OTL logfile created on: 4/1/2012 10:27:30 PM - Run 
OTLPE by OldTimer - Version 3.1.48.0     Folder = X:\Programs\OTLPE
Microsoft Windows XP Service Pack 3 (Version = 5.1.2600) - Type = SYSTEM
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
1,015.00 Mb Total Physical Memory | 758.00 Mb Available Physical Memory | 75.00% Memory free
903.00 Mb Paging File | 799.00 Mb Available in Paging File | 88.00% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74.52 Gb Total Space | 44.05 Gb Free Space | 59.12% Space Free | Partition Type: NTFS
Drive X: | 284.12 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
 
Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet004
 
[color=#E56717]========== Win32 Services (SafeList) ==========[/color]
 
SRV - File not found [Disabled] --  -- (HidServ)
SRV - [2011/10/08 19:34:24 | 000,820,568 | ---- | M] (IObit) [Auto] -- C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe -- (IMFservice)
SRV - [2011/08/09 17:38:38 | 000,328,536 | ---- | M] (IObit) [Auto] -- C:\Program Files\IObit\Advanced SystemCare 4\ASCService.exe -- (AdvancedSystemCareService)
SRV - [2010/08/29 04:54:52 | 002,434,568 | ---- | M] (Check Point Software Technologies LTD) [Auto] -- C:\WINDOWS\System32\ZoneLabs\vsmon.exe -- (vsmon)
SRV - [2010/08/27 05:34:02 | 000,493,032 | ---- | M] (Check Point Software Technologies) [Auto] -- C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe -- (IswSvc)
SRV - [2010/07/25 19:03:36 | 000,488,960 | ---- | M] (Crawler.com) [Auto] -- C:\Program Files\Spyware Terminator\sp_rsser.exe -- (sp_rssrv)
SRV - [2000/07/11 12:48:36 | 000,049,152 | ---- | M] () [Auto] -- C:\Program Files\MTS\EnterNet 300\app\PPPoEService.exe -- (PPPoEService)
 
