Hi Salagubang,
Just run test, as you advised. Please see results in report below. Hope you can let me know what to do next.
OTL logfile created on: 11/14/2010 2:43:05 PM - Run
OTLPE by OldTimer - Version 3.1.43.0 Folder = X:\Programs\OTLPE
Microsoft Windows XP Service Pack 3 (Version = 5.1.2600) - Type = SYSTEM
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy
2.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 87.00% Memory free
2.00 Gb Paging File | 2.00 Gb Available in Paging File | 96.00% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 465.75 Gb Total Space | 321.16 Gb Free Space | 68.95% Space Free | Partition Type: NTFS
Drive D: | 298.09 Gb Total Space | 265.12 Gb Free Space | 88.94% Space Free | Partition Type: NTFS
Drive E: | 247.22 Mb Total Space | 5.53 Mb Free Space | 2.24% Space Free | Partition Type: FAT
Drive X: | 282.52 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet001
========== Win32 Services (SafeList) ========== SRV - [2010/10/06 05:31:48 | 000,517,448 | ---- | M] () [On_Demand] -- C:\Program Files\AVG\AVG9\Toolbar\ToolbarBroker.exe -- (AVG Security Toolbar Service)
SRV - [2010/09/22 07:19:06 | 002,331,544 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto] -- C:\Program Files\AVG\AVG9\avgfws9.exe -- (avgfws9)
SRV - [2010/08/13 06:58:56 | 000,144,672 | ---- | M] (Apple Inc.) [Auto] -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2010/08/10 12:57:42 | 000,308,136 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto] -- C:\Program Files\AVG\AVG9\avgwdsvc.exe -- (avg9wd)
SRV - [2010/08/10 12:57:30 | 005,897,808 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto] -- C:\Program Files\AVG\AVG9\Identity Protection\Agent\Bin\AVGIDSAgent.exe -- (AVGIDSAgent)
SRV - [2009/07/20 07:28:10 | 000,121,360 | ---- | M] (Logitech, Inc.) [On_Demand] -- C:\Program Files\Common Files\Logitech\Bluetooth\LBTServ.exe -- (LBTServ)
SRV - [2006/07/13 12:27:16 | 000,528,384 | ---- | M] ( ) [Auto] -- C:\WINDOWS\System32\lxctcoms.exe -- (lxct_device)
SRV - [2005/10/18 10:00:10 | 000,241,152 | ---- | M] (ASUSTeK COMPUTER INC.) [Auto] -- C:\WINDOWS\ATKKBService.exe -- (ATKKeyboardService)
========== Driver Services (SafeList) ========== DRV - File not found [Kernel | On_Demand] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand] -- -- (Video3D)
DRV - File not found [Kernel | On_Demand] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand] -- -- (PDCOMP)
DRV - File not found [Kernel | System] -- -- (PCIDump)
DRV - File not found [Kernel | System] -- -- (lbrtfdc)
DRV - File not found [Kernel | System] -- -- (i2omgmt)
DRV - File not found [Kernel | System] -- -- (Changer)
DRV - File not found [Kernel | System] -- -- (asusgsb)
DRV - [2010/08/10 12:59:25 | 000,243,024 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System] -- C:\WINDOWS\system32\drivers\avgtdix.sys -- (AvgTdiX)
DRV - [2010/08/10 12:59:25 | 000,052,872 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot] -- C:\WINDOWS\system32\drivers\avgrkx86.sys -- (AvgRkx86)
DRV - [2010/08/10 12:59:25 | 000,025,168 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\AVGIDSxx.sys -- (AVGIDSErHrxpx)
DRV - [2010/08/10 12:59:17 | 000,216,400 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System] -- C:\WINDOWS\system32\drivers\avgldx86.sys -- (AvgLdx86)
DRV - [2010/08/10 12:59:16 | 000,029,584 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System] -- C:\WINDOWS\system32\drivers\avgmfx86.sys -- (AvgMfx86)
DRV - [2010/08/10 12:57:33 | 000,122,448 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand] -- C:\Program Files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_XP\AVGIDSDriver.sys -- (AVGIDSDriverxpx)
DRV - [2010/08/10 12:57:32 | 000,030,288 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand] -- C:\Program Files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_XP\AVGIDSFilter.sys -- (AVGIDSFilterxpx)
DRV - [2010/08/10 12:57:32 | 000,026,192 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand] -- C:\Program Files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_XP\AVGIDSShim.sys -- (AVGIDSShimxpx)
DRV - [2010/08/10 12:57:20 | 000,030,104 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\avgfwdx.sys -- (Avgfwfd)
DRV - [2010/08/10 12:57:20 | 000,030,104 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\avgfwdx.sys -- (Avgfwdx)
DRV - [2009/11/20 21:34:54 | 010,235,968 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2009/06/17 11:56:32 | 000,028,560 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\LUsbFilt.sys -- (LUsbFilt)
