OTL logfile created on: 4/1/2011 10:52:35 PM - Run 1 OTL by OldTimer - Version 3.2.22.3 Folder = C:\Documents and Settings\Cara-Leigh\Desktop Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 1,014.00 Mb Total Physical Memory | 234.00 Mb Available Physical Memory | 23.00% Memory free 2.00 Gb Paging File | 1.00 Gb Available in Paging File | 54.00% Paging File free Paging file location(s): C:\pagefile.sys 1524 3048 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 44.87 Gb Total Space | 26.73 Gb Free Space | 59.56% Space Free | Partition Type: NTFS Drive D: | 45.35 Gb Total Space | 45.23 Gb Free Space | 99.73% Space Free | Partition Type: NTFS Computer Name: DRSLAPTOP | User Name: Cara-Leigh | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Quick Scan Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2011/04/01 22:50:40 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Cara-Leigh\Desktop\OTL.exe PRC - [2011/03/25 01:03:18 | 001,405,384 | ---- | M] (Lavasoft Limited) -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe PRC - [2011/03/14 08:31:03 | 000,053,104 | ---- | M] (Uniblue Systems Limited) -- C:\Program Files\Uniblue\RegistryBooster\registrybooster.exe PRC - [2011/03/14 08:31:03 | 000,025,472 | ---- | M] (Uniblue Systems Limited) -- C:\Program Files\Uniblue\RegistryBooster\rbmonitor.exe PRC - [2011/03/04 14:37:00 | 000,135,336 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe PRC - [2011/03/04 14:36:52 | 000,269,480 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe PRC - [2011/03/04 14:36:51 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe PRC - [2011/03/02 06:31:06 | 000,156,576 | ---- | M] (COMODO) -- C:\Program Files\COMODO\COMODO GeekBuddy\CLPSLS.exe PRC - [2011/03/02 06:31:04 | 000,997,032 | ---- | M] (COMODO) -- C:\Program Files\COMODO\COMODO GeekBuddy\CLPS.exe PRC - [2011/02/18 21:45:23 | 000,160,592 | ---- | M] (Siber Systems) -- C:\Program Files\Siber Systems\AI RoboForm\robotaskbaricon.exe PRC - [2011/01/25 18:42:10 | 000,083,440 | ---- | M] (Google) -- C:\Documents and Settings\Cara-Leigh\Local Settings\Application Data\Google\Google Talk Plugin\googletalkplugin.exe PRC - [2011/01/17 23:30:46 | 001,803,224 | ---- | M] (COMODO) -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe PRC - [2011/01/17 23:30:16 | 002,548,552 | ---- | M] (COMODO) -- C:\Program Files\COMODO\COMODO Internet Security\cfp.exe PRC - [2010/07/12 05:55:04 | 000,218,112 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows NT\Accessories\wordpad.exe PRC - [2010/01/14 21:11:00 | 000,076,968 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe PRC - [2008/04/13 17:12:20 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2005/08/11 20:21:00 | 000,200,704 | ---- | M] (Acer Inc) -- C:\Acer\ePM\epm-dm.exe PRC - [2004/10/08 15:44:24 | 000,098,394 | ---- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\SynTPLpr.exe [color=#E56717]========== Modules (SafeList) ==========[/color] MOD - [2011/04/01 22:50:40 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Cara-Leigh\Desktop\OTL.exe MOD - [2010/12/29 01:42:04 | 000,285,480 | ---- | M] (COMODO) -- C:\WINDOWS\system32\guard32.dll MOD - [2010/08/23 09:12:02 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll MOD - [2004/10/08 15:44:16 | 000,069,722 | ---- | M] (Synaptics, Inc.) -- C:\WINDOWS\system32\SynTPFcs.dll [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - File not found [Disabled | Stopped] -- -- (MySql) SRV - File not found [Disabled | Stopped] -- -- (Awmcnkh) SRV - [2011/03/25 01:03:18 | 001,405,384 | ---- | M] (Lavasoft Limited) [Auto | Running] -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe -- (Lavasoft Ad-Aware Service) SRV - [2011/03/04 14:37:00 | 000,135,336 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService) SRV - [2011/03/04 14:36:52 | 000,269,480 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService) SRV - [2011/03/02 06:31:06 | 000,156,576 | ---- | M] (COMODO) [Auto | Running] -- C:\Program Files\COMODO\COMODO GeekBuddy\CLPSLS.exe -- (CLPSLS) SRV - [2011/01/17 23:30:46 | 001,803,224 | ---- | M] (COMODO) [Auto | Running] -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe -- (cmdAgent) SRV - [2005/06/06 20:08:58 | 001,273,344 | ---- | M] (OSA Technologies Inc.) [Disabled | Stopped] -- C:\Acer\eManager\anbmServ.exe -- (anbmService) SRV - [2004/09/29 13:14:36 | 000,069,632 | ---- | M] (HP) [Disabled | Stopped] -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - [2011/03/25 01:03:19 | 000,064,512 | ---- | M] (Lavasoft AB) [File_System | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\Lbd.sys -- (Lbd) DRV - [2011/03/25 01:03:18 | 000,015,232 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Program Files\Lavasoft\Ad-Aware\kernexplorer.sys -- (Lavasoft Kernexplorer) DRV - [2011/03/04 16:11:12 | 000,137,656 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb) DRV - [2011/03/04 14:37:13 | 000,061,960 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt) DRV - [2011/01/06 17:37:04 | 000,094,784 | ---- | M] (COMODO) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\inspect.sys -- (Inspect) DRV - [2011/01/06 17:37:04 | 000,027,576 | ---- | M] (COMODO) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\cmdhlp.sys -- (cmdHlp) DRV - [2011/01/06 17:37:02 | 000,239,368 | ---- | M] (COMODO) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\cmdGuard.sys -- (cmdGuard) DRV - [2010/06/17 14:27:22 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv) DRV - [2010/06/17 14:27:12 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Program Files\Avira\AntiVir Desktop\avgio.sys -- (avgio) DRV - [2009/01/21 08:49:40 | 000,118,656 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtnicxp.sys -- (RTL8023xp) DRV - [2005/09/23 19:56:28 | 003,966,976 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM) DRV - [2005/06/30 17:58:24 | 000,007,296 | ---- | M] (OSA Technologies, An Avocent Company) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\osaio.sys -- (osaio) DRV - [2005/06/30 16:16:58 | 001,034,752 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DPV.sys -- (HSF_DPV) DRV - [2005/06/30 16:16:06 | 000,200,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWAZL.sys -- (HSFHWAZL) DRV - [2005/06/30 16:16:02 | 000,716,416 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf) DRV - [2005/04/07 19:08:46 | 000,078,208 | ---- | M] (Acer Value Labs, USA) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\epm-shd.sys -- (EpmShd) DRV - [2005/01/14 16:57:16 | 000,004,010 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\osanbm.sys -- (osanbm) DRV - [2005/01/10 16:47:14 | 000,449,888 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ar5211.sys -- (AR5211) DRV - [2005/01/07 18:07:16 | 000,145,920 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Hdaudio.sys -- (HdAudAddService) DRV - [2004/11/16 13:06:00 | 003,222,784 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\w29n51.sys -- (w29n51) Intel(R) DRV - [2004/07/19 14:10:00 | 000,004,096 | ---- | M] (Acer Value Labs, USA) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\epm-psd.sys -- (EpmPsd) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.thecomedynetwork.ca IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.google.ca/ [binary data] IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource=10&ctid=CT2645238 IE - HKCU\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - Reg Error: Key error. File not found IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..network.proxy.type: 0 FF - HKLM\software\mozilla\Mozilla Firefox 4.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/03/28 00:17:22 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 4.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/03/28 00:18:02 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Cara-Leigh\Application Data\Mozilla\Extensions [2011/03/29 13:12:15 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Cara-Leigh\Application Data\Mozilla\Firefox\Profiles\2xhauns0.default\extensions [2011/03/28 13:37:26 | 000,000,000 | ---D | M] (Flagfox) -- C:\Documents and Settings\Cara-Leigh\Application Data\Mozilla\Firefox\Profiles\2xhauns0.default\extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b} [2011/03/28 13:37:25 | 000,000,000 | ---D | M] (Canadian English Dictionary) -- C:\Documents and Settings\Cara-Leigh\Application Data\Mozilla\Firefox\Profiles\2xhauns0.default\extensions\en-CA@dictionaries.addons.mozilla.org [2011/03/28 00:17:22 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions File not found (No name found) -- () (No name found) -- C:\DOCUMENTS AND SETTINGS\CARA-LEIGH\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\2XHAUNS0.DEFAULT\EXTENSIONS\{28197867-B1EF-4140-8E3B-55C45B9C8460}.XPI () (No name found) -- C:\DOCUMENTS AND SETTINGS\CARA-LEIGH\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\2XHAUNS0.DEFAULT\EXTENSIONS\{46551EC9-40F0-4E47-8E18-8E5CF550CFB8}.XPI () (No name found) -- C:\DOCUMENTS AND SETTINGS\CARA-LEIGH\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\2XHAUNS0.DEFAULT\EXTENSIONS\{9AA46F4F-4DC7-4C06-97AF-5035170634FE}.XPI () (No name found) -- C:\DOCUMENTS AND SETTINGS\CARA-LEIGH\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\2XHAUNS0.DEFAULT\EXTENSIONS\{AE93811A-5C9A-4D34-8462-F7B864FC4696}.XPI () (No name found) -- C:\DOCUMENTS AND SETTINGS\CARA-LEIGH\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\2XHAUNS0.