OTL logfile created on: 01/12/2011 07:22:36 p.m. - Run 1 OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\FX\Downloads Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 0000080A | Country: México | Language: ESM | Date Format: dd/MM/yyyy 3.00 Gb Total Physical Memory | 1.31 Gb Available Physical Memory | 43.60% Memory free 6.19 Gb Paging File | 4.14 Gb Available in Paging File | 66.94% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 256.52 Gb Total Space | 98.85 Gb Free Space | 38.54% Space Free | Partition Type: NTFS Drive D: | 10.07 Gb Total Space | 5.00 Gb Free Space | 49.67% Space Free | Partition Type: NTFS Computer Name: PY28000SI109 | User Name: FX | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Quick Scan Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2011/12/01 19:12:15 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\FX\Downloads\OTL.exe PRC - [2011/11/30 21:03:48 | 000,456,368 | ---- | M] (iolo technologies, LLC) -- C:\Archivos de programa\iolo\System Mechanic\SystemGuardAlerter.exe PRC - [2011/11/02 17:54:26 | 000,273,528 | ---- | M] (RealNetworks, Inc.) -- C:\Archivos de programa\Real\RealPlayer\Update\realsched.exe PRC - [2011/10/26 16:22:02 | 000,073,360 | ---- | M] (Check Point Software Technologies LTD) -- C:\Archivos de programa\CheckPoint\ZoneAlarm\zatray.exe PRC - [2011/10/19 04:18:18 | 000,738,944 | ---- | M] (Check Point Software Technologies) -- C:\Archivos de programa\CheckPoint\ZAForceField\ForceField.exe PRC - [2011/09/06 14:45:30 | 003,722,416 | ---- | M] (AVAST Software) -- C:\Archivos de programa\AVAST Software\Avast\AvastUI.exe PRC - [2011/07/12 00:47:29 | 000,025,472 | ---- | M] (Uniblue Systems Limited) -- C:\Archivos de programa\Uniblue\RegistryBooster\rbmonitor.exe PRC - [2011/04/19 08:23:13 | 000,748,336 | ---- | M] (Microsoft Corporation) -- C:\Archivos de programa\Internet Explorer\iexplore.exe PRC - [2010/09/22 18:11:26 | 000,640,440 | ---- | M] (Adobe Systems Inc.) -- C:\Archivos de programa\Adobe\Acrobat 9.0\Acrobat\acrotray.exe PRC - [2009/04/11 00:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2009/04/11 00:27:28 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conime.exe PRC - [2008/01/20 20:25:33 | 000,202,240 | ---- | M] (Microsoft Corporation) -- C:\Archivos de programa\Windows Media Player\wmpnscfg.exe PRC - [2008/01/20 20:23:32 | 001,008,184 | ---- | M] (Microsoft Corporation) -- C:\Archivos de programa\Windows Defender\MSASCui.exe PRC - [2007/09/27 15:27:02 | 004,839,936 | ---- | M] () -- C:\Archivos de programa\Camera Assistant Software for Gateway\CEC_MAIN.exe PRC - [2007/09/13 13:09:44 | 000,638,976 | ---- | M] (Chicony) -- C:\Archivos de programa\Camera Assistant Software for Gateway\traybar.exe PRC - [2007/02/16 18:57:24 | 001,945,960 | ---- | M] (Acronis) -- C:\Archivos de programa\Acronis\TrueImageHome\TimounterMonitor.exe PRC - [2007/02/16 18:49:58 | 000,149,024 | ---- | M] (Acronis) -- C:\Archivos de programa\Common Files\Acronis\Schedule2\schedhlp.exe PRC - [2007/02/16 18:45:30 | 001,169,776 | ---- | M] (Acronis) -- C:\Archivos de programa\Acronis\TrueImageHome\TrueImageMonitor.exe PRC - [2005/11/09 16:19:38 | 000,634,880 | ---- | M] (Maxtor Corporation) -- C:\Archivos de programa\Maxtor\OneTouch\Utils\OneTouch.exe [color=#E56717]========== Modules (No Company Name) ==========[/color] MOD - [2011/05/05 02:21:34 | 003,615,744 | ---- | M] () -- C:\Archivos de programa\VistaCodecPack\filters\ffdshow.ax MOD - [2010/12/29 01:19:12 | 000,045,056 | ---- | M] () -- C:\Windows\System32\ff_acm.acm MOD - [2010/03/15 11:28:22 | 000,141,824 | ---- | M] () -- C:\Archivos de programa\WinRAR\RarExt.dll MOD - [2009/08/11 19:18:28 | 000,497,664 | ---- | M] () -- C:\Windows\System32\ac3filter.acm MOD - [2008/12/15 10:04:16 | 000,034,816 | ---- | M] () -- C:\Archivos de programa\Google\Google Desktop Search\gzlib.dll MOD - [2007/09/27 15:27:02 | 004,839,936 | ---- | M] () -- C:\Archivos de programa\Camera Assistant Software for Gateway\CEC_MAIN.exe MOD - [2007/02/14 19:21:32 | 000,050,720 | ---- | M] () -- C:\Archivos de programa\Common Files\Acronis\Common\gc.dll [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - File not found [On_Demand | Stopped] -- -- (nosGetPlusHelper) getPlus(R) SRV - [2011/11/30 20:24:00 | 000,722,616 | ---- | M] (iolo technologies, LLC) [Auto | Running] -- C:\Archivos de programa\iolo\Common\Lib\ioloServiceManager.exe -- (ioloSystemService) SRV - [2011/10/26 16:29:42 | 002,420,616 | ---- | M] (Check Point Software Technologies LTD) [Auto | Running] -- C:\Program Files\CheckPoint\ZoneAlarm\vsmon.exe -- (vsmon) SRV - [2011/10/19 04:18:26 | 000,497,280 | ---- | M] (Check Point Software Technologies) [Auto | Running] -- C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe -- (IswSvc) SRV - [2011/09/06 14:45:28 | 000,044,768 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus) SRV - [2009/06/16 21:49:17 | 000,651,720 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service) SRV - [2008/07/23 21:06:12 | 000,185,856 | ---- | M] (Fine Point Technologies, Inc.) [Disabled | Stopped] -- C:\Archivos de programa\Asistente Infinitum\IsaMonitor.exe -- (IsaMonitor) SRV - [2008/01/20 20:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Archivos de programa\Windows Defender\MpSvc.dll -- (WinDefend) SRV - [2007/12/10 22:15:04 | 000,012,800 | ---- | M] (Agere Systems) [Auto | Running] -- C:\Windows\System32\agrsmsvc.exe -- (AgereModemAudio) SRV - [2007/11/09 16:24:28 | 000,212,992 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\System32\stacsv.exe -- (STacSV) SRV - [2007/03/06 09:35:02 | 000,198,168 | ---- | M] (InterVideo Inc.) [Auto | Running] -- C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe -- (Capture Device Service) SRV - [2007/02/16 18:49:50 | 000,411,168 | ---- | M] (Acronis) [Auto | Running] -- C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe -- (AcrSch2Svc) SRV - [2005/11/09 16:40:32 | 000,110,592 | ---- | M] ( ) [Auto | Running] -- C:\Program Files\Maxtor\OneTouch\Utils\SyncServices.exe -- (NTService1) SRV - [2000/06/29 02:45:10 | 000,052,224 | ---- | M] (Kenonic Controls Ltd.) [Auto | Running] -- C:\Windows\System32\Crypserv.exe -- (Crypkey License) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - [2011/10/19 04:18:14 | 000,027,016 | ---- | M] (Check Point Software Technologies) [Kernel | Auto | Running] -- C:\Archivos de programa\CheckPoint\ZAForceField\ISWKL.sys -- (ISWKL) DRV - [2011/09/06 14:38:05 | 000,442,200 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswSnx.sys -- (aswSnx) DRV - [2011/09/06 14:37:53 | 000,320,856 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP) DRV - [2011/09/06 14:36:38 | 000,034,392 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr.sys -- (aswRdr) DRV - [2011/09/06 14:36:36 | 000,052,568 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi) DRV - [2011/09/06 14:36:26 | 000,054,616 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt) DRV - [2011/09/06 14:36:12 | 000,020,568 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk) DRV - [2011/06/19 22:08:27 | 000,047,616 | ---- | M] (Aladdin Knowledge Systems) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\Haspnt.sys -- (Haspnt) DRV - [2011/05/07 17:51:26 | 000,451,160 | ---- | M] (Check Point Software Technologies LTD) [Kernel | System | Running] -- C:\Windows\System32\drivers\vsdatant.sys -- (Vsdatant) DRV - [2011/01/04 16:52:09 | 000,010,536 | ---- | M] () [Kernel | System | Running] -- C:\Windows\System32\drivers\hmonitor45.sys -- (Hmonitor45) DRV - [2009/09/08 09:40:14 | 000,020,392 | ---- | M] (EldoS Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\elrawdsk.sys -- (ElRawDisk) DRV - [2009/08/08 02:01:30 | 000,229,208 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\VMM.sys -- (vmm) DRV - [2009/05/28 23:41:27 | 004,233,728 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NETw5v32.sys -- (NETw5v32) Intel(R) DRV - [2009/02/05 17:39:08 | 000,017,064 | ---- | M] (Silicon Image, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\SiWinAcc.sys -- (SiFilter) DRV - [2009/02/05 17:39:00 | 000,012,200 | ---- | M] (Silicon Image, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\SiRemFil.sys -- (SiRemFil) DRV - [2009/02/05 17:38:24 | 000,212,520 | ---- | M] (Silicon Image, Inc) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\Si3531.sys -- (Si3531) DRV - [2009/02/02 09:51:56 | 000,392,320 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\timntr.sys -- (timounter) DRV - [2009/02/02 09:51:56 | 000,032,768 | ---- | M] (Acronis) [File_System | Auto | Running] -- C:\Windows\System32\drivers\tifsfilt.sys -- (tifsfilter) DRV - [2009/02/02 09:51:51 | 000,114,048 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\snapman.sys -- (snapman) DRV - [2008/02/29 02:13:38 | 001,202,560 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem) DRV - [2008/01/20 20:23:20 | 002,225,664 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NETw3v32.sys -- (NETw3v32) Controlador de adaptador Intel(R) DRV - [2007/11/15 10:33:00 | 008,234,176 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm) DRV - [2007/11/09 16:25:56 | 000,356,352 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\stwrt.sys -- (STHDA) DRV - [2007/10/03 02:18:12 | 000,099,840 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169) DRV - [2007/08/07 18:26:06 | 002,226,688 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NETw4v32.sys -- (NETw4v32) Controlador del adaptador Intel(R) DRV - [2007/05/23 16:37:40 | 000,011,776 | ---- | M] (Chicony Electronics Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\UVCFTR_S.SYS -- (UVCFTR) DRV - [2007/01/29 06:20:34 | 000,059,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\VMNetSrv.sys -- (VPCNetS2) DRV - [2006/11/22 09:01:48 | 000,693,760 | ---- | M] (Aladdin Knowledge Systems Ltd.) [Kernel | Auto | Running] -- C:\Windows\system32\drivers\hardlock.sys -- (Hardlock) DRV - [2006/11/02 01:36:43 | 002,028,032 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (R300) DRV - [2005/04/07 17:18:34 | 000,003,840 | ---- | M] () [Kernel | System | Running] -- C:\Windows\System32\Drivers\BANTExt.sys -- (BANTExt) DRV - [2005/04/06 14:05:24 | 000,015,360 | ---- | M] (Maxtor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mxopswd.sys -- (MXOPSWD) DRV - [2000/02/03 13:53:12 | 000,024,608 | ---- | M] () [Kernel | System | Running] -- C:\Windows\system32\ckldrv.sys -- (NetworkX) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.gateway.com/g/startpage.html?Ch=Retail&SubCH=nofound&Br=GTW&Loc=SPN_MX&Sys=PTB&M=P-6801mFX IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.gateway.com/g/startpage.html?Ch=Retail&SubCH=nofound&Br=GTW&Loc=SPN_MX&Sys=PTB&M=P-6801mFX IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie IE - HKLM\..\URLSearchHook: {3ce45c4f-bfff-4988-9a3c-a75c1f491319} - C:\Archivos de programa\ZoneAlarm_Security_Suite\prxtbZone.dll (Conduit Ltd.) IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.gateway.com/g/startpage.html?Ch=Retail&SubCH=nofound&Br=GTW&Loc=SPN_MX&Sys=PTB&M=P-6801mFX IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com.mx/ IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 2 IE - HKCU\..\URLSearchHook: {ba14329e-9550-4989-b3f2-9732e92d17cc} - No CLSID value found IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 FF - HKLM\Software\MozillaPlugins\@checkpoint.com/FFApi: C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\npFFApi.dll () FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: File not found FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@nosltd.com/getPlus+(R),version=1.6.2.97: File not found FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=12.0.1.669: c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=12.0.1.669: c:\program files\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=12.0.1.669: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=12.0.1.669: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=12.0.1.669: c:\program files\real\realplayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found FF - HKLM\Software\MozillaPlugins\Adobe Acrobat: C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}: C:\Program Files\CheckPoint\ZAForceField\TrustChecker [2011/11/07 21:00:14 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2011/11/02 17:55:21 | 000,000,000 | ---D | M] [color=#E56717]========== Chrome ==========[/color] CHR - default_search_provider: Google () CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}sourceid=chrome&ie={inputEncoding}&q={searchTerms} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?client=chrome&hl={language}&q={searchTerms} CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\8.0.552.224\pdf.dll CHR - plugin: Google Gears 0.5.33.0 (Enabled) = C:\Program Files\Google\Chrome\Application\8.0.552.224\gears.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\8.0.552.224\gcswf32.dll CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll CHR - plugin: Java(TM) Platform SE 6 U13 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeploytk.dll CHR - plugin: Java(TM) Platform SE 6 U13 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin.dll CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin2.dll CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin3.dll CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin4.dll CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin5.dll CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin6.dll CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin7.dll CHR - plugin: DivX Player Netscape Plugin (Enabled) = C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.2.183.39\npGoogleOneClick8.dll CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll CHR - plugin: Windows Presentation Foundation (Enabled) = c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = c:\program files\real\realplayer\Netscape6\nppl3260.dll CHR - plugin: RealJukebox NS Plugin (Enabled) = c:\program files\real\realplayer\Netscape6\nprjplug.dll CHR - plugin: RealPlayer Version Plugin (Enabled) = c:\program files\real\realplayer\Netscape6\nprpjplug.dll CHR - plugin: Default Plug-in (Enabled) = default_plugin CHR - Extension: AutocompletePro