DRV - [2009/06/17 11:56:16 | 000,037,392 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\LMouFilt.Sys -- (LMouFilt)
DRV - [2009/06/17 11:56:06 | 000,035,472 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\LHidFilt.Sys -- (LHidFilt)
DRV - [2008/09/26 04:52:00 | 000,020,240 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\L8042Kbd.sys -- (L8042Kbd)
DRV - [2007/04/16 16:46:00 | 000,033,792 | ---- | M] (Advanced Micro Devices) [Kernel | System] -- C:\WINDOWS\system32\drivers\AmdPPM.sys -- (AmdPPM)
DRV - [2007/04/12 03:10:26 | 000,164,608 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand] -- C:\WINDOWS\system32\CT20XUT.DLL -- (CT20XUT.DLL)
DRV - [2007/04/12 03:10:26 | 000,066,816 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand] -- C:\WINDOWS\system32\CTHWIUT.DLL -- (CTHWIUT.DLL)
DRV - [2007/04/12 03:10:24 | 001,317,632 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand] -- C:\WINDOWS\system32\CTEXFIFX.DLL -- (CTEXFIFX.DLL)
DRV - [2007/04/12 03:10:22 | 000,323,328 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand] -- C:\WINDOWS\system32\CTEDSPSY.DLL -- (CTEDSPSY.DLL)
DRV - [2007/04/12 03:10:22 | 000,128,768 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand] -- C:\WINDOWS\system32\CTEDSPIO.DLL -- (CTEDSPIO.DLL)
DRV - [2007/04/12 03:10:20 | 000,280,320 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand] -- C:\WINDOWS\system32\CTEDSPFX.DLL -- (CTEDSPFX.DLL)
DRV - [2007/04/12 03:10:20 | 000,094,976 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand] -- C:\WINDOWS\system32\CTERFXFX.DLL -- (CTERFXFX.DLL)
DRV - [2007/04/12 03:10:18 | 000,168,192 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand] -- C:\WINDOWS\system32\CTEAPSFX.DLL -- (CTEAPSFX.DLL)
DRV - [2007/04/09 23:32:06 | 000,189,736 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\haP17v2k.sys -- (hap17v2k)
DRV - [2006/02/08 03:26:00 | 000,011,264 | R--- | M] (ASUSTeK Computer Inc.) [Kernel | Auto] -- C:\WINDOWS\system32\drivers\EIO.sys -- (EIO)
DRV - [2005/10/18 10:01:38 | 000,011,008 | ---- | M] (ASUSTeK COMPUTER INC.) [Kernel | System] -- C:\WINDOWS\system32\drivers\atkkbnt.sys -- (asuskbnt)
DRV - [2005/06/20 09:08:44 | 002,324,480 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS -- (ALCXWDM) Service for Realtek AC97 Audio (WDM)
DRV - [2005/02/24 04:04:58 | 000,012,928 | R--- | M] (NVIDIA Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus)
DRV - [2005/02/24 04:04:56 | 000,033,408 | R--- | M] (NVIDIA Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD)
DRV - [2004/10/07 05:21:22 | 000,015,360 | ---- | M] (Maxtor Corp.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\mxopswd.sys -- (MXOPSWD)
DRV - [2004/09/22 22:28:34 | 000,606,208 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand] -- C:\WINDOWS\system32\ctsblfx.dll -- (CTSBLFX.DLL)
DRV - [2004/09/22 22:27:32 | 000,585,728 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand] -- C:\WINDOWS\system32\ctaudfx.dll -- (CTAUDFX.DLL)
DRV - [2004/09/22 22:27:06 | 000,114,688 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand] -- C:\WINDOWS\system32\commonfx.dll -- (COMMONFX.DLL)
DRV - [2004/09/22 22:26:42 | 000,145,488 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\emupia2k.sys -- (emupia)
DRV - [2004/09/22 22:26:30 | 000,130,288 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ctsfm2k.sys -- (ctsfm2k)
DRV - [2004/09/22 22:26:14 | 000,006,096 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ctprxy2k.sys -- (ctprxy2k)
DRV - [2004/09/22 22:26:04 | 000,178,672 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ctoss2k.sys -- (ossrv)
DRV - [2004/09/22 22:25:52 | 000,371,376 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ctaud2k.sys -- (ctaud2k) Creative Audio Driver (WDM)
DRV - [2004/09/22 22:24:50 | 000,645,872 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ctac32k.sys -- (ctac32k)
DRV - [2004/09/22 22:23:46 | 000,148,464 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\haP16v2k.sys -- (hap16v2k)
DRV - [2004/09/22 22:23:28 | 000,904,880 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ha10kx2k.sys -- (ha10kx2k)
DRV - [2004/09/22 06:13:54 | 000,340,128 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ctdvda2k.sys -- (ctdvda2k)
DRV - [2004/09/02 23:18:22 | 000,006,656 | ---- | M] (Creative Technology Ltd.) [Kernel | Auto] -- C:\WINDOWS\system32\drivers\pfmodnt.sys -- (PfModNT)
========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
http://www.google.com/ie IE - HKU\.DEFAULT\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll ()