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI [2011/03/18 10:53:24 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\browsercomps.dll [2010/01/01 01:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\bing.xml O1 HOSTS File: ([2004/08/04 06:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (no name) - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.) O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.6209.1142\swg.dll (Google Inc.) O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) O3 - HKLM\..\Toolbar: (&RoboForm) - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.) O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {00000000-0000-0000-0000-000000000000} - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {472734EA-242A-422B-ADF8-83D1E48CC825} - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (&RoboForm) - {724D43A0-0D85-11D4-9908-00400523E39A} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.) O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.) O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) O4 - HKLM..\Run: [BluetoothAuthenticationAgent] C:\WINDOWS\System32\bthprops.cpl (Microsoft Corporation) O4 - HKLM..\Run: [COMODO] C:\Program Files\COMODO\COMODO GeekBuddy\CLPSLA.exe (COMODO) O4 - HKLM..\Run: [COMODO Internet Security] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO) O4 - HKLM..\Run: [CPA] C:\Program Files\COMODO\COMODO GeekBuddy\VALA.exe () O4 - HKLM..\Run: [epm-dm] c:\Acer\ePM\epm-dm.exe (Acer Inc) O4 - HKLM..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe (Synaptics, Inc.) O4 - HKCU..\Run: [RegistryBooster] C:\Program Files\Uniblue\RegistryBooster\launcher.exe (Uniblue Systems Limited) O4 - HKCU..\Run: [RoboForm] C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe (Siber Systems) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoInternetOpenWith = 1 O8 - Extra context menu item: Customize Menu - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html () O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation) O8 - Extra context menu item: Fill Forms - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html () O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll (Google Inc.) O8 - Extra context menu item: RoboForm Toolbar - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html () O8 - Extra context menu item: Save Forms - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html () O9 - Extra Button: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html () O9 - Extra 'Tools' menuitem : Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html () O9 - Extra Button: Save - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html () O9 - Extra 'Tools' menuitem : Save Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html () O9 - Extra Button: RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html () O9 - Extra 'Tools' menuitem : RoboForm Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html () O9 - Extra Button: Add to Wish List - {76c5fb99-dd0a-4186-9e75-65d1bf3da283} - C:\Program Files\Amazon\Add to Wish List IE Extension\run.htm () O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1293144173619 (WUWebControl Class) O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1293144229119 (MUWebControl Class) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab (Shockwave Flash Object) O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1 O20 - AppInit_DLLs: (C:\WINDOWS\system32\guard32.dll) - C:\WINDOWS\system32\guard32.dll (COMODO) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O24 - Desktop WallPaper: C:\Documents and Settings\Cara-Leigh\Local Settings\Application Data\Microsoft\Wallpaper1.bmp O24 - Desktop BackupWallPaper: C:\Documents and Settings\Cara-Leigh\Local Settings\Application Data\Microsoft\Wallpaper1.bmp O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2005/08/17 18:39:24 | 000,000,100 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) - File not found O34 - HKLM BootExecute: (lsdelete) - C:\WINDOWS\System32\lsdelete.exe () O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2011/04/01 22:50:37 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Cara-Leigh\Desktop\OTL.exe [2011/04/01 22:37:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Cara-Leigh\Application Data\Uniblue [2011/04/01 22:36:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Uniblue [2011/04/01 22:36:51 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Application Data\{AB2D8F2E-F7AD-4446-A11A-50D846B2CF2A} [2011/04/01 22:36:50 | 000,000,000 | ---D | C] -- C:\Program Files\Uniblue [2011/04/01 22:36:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Cara-Leigh\Local Settings\Application Data\PackageAware [2011/04/01 18:05:22 | 000,000,000 | ---D | C] -- C:\WINDOWS\LastGood [2011/03/31 