OTL logfile created on: 3/23/2012 3:39:01 PM - Run OTLPE by OldTimer - Version 3.1.48.0 Folder = X:\Programs\OTLPE Microsoft Windows XP Service Pack 3 (Version = 5.1.2600) - Type = SYSTEM Internet Explorer (Version = 8.0.6001.18702) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 1,015.00 Mb Total Physical Memory | 827.00 Mb Available Physical Memory | 81.00% Memory free 903.00 Mb Paging File | 850.00 Mb Available in Paging File | 94.00% Paging File free Paging file location(s): C:\pagefile.sys 1524 3048 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 74.52 Gb Total Space | 43.11 Gb Free Space | 57.85% Space Free | Partition Type: NTFS Drive X: | 284.12 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS Computer Name: REATOGO | User Name: SYSTEM Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days Using ControlSet: ControlSet004 [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - File not found [Disabled] -- -- (HidServ) SRV - [2011/10/08 19:34:24 | 000,820,568 | ---- | M] (IObit) [Auto] -- C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe -- (IMFservice) SRV - [2011/08/09 17:38:38 | 000,328,536 | ---- | M] (IObit) [Auto] -- C:\Program Files\IObit\Advanced SystemCare 4\ASCService.exe -- (AdvancedSystemCareService) SRV - [2010/08/29 04:54:52 | 002,434,568 | ---- | M] (Check Point Software Technologies LTD) [Auto] -- C:\WINDOWS\System32\ZoneLabs\vsmon.exe -- (vsmon) SRV - [2010/08/27 05:34:02 | 000,493,032 | ---- | M] (Check Point Software Technologies) [Auto] -- C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe -- (IswSvc) SRV - [2010/07/25 19:03:36 | 000,488,960 | ---- | M] (Crawler.com) [Auto] -- C:\Program Files\Spyware Terminator\sp_rsser.exe -- (sp_rssrv) SRV - [2000/07/11 12:48:36 | 000,049,152 | ---- | M] () [Auto] -- C:\Program Files\MTS\EnterNet 300\app\PPPoEService.exe -- (PPPoEService) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - File not found [Kernel | On_Demand] -- -- (WDICA) DRV - File not found [Kernel | On_Demand] -- -- (RAWESR) DRV - File not found [Kernel | On_Demand] -- -- (PDRFRAME) DRV - File not found [Kernel | On_Demand] -- -- (PDRELI) DRV - File not found [Kernel | On_Demand] -- -- (PDFRAME) DRV - File not found [Kernel | On_Demand] -- -- (PDCOMP) DRV - File not found [Kernel | System] -- -- (PCIDump) DRV - File not found [Kernel | System] -- -- (lbrtfdc) DRV - File not found [Kernel | On_Demand] -- -- (L2XPSR) DRV - File not found [Kernel | System] -- -- (i2omgmt) DRV - File not found [Kernel | On_Demand] -- -- (cpuz134) DRV - File not found [Kernel | On_Demand] -- -- (cpuz132) DRV - File not found [Kernel | System] -- -- (Changer) DRV - [2011/10/08 19:04:42 | 000,239,472 | ---- | M] () [File_System | Disabled] -- C:\Program Files\IObit\IObit Malware Fighter\Drivers\wxp_x86\FileMonitor.sys -- (FileMonitor) DRV - [2011/09/20 16:29:32 | 000,016,208 | ---- | M] (IObit.com) [Kernel | On_Demand] -- C:\Program Files\IObit\IObit Malware Fighter\Drivers\wxp_x86\UrlFilter.sys -- (UrlFilter) DRV - [2011/09/20 16:29:30 | 000,030,368 | ---- | M] (IObit.com) [Kernel | On_Demand] -- C:\Program Files\IObit\IObit Malware Fighter\Drivers\wxp_x86\RegFilter.sys -- (RegFilter) DRV - [2010/11/26 19:02:52 | 000,014,776 | ---- | M] () [Kernel | Boot] -- C:\WINDOWS\system32\drivers\SmartDefragDriver.sys -- (SmartDefragDriver) DRV - [2010/09/13 17:27:24 | 000,025,680 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\AVGIDSEH.sys -- (AVGIDSEH) DRV - [2010/08/27 05:33:54 | 000,035,568 | ---- | M] (Check Point Software Technologies) [Kernel | On_Demand] -- C:\Program Files\CheckPoint\ZAForceField\AK\icsak.sys -- (icsak) DRV - [2010/08/27 05:33:54 | 000,026,352 | ---- | M] (Check Point Software Technologies) [Kernel | Auto] -- C:\Program Files\CheckPoint\ZAForceField\ISWKL.sys -- (ISWKL) DRV - [2010/07/25 19:03:35 | 000,142,592 | ---- | M] () [Kernel | System] -- C:\WINDOWS\system32\drivers\sp_rsdrv2.sys -- (sp_rsdrv2) DRV - [2010/06/09 21:16:12 | 000,528,128 | ---- | M] (Check Point Software Technologies LTD) [Kernel | System] -- C:\WINDOWS\system32\vsdatant.sys -- (vsdatant) DRV - [2010/02/11 08:02:15 | 000,226,880 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\tcpip6.sys -- (Tcpip6) DRV - [2009/10/12 20:15:30 | 000,317,072 | ---- | M] (Kaspersky Lab) [File_System | System] -- C:\WINDOWS\system32\drivers\klif.sys -- (KLIF) DRV - [2009/10/12 20:15:26 | 000,128,016 | ---- | M] (Kaspersky Lab) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\kl1.sys -- (kl1) DRV - [2009/01/13 20:13:52 | 000,049,160 | ---- | M] (Logitech Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\WmXlCore.sys -- (WmXlCore) DRV - [2009/01/13 20:13:44 | 000,014,728 | ---- | M] (Logitech Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\WmVirHid.sys -- (WmVirHid) DRV - [2009/01/13 20:13:28 | 000,029,192 | ---- | M] (Logitech Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\WmFilter.sys -- (WmFilter) DRV - [2009/01/13 20:13:20 | 000,019,336 | ---- | M] (Logitech Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\WmBEnum.sys -- (WmBEnum) DRV - [2008/07/25 02:18:32 | 000,176,640 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\b57xp32.sys -- (b57w2k) DRV - [2008/06/06 10:15:40 | 000,098,816 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\baspxp32.sys -- (Blfp) DRV - [2008/04/14 02:26:08 | 000,088,320 | ---- | M] (Microsoft Corporation) [Kernel | Auto] -- C:\WINDOWS\system32\drivers\nwlnkipx.sys -- (NwlnkIpx) DRV - [2008/04/14 02:23:10 | 000,040,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\nmnt.sys -- (nm) DRV - [2005/10/16 09:00:00 | 000,012,928 | ---- | M] (Bo Brantén) [Kernel | System] -- C:\WINDOWS\System32\drivers\filedisk.sys -- (FileDisk) DRV - [2004/08/12 04:25:24 | 000,063,232 | ---- | M] (Microsoft Corporation) [Kernel | Auto] -- C:\WINDOWS\system32\drivers\nwlnknb.sys -- (NwlnkNb) DRV - [2004/08/12 04:25:24 | 000,055,936 | ---- | M] (Microsoft Corporation) [Kernel | Auto] -- C:\WINDOWS\system32\drivers\nwlnkspx.sys -- (NwlnkSpx) DRV - [2004/05/10 18:28:20 | 000,019,845 | ---- | M] () [Kernel | Auto] -- C:\WINDOWS\system32\drivers\Cpqdfw.sys -- (cpqdfw) DRV - [2002/03/07 19:21:28 | 000,095,528 | ---- | M] (Sunplus Technology Co. LTD.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\SPIXNEW.SYS -- (SUNPLUS) DRV - [2002/03/06 13:44:32 | 000,161,640 | ---- | M] (Efficient Networks, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ntspppoe.sys -- (NTSPPPOE) DRV - [2002/03/06 13:42:56 | 000,016,096 | ---- | M] (Network TeleSystems, Inc.) [Kernel | On_Demand] -- C:\Program Files\MTS\EnterNet 300\app\ntstpl1.sys -- (NTSTPL1) DRV - [2002/03/06 13:42:50 | 000,044,544 | ---- | M] (Network TeleSystems, Inc.) [Kernel | On_Demand] -- C:\Program Files\MTS\EnterNet 300\app\tapbind1.sys -- (TAPBIND) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\HP_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank IE - HKU\HP_ON_C\..\URLSearchHook: {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - C:\Program Files\BitTorrentBar\prxtbBitT.dll (Conduit Ltd.) IE - HKU\HP_ON_C\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - Reg Error: Key error. File not found IE - HKU\HP_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\systemprofile_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.search.defaultenginename: "Yahoo! Search" FF - prefs.js..browser.search.defaultthis.engineName: "Search" FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2269050&SearchSource=3&q={searchTerms}" FF - prefs.js..browser.search.selectedEngine: "AVG Secure Search" FF - prefs.js..browser.search.suggest.enabled: false FF - prefs.js..browser.search.update: false FF - prefs.js..browser.startup.homepage: "about:home" FF - prefs.js..extensions.enabledItems: feedly@devhd:5.3 FF - prefs.js..extensions.enabledItems: piclens@cooliris.com:1.12.0.36949 FF - prefs.js..extensions.enabledItems: {446c03e0-2c35-11db-a98b-0800200c9a67}:0.5 FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0 FF - prefs.js..extensions.enabledItems: {8f5ce3f8-1735-4680-b15e-108f2f50e8ba}:3.0.0 FF - prefs.js..extensions.enabledItems: {3e0e7d2a-070f-4a47-b019-91fe5385ba79}:3.1.1 FF - prefs.js..extensions.enabledItems: {ab91efd4-6975-4081-8552-1b3922ed79e2}:1.0.5.1 FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1 FF - prefs.js..extensions.enabledItems: {872b5b88-9db5-4310-bdd0-ac189557e5f5}:2.7.2.0 FF - prefs.js..keyword.URL: "http://search.avg.com/route/?d=4cbf83a5&v=6.010.006.004&i=23&tp=ab&iy=&ychte=ca&lng=en-US&q=" FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@ei.RadioPI_4e.com/Plugin: C:\Program Files\RadioPI_4eEI\Installr\3.bin\NP4eEISb.dll (RadioPI) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=1.1.10: C:\Program Files\VideoLAN\VLC\npvlc.dll (the VideoLAN Team) FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Documents and Settings\HP\Application Data\Mozilla\plugins\npgoogletalk.dll (Google) FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Documents and Settings\HP\Application Data\Mozilla\plugins\npgtpo3dautoplugin.dll () FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: File not found FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: File not found FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}: C:\Program Files\CheckPoint\ZAForceField\TrustChecker [2012/03/15 06:07:51 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/02/29 16:00:08 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/02/22 16:22:41 | 000,000,000 | ---D | M] [2010/07/05 21:04:51 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\HP\Application Data\Mozilla\Extensions [2010/07/05 21:04:51 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\HP\Application Data\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6} [2012/03/01 15:58:04 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\HP\Application Data\Mozilla\Firefox\Profiles\47ldxd4p.default\extensions [2011/09/08 14:39:34 | 000,000,000 | ---D | M] (AddThis) -- C:\Documents and Settings\HP\Application Data\Mozilla\Firefox\Profiles\47ldxd4p.default\extensions\{3e0e7d2a-070f-4a47-b019-91fe5385ba79} [2011/01/11 17:48:50 | 000,000,000 | ---D | M] (Amplify) -- C:\Documents and Settings\HP\Application Data\Mozilla\Firefox\Profiles\47ldxd4p.default\extensions\{8f5ce3f8-1735-4680-b15e-108f2f50e8ba} [2012/03/01 15:58:04 | 000,000,000 | ---D | M] (HP Detect) -- C:\Documents and Settings\HP\Application Data\Mozilla\Firefox\Profiles\47ldxd4p.default\extensions\{ab91efd4-6975-4081-8552-1b3922ed79e2} [2011/12/26 22:11:10 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Documents and Settings\HP\Application Data\Mozilla\Firefox\Profiles\47ldxd4p.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C} [2012/02/29 19:07:18 | 000,000,000 | ---D | M] (Cooliris) -- C:\Documents and Settings\HP\Application Data\Mozilla\Firefox\Profiles\47ldxd4p.default\extensions\piclens@cooliris.com [2012/02/29 19:29:23 | 000,000,000 | ---D | M] (Yontoo) -- C:\Documents and Settings\HP\Application Data\Mozilla\Firefox\Profiles\47ldxd4p.default\extensions\plugin@yontoo.com [2011/12/20 13:03:52 | 000,000,000 | ---D | M] (Zotero) -- C:\Documents and Settings\HP\Application Data\Mozilla\Firefox\Profiles\47ldxd4p.default\extensions\zotero@chnm.gmu.edu [2011/03/21 02:29:28 | 000,000,873 | ---- | M] () -- C:\Documents and Settings\HP\Application Data\Mozilla\Firefox\Profiles\47ldxd4p.default\searchplugins\conduit.xml [2012/02/29 16:00:05 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions File not found (No name found) -- () (No name found) -- C:\DOCUMENTS AND SETTINGS\HP\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\47LDXD4P.DEFAULT\EXTENSIONS\{C0C9A2C7-2E5C-4447-BC53-97718BC91E1B}.XPI () (No name found) -- C:\DOCUMENTS AND SETTINGS\HP\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\47LDXD4P.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI () (No name found) -- C:\DOCUMENTS AND SETTINGS\HP\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\47LDXD4P.DEFAULT\EXTENSIONS\FEEDLY@DEVHD.XPI [2012/02/16 10:40:42 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll [2011/10/03 07:06:04 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll [2012/02/16 06:42:53 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml [2009/09/21 13:24:16 | 000,001,329 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\crawlersrch.xml [2012/02/16 06:42:53 | 000,002,040 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml O1 HOSTS File: ([2004/08/12 04:19:40 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (Conduit Engine ) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.) O2 - BHO: (BitTorrentBar Toolbar) - {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - C:\Program Files\BitTorrentBar\prxtbBitT.dll (Conduit Ltd.) O2 - BHO: (ZoneAlarm Toolbar Registrar) - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies) O3 - HKLM\..\Toolbar: (Conduit Engine ) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.) O3 - HKLM\..\Toolbar: (BitTorrentBar Toolbar) - {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - C:\Program Files\BitTorrentBar\prxtbBitT.dll (Conduit Ltd.) O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found. O3 - HKLM\..\Toolbar: (ZoneAlarm Toolbar) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies) O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found. O3 - HKU\HP_ON_C\..