OTL logfile created on: 15/08/2010 11:12:13 AM - Run 1 OTL by OldTimer - Version 3.2.9.1 Folder = C:\Documents and Settings\Clarie\My Documents Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00001009 | Country: Canada | Language: ENC | Date Format: dd/MM/yyyy 1.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 47.00% Memory free 2.00 Gb Paging File | 1.00 Gb Available in Paging File | 56.00% Paging File free Paging file location(s): C:\pagefile.sys 576 1152 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 37.25 Gb Total Space | 15.33 Gb Free Space | 41.15% Space Free | Partition Type: NTFS D: Drive not present or media not loaded E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: CLAIRE Current User Name: Clarie Logged in as Administrator. Current Boot Mode: Normal Scan Mode: Current user Company Name Whitelist: On Skip Microsoft Files: On File Age = 90 Days Output = Standard Quick Scan [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2010/08/12 22:41:36 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Clarie\My Documents\OTL.exe PRC - [2010/08/10 15:10:58 | 002,349,776 | ---- | M] (IObit) -- C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe PRC - [2010/07/21 16:49:42 | 002,403,568 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE PRC - [2010/07/21 07:43:54 | 000,965,176 | ---- | M] (Secunia) -- C:\Program Files\Secunia\PSI\psi.exe PRC - [2010/07/11 06:46:55 | 000,126,976 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe PRC - [2010/06/25 20:15:32 | 001,311,312 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Logitech\SetPointP\SetPoint.exe PRC - [2010/06/23 13:52:56 | 002,435,592 | ---- | M] (Check Point Software Technologies LTD) -- C:\WINDOWS\system32\ZoneLabs\vsmon.exe PRC - [2010/06/23 13:51:30 | 001,043,968 | ---- | M] (Check Point Software Technologies LTD) -- C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe PRC - [2010/06/22 15:09:20 | 000,112,208 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Common Files\Logishrd\KHAL3\KHALMNPR.exe PRC - [2010/05/26 09:35:18 | 000,493,032 | ---- | M] (Check Point Software Technologies) -- C:\Program Files\CheckPoint\ZAForceField\ISWSVC.exe PRC - [2010/05/26 09:35:14 | 000,730,600 | ---- | M] (Check Point Software Technologies) -- C:\Program Files\CheckPoint\ZAForceField\ForceField.exe PRC - [2010/04/01 13:33:19 | 000,267,432 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe PRC - [2010/03/02 11:28:31 | 000,282,792 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe PRC - [2010/02/24 10:28:09 | 000,135,336 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe PRC - [2010/01/14 22:11:00 | 000,076,968 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe PRC - [2009/07/30 10:25:05 | 000,668,328 | ---- | M] () -- C:\Program Files\Dell V105\dldnmon.exe PRC - [2009/07/30 10:25:03 | 000,025,256 | ---- | M] () -- C:\Program Files\Dell V105\dldnmsdmon.exe PRC - [2009/07/10 08:58:21 | 000,594,600 | ---- | M] ( ) -- C:\WINDOWS\system32\dldncoms.exe PRC - [2009/05/19 11:36:18 | 000,240,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe PRC - [2008/04/13 20:12:30 | 000,420,864 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntvdm.exe PRC - [2008/04/13 20:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2007/08/09 03:27:52 | 000,073,728 | ---- | M] (HP) -- C:\WINDOWS\system32\HPZipm12.exe PRC - [2007/07/24 11:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) -- C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe PRC - [2007/01/16 10:10:04 | 000,316,256 | ---- | M] (Microsoft Corporation) -- C:\Program Files\DebugDiag\DbgSvc.exe PRC - [2007/01/04 19:48:52 | 000,112,152 | R--- | M] (InterVideo) -- C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe PRC - [2005/02/02 08:12:22 | 000,102,492 | ---- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\SynTPLpr.exe PRC - [2004/12/03 16:24:20 | 000,290,816 | ---- | M] (Hewlett-Packard ) -- C:\Program Files\HPQ\Quick Launch Buttons\eabservr.exe [color=#E56717]========== Modules (SafeList) ==========[/color] MOD - [2010/08/12 22:41:36 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Clarie\My Documents\OTL.exe MOD - [2010/05/26 09:35:24 | 000,640,488 | ---- | M] (Check Point Software Technologies) -- C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll MOD - [2009/07/12 01:12:06 | 000,632,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\msvcr80.dll MOD - [2009/07/12 01:09:20 | 000,554,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\msvcp80.dll MOD - [2008/04/13 20:10:20 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - File not found [Disabled | Stopped] -- C:\WINDOWS\System32\hidserv.dll -- (HidServ) SRV - File not found [On_Demand | Stopped] -- C:\WINDOWS\System32\appmgmts.dll -- (AppMgmt) SRV - [2010/06/23 13:52:56 | 002,435,592 | ---- | M] (Check Point Software Technologies LTD) [Auto | Running] -- C:\WINDOWS\System32\ZoneLabs\vsmon.exe -- (vsmon) SRV - [2010/05/26 09:35:18 | 000,493,032 | ---- | M] (Check Point Software Technologies) [Auto | Running] -- C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe -- (IswSvc) SRV - [2010/05/06 05:29:12 | 000,293,456 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe -- (LBTServ) SRV - [2010/04/01 13:33:19 | 000,267,432 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService) SRV - [2010/02/24 10:28:09 | 000,135,336 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService) SRV - [2009/07/10 08:58:21 | 000,594,600 | ---- | M] ( ) [Auto | Running] -- C:\WINDOWS\System32\dldncoms.exe -- (dldn_device) SRV - [2009/07/10 08:58:15 | 000,098,984 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\\dldnserv.exe -- (dldnCATSCustConnectService) SRV - [2009/06/26 10:26:20 | 000,085,504 | ---- | M] (PC Pitstop LLC) [Disabled | Stopped] -- C:\Program Files\PCPitstop\PCPitstopScheduleService.exe -- (PCPitstop Scheduling) SRV - [2009/05/19 11:36:18 | 000,240,512 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe -- (SeaPort) SRV - [2008/11/20 16:03:00 | 000,658,432 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service) SRV - [2007/08/09 03:27:52 | 000,073,728 | ---- | M] (HP) [Auto | Running] -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12) SRV - [2007/07/24 11:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) [Auto | Running] -- C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2) SRV - [2007/01/16 10:10:04 | 000,316,256 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\DebugDiag\DbgSvc.exe -- (DbgSvc) SRV - [2007/01/04 19:48:52 | 000,112,152 | R--- | M] (InterVideo) [Auto | Running] -- C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe -- (IviRegMgr) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - File not found [Kernel | Boot | Stopped] -- C:\WINDOWS\System32\ZoneLabs\srescan.sys -- (srescan) DRV - File not found [Kernel | Auto | Stopped] -- C:\WINDOWS\System32\DRIVERS\rp_skt32.sys -- (RPSKT) Security Services Driver (x86) DRV - File not found [File_System | Boot | Stopped] -- C:\WINDOWS\System32\DRIVERS\Lbd.sys -- (Lbd) DRV - [2010/07/07 10:05:32 | 000,014,904 | ---- | M] (Secunia) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\psi_mf.sys -- (PSI) DRV - [2010/05/26 09:35:10 | 000,026,352 | ---- | M] (Check Point Software Technologies) [Kernel | Auto | Running] -- C:\Program Files\CheckPoint\ZAForceField\ISWKL.sys -- (ISWKL) DRV - [2010/05/25 22:12:41 | 000,067,656 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL) DRV - [2010/03/18 05:01:12 | 000,010,448 | ---- | M] (Logitech, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\LBeepKE.sys -- (LBeepKE) DRV - [2010/03/01 10:05:24 | 000,124,784 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb) DRV - [2010/02/17 11:25:50 | 000,012,872 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV) DRV - [2010/02/17 11:15:58 | 000,012,872 | R--- | M] ( SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | On_Demand | Stopped] -- C:\Program Files\SUPERAntiSpyware\SASENUM.SYS -- (SASENUM) DRV - [2010/02/16 14:24:01 | 000,060,936 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt) DRV - [2009/05/11 12:49:19 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Program Files\Avira\AntiVir Desktop\avgio.sys -- (avgio) DRV - [2009/05/11 10:12:49 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv) DRV - [2009/03/25 06:29:52 | 000,130,432 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtnicxp.sys -- (RTL8023xp) DRV - [2009/02/16 00:10:26 | 000,353,672 | ---- | M] (Check Point Software Technologies LTD) [Kernel | System | Running] -- C:\WINDOWS\system32\vsdatant.sys -- (vsdatant) DRV - [2008/12/07 12:24:23 | 000,018,304 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Motive\MRESP50.sys -- (MRESP50) DRV - [2008/12/07 12:23:48 | 000,019,712 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Motive\MREMP50.sys -- (MREMP50) DRV - [2008/10/23 01:58:36 | 001,391,104 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\BCMWL5.SYS -- (BCM43XX) DRV - [2008/04/13 14:56:06 | 000,088,320 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkipx.sys -- (NwlnkIpx) DRV - [2007/10/09 10:45:15 | 000,018,003 | ---- | M] (Motive, Inc.) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Motive\MRENDIS5.sys -- (MRENDIS5) DRV - [2007/10/09 10:45:01 | 000,019,345 | ---- | M] (Motive, Inc.) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Motive\MREMPR5.sys -- (MREMPR5) DRV - [2007/09/15 02:09:44 | 000,213,696 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SynTP.sys -- (SynTP) DRV - [2005/08/22 17:07:00 | 001,035,008 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DPV.sys -- (HSF_DPV) DRV - [2005/08/22 17:06:10 | 000,718,464 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf) DRV - [2005/08/22 17:06:00 | 000,231,424 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWATI.sys -- (HSFHWATI) DRV - [2005/05/20 19:01:32 | 000,025,600 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LHidKE.Sys -- (LHidKe) DRV - [2005/05/20 19:01:26 | 000,068,352 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LMouKE.Sys -- (LMouKE) DRV - [2005/05/20 19:01:00 | 000,036,480 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LHidUsbK.sys -- (LHidUsbK) DRV - [2005/05/20 19:00:36 | 000,013,056 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\L8042Kbd.SYS -- (L8042Kbd) DRV - [2005/04/20 18:46:42 | 000,350,080 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\camc6hal.sys -- (CAMCHALA) DRV - [2005/04/20 18:45:48 | 000,038,016 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\camc6aud.sys -- (CAMCAUD) DRV - [2005/04/11 09:33:52 | 001,035,264 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag) DRV - [2005/03/16 08:43:06 | 000,159,488 | ---- | M] (Texas Instruments) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tifm21.sys -- (tifm21) DRV - [2005/01/18 12:52:16 | 000,055,320 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btwusb.sys -- (BTWUSB) DRV - [2004/12/15 11:18:26 | 001,038,208 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\HSF_DP.sys -- (HSF_DP) DRV - [2004/08/11 19:30:00 | 000,039,424 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AmdK8.sys -- (AmdK8) DRV - [2004/08/04 04:00:00 | 000,063,232 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnknb.sys -- (NwlnkNb) DRV - [2004/08/04 04:00:00 | 000,055,936 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkspx.sys -- (NwlnkSpx) DRV - [2004/04/14 10:36:50 | 000,007,432 | ---- | M] (Hewlett-Packard Company) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\eabfiltr.sys -- (eabfiltr) DRV - [2003/06/06 14:46:16 | 000,005,220 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\EabUsb.sys -- (eabusb) DRV - [2001/08/17 15:10:28 | 000,035,913 | ---- | M] (SMC) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\smcirda.sys -- (SMCIRDA) DRV - [2001/08/17 11:51:56 | 000,005,248 | ---- | M] (Acer Laboratories Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\aliide.sys -- (AliIde) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.live.ca [binary data] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://sympatico.msn.ca/ [binary data] IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.ca/ IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 FF - HKLM\software\mozilla\Firefox\Extensions\\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}: C:\Program Files\CheckPoint\ZAForceField\TrustChecker [2010/08/10 16:12:13 | 000,000,000 | ---D | M] [2009/10/21 22:18:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Clarie\Application Data\Mozilla\Firefox\extensions [2009/10/22 06:49:05 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Clarie\Application Data\Mozilla\Firefox\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D} O1 HOSTS File: ([2010/08/11 14:31:31 | 001,012,565 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\HOSTS O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: 127.0.0.1 ad.a8.net O1 - Hosts: 127.0.0.1 asy.a8ww.net O1 - Hosts: 127.0.0.1 a9rhiwa.cn #[Google.Warning] O1 - Hosts: 127.0.0.1 www.a9rhiwa.cn O1 - Hosts: 127.0.0.1 acezip.net #[SiteAdvisor.acezip.net] O1 - Hosts: 127.0.0.1 www.acezip.net #[Win32/Adware.180Solutions] O1 - Hosts: 127.0.0.1 phpadsnew.abac.com O1 - Hosts: 127.0.0.1 a.abnad.net O1 - Hosts: 127.0.0.1 b.abnad.net O1 - Hosts: 127.0.0.1 c.abnad.net #[eTrust.Tracking.Cookie] O1 - Hosts: 127.0.0.1 d.abnad.net O1 - Hosts: 127.0.0.1 e.abnad.net O1 - Hosts: 127.0.0.1 t.abnad.net O1 - Hosts: 127.0.0.1 z.abnad.net O1 - Hosts: 127.0.0.1 banners.absolpublisher.com O1 - Hosts: 127.0.0.1 tracking.absolstats.com O1 - Hosts: 127.0.0.1 adv.abv.bg O1 - Hosts: 127.0.0.1 bimg.abv.bg O1 - Hosts: 127.0.0.1 www2.a-counter.kiev.ua O1 - Hosts: 127.0.0.1 track.acclaimnetwork.com O1 - Hosts: 127.0.0.1 accuserveadsystem.com O1 - Hosts: 127.0.0.1 www.accuserveadsystem.com O1 - Hosts: 127.0.0.1 gtb5.acecounter.com O1 - Hosts: 127.0.0.1 gtb19.acecounter.com O1 - Hosts: 30176 more lines... O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found. O2 - BHO: (AskBar BHO) - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar1.dll (Ask.com) O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found. O2 - BHO: (ZoneAlarm Toolbar) - {66f2e20d-0da8-4c11-a9c8-dd8477b88acd} - C:\Program Files\ZoneAlarm\tbZone.dll (Conduit Ltd.) O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation) O2 - BHO: (ZoneAlarm Security Engine Registrar) - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Program Files\CheckPoint\ZAForceField\Trustchecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies) O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll (Google Inc.) O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation) O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation) O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O3 - HKLM\..\Toolbar: (ZoneAlarm Spy Blocker Toolbar) - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar1.dll (Ask.com) O3 - HKLM\..\Toolbar: (ZoneAlarm Toolbar) - {66f2e20d-0da8-4c11-a9c8-dd8477b88acd} - C:\Program Files\ZoneAlarm\tbZone.dll (Conduit Ltd.) O3 - HKLM\..\Toolbar: (ZoneAlarm Security Engine) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\Trustchecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies) O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O3 - HKCU\..\Toolbar\WebBrowser: (ZoneAlarm Toolbar) - {66F2E20D-0DA8-4C11-A9C8-DD8477B88ACD} - C:\Program Files\ZoneAlarm\tbZone.dll (Conduit Ltd.) O4 - HKLM..\Run: [ATICustomerCare] C:\Program Files\ATI\ATICustomerCare\ATICustomerCare.exe (Advanced Micro Devices, Inc.) O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) O4 - HKLM..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\Cpqset.exe () O4 - HKLM..