 000,000,000 | ---- | C] () -- C:\WINDOWS\slingo5c.INI
[2003/06/13 02:49:01 | 000,233,984 | ---- | C] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2003/06/07 15:35:39 | 000,000,275 | ---- | C] () -- C:\WINDOWS\EReg072.dat
[2003/06/07 15:32:17 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\ealtest.exe
[2003/06/05 02:20:55 | 000,000,784 | ---- | C] () -- C:\Documents and Settings\Administrator\Application Data\mpauth.dat
[2003/06/04 20:40:10 | 000,000,000 | ---- | C] () -- C:\WINDOWS\RussSqr.INI
[2003/06/04 13:47:45 | 000,002,385 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2003/06/04 13:47:45 | 000,000,092 | ---- | C] () -- C:\WINDOWS\CMISETUP.INI
[2003/06/04 13:47:45 | 000,000,026 | ---- | C] () -- C:\WINDOWS\CMCDPLAY.INI
[2003/06/04 13:47:36 | 000,237,568 | ---- | C] () -- C:\WINDOWS\CMIUninstall.exe
[2003/06/04 13:47:36 | 000,212,992 | ---- | C] () -- C:\WINDOWS\CmiRmRedundDir.exe
[2003/06/04 13:47:36 | 000,028,672 | ---- | C] () -- C:\WINDOWS\CMIRmDriver.dll
[2003/06/04 13:45:36 | 000,032,768 | ---- | C] () -- C:\WINDOWS\SIS_LIB.DLL
[2003/06/04 13:45:34 | 000,028,672 | R--- | C] () -- C:\WINDOWS\htpatch.exe
[2003/06/04 13:45:34 | 000,003,072 | R--- | C] () -- C:\WINDOWS\winio.sys
[2003/06/04 12:23:28 | 000,000,335 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2003/06/03 19:51:55 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\YCRWin32.dll
[2003/06/03 19:37:59 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2003/06/03 19:32:49 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2003/06/03 19:27:03 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2003/06/03 19:26:17 | 000,181,040 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2003/03/27 15:28:44 | 000,004,955 | ---- | C] () -- C:\WINDOWS\System32\DProg.ini
[2002/11/01 16:17:50 | 000,000,256 | ---- | C] () -- C:\WINDOWS\aucfg.ini
[2002/07/04 15:05:34 | 000,000,269 | ---- | C] () -- C:\WINDOWS\tmupdate.ini
[2002/04/05 08:40:02 | 000,294,912 | ---- | C] () -- C:\WINDOWS\System32\xvid.dll
[2002/04/01 15:29:28 | 000,143,360 | ---- | C] () -- C:\WINDOWS\System32\OggDS.dll
[2002/04/01 15:16:30 | 000,454,656 | ---- | C] () -- C:\WINDOWS\System32\VorbisEnc.dll
[2002/04/01 15:16:14 | 000,118,784 | ---- | C] () -- C:\WINDOWS\System32\vorbis.dll
[2002/04/01 15:15:40 | 000,011,264 | ---- | C] () -- C:\WINDOWS\System32\ogg.dll
[2002/03/26 12:18:28 | 000,091,136 | ---- | C] () -- C:\WINDOWS\System32\mp4fil32.dll
[2002/02/21 09:41:20 | 000,157,184 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2002/01/20 05:26:36 | 000,073,728 | ---- | C] () -- C:\WINDOWS\System32\SimpleResize.dll
[2001/10/25 07:53:24 | 000,196,608 | ---- | C] () -- C:\WINDOWS\System32\avisynth.dll
[2001/09/18 12:00:00 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\bmpproc.dll
[2001/08/23 13:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2001/08/23 13:00:00 | 000,443,082 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2001/08/23 13:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2001/08/23 13:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2001/08/23 13:00:00 | 000,071,964 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2001/08/23 13:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2001/08/23 13:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2001/08/23 13:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2001/08/23 05:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2001/08/23 05:00:00 | 000,004,463 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2001/08/01 14:18:16 | 000,029,600 | ---- | C] () -- C:\WINDOWS\System32\mxntdfg.exe
[2001/06/22 04:06:02 | 000,167,936 | ---- | C] () -- C:\WINDOWS\System32\MPEG2DEC.dll
[2000/07/22 08:49:46 | 000,431,104 | ---- | C] () -- C:\WINDOWS\System32\VFCodec.dll
[2000/03/06 12:00:00 | 000,032,528 | ---- | C] () -- C:\WINDOWS\amcap.exe
[1999/11/09 13:13:33 | 000,011,079 | -H-- | C] () -- C:\Program Files\folder.htt
[1999/07/23 13:46:48 | 000,000,116 | ---- | C] () -- C:\WINDOWS\AuHCcup1.ini
[1999/07/23 10:53:20 | 000,129,536 | ---- | C] () -- C:\WINDOWS\AuHCcup1.dll
[1996/04/03 12:33:26 | 000,005,248 | ---- | C] () -- C:\WINDOWS\System32\giveio.sys
 
[color=#E56717]========== LOP Check ==========[/color]
 
[2003/07/29 22:43:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Aim
[2011/05/20 16:27:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\BitDefender
[2010/02/13 16:29:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Canon
[2010/02/03 18:10:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\CheckPoint
[2009/11/18 20:46:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\ElevatedDiagnostics
[2005/02/08 01:46:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Envivio
[2011/03/19 12:18:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Free Download Manager
[2007/10/06 23:20:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\iolo
[2003/06/12 14:28:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Leadertech
[2010/01/13 17:37:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Masque
[2003/06/05 01:53:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\netquartz ez-platform
[2003/10/18 16:21:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Offline Explorer
[2003/07/28 18:12:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Ontrack
[2005/12/16 10:30:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\PlayFirst
[2011/05/14 17:18:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\QuickScan
[2006/11/09 11:10:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Sereniti
[2005/07/11 16:05:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\spweng
[2005/08/20 01:18:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Systweak
[2003/06/25 22:08:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\The Labyrinth Plus! Edition
[2007/07/18 23:17:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Uniblue
[2007/03/16 19:59:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Viewpoint
[2010/01/14 18:04:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\VSRevoGroup
[2005/10/21 17:07:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Wildfire
[2011/05/14 18:01:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\65410000-ddb8-40d4-8234-8c2947ed59b9
[2011/05/14 17:37:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\8b6d0000-f896-412d-7516-80297764fbaa
[2011/05/20 16:28:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\BitDefender
[2010/02/10 14:46:02 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonBJ
[2010/02/03 18:56:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\EA Core
[2010/02/03 18:05:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Electronic Arts
[2007/09/23 02:19:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\FunGames
[2007/10/06 23:20:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\iolo
[2007/10/07 05:04:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MailFrontier
[2010/01/13 16:58:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Masque
[2007/01/31 07:32:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\pdf995
[2005/12/16 10:30:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PlayFirst
[2004/06/04 03:16:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PopCap
[2008/06/15 16:09:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Seagate
[2009/10/14 16:46:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2003/09/13 15:25:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
[2010/05/25 19:50:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WorldWinner
 
[color=#E56717]========== Purity Check ==========[/color]
 
 
 
[color=#E56717]========== Alternate Data Streams ==========[/color]
 
@Alternate Data Stream - 88 bytes -> C:\Documents and Settings\Administrator\Desktop\install_flash_player.exe:SummaryInformation
@Alternate Data Stream - 118 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2

< End of report >