\Toolbar\WebBrowser: (no name) - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - No CLSID value found. O3 - HKU\HP_ON_C\..\Toolbar\WebBrowser: (BitTorrentBar Toolbar) - {88C7F2AA-F93F-432C-8F0E-B7D85967A527} - C:\Program Files\BitTorrentBar\prxtbBitT.dll (Conduit Ltd.) O4 - HKLM..\Run: [Benubird PDF] C:\Program Files\Benubird PDF\BenubirdAssistant.exe (Debenu Ptd. Ltd.) O4 - HKLM..\Run: [KernelFaultCheck] File not found O4 - HKLM..\Run: [Smapp] C:\Program Files\Analog Devices\SoundMAX\SMTray.exe (Analog Devices, Inc.) O4 - HKLM..\Run: [ZoneAlarm Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe (Check Point Software Technologies LTD) O4 - HKU\HP_ON_C..\Run: [Advanced SystemCare 4] C:\Program Files\IObit\Advanced SystemCare 4\ASCTray.exe (IObit) O4 - HKU\HP_ON_C..\Run: [Internet Security] C:\Documents and Settings\All Users\Application Data\isecurity.exe () O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Restrictions present O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\HP_ON_C\Software\Policies\Microsoft\Internet Explorer\Restrictions present O7 - HKU\HP_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\LocalService_ON_C\Software\Policies\Microsoft\Internet Explorer\Restrictions present O7 - HKU\LocalService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\NetworkService_ON_C\Software\Policies\Microsoft\Internet Explorer\Restrictions present O7 - HKU\NetworkService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\systemprofile_ON_C\Software\Policies\Microsoft\Internet Explorer\Restrictions present O7 - HKU\systemprofile_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O8 - Extra context menu item: Free YouTube Download - C:\Documents and Settings\HP\Application Data\DVDVideoSoftIEHelpers\freeyoutubedownload.htm () O8 - Extra context menu item: Free YouTube to DVD Converter - C:\Documents and Settings\HP\Application Data\DVDVideoSoftIEHelpers\freeyoutubetodvdconverter.htm () O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Documents and Settings\HP\Application Data\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm () O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29) O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29) O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 142.161.130.155 142.161.2.155 O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2010/04/27 20:57:56 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O32 - AutoRun File - [2006/03/24 07:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ] O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2012/03/16 15:32:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP\Application Data\Softplicity [2012/03/16 15:32:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Total Image Converter [2012/03/16 15:32:25 | 000,000,000 | ---D | C] -- C:\Program Files\TotalImageConverter [2012/03/16 14:49:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP\My Documents\Agriculture [2012/03/15 06:11:15 | 000,000,000 | ---D | C] -- C:\Program Files\ConduitEngine [2012/03/15 06:11:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP\Local Settings\Application Data\ConduitEngine [2012/03/15 06:08:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\ZoneAlarm [2012/03/15 06:07:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP\Application Data\MailFrontier [2012/03/15 06:07:49 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ZoneLabs [2012/03/15 06:07:49 | 000,000,000 | ---D | C] -- C:\Program Files\Zone Labs [2012/03/15 06:07:49 | 000,000,000 | ---D | C] -- C:\WINDOWS\Internet Logs [2012/03/15 06:07:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\IObit Malware Fighter [2012/03/15 06:05:20 | 000,000,000 | ---D | C] -- C:\Program Files\Anvil Studio 2011 [2012/03/15 06:05:19 | 000,000,000 | ---D | C] -- C:\Program Files\Mobipocket.com [2012/03/15 06:05:19 | 000,000,000 | ---D | C] -- C:\Program Files\Efficient Networks [2012/03/15 06:05:19 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe [2012/03/11 00:31:09 | 000,000,000 | ---D | C] -- C:\Program Files\Belarc [2012/03/08 19:18:20 | 000,000,000 | ---D | C] -- C:\Program Files\Noteworthy Software [2012/03/08 18:42:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP\My Documents\My eBooks [2012/03/08 18:42:04 | 000,000,000 | ---D | C] -- C:\Program Files\Mobipocket(2).com [2012/03/08 18:32:37 | 000,000,000 | ---D | C] -- C:\Program Files\Anvil Studio 2011(2) [2012/03/06 11:29:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\IObit