My computer is infected with Malware and viruses. Some of the ones I have seen are Google Redirect, AppleMobileDeviceServices.exe, OpenCloudSecurity.exe, Trojan.Vundo.exe etc. I cannot uninstall BabylonToolbar and my Google searches sometimes redirect me to spam sites.
I updated Malwarebytes Anti-Malware and fixed some of them but the computer speed has not significantly improved. I am posting the OTL log.
Thank you for the help in advance.
OTL logfile created on: 10/10/2011 8:22:25 PM - Run 4
OTL by OldTimer - Version 3.2.29.1 Folder = C:\Documents and Settings\Vamsi\My Documents\Downloads
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1014.37 Mb Total Physical Memory | 198.47 Mb Available Physical Memory | 19.57% Memory free
2.38 Gb Paging File | 1.72 Gb Available in Paging File | 72.16% Paging File free
Paging file location(s): c:\pagefile.sys 1524 3048 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 69.79 Gb Total Space | 8.55 Gb Free Space | 12.25% Space Free | Partition Type: NTFS
Computer Name: ORION | User Name: Vamsi | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Documents and Settings\Vamsi\My Documents\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Documents and Settings\All Users\Application Data\Anti-phishing Domain Advisor\visicom_antiphishing.exe (Visicom Media Inc. (Powered by Panda Security))
PRC - C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbarsrv.exe (Babylon Ltd.)
PRC - C:\Program Files\Dell Support Center\bin\sprtcmd.exe (SupportSoft, Inc.)
PRC - C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe (Cisco Systems, Inc.)
PRC - C:\Program Files\Dell Support Center\bin\sprtsvc.exe (SupportSoft, Inc.)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\DellSupport\DSAgnt.exe (Gteko Ltd.)
PRC - C:\Program Files\Accelrys\Materials Studio 4.1\Gateway\apache\bin\Apache.exe (Apache Software Foundation)
PRC - C:\Program Files\Dell\QuickSet\NicConfigSvc.exe (Dell Inc.)
PRC - C:\WINDOWS\stsystra.exe (SigmaTel, Inc.)
PRC - C:\Program Files\PLANET\PLANET WL-U356A\WlanUtil.exe ()
PRC - C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe (Adobe Systems Inc.)
========== Modules (No Company Name) ==========
MOD - C:\Program Files\Mozilla Firefox\mozjs.dll ()
MOD - C:\WINDOWS\system32\onetsw32.dll ()
MOD - C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
MOD - c:\windows\assembly\nativeimages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_e38a094a\mscorlib.dll ()
MOD - c:\windows\assembly\nativeimages1_v1.1.4322\system.xml\1.0.5000.0__b77a5c561934e089_3dffea65\system.xml.dll ()
MOD - c:\windows\assembly\nativeimages1_v1.1.4322\system\1.0.5000.0__b77a5c561934e089_0e23f09d\system.dll ()
MOD - c:\windows\assembly\gac\system\1.0.5000.0__b77a5c561934e089\system.dll ()
MOD - C:\Program Files\Adobe\Reader 9.0\Reader\ViewerPS.dll ()
MOD - C:\WINDOWS\system32\vpnapi.dll ()
MOD - C:\Program Files\Accelrys\Materials Studio 4.1\Gateway\apache\modules\mod_perl.so ()
MOD - C:\Program Files\Accelrys\Materials Studio 4.1\Gateway\perl\bin\perl58.dll ()
MOD - C:\WINDOWS\system32\bcm1xsup.dll ()
MOD - C:\Program Files\PLANET\PLANET WL-U356A\WlanUtil.exe ()
MOD - C:\Program Files\PLANET\PLANET WL-U356A\ZDWlan.dll ()
MOD - C:\Program Files\PLANET\PLANET WL-U356A\dot1x_dll.dll ()
MOD - c:\windows\assembly\gac\system.xml\1.0.5000.0__b77a5c561934e089\system.xml.dll ()
MOD - C:\Program Files\PLANET\PLANET WL-U356A\ssleay32.dll ()
MOD - C:\Program Files\PLANET\PLANET WL-U356A\libeay32.dll ()
MOD - C:\WINDOWS\system32\HPBHEALR.DLL ()
========== Win32 Services (SafeList) ==========
SRV - (inewnetwork) Network Location Awarenes(NLA) -- File not found
SRV - (HidServ) -- File not found
SRV - (6to4) -- File not found
SRV - (MBAMService) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (getPlus® Helper) getPlus® -- C:\Program Files\NOS\bin\getPlus_HelperSvc.exe (NOS Microsystems Ltd.)