 
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
 
DRV - File not found [Kernel | On_Demand] --  -- (WDICA)
DRV - File not found [Kernel | On_Demand] --  -- (RAWESR)
DRV - File not found [Kernel | On_Demand] --  -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand] --  -- (PDRELI)
DRV - File not found [Kernel | On_Demand] --  -- (PDFRAME)
DRV - File not found [Kernel | On_Demand] --  -- (PDCOMP)
DRV - File not found [Kernel | System] --  -- (PCIDump)
DRV - File not found [Kernel | System] --  -- (lbrtfdc)
DRV - File not found [Kernel | On_Demand] --  -- (L2XPSR)
DRV - File not found [Kernel | System] --  -- (i2omgmt)
DRV - File not found [Kernel | On_Demand] --  -- (cpuz134)
DRV - File not found [Kernel | On_Demand] --  -- (cpuz132)
DRV - File not found [Kernel | System] --  -- (Changer)
DRV - [2011/10/08 19:04:42 | 000,239,472 | ---- | M] () [File_System | Disabled] -- C:\Program Files\IObit\IObit Malware Fighter\Drivers\wxp_x86\FileMonitor.sys -- (FileMonitor)
DRV - [2011/09/20 16:29:32 | 000,016,208 | ---- | M] (IObit.com) [Kernel | On_Demand] -- C:\Program Files\IObit\IObit Malware Fighter\Drivers\wxp_x86\UrlFilter.sys -- (UrlFilter)
DRV - [2011/09/20 16:29:30 | 000,030,368 | ---- | M] (IObit.com) [Kernel | On_Demand] -- C:\Program Files\IObit\IObit Malware Fighter\Drivers\wxp_x86\RegFilter.sys -- (RegFilter)
DRV - [2010/11/26 19:02:52 | 000,014,776 | ---- | M] () [Kernel | Boot] -- C:\WINDOWS\system32\drivers\SmartDefragDriver.sys -- (SmartDefragDriver)
DRV - [2010/09/13 17:27:24 | 000,025,680 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\AVGIDSEH.sys -- (AVGIDSEH)
DRV - [2010/08/27 05:33:54 | 000,035,568 | ---- | M] (Check Point Software Technologies) [Kernel | On_Demand] -- C:\Program Files\CheckPoint\ZAForceField\AK\icsak.sys -- (icsak)
DRV - [2010/08/27 05:33:54 | 000,026,352 | ---- | M] (Check Point Software Technologies) [Kernel | Auto] -- C:\Program Files\CheckPoint\ZAForceField\ISWKL.sys -- (ISWKL)
DRV - [2010/07/25 19:03:35 | 000,142,592 | ---- | M] () [Kernel | System] -- C:\WINDOWS\system32\drivers\sp_rsdrv2.sys -- (sp_rsdrv2)
DRV - [2010/06/09 21:16:12 | 000,528,128 | ---- | M] (Check Point Software Technologies LTD) [Kernel | System] -- C:\WINDOWS\system32\vsdatant.sys -- (vsdatant)
DRV - [2010/02/11 08:02:15 | 000,226,880 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\tcpip6.sys -- (Tcpip6)
DRV - [2009/10/12 20:15:30 | 000,317,072 | ---- | M] (Kaspersky Lab) [File_System | System] -- C:\WINDOWS\system32\drivers\klif.sys -- (KLIF)
DRV - [2009/10/12 20:15:26 | 000,128,016 | ---- | M] (Kaspersky Lab) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\kl1.sys -- (kl1)
DRV - [2009/01/13 20:13:52 | 000,049,160 | ---- | M] (Logitech Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\WmXlCore.sys -- (WmXlCore)
DRV - [2009/01/13 20:13:44 | 000,014,728 | ---- | M] (Logitech Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\WmVirHid.sys -- (WmVirHid)
DRV - [2009/01/13 20:13:28 | 000,029,192 | ---- | M] (Logitech Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\WmFilter.sys -- (WmFilter)
DRV - [2009/01/13 20:13:20 | 000,019,336 | ---- | M] (Logitech Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\WmBEnum.sys -- (WmBEnum)
DRV - [2008/07/25 02:18:32 | 000,176,640 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\b57xp32.sys -- (b57w2k)
DRV - [2008/06/06 10:15:40 | 000,098,816 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\baspxp32.sys -- (Blfp)
DRV - [2008/04/14 02:26:08 | 000,088,320 | ---- | M] (Microsoft Corporation) [Kernel | Auto] -- C:\WINDOWS\system32\drivers\nwlnkipx.sys -- (NwlnkIpx)
DRV - [2008/04/14 02:23:10 | 000,040,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\nmnt.sys -- (nm)
DRV - [2005/10/16 09:00:00 | 000,012,928 | ---- | M] (Bo Brantén) [Kernel | System] -- C:\WINDOWS\System32\drivers\filedisk.sys -- (FileDisk)
DRV - [2004/08/12 04:25:24 | 000,063,232 | ---- | M] (Microsoft Corporation) [Kernel | Auto] -- C:\WINDOWS\system32\drivers\nwlnknb.sys -- (NwlnkNb)
DRV - [2004/08/12 04:25:24 | 000,055,936 | ---- | M] (Microsoft Corporation) [Kernel | Auto] -- C:\WINDOWS\system32\drivers\nwlnkspx.sys -- (NwlnkSpx)
DRV - [2004/05/10 18:28:20 | 000,019,845 | ---- | M] () [Kernel | Auto] -- C:\WINDOWS\system32\drivers\Cpqdfw.sys -- (cpqdfw)
DRV - [2002/03/07 19:21:28 | 000,095,528 | ---- | M] (Sunplus Technology Co. LTD.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\SPIXNEW.SYS -- (SUNPLUS)
DRV - [2002/03/06 13:44:32 | 000,161,640 | ---- | M] (Efficient Networks, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ntspppoe.sys -- (NTSPPPOE)
DRV - [2002/03/06 13:42:56 | 000,016,096 | ---- | M] (Network TeleSystems, Inc.) [Kernel | On_Demand] -- C:\Program Files\MTS\EnterNet 300\app\ntstpl1.sys -- (NTSTPL1)
DRV - [2002/03/06 13:42:50 | 000,044,544 | ---- | M] (Network TeleSystems, Inc.) [Kernel | On_Demand] -- C:\Program Files\MTS\EnterNet 300\app\tapbind1.sys -- (TAPBIND)
 