Malware Fighter(2) [2012/03/05 16:14:13 | 000,000,000 | ---D | C] -- C:\WINDOWS\Internet Logs(2) [2012/03/01 15:59:08 | 000,000,000 | ---D | C] -- C:\Program Files\Hewlett-Packard [2012/02/29 19:29:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Tarma Installer [2012/02/29 19:02:55 | 001,413,200 | ---- | C] (Alactro LLC) -- C:\Documents and Settings\HP\Desktop\BestVideoDownloaderSetup-TurboUpgrade.exe [2012/02/27 16:28:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Kaspersky SDK [2012/02/27 16:24:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP\My Documents\ForceField Shared Files [2012/02/27 16:24:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP\Application Data\CheckPoint [2012/02/27 16:09:06 | 000,000,000 | ---D | C] -- C:\Program Files\CheckPoint [2012/02/27 16:09:03 | 000,072,704 | ---- | C] (Check Point Software Technologies LTD) -- C:\WINDOWS\zllsputility.exe [2012/02/27 16:09:01 | 000,128,016 | ---- | C] (Kaspersky Lab) -- C:\WINDOWS\System32\drivers\kl1.sys [2012/02/27 16:08:55 | 000,317,072 | ---- | C] (Kaspersky Lab) -- C:\WINDOWS\System32\drivers\klif.sys [2012/02/27 16:08:27 | 000,058,368 | ---- | C] (Check Point Software Technologies LTD) -- C:\WINDOWS\System32\vsregexp.dll [2012/02/27 16:08:26 | 000,103,936 | ---- | C] (Check Point Software Technologies LTD) -- C:\WINDOWS\System32\zlcommdb.dll [2012/02/27 16:08:26 | 000,069,120 | ---- | C] (Check Point Software Technologies LTD) -- C:\WINDOWS\System32\zlcomm.dll [2012/02/27 16:08:20 | 000,043,520 | ---- | C] (Check Point Software Technologies LTD) -- C:\WINDOWS\System32\vswmi.dll [2012/02/27 16:08:19 | 001,238,528 | ---- | C] (Check Point Software Technologies LTD) -- C:\WINDOWS\System32\zpeng25.dll [2012/02/27 16:08:19 | 000,300,544 | ---- | C] (Check Point Software Technologies LTD) -- C:\WINDOWS\System32\vspubapi.dll [2012/02/27 16:08:19 | 000,110,080 | ---- | C] (Check Point Software Technologies LTD) -- C:\WINDOWS\System32\vsxml.dll [2012/02/27 16:08:19 | 000,107,520 | ---- | C] (Check Point Software Technologies LTD) -- C:\WINDOWS\System32\vsmonapi.dll [2012/02/27 16:08:17 | 000,528,128 | ---- | C] (Check Point Software Technologies LTD) -- C:\WINDOWS\System32\vsdatant.sys [2012/02/27 16:04:37 | 000,686,592 | ---- | C] (Check Point Software Technologies LTD) -- C:\WINDOWS\System32\vsutil.dll [2012/02/27 16:04:37 | 000,229,376 | ---- | C] (Check Point Software Technologies LTD) -- C:\WINDOWS\System32\vsinit.dll [2012/02/27 16:04:37 | 000,112,128 | ---- | C] (Check Point Software Technologies LTD) -- C:\WINDOWS\System32\vsdata.dll [2012/02/23 19:39:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Super Solitaire [2012/02/22 18:43:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP\My Documents\Winnipegosis [3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2012/03/22 22:44:38 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2012/03/22 22:43:00 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job [2012/03/22 22:09:00 | 000,000,966 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-2000478354-1450960922-1606980848-1003UA.job [2012/03/22 21:25:44 | 000,426,498 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2012/03/22 21:25:44 | 000,065,508 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2012/03/22 21:23:23 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2012/03/22 18:40:27 | 000,000,264 | ---- | M] () -- C:\WINDOWS\tasks\ASC4_PerformanceMonitor.job [2012/03/22 18:40:07 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job [2012/03/22 16:09:00 | 000,000,914 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-2000478354-1450960922-1606980848-1003Core.job [2012/03/22 15:59:27 | 000,860,160 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\isecurity.exe [2012/03/19 16:26:11 | 000,002,766 | ---- | M] () -- C:\WINDOWS\checkip.dat [2012/03/16 20:21:33 | 000,000,094 | ---- | M] () -- C:\Documents and Settings\HP\Desktop\CBC.ca Player.URL [2012/03/16 16:58:25 | 000,000,135 | ---- | M] () -- C:\Documents and Settings\HP\Desktop\New Style 1.5 inch LCD TF Card MP3 Player with E-book Tel-book Multi-language Function (Black) China Wholesale - Everbuying..URL [2012/03/16 15:34:59 | 000,004,279 | ---- | M] () -- C:\Documents and Settings\HP\My Documents\leprechaun-card1th.jpg [2012/03/16 15:32:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\Total Image Converter [2012/03/16 15:23:33 | 000,004,610 | ---- | M] () -- C:\Documents and Settings\HP\My