SRV - (CVPND) Cisco Systems, Inc. (ITC) -- C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe (Cisco Systems, Inc.)
SRV - (sprtsvc_dellsupportcenter) SupportSoft Sprocket Service (dellsupportcenter) -- C:\Program Files\Dell Support Center\bin\sprtsvc.exe (SupportSoft, Inc.)
SRV - (LiveUpdate) -- C:\Program Files\Symantec\LiveUpdate\LuComServer_3_2.EXE (Symantec Corporation)
SRV - (DSBrokerService) -- C:\Program Files\DellSupport\brkrsvc.exe ()
SRV - (MaterialsStudioGateway(18888)) Materials Studio Gateway (18888) -- C:\Program Files\Accelrys\Materials Studio 4.1\Gateway\apache\bin\Apache.exe (Apache Software Foundation)
SRV - (NICCONFIGSVC) -- C:\Program Files\Dell\QuickSet\NicConfigSvc.exe (Dell Inc.)
========== Driver Services (SafeList) ==========
DRV - (MBAMProtector) -- C:\WINDOWS\system32\drivers\mbam.sys (Malwarebytes Corporation)
DRV - (CVPNDRVA) -- C:\WINDOWS\system32\drivers\CVPNDRVA.sys (Cisco Systems, Inc.)
DRV - (DNE) -- C:\WINDOWS\system32\drivers\dne2000.sys (Deterministic Networks, Inc.)
DRV - (vsdatant) -- C:\WINDOWS\system32\vsdatant.sys (Zone Labs, LLC)
DRV - (athrusb6) -- C:\WINDOWS\system32\drivers\athru6.sys (Atheros Communications, Inc.)
DRV - (dsunidrv) -- C:\WINDOWS\system32\drivers\dsunidrv.sys (Gteko Ltd.)
DRV - (CVirtA) -- C:\WINDOWS\system32\drivers\CVirtA.sys (Cisco Systems, Inc.)
DRV - (DSproct) -- C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys (Gteko Ltd.)
DRV - (STHDA) -- C:\WINDOWS\system32\drivers\sthda.sys (SigmaTel, Inc.)
DRV - (BCM43XX) -- C:\WINDOWS\system32\drivers\BCMWL5.SYS (Broadcom Corporation)
DRV - (DLAUDFAM) -- C:\WINDOWS\system32\DLA\DLAUDFAM.SYS (Sonic Solutions)
DRV - (DLAUDF_M) -- C:\WINDOWS\system32\DLA\DLAUDF_M.SYS (Sonic Solutions)
DRV - (DLAIFS_M) -- C:\WINDOWS\system32\DLA\DLAIFS_M.SYS (Sonic Solutions)
DRV - (DLABOIOM) -- C:\WINDOWS\system32\DLA\DLABOIOM.SYS (Sonic Solutions)
DRV - (DLAOPIOM) -- C:\WINDOWS\system32\DLA\DLAOPIOM.SYS (Sonic Solutions)
DRV - (DLAPoolM) -- C:\WINDOWS\system32\DLA\DLAPoolM.SYS (Sonic Solutions)
DRV - (DLADResN) -- C:\WINDOWS\system32\DLA\DLADResN.SYS (Sonic Solutions)
DRV - (DLACDBHM) -- C:\WINDOWS\system32\drivers\DLACDBHM.SYS (Sonic Solutions)
DRV - (DLARTL_N) -- C:\WINDOWS\system32\drivers\DLARTL_N.SYS (Sonic Solutions)
DRV - (APPDRV) -- C:\WINDOWS\SYSTEM32\DRIVERS\APPDRV.SYS (Dell Inc)
DRV - (bcm4sbxp) -- C:\WINDOWS\system32\drivers\bcm4sbxp.sys (Broadcom Corporation)
DRV - (rimmptsk) -- C:\WINDOWS\system32\drivers\rimmptsk.sys (REDC)
DRV - (rismxdp) -- C:\WINDOWS\system32\drivers\rixdptsk.sys (REDC)
DRV - (rimsptsk) -- C:\WINDOWS\system32\drivers\rimsptsk.sys (REDC)
DRV - (ZD1211U(PLANET Technology Corp.)) PLANET WL-U356A Driver(PLANET Technology Corp.) -- C:\WINDOWS\system32\drivers\ZD1211U.sys (ZyDAS Technology Corporation)
DRV - (ZDPNDIS5) -- C:\WINDOWS\system32\ZDPNDIS5.sys (Printing Communications Assoc., Inc. (PCAUSA))
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://search.msn.com/spbasic.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.babylo....19&affID=17160
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore = http://www.google.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\..\URLSearchHook: {472734EA-242A-422b-ADF8-83D1E48CC825} - No CLSID value found
IE - HKCU\..\URLSearchHook: {E38FA08E-F56A-4169-ABF5-5C71E3C153A1} - C:\Program Files\Freeze.com\NetAssistant\NetAssistant.dll (W3i, LLC)
IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No CLSID value found
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "Google"
FF - prefs.js..browser.search.defaulturl: "http://www.google.co...-8&oe=UTF-8&q="
FF - prefs.js..browser.search.selectedEngine: "Search the web (Babylon)"
FF - prefs.js..browser.startup.homepage: "www.google.com"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: {1650a312-02bc-40ee-977e-83f158701739}:26.5
FF - prefs.js..extensions.enabledItems: [email protected]:7
FF - prefs.js..extensions.enabledItems: {c6bb86ca-9f1d-4fbe-84cd-4c1fac754d08}:1.0.12
FF - prefs.js..extensions.enabledItems: {0D2AFB75-7B01-4EBD-9A8F-9FE384D76892}:1.0
FF - prefs.js..keyword.URL: "http://search.babylo...rc=toolbar2&q="
FF - prefs.js..network.proxy.autoconfig_url: "http://proxy.virginia.edu/"
FF - prefs.js..network.proxy.http: "128.232.103.201"
FF - prefs.js..network.proxy.http_port: 3124
FF - prefs.js..network.proxy.type: 0
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Content Upload Plugin,version=1.0.0: C:\Program Files\DivX\DivX Content Uploader\npUpload.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.3: C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\2.0.40115.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: C:\Documents and Settings\Vamsi\Application Data\Move Networks\plugins\npqmp071503000010.dll (Move Networks)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.69: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=1.0.3.69: C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.69: C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@viewpoint.com/VMP: C:\Program Files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll File not found
FF - HKLM\Software\MozillaPlugins\[email protected]/YahooActiveXPluginBridge;version=1.0.0.1: C:\PROGRA~1\Yahoo!\Common\npyaxmpb.dll File not found
FF - HKCU\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: C:\Documents and Settings\Vamsi\Application Data\Move Networks\plugins\npqmp071503000010.dll (Move Networks)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/10/10 12:42:30 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/05/22 22:51:38 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Documents and Settings\Vamsi\Application Data\Move Networks [2009/10/18 10:58:08 | 000,000,000 | ---D | M]
[2008/09/20 20:18:23 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Vamsi\Application Data\Mozilla\Extensions
[2011/10/01 00:03:32 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Vamsi\Application Data\Mozilla\Firefox\Profiles\f64o7z0i.default\extensions
[2007/12/21 15:51:29 | 000,000,000 | ---D | M] (McAfee SiteAdvisor) -- C:\Documents and Settings\Vamsi\Application Data\Mozilla\Firefox\Profiles\f64o7z0i.default\extensions\{1650a312-02bc-40ee-977e-83f158701739}
[2011/05/22 22:55:26 | 000,000,000 | ---D | M] (EPUBReader) -- C:\Documents and Settings\Vamsi\Application Data\Mozilla\Firefox\Profiles\f64o7z0i.default\extensions\{5384767E-00D9-40E9-B72F-9CC39D655D6F}
[2011/10/01 00:03:32 | 000,000,000 | ---D | M] (ShopToWin5) -- C:\Documents and Settings\Vamsi\Application Data\Mozilla\Firefox\Profiles\f64o7z0i.default\extensions\{c6bb86ca-9f1d-4fbe-84cd-4c1fac754d08}
[2009/06/08 13:24:26 | 000,000,000 | ---D | M] (Adobe DLM (powered by getPlus®)) -- C:\Documents and Settings\Vamsi\Application Data\Mozilla\Firefox\Profiles\f64o7z0i.default\extensions\{CF40ACC5-E1BB-4aff-AC72-04C2F616BCA7}
