OTL logfile created on: 12/27/2010 11:39:28 AM - Run OTLPE by OldTimer - Version 3.1.43.0 Folder = X:\Programs\OTLPE (Version = .) - Type = Internet Explorer (Version = ) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 2.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 88.00% Memory free 2.00 Gb Paging File | 2.00 Gb Available in Paging File | 97.00% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 48.83 Gb Total Space | 24.52 Gb Free Space | 50.22% Space Free | Partition Type: NTFS Drive D: | 91.79 Gb Total Space | 55.04 Gb Free Space | 59.96% Space Free | Partition Type: NTFS Drive E: | 92.25 Gb Total Space | 10.88 Gb Free Space | 11.79% Space Free | Partition Type: NTFS Drive X: | 282.52 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS Computer Name: REATOGO | User Name: SYSTEM Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days Using ControlSet: ControlSet001 [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - File not found [Disabled] -- C:\Windows\System32\hidserv.dll -- (HidServ) SRV - [2010/10/06 02:01:48 | 000,517,448 | ---- | M] () [Disabled] -- C:\Program Files\AVG\AVG8\Toolbar\ToolbarBroker.exe -- (AVG Security Toolbar Service) SRV - [2009/08/25 01:45:30 | 000,908,056 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto] -- C:\Program Files\AVG\AVG8\avgemc.exe -- (avg8emc) SRV - [2009/08/25 01:45:27 | 000,297,752 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto] -- C:\Program Files\AVG\AVG8\avgwdsvc.exe -- (avg8wd) SRV - [2008/08/16 06:32:09 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [Disabled] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - File not found [Kernel | On_Demand] -- -- (WDICA) DRV - File not found [Kernel | On_Demand] -- -- (PDRFRAME) DRV - File not found [Kernel | On_Demand] -- -- (PDRELI) DRV - File not found [Kernel | On_Demand] -- -- (PDFRAME) DRV - File not found [Kernel | On_Demand] -- -- (PDCOMP) DRV - File not found [Kernel | System] -- -- (PCIDump) DRV - File not found [Kernel | System] -- -- (lbrtfdc) DRV - File not found [Kernel | System] -- -- (i2omgmt) DRV - File not found [Kernel | System] -- -- (Changer) DRV - File not found [Kernel | On_Demand] -- C:\Windows\System32\drivers\TBPANEL.SYS -- (Cardex) DRV - [2009/08/25 01:45:33 | 000,335,240 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System] -- C:\Windows\System32\Drivers\avgldx86.sys -- (AvgLdx86) DRV - [2009/08/25 01:45:33 | 000,027,784 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System] -- C:\Windows\System32\Drivers\avgmfx86.sys -- (AvgMfx86) DRV - [2009/05/23 09:45:35 | 000,108,552 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System] -- C:\Windows\System32\Drivers\avgtdix.sys -- (AvgTdiX) DRV - [2008/11/01 09:34:26 | 000,716,272 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\sptd.sys -- (sptd) DRV - [2008/10/07 04:03:00 | 006,133,856 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv) DRV - [2008/08/14 05:09:58 | 000,016,608 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | On_Demand] -- C:\WINDOWS\gdrv.sys -- (gdrv) DRV - [2008/04/13 11:36:05 | 000,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus) DRV - [2007/10/11 01:40:52 | 000,030,008 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ET5Drv.sys -- (ET5Drv) DRV - [2007/09/29 00:30:52 | 000,065,024 | R--- | M] (JMicron Technology Corp.) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\jraid.sys -- (JRAID) DRV - [2007/09/19 08:44:46 | 000,101,504 | R--- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp) DRV - [2007/09/19 04:16:32 | 004,617,728 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM) DRV - [2006/11/07 00:12:30 | 000,086,368 | R--- | M] (MCCI) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\w200obex.sys -- (w200obex) DRV - [2006/11/07 00:12:28 | 000,088,560 | R--- | M] (MCCI) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\w200mgmt.sys -- (w200mgmt) Sony Ericsson W200 USB WMC Device Management Drivers (WDM) DRV - [2006/11/07 00:12:24 | 000,097,056 | R--- | M] (MCCI) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\w200mdm.sys -- (w200mdm) DRV - [2006/11/07 00:12:22 | 000,009,328 | R--- | M] (MCCI) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\w200mdfl.sys -- (w200mdfl) DRV - [2006/11/07 00:12:16 | 000,061,504 | R--- | M] (MCCI) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\w200bus.sys -- (w200bus) Sony Ericsson W200 driver (WDM) DRV - [2006/07/24 06:35:00 | 000,005,632 | ---- | M] () [File_System | System] -- C:\Windows\System32\drivers\StarOpen.sys -- (StarOpen) DRV - [2006/03/26 07:22:14 | 000,051,200 | ---- | M] (Protection Technology (StarForce)) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\sfdrv01.sys -- (sfdrv01) StarForce Protection Environment Driver (version 1.x) DRV - [2006/03/24 11:27:01 | 000,050,176 | ---- | M] (Protection Technology (StarForce)) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\sfsync04.sys -- (sfsync04) StarForce Protection Synchronization Driver (version 4.x) DRV - [2006/03/13 04:38:23 | 000,006,656 | ---- | M] (Protection Technology (StarForce)) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\sfhlp02.sys -- (sfhlp02) StarForce Protection Helper Driver (version 2.x) DRV - [2005/08/30 08:29:00 | 000,094,000 | ---- | M] (MCCI) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ss_mdm.sys -- (ss_mdm) DRV - [2005/08/30 08:28:56 | 000,008,304 | ---- | M] (MCCI) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ss_mdfl.sys -- (ss_mdfl) DRV - [2005/08/30 08:27:18 | 000,058,320 | ---- | M] (MCCI) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ss_bus.sys -- (ss_bus) SAMSUNG Mobile USB Device 1.0 driver (WDM) DRV - [2005/08/24 08:55:48 | 000,066,560 | ---- | M] (Protection Technology) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\sfvfs02.sys -- (sfvfs02) StarForce Protection VFS Driver (version 2.x) DRV - [2005/08/10 09:06:28 | 000,019,968 | ---- | M] (Protection Technology) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\sfsync02.sys -- (sfsync02) StarForce Protection Synchronization Driver (version 2.x) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKU\.DEFAULT\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - Reg Error: Key error. File not found IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 O1 HOSTS File: ([2010/12/26 00:45:03 | 000,428,541 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: 127.0.0.1 www.007guard.com O1 - Hosts: 127.0.0.1 007guard.com O1 - Hosts: 127.0.0.1 008i.com O1 - Hosts: 127.0.0.1 www.008k.com O1 - Hosts: 127.0.0.1 008k.com O1 - Hosts: 127.0.0.1 www.00hq.com O1 - Hosts: 127.0.0.1 00hq.com O1 - Hosts: 127.0.0.1 010402.com O1 - Hosts: 127.0.0.1 www.032439.com O1 - Hosts: 127.0.0.1 032439.com O1 - Hosts: 127.0.0.1 www.0scan.com O1 - Hosts: 127.0.0.1 0scan.com O1 - Hosts: 127.0.0.1 www.1000gratisproben.com O1 - Hosts: 127.0.0.1 1000gratisproben.com O1 - Hosts: 127.0.0.1 www.1001namen.com O1 - Hosts: 127.0.0.1 1001namen.com O1 - Hosts: 127.0.0.1 100888290cs.com O1 - Hosts: 127.0.0.1 www.100888290cs.com O1 - Hosts: 127.0.0.1 100sexlinks.com O1 - Hosts: 127.0.0.1 www.100sexlinks.com O1 - Hosts: 127.0.0.1 10sek.com O1 - Hosts: 127.0.0.1 www.10sek.com O1 - Hosts: 127.0.0.1 www.1-2005-search.com O1 - Hosts: 127.0.0.1 1-2005-search.com O1 - Hosts: 14756 more lines... O4 - HKU\.DEFAULT..