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\David_Shatford_ON_C\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://www.google.com/ieIE - HKU\David_Shatford_ON_C\Software\Microsoft\Internet Explorer\Main,Search Page =
http://www.google.comIE - HKU\David_Shatford_ON_C\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKU\David_Shatford_ON_C\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL =
http://www.google.co...ie=utf8&oe=utf8IE - HKU\David_Shatford_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.google.co.uk/IE - HKU\David_Shatford_ON_C\Software\Microsoft\Internet Explorer\Search,Default_Search_URL =
http://www.google.com/ieIE - HKU\David_Shatford_ON_C\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
http://www.google.com/ieIE - HKU\David_Shatford_ON_C\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll ()
IE - HKU\David_Shatford_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\David_Shatford_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>;*.local
IE - HKU\David_Shatford_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:6522
========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "AVG Secure Search"
FF - prefs.js..browser.search.selectedEngine: "AVG Secure Search"
FF - prefs.js..extensions.enabledItems: {3f963a5b-e555-4543-90e2-c3908898db71}:9.0.0.863
FF - prefs.js..extensions.enabledItems: avg@igeared:6.010.006.004
FF - prefs.js..extensions.enabledItems:
[email protected]:1.0
FF - prefs.js..keyword.URL: "
http://search.avg.co...k&lng=en-US&q=" FF - HKLM\software\mozilla\Firefox\extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\Program Files\AVG\AVG9\Firefox [2010/10/26 03:57:52 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\extensions\\avg@igeared: C:\Program Files\AVG\AVG9\Toolbar\Firefox\avg@igeared [2010/10/26 03:05:58 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/10/28 13:10:11 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/10/28 13:10:11 | 000,000,000 | ---D | M]
[2009/01/09 13:40:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\David Shatford\Application Data\Mozilla\Extensions
[2010/11/10 12:12:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\David Shatford\Application Data\Mozilla\Firefox\Profiles\qfzckjgg.default\extensions
[2010/10/09 08:21:18 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\David Shatford\Application Data\Mozilla\Firefox\Profiles\qfzckjgg.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/09/03 04:09:02 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Documents and Settings\David Shatford\Application Data\Mozilla\Firefox\Profiles\qfzckjgg.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2010/11/10 12:12:50 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2009/01/09 20:02:17 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Program Files\Mozilla Firefox\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2009/07/21 02:41:25 | 000,001,210 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\search.xml
O1 HOSTS File: ([2009/07/21 02:41:19 | 000,001,209 | RHS- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 74.125.45.100 test1111.com
O1 - Hosts: 74.125.45.100 test1112.com
O1 - Hosts: 74.125.45.100 4-open-davinci.com
O1 - Hosts: 74.125.45.100 securitysoftwarepayments.com
O1 - Hosts: 74.125.45.100 privatesecuredpayments.com
O1 - Hosts: 74.125.45.100 secure.privatesecuredpayments.com
O1 - Hosts: 74.125.45.100 getantivirusplusnow.com
O1 - Hosts: 74.125.45.100 secure-plus-payments.com
O1 - Hosts: 74.125.45.100 www.getantivirusplusnow.com
O1 - Hosts: 74.125.45.100 www.secure-plus-payments.com
O1 - Hosts: 74.125.45.100 www.getavplusnow.com
O1 - Hosts: 74.125.45.100 www.securesoftwarebill.com
O2 - BHO: (Lexmark Toolbar) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll ()
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (AVG Security Toolbar BHO) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll ()
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5612.1312\swg.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Lexmark Toolbar) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll ()
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll ()
O3 - HKU\David_Shatford_ON_C\..\Toolbar\WebBrowser: (Lexmark Toolbar) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll ()
O3 - HKU\David_Shatford_ON_C\..\Toolbar\WebBrowser: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll ()
O4 - HKLM..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe (Apple Inc.)