[2007/01/16 08:35:36 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Vamsi\Application Data\Mozilla\Sunbird\Profiles\b0puinwb.default\extensions
[2011/05/29 09:00:46 | 000,002,286 | ---- | M] () -- C:\Documents and Settings\Vamsi\Application Data\Mozilla\Firefox\Profiles\f64o7z0i.default\searchplugins\bing-zugo.xml
[2011/07/04 14:49:49 | 000,002,386 | ---- | M] () -- C:\Documents and Settings\Vamsi\Application Data\Mozilla\Firefox\Profiles\f64o7z0i.default\searchplugins\siteadvisor-1.xml
[2007/12/21 15:53:14 | 000,002,386 | ---- | M] () -- C:\Documents and Settings\Vamsi\Application Data\Mozilla\Firefox\Profiles\f64o7z0i.default\searchplugins\siteadvisor.xml
[2011/05/22 22:51:41 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2009/04/26 17:44:19 | 000,000,000 | ---D | M] (XUL Cache) -- C:\Program Files\Mozilla Firefox\extensions\{0D2AFB75-7B01-4EBD-9A8F-9FE384D76892}
[2011/05/08 13:06:22 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
[2009/06/25 14:34:58 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2011/10/10 12:42:29 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2004/11/12 23:36:20 | 000,005,120 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\mozilla firefox\plugins\NPAdbESD.dll
[2011/02/02 21:40:24 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2005/11/29 19:28:10 | 000,626,688 | ---- | M] (ebrary) -- C:\Program Files\mozilla firefox\plugins\NPInfotl.dll
[2005/08/17 10:49:08 | 000,036,864 | ---- | M] () -- C:\Program Files\mozilla firefox\plugins\npSfAppM.dll
[2009/06/22 11:10:58 | 000,677,152 | ---- | M] (Medical Informatics Engineering, Inc.) -- C:\Program Files\mozilla firefox\plugins\npzzatif.dll
[2011/07/04 14:24:18 | 000,002,423 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\babylon.xml
[2011/10/10 12:42:25 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2010/01/01 04:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml.old
========== Chrome ==========
CHR - default_search_provider: ()
CHR - default_search_provider: search_url =
CHR - default_search_provider: suggest_url =
O1 HOSTS File: ([2011/09/20 10:37:30 | 000,226,974 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.1001-search.info
O1 - Hosts: 127.0.0.1 1001-search.info
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.123topsearch.com
O1 - Hosts: 127.0.0.1 123topsearch.com
O1 - Hosts: 127.0.0.1 www.132.com
O1 - Hosts: 127.0.0.1 132.com
O1 - Hosts: 127.0.0.1 www.136136.net
O1 - Hosts: 127.0.0.1 136136.net
O1 - Hosts: 127.0.0.1 www.139mm.com
O1 - Hosts: 7989 more lines...
O2 - BHO: (CescrtHlpr Object) - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.19.19\bh\BabylonToolbar.dll (Babylon BHO)
O2 - BHO: (no name) - {cea8e1fb-0ad2-4b4a-b34a-bb15d59f28c0} - No CLSID value found.
O2 - BHO: (NetAssistant) - {E38FA08E-F56A-4169-ABF5-5C71E3C153A1} - C:\Program Files\Freeze.com\NetAssistant\NetAssistant.dll (W3i, LLC)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll ()
O3 - HKCU\..\Toolbar\ShellBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll ()
O4 - HKLM..\Run: [Anti-phishing Domain Advisor] C:\Documents and Settings\All Users\Application Data\Anti-phishing Domain Advisor\visicom_antiphishing.exe (Visicom Media Inc. (Powered by Panda Security))
O4 - HKLM..\Run: [BabylonToolbar] C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbarsrv.exe (Babylon Ltd.)
