Here are the problems I face:
Internet browser (Internet Explorer) works very slowly or freezes completely (an hourglass and a 'does not respond' message appear). Ctrl+Alt+Del does not function, computer freezes and needs a reboot.
Occasionally, a Nod32 antivirus system warning pops up:
File: C:\Windows\system32\TFTP2852
Threat: win32/Rbot Trojan
Event occurred on a new file created by the application: C:\WINDOWS\system32\tftp.exe. The file was moved to quarantine. You may close this window.
Can you help me? The computer freezes constantly and I can hardly work but hopefully we can fix this
OTL Log:
OTL logfile created on: 02.5.2011 г. 13:50:17 - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Documents and Settings\Marieta Yotseva\Desktop
Windows XP Professional Edition Service Pack 1 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2800.1106)
Locale: 00000402 | Country: Bulgaria | Language: BGR | Date Format: dd.M.yyyy 'г.'
1 015,00 Mb Total Physical Memory | 393,00 Mb Available Physical Memory | 39,00% Memory free
2,00 Gb Paging File | 2,00 Gb Available in Paging File | 80,00% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 19,52 Gb Total Space | 8,87 Gb Free Space | 45,42% Space Free | Partition Type: FAT32
Drive D: | 213,34 Gb Total Space | 158,43 Gb Free Space | 74,26% Space Free | Partition Type: NTFS
Computer Name: MARIETA | User Name: Marieta Yotseva | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2011.05.02 13:49:56 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Marieta Yotseva\Desktop\OTL.exe
PRC - [2007.03.02 17:01:38 | 000,072,704 | ---- | M] (Autodesk) -- C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
PRC - [2007.03.01 21:27:10 | 000,917,504 | ---- | M] (Eset ) -- C:\Program Files\Eset\nod32kui.exe
PRC - [2007.03.01 21:27:10 | 000,495,616 | ---- | M] (Eset ) -- C:\Program Files\Eset\nod32krn.exe
PRC - [2006.06.19 11:43:34 | 000,262,144 | ---- | M] () -- C:\WINDOWS\tsnpstd3.exe
PRC - [2006.05.12 11:27:04 | 000,831,488 | ---- | M] () -- C:\WINDOWS\vsnpstd3.exe
PRC - [2006.03.30 09:15:44 | 000,096,341 | ---- | M] (Canon Inc.) -- C:\Program Files\Canon\CAL\CALMAIN.exe
PRC - [2005.10.25 22:48:30 | 000,988,565 | ---- | M] (Acronis) -- C:\Program Files\Acronis\TrueImage\TrueImageMonitor.exe
PRC - [2005.10.25 22:48:30 | 000,172,032 | ---- | M] (Acronis) -- C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
PRC - [2005.10.25 22:48:30 | 000,118,784 | ---- | M] (Acronis) -- C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe
PRC - [2002.08.29 03:41:24 | 001,004,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
========== Modules (SafeList) ==========
MOD - [2011.05.02 13:49:56 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Marieta Yotseva\Desktop\OTL.exe
MOD - [2002.08.29 03:41:32 | 000,921,600 | R--- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.10.0_x-ww_f7fb5805\comctl32.dll
========== Win32 Services (SafeList) ==========
SRV - File not found [Disabled | Stopped] -- -- (HidServ)
SRV - [2007.03.02 17:01:38 | 000,072,704 | ---- | M] (Autodesk) [Auto | Running] -- C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe -- (Autodesk Licensing Service)
SRV - [2007.03.01 21:27:10 | 000,495,616 | ---- | M] (Eset ) [Auto | Running] -- C:\Program Files\Eset\nod32krn.exe -- (NOD32krn)
SRV - [2006.09.29 12:48:06 | 000,065,536 | ---- | M] () [Auto | Stopped] -- C:\Program Files\Autodesk\3ds Max 9\mentalray\satellite\raysat_3dsmax9_32server.exe -- (mi-raysat_3dsmax9_32) mental ray 3.5 Satellite (32-bit)
SRV - [2006.03.30 09:15:44 | 000,096,341 | ---- | M] (Canon Inc.) [Auto | Running] -- C:\Program Files\Canon\CAL\CALMAIN.exe -- (CCALib8)
SRV - [2005.10.25 22:48:30 | 000,172,032 | ---- | M] (Acronis) [Auto | Running] -- C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe -- (AcrSch2Svc)
========== Driver Services (SafeList) ==========
DRV - [2007.03.02 00:44:22 | 000,002,624 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\io02.sys -- (io02)
DRV - [2007.03.01 21:43:34 | 000,010,368 | ---- | M] (Padus, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\pfc.sys -- (pfc)
DRV - [2007.03.01 21:42:08 | 000,249,152 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\timntr.sys -- (timounter)
DRV - [2007.03.01 21:42:08 | 000,030,688 | ---- | M] (Acronis) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\tifsfilt.sys -- (tifsfilter)
DRV - [2007.03.01 21:41:40 | 000,096,320 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\snapman.sys -- (snapman)