\Run: [dldnamon] C:\Program Files\Dell V105\dldnamon.exe () O4 - HKLM..\Run: [dldnmon.exe] C:\Program Files\Dell V105\dldnmon.exe () O4 - HKLM..\Run: [eabconfg.cpl] C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe (Hewlett-Packard ) O4 - HKLM..\Run: [EnGraph QuickTimeKiller] C:\Program Files\EnGraph\QuicktimeKiller\QuickTimeKiller.exe ( ) O4 - HKLM..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.) O4 - HKLM..\Run: [Google Quick Search Box] C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe (Google Inc.) O4 - HKLM..\Run: [ISW] C:\Program Files\CheckPoint\ZAForceField\ForceField.exe (Check Point Software Technologies) O4 - HKLM..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe (Synaptics, Inc.) O4 - HKLM..\Run: [SynTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe (Synaptics, Inc.) O4 - HKLM..\Run: [ZoneAlarm Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe (Check Point Software Technologies LTD) O4 - HKCU..\Run: [Advanced SystemCare 3] C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe (IObit) O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE (SUPERAntiSpyware.com) O4 - Startup: C:\Documents and Settings\Clarie\Start Menu\Programs\Startup\Secunia PSI.lnk = C:\Program Files\Secunia\PSI\psi.exe (Secunia) O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0 O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFavoritesMenu = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSetTaskbar = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSimpleStartMenu = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation) O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} http://utilities.pcpitstop.com/Nirvana/controls/PCPitStop.CAB (PCPitstop Utility) O16 - DPF: {14C1B87C-3342-445F-9B5E-365FF330A3AC} http://h50203.www5.hp.com/HPISWeb/Customer/cabs/HPISDataManager.CAB (Hewlett-Packard Online Support Services) O16 - DPF: {6824D897-F7E1-4E41-B84B-B1D3FA4BF1BD} http://utilities.pcpitstop.com/Exterminate2/pcpitstopAntiVirus.dll (Reg Error: Key error.) O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} https://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab (HP Download Manager) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21) O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.) O16 - DPF: {94E5218F-9737-4FC2-8457-567B1FF23DC0} http://utilities.pcpitstop.com/Nirvana/controls/DiskMD3Ctrl.dll (diskhealth Class) O16 - DPF: {9732FB42-C321-11D1-836F-00A0C993F125} http://pcpitstop.com/mhLbl.cab (mhLabel Class) O16 - DPF: {A553720A-BFED-4EA4-A71F-7EFCA690A1F7} http://utilities.pcpitstop.com/Nirvana/controls/pcpitstopAntiVirus.dll (PCPitstop AntiVirus) O16 - DPF: {CAFEEFAC-0015-0000-0017-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_17-windows-i586.cab (Reg Error: Key error.) O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21) O16 - DPF: {FFB3A759-98B1-446F-BDA9-909C6EB18CC7} http://utilities.pcpitstop.com/Nirvana/controls/pcpitstop2.dll (PCPitstop Exam) O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation) O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll (SUPERAntiSpyware.com) O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.) O20 - Winlogon\Notify\LBTWlgn: DllName - c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll - c:\Program Files\Common Files\Logishrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.) O24 - Desktop WallPaper: C:\WINDOWS\Amber Migration.bmp O24 - Desktop BackupWallPaper: C:\WINDOWS\Amber Migration.bmp O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com) O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = ComFile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* NetSvcs: 6to4 - File not found NetSvcs: AppMgmt - C:\WINDOWS\System32\appmgmts.dll File not found NetSvcs: HidServ - C:\WINDOWS\System32\hidserv.dll File not found NetSvcs: Ias - File not found NetSvcs: Iprip - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Wmi - C:\WINDOWS\System32\wmi.dll (Microsoft Corporation) NetSvcs: WmdmPmSp - File not found CREATERESTOREPOINT Restore point Set: OTL Restore Point (65315805348233216) [color=#E56717]========== Files/Folders - Created Within 90 Days ==========[/color] [2010/08/14 06:53:58 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Clarie\Recent [2010/08/13 07:50:14 | 000,000,000 | ---D | C] -- C:\Program Files\ERUNT [2010/08/13 07:46:19 | 000,791,393 | ---- | C] (Lars Hederer ) -- C:\Documents and Settings\Clarie\My Documents\erunt-setup.exe [2010/08/12 22:35:57 | 000,574,976 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Clarie\My Documents\OTL.exe [2010/08/12 22:15:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Clarie\Desktop\SCAN LOGS [2010/08/10 16:06:13 | 000,000,000 | ---D | C] -- C:\Program Files\Secunia [2010/08/07 14:27:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Clarie\Desktop\ALEXANDER [2010/08/05 14:45:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Clarie\Desktop\BURIAL [2010/08/03 16:29:24 | 000,000,000 | ---D | C] -- C:\Program Files\Logitech [2010/07/21 21:48:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Clarie\Local Settings\Application Data\PasswordSafe [2010/07/15 22:28:39 | 000,010,448 | ---- | C] (Logitech, Inc.) -- C:\WINDOWS\System32\drivers\LBeepKE.sys [2010/07/15 22:21:46 | 000,073,728 | ---- | C] (Oracle) -- C:\WINDOWS\System32\javacpl.cpl [2010/07/15 22:21:44 | 000,153,376 | ---- | C] (Oracle) -- C:\WINDOWS\System32\javaws.exe [2010/07/15 22:21:44 | 000,145,184 | ---- | C] (Oracle) -- C:\WINDOWS\System32\javaw.exe [2010/07/15 22:21:44 | 000,145,184 | ---- | C] (Oracle) -- C:\WINDOWS\System32\java.exe [2010/07/12 07:55:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Clarie\Application Data\ElevatedDiagnostics [2010/07/12 07:53:27 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\windowspowershell [2010/07/07 10:05:32 | 000,014,904 | ---- | C] (Secunia) -- C:\WINDOWS\System32\drivers\psi_mf.sys [2010/07/06 22:06:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Clarie\Desktop\INSURANCE [2010/07/05 22:36:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\ZoneAlarm [2010/07/02 06:50:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Clarie\Local Settings\Application Data\ZoneAlarm [2010/07/02 06:50:02 | 000,000,000 | ---D | C] -- C:\Program Files\ZoneAlarm [2010/06/30 20:57:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\ThumbnailCache4R [2010/06/29 11:26:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Clarie\Desktop\TRIM [2010/06/29 06:46:21 | 016,409,960 | ---- | C] (Safer Networking Limited ) -- C:\Documents and Settings\Clarie\My Documents\spybotsd162.exe [2010/06/22 16:30:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Clarie\Desktop\BOOKS [2010/06/11 22:22:08 | 000,000,000 | ---D | C] -- C:\Program Files\JRE [2010/06/11 22:11:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Clarie\Desktop\OpenOffice.org 3.2 (en-US) Installation Files [2010/06/09 21:08:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Clarie\Desktop\HOME CARE [2010/06/08 11:26:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Avira [2010/06/08 11:26:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Clarie\Application Data\Avira [2010/06/08 11:25:55 | 000,000,000 | ---D | C] -- C:\Program Files\Avira [2010/05/19 06:58:55 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype [2010/05/19 06:47:36 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft SQL Server Compact Edition [2010/05/18 08:04:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Clarie\Application Data\HpUpdate [2010/03/20 16:28:18 | 000,438,272 | ---- | C] ( ) -- C:\WINDOWS\System32\DLDNhcp.dll [2010/03/20 16:28:18 | 000,364,544 | ---- | C] ( ) -- C:\WINDOWS\System32\dldninpa.dll [2010/03/20 16:28:17 | 000,843,776 | ---- | C] ( ) -- C:\WINDOWS\System32\dldnusb1.dll [2010/03/20 16:28:17 | 000,339,968 | ---- | C] ( ) -- C:\WINDOWS\System32\dldniesc.dll [2010/03/20 16:28:16 | 001,105,920 | ---- | C] ( ) -- C:\WINDOWS\System32\dldnserv.dll [2010/03/20 16:28:16 | 000,053,248 | ---- | C] ( ) -- C:\WINDOWS\System32\dldnprox.dll [2010/03/20 16:28:15 | 000,647,168 | ---- | C] ( ) -- C:\WINDOWS\System32\dldnpmui.dll [2010/03/20 16:28:15 | 000,569,344 | ---- | C] ( ) -- C:\WINDOWS\System32\dldnlmpm.dll [2010/03/20 16:28:13 | 000,663,552 | ---- | C] ( ) -- C:\WINDOWS\System32\dldnhbn3.dll [2010/03/20 16:28:11 | 000,376,832 | ---- | C] ( ) -- C:\WINDOWS\System32\dldncomm.dll [2010/03/20 16:28:10 | 000,851,968 | ---- | C] ( ) -- C:\WINDOWS\System32\dldncomc.dll [color=#E56717]========== Files - Modified Within 90 Days ==========[/color] [2010/08/15 11:12:00 | 000,000,424 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{D3B276E1-8350-47AB-AD03-A941DECD14D6}.job [2010/08/15 11:08:50 | 000,000,424 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{703E2CC1-5410-4D38-A773-8B54294E0379}.job [2010/08/15 11:07:51 | 000,004,212 | -H-- | M] () -- C:\WINDOWS\System32\zllictbl.dat [2010/08/15 10:49:05 | 000,000,314 | ---- | M] () -- C:\WINDOWS\tasks\GlaryInitialize.job [2010/08/15 10:48:47 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job [2010/08/15 10:48:46 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT [2010/08/15 10:47:30 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2010/08/15 10:47:21 | 1206,439,936 | -HS- | M] () -- C:\hiberfil.sys [2010/08/15 09:48:43 | 009,175,040 | ---- | M] () -- C:\Documents and Settings\Clarie\ntuser.dat [2010/08/15 09:48:43 | 000,000,278 | -HS- | M] () -- C:\Documents and Settings\Clarie\ntuser.ini [2010/08/15 09:45:00 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job [2010/08/15 09:43:14 | 000,000,330 | ---- | M] () -- C:\Documents and Settings\Clarie\Desktop\Malware and Spyware Cleaning Guide - Geeks to Go! (2).url [2010/08/14 22:29:58 | 000,000,298 | ---- | M] () -- C:\Documents and Settings\Clarie\Desktop\GMER + restart - Google Search.url [2010/08/14 22:22:03 | 000,517,304 | ---- | M] () -- C:\Documents and Settings\Clarie\My Documents\eBay Order Details Heart monitor.mht [2010/08/14 06:53:03 | 000,001,634 | ---- | M] () -- C:\Documents and Settings\Clarie\My Documents\cc_20100814_065254.reg [2010/08/13 23:10:05 | 000,002,265 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Skype.lnk [2010/08/13 22:36:54 | 000,004,168 | ---- | M] () -- C:\Documents and Settings\Clarie\My Documents\cc_20100813_223646.reg [2010/08/13 21:49:48 | 000,000,547 | ---- | M] () -- C:\Documents and Settings\Clarie\Desktop\Shortcut to ldwv7xqw.exe.lnk [2010/08/13 21:46:57 | 000,293,376 | ---- | M] () -- C:\Documents and Settings\Clarie\My Documents\ldwv7xqw.exe [2010/08/13 16:34:08 | 000,000,472 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job [2010/08/13 07:50:15 | 000,000,611 | ---- | M] () -- C:\Documents and Settings\Clarie\Desktop\NTREGOPT.lnk [2010/08/13 07:50:15 | 000,000,592 | ---- | M] () -- C:\Documents and Settings\Clarie\Desktop\ERUNT.lnk [2010/08/13 07:46:20 | 000,791,393 | ---- | M] (Lars Hederer ) -- C:\Documents and Settings\Clarie\My Documents\erunt-setup.exe [2010/08/13 07:41:56 | 000,260,368 | ---- | M] () -- C:\Documents and Settings\Clarie\My Documents\SoftonicDownloader37784.exe [2010/08/13 07:08:43 | 000,000,516 | ---- | M] () -- C:\Documents and Settings\Clarie\Desktop\Shortcut to OTL.exe.lnk [2010/08/12 22:41:36 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Clarie\My Documents\OTL.exe [2010/08/12 14:37:29 | 000,034,387 | ---- | M] () -- C:\Documents and Settings\Clarie\My Documents\MASTER CARD HISTORY.ods [2010/08/12 07:21:10 | 000,011,303 | ---- | M] () -- C:\Documents and Settings\Clarie\My Documents\HIJACKTHIS LOG - Aug 12,2010 0720 [2010/08/11 22:33:20 | 000,007,312 | ---- | M] () -- C:\Documents and Settings\Clarie\My Documents\cc_20100811_223309.reg [2010/08/11 15:17:50 | 000,090,114 | ---- | M] () -- C:\Documents and Settings\Clarie\My Documents\BLOOD PRESSURE - Apr 29, 2010 Bup.ods [2010/08/11 14:57:40 | 000,090,125 | ---- | M] () -- C:\Documents and Settings\Clarie\My Documents\BLOOD PRESSURE - Apr 29, 2010.ods [2010/08/11 14:31:31 | 001,012,565 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\HOSTS [2010/08/11 07:47:37 | 000,024,928 | ---- | M] () -- C:\Documents and Settings\Clarie\My Documents\FOOD history.ods [2010/08/11 07:23:13 | 000,021,374 | ---- | M] () -- C:\Documents and Settings\Clarie\My Documents\WINZIP receipt.odt [2010/08/10 17:09:22 | 000,337,848 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2010/08/10 16:54:17 | 000,504,314 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI [2010/08/10 16:54:17 | 000,443,034 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2010/08/10 16:54:17 | 000,072,134 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2010/08/10 16:42:06 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2010/08/10 16:20:01 | 000,000,720 | ---- | M] () -- C:\Documents and Settings\Clarie\Start Menu\Programs\Startup\Secunia PSI.lnk [2010/08/10 14:10:16 | 000,000,042 | ---- | M] () -- C:\WINDOWS\System32\scud.udf [2010/08/09 22:36:12 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job [2010/08/09 21:58:01 | 000,000,438 | ---- | M] () -- C:\WINDOWS\tasks\EasyShare Registration Task.job [2010/08/08 21:46:11 | 000,021,096 | ---- | M] () -- C:\Documents and Settings\Clarie\My Documents\BANK - Listings CIBC 97 to 2010 Bup.ods [2010/08/08 21:45:50 | 000,021,097 | ---- | M] () -- C:\Documents and Settings\Clarie\My Documents\BANK - Listings CIBC 97 to 2010.ods [2010/08/08 16:38:17 | 000,021,959 | ---- | M] () -- C:\Documents and Settings\Clarie\My Documents\BANKING&EMAIL-NOTES.odt [2010/08/08 16:17:24 | 000,015,995 | ---- | M] () -- C:\Documents and Settings\Clarie\My Documents\PROJECTIONS - AUG 2010.ods [2010/08/08 06:53:05 | 000,013,255 | ---- | M] () -- C:\Documents and Settings\Clarie\My Documents\AVIRA notify screen - disable.odt [2010/08/06 16:18:41 | 000,029,759 | ---- | M] () -- C:\Documents and Settings\Clarie\My Documents\Death - Documentation.odt [2010/08/05 22:06:29 | 000,000,282 | ---- | M] () -- C:\Documents and Settings\Clarie\Desktop\Inflation Calculator- Other- Rates and Statistics- Bank of Canada.url [2010/08/05 20:52:21 | 000,022,404 | ---- | M] () -- C:\Documents and Settings\Clarie\My Documents\BASIC - ESTATE SERVICES.odt [2010/08/05 20:14:09 | 000,023,868 | ---- | M] () -- C:\Documents and Settings\Clarie\My Documents\BASIC - PREARRANGEMENTS.odt [2010/08/05 18:25:02 | 000,023,868 | ---- | M] () -- C:\Documents and Settings\Clarie\My Documents\BASIC - FAQ's.odt [2010/08/05 16:33:15 | 000,015,834 | ---- | M] () -- C:\Documents and Settings\Clarie\My Documents\BASIC - CONTACT US.odt [2010/08/05 16:26:03 | 000,018,667 | ---- | M] () -- C:\Documents and Settings\Clarie\My Documents\BASIC - PRE-ARRANGEMNT FORM.odt [2010/08/05 16:21:39 | 000,018,984 | ---- | M] () -- C:\Documents and Settings\Clarie\My Documents\BASIC - INFORMATION FORM.odt [2010/08/05 16:19:14 | 000,027,219 | ---- | M] () -- C:\Documents and Settings\Clarie\My Documents\BASIC - WHAT ARE THE NEXT STEPS.odt [2010/08/05 16:10:55 | 000,021,559 | ---- | M] () -- C:\Documents and Settings\Clarie\My Documents\BASIC - WHAT DO I DO WHEN A DEATH HAS OCCURRED.odt [2010/08/03 09:25:09 | 000,738,755 | ---- | M] () -- C:\Documents and Settings\Clarie\My Documents\BRAIN JULY 24 STAR.mht [2010/08/03 09:23:16 | 000,762,954 | ---- | M] () -- C:\Documents and Settings\Clarie\My Documents\BRAIN JULY 16 STAR.mht [2010/08/03 09:19:16 | 000,763,536 | ---- | M] () -- C:\Documents and Settings\Clarie\My Documents\BRAIN JULY 30 STAR.mht [2010/08/03 07:54:19 | 001,224,923 | ---- | M] () -- C:\Documents and Settings\Clarie\My Documents\BRAIN JULY 9 STAR.mht [2010/08/02 23:16:44 | 000,000,386 | ---- | M] () -- C:\WINDOWS\tasks\SmartDefrag.job [2010/08/01 