O4 - HKLM..\Run: [dellsupportcenter] C:\Program Files\Dell Support Center\bin\sprtcmd.exe (SupportSoft, Inc.)
O4 - HKLM..\Run: [dscactivate] C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe ( )
O4 - HKLM..\Run: [IMEKRMIG6.1] C:\WINDOWS\ime\imkr6_1\imekrmig.exe (Microsoft Corporation)
O4 - HKLM..\Run: [IMJPMIG8.1] C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [SigmatelSysTrayApp] C:\WINDOWS\stsystra.exe (SigmaTel, Inc.)
O4 - HKCU..\Run: [DellSupport] C:\Program Files\DellSupport\DSAgnt.exe (Gteko Ltd.)
O4 - HKCU..\Run: [DellSupportCenter] C:\Program Files\Dell Support Center\bin\sprtcmd.exe (SupportSoft, Inc.)
O4 - HKCU..\Run: [VDC] C:\Documents and Settings\All Users\Application Data\6e4941\VD6e4_2237.exe ()
O4 - HKCU..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Acrobat Assistant.lnk = C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe (Adobe Systems Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\PLANET WL-U356A Utility.lnk = C:\Program Files\PLANET\PLANET WL-U356A\WlanUtil.exe ()
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\VPN Client.lnk = C:\WINDOWS\Installer\{51FB15F4-AD27-43BC-AD4B-DD0354FB6BBD}\Icon3E5562ED7.ico ()
O4 - Startup: C:\Documents and Settings\Vamsi\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk = C:\Program Files\ERUNT\AUTOBACK.EXE ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra Button: MUSICMATCH MX Web Player - {d81ca86b-ef63-42af-bee3-4502d9a03c2d} - http://wwws.musicmat...enWebRadio.html File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} http://www.kaspersky...can_unicode.cab (CKAVWebScan Object)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\yinsthelper.dll (YInstStarter Class)
O16 - DPF: {3EA4FA88-E0BE-419A-A732-9B79B87A6ED0} http://dl.tvunetworks.com/TVUAx.cab (CTVUAxCtrl Object)
O16 - DPF: {6414512b-b978-451d-a0d8-fcfdf33e833c} http://update.micros...b?1244126908593 (WUWebControl Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.micros...b?1150320807625 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5CF1EEE8-81AC-46FD-A3F2-2F2990D4709A}: DhcpNameServer = 192.168.2.1
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\inewnetwork: DllName - (onetsw32.dll) - C:\WINDOWS\System32\onetsw32.dll ()
O20 - Winlogon\Notify\NavLogon: DllName - (Reg Error: Value error.) - Reg Error: Value error. File not found
O20 - Winlogon\Notify\onetsw32: DllName - (onetsw32.dll) - C:\WINDOWS\System32\onetsw32.dll ()
O24 - Desktop Components:1 () - C:\Documents and Settings\Vamsi\Desktop\MozillaCalEvents.html
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004/08/11 18:15:00 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{3e64e056-5251-11df-8bfa-001422a7743a}\Shell - "" = AutoRun
O33 - MountPoints2\{3e64e056-5251-11df-8bfa-001422a7743a}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{3e64e056-5251-11df-8bfa-001422a7743a}\Shell\AutoRun\command - "" = E:\LaunchU3.exe -a
O33 - MountPoints2\{48d5bf72-37f3-11dd-89b9-001422a7743a}\Shell\AutoRun\command - "" = E:\wd_windows_tools\setup.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2011/10/10 20:12:14 | 000,000,000 | ---D | C] -- C:\WINDOWS\LastGood
[2011/10/10 20:05:16 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2011/10/10 18:19:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\scripting
[2011/10/10 18:19:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\l2schemas
[2011/10/10 18:19:56 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\en
[2011/10/10 18:19:55 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\bits
[2011/10/10 18:06:50 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$NtServicePackUninstall$
[2011/10/10 15:46:00 | 001,558,832 | ---- | C] (Kaspersky Lab ZAO) -- C:\Documents and Settings\Vamsi\Desktop\TDSSKiller.exe
[2011/10/09 20:39:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Vamsi\Desktop\Oct 11
[2011/10/09 19:46:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Vamsi\My Documents\Vuze Downloads
[2011/10/09 14:06:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Adobe
[2011/10/09 14:04:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Sun