plugin for chrome = C:\Users\FX\AppData\Local\Google\Chrome\User Data\Default\Extensions\defdhglnppeioeflggkmglipcecffkhk\1.0_0\ O1 HOSTS File: ([2006/09/18 15:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer) O2 - BHO: (ZoneAlarm Security Suite Toolbar) - {3ce45c4f-bfff-4988-9a3c-a75c1f491319} - C:\Program Files\ZoneAlarm_Security_Suite\prxtbZone.dll (Conduit Ltd.) O2 - BHO: (no name) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - No CLSID value found. O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - No CLSID value found. O2 - BHO: (ZoneAlarm Security Engine Registrar) - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Archivos de programa\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies) O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Archivos de programa\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Archivos de programa\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O2 - BHO: (no name) - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - No CLSID value found. O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Archivos de programa\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O3 - HKLM\..\Toolbar: (ZoneAlarm Security Suite Toolbar) - {3ce45c4f-bfff-4988-9a3c-a75c1f491319} - C:\Archivos de programa\ZoneAlarm_Security_Suite\prxtbZone.dll (Conduit Ltd.) O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Archivos de programa\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O3 - HKLM\..\Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found. O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Archivos de programa\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found. O3 - HKLM\..\Toolbar: (ZoneAlarm Security Engine) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Archivos de programa\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies) O3 - HKCU\..\Toolbar\WebBrowser: (ZoneAlarm Security Suite Toolbar) - {3CE45C4F-BFFF-4988-9A3C-A75C1F491319} - C:\Archivos de programa\ZoneAlarm_Security_Suite\prxtbZone.dll (Conduit Ltd.) O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Archivos de programa\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O3 - HKCU\..\Toolbar\WebBrowser: (ZoneAlarm Security Engine) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Archivos de programa\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies) O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe (Adobe Systems Inc.) O4 - HKLM..\Run: [Acronis Scheduler2 Service] C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe (Acronis) O4 - HKLM..\Run: [AcronisTimounterMonitor] C:\Archivos de programa\Acronis\TrueImageHome\TimounterMonitor.exe (Acronis) O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software) O4 - HKLM..\Run: [Camera Assistant Software] C:\Program Files\Camera Assistant Software for Gateway\traybar.exe (Chicony) O4 - HKLM..\Run: [hmonitor] C:\Archivos de programa\Hmonitor\hmonitor.exe (AB Software) O4 - HKLM..\Run: [iolo Startup] C:\Program Files\iolo\Common\Lib\ioloLManager.exe (iolo technologies, LLC) O4 - HKLM..\Run: [ISW] C:\Program Files\CheckPoint\ZAForceField\ForceField.exe (Check Point Software Technologies) O4 - HKLM..\Run: [MaxtorOneTouch] C:\Archivos de programa\Maxtor\OneTouch\Utils\OneTouch.exe (Maxtor Corporation) O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation) O4 - HKLM..\Run: [NvSvc] C:\Windows\System32\nvsvc.dll (NVIDIA Corporation) O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Real\RealPlayer\update\realsched.exe (RealNetworks, Inc.) O4 - HKLM..\Run: [TrueImageMonitor.exe] C:\Archivos de programa\Acronis\TrueImageHome\TrueImageMonitor.exe (Acronis) O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation) O4 - HKLM..\Run: [ZoneAlarm] C:\Program Files\CheckPoint\ZoneAlarm\zatray.exe (Check Point Software Technologies LTD) O4 - HKCU..\Run: [WMPNSCFG] C:\Archivos de programa\Windows Media Player\wmpnscfg.exe (Microsoft Corporation) O8 - Extra context menu item: Append Link Target to Existing PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Append to Existing PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Convert Link Target to Adobe PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Convert to Adobe PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000 File not found O8 - Extra context menu item: E&xportar a Microsoft Excel - C:\Archivos de programa\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation) O9 - Extra Button: Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Archivos de programa\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : &Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Archivos de programa\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Archivos de