Documents\leprechaun-card1th.gif [2012/03/16 11:56:22 | 000,000,467 | ---- | M] () -- C:\Documents and Settings\HP\Desktop\vandashiva india seeds - Google Search.URL [2012/03/16 00:00:00 | 000,000,308 | ---- | M] () -- C:\WINDOWS\tasks\Regwork.job [2012/03/15 06:20:45 | 000,000,246 | ---- | M] () -- C:\WINDOWS\System32\vsconfig.xml [2012/03/15 06:10:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Silverlight [2012/03/15 06:08:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\ZoneAlarm [2012/03/15 06:07:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\IObit Malware Fighter [2012/03/15 06:07:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\IObit Malware Fighter(2) [2012/03/15 06:06:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\calibre - E-book Management [2012/03/15 06:05:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\Ocean Research Library [2012/03/12 00:04:33 | 000,000,095 | ---- | M] () -- C:\Documents and Settings\HP\Desktop\SSID - Change Default SSID - WiFi Tip.URL [2012/03/11 01:57:54 | 000,000,520 | ---- | M] () -- C:\Documents and Settings\HP\My Documents\spider.sav [2012/03/10 00:01:02 | 000,000,101 | ---- | M] () -- C:\Documents and Settings\HP\Desktop\CBC.ca Ideas The Second Law of Everything.URL [2012/03/05 14:55:01 | 000,004,212 | -H-- | M] () -- C:\WINDOWS\System32\zllictbl.dat [2012/02/29 19:02:56 | 001,413,200 | ---- | M] (Alactro LLC) -- C:\Documents and Settings\HP\Desktop\BestVideoDownloaderSetup-TurboUpgrade.exe [2012/02/29 16:00:13 | 000,000,724 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk [2012/02/28 17:45:28 | 000,000,178 | ---- | M] () -- C:\Documents and Settings\HP\Desktop\54Mbps PCMCIA WiFi 802.11bg Wireless LAN Card - Tmart.com.URL [2012/02/28 04:46:19 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\lmhosts [2012/02/27 16:09:33 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat [2012/02/27 16:09:17 | 000,000,144 | ---- | M] () -- C:\WINDOWS\System32\lkfl.dat [2012/02/27 16:09:04 | 000,000,731 | ---- | M] () -- C:\Documents and Settings\HP\Desktop\ZoneAlarm Security.lnk [2012/02/27 02:13:33 | 000,159,544 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2012/02/26 16:21:58 | 000,000,136 | ---- | M] () -- C:\Documents and Settings\HP\Desktop\Vintage Computing eBay.URL [2012/02/26 15:56:29 | 000,000,051 | ---- | M] () -- C:\Documents and Settings\HP\Desktop\Space – Watch Sci Fi.URL [2012/02/25 18:23:57 | 000,000,106 | ---- | M] () -- C:\Documents and Settings\HP\Desktop\The River.URL [2012/02/25 03:05:35 | 000,002,577 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT [2012/02/23 19:39:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\Super Solitaire [2012/02/23 18:07:42 | 000,335,646 | ---- | M] () -- C:\Documents and Settings\HP\My Documents\mastering_net_prot.pdf [2012/02/23 02:20:27 | 085,767,648 | ---- | M] () -- C:\Documents and Settings\HP\regBackup2-23-12.reg [2012/02/22 16:22:41 | 000,000,000 | R--D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup [3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2012/03/22 15:59:26 | 000,860,160 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\isecurity.exe [2012/03/16 20:21:33 | 000,000,094 | ---- | C] () -- C:\Documents and Settings\HP\Desktop\CBC.ca Player.URL [2012/03/16 16:58:25 | 000,000,135 | ---- | C] () -- C:\Documents and Settings\HP\Desktop\New Style 1.5 inch LCD TF Card MP3 Player with E-book Tel-book Multi-language Function (Black) China Wholesale - Everbuying..URL [2012/03/16 15:34:59 | 000,004,279 | ---- | C] () -- C:\Documents and Settings\HP\My Documents\leprechaun-card1th.jpg [2012/03/16 15:23:32 | 000,004,610 | ---- | C] () -- C:\Documents and Settings\HP\My Documents\leprechaun-card1th.gif [2012/03/16 11:56:22 | 000,000,467 | ---- | C] () -- C:\Documents and Settings\HP\Desktop\vandashiva india seeds - Google Search.URL [2012/03/15 06:20:45 | 000,000,246 | ---- | C] () -- C:\WINDOWS\System32\vsconfig.xml [2012/03/12 00:04:33 | 000,000,095 | ---- | C] () -- C:\Documents and Settings\HP\Desktop\SSID - Change Default SSID - WiFi Tip.URL [2012/03/10 03:38:08 | 000,000,520 | ---- | C] () -- C:\Documents and Settings\HP\My Documents\spider.sav [2012/03/10 00:01:02 | 000,000,101 | ---- | C] () -- C:\Documents and Settings\HP\Desktop\CBC.ca Ideas The Second Law of Everything.URL [2012/02/28 17:45:28 | 000,000,178 | ---- | C] () -- C:\Documents and Settings\HP\Desktop\54Mbps PCMCIA WiFi 802.11bg Wireless LAN Card - Tmart.com.URL [2012/02/27 16:09:33 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat [2012/02/27 16:09:17 | 000,000,144 | ---- | C] () -- C:\WINDOWS\System32\lkfl.dat [2012/02/27 16:09:04 | 000,004,212 | -H-- | C] () -- C:\WINDOWS\System32\zllictbl.dat [2012/02/27 16:09:04 | 000,000,731 | ---- | C] () -- C:\Documents and Settings\HP\Desktop\ZoneAlarm Security.lnk [2012/02/26 22:18:09 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll [2012/02/26 22:18:09 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\dllcache\iacenc.dll [2012/02/26 16:21:58 | 000,000,136 | ---- | C] () -- C:\Documents and Settings\HP\Desktop\Vintage Computing eBay.URL [2012/02/26 15:56:29 | 000,000,051 | ---- | C] () -- C:\Documents and Settings\HP\Desktop\Space – Watch Sci Fi.URL [2012/02/25 18:23:57 | 000,000,106 | ---- | C] () -- C:\Documents and Settings\HP\Desktop\The River.URL [2012/02/23 18:07:41 | 000,335,646 | ---- | C] () -- C:\Documents and Settings\HP\My Documents\mastering_net_prot.pdf [2012/02/23 02:20:13 | 085,767,648 | ---- | C] () -- C:\Documents and Settings\HP\regBackup2-23-12.reg [2012/02/15 18:43:59 | 000,098,344 | ---- | C] () -- C:\WINDOWS\unTMV.exe [2012/02/15 16:37:10 | 000,000,777 | ---- | C] () -- C:\WINDOWS\CPQERR.INI [2012/02/09 04:20:16 | 000,000,610 | ---- | C] () -- C:\WINDOWS\System32\wun32.dll [2011/12/30 17:35:31 | 000,000,286 | ---- | C] () -- C:\WINDOWS\reimage.ini [2011/12/30 17:02:09 | 000,000,291 | ---- | C] () -- C:\WINDOWS\factory.ini [2011/09/11 19:36:27 | 000,025,944 | ---- | C] () -- C:\WINDOWS\System32\SmartDefragBootTime.exe [2011/09/11 19:36:27 | 000,014,776 | ---- | C] () -- C:\WINDOWS\System32\drivers\SmartDefragDriver.sys [2011/08/31 15:34:23 | 000,098,304 | ---- | C] () -- C:\WINDOWS\System32\redmonnt.dll [2011/07/24 14:10:22 | 000,003,055 | ---- | C] () -- C:\WINDOWS\ACT_CFG.INI [2011/07/24 14:10:14 | 000,019,845 | ---- | C] () -- C:\WINDOWS\System32\drivers\Cpqdfw.sys [2011/07/24 14:10:14 | 000,001,001 | ---- | C] () -- C:\WINDOWS\Cpqdiag.ini [2011/07/13 18:57:32 | 000,036,587 | ---- | C] () -- C:\WINDOWS\unvpeye.ini [2011/03/20 17:03:30 | 000,000,814 | ---- | C] () -- C:\Documents and Settings\HP\Start Menu.lnk [2011/01/08 17:57:11 | 000,051,716 | ---- | C] () -- C:\WINDOWS\System32\pdf995mon.dll [2011/01/08 17:57:11 | 000,000,059 | ---- | C] () -- C:\WINDOWS\wpd99.drv [2010/12/31 15:19:32 | 000,000,567 | ---- | C] () -- C:\WINDOWS\lgwalker@res1.mts.net_TangoReport.ini [2010/12/31 15:09:24 | 000,000,090 | ---- | C] () -- C:\WINDOWS\ntsautodial.ini [2010/11/25 15:50:33 | 000,241,664 | ---- | C] () -- C:\Documents and Settings\LocalService\s-1-5-19.rrr [2010/11/25 15:50:31 | 003,907,584 | ---- | C] () -- C:\Documents and Settings\HP\s-1-5-21-2000478354-1450960922-1606980848-1003.rrr [2010/11/25 15:50:31 | 000,237,568 | ---- | C] () -- C:\Documents and Settings\NetworkService\s-1-5-20.rrr [2010/11/14 00:47:07 | 000,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI [2010/08/27 13:29:13 | 000,000,044 | ---- | C] () -- C:\WINDOWS\SMWizard.INI [2010/07/25 19:03:35 | 000,142,592 | ---- | C] () -- C:\WINDOWS\System32\drivers\sp_rsdrv2.sys [2010/07/05 19:45:32 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat [2010/07/05 19:02:10 | 000,003,216 | ---- | C] () -- C:\Documents and Settings\NetworkService\iGoogle-settings.xml [2010/05/08 05:13:45 | 000,002,766 | ---- | C] () -- C:\WINDOWS\checkip.dat [2010/05/07 17:58:47 | 000,026,624 | ---- | C] () -- C:\Documents and Settings\HP\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010/05/05 21:22:45 | 000,000,002 | ---- | C] () -- C:\WINDOWS\PhotoSuite.ini [2010/05/05 21:22:41 | 000,458,752 | ---- | C] () -- C:\WINDOWS\System32\Fpl.dll [2010/05/05 21:22:41 | 000,019,968 | ---- | C] () -- C:\WINDOWS\System32\CPUINF32.DLL [2010/05/05 21:22:40 | 000,332,800 | ---- | C] () -- C:\WINDOWS\System32\FPXLIB.DLL [2010/05/05 21:22:40 | 000,122,880 | ---- | C] () -- C:\WINDOWS\System32\JPEGLIB.DLL [2010/05/05 20:34:51 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\vidx16.dll [2010/04/27 21:14:12 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4764.dll [2010/04/27 21:12:47 | 000,000,044 | ---- | C] () -- C:\WINDOWS\System32\msssc.dll [2010/04/27 21:00:09 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat [2010/04/27 20:55:06 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat [2010/04/27 15:31:44 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI [2010/04/27 15:30:40 | 000,159,544 