DRV - [2007.03.01 21:27:10 | 000,502,208 | ---- | M] (Eset ) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\amon.sys -- (AMON)
DRV - [2006.10.19 00:00:00 | 000,020,760 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\Lavalys\EVEREST Ultimate Edition\kerneld.wnt -- (EverestDriver)
DRV - [2006.06.28 10:25:24 | 004,304,384 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.Sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2006.06.27 13:50:36 | 010,148,480 | ---- | M] (Sonix Co. Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\snpstd3.sys -- (SNPSTD3)
DRV - [2006.03.27 04:48:34 | 000,026,752 | R--- | M] (ASUSTek Computer Inc. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ipfnd51.sys -- (ip100xp)
DRV - [2005.11.16 10:08:16 | 000,078,976 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTL8023xp)
DRV - [2001.08.17 13:51:32 | 000,018,688 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\irsir.sys -- (irsir)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKLM\..\URLSearchHook: {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.bg/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\..\URLSearchHook: {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
O1 HOSTS File: ([2001.08.23 12:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Winamp Toolbar Loader) - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.6209.1142\swg.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (&Radio) - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\system32\msdxm.ocx ()
O3 - HKLM\..\Toolbar: (Winamp Toolbar) - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)
O3 - HKCU\..\Toolbar\WebBrowser: (Winamp Toolbar) - {EBF2BA02-9094-4C5A-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)
O4 - HKLM..\Run: [Acronis Scheduler2 Service] C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe (Acronis)
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh)
O4 - HKLM..\Run: [nod32kui] C:\Program Files\Eset\nod32kui.exe (Eset )
O4 - HKLM..\Run: [Resume copy] C:\WINDOWS\COPYFSTQ.EXE ()
O4 - HKLM..\Run: [snpstd3] C:\WINDOWS\vsnpstd3.exe ()
O4 - HKLM..\Run: [TrueImageMonitor.exe] C:\Program Files\Acronis\TrueImage\TrueImageMonitor.exe (Acronis)
O4 - HKLM..\Run: [tsnpstd3] C:\WINDOWS\tsnpstd3.exe ()
O4 - HKCU..\Run: [cdoosoft] C:\Documents and Settings\Marieta Yotseva\Local Settings\Temp\herss.exe ()
O4 - HKCU..\Run: [Windows Time] C:\Documents and Settings\Marieta Yotseva\Application Data\W32Time.exe (OldMan's Tales)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\AutoCAD Startup Accelerator.lnk = C:\Program Files\Common Files\Autodesk Shared\acstart16.exe (Autodesk, Inc)
O4 - Startup: C:\Documents and Settings\Marieta Yotseva\Start Menu\Programs\Startup\Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: &Winamp Search - C:\Documents and Settings\All Users\Application Data\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html ()
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll (Google Inc.)
O9 - Extra Button: @shdoclc.dll,-866 - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\Web\related.htm ()
O9 - Extra 'Tools' menuitem : @shdoclc.dll,-864 - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\Web\related.htm ()
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - File not found
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.ad...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: DirectAnimation Java Classes file://C:\WINDOWS\Java\classes\dajava.cab (Reg Error: Key error.)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 78.128.95.129 193.24.240.25
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\vnd.ms.radio {3DA2AA3B-3D96-11D2-9BD2-204C4F4F5020} - C:\WINDOWS\system32\msdxm.ocx ()
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\Marieta Yotseva\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Marieta Yotseva\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O30 - LSA: Authentication Packages - (relog_ap) - C:\WINDOWS\System32\relog_ap.dll (Acronis)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2007.03.01 20:38:34 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ FAT32 ]
O32 - AutoRun File - [2011.05.01 22:01:46 | 000,000,055 | RHS- | M] () - C:\autorun.inf -- [ FAT32 ]
O32 - AutoRun File - [2011.05.01 22:01:44 | 000,000,055 | RHS- | M] () - D:\autorun.inf -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2011.05.02 13:49:46 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Marieta Yotseva\Desktop\OTL.exe