programa\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation) O13 - gopher Prefix: missing O15 - HKCU\..Trusted Ranges: GD ([http] in Local intranet) O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} http://support.gateway.com/support/profiler/PCPitStop.CAB (Reg Error: Key error.) O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13) O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1 10.3.77.10 10.3.1.100 10.3.1.221 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5C0DF9DD-FC2D-4305-99D1-BD3585A4563C}: DhcpNameServer = 192.168.0.1 10.3.77.10 10.3.1.100 10.3.1.221 O18 - Protocol\Handler\belarc {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Archivos de programa\Belarc\Advisor\System\BAVoilaX.dll (Belarc, Inc.) O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Archivos de programa\MSN Messenger\msgrapp.8.1.0178.00.dll (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Archivos de programa\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Archivos de programa\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Archivos de programa\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation) O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Archivos de programa\Common Files\microsoft shared\Information Retrieval\MSITSS.DLL (Microsoft Corporation) O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Archivos de programa\MSN Messenger\msgrapp.8.1.0178.00.dll (Microsoft Corporation) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Archivos de programa\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL) -C:\Archivos de programa\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google) O20 - AppInit_DLLs: (acaptuser32.dll) -C:\Windows\System32\acaptuser32.dll (Adobe Systems Incorporated) O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\System32\userinit.exe (Microsoft Corporation) O22 - SharedTaskScheduler: {E31004D1-A431-41B8-826F-E902F9D95C81} - Windows DreamScene - C:\Windows\System32\DreamScene.dll (Microsoft Corporation) O24 - Desktop WallPaper: C:\Users\FX\AppData\Roaming\Microsoft\Windows Photo Gallery\Papel tapiz de Galería fotográfica de Windows.jpg O24 - Desktop BackupWallPaper: C:\Users\FX\AppData\Roaming\Microsoft\Windows Photo Gallery\Papel tapiz de Galería fotográfica de Windows.jpg O30 - LSA: Authentication Packages - (relog_ap) -C:\Windows\System32\relog_ap.dll (Acronis) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006/09/18 15:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O32 - AutoRun File - [2004/04/30 18:01:00 | 000,000,053 | -HS- | M] () - D:\Autorun.inf -- [ NTFS ] O33 - MountPoints2\{cd89b2ae-4b10-11dd-86d2-001d72375778}\Shell\Auto\command - "" = F:\RavMonE.exe e O33 - MountPoints2\{cd89b2ae-4b10-11dd-86d2-001d72375778}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL F:\RavMonE.exe e O33 - MountPoints2\{cd89b2ae-4b10-11dd-86d2-001d72375778}\Shell\explore\Command - "" = F:\RavMonE.exe e O33 - MountPoints2\{cd89b2ae-4b10-11dd-86d2-001d72375778}\Shell\open\Command - "" = F:\RavMonE.exe e O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2011/12/01 17:01:24 | 000,000,000 | ---D | C] -- C:\Users\FX\Documents\pps [2011/11/30 12:15:04 | 000,000,000 | ---D | C] -- C:\Users\FX\AppData\Roaming\JAM Software [2011/11/30 12:15:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TreeSize Free [2011/11/30 12:15:00 | 000,000,000 | ---D | C] -- C:\Program Files\JAM Software [2011/11/20 17:48:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASF-AVI-RM-WMV Repair [2011/11/20 17:48:27 | 000,000,000 | ---D | C] -- C:\Program Files\ASF-AVI-RM-WMV Repair [2011/11/17 11:14:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN [2011/11/08 20:24:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oasys Alp 19.1 [2011/11/08 20:24:37 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Oasys [2011/11/08 20:24:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Oasys [2011/11/08 20:24:35 | 000,000,000 | ---D | C] -- C:\Program Files\Oasys [2011/11/07 21:01:37 | 000,000,000 | ---D | C] -- C:\Windows\Internet Logs [2011/11/07 21:00:13 | 000,000,000 | ---D | C] -- C:\Program Files\Conduit [2011/11/07 21:00:09 | 000,000,000 | ---D | C] -- C:\Program Files\ZoneAlarm_Security_Suite [2011/11/07 20:59:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Check Point [2011/11/02 17:55:28 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\xing shared [2011/02/22 18:06:52 | 002,289,256 | ---- | C] (CrystalIdea Software ) -- C:\Users\FX\AppData\Roaming\utool2.exe [2010/02/03 23:00:00 | 000,139,264 | ---- | C] ( ) -- C:\Windows\sipr3260.dll [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2011/12/01 18:36:31 | 000,168,066 | ---- | M] () -- C:\Users\FX\AppData\Roaming\nvModes.001 [2011/12/01 