00:30:55 | 000,098,392 | ---- | C] (Sunbelt Software) -- C:\WINDOWS\System32\drivers\SBREDrv.sys [2011/03/29 23:13:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Cara-Leigh\Application Data\Namco [2011/03/29 23:13:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Cara-Leigh\Local Settings\Application Data\Namco [2011/03/29 00:04:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Kristanix Games [2011/03/28 14:05:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Cara-Leigh\My Documents\Downloads [2011/03/28 00:17:20 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox [2011/03/27 23:44:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Cara-Leigh\Desktop\Internet Business Stuff [2011/03/27 23:41:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Cara-Leigh\Desktop\Games [2011/03/27 23:36:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Documents\COMODO [2011/03/27 23:31:05 | 000,064,512 | ---- | C] (Lavasoft AB) -- C:\WINDOWS\System32\drivers\Lbd.sys [2011/03/27 23:31:05 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\DRVSTORE [2011/03/27 23:27:54 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Application Data\{8790345A-AF70-4319-B9E7-AAA25C6DCD42} [2011/03/27 23:26:59 | 000,000,000 | ---D | C] -- C:\Program Files\Lavasoft [2011/03/27 23:26:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Lavasoft [2011/03/27 23:26:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Lavasoft [2011/03/27 23:22:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Comodo [2011/03/27 23:22:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\COMODO [2011/03/27 23:22:33 | 000,000,000 | ---D | C] -- C:\Program Files\COMODO [2011/03/27 23:13:34 | 000,000,000 | ---D | C] -- C:\WINDOWS\Internet Logs [2011/03/27 22:43:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Cara-Leigh\My Documents\ForceField Shared Files [2011/03/27 22:42:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Cara-Leigh\Application Data\CheckPoint [2011/03/27 22:42:19 | 000,000,000 | ---D | C] -- C:\Program Files\Conduit [2011/03/27 22:42:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Cara-Leigh\Local Settings\Application Data\Free_Ride_Games [2011/03/27 22:42:07 | 000,000,000 | ---D | C] -- C:\Program Files\CheckPoint [2011/03/27 21:35:36 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\NtmsData [2011/03/27 21:34:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Cara-Leigh\Application Data\Avira [2011/03/27 21:32:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Avira [2011/03/27 21:32:23 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\ssmdrv.sys [2011/03/27 21:32:20 | 000,137,656 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avipbb.sys [2011/03/27 21:32:20 | 000,061,960 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntflt.sys [2011/03/27 21:32:20 | 000,045,416 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntdd.sys [2011/03/27 21:32:20 | 000,022,360 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntmgr.sys [2011/03/27 21:32:19 | 000,000,000 | ---D | C] -- C:\Program Files\Avira [2011/03/27 21:32:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Avira [2011/03/27 21:29:19 | 001,914,496 | ---- | C] (Trend Micro Inc.) -- C:\Documents and Settings\Cara-Leigh\Desktop\HousecallLauncher.exe [2011/03/27 20:47:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Cara-Leigh\Local Settings\Application Data\Threat Expert [2011/03/27 20:36:20 | 000,000,000 | ---D | C] -- C:\Program Files\PC Tools Security [2011/03/27 20:32:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\PC Tools [2011/03/17 15:48:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Cara-Leigh\Application Data\Keyword Strategy Studio Pro [2011/03/17 15:48:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Softnik Technologies [2011/03/17 15:48:16 | 000,000,000 | ---D | C] -- C:\Program Files\Softnik Technologies [2011/03/17 15:29:46 | 000,123,995 | ---- | C] (Tiger Jet Network) -- C:\WINDOWS\System32\dllcache\tjisdn.sys [2011/03/11 23:46:03 | 000,249,402 | ---- | C] (Xircom) -- C:\WINDOWS\System32\dllcache\vinwm.sys [2011/03/05 15:54:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Cara-Leigh\Start Menu\Programs\Google Chrome [924 C:\WINDOWS\System32\dllcache\*.tmp files -> C:\WINDOWS\System32\dllcache\*.tmp -> ] [5 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2011/04/01 22:58:03 | 000,000,894 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job [2011/04/01 22:50:40 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Cara-Leigh\Desktop\OTL.exe [2011/04/01 22:49:29 | 000,000,432 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{A66A6A00-5E7B-4145-A922-2DD292CA2173}.job [2011/04/01 22:37:13 | 000,000,274 | ---- | M] () -- C:\WINDOWS\tasks\RegistryBooster.job [2011/04/01 22:36:56 | 000,001,740 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Uniblue RegistryBooster.lnk [2011/04/01 22:36:56 | 000,001,723 | ---- | M] () -- C:\Documents and Settings\Cara-Leigh\Application Data\Microsoft\Internet Explorer\Quick Launch\Uniblue RegistryBooster.lnk [2011/04/01 22:21:16 | 000,000,996 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-4006041411-1818442623-1130046000-1009UA.job [2011/04/01 21:59:20 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2011/04/01 21:01:25 | 000,000,871 | ---- | M] () -- C:\Documents and Settings\Cara-Leigh\My Documents\Companion Ad.rtf [2011/04/01 20:36:56 | 000,000,224 | ---- | M] () -- C:\Documents and Settings\Cara-Leigh\Desktop\ ONE BEDROOM ABOVE GROUND BASEMENT SUITE (2).url [2011/04/01 18:07:30 | 000,000,472 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job [2011/04/01 18:03:33 | 000,000,890 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job [2011/04/01 18:03:04 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2011/04/01 18:02:57 | 1063,374,848 | -HS- | M] () -- C:\hiberfil.sys [2011/03/31 01:17:45 | 000,000,224 | ---- | M] () -- C:\Documents and Settings\Cara-Leigh\Desktop\Above-ground Bsmt suite.url [2011/03/31 01:16:45 | 000,000,224 | ---- | M] () -- C:\Documents and Settings\Cara-Leigh\Desktop\1 - 2 Bedroom Basement Suite.url [2011/03/31 01:16:04 | 000,000,224 | ---- | M] () -- C:\Documents and Settings\Cara-Leigh\Desktop\ ONE BEDROOM ABOVE GROUND BASEMENT SUITE .url [2011/03/31 01:14:40 | 000,000,224 | ---- | M] () -- C:\Documents and Settings\Cara-Leigh\Desktop\Allwood Trailer Park.url [2011/03/31 01:14:15 | 000,000,224 | ---- | M] () -- C:\Documents and Settings\Cara-Leigh\Desktop\Above ground suite in quiet home.url [2011/03/31 01:13:49 | 000,000,224 | ---- | M] () -- C:\Documents and Settings\Cara-Leigh\Desktop\1 BEDROOM BASEMENT SUITE.url [2011/03/31 01:11:34 | 000,000,224 | ---- | M] () -- C:\Documents and Settings\Cara-Leigh\Desktop\1 Bedroom Bsmt Suite.url [2011/03/31 00:30:55 | 000,098,392 | ---- | M] (Sunbelt Software) -- C:\WINDOWS\System32\drivers\SBREDrv.sys [2011/03/29 23:03:18 | 000,000,800 | ---- | M] () -- C:\Documents and Settings\Cara-Leigh\My Documents\Beauty ad.rtf [2011/03/29 22:08:33 | 000,001,029 | ---- | M] () -- C:\Documents and Settings\Cara-Leigh\My Documents\Dating ad.rtf [2011/03/29 15:12:49 | 000,000,669 | ---- | M] () -- C:\Documents and Settings\Cara-Leigh\My Documents\Devices ad.rtf [2011/03/29 14:52:36 | 000,000,840 | ---- | M] () -- C:\Documents and Settings\Cara-Leigh\My Documents\Bridal ad.rtf [2011/03/29 14:28:11 | 000,149,361 | ---- | M] () -- C:\Documents and Settings\Cara-Leigh\My Documents\exercise equipment keywords.rtf [2011/03/28 23:51:05 | 000,001,417 | ---- | M] () -- C:\Documents and Settings\Cara-Leigh\Application Data\Microsoft\Internet Explorer\Quick Launch\Game Manager.lnk [2011/03/28 23:51:05 | 000,001,399 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Game Manager.lnk [2011/03/28 19:01:49 | 000,000,771 | ---- | M] () -- C:\Documents and Settings\Cara-Leigh\Desktop\Internet Explorer.lnk [2011/03/28 00:17:24 | 000,000,746 | ---- | M] () -- C:\Documents and Settings\Cara-Leigh\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk [2011/03/28 00:17:24 | 000,000,728 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk [2011/03/28 00:01:11 | 000,000,036 | ---- | M] () -- C:\Documents and Settings\Cara-Leigh\Local Settings\Application Data\housecall.guid.cache [2011/03/27 23:40:17 | 000,000,903 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\COMODO GeekBuddy.lnk [2011/03/27 23:27:53 | 000,000,889 | ---- | M] () -- C:\Documents and Settings\Cara-Leigh\Application Data\Microsoft\Internet Explorer\Quick Launch\Ad-Aware.lnk [2011/03/27 23:27:53 | 000,000,871 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Ad-Aware.lnk [2011/03/27 23:24:25 | 000,001,653 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\COMODO Firewall.lnk [2011/03/27 23:22:38 | 000,000,921 | ---- | M] () -- C:\Documents and Settings\Cara-Leigh\Application Data\Microsoft\Internet Explorer\Quick Launch\COMODO GeekBuddy.lnk [2011/03/27 22:42:04 | 000,004,212 | -H-- | M] () -- C:\WINDOWS\System32\zllictbl.dat [2011/03/27 21:32:39 | 000,001,711 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Avira AntiVir Control Center.lnk [2011/03/27 21:29:21 | 001,914,496 | ---- | M] (Trend Micro Inc.) -- C:\Documents and Settings\Cara-Leigh\Desktop\HousecallLauncher.exe [2011/03/27 20:36:52 | 000,633,566 | ---- | M] () -- C:\WINDOWS\System32\drivers\Cat.DB [2011/03/27 20:34:46 | 000,002,577 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT [2011/03/25 01:03:19 | 000,064,512 | ---- | M] (Lavasoft