O4 - HKLM..\Run: [AudioDrvEmulator] C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe (Creative Technology Ltd.)
O4 - HKLM..\Run: [AVG9_TRAY] C:\Program Files\AVG\AVG9\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [CTDVDDET] C:\Program Files\Creative\SBAudigy4\DVDAudio\CTDVDDET.EXE (Creative Technology Ltd)
O4 - HKLM..\Run: [CTHelper] C:\WINDOWS\System32\CtHelper.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [CTSysVol] C:\Program Files\Creative\SBAudigy4\Surround Mixer\CTSysVol.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [EzPrint] C:\Program Files\Lexmark 5400 Series\ezprint.exe (Lexmark International Inc.)
O4 - HKLM..\Run: [Kernel and Hardware Abstraction Layer] C:\WINDOWS\KHALMNPR.Exe (Logitech, Inc.)
O4 - HKLM..\Run: [Lexmark 5400 Series Fax Server] C:\Program Files\Lexmark 5400 Series\fm3032.exe ()
O4 - HKLM..\Run: [LXCTCATS] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCTtime.DLL (Lexmark International Inc.)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] ._Final Loop Presentation.ppt ()
O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\SOUNDMAN.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [UpdReg] C:\WINDOWS\Updreg.EXE (Creative Technology Ltd.)
O4 - HKU\David_Shatford_ON_C..\Run: [Creative Detector] C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe (Creative Technology Ltd)
O4 - HKU\David_Shatford_ON_C..\Run: [Jyileyiluyirogod] C:\WINDOWS\srnmaw.DLL (Red Hat)
O4 - HKU\David_Shatford_ON_C..\Run: [RemoteCenter] C:\Program Files\Creative\SBAudigy4\Entertainment Center\RcMan.exe (Creative Technology Ltd)
O4 - HKU\David_Shatford_ON_C..\Run: [SetDefaultMIDI] C:\WINDOWS\MIDIDEF.EXE (Creative Technology Ltd)
O4 - HKU\David_Shatford_ON_C..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - HKU\David_Shatford_ON_C..\RunOnce: [59379] C:\Documents and Settings\David Shatford\Local Settings\Application Data\59379.exe ()
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe (Logitech, Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\David_Shatford_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\David_Shatford_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O7 - HKU\LocalService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\NetworkService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700}
http://download.micr...heckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3}
http://update.micros...b?1231558692125 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-0014-0002-0005-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_17)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O18 - Protocol\Handler\avgsecuritytoolbar {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll ()
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll (AVG Technologies CZ, s.r.o.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\avgrsstarter: DllName - avgrsstx.dll - C:\WINDOWS\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
O20 - Winlogon\Notify\LBTWlgn: DllName - c:\program files\common files\logitech\bluetooth\LBTWlgn.dll - C:\Program Files\Common Files\Logitech\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O24 - Desktop WallPaper: B:\Documents and Settings\Default User\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: B:\Documents and Settings\Default User\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O27 - HKLM IFEO\a.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\b.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\c.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\d.exe: Debugger - svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\msconfig: Debugger - svchost.exe (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/01/09 12:33:01 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2009/03/21 09:49:33 | 000,000,090 | ---- | M] () - D:\AUTORUN.INF -- [ NTFS ]
O32 - AutoRun File - [2006/03/24 06:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
O33 - MountPoints2\{d7110bb3-a084-11df-8373-00142a84f5bf}\Shell - "" = AutoRun
O33 - MountPoints2\{d7110bb3-a084-11df-8373-00142a84f5bf}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{d7110bb3-a084-11df-8373-00142a84f5bf}\Shell\AutoRun\command - "" = G:\Windows\CHECK\DriveNavigator.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
NetSvcs: 6to4 - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found
Drivers32: msacm.ac3acm - C:\WINDOWS\System32\ac3acm.acm (fccHandler)
Drivers32: msacm.divxa32 - C:\WINDOWS\System32\divxa32.acm (Kristal StudioDFileDescription)
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.lameacm - C:\WINDOWS\System32\lameACM.acm (
http://www.mp3dev.org/)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.3iv2 - C:\WINDOWS\System32\3ivxVfWCodec.dll (3ivx.com)
Drivers32: vidc.asv2 - ._Final Loop Presentation.ppt ()
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\WINDOWS\System32\DivX.dll (DivX, Inc.)