[2011.04.30 23:20:08 | 000,102,400 | -H-- | C] (OldMan's Tales) -- C:\WINDOWS\System32\ovngqul.exe
[2008.11.24 19:21:13 | 008,981,504 | ---- | C] (Nullsoft, Inc.) -- C:\Program Files\winamp5541_full_emusic-7plus_en-us.exe
[2008.10.23 15:14:45 | 002,991,076 | ---- | C] (Software Companions ) -- C:\Program Files\vcsetup.exe
[2008.01.02 17:48:07 | 000,061,440 | ---- | C] ( ) -- C:\WINDOWS\System32\vsnpstd3.dll
[2008.01.02 17:48:07 | 000,053,248 | ---- | C] ( ) -- C:\WINDOWS\System32\csnpstd3.dll
[2008.01.02 17:39:45 | 000,147,456 | ---- | C] ( ) -- C:\WINDOWS\System32\rsnpstd3.dll
[2007.10.25 21:54:53 | 023,876,904 | ---- | C] (Skype Technologies S.A.) -- C:\Program Files\SkypeSetup.exe
[2002.08.29 03:41:24 | 000,106,496 | -HS- | C] (OldMan's Tales) -- C:\Documents and Settings\Marieta Yotseva\Application Data\explorer.exe
[2002.08.29 03:41:24 | 000,106,496 | -HS- | C] (OldMan's Tales) -- C:\Documents and Settings\Marieta Yotseva\Application Data\AppMgmt.exe
[2002.08.29 03:41:24 | 000,102,912 | -HS- | C] (OldMan's Tales) -- C:\Documents and Settings\Marieta Yotseva\Application Data\W32Time.exe
[2002.08.29 03:41:24 | 000,102,912 | -HS- | C] (OldMan's Tales) -- C:\Documents and Settings\Marieta Yotseva\Application Data\AudioSrv.exe
[2002.08.29 03:41:24 | 000,102,493 | -HS- | C] (OldMan's Tales) -- C:\Documents and Settings\Marieta Yotseva\Application Data\msdtc.exe
[2002.08.29 03:41:24 | 000,102,493 | -HS- | C] (OldMan's Tales) -- C:\Documents and Settings\Marieta Yotseva\Application Data\dns.exe
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2011.05.02 13:49:56 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Marieta Yotseva\Desktop\OTL.exe
[2011.05.02 13:29:12 | 000,106,496 | -HS- | M] (OldMan's Tales) -- C:\Documents and Settings\Marieta Yotseva\Application Data\explorer.exe
[2011.05.02 13:26:02 | 000,001,044 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011.05.02 13:19:38 | 000,102,912 | -HS- | M] (OldMan's Tales) -- C:\Documents and Settings\Marieta Yotseva\Application Data\W32Time.exe
[2011.05.02 13:19:32 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011.05.02 13:19:32 | 000,001,040 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011.05.02 08:19:02 | 000,000,000 | R--- | M] () -- C:\WINDOWS\System32\TFTP3912
[2011.05.01 22:01:46 | 000,000,055 | RHS- | M] () -- C:\autorun.inf
[2011.05.01 21:28:24 | 000,002,257 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Skype.lnk
[2011.05.01 20:44:18 | 000,000,000 | R--- | M] () -- C:\WINDOWS\System32\TFTP4036
[2011.05.01 11:40:28 | 000,102,493 | -HS- | M] (OldMan's Tales) -- C:\Documents and Settings\Marieta Yotseva\Application Data\msdtc.exe
[2011.05.01 01:35:56 | 000,102,493 | -HS- | M] (OldMan's Tales) -- C:\Documents and Settings\Marieta Yotseva\Application Data\dns.exe
[2011.04.30 23:20:12 | 000,102,400 | -H-- | M] (OldMan's Tales) -- C:\WINDOWS\System32\ovngqul.exe
[2011.04.30 20:44:30 | 000,102,912 | -HS- | M] (OldMan's Tales) -- C:\Documents and Settings\Marieta Yotseva\Application Data\AudioSrv.exe
[2011.04.30 17:25:16 | 000,106,496 | -HS- | M] (OldMan's Tales) -- C:\Documents and Settings\Marieta Yotseva\Application Data\AppMgmt.exe
[2011.04.29 19:24:34 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files Created - No Company Name ==========
[2011.05.02 08:19:00 | 000,000,000 | R--- | C] () -- C:\WINDOWS\System32\TFTP3912
[2011.05.01 20:44:17 | 000,000,000 | R--- | C] () -- C:\WINDOWS\System32\TFTP4036
[2011.05.01 11:21:45 | 000,001,044 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011.05.01 11:21:45 | 000,001,040 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011.04.26 21:07:50 | 000,106,620 | RHS- | C] () -- C:\kgji.exe
[2011.04.26 18:15:16 | 000,000,055 | RHS- | C] () -- C:\autorun.inf
[2008.10.23 11:18:39 | 060,275,693 | ---- | C] () -- C:\Program Files\FurnishBG.exe
[2008.01.18 13:13:58 | 000,000,032 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\ezsid.dat
[2008.01.02 17:48:07 | 000,831,488 | ---- | C] () -- C:\WINDOWS\vsnpstd3.exe
[2008.01.02 17:48:07 | 000,015,498 | ---- | C] () -- C:\WINDOWS\snpstd3.ini
[2008.01.02 17:39:44 | 000,262,144 | ---- | C] () -- C:\WINDOWS\tsnpstd3.exe
[2007.03.04 21:12:45 | 000,078,336 | ---- | C] () -- C:\Documents and Settings\Marieta Yotseva\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007.03.02 00:44:21 | 000,002,624 | ---- | C] () -- C:\WINDOWS\System32\io02.sys