 
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== Internet Explorer ==========[/color]
 
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\HP_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\HP_ON_C\..\URLSearchHook: {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - C:\Program Files\BitTorrentBar\prxtbBitT.dll (Conduit Ltd.)
IE - HKU\HP_ON_C\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - Reg Error: Key error. File not found
IE - HKU\HP_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
IE - HKU\systemprofile_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@ei.RadioPI_4e.com/Plugin: C:\Program Files\RadioPI_4eEI\Installr\3.bin\NP4eEISb.dll (RadioPI)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=1.1.10: C:\Program Files\VideoLAN\VLC\npvlc.dll (the VideoLAN Team)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}: C:\Program Files\CheckPoint\ZAForceField\TrustChecker [2012/03/15 06:07:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/02/29 16:00:08 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/02/22 16:22:41 | 000,000,000 | ---D | M]
 
[2012/02/29 16:00:05 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012/02/16 10:40:42 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011/10/03 07:06:04 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2012/02/16 06:42:53 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2009/09/21 13:24:16 | 000,001,329 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\crawlersrch.xml
[2012/02/16 06:42:53 | 000,002,040 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml
 
O1 HOSTS File: ([2012/04/01 16:16:17 | 000,000,098 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1       localhost
O2 - BHO: (Conduit Engine ) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
O2 - BHO: (BitTorrentBar Toolbar) - {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - C:\Program Files\BitTorrentBar\prxtbBitT.dll (Conduit Ltd.)
O2 - BHO: (ZoneAlarm Toolbar Registrar) - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O3 - HKLM\..\Toolbar: (Conduit Engine ) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (BitTorrentBar Toolbar) - {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - C:\Program Files\BitTorrentBar\prxtbBitT.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKLM\..\Toolbar: (ZoneAlarm Toolbar) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\HP_ON_C\..\Toolbar\WebBrowser: (no name) - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - No CLSID value found.
O3 - HKU\HP_ON_C\..\Toolbar\WebBrowser: (BitTorrentBar Toolbar) - {88C7F2AA-F93F-432C-8F0E-B7D85967A527} - C:\Program Files\BitTorrentBar\prxtbBitT.dll (Conduit Ltd.)
O4 - HKLM..\Run: [Benubird PDF] C:\Program Files\Benubird PDF\BenubirdAssistant.exe (Debenu Ptd. Ltd.)
O4 - HKLM..\Run: [KernelFaultCheck]  File not found
O4 - HKLM..\Run: [Smapp] C:\Program Files\Analog Devices\SoundMAX\SMTray.exe (Analog Devices, Inc.)
O4 - HKLM..\Run: [ZoneAlarm Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe (Check Point Software Technologies LTD)
O4 - HKU\HP_ON_C..\Run: [Advanced SystemCare 4] C:\Program Files\IObit\Advanced SystemCare 4\ASCTray.exe (IObit)
O4 - HKU\HP_ON_C..\Run: [Internet Security]  File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\HP_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\LocalService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\NetworkService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\systemprofile_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 142.161.130.155 142.161.2.155
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: B:\Documents and Settings\Default User\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: B:\Documents and Settings\Default User\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010/04/27 20:57:56 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2006/03/24 07:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
 