Drivers32: VIDC.HFYU - C:\WINDOWS\System32\huffyuv.dll (Disappearing Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: VIDC.VP31 - C:\WINDOWS\System32\vp31vfw.dll (On2.com)
Drivers32: VIDC.VP60 - C:\WINDOWS\System32\vp6vfw.dll (On2.com)
Drivers32: VIDC.VP61 - C:\WINDOWS\System32\vp6vfw.dll (On2.com)
Drivers32: VIDC.VP62 - C:\WINDOWS\System32\vp6vfw.dll (On2.com)
Drivers32: VIDC.wmv3 - C:\WINDOWS\System32\WMV9VCM.dll (Microsoft Corporation)
Drivers32: vidc.XVID - C:\WINDOWS\System32\xvidvfw.dll ()
Drivers32: vidc.yv12 - C:\WINDOWS\System32\DivX.dll (DivX, Inc.)
========== Files/Folders - Created Within 30 Days ========== [2010/10/21 16:02:33 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2010/10/21 16:02:29 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2010/10/21 15:57:21 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2010/10/21 15:57:18 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2009/01/09 12:47:37 | 000,409,600 | ---- | C] ( ) -- C:\WINDOWS\System32\lxctinpa.dll
[2009/01/09 12:47:37 | 000,393,216 | ---- | C] ( ) -- C:\WINDOWS\System32\lxctiesc.dll
[2009/01/09 12:47:36 | 001,187,840 | ---- | C] ( ) -- C:\WINDOWS\System32\lxctserv.dll
[2009/01/09 12:47:36 | 000,983,040 | ---- | C] ( ) -- C:\WINDOWS\System32\lxctusb1.dll
[2009/01/09 12:47:36 | 000,643,072 | ---- | C] ( ) -- C:\WINDOWS\System32\lxctpmui.dll
[2009/01/09 12:47:36 | 000,163,840 | ---- | C] ( ) -- C:\WINDOWS\System32\lxctprox.dll
[2009/01/09 12:47:36 | 000,094,208 | ---- | C] ( ) -- C:\WINDOWS\System32\lxctpplc.dll
[2009/01/09 12:47:35 | 000,528,384 | ---- | C] ( ) -- C:\WINDOWS\System32\lxctlmpm.dll
[2009/01/09 12:47:34 | 000,696,320 | ---- | C] ( ) -- C:\WINDOWS\System32\lxcthbn3.dll
[2009/01/09 12:47:33 | 000,667,648 | ---- | C] ( ) -- C:\WINDOWS\System32\lxctcomc.dll
[2009/01/09 12:47:33 | 000,421,888 | ---- | C] ( ) -- C:\WINDOWS\System32\lxctcomm.dll
[2004/09/22 22:21:10 | 000,065,536 | ---- | C] ( ) -- C:\WINDOWS\System32\a3d.dll
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files - Modified Within 30 Days ========== [2010/11/11 05:09:26 | 000,031,104 | ---- | M] () -- C:\WINDOWS\System32\BMXStateBkp-{00000001-00000000-00000006-00001102-00000004-20071102}.rfx
[2010/11/11 05:09:26 | 000,031,104 | ---- | M] () -- C:\WINDOWS\System32\BMXState-{00000001-00000000-00000006-00001102-00000004-20071102}.rfx
[2010/11/11 05:09:26 | 000,030,168 | ---- | M] () -- C:\WINDOWS\System32\BMXCtrlState-{00000001-00000000-00000006-00001102-00000004-20071102}.rfx
[2010/11/11 05:09:26 | 000,030,168 | ---- | M] () -- C:\WINDOWS\System32\BMXBkpCtrlState-{00000001-00000000-00000006-00001102-00000004-20071102}.rfx
[2010/11/11 05:09:26 | 000,001,080 | ---- | M] () -- C:\WINDOWS\System32\settingsbkup.sfm
[2010/11/11 05:09:26 | 000,001,080 | ---- | M] () -- C:\WINDOWS\System32\settings.sfm
[2010/11/11 05:09:26 | 000,000,384 | ---- | M] () -- C:\WINDOWS\System32\DVCStateBkp-{00000001-00000000-00000006-00001102-00000004-20071102}.dat
[2010/11/11 05:09:26 | 000,000,384 | ---- | M] () -- C:\WINDOWS\System32\DVCState-{00000001-00000000-00000006-00001102-00000004-20071102}.dat
[2010/11/11 05:09:25 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/11/11 05:08:14 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\David Shatford\Local Settings\Application Data\prvlcl.dat
[2010/11/11 05:07:35 | 000,979,968 | ---- | M] () -- C:\Documents and Settings\David Shatford\Local Settings\Application Data\59379.exe
[2010/11/11 05:05:14 | 000,000,440 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{F0591753-A8CE-4564-A60B-CC9D25777D30}.job