[2011/10/09 13:32:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/10/09 13:32:34 | 000,022,216 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2011/10/09 13:32:34 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011/10/09 12:18:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Vamsi\Application Data\cL99gTXXq
[2011/10/08 20:47:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\PC Tools
[2011/10/08 20:44:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\Minidump
[2011/10/08 20:31:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Vamsi\Application Data\NpmG5sQJ7E8RqY
[2011/10/01 23:25:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Vamsi\Application Data\BXqjUCelIr
[2011/10/01 02:31:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Adobe
[2011/10/01 02:29:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Sun
[2011/10/01 00:15:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Macromedia
[2011/10/01 00:14:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Adobe
[2011/09/30 21:58:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Vamsi\Application Data\dIBrzPNyx1v2b4m
[2011/09/20 11:24:28 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2011/09/20 11:19:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2011/09/20 11:19:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\SpywareBlaster
[2011/09/20 11:19:46 | 000,000,000 | ---D | C] -- C:\Program Files\SpywareBlaster
[2011/09/20 09:44:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Macromedia
[2011/09/20 09:44:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Adobe
[2011/09/20 09:34:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Vamsi\Application Data\bfEL9gTXqYeIrOy
[2011/09/20 09:22:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\6e4941
[2011/09/20 09:21:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Vamsi\Application Data\G555aQHH6dK8fLh
[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2011/10/10 20:10:01 | 000,386,598 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011/10/10 20:10:01 | 000,055,522 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011/10/10 20:07:35 | 000,002,447 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\VPN Client.lnk
[2011/10/10 20:06:44 | 000,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx
[2011/10/10 20:06:41 | 000,000,804 | ---- | M] () -- C:\Documents and Settings\Vamsi\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk
[2011/10/10 20:06:32 | 000,002,422 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/10/10 20:06:06 | 000,000,432 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.ics
[2011/10/10 20:05:06 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/10/10 20:04:52 | 000,216,064 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011/10/10 20:04:51 | 1063,714,816 | -HS- | M] () -- C:\hiberfil.sys
[2011/10/10 18:35:58 | 000,000,220 | ---- | M] () -- C:\WINDOWS\hpbafd.ini
[2011/10/10 18:12:47 | 000,250,048 | RHS- | M] () -- C:\ntldr
[2011/10/10 16:35:03 | 000,082,131 | ---- | M] () -- C:\Documents and Settings\Vamsi\Desktop\user.dmp
[2011/10/10 16:32:42 | 000,001,602 | ---- | M] () -- C:\Documents and Settings\Vamsi\Desktop\Services.lnk
[2011/10/10 15:18:31 | 000,002,229 | ---- | M] () -- C:\WINDOWS\epplauncher.mif
[2011/10/10 09:42:26 | 001,558,832 | ---- | M] (Kaspersky Lab ZAO) -- C:\Documents and Settings\Vamsi\Desktop\TDSSKiller.exe
[2011/10/09 22:11:54 | 000,195,584 | ---- | M] () -- C:\Documents and Settings\Vamsi\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/10/09 20:42:57 | 000,037,376 | ---- | M] () -- C:\WINDOWS\System32\onetsw32.dll
[2011/10/08 21:48:04 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011/10/08 20:44:19 | 1063,743,488 | ---- | M] () -- C:\WINDOWS\MEMORY.DMP
[2011/09/20 10:37:30 | 000,226,974 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
========== Files Created - No Company Name ==========
[2011/10/10 16:32:42 | 000,001,602 | ---- | C] () -- C:\Documents and Settings\Vamsi\Desktop\Services.lnk
[2011/10/10 15:18:31 | 000,002,229 | ---- | C] () -- C:\WINDOWS\epplauncher.mif
[2011/10/10 00:20:44 | 000,082,131 | ---- | C] () -- C:\Documents and Settings\Vamsi\Desktop\user.dmp
[2011/10/09 20:42:57 | 000,037,376 | ---- | C] () -- C:\WINDOWS\System32\onetsw32.dll