16:15:40 | 000,028,500 | ---- | M] () -- C:\Documents and Settings\Clarie\My Documents\CLAIRE FINANCES 2010.ods [2010/08/01 11:56:11 | 000,016,721 | ---- | M] () -- C:\Documents and Settings\Clarie\My Documents\BUDGET - HOUSE Monthly.ods [2010/07/31 21:52:00 | 000,000,691 | ---- | M] () -- C:\Documents and Settings\Clarie\Desktop\The Girl Who Kicked The Hornet's Nest Amazon.ca Stieg Larsson Books.url [2010/07/30 07:27:42 | 000,113,948 | ---- | M] () -- C:\Documents and Settings\Clarie\My Documents\Union Gas Jun 23, 2010.pdf [2010/07/29 21:59:56 | 000,102,265 | ---- | M] () -- C:\Documents and Settings\Clarie\My Documents\Amazon_ca Alexander Technique.htm [2010/07/26 22:28:52 | 000,016,840 | ---- | M] () -- C:\Documents and Settings\Clarie\My Documents\BELL HISTORY.ods [2010/07/25 22:24:27 | 000,013,770 | ---- | M] () -- C:\Documents and Settings\Clarie\My Documents\BELL JULY 2009.ods [2010/07/25 21:46:49 | 000,000,794 | ---- | M] () -- C:\Documents and Settings\Clarie\My Documents\BELL JULY 2009.csv [2010/07/21 21:25:19 | 000,028,980 | ---- | M] () -- C:\Documents and Settings\Clarie\My Documents\MASTERCARD household paid by MO.ods [2010/07/20 22:45:29 | 000,024,700 | ---- | M] () -- C:\Documents and Settings\Clarie\My Documents\COMPUTER - MAURICE.odt [2010/07/20 22:41:04 | 000,020,466 | ---- | M] () -- C:\Documents and Settings\Clarie\My Documents\CHATELAINE PAYMENT JULY 20,2010.odt [2010/07/20 14:47:43 | 000,000,579 | ---- | M] () -- C:\Documents and Settings\Clarie\Desktop\12.0 Mega USB 6 LED Webcam Web Cam Camera PC Laptop+Mic on eBay.ca (item 170505441352 end time 26-Jul-10 011907 EDT).url [2010/07/20 06:29:04 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat [2010/07/18 22:16:01 | 000,026,718 | ---- | M] () -- C:\Documents and Settings\Clarie\My Documents\PASSWORDS.odt [2010/07/18 21:26:17 | 000,031,562 | ---- | M] () -- C:\Documents and Settings\Clarie\My Documents\MAURICE & CLAIRE - ASSETS.odt [2010/07/18 14:27:31 | 000,009,217 | ---- | M] () -- C:\Documents and Settings\Clarie\My Documents\MAINTENANCE.odt [2010/07/18 14:26:56 | 000,009,155 | ---- | M] () -- C:\Documents and Settings\Clarie\My Documents\SPYWARE.odt [2010/07/16 11:44:42 | 000,001,915 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Google Earth.lnk [2010/07/16 09:31:07 | 000,000,800 | ---- | M] () -- C:\Documents and Settings\Clarie\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk [2010/07/16 09:31:02 | 000,000,782 | ---- | M] () -- C:\Documents and Settings\Clarie\Desktop\Windows Media Player.lnk [2010/07/16 07:35:42 | 000,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb [2010/07/16 07:35:42 | 000,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb [2010/07/15 22:21:02 | 000,153,376 | ---- | M] (Oracle) -- C:\WINDOWS\System32\javaws.exe [2010/07/15 22:21:02 | 000,145,184 | ---- | M] (Oracle) -- C:\WINDOWS\System32\javaw.exe [2010/07/15 22:21:02 | 000,145,184 | ---- | M] (Oracle) -- C:\WINDOWS\System32\java.exe [2010/07/15 22:21:02 | 000,073,728 | ---- | M] (Oracle) -- C:\WINDOWS\System32\javacpl.cpl [2010/07/15 22:21:00 | 000,423,656 | ---- | M] (Oracle) -- C:\WINDOWS\System32\deployJava1.dll [2010/07/15 16:22:54 | 000,000,326 | ---- | M] () -- C:\Documents and Settings\Clarie\Desktop\Password Safe - Free software downloads and software reviews - CNET Download.com.url [2010/07/11 22:14:26 | 000,015,320 | ---- | M] () -- C:\Documents and Settings\Clarie\My Documents\PROJECTIONS - SEPT 2010.ods [2010/07/09 16:20:27 | 000,100,258 | ---- | M] () -- C:\Documents and Settings\Clarie\My Documents\Hydro July 09, 2010.mht [2010/07/07 16:09:35 | 000,011,899 | ---- | M] () -- C:\Documents and Settings\Clarie\My Documents\THINGS TO DO.odt [2010/07/07 10:05:32 | 000,014,904 | ---- | M] (Secunia) -- C:\WINDOWS\System32\drivers\psi_mf.sys [2010/07/04 15:03:59 | 000,022,735 | ---- | M] () -- C:\Documents and Settings\Clarie\My Documents\CAMERA PAY PAL.odt [2010/07/03 10:24:10 | 000,000,744 | ---- | M] () -- C:\Documents and Settings\Clarie\My Documents\Shortcut to REVO UNINSTALLER - Removing Start-up items in Windows.lnk [2010/07/03 10:23:50 | 000,025,590 | ---- | M] () -- C:\Documents and Settings\Clarie\My Documents\REVO UNINSTALLER - Removing Start-up items in Windows.odt [2010/07/02 16:58:42 | 000,012,174 | ---- | M] () -- C:\Documents and Settings\Clarie\My Documents\MASTERCARD - SEARS.ods [2010/07/02 06:50:51 | 000,421,531 | ---- | M] () -- C:\WINDOWS\System32\vsconfig.xml [2010/06/30 21:12:44 | 000,001,070 | ---- | M] () -- C:\Documents and Settings\Clarie\Application Data\wklnhst.dat [2010/06/30 21:06:57 | 000,100,352 | ---- | M] () -- C:\Documents and Settings\Clarie\My Documents\L-3 communications [LITTON] PENSION Page 2.wps [2010/06/30 21:00:25 | 000,039,424 | ---- | M] () -- C:\Documents and Settings\Clarie\My Documents\L-3 communications [LITTON] PENSION Page 1.wps [2010/06/30 07:07:28 | 000,001,729 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 9.lnk [2010/06/29 19:22:47 | 000,115,399 | ---- | M] () -- C:\Documents and Settings\Clarie\My Documents\Union Gas June 23, 2010.pdf [2010/06/29 06:46:21 | 016,409,960 | ---- | M] (Safer Networking Limited ) -- C:\Documents and Settings\Clarie\My Documents\spybotsd162.exe [2010/06/28 06:41:24 | 000,023,121 | ---- | M] () -- C:\Documents and Settings\Clarie\My Documents\COMPUTER - DIANE.odt [2010/06/27 14:06:51 | 000,025,094 | ---- | M] () -- C:\Documents and Settings\Clarie\My Documents\BANK LISTING-MO Alive Dead.odt [2010/06/22 06:49:28 | 000,015,771 | ---- | M] () -- C:\Documents and Settings\Clarie\My Documents\BMO to MasterCard Jun22,2010.odt [2010/06/20 16:51:34 | 000,098,448 | ---- | M] () -- C:\Documents and Settings\Clarie\Local Settings\Application Data\GDIPFONTCACHEV1.DAT [2010/06/19 07:13:53 | 000,013,664 | ---- | M] () -- C:\Documents and Settings\Clarie\My Documents\LACTUALITE.odt [2010/06/16 06:53:41 | 025,034,310 | ---- | M] () -- C:\Documents and Settings\Clarie\My Documents\HKEY CLASSES ROOT re HCP.reg [2010/06/14 21:53:57 | 000,012,874 | ---- | M] () -- C:\Documents and Settings\Clarie\My Documents\ING HOUSE.ods [2010/06/14 09:43:15 | 000,010,958 | ---- | M] () -- C:\Documents and Settings\Clarie\My Documents\CLAIRE - transer of HST CREDIT.odt [2010/06/11 22:24:19 | 000,000,885 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\OpenOffice.org 3.2.lnk [2010/06/11 06:35:18 | 000,000,451 | ---- | M] () -- C:\Documents and Settings\Clarie\Desktop\Auto Quote Insurance CAA South Central Ontario.url [2010/06/08 18:09:18 | 044,089,904 | ---- | M] () -- C:\Documents and Settings\Clarie\My Documents\avira_antivir_personal_en.exe [2010/06/07 07:38:38 | 000,011,432 | ---- | M] () -- C:\Documents and Settings\Clarie\My Documents\DINO receipt.odt [2010/06/06 10:22:27 | 000,000,370 | ---- | M] () -- C:\Documents and Settings\Clarie\Desktop\Internet DSL Connection Problems.url [2010/06/03 12:52:32 | 000,014,744 | ---- | M] () -- C:\Documents and Settings\Clarie\My Documents\BANK - STOP CHEQUE.odt [2010/05/28 22:21:50 | 000,115,465 | ---- | M] () -- C:\Documents and Settings\Clarie\My Documents\Union Gas Apr 23, 2010.pdf [2010/05/24 14:06:14 | 000,009,613 | ---- | M] () -- C:\Documents and Settings\Clarie\My Documents\CLAIRE - Daily reports.ods [2010/05/21 21:54:42 | 000,000,277 | ---- | M] () -- C:\Documents and Settings\Clarie\Desktop\About DSL modem lights - Support.url [2010/05/21 18:29:22 | 000,000,492 | ---- | M] () -- C:\Documents and Settings\Clarie\Desktop\the internet connection is currently not available - Google Search.url [2010/05/18 22:39:45 | 000,017,767 | ---- | M] () -- C:\Documents and Settings\Clarie\My Documents\TAX RECORDS - CLAIRE.ods [2010/05/18 16:58:49 | 000,015,122 | ---- | M] () -- C:\Documents and Settings\Clarie\My Documents\TAX RECORDS - CLAIRE BUP.ods [2010/05/18 15:04:08 | 000,023,825 | ---- | M] () -- C:\Documents