[2010/11/11 04:36:00 | 000,001,012 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1606980848-1326574676-839522115-1003UA.job
[2010/11/11 03:47:26 | 000,628,839 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\iavifw.avm
[2010/11/11 03:47:25 | 067,492,130 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\incavi.avm
[2010/11/11 02:49:17 | 000,002,422 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/11/11 02:48:38 | 000,262,130 | ---- | M] () -- C:\WINDOWS\System32\NvApps.xml
[2010/11/09 14:36:00 | 000,000,960 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1606980848-1326574676-839522115-1003Core.job
[2010/11/07 06:23:54 | 000,102,912 | ---- | M] () -- C:\Documents and Settings\David Shatford\Desktop\Copy of Invoice.doc
[2010/11/07 05:53:59 | 000,102,400 | ---- | M] () -- C:\Documents and Settings\David Shatford\Desktop\Invoice.doc
[2010/11/02 05:49:37 | 000,857,455 | ---- | M] () -- C:\Documents and Settings\David Shatford\Desktop\Avis Invoice.jpg
[2010/10/31 08:47:32 | 000,491,516 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010/10/31 08:47:32 | 000,090,014 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010/10/28 06:45:04 | 000,105,472 | ---- | M] () -- C:\Documents and Settings\David Shatford\Desktop\MS INDIA 2011 Mailing List .xls
[2010/10/27 05:42:49 | 000,102,400 | ---- | M] () -- C:\Documents and Settings\David Shatford\Desktop\MSI INTECO Invoice.doc
[2010/10/26 03:24:00 | 000,172,442 | ---- | M] () -- C:\Documents and Settings\David Shatford\Desktop\MSI_cover.pdf
[2010/10/21 14:39:01 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files Created - No Company Name ========== [2010/11/11 05:07:35 | 000,979,968 | ---- | C] () -- C:\Documents and Settings\David Shatford\Local Settings\Application Data\59379.exe
[2010/11/07 06:20:22 | 000,102,912 | ---- | C] () -- C:\Documents and Settings\David Shatford\Desktop\Copy of Invoice.doc
[2010/11/07 05:44:48 | 000,102,400 | ---- | C] () -- C:\Documents and Settings\David Shatford\Desktop\Invoice.doc
[2010/11/02 05:49:37 | 000,857,455 | ---- | C] () -- C:\Documents and Settings\David Shatford\Desktop\Avis Invoice.jpg
[2010/10/27 05:37:50 | 000,102,400 | ---- | C] () -- C:\Documents and Settings\David Shatford\Desktop\MSI INTECO Invoice.doc
[2010/10/26 03:24:00 | 000,172,442 | ---- | C] () -- C:\Documents and Settings\David Shatford\Desktop\MSI_cover.pdf
[2010/10/21 07:36:03 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\David Shatford\Local Settings\Application Data\prvlcl.dat
[2010/10/19 09:41:26 | 000,105,472 | ---- | C] () -- C:\Documents and Settings\David Shatford\Desktop\MS INDIA 2011 Mailing List .xls
[2009/08/03 10:07:42 | 000,403,816 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.dll
[2009/01/15 18:00:59 | 000,000,347 | ---- | C] () -- C:\WINDOWS\CTWave32.INI
[2009/01/15 16:18:35 | 000,000,030 | R--- | C] () -- C:\WINDOWS\System32\drivers\RevHDD.ini
[2009/01/11 09:34:09 | 000,000,056 | ---- | C] () -- C:\Documents and Settings\David Shatford\Local Settings\Application Data\73648-88365-27475-00IP7-22847
[2009/01/10 12:37:38 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\lxctpmon.dll
[2009/01/10 12:37:38 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\LXCTFXPU.DLL
[2009/01/10 12:34:55 | 000,335,872 | R--- | C] () -- C:\WINDOWS\System32\lxctcoin.dll
[2009/01/09 19:16:12 | 000,156,672 | R--- | C] () -- C:\WINDOWS\System32\RTLCPAPI.dll
[2009/01/09 15:57:02 | 000,010,496 | ---- | C] () -- C:\WINDOWS\System32\ATKOSDMini.DLL
[2009/01/09 15:57:02 | 000,000,018 | ---- | C] () -- C:\WINDOWS\System32\atkid.ini