[2011/10/09 20:24:41 | 1063,714,816 | -HS- | C] () -- C:\hiberfil.sys
[2011/10/08 21:48:04 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2009/06/18 11:53:20 | 000,000,275 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2008/08/29 13:58:26 | 000,197,408 | ---- | C] () -- C:\WINDOWS\System32\vpnapi.dll
[2008/08/29 13:58:16 | 000,193,312 | ---- | C] () -- C:\WINDOWS\System32\CSGina.dll
[2008/08/16 23:12:30 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\ZyDelReg.exe
[2008/08/16 23:12:28 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\InsDrvZD.dll
[2008/05/11 14:25:08 | 000,007,680 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2007/10/31 10:39:54 | 000,059,904 | ---- | C] () -- C:\WINDOWS\System32\zlib1.dll
[2007/08/16 13:36:11 | 000,002,154 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2007/04/25 22:55:17 | 000,000,467 | -H-- | C] () -- C:\WINDOWS\vp.ini
[2007/03/07 14:21:22 | 000,000,220 | ---- | C] () -- C:\WINDOWS\hpbafd.ini
[2006/11/17 23:56:28 | 000,061,678 | ---- | C] () -- C:\Documents and Settings\Vamsi\Application Data\PFP120JPR.{PB
[2006/11/17 23:56:28 | 000,012,358 | ---- | C] () -- C:\Documents and Settings\Vamsi\Application Data\PFP120JCM.{PB
[2006/10/01 00:23:19 | 000,003,072 | ---- | C] () -- C:\Documents and Settings\Vamsi\Application Data\dvd.bmk
[2006/09/30 23:55:15 | 000,000,128 | ---- | C] () -- C:\Documents and Settings\Vamsi\Local Settings\Application Data\fusioncache.dat
[2006/09/13 07:06:10 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\gtapi.dll
[2006/06/09 17:09:37 | 000,008,138 | ---- | C] () -- C:\WINDOWS\Accord50.Ini
[2006/05/27 13:01:02 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2006/05/24 23:02:38 | 000,195,584 | ---- | C] () -- C:\Documents and Settings\Vamsi\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2006/05/24 20:52:41 | 000,000,132 | ---- | C] () -- C:\WINDOWS\C3DPREF5.DAT
[2006/05/24 20:52:02 | 000,210,944 | ---- | C] () -- C:\WINDOWS\System32\MSVCRT10.DLL
[2006/05/24 20:51:51 | 000,001,500 | ---- | C] () -- C:\WINDOWS\CFW.INI
[2006/05/24 20:51:51 | 000,000,930 | ---- | C] () -- C:\WINDOWS\ChemDraw.INI
[2006/05/24 20:51:51 | 000,000,449 | ---- | C] () -- C:\WINDOWS\Chem3D.INI
[2006/05/24 20:51:51 | 000,000,096 | ---- | C] () -- C:\WINDOWS\CSGaussian.INI
[2006/05/24 20:51:51 | 000,000,094 | ---- | C] () -- C:\WINDOWS\NPC3DS.INI
[2006/05/24 20:51:51 | 000,000,086 | ---- | C] () -- C:\WINDOWS\CSMOPAC.INI
[2006/05/24 19:40:31 | 000,004,704 | -HS- | C] () -- C:\WINDOWS\System32\KGyGaAvL.sys
[2006/05/24 19:21:18 | 000,005,620 | ---- | C] () -- C:\WINDOWS\mozver.dat
[2006/05/24 19:04:30 | 000,684,032 | ---- | C] () -- C:\WINDOWS\libeay32.dll
[2006/05/24 19:04:30 | 000,155,648 | ---- | C] () -- C:\WINDOWS\ssleay32.dll
[2006/05/24 18:37:24 | 000,000,000 | ---- | C] () -- C:\WINDOWS\vpc32.INI
[2006/05/24 18:10:58 | 000,000,002 | ---- | C] () -- C:\WINDOWS\msoffice.ini
[2006/05/19 01:39:55 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2006/05/19 01:35:27 | 000,000,126 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2006/05/19 01:30:34 | 000,149,504 | ---- | C] () -- C:\WINDOWS\UNWISE.EXE
[2006/05/19 01:24:38 | 000,000,335 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2006/05/19 01:23:29 | 000,000,004 | -H-- | C] () -- C:\Documents and Settings\All Users\Application Data\QSLLPSVCShare
[2006/05/19 00:57:12 | 000,049,152 | ---- | C] () -- C:\WINDOWS\setpwrcg.exe
[2006/05/19 00:57:02 | 000,016,480 | ---- | C] () -- C:\WINDOWS\System32\rixdicon.dll
[2006/05/19 00:56:20 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\preflib.dll
[2006/05/19 00:56:20 | 000,018,944 | ---- | C] () -- C:\WINDOWS\System32\WLTRYSVC.EXE
[2006/05/19 00:56:16 | 000,757,760 | ---- | C] () -- C:\WINDOWS\System32\bcm1xsup.dll
[2006/05/19 00:56:06 | 000,000,392 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2005/11/29 17:12:26 | 000,675,840 | ---- | C] () -- C:\WINDOWS\System32\mpich.dll
