Hi Dave,
Thanks so much for you reply! Here are the results of those scans:
Results of screen317's Security Check version 0.99.5 Windows Vista
(UAC is disabled!) Out of date service pack!![/b]
Internet Explorer 7
Out of date! ``````````````````````````````
Antivirus/Firewall Check: Windows Firewall Enabled!
AVG 8.5
WMI entry may not exist for antivirus; attempting automatic update. ```````````````````````````````
Anti-malware/Other Utilities Check: Malwarebytes' Anti-Malware
HijackThis 2.0.2
Java(TM) 6 Update 20
Java(TM) 6 Update 6
Out of date Java installed! Adobe Flash Player 10.1.82.76
Adobe Reader 8.1.2
Out of date Adobe Reader installed! Mozilla Firefox (3.0.19)
Firefox Out of Date! ````````````````````````````````
Process Check:
objlist.exe by Laurent Windows Defender MSASCui.exe
AVG avgwdsvc.exe
AVG avgtray.exe
Windows Defender MSASCui.exe
````````````````````````````````
DNS Vulnerability Check: Request Timed Out (Wireless Internet connection/Disconnected Internet/Proxy?) ``````````End of Log```````````` OTL logfile created on: 22/10/2010 6:21:02 PM - Run 1OTL by OldTimer - Version 3.2.16.0 Folder = C:\Users\Claire\Desktop
64bit-Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 00001009 | Country: Canada | Language: ENC | Date Format: dd/MM/yyyy
4.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 48.00% Memory free
8.00 Gb Paging