18:35:49 | 000,000,326 | ---- | M] () -- C:\Windows\tasks\RegistryBooster.job [2011/12/01 18:35:25 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2011/12/01 18:35:25 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2011/12/01 18:35:17 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2011/12/01 18:31:33 | 000,153,600 | ---- | M] () -- C:\Users\FX\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011/12/01 16:12:11 | 000,001,922 | ---- | M] () -- C:\Users\FX\Desktop\System Mechanic.lnk [2011/12/01 12:01:51 | 000,000,269 | ---- | M] () -- C:\Windows\SysMech.INI [2011/12/01 08:07:44 | 000,000,386 | ---- | M] () -- C:\Windows\System32\ioloBootDefrag.cfg [2011/11/30 20:55:54 | 000,029,696 | ---- | M] (iolo technologies, LLC) -- C:\Windows\System32\iolobtdfg.exe [2011/11/30 20:55:44 | 000,011,776 | ---- | M] (iolo technologies, LLC) -- C:\Windows\System32\smrgdf.exe [2011/11/30 20:27:42 | 002,083,464 | ---- | M] (iolo technologies, LLC) -- C:\Windows\System32\Incinerator32.dll [2011/11/30 13:43:26 | 000,016,652 | ---- | M] () -- C:\Users\FX\Documents\diskusage on [Partition_1])nov30.pdf [2011/11/30 12:15:01 | 000,001,025 | ---- | M] () -- C:\Users\FX\Desktop\TreeSize Free.lnk [2011/11/28 16:35:03 | 000,168,066 | ---- | M] () -- C:\Users\FX\AppData\Roaming\nvModes.dat [2011/11/28 16:34:36 | 000,000,680 | ---- | M] () -- C:\Users\FX\AppData\Local\d3d9caps.dat [2011/11/21 15:11:54 | 000,678,512 | ---- | M] () -- C:\Windows\System32\perfh00A.dat [2011/11/21 15:11:54 | 000,596,670 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2011/11/21 15:11:54 | 000,133,986 | ---- | M] () -- C:\Windows\System32\perfc00A.dat [2011/11/21 15:11:54 | 000,104,744 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2011/11/20 17:48:28 | 000,000,843 | ---- | M] () -- C:\Users\FX\Desktop\ASF-AVI-RM-WMV Repair.lnk [2011/11/17 11:14:34 | 000,000,870 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk [2011/11/08 20:32:41 | 000,002,383 | ---- | M] () -- C:\Users\FX\Documents\Alp1.alw [2011/11/08 20:24:39 | 000,003,120 | ---- | M] () -- C:\Windows\System32\7Q6DN42B.ocx [2011/11/07 21:01:46 | 000,411,163 | ---- | M] () -- C:\Windows\System32\drivers\vsconfig.xml [2011/11/02 17:58:29 | 000,000,877 | ---- | M] () -- C:\Users\Public\Desktop\RealPlayer.lnk [color=#E56717]========== Files Created - No Company Name ==========[/color] [2011/11/30 12:25:46 | 000,016,652 | ---- | C] () -- C:\Users\FX\Documents\diskusage on [Partition_1])nov30.pdf [2011/11/30 12:15:01 | 000,001,025 | ---- | C] () -- C:\Users\FX\Desktop\TreeSize Free.lnk [2011/11/20 17:48:28 | 000,000,843 | ---- | C] () -- C:\Users\FX\Desktop\ASF-AVI-RM-WMV Repair.lnk [2011/11/17 11:14:34 | 000,000,870 | ---- | C] () -- C:\Users\Public\Desktop\VLC media player.lnk [2011/11/08 20:32:41 | 000,002,383 | ---- | C] () -- C:\Users\FX\Documents\Alp1.alw [2011/11/08 20:24:39 | 000,003,120 | ---- | C] () -- C:\Windows\System32\7Q6DN42B.ocx [2011/11/07 21:00:41 | 000,411,163 | ---- | C] () -- C:\Windows\System32\drivers\vsconfig.xml [2011/11/02 17:58:29 | 000,000,877 | ---- | C] () -- C:\Users\Public\Desktop\RealPlayer.lnk [2011/06/19 22:08:12 | 000,024,576 | ---- | C] () -- C:\Windows\System32\hdduinst.exe [2011/06/19 19:36:43 | 000,000,383 | ---- | C] () -- C:\Windows\System32\haspdos.sys [2011/05/11 17:26:13 | 000,000,269 | ---- | C] () -- C:\Windows\SysMech.INI [2011/04/27 10:21:38 | 003,268,096 | ---- | C] () -- C:\Windows\System32\x264vfw.dll [2011/04/06 09:53:45 | 000,000,680 | ---- | C] () -- C:\Users\FX\AppData\Local\d3d9caps.dat [2011/03/14 16:52:02 | 000,074,703 | ---- | C] () -- C:\Windows\System32\mfc45.dll [2011/02/27 11:35:21 | 000,000,165 | ---- | C] () -- C:\Windows\Crypkey.ini [2011/02/27 11:35:14 | 000,027,648 | R--- | C] () -- C:\Windows\Setup_ck.exe [2011/02/27 11:35:14 | 000,024,608 | ---- | C] () -- C:\Windows\System32\Ckldrv.sys [2011/02/27 11:35:14 | 000,018,432 | ---- | C] () -- C:\Windows\Setup_ck.dll [2011/02/27 11:35:14 | 000,011,776 | ---- | C] () -- C:\Windows\Ckrfresh.exe [2011/02/26 18:43:32 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini [2011/02/22 18:06:53 | 000,061,440 | ---- | C] () -- C:\Users\FX\AppData\Roaming\chrtmp [2011/01/08 17:29:31 | 000,000,016 | ---- | C] () -- C:\Windows\System32\reg26133win.dll [2011/01/08 15:54:12 | 000,000,014 | ---- | C] () -- C:\Windows\System32\pro26133win.dll [2011/01/08 14:45:57 | 000,217,600 | ---- | C] () -- C:\Windows\System32\pdftool.dll [2011/01/04 16:52:09 | 000,010,536 | ---- | C] () -- C:\Windows\System32\drivers\hmonitor45.sys [2010/03/15 04:31:48 | 000,165,376 | ---- | C] () -- C:\Windows\System32\unrar.dll [2009/10/12 10:27:29 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll [2009/10/12 10:27:29 