and Settings\Clarie\My Documents\TAX RECORDS - MAURICE.ods [2010/05/18 14:25:16 | 000,023,578 | ---- | M] () -- C:\Documents and Settings\Clarie\My Documents\TAX RECORDS - MO-Refund as originally noted.ods [color=#E56717]========== Files Created - No Company Name ==========[/color] [2010/08/14 22:29:58 | 000,000,298 | ---- | C] () -- C:\Documents and Settings\Clarie\Desktop\GMER + restart - Google Search.url [2010/08/14 22:21:53 | 000,517,304 | ---- | C] () -- C:\Documents and Settings\Clarie\My Documents\eBay Order Details Heart monitor.mht [2010/08/14 06:52:57 | 000,001,634 | ---- | C] () -- C:\Documents and Settings\Clarie\My Documents\cc_20100814_065254.reg [2010/08/13 22:59:56 | 000,000,330 | ---- | C] () -- C:\Documents and Settings\Clarie\Desktop\Malware and Spyware Cleaning Guide - Geeks to Go! (2).url [2010/08/13 22:36:49 | 000,004,168 | ---- | C] () -- C:\Documents and Settings\Clarie\My Documents\cc_20100813_223646.reg [2010/08/13 21:49:48 | 000,000,547 | ---- | C] () -- C:\Documents and Settings\Clarie\Desktop\Shortcut to ldwv7xqw.exe.lnk [2010/08/13 21:46:55 | 000,293,376 | ---- | C] () -- C:\Documents and Settings\Clarie\My Documents\ldwv7xqw.exe [2010/08/13 07:50:15 | 000,000,611 | ---- | C] () -- C:\Documents and Settings\Clarie\Desktop\NTREGOPT.lnk [2010/08/13 07:50:15 | 000,000,592 | ---- | C] () -- C:\Documents and Settings\Clarie\Desktop\ERUNT.lnk [2010/08/13 07:41:53 | 000,260,368 | ---- | C] () -- C:\Documents and Settings\Clarie\My Documents\SoftonicDownloader37784.exe [2010/08/13 07:08:43 | 000,000,516 | ---- | C] () -- C:\Documents and Settings\Clarie\Desktop\Shortcut to OTL.exe.lnk [2010/08/12 07:21:10 | 000,011,303 | ---- | C] () -- C:\Documents and Settings\Clarie\My Documents\HIJACKTHIS LOG - Aug 12,2010 0720 [2010/08/11 22:33:14 | 000,007,312 | ---- | C] () -- C:\Documents and Settings\Clarie\My Documents\cc_20100811_223309.reg [2010/08/11 21:44:09 | 1206,439,936 | -HS- | C] () -- C:\hiberfil.sys [2010/08/11 16:15:35 | 000,000,424 | -H-- | C] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{703E2CC1-5410-4D38-A773-8B54294E0379}.job [2010/08/11 15:17:44 | 000,090,114 | ---- | C] () -- C:\Documents and Settings\Clarie\My Documents\BLOOD PRESSURE - Apr 29, 2010 Bup.ods [2010/08/11 07:19:52 | 000,021,374 | ---- | C] () -- C:\Documents and Settings\Clarie\My Documents\WINZIP receipt.odt [2010/08/10 16:20:01 | 000,000,720 | ---- | C] () -- C:\Documents and Settings\Clarie\Start Menu\Programs\Startup\Secunia PSI.lnk [2010/08/10 14:10:16 | 000,000,042 | ---- | C] () -- C:\WINDOWS\System32\scud.udf [2010/08/08 14:43:44 | 000,015,995 | ---- | C] () -- C:\Documents and Settings\Clarie\My Documents\PROJECTIONS - AUG 2010.ods [2010/08/08 06:53:05 | 000,013,255 | ---- | C] () -- C:\Documents and Settings\Clarie\My Documents\AVIRA notify screen - disable.odt [2010/08/07 06:45:36 | 000,021,096 | ---- | C] () -- C:\Documents and Settings\Clarie\My Documents\BANK - Listings CIBC 97 to 2010 Bup.ods [2010/08/06 16:18:40 | 000,029,759 | ---- | C] () -- C:\Documents and Settings\Clarie\My Documents\Death - Documentation.odt [2010/08/05 20:52:21 | 000,022,404 | ---- | C] () -- C:\Documents and Settings\Clarie\My Documents\BASIC - ESTATE SERVICES.odt [2010/08/05 20:14:07 | 000,023,868 | ---- | C] () -- C:\Documents and Settings\Clarie\My Documents\BASIC - PREARRANGEMENTS.odt [2010/08/05 18:25:01 | 000,023,868 | ---- | C] () -- C:\Documents and Settings\Clarie\My Documents\BASIC - FAQ's.odt [2010/08/05 16:33:15 | 000,015,834 | ---- | C] () -- C:\Documents and Settings\Clarie\My Documents\BASIC - CONTACT US.odt [2010/08/05 16:26:02 | 000,018,667 | ---- | C] () -- C:\Documents and Settings\Clarie\My Documents\BASIC - PRE-ARRANGEMNT FORM.odt [2010/08/05 16:21:37 | 000,018,984 | ---- | C] () -- C:\Documents and Settings\Clarie\My Documents\BASIC - INFORMATION FORM.odt [2010/08/05 16:19:13 | 000,027,219 | ---- | C] () -- C:\Documents and Settings\Clarie\My Documents\BASIC - WHAT ARE THE NEXT STEPS.odt [2010/08/05 16:10:53 | 000,021,559 | ---- | C] () -- C:\Documents and Settings\Clarie\My Documents\BASIC - WHAT DO I DO WHEN A DEATH HAS OCCURRED.odt [2010/08/03 09:25:09 | 000,738,755 | ---- | C] () -- C:\Documents and Settings\Clarie\My Documents\BRAIN JULY 24 STAR.mht [2010/08/03 09:23:15 | 000,762,954 | ---- | C] () -- C:\Documents and Settings\Clarie\My Documents\BRAIN JULY 16 STAR.mht [2010/08/03 09:19:15 | 000,763,536 | ---- | C] () -- C:\Documents and Settings\Clarie\My Documents\BRAIN JULY 30 STAR.mht [2010/08/03 07:54:19 | 001,224,923 | ---- | C] () -- C:\Documents and Settings\Clarie\My Documents\BRAIN JULY 9 STAR.mht [2010/08/01 16:44:55 | 000,021,097 | ---- | C] () -- C:\Documents and Settings\Clarie\My Documents\BANK - Listings CIBC 97 to 2010.ods [2010/07/31 21:50:13 | 000,016,721 | ---- | C] () -- C:\Documents and Settings\Clarie\My Documents\BUDGET - HOUSE Monthly.ods [2010/07/31 20:48:06 | 000,000,691 | ---- | C] () -- C:\Documents and Settings\Clarie\Desktop\The Girl Who Kicked The Hornet's Nest Amazon.ca Stieg Larsson Books.url [2010/07/30 07:27:42 | 000,113,948 | ---- | C] () -- C:\Documents and Settings\Clarie\My Documents\Union Gas Jun 23, 2010.pdf [2010/07/29 21:59:56 | 000,102,265 | ---- | C] () -- C:\Documents and Settings\Clarie\My Documents\Amazon_ca Alexander Technique.htm [2010/07/25 22:02:11 | 000,013,770 | ---- | C] () -- C:\Documents and Settings\Clarie\My Documents\BELL JULY 2009.ods [2010/07/25 21:46:46 | 000,000,794 | ---- | C] () -- C:\Documents and Settings\Clarie\My Documents\BELL JULY 2009.csv [2010/07/24 22:14:34 | 000,016,840 | ---- | C] () -- C:\Documents and Settings\Clarie\My Documents\BELL HISTORY.ods [2010/07/21 10:52:45 | 000,028,980 | ---- | C] () -- C:\Documents and Settings\Clarie\My Documents\MASTERCARD household paid by MO.ods [2010/07/20 22:40:57 | 000,020,466 | ---- | C] () -- C:\Documents and Settings\Clarie\My Documents\CHATELAINE PAYMENT JULY 20,2010.odt [2010/07/18 14:27:30 | 000,009,217 | ---- | C] () -- C:\Documents and Settings\Clarie\My Documents\MAINTENANCE.odt [2010/07/18 14:26:55 | 000,009,155 | ---- | C] () -- C:\Documents and Settings\Clarie\My Documents\SPYWARE.odt [2010/07/16 11:44:42 | 000,001,915 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Google Earth.lnk [2010/07/16 07:35:36 | 000,000,782 | ---- | C] () -- C:\Documents and Settings\Clarie\Desktop\Windows Media Player.lnk [2010/07/15 16:22:54 | 000,000,326 | ---- | C] () -- C:\Documents and Settings\Clarie\Desktop\Password Safe - Free software downloads and software reviews - CNET Download.com.url [2010/07/14 09:32:05 | 000,000,282 | ---- | C] () -- C:\Documents and Settings\Clarie\Desktop\Inflation Calculator- Other- Rates and Statistics- Bank of Canada.url [2010/07/12 21:54:42 | 000,021,959 | ---- | C] () -- C:\Documents and Settings\Clarie\My Documents\BANKING&EMAIL-NOTES.odt [2010/07/11 22:11:44 | 000,015,320 | ---- | C] () -- C:\Documents and Settings\Clarie\My Documents\PROJECTIONS - SEPT 2010.ods [2010/07/09 16:20:22 | 000,100,258 | ---- | C] () -- C:\Documents and Settings\Clarie\My Documents\Hydro July 09, 2010.mht [2010/07/04 15:03:55 | 000,022,735 | ---- | C] () -- C:\Documents and Settings\Clarie\My Documents\CAMERA PAY PAL.odt [2010/07/04 07:21:09 | 000,000,579 | ---- | C] () -- C:\Documents and Settings\Clarie\Desktop\12.0 Mega USB 6 LED Webcam Web Cam Camera PC Laptop+Mic on eBay.ca (item 170505441352 end time 26-Jul-10 011907 EDT).url [2010/07/03 10:24:10 | 000,000,744 | ---- | C] () -- C:\Documents and Settings\Clarie\My Documents\Shortcut to REVO UNINSTALLER - Removing Start-up items in Windows.lnk [2010/07/03 10:19:08 | 000,025,590 | ---- | C] () -- C:\Documents and Settings\Clarie\My Documents\REVO UNINSTALLER - Removing Start-up items in Windows.odt [2010/06/30 21:06:57 | 000,100,352 | ---- | C] () -- C:\Documents and Settings\Clarie\My