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2010/01/31 13:06:18 | 000,008,046 | ---- | C] () -- C:\Program Files\Common Files\setupBanner.jpg [2009/04/14 18:07:42 | 000,037,607 | ---- | C] () -- C:\Program Files\Common Files\license.rtf [2008/04/14 07:55:28 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin [2006/12/31 09:57:08 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat [2004/08/12 04:36:06 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin [2004/08/12 04:36:06 | 000,004,627 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat [2004/08/12 04:26:08 | 000,426,498 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat [2004/08/12 04:26:08 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat [2004/08/12 04:26:06 | 000,065,508 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat [2004/08/12 04:26:06 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat [2004/08/12 04:24:58 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat [2004/08/12 04:22:08 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat [2004/08/12 04:22:02 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin [2004/08/12 04:18:56 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat [2002/04/03 01:50:52 | 000,057,344 | ---- | C] () -- C:\WINDOWS\rmvpeye.exe [2002/03/11 12:33:28 | 000,002,470 | ---- | C] () -- C:\WINDOWS\SPIXNEW.INI [2001/06/24 05:32:44 | 000,172,032 | ---- | C] () -- C:\WINDOWS\japi2.dll [2000/07/28 06:48:12 | 000,102,400 | ---- | C] () -- C:\WINDOWS\japi.dll [1999/08/12 01:00:00 | 001,708,032 | ---- | C] () -- C:\WINDOWS\System32\MSO97V.DLL [1999/08/12 01:00:00 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\DOCOBJ.DLL [1999/08/12 01:00:00 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\MSORFS.DLL [1999/08/12 01:00:00 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\HLINKPRX.DLL [color=#E56717]========== LOP Check ==========[/color] [2011/03/21 05:33:54 | 000,000,000 | ---D | M] -- C:\WINDOWS\system32\config\systemprofile\Application Data\Softland [2011/01/11 17:42:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Application Data\ShopperReports3 [2011/03/20 17:04:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Application Data\Softland [2012/02/25 03:09:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVAST Software [2010/10/23 22:07:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG10 [2010/10/20 14:57:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\avg9 [2010/10/20 20:05:06 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Common Files [2010/07/25 16:03:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Driver Whiz [2010/05/05 16:58:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\explauncher [2010/05/13 01:52:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\FileCure [2011/09/11 19:36:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\IObit [2012/02/27 16:28:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Kaspersky SDK [2010/10/20 14:53:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MFAData [2010/12/09 17:56:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NCH Swift Sound [2012/02/12 07:49:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Paragon [2011/03/25 12:14:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ParetoLogic [2011/07/09 21:54:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Drivers HeadQuarters [2011/01/08 18:07:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\pdf995 [2010/07/28 04:20:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Photodex [2011/03/05 14:25:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\RegWork [2012/02/27 14:38:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Spyware Terminator [2012/02/29 19:29:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Tarma Installer [2010/11/30 02:14:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP [2011/07/24 21:16:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Tumbywood Software [2011/09/15 15:20:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{3C0AACBF-B491-4BE5-BAF9-AA46E0629E42} [2012/03/22 18:40:27 | 000,000,264 | ---- | M] () -- C:\WINDOWS\Tasks\ASC4_PerformanceMonitor.job [2012/03/16 00:00:00 | 000,000,308 | ---- | M] () -- C:\WINDOWS\Tasks\Regwork.job [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Alternate Data Streams ==========[/color] @Alternate Data Stream - 120 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:0D786AE3 < End of report >