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin [2009/08/03 15:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll [2009/08/03 15:07:42 | 000,230,768 | ---- | C] () -- C:\Windows\System32\OGAEXEC.exe [2009/06/04 10:00:10 | 000,000,026 | R--- | C] () -- C:\Windows\cpd3fp.ini [2009/03/15 09:45:59 | 000,000,282 | RHS- | C] () -- C:\ProgramData\ntuser.pol [2009/02/27 10:44:11 | 000,000,180 | ---- | C] () -- C:\Windows\pdf2word.INI [2009/02/23 11:14:24 | 000,000,190 | ---- | C] () -- C:\Users\FX\AppData\Roaming\wklnhst.dat [2009/02/22 15:23:54 | 000,458,752 | ---- | C] () -- C:\Windows\System32\LiveUpdate.dll [2009/02/22 15:23:54 | 000,006,538 | ---- | C] () -- C:\Windows\System32\WinGPDrv.dat [2009/02/22 15:23:54 | 000,006,535 | ---- | C] () -- C:\Windows\System32\NGWinDrv.dat [2009/02/22 15:23:52 | 000,000,016 | -H-- | C] () -- C:\Windows\System32\h8ghqs4.dll [2009/02/22 15:23:51 | 000,000,016 | -H-- | C] () -- C:\Windows\System32\cmci8zx.dll [2009/02/22 15:23:51 | 000,000,016 | -H-- | C] () -- C:\Windows\System32\a2dvk59.dll [2009/02/22 15:23:49 | 000,000,016 | -H-- | C] () -- C:\Windows\System32\zzppqel.dll [2009/02/22 15:23:48 | 000,000,016 | -H-- | C] () -- C:\Windows\System32\nd4nejy.dll [2009/02/22 15:23:46 | 000,000,016 | -H-- | C] () -- C:\Windows\System32\b027w5p.dll [2009/02/22 15:23:45 | 000,001,025 | ---- | C] () -- C:\Windows\System32\zfjzr8m.dll [2009/02/22 15:23:45 | 000,000,205 | ---- | C] () -- C:\Windows\System32\yqkv4sh.dll [2009/02/22 15:23:45 | 000,000,016 | -H-- | C] () -- C:\Windows\System32\cgm011a.dll [2009/02/22 15:23:43 | 000,001,024 | ---- | C] () -- C:\Windows\System32\grcauth2.dll [2009/02/22 15:23:43 | 000,001,024 | ---- | C] () -- C:\Windows\System32\grcauth1.dll [2009/02/22 15:23:43 | 000,001,024 | ---- | C] () -- C:\Windows\System32\clauth2.dll [2009/02/22 15:23:43 | 000,001,024 | ---- | C] () -- C:\Windows\System32\clauth1.dll [2009/02/22 15:23:43 | 000,000,101 | ---- | C] () -- C:\Windows\System32\prsgrc.dll [2009/02/22 15:23:43 | 000,000,016 | -H-- | C] () -- C:\Windows\System32\qn76h6o.dll [2009/02/22 15:23:43 | 000,000,000 | ---- | C] () -- C:\Windows\System32\ssprs.dll [2009/02/22 15:23:39 | 000,013,745 | ---- | C] () -- C:\Windows\StaadPro20070.ini [2009/02/22 15:23:39 | 000,008,214 | ---- | C] () -- C:\Windows\SProRC20070.ini [2009/02/12 20:16:35 | 000,000,464 | ---- | C] () -- C:\Windows\infoview.ini [2009/02/12 19:51:12 | 000,000,239 | ---- | C] () -- C:\Windows\POWERPNT.INI [2009/02/12 19:50:59 | 000,000,091 | ---- | C] () -- C:\Windows\exchng32.ini [2009/02/12 19:50:59 | 000,000,026 | ---- | C] () -- C:\Windows\datalink.ini [2009/02/12 19:50:53 | 000,000,032 | ---- | C] () -- C:\Windows\GRAPH5.INI [2009/02/11 17:19:47 | 000,227,840 | ---- | C] () -- C:\Windows\System32\lllmgr325a.dll [2009/02/11 17:19:15 | 000,000,174 | ---- | C] () -- C:\Windows\MATLAB.INI [2009/02/11 16:56:52 | 000,000,009 | ---- | C] () -- C:\Windows\WINHLP32.INI [2009/02/11 16:56:51 | 000,000,810 | ---- | C] () -- C:\Windows\WINHELP.INI [2009/02/11 16:56:47 | 000,001,147 | ---- | C] () -- C:\Windows\ODBCINST.INI [2009/02/02 09:35:04 | 000,003,840 | ---- | C] () -- C:\Windows\System32\drivers\BANTExt.sys [2009/01/21 17:41:53 | 000,028,672 | ---- | C] () -- C:\Windows\System32\hsduinst.exe [2009/01/21 17:41:52 | 000,153,088 | ---- | C] () -- C:\Windows\System32\UNWISE.EXE [2008/12/15 09:20:03 | 000,000,376 | ---- | C] () -- C:\Windows\ODBC.INI [2008/12/05 17:21:31 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin [2008/06/22 02:17:15 | 000,168,066 | ---- | C] () -- C:\Users\FX\AppData\Roaming\nvModes.001 [2008/06/22 02:03:36 | 000,168,066 | ---- | C] () -- C:\Users\FX\AppData\Roaming\nvModes.dat [2008/06/21 05:09:38 | 000,153,600 | ---- | C] () -- C:\Users\FX\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2008/05/22 09:16:58 | 000,003,584 | ---- | C] () -- C:\Windows\System32\wceprv.dll [2008/05/19 12:47:08 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll [2008/02/05 13:40:31 | 000,360,448 | ---- | C] () -- C:\Windows\System32\HotlineClient.exe [2008/02/05 13:31:40 | 000,000,000 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat [2008/01/21 01:23:13 | 000,678,512 | ---- | C] () -- C:\Windows\System32\perfh00A.dat [2008/01/21 01:23:13 | 000,336,930 | ---- | C] () -- C:\Windows\System32\perfi00A.dat [2008/01/21 01:23:13 | 000,133,986 | ---- | C] () -- C:\Windows\System32\perfc00A.dat [2008/01/21 01:23:13 | 000,040,258 | ---- | C] () -- C:\Windows\System32\perfd00A.dat [2007/03/23 17:35:26 | 000,022,723 | ---- | C] () -- C:\Windows\System32\xrxs1l3.dll [2007/02/05 19:05:26 | 000,000,038 | ---- | C] () -- C:\Windows\AviSplitter.INI [2006/11/02 06:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat [2006/11/02 06:47:37 | 000,410,664 