Documents\L-3 communications [LITTON] PENSION Page 2.wps [2010/06/30 21:00:25 | 000,039,424 | ---- | C] () -- C:\Documents and Settings\Clarie\My Documents\L-3 communications [LITTON] PENSION Page 1.wps [2010/06/29 19:22:47 | 000,115,399 | ---- | C] () -- C:\Documents and Settings\Clarie\My Documents\Union Gas June 23, 2010.pdf [2010/06/28 06:39:12 | 000,023,121 | ---- | C] () -- C:\Documents and Settings\Clarie\My Documents\COMPUTER - DIANE.odt [2010/06/27 16:57:08 | 000,090,125 | ---- | C] () -- C:\Documents and Settings\Clarie\My Documents\BLOOD PRESSURE - Apr 29, 2010.ods [2010/06/26 09:46:23 | 000,012,174 | ---- | C] () -- C:\Documents and Settings\Clarie\My Documents\MASTERCARD - SEARS.ods [2010/06/22 06:49:27 | 000,015,771 | ---- | C] () -- C:\Documents and Settings\Clarie\My Documents\BMO to MasterCard Jun22,2010.odt [2010/06/19 07:13:49 | 000,013,664 | ---- | C] () -- C:\Documents and Settings\Clarie\My Documents\LACTUALITE.odt [2010/06/16 06:53:31 | 025,034,310 | ---- | C] () -- C:\Documents and Settings\Clarie\My Documents\HKEY CLASSES ROOT re HCP.reg [2010/06/14 09:43:13 | 000,010,958 | ---- | C] () -- C:\Documents and Settings\Clarie\My Documents\CLAIRE - transer of HST CREDIT.odt [2010/06/11 22:24:19 | 000,000,885 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\OpenOffice.org 3.2.lnk [2010/06/11 06:35:17 | 000,000,451 | ---- | C] () -- C:\Documents and Settings\Clarie\Desktop\Auto Quote Insurance CAA South Central Ontario.url [2010/06/08 18:09:13 | 044,089,904 | ---- | C] () -- C:\Documents and Settings\Clarie\My Documents\avira_antivir_personal_en.exe [2010/06/08 10:38:40 | 009,175,040 | ---- | C] () -- C:\Documents and Settings\Clarie\ntuser.dat [2010/06/06 22:22:36 | 000,011,432 | ---- | C] () -- C:\Documents and Settings\Clarie\My Documents\DINO receipt.odt [2010/06/03 11:39:17 | 000,014,744 | ---- | C] () -- C:\Documents and Settings\Clarie\My Documents\BANK - STOP CHEQUE.odt [2010/05/28 22:21:50 | 000,115,465 | ---- | C] () -- C:\Documents and Settings\Clarie\My Documents\Union Gas Apr 23, 2010.pdf [2010/05/24 14:06:14 | 000,009,613 | ---- | C] () -- C:\Documents and Settings\Clarie\My Documents\CLAIRE - Daily reports.ods [2010/05/21 21:54:42 | 000,000,277 | ---- | C] () -- C:\Documents and Settings\Clarie\Desktop\About DSL modem lights - Support.url [2010/05/21 21:34:35 | 000,000,370 | ---- | C] () -- C:\Documents and Settings\Clarie\Desktop\Internet DSL Connection Problems.url [2010/05/21 18:29:21 | 000,000,492 | ---- | C] () -- C:\Documents and Settings\Clarie\Desktop\the internet connection is currently not available - Google Search.url [2010/05/19 06:58:56 | 000,002,265 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Skype.lnk [2010/05/18 16:58:49 | 000,015,122 | ---- | C] () -- C:\Documents and Settings\Clarie\My Documents\TAX RECORDS - CLAIRE BUP.ods [2010/03/20 16:34:51 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\dldnvs.dll [2010/03/20 16:34:45 | 000,360,448 | ---- | C] () -- C:\WINDOWS\System32\dldncoin.dll [2010/03/20 16:33:05 | 000,782,336 | ---- | C] () -- C:\WINDOWS\System32\dldndrs.dll [2010/03/20 16:33:05 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\dldncaps.dll [2010/03/20 16:33:05 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\dldncnv4.dll [2010/03/20 16:28:40 | 000,102,400 | ---- | C] () -- C:\WINDOWS\System32\dldnwupd.dll [2010/03/20 16:28:18 | 000,348,160 | ---- | C] () -- C:\WINDOWS\System32\DLDNinst.dll [2010/03/20 16:28:17 | 000,532,480 | ---- | C] () -- C:\WINDOWS\System32\dldnutil.dll [2010/03/20 16:28:14 | 000,176,128 | ---- | C] () -- C:\WINDOWS\System32\dldninsb.dll [2010/03/20 16:28:14 | 000,176,128 | ---- | C] () -- C:\WINDOWS\System32\dldnins.dll [2010/03/20 16:28:14 | 000,143,360 | ---- | C] () -- C:\WINDOWS\System32\dldnjswr.dll [2010/03/20 16:28:14 | 000,106,496 | ---- | C] () -- C:\WINDOWS\System32\dldninsr.dll [2010/03/20 16:28:13 | 000,208,896 | ---- | C] () -- C:\WINDOWS\System32\dldngrd.dll [2010/03/20 16:28:12 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\dldncub.dll [2010/03/20 16:28:12 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\dldncur.dll [2010/03/20 16:28:11 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\dldncu.dll [2010/03/20 16:28:10 | 000,077,906 | ---- | C] () -- C:\WINDOWS\System32\DLDNcfg.dll [2009/01/30 17:26:20 | 000,000,128 | ---- | C] () -- C:\WINDOWS\wininit.ini [2009/01/16 14:45:48 | 000,073,728 | ---- | C] () -- C:\WINDOWS\System32\RtNicProp32.dll [2008/11/20 16:10:10 | 000,036,352 | ---- | C] () -- C:\WINDOWS\System32\SX32W.DLL [2008/09/06 21:23:21 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini [2008/02/04 18:23:10 | 000,693,792 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.DLL [2007/11/22 05:48:47 | 000,000,234 | ---- | C] () -- C:\WINDOWS\PrnHlpLogConfig.ini [2007/11/22 05:48:30 | 000,000,214 | ---- | C] () -- C:\WINDOWS\HP_InstantSHareJPG.ini [2007/11/22 05:47:17 | 000,000,217 | ---- | C] () -- C:\WINDOWS\HP_IZClosingDiscErrorPatch.ini [2007/11/20 23:51:42 | 000,077,824 | R--- | C] () -- C:\WINDOWS\System32\HPZIDS01.dll [2007/03/27 14:45:22 | 000,004,096 | ---- | C] () -- C:\WINDOWS\System32\sysres.dll [2006/07/01 13:57:36 | 000,000,052 | ---- | C] () -- C:\WINDOWS\VistaEmail.ini [2006/04/08 21:59:28 | 000,000,206 | ---- | C] () -- C:\WINDOWS\HPGdiPlus.ini [2006/01/28 11:57:12 | 000,006,048 | ---- | C] () -- C:\WINDOWS\System32\MCC16.dll [2006/01/08 07:15:09 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI [2005/02/12 04:33:06 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini [2004/08/07 09:16:44 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini [2004/08/07 09:10:08 | 000,000,780 | ---- | C] () -- C:\WINDOWS\orun32.ini [2001/07/06 19:30:00 | 000,003,399 | ---- | C] () -- C:\WINDOWS\System32\hptcpmon.ini [1999/03/21 21:00:00 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\MSRTEDIT.DLL [1998/01/12 04:00:00 | 000,040,448 | ---- | C] () -- C:\WINDOWS\System32\REGOBJ.DLL [color=#E56717]========== LOP Check ==========[/color] [2010/05/09 07:16:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Alwil Software [2009/06/03 11:07:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Bell [2009/10/08 20:54:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DriverScanner [2009/06/19 10:17:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\iolo [2005/04/30 07:12:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\muvee Technologies [2008/09/07 21:12:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Drivers HeadQuarters [2009/12/30 08:03:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PCPitstop [2008/11/20 16:31:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SDL International [2010/08/14 16:12:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP [2010/06/30 20:57:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ThumbnailCache4R [2010/04/15 22:23:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TuneUp Software [2009/09/13 21:41:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WinZip [2009/03/17 17:22:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{00D89592-F643-4D8D-8F0F-AFAE0F14D4C3} [2009/04/17 11:10:23 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Application Data\{55A29068-F2CE-456C-9148-C869879E2357} [2009/09/14 13:24:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD} [2010/04/15 21:51:39 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Application Data\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC} [2009/03/05 08:08:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{EC0615F3-39C5-40A5-9C90-EABA4ACA5B7F} [2009/06/03 11:07:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Clarie\Application Data\Bell [2009/10/21 21:19:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Clarie\Application Data\CheckPoint [2008/09/18 21:54:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Clarie\Application Data\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1 [2010/07/19 22:02:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Clarie\Application Data\ElevatedDiagnostics [2009/03/06 22:39:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Clarie\Application Data\Free-backup.info [2009/04/15 15:46:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Clarie\Application Data\GlarySoft [2008/09/19 07:54:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Clarie\Application Data\Image Zone Express [2009/03/21 09:54:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Clarie\Application Data\InterVideo [2010/08/13 22:46:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Clarie\Application Data\IObit [2009/06/19 10:17:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Clarie\Application Data\iolo [2007/11/11 08:12:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Clarie\Application Data\Leadertech [2007/11/24 13:18:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Clarie\Application Data\MSNInstaller [2009/03/21 23:16:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Clarie\Application Data\OfficeUpdate12 [2009/03/19 20:15:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Clarie\Application Data\OpenOffice.org [2009/04/21 21:18:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Clarie\Application Data\PC Updater [2007/11/29 08:31:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Clarie\Application Data\Printer Info Cache [2008/10/12 14:50:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Clarie\Application Data\SDL International [2008/11/15 20:32:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Clarie\Application Data\System Tweaker [2009/04/18 16:22:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Clarie\Application Data\Template [2008/11/22 14:56:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Clarie\Application Data\Trados [2009/04/17 11:14:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Clarie\Application Data\TuneUp Software [2010/03/31 09:35:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Clarie\Application Data\Uniblue [2010/04/06 06:52:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Clarie\Application Data\VSRevoGroup [2010/08/13 16:34:08 | 000,000,472 | ---- | M] () -- C:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job [2010/08/09 21:58:01 | 000,000,438 | ---- | M] () -- C:\WINDOWS\Tasks\EasyShare Registration Task.job [2010/08/15 10:49:05 | 000,000,314 | ---- | M] () -- C:\WINDOWS\Tasks\GlaryInitialize.job [2010/08/02 23:16:44 | 000,000,386 | ---- | M] () -- C:\WINDOWS\Tasks\SmartDefrag.job [2010/08/15 11:08:50 | 000,000,424 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{703E2CC1-5410-4D38-A773-8B54294E0379}.job [2010/08/15 11:12:00 | 000,000,424 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{D3B276E1-8350-47AB-AD03-A941DECD14D6}.job [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Custom Scans ==========[/color] [color=#A23BEC]< %SYSTEMDRIVE%\*.* >[/color] [2009/11/11 08:20:46 | 000,104,096 | ---- | M] () -- C:\aaw7boot.log [2008/09/22 22:30:35 | 000,000,090 | ---- | M] () -- C:\bcmwl5.log [2009/02/04 23:04:01 | 000,000,211 | ---- | M] () -- C:\Boot.bak [2010/02/21 07:43:31 | 000,000,281 | RHS- | M] () -- C:\boot.ini [2004/08/04 00:00:00 | 000,260,272 | ---- | M] () -- C:\cmldr [2008/08/20 21:02:31 | 000,000,771 | ---- | M] () -- C:\hdd.log [2010/08/15 10:47:21 | 1206,439,936 | -HS- | M] () -- C:\hiberfil.sys [2007/11/26 23:29:03 | 000,000,000 | RHS- | M] () -- C:\IO.SYS [2009/03/29 19:08:56 | 000,007,569 | ---- | M] () -- C:\JavaRa.log [2009/02/22 19:35:57 | 000,129,740 | ---- | M] () -- C:\logfile [2010/04/30 09:16:48 | 000,000,109 | ---- | M] () -- C:\mbam-error.txt [2008/12/10 11:59:19 | 000,001,024 | ---- | M] () -- C:\mmjb.DDF [2007/11/26 23:29:03 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS [2004/08/04 04:00:00 | 000,047,564 | RHS- | M] () -- C:\ntdetect.com [2008/06/22 08:39:56 | 000,250,048 | RHS- | M] () -- C:\ntldr [2010/08/15 10:47:18 | 603,979,776 | -HS- | M] () -- C:\pagefile.sys [2008/04/30 18:32:00 | 000,107,596 | ---- | M] () -- C:\toolkit_widget.gif [2009/03/21 08:17:39 | 000,505,414 | ---- | M] () -- C:\vcredist_x86.log [2008/11/13 22:24:29 | 000,005,687 | ---- | M] () -- C:\wint.dli [color=#A23BEC]< %systemroot%\Fonts\*.com >[/color] [2006/04/18 16:39:28 | 000,026,040 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalMonospace.CompositeFont [2006/06/29 15:53:56 | 000,026,489 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalSansSerif.CompositeFont [2006/04/18 16:39:28 | 000,029,779 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalSerif.CompositeFont [2006/06/29 15:58:52 | 000,030,808 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalUserInterface.CompositeFont [color=#A23BEC]< %systemroot%\Fonts\*.dll >[/color] [2005/05/12 03:36:48 | 000,012,288 | ---- | M] (Hewlett-Packard Co.) -- C:\WINDOWS\Fonts\RandFont.dll [color=#A23BEC]< %systemroot%\Fonts\*.ini >[/color] [2004/08/07 08:57:38 | 000,000,067 | -HS- | M] () -- C:\WINDOWS\Fonts\desktop.ini [color=#A23BEC]< %systemroot%\Fonts\*.ini2 >[/color] [color=#A23BEC]< %systemroot%\Fonts\*.exe >[/color] [color=#A23BEC]< %systemroot%\system32\spool\prtprocs\w32x86\*.* >[/color] [2009/07/02 08:40:16 | 000,147,968 | ---- | M] () -- C:\WINDOWS\system32\spool\prtprocs\w32x86\dldndrpp.dll [2008/07/06 08:06:10 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll [2006/04/10 18:02:32 | 000,074,240 | ---- | M] (Hewlett-Packard Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\hpzpp054.dll [2008/07/06 06:50:03 | 000,597,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\printfilterpipelinesvc.exe [color=#A23BEC]< %systemroot%\REPAIR\*.bak1 >[/color] [color=#A23BEC]< %systemroot%\REPAIR\*.ini >[/color] [color=#A23BEC]< %systemroot%\system32\*.jpg >[/color] [color=#A23BEC]< %systemroot%\*.jpg >[/color] [color=#A23BEC]< %systemroot%\*.png >[/color] [color=#A23BEC]< %systemroot%\*.scr >[/color] [2010/04/17 00:04:40 | 000,306,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WLXPGSS.SCR [color=#A23BEC]< %systemroot%\*._sy >[/color] [color=#A23BEC]< %APPDATA%\Adobe\Update\*.* >[/color] [color=#A23BEC]< %ALLUSERSPROFILE%\Favorites\*.* >[/color] [color=#A23BEC]< %APPDATA%\Microsoft\*.* >[/color] [color=#A23BEC]< %PROGRAMFILES%\*.* >[/color] [color=#A23BEC]< %APPDATA%\Update\*.* >[/color] [color=#A23BEC]< %systemroot%\*. /mp /s >[/color] [color=#A23BEC]< %systemroot%\System32\config\*.sav >[/color] [2004/08/07 01:45:26 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav [2004/08/07 01:45:26 | 000,634,880 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav [2004/08/07 01:45:26 | 000,892,928 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav [color=#A23BEC]< %PROGRAMFILES%\bak. /s >[/color] [color=#A23BEC]< %systemroot%\system32\bak. /s >[/color] [color=#A23BEC]< %ALLUSERSPROFILE%\Start Menu\*.lnk /x >[/color] [2008/06/22 09:00:19 | 000,000,272 | -HS- | M] () -- C:\Documents and Settings\All Users\Start Menu\desktop.ini [color=#A23BEC]< %systemroot%\system32\config\systemprofile\*.dat /x >[/color] [color=#A23BEC]< %systemroot%\*.config >[/color] [color=#A23BEC]< %systemroot%\system32\*.db >[/color] [color=#A23BEC]< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >[/color] [color=#A23BEC]< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >[/color] HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2010-08-03 11:07:18 [color=#E56717]========== Alternate Data Streams ==========[/color] @Alternate Data Stream - 121 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2 @Alternate Data Stream - 118 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5C321E34 @Alternate Data Stream - 109 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:A8ADE5D8 < End of report >