[2005/11/10 09:56:34 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2004/08/11 18:24:19 | 000,000,839 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2004/08/11 18:19:30 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2004/08/11 18:12:14 | 000,023,428 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2004/08/11 18:11:31 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2004/08/11 18:07:24 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2004/08/11 18:06:43 | 000,216,064 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2004/08/11 18:00:28 | 000,386,598 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2004/08/11 18:00:28 | 000,055,522 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2004/08/11 18:00:24 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2004/08/04 08:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2004/08/04 08:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2004/08/04 08:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2004/08/04 08:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2004/08/04 08:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2004/08/04 08:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2004/08/04 08:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004/08/04 08:00:00 | 000,004,461 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2004/08/04 08:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2003/12/09 18:25:17 | 000,000,067 | ---- | C] () -- C:\WINDOWS\NPinfotl.ini
[2003/06/08 17:36:08 | 000,204,850 | ---- | C] () -- C:\WINDOWS\System32\mpicherr.dll
[2003/02/07 17:24:20 | 000,094,274 | ---- | C] () -- C:\WINDOWS\System32\HPBHEALR.DLL
[2003/01/07 15:05:08 | 000,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
========== LOP Check ==========
[2011/09/20 09:36:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\6e4941
[2011/07/04 17:03:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Anti-phishing Domain Advisor
[2007/12/28 17:45:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Azureus
[2007/12/14 12:07:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SupportSoft
[2011/10/09 13:59:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2006/05/24 19:57:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\VanDyke
[2006/05/19 01:26:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
[2009/07/03 10:54:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
[2007/03/19 13:39:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Vamsi\Application Data\.BitTornado
[2006/05/24 21:03:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Vamsi\Application Data\Accelrys
[2011/10/09 23:20:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Vamsi\Application Data\Azureus
[2011/07/09 12:11:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Vamsi\Application Data\BabylonToolbar
[2011/09/20 09:35:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Vamsi\Application Data\bfEL9gTXqYeIrOy
[2011/10/01 23:26:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Vamsi\Application Data\BXqjUCelIr
[2011/10/09 12:18:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Vamsi\Application Data\cL99gTXXq
[2010/02/06 22:47:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Vamsi\Application Data\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2011/09/30 21:59:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Vamsi\Application Data\dIBrzPNyx1v2b4m
[2008/02/22 12:21:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Vamsi\Application Data\EndNote
[2011/10/09 13:37:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Vamsi\Application Data\G555aQHH6dK8fLh
[2011/05/06 20:40:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Vamsi\Application Data\Mobipocket
[2011/10/08 20:32:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Vamsi\Application Data\NpmG5sQJ7E8RqY
[2011/05/06 20:41:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Vamsi\Application Data\pdftoepub
[2010/02/06 23:44:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Vamsi\Application Data\Polynomial
[2011/09/20 10:59:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Vamsi\Application Data\RayV
[2006/05/24 19:27:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Vamsi\Application Data\Thunderbird
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 95 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5C321E34
@Alternate Data Stream - 109 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2
< End of report >
Edited by tennizen, 10 October 2011 - 06:41 PM.