[2007.03.02 00:37:07 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2007.03.02 00:05:29 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeW7.dll
[2007.03.02 00:05:29 | 000,200,704 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeA6.dll
[2007.03.02 00:05:29 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeP6.dll
[2007.03.02 00:05:29 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeM6.dll
[2007.03.02 00:05:29 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\IVIresizePX.dll
[2007.03.02 00:05:29 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\IVIresize.dll
[2007.03.02 00:05:15 | 000,831,600 | ---- | C] () -- C:\WINDOWS\System32\Ctaa1.dat
[2007.03.02 00:05:14 | 000,122,880 | ---- | C] () -- C:\WINDOWS\System32\cddvdint.dll
[2007.03.02 00:02:54 | 000,002,568 | -HS- | C] () -- C:\WINDOWS\System32\KGyGaAvL.sys
[2007.03.01 23:08:37 | 000,000,138 | ---- | C] () -- C:\Documents and Settings\Marieta Yotseva\Local Settings\Application Data\fusioncache.dat
[2007.03.01 21:55:29 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2007.03.01 21:41:58 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\newdll.dll
[2007.03.01 21:38:49 | 000,017,987 | ---- | C] () -- C:\WINDOWS\irunin.ini
[2007.03.01 21:38:49 | 000,009,694 | ---- | C] () -- C:\WINDOWS\irunin.dat
[2007.03.01 21:38:41 | 000,003,972 | ---- | C] () -- C:\WINDOWS\System32\drivers\PciBus.sys
[2007.03.01 21:37:01 | 000,000,000 | ---- | C] () -- C:\WINDOWS\PROTOCOL.INI
[2007.03.01 21:32:53 | 000,354,816 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2007.03.01 21:17:38 | 000,135,168 | R--- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll
[2007.03.01 21:17:38 | 000,040,960 | R--- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2007.03.01 21:03:09 | 000,192,512 | R--- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4670.dll
[2007.03.01 20:47:50 | 000,004,440 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini
[2007.03.01 20:47:49 | 000,005,824 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS
[2007.03.01 20:40:19 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2007.03.01 20:36:22 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2007.03.01 20:31:49 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2007.03.01 20:31:00 | 000,200,936 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2005.11.20 03:52:40 | 000,009,728 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2002.08.29 03:57:58 | 000,001,740 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin
[2002.05.04 13:04:46 | 000,046,080 | ---- | C] () -- C:\WINDOWS\COPYFSTQ.EXE
[2002.05.04 13:04:45 | 000,094,636 | ---- | C] () -- C:\WINDOWS\dropcpyr.dll
[2002.04.10 18:18:00 | 000,004,573 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2002.03.25 20:02:14 | 000,027,440 | ---- | C] () -- C:\WINDOWS\System32\drivers\secdrv.sys
[2002.03.21 15:39:02 | 000,073,728 | ---- | C] () -- C:\WINDOWS\System32\UNACEV2.DLL
[2001.08.23 12:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2001.08.23 12:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2001.08.23 12:00:00 | 000,401,064 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2001.08.23 12:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2001.08.23 12:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2001.08.23 12:00:00 | 000,062,344 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2001.08.23 12:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2001.08.23 12:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2001.08.23 12:00:00 | 000,004,463 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2001.08.23 12:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
========== LOP Check ==========
[2007.03.01 21:44:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ACD Systems
[2007.03.01 22:11:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Autodesk
[2007.03.02 17:23:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Acronis
[2007.03.01 21:45:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Marieta Yotseva\Application Data\ACD Systems
[2007.03.01 22:11:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Marieta Yotseva\Application Data\Autodesk
[2007.03.02 00:06:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Marieta Yotseva\Application Data\InterVideo
[2010.07.05 19:12:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Marieta Yotseva\Application Data\Opera
========== Purity Check ==========
< End of report >
Thanks!
Kalina