[2009/01/09 15:56:57 | 000,046,080 | ---- | C] () -- C:\WINDOWS\System32\asrussian.dll
[2009/01/09 15:56:56 | 000,046,592 | ---- | C] () -- C:\WINDOWS\System32\asfrench.dll
[2009/01/09 15:56:56 | 000,046,080 | ---- | C] () -- C:\WINDOWS\System32\asgerman.dll
[2009/01/09 15:56:56 | 000,046,080 | ---- | C] () -- C:\WINDOWS\System32\aseng.dll
[2009/01/09 15:56:56 | 000,045,568 | ---- | C] () -- C:\WINDOWS\System32\askorean.dll
[2009/01/09 15:56:56 | 000,045,568 | ---- | C] () -- C:\WINDOWS\System32\asjapan.dll
[2009/01/09 15:56:56 | 000,045,568 | ---- | C] () -- C:\WINDOWS\System32\aschs.dll
[2009/01/09 15:56:54 | 000,045,568 | ---- | C] () -- C:\WINDOWS\System32\ASCHT.dll
[2009/01/09 15:11:31 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2009/01/09 14:21:52 | 000,045,011 | R--- | C] () -- C:\WINDOWS\System32\e10kxwdm.ini
[2009/01/09 14:21:52 | 000,000,175 | R--- | C] () -- C:\WINDOWS\System32\ctzapxx.ini
[2009/01/09 14:11:58 | 000,000,184 | ---- | C] () -- C:\WINDOWS\System32\SETUP.INI
[2009/01/09 13:51:57 | 000,016,896 | ---- | C] () -- C:\Documents and Settings\David Shatford\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/01/09 13:34:48 | 000,421,888 | ---- | C] () -- C:\WINDOWS\System32\OpenQuicktimeLib.dll
[2009/01/09 13:34:48 | 000,061,440 | ---- | C] () -- C:\WINDOWS\System32\libfaac.dll
[2009/01/09 13:34:47 | 000,019,968 | ---- | C] () -- C:\WINDOWS\System32\cpuinf32.dll
[2009/01/09 12:47:37 | 000,274,432 | ---- | C] () -- C:\WINDOWS\System32\LXCTinst.dll
[2009/01/09 12:47:34 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\lxctgrd.dll
[2009/01/09 12:45:07 | 000,000,137 | ---- | C] () -- C:\Documents and Settings\David Shatford\Local Settings\Application Data\fusioncache.dat
[2009/01/09 12:20:46 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2007/04/12 03:10:28 | 000,105,728 | ---- | C] () -- C:\WINDOWS\System32\APOMgrH.dll
[2007/04/09 07:55:14 | 000,097,785 | ---- | C] () -- C:\WINDOWS\System32\instwdm.ini
[2007/04/09 07:33:50 | 000,043,520 | ---- | C] () -- C:\WINDOWS\System32\CTBurst.dll
[2006/06/20 08:40:14 | 000,692,224 | ---- | C] () -- C:\WINDOWS\System32\lxctdrs.dll
[2006/05/18 06:01:34 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\lxctcaps.dll
[2006/05/03 09:31:04 | 000,061,440 | ---- | C] () -- C:\WINDOWS\System32\lxctcnv4.dll
[2006/03/09 02:29:00 | 000,573,440 | ---- | C] () -- C:\WINDOWS\System32\nvhwvid.dll
[2006/03/09 02:29:00 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2005/12/30 15:18:26 | 000,180,224 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2005/12/30 15:10:30 | 000,761,856 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2005/06/23 21:37:50 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\lxctvs.dll
[2005/06/16 05:17:16 | 000,071,680 | ---- | C] () -- C:\WINDOWS\System32\ctmmactl.dll
[2005/05/18 07:24:52 | 000,581,632 | ---- | C] () -- C:\WINDOWS\System32\dfxg15.dll
[2003/03/21 04:56:12 | 000,000,307 | ---- | C] () -- C:\WINDOWS\System32\kill.ini
[2003/01/07 10:05:08 | 000,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2002/09/15 22:59:46 | 000,005,515 | ---- | C] () -- C:\WINDOWS\System32\ENSDEF.INI
========== LOP Check ========== [2009/05/22 02:53:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\David Shatford\Application Data\5400 Series
[2010/01/05 09:54:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\David Shatford\Application Data\Aladdin Systems
[2010/08/05 07:41:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\David Shatford\Application Data\Amazon