[2012/04/01 16:17:33 | 002,237,440 | R--- | C] (OldTimer Tools) -- C:\OTLPE.exe
[2012/04/01 16:16:11 | 000,000,000 | ---D | C] -- C:\_OTL
[2012/03/16 15:32:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP\Application Data\Softplicity
[2012/03/16 15:32:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Total Image Converter
[2012/03/16 15:32:25 | 000,000,000 | ---D | C] -- C:\Program Files\TotalImageConverter
[2012/03/16 14:49:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP\My Documents\Agriculture
[2012/03/15 06:11:15 | 000,000,000 | ---D | C] -- C:\Program Files\ConduitEngine
[2012/03/15 06:11:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP\Local Settings\Application Data\ConduitEngine
[2012/03/15 06:08:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\ZoneAlarm
[2012/03/15 06:07:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP\Application Data\MailFrontier
[2012/03/15 06:07:49 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ZoneLabs
[2012/03/15 06:07:49 | 000,000,000 | ---D | C] -- C:\Program Files\Zone Labs
[2012/03/15 06:07:49 | 000,000,000 | ---D | C] -- C:\WINDOWS\Internet Logs
[2012/03/15 06:07:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\IObit Malware Fighter
[2012/03/15 06:05:20 | 000,000,000 | ---D | C] -- C:\Program Files\Anvil Studio 2011
[2012/03/15 06:05:19 | 000,000,000 | ---D | C] -- C:\Program Files\Mobipocket.com
[2012/03/15 06:05:19 | 000,000,000 | ---D | C] -- C:\Program Files\Efficient Networks
[2012/03/15 06:05:19 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe
[2012/03/11 00:31:09 | 000,000,000 | ---D | C] -- C:\Program Files\Belarc
[2012/03/08 19:18:20 | 000,000,000 | ---D | C] -- C:\Program Files\Noteworthy Software
[2012/03/08 18:42:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP\My Documents\My eBooks
[2012/03/08 18:42:04 | 000,000,000 | ---D | C] -- C:\Program Files\Mobipocket(2).com
[2012/03/08 18:32:37 | 000,000,000 | ---D | C] -- C:\Program Files\Anvil Studio 2011(2)
[2012/03/06 11:29:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\IObit Malware Fighter(2)
[2012/03/05 16:14:13 | 000,000,000 | ---D | C] -- C:\WINDOWS\Internet Logs(2)
 
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
 
[2012/03/23 21:19:42 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012/03/23 21:14:49 | 000,426,498 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012/03/23 21:14:49 | 000,065,508 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012/03/23 21:12:25 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012/03/23 21:10:28 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2012/03/22 22:09:00 | 000,000,966 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-2000478354-1450960922-1606980848-1003UA.job
[2012/03/22 18:40:27 | 000,000,264 | ---- | M] () -- C:\WINDOWS\tasks\ASC4_PerformanceMonitor.job
[2012/03/22 18:40:07 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2012/03/22 16:09:00 | 000,000,914 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-2000478354-1450960922-1606980848-1003Core.job
[2012/03/19 16:26:11 | 000,002,766 | ---- | M] () -- C:\WINDOWS\checkip.dat
[2012/03/16 20:21:33 | 000,000,094 | ---- | M] () -- C:\Documents and Settings\HP\Desktop\CBC.ca Player.URL
[2012/03/16 16:58:25 | 000,000,135 | ---- | M] () -- C:\Documents and Settings\HP\Desktop\New Style 1.5 inch LCD TF Card MP3 Player with E-book Tel-book Multi-language Function (Black) China Wholesale - Everbuying..URL
[2012/03/16 15:34:59 | 000,004,279 | ---- | M] () -- C:\Documents and Settings\HP\My Documents\leprechaun-card1th.jpg
[2012/03/16 15:32:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\Total Image Converter
[2012/03/16 15:23:33 | 000,004,610 | ---- | M] () -- C:\Documents and Settings\HP\My Documents\leprechaun-card1th.gif
[2012/03/16 11:56:22 | 000,000,467 | ---- | M] () -- C:\Documents and Settings\HP\Desktop\vandashiva india seeds - Google Search.URL
[2012/03/16 00:00:00 | 000,000,308 | ---- | M] () -- C:\WINDOWS\tasks\Regwork.job
[2012/03/15 06:20:45 | 000,000,246 | ---- | M] () -- C:\WINDOWS\System32\vsconfig.xml
[2012/03/15 06:10:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Silverlight
[2012/03/15 06:08:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\ZoneAlarm
[2012/03/15 06:07:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\IObit Malware Fighter
[2012/03/15 06:07:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\IObit Malware Fighter(2)
[2012/03/15 06:06:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\calibre - E-book Management
[2012/03/15 06:05:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\Ocean Research Library
[2012/03/12 00:04:33 | 000,000,095 | ---- | M] () -- C:\Documents and Settings\HP\Desktop\SSID - Change Default SSID - WiFi Tip.URL
[2012/03/11 01:57:54 | 000,000,520 | ---- | M] () -- C:\Documents and Settings\HP\My Documents\spider.sav
[2012/03/10 00:01:02 | 000,000,101 | ---- | M] () -- C:\Documents and Settings\HP\Desktop\CBC.ca Ideas The Second Law of Everything.URL
[2012/03/05 14:55:01 | 000,004,212 | -H-- | M] () -- C:\WINDOWS\System32\zllictbl.dat
 