\RunOnce: [nltide_2] File not found O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O13 - ftp Prefix: missing O13 - gopher Prefix: missing O13 - home Prefix: missing O13 - mosaic Prefix: missing O13 - www Prefix: missing O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll (AVG Technologies CZ, s.r.o.) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) O20 - HKLM Winlogon: Shell - ( ) - (Registry value not found) O20 - HKLM Winlogon: UserInit - ( ) - (Registry value not found) O24 - Desktop WallPaper: B:\Documents and Settings\Default User\Local Settings\Application Data\Microsoft\Wallpaper1.bmp O24 - Desktop BackupWallPaper: B:\Documents and Settings\Default User\Local Settings\Application Data\Microsoft\Wallpaper1.bmp O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2008/08/14 06:05:05 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O32 - AutoRun File - [2006/03/24 06:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ] O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2010/12/26 17:09:43 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\system32 [2010/12/26 17:09:20 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\c [2010/12/26 09:03:15 | 000,000,000 | ---D | C] -- C:\Program Files\RegSupreme Pro [2010/12/26 01:44:31 | 000,974,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dllcache\mfc42.dll [2010/12/26 01:44:31 | 000,953,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dllcache\mfc40u.dll [2010/12/26 01:44:11 | 000,617,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dllcache\comctl32.dll [2010/12/26 01:43:23 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dllcache\ndproxy.sys [2010/12/26 01:41:35 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dllcache\wab.exe [2010/12/26 01:09:27 | 000,000,000 | -HSD | C] -- C:\Config.Msi [2010/12/26 00:39:41 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch [2010/12/26 00:28:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Ustawienia lokalne\Dane aplikacji\Google [2010/12/26 00:26:41 | 000,000,000 | ---D | C] -- C:\Windows\System32\pl [2010/12/26 00:26:41 | 000,000,000 | ---D | C] -- C:\Windows\l2schemas [2010/12/26 00:26:41 | 000,000,000 | ---D | C] -- C:\Windows\System32\bits [2010/12/26 00:20:36 | 000,000,000 | -H-D | C] -- C:\Windows\$NtServicePackUninstall$ [2010/12/13 06:05:46 | 000,000,000 | ---D | C] -- C:\Windows\Minidump [2010/12/01 22:35:18 | 004,280,320 | ---- | C] (Google Inc.) -- C:\Windows\System32\GPhotos.scr [4 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] [13 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ] [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2010/12/27 00:26:19 | 000,002,048 | --S- | M] () -- C:\Windows\bootstat.dat [2010/12/26 08:25:07 | 000,000,206 | ---- | M] () -- C:\Windows\System32\acdabbcf_d.ocx [2010/12/26 08:25:07 | 000,000,206 | ---- | M] () -- C:\Windows\System32\abfcafed4_d.dll [2010/12/26 08:13:08 | 000,194,634 | ---- | M] () -- C:\Windows\System32\nvapps.xml [2010/12/26 08:13:00 | 001,402,280 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2010/12/26 02:34:21 | 000,001,393 | ---- | M] () -- C:\Windows\imsins.BAK [2010/12/26 01:50:08 | 000,011,272 | -H-- | M] () -- C:\Windows\System32\mlfcache.dat [2010/12/26 00:45:03 | 000,428,541 | R--- | M] () -- C:\Windows\System32\drivers\etc\hosts [2010/12/26 00:41:43 | 000,435,978 | ---- | M] () -- C:\Windows\System32\perfh015.dat [2010/12/26 00:41:43 | 000,380,350 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2010/12/26 00:41:43 | 000,067,078 | ---- | M] () -- C:\Windows\System32\perfc015.dat [2010/12/26 00:41:43 | 000,052,764 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2010/12/26 00:39:46 | 000,002,206 | ---- | M] () -- C:\Windows\System32\wpa.dbl [2010/12/26 00:23:05 | 000,251,152 | RHS- | M] () -- C:\ntldr [2010/12/26 00:21:47 | 000,000,211 | -HS- | M] () -- C:\boot.ini [2010/12/26 00:16:15 | 069,324,814 | ---- | M] () -- C:\Windows\System32\drivers\Avg\incavi.avm [2010/12/12 10:46:40 | 000,000,116 | ---- | M] () -- C:\Windows\NeroDigital.ini [2010/12/01 22:35:18 | 004,280,320 | ---- | M] (Google Inc.) -- C:\Windows\System32\GPhotos.scr [4 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] [13 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2010/04/11 09:44:22 | 000,000,097 | ---- | C] () -- C:\Windows\System32\PICSDK.ini [2009/08/30 06:30:55 | 000,003,350 | -HS- | C] () -- C:\Windows\System32\KGyGaAvL.sys [2009/08/30 06:30:55 | 000,000,088 | RHS- | C] () -- C:\Windows\System32\BC5E194E3C.sys [2009/08/30 06:05:53 | 000,000,049 | ---- | C] () -- C:\Windows\iltwain.ini [2009/08/10 04:44:44 | 000,000,206 | ---- | C] () -- C:\Windows\System32\abfcafed4_d.dll [2009/08/10 03:11:22 | 000,000,005 | -HS- | C] () -- C:\Windows\System32\ddbceabd_g.dll [2008/08/16 07:28:09 | 000,005,632 | ---- | C] () -- C:\Windows\System32\drivers\StarOpen.sys [2008/08/16 03:41:57 | 000,000,116 | ---- | C] () -- C:\Windows\NeroDigital.ini [2008/08/14 13:52:51 | 000,004,293 | ---- | C] () -- C:\Windows\ODBCINST.INI [2008/08/14 06:45:38 | 001,703,936 | ---- | C] () -- C:\Windows\System32\nvwdmcpl.dll [2008/08/14 06:45:38 | 001,019,904 | ---- | C] () -- C:\Windows\System32\nvwimg.dll [2008/08/14 06:45:37 | 001,486,848 | ---- | C] () -- C:\Windows\System32\nview.dll [2008/08/14 06:45:37 | 000,466,944 | ---- | C] () -- C:\Windows\System32\nvshell.dll [2008/08/14 06:45:37 | 000,286,720 | ---- | C] () -- C:\Windows\System32\nvnt4cpl.dll [2008/08/14 05:09:22 | 000,003,972 | ---- | C] () -- C:\Windows\System32\drivers\PciBus.sys [2008/08/14 04:25:39 | 000,164,352 | ---- | C] () -- C:\Windows\System32\unrar.dll [2008/08/14 04:25:39 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini [2008/08/14 04:25:38 | 003,596,288 | ---- | C] () -- C:\Windows\System32\qt-dx331.dll [2008/08/14 04:25:38 | 000,755,027 | ---- | C] () -- C:\Windows\System32\xvidcore.dll [2008/08/14 04:25:38 | 000,159,839 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll [2008/08/14 04:25:37 | 000,007,680 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll [2008/07/03 04:07:43 | 000,007,237 | ---- | C] () -- C:\Windows\cadx2.ini [2008/06/10 23:32:34 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelTraditionalChinese.dll [2008/06/10 23:32:34 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSwedish.dll [2008/06/10 23:32:34 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSpanish.dll [2008/06/10 23:32:34 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSimplifiedChinese.dll [2008/06/10 23:32:34 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelPortugese.dll [2008/06/10 23:32:34 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelKorean.dll [2008/06/10 23:32:32 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelJapanese.dll [2008/06/10 23:32:32 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelGerman.dll [2008/06/10 23:32:32 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelFrench.dll [2008/06/04 23:28:26 | 000,197,912 | ---- | C] () -- C:\Windows\System32\physxcudart_20.dll [2006/11/01 23:57:46 | 000,000,518 | ---- | C] () -- C:\Windows\System32\SP207.INI [color=#E56717]========== LOP Check ==========[/color] [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Files - Unicode (All) ==========[/color] [2010/10/18 06:25:10 | 000,000,000 | ---D | M](C:\W?NDOð) -- C:\W遉NDOð [2010/10/18 06:25:10 | 000,000,000 | ---D | C](C:\W?NDOð) -- C:\W遉NDOð < End of report >