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT [2006/11/02 06:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll [2006/11/02 04:33:01 | 000,596,670 | ---- | C] () -- C:\Windows\System32\perfh009.dat [2006/11/02 04:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat [2006/11/02 04:33:01 | 000,104,744 | ---- | C] () -- C:\Windows\System32\perfc009.dat [2006/11/02 04:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat [2006/11/02 04:25:44 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll [2006/11/02 04:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat [2006/11/02 02:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin [2006/11/02 02:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT [2006/11/02 01:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini [2006/11/02 01:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat [2004/08/24 08:08:37 | 000,034,816 | ---- | C] () -- C:\Windows\Instdrv.exe [2002/03/14 12:00:26 | 000,038,567 | ---- | C] () -- C:\Windows\System32\pcpbios.exe [2001/03/19 09:09:17 | 000,000,000 | ---- | C] () -- C:\Windows\winfile.ini [1998/08/16 05:00:00 | 000,004,096 | ---- | C] () -- C:\Windows\System32\sysres.dll [1996/11/14 00:00:00 | 000,012,288 | ---- | C] () -- C:\Windows\System32\HLINKPRX.DLL [1996/04/03 13:33:26 | 000,005,248 | ---- | C] () -- C:\Windows\System32\giveio.sys [1996/03/25 00:00:00 | 000,893,440 | ---- | C] () -- C:\Windows\System32\WWINTL32.DLL [1996/03/25 00:00:00 | 000,107,008 | ---- | C] () -- C:\Windows\System32\TTEMB32.DLL [1996/03/25 00:00:00 | 000,068,096 | ---- | C] () -- C:\Windows\System32\MSROUTE.DLL [1996/03/25 00:00:00 | 000,054,272 | ---- | C] () -- C:\Windows\System32\OPENESP.DLL [1996/03/25 00:00:00 | 000,011,776 | ---- | C] () -- C:\Windows\System32\VAES232.DLL [1996/03/25 00:00:00 | 000,010,000 | ---- | C] () -- C:\Windows\System32\VBAES32.DLL [1996/03/25 00:00:00 | 000,006,352 | ---- | C] () -- C:\Windows\System32\VISXUTIL.DLL [1996/03/25 00:00:00 | 000,002,305 | ---- | C] () -- C:\Windows\MSFNTMAP.INI [1996/03/25 00:00:00 | 000,000,586 | ---- | C] () -- C:\Windows\MSTXTCNV.INI [1996/03/25 00:00:00 | 000,000,280 | ---- | C] () -- C:\Windows\TTEMBED.INI [1995/08/15 00:00:00 | 000,078,438 | ---- | C] () -- C:\Windows\EXTRACT.EXE [color=#E56717]========== LOP Check ==========[/color] [2011/12/01 19:12:47 | 000,000,000 | ---D | M] -- C:\Users\FX\AppData\Roaming\#ISW.FS# [2009/03/06 18:47:24 | 000,000,000 | ---D | M] -- C:\Users\FX\AppData\Roaming\Acronis [2009/02/22 19:08:22 | 000,000,000 | ---D | M] -- C:\Users\FX\AppData\Roaming\Autodesk [2011/08/29 20:04:00 | 000,000,000 | ---D | M] -- C:\Users\FX\AppData\Roaming\Azureus [2011/02/23 09:45:02 | 000,000,000 | ---D | M] -- C:\Users\FX\AppData\Roaming\Babylon [2011/11/07 20:49:54 | 000,000,000 | ---D | M] -- C:\Users\FX\AppData\Roaming\CheckPoint [2009/06/17 16:34:02 | 000,000,000 | ---D | M] -- C:\Users\FX\AppData\Roaming\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1 [2011/02/10 14:48:01 | 000,000,000 | ---D | M] -- C:\Users\FX\AppData\Roaming\Free AVI MPEG WMV MP4 FLV Video Joiner [2011/01/16 07:43:00 | 000,000,000 | ---D | M] -- C:\Users\FX\AppData\Roaming\GetRight Pro [2011/07/06 10:37:26 | 000,000,000 | ---D | M] -- C:\Users\FX\AppData\Roaming\IGC [2011/11/29 13:51:11 | 000,000,000 | ---D | M] -- C:\Users\FX\AppData\Roaming\iolo [2011/02/23 09:43:45 | 000,000,000 | ---D | M] -- C:\Users\FX\AppData\Roaming\IrfanView [2011/11/30 12:15:04 | 000,000,000 | ---D | M] -- C:\Users\FX\AppData\Roaming\JAM Software [2008/06/21 05:06:53 | 000,000,000 | ---D | M] -- C:\Users\FX\AppData\Roaming\SampleView [2009/02/23 11:14:24 | 000,000,000 | ---D | M] -- C:\Users\FX\AppData\Roaming\Template [2010/08/13 16:12:18 | 000,000,000 | ---D | M] -- C:\Users\FX\AppData\Roaming\Twins Software [2009/04/25 13:00:08 | 000,000,000 | ---D | M] -- C:\Users\FX\AppData\Roaming\Ulead Systems [2011/07/30 12:39:18 | 000,000,000 | ---D | M] -- C:\Users\FX\AppData\Roaming\Uniblue [2011/10/28 18:08:00 | 000,000,000 | ---D | M] -- C:\Users\FX\AppData\Roaming\VistaCodecs [2011/12/01 18:35:49 | 000,000,326 | ---- | M] () -- C:\Windows\Tasks\RegistryBooster.job [2011/12/01 18:34:07 | 000,032,658 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Files - Unicode (All) ==========[/color] [2011/02/28 10:22:50 | 000,000,000 | ---D | M](C:\Windows\System32\?j???j?j?j?j?j?j) -- C:\Windows\System32\ĵ䯵睗ĵĵĵĵĵĵ [2011/02/28 10:22:50 | 000,000,000 | ---D | C](C:\Windows\System32\?j???j?j?j?j?j?j) -- C:\Windows\System32\ĵ䯵睗ĵĵĵĵĵĵ [color=#E56717]========== Alternate Data Streams ==========[/color] @Alternate Data Stream - 138 bytes -> C:\ProgramData\TEMP:63238B95 @Alternate Data Stream - 131 bytes -> C:\ProgramData\TEMP:C8B8CEBD < End of report >