[color=#E56717]========== Files Created - No Company Name ==========[/color]
 
[2012/03/16 20:21:33 | 000,000,094 | ---- | C] () -- C:\Documents and Settings\HP\Desktop\CBC.ca Player.URL
[2012/03/16 16:58:25 | 000,000,135 | ---- | C] () -- C:\Documents and Settings\HP\Desktop\New Style 1.5 inch LCD TF Card MP3 Player with E-book Tel-book Multi-language Function (Black) China Wholesale - Everbuying..URL
[2012/03/16 15:34:59 | 000,004,279 | ---- | C] () -- C:\Documents and Settings\HP\My Documents\leprechaun-card1th.jpg
[2012/03/16 15:23:32 | 000,004,610 | ---- | C] () -- C:\Documents and Settings\HP\My Documents\leprechaun-card1th.gif
[2012/03/16 11:56:22 | 000,000,467 | ---- | C] () -- C:\Documents and Settings\HP\Desktop\vandashiva india seeds - Google Search.URL
[2012/03/15 06:20:45 | 000,000,246 | ---- | C] () -- C:\WINDOWS\System32\vsconfig.xml
[2012/03/12 00:04:33 | 000,000,095 | ---- | C] () -- C:\Documents and Settings\HP\Desktop\SSID - Change Default SSID - WiFi Tip.URL
[2012/03/10 03:38:08 | 000,000,520 | ---- | C] () -- C:\Documents and Settings\HP\My Documents\spider.sav
[2012/03/10 00:01:02 | 000,000,101 | ---- | C] () -- C:\Documents and Settings\HP\Desktop\CBC.ca Ideas The Second Law of Everything.URL
[2012/02/27 16:09:33 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2012/02/27 16:09:17 | 000,000,144 | ---- | C] () -- C:\WINDOWS\System32\lkfl.dat
[2012/02/27 16:09:04 | 000,004,212 | -H-- | C] () -- C:\WINDOWS\System32\zllictbl.dat
[2012/02/26 22:18:09 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2012/02/23 02:20:13 | 085,767,648 | ---- | C] () -- C:\Documents and Settings\HP\regBackup2-23-12.reg
[2012/02/15 18:43:59 | 000,098,344 | ---- | C] () -- C:\WINDOWS\unTMV.exe
[2012/02/15 16:37:10 | 000,000,777 | ---- | C] () -- C:\WINDOWS\CPQERR.INI
[2012/02/09 04:20:16 | 000,000,610 | ---- | C] () -- C:\WINDOWS\System32\wun32.dll
[2011/12/30 17:35:31 | 000,000,286 | ---- | C] () -- C:\WINDOWS\reimage.ini
[2011/12/30 17:02:09 | 000,000,291 | ---- | C] () -- C:\WINDOWS\factory.ini
[2011/09/11 19:36:27 | 000,025,944 | ---- | C] () -- C:\WINDOWS\System32\SmartDefragBootTime.exe
[2011/09/11 19:36:27 | 000,014,776 | ---- | C] () -- C:\WINDOWS\System32\drivers\SmartDefragDriver.sys
[2011/08/31 15:34:23 | 000,098,304 | ---- | C] () -- C:\WINDOWS\System32\redmonnt.dll
[2011/07/24 14:10:22 | 000,003,055 | ---- | C] () -- C:\WINDOWS\ACT_CFG.INI
[2011/07/24 14:10:14 | 000,019,845 | ---- | C] () -- C:\WINDOWS\System32\drivers\Cpqdfw.sys
[2011/07/24 14:10:14 | 000,001,001 | ---- | C] () -- C:\WINDOWS\Cpqdiag.ini
[2011/07/13 18:57:32 | 000,036,587 | ---- | C] () -- C:\WINDOWS\unvpeye.ini
[2011/03/20 17:03:30 | 000,000,814 | ---- | C] () -- C:\Documents and Settings\HP\Start Menu.lnk
[2011/01/08 17:57:11 | 000,051,716 | ---- | C] () -- C:\WINDOWS\System32\pdf995mon.dll
[2011/01/08 17:57:11 | 000,000,059 | ---- | C] () -- C:\WINDOWS\wpd99.drv
[2010/12/31 15:19:32 | 000,000,567 | ---- | C] () -- C:\WINDOWS\lgwalker@res1.mts.net_TangoReport.ini
[2010/12/31 15:09:24 | 000,000,090 | ---- | C] () -- C:\WINDOWS\ntsautodial.ini
[2010/11/25 15:50:33 | 000,241,664 | ---- | C] () -- C:\Documents and Settings\LocalService\s-1-5-19.rrr
[2010/11/25 15:50:31 | 003,907,584 | ---- | C] () -- C:\Documents and Settings\HP\s-1-5-21-2000478354-1450960922-1606980848-1003.rrr
[2010/11/25 15:50:31 | 000,237,568 | ---- | C] () -- C:\Documents and Settings\NetworkService\s-1-5-20.rrr