[2009/01/11 07:58:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\David Shatford\Application Data\BSD
[2009/01/14 08:33:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\David Shatford\Application Data\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2009/01/10 09:33:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\David Shatford\Application Data\IObit
[2010/01/13 13:42:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\David Shatford\Application Data\Leadertech
[2009/01/09 20:08:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\David Shatford\Application Data\Opera
[2009/07/15 09:24:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\David Shatford\Application Data\Reg Tool
[2009/07/15 03:45:48 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\David Shatford\Application Data\Windows Security Suite
[2010/11/11 05:05:14 | 000,000,440 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{F0591753-A8CE-4564-A60B-CC9D25777D30}.job
========== Purity Check ========== ========== Custom Scans ========== < MD5 for: EXPLORER.EXE >[2008/04/13 19:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\explorer.exe
[2008/04/13 19:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe
[2006/02/28 07:00:00 | 001,032,192 | ---- | M] (Microsoft Corporation) MD5=A0732187050030AE399B241436565E64 -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe
< MD5 for: SVCHOST.EXE >[2008/04/13 19:12:36 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\WINDOWS\ServicePackFiles\i386\svchost.exe
[2008/04/13 19:12:36 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\WINDOWS\system32\svchost.exe
[2006/02/28 07:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=8F078AE4ED187AAABC0A305146DE6716 -- C:\WINDOWS\$NtServicePackUninstall$\svchost.exe
< MD5 for: USERINIT.EXE >[2006/02/28 07:00:00 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=39B1FFB03C2296323832ACBAE50D2AFF -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe
[2008/04/13 19:12:38 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008/04/13 19:12:38 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\system32\userinit.exe
< MD5 for: WINLOGON.EXE >[2006/02/28 07:00:00 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=01C3346C241652F43AED8E2149881BFE -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2008/04/13 19:12:39 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008/04/13 19:12:39 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\system32\winlogon.exe
< %SYSTEMDRIVE%\*.* >[2009/01/09 12:33:01 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2009/01/09 12:27:26 | 000,000,211 | -HS- | M] () -- C:\boot.ini
[2009/01/09 12:33:01 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2009/01/09 12:33:01 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2009/01/09 12:33:01 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2006/02/28 07:00:00 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2009/01/09 21:37:39 | 000,250,048 | RHS- | M] () -- C:\ntldr
[2010/11/11 02:47:48 | 1610,612,736 | -HS- | M] () -- C:\pagefile.sys
< %systemroot%\*. /mp /s > < CREATERESTOREPOINT > < %systemroot%\System32\config\*.sav >[2009/01/09 12:18:58 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2009/01/09 12:18:58 | 000,659,456 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2009/01/09 12:18:58 | 000,913,408 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav
< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU > < HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2010-10-13 19:05:51
< End of report >