AB) -- C:\WINDOWS\System32\drivers\Lbd.sys [2011/03/25 01:03:18 | 000,016,432 | ---- | M] () -- C:\WINDOWS\System32\lsdelete.exe [2011/03/13 14:10:35 | 000,420,882 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2011/03/13 14:10:35 | 000,068,062 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2011/03/09 10:41:30 | 000,001,355 | ---- | M] () -- C:\WINDOWS\imsins.BAK [2011/03/05 15:54:34 | 000,002,305 | ---- | M] () -- C:\Documents and Settings\Cara-Leigh\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk [2011/03/04 16:11:12 | 000,137,656 | ---- | M] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avipbb.sys [2011/03/04 14:37:13 | 000,061,960 | ---- | M] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntflt.sys [924 C:\WINDOWS\System32\dllcache\*.tmp files -> C:\WINDOWS\System32\dllcache\*.tmp -> ] [5 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2011/04/01 22:37:12 | 000,000,274 | ---- | C] () -- C:\WINDOWS\tasks\RegistryBooster.job [2011/04/01 22:36:56 | 000,001,740 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Uniblue RegistryBooster.lnk [2011/04/01 22:36:56 | 000,001,723 | ---- | C] () -- C:\Documents and Settings\Cara-Leigh\Application Data\Microsoft\Internet Explorer\Quick Launch\Uniblue RegistryBooster.lnk [2011/04/01 21:01:25 | 000,000,871 | ---- | C] () -- C:\Documents and Settings\Cara-Leigh\My Documents\Companion Ad.rtf [2011/04/01 20:36:56 | 000,000,224 | ---- | C] () -- C:\Documents and Settings\Cara-Leigh\Desktop\ ONE BEDROOM ABOVE GROUND BASEMENT SUITE (2).url [2011/03/31 01:17:45 | 000,000,224 | ---- | C] () -- C:\Documents and Settings\Cara-Leigh\Desktop\Above-ground Bsmt suite.url [2011/03/31 01:16:45 | 000,000,224 | ---- | C] () -- C:\Documents and Settings\Cara-Leigh\Desktop\1 - 2 Bedroom Basement Suite.url [2011/03/31 01:16:04 | 000,000,224 | ---- | C] () -- C:\Documents and Settings\Cara-Leigh\Desktop\ ONE BEDROOM ABOVE GROUND BASEMENT SUITE .url [2011/03/31 01:14:40 | 000,000,224 | ---- | C] () -- C:\Documents and Settings\Cara-Leigh\Desktop\Allwood Trailer Park.url [2011/03/31 01:14:15 | 000,000,224 | ---- | C] () -- C:\Documents and Settings\Cara-Leigh\Desktop\Above ground suite in quiet home.url [2011/03/31 01:13:49 | 000,000,224 | ---- | C] () -- C:\Documents and Settings\Cara-Leigh\Desktop\1 BEDROOM BASEMENT SUITE.url [2011/03/31 01:11:34 | 000,000,224 | ---- | C] () -- C:\Documents and Settings\Cara-Leigh\Desktop\1 Bedroom Bsmt Suite.url [2011/03/29 15:21:43 | 000,001,029 | ---- | C] () -- C:\Documents and Settings\Cara-Leigh\My Documents\Dating ad.rtf [2011/03/29 15:04:07 | 000,000,669 | ---- | C] () -- C:\Documents and Settings\Cara-Leigh\My Documents\Devices ad.rtf [2011/03/29 14:57:42 | 000,000,800 | ---- | C] () -- C:\Documents and Settings\Cara-Leigh\My Documents\Beauty ad.rtf [2011/03/29 14:52:36 | 000,000,840 | ---- | C] () -- C:\Documents and Settings\Cara-Leigh\My Documents\Bridal ad.rtf [2011/03/29 14:16:18 | 000,149,361 | ---- | C] () -- C:\Documents and Settings\Cara-Leigh\My Documents\exercise equipment keywords.rtf [2011/03/28 23:51:05 | 000,001,399 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Game Manager.lnk [2011/03/28 19:01:49 | 000,000,771 | ---- | C] () -- C:\Documents and Settings\Cara-Leigh\Desktop\Internet Explorer.lnk [2011/03/28 00:17:24 | 000,000,746 | ---- | C] () -- C:\Documents and Settings\Cara-Leigh\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk [2011/03/28 00:17:24 | 000,000,734 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Mozilla Firefox.lnk [2011/03/28 00:17:24 | 000,000,728 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk [2011/03/28 00:01:11 | 000,000,036 | ---- | C] () -- C:\Documents and Settings\Cara-Leigh\Local Settings\Application Data\housecall.guid.cache [2011/03/27 23:59:51 | 000,016,432 | ---- | C] () -- C:\WINDOWS\System32\lsdelete.exe [2011/03/27 23:41:16 | 000,000,472 | ---- | C] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job [2011/03/27 23:27:53 | 000,000,889 | ---- | C] () -- C:\Documents and Settings\Cara-Leigh\Application Data\Microsoft\Internet Explorer\Quick Launch\Ad-Aware.lnk [2011/03/27 23:27:53 | 000,000,871 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Ad-Aware.lnk [2011/03/27 23:24:25 | 000,001,653 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\COMODO Firewall.lnk [2011/03/27 23:22:38 | 000,000,921 | ---- | C] () -- C:\Documents and Settings\Cara-Leigh\Application Data\Microsoft\Internet Explorer\Quick Launch\COMODO GeekBuddy.lnk [2011/03/27 23:22:38 | 000,000,903 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\COMODO GeekBuddy.lnk [2011/03/27 22:42:04 | 000,004,212 | -H-- | C] () -- C:\WINDOWS\System32\zllictbl.dat [2011/03/27 21:32:39 | 000,001,711 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Avira