[2010/11/14 00:47:07 | 000,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI
[2010/08/27 13:29:13 | 000,000,044 | ---- | C] () -- C:\WINDOWS\SMWizard.INI
[2010/07/25 19:03:35 | 000,142,592 | ---- | C] () -- C:\WINDOWS\System32\drivers\sp_rsdrv2.sys
[2010/07/05 19:45:32 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2010/07/05 19:02:10 | 000,003,216 | ---- | C] () -- C:\Documents and Settings\NetworkService\iGoogle-settings.xml
[2010/05/08 05:13:45 | 000,002,766 | ---- | C] () -- C:\WINDOWS\checkip.dat
[2010/05/07 17:58:47 | 000,026,624 | ---- | C] () -- C:\Documents and Settings\HP\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/05/05 21:22:45 | 000,000,002 | ---- | C] () -- C:\WINDOWS\PhotoSuite.ini
[2010/05/05 21:22:41 | 000,458,752 | ---- | C] () -- C:\WINDOWS\System32\Fpl.dll
[2010/05/05 21:22:41 | 000,019,968 | ---- | C] () -- C:\WINDOWS\System32\CPUINF32.DLL
[2010/05/05 21:22:40 | 000,332,800 | ---- | C] () -- C:\WINDOWS\System32\FPXLIB.DLL
[2010/05/05 21:22:40 | 000,122,880 | ---- | C] () -- C:\WINDOWS\System32\JPEGLIB.DLL
[2010/05/05 20:34:51 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\vidx16.dll
[2010/04/27 21:14:12 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4764.dll
[2010/04/27 21:12:47 | 000,000,044 | ---- | C] () -- C:\WINDOWS\System32\msssc.dll
[2010/04/27 21:00:09 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2010/04/27 20:55:06 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2010/04/27 15:31:44 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2010/04/27 15:30:40 | 000,159,544 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/01/31 13:06:18 | 000,008,046 | ---- | C] () -- C:\Program Files\Common Files\setupBanner.jpg
[2009/04/14 18:07:42 | 000,037,607 | ---- | C] () -- C:\Program Files\Common Files\license.rtf
[2008/04/14 07:55:28 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin
[2006/12/31 09:57:08 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004/08/12 04:36:06 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2004/08/12 04:36:06 | 000,004,627 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2004/08/12 04:26:08 | 000,426,498 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2004/08/12 04:26:08 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2004/08/12 04:26:06 | 000,065,508 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2004/08/12 04:26:06 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2004/08/12 04:24:58 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2004/08/12 04:22:08 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2004/08/12 04:22:02 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2004/08/12 04:18:56 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2002/04/03 01:50:52 | 000,057,344 | ---- | C] () -- C:\WINDOWS\rmvpeye.exe
[2002/03/11 12:33:28 | 000,002,470 | ---- | C] () -- C:\WINDOWS\SPIXNEW.INI
[2001/06/24 05:32:44 | 000,172,032 | ---- | C] () -- C:\WINDOWS\japi2.dll
[2000/07/28 06:48:12 | 000,102,400 | ---- | C] () -- C:\WINDOWS\japi.dll
[1999/08/12 01:00:00 | 001,708,032 | ---- | C] () -- C:\WINDOWS\System32\MSO97V.DLL
[1999/08/12 01:00:00 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\DOCOBJ.DLL
[1999/08/12 01:00:00 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\MSORFS.DLL
[1999/08/12 01:00:00 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\HLINKPRX.DLL
 
[color=#E56717]========== LOP Check ==========[/color]
 
[2011/03/21 05:33:54 | 000,000,000 | ---D | M] -- C:\WINDOWS\system32\config\systemprofile\Application Data\Softland
[2011/01/11 17:42:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Application Data\ShopperReports3
[2011/03/20 17:04:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Application Data\Softland
[2012/02/25 03:09:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVAST Software
[2010/10/23 22:07:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG10
[2010/10/20 14:57:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\avg9
[2010/10/20 20:05:06 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Common Files
[2010/07/25 16:03:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Driver Whiz
[2010/05/05 16:58:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\explauncher
[2010/05/13 01:52:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\FileCure
[2011/09/11 19:36:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\IObit
[2012/02/27 16:28:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Kaspersky SDK
[2010/10/20 14:53:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MFAData
[2010/12/09 17:56:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NCH Swift Sound
[2012/02/12 07:49:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Paragon
[2011/03/25 12:14:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ParetoLogic
[2011/07/09 21:54:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Drivers HeadQuarters
[2011/01/08 18:07:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\pdf995
[2010/07/28 04:20:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Photodex
[2011/03/05 14:25:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\RegWork
[2012/02/27 14:38:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Spyware Terminator
[2012/02/29 19:29:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Tarma Installer
[2010/11/30 02:14:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2011/07/24 21:16:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Tumbywood Software
[2011/09/15 15:20:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{3C0AACBF-B491-4BE5-BAF9-AA46E0629E42}
[2012/03/22 18:40:27 | 000,000,264 | ---- | M] () -- C:\WINDOWS\Tasks\ASC4_PerformanceMonitor.job
[2012/03/16 00:00:00 | 000,000,308 | ---- | M] () -- C:\WINDOWS\Tasks\Regwork.job
 
[color=#E56717]========== Purity Check ==========[/color]
 
 
 
[color=#E56717]========== Alternate Data Streams ==========[/color]
 
@Alternate Data Stream - 120 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:0D786AE3
< End of report >