AntiVir Control Center.lnk [2011/03/27 20:36:49 | 000,633,566 | ---- | C] () -- C:\WINDOWS\System32\drivers\Cat.DB [2011/03/05 16:21:30 | 000,000,505 | ---- | C] () -- C:\Documents and Settings\Cara-Leigh\My Documents\Roasted Brussels Sprouts Recipe - Allrecipes.com.url [2011/03/05 16:21:20 | 000,000,523 | ---- | C] () -- C:\Documents and Settings\Cara-Leigh\My Documents\Baked Lemon Chicken with Mushroom Sauce Recipe - Allrecipes.com.url [2011/03/05 15:54:34 | 000,002,305 | ---- | C] () -- C:\Documents and Settings\Cara-Leigh\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk [2011/01/03 23:42:50 | 000,000,064 | ---- | C] () -- C:\WINDOWS\GPlrLanc.dat [2009/08/20 00:13:53 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat [2009/08/19 23:49:12 | 000,016,384 | ---- | C] () -- C:\WINDOWS\System32\FileOps.exe [2008/04/03 12:06:54 | 000,000,012 | ---- | C] () -- C:\WINDOWS\bthservsdp.dat [2006/05/18 05:09:16 | 000,000,639 | ---- | C] () -- C:\WINDOWS\System32\Autorun.ini [2006/05/18 04:41:41 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\eRLog.ini [2006/05/18 04:40:34 | 000,000,082 | ---- | C] () -- C:\WINDOWS\ALaunch.ini [2006/05/18 04:37:39 | 000,000,000 | ---- | C] () -- C:\WINDOWS\NT.INI [2006/05/17 15:12:41 | 000,000,083 | ---- | C] () -- C:\WINDOWS\ppserial.ini [2006/05/17 15:09:14 | 000,000,588 | ---- | C] () -- C:\WINDOWS\ODBC.INI [2005/08/19 16:56:44 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini [2005/08/16 18:58:19 | 000,000,336 | ---- | C] () -- C:\WINDOWS\uninstall.ini [2005/08/16 18:58:19 | 000,000,225 | ---- | C] () -- C:\WINDOWS\FlashSaver.dat [2005/08/16 18:58:19 | 000,000,033 | ---- | C] () -- C:\WINDOWS\Acer.ini [2005/08/16 18:37:28 | 000,001,024 | RH-- | C] () -- C:\WINDOWS\System32\NTIBUN4.dll [2005/08/16 18:36:33 | 000,001,024 | RH-- | C] () -- C:\WINDOWS\System32\NTIMPEG2.dll [2005/08/16 18:36:33 | 000,001,024 | RH-- | C] () -- C:\WINDOWS\System32\NTIMP3.dll [2005/08/16 18:36:33 | 000,001,024 | RH-- | C] () -- C:\WINDOWS\System32\NTIFCD3.dll [2005/08/16 18:36:33 | 000,001,024 | RH-- | C] () -- C:\WINDOWS\System32\NTICDMK7.dll [2005/08/16 18:29:57 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\ChCfg.exe [2005/08/16 18:23:49 | 000,114,688 | ---- | C] () -- C:\WINDOWS\PowerOption.exe [2005/08/16 18:23:49 | 000,000,750 | ---- | C] () -- C:\WINDOWS\PowerOption.ini [2005/08/16 18:23:25 | 000,037,776 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini [2005/08/16 18:23:24 | 000,032,768 | ---- | C] () -- C:\WINDOWS\AMove.exe [2005/08/16 18:22:20 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat [2005/08/16 18:14:50 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat [2005/08/16 18:13:54 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini [2005/08/16 18:08:38 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI [2005/08/16 18:07:48 | 002,373,520 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2005/08/16 18:00:48 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat [2005/08/16 18:00:45 | 000,420,882 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat [2005/08/16 18:00:45 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat [2005/08/16 18:00:45 | 000,068,062 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat [2005/08/16 18:00:45 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat [2005/08/16 18:00:44 | 000,004,524 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat [2005/08/16 18:00:43 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin [2005/08/16 18:00:40 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat [2005/08/16 18:00:34 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat [2005/08/16 18:00:34 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin [2005/08/16 18:00:25 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat [2005/08/16 18:00:13 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin [2005/08/09 21:34:56 | 000,002,772 | ---- | C] () -- C:\WINDOWS\ANTIV.INI [2005/04/27 12:38:00 | 000,372,736 | ---- | C] () -- C:\WINDOWS\System32\hpzidi01.dll [2005/04/27 12:37:49 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\hpzids01.dll [2004/08/25 21:48:00 | 000,589,824 | ---- | C] () -- C:\WINDOWS\ANTIV.EXE [2001/12/26 17:12:30 | 000,065,536 | R--- | C] () -- C:\WINDOWS\System32\multiplex_vcd.dll [2001/09/04 00:46:38 | 000,110,592 | R--- | C] () -- C:\WINDOWS\System32\Hmpg12.dll [2001/07/30 17:33:56 | 000,118,784 | R--- | C] () -- C:\WINDOWS\System32\HMPV2_ENC.dll [2001/07/23 23:04:36 | 000,118,784 | R--- | C] () -- C:\WINDOWS\System32\HMPV2_ENC_MMX.dll [2001/06/29 03:21:22 | 000,126,976 | ---- | C] () -- C:\WINDOWS\MKICON.EXE [color=#E56717]========== LOP Check ==========[/color] [2011/01/30 21:26:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Alwil Software [2011/03/27 20:34:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVAST Software [2011/02/28 04:39:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG10 [2011/03/28 23:51:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Big Fish Games [2011/01/30 21:40:49 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Common Files [2011/03/29 00:04:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Kristanix Games [2011/02/11 12:45:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\LittleGamesCompany [2011/01/04 04:53:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Merscom [2011/03/27 23:00:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MFAData [2011/01/20 23:09:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MGS [2011/01/24 00:30:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PoBros [2011/02/18 21:45:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\RoboForm [2011/01/22 23:33:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sandlot Games [2011/03/30 00:13:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP [2011/03/27 23:28:10 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{8790345A-AF70-4319-B9E7-AAA25C6DCD42} [2011/04/01 22:36:51 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{AB2D8F2E-F7AD-4446-A11A-50D846B2CF2A} [2011/02/08 01:30:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Cara-Leigh\Application Data\Artogon [2011/01/30 23:47:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Cara-Leigh\Application Data\AVG [2011/01/30 21:42:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Cara-Leigh\Application Data\AVG10 [2011/03/27 22:42:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Cara-Leigh\Application Data\CheckPoint [2011/02/23 00:55:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Cara-Leigh\Application Data\Dekovir [2011/01/13 22:38:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Cara-Leigh\Application Data\G-HeadGames [2011/01/07 11:15:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Cara-Leigh\Application Data\Gaijin Ent [2011/02/11 11:58:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Cara-Leigh\Application Data\GameMill Entertainment [2011/03/17 15:53:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Cara-Leigh\Application Data\Keyword Strategy Studio Pro [2011/02/11 12:45:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Cara-Leigh\Application Data\LittleGamesCompany [2011/01/04 04:53:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Cara-Leigh\Application Data\Merscom [2011/03/29 23:13:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Cara-Leigh\Application Data\Namco [2011/01/24 00:30:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Cara-Leigh\Application Data\PoBros [2011/04/01 22:37:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Cara-Leigh\Application Data\Uniblue [2011/01/06 07:36:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Cara-Leigh\Application Data\Watchtower [2011/02/13 22:18:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Cara-Leigh\Application Data\WhiteBirdsProductions [2011/04/01 18:07:30 | 000,000,472 | ---- | M] () -- C:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job [2011/04/01 22:37:13 | 000,000,274 | ---- | M] () -- C:\WINDOWS\Tasks\RegistryBooster.job [2011/04/01 22:49:29 | 000,000,432 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{A66A6A00-5E7B-4145-A922-2DD292CA2173}.job [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Alternate Data Streams ==========[/color] @Alternate Data Stream - 143 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:9720EBEF @Alternate Data Stream - 136 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:52C24010 @Alternate Data Stream - 135 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:207C4C79 @Alternate Data Stream - 134 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:697DDE2B @Alternate Data Stream - 131 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:7DC5D762 @Alternate Data Stream - 131 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:23834E1E @Alternate Data Stream - 127 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:430C6D84 @Alternate Data Stream - 124 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:0B4227B4 @Alternate Data Stream - 120 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:4DDE401B @Alternate Data Stream - 117 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:24C072FF @Alternate Data Stream - 115 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:85C3B823 @Alternate Data Stream - 112 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:CB16385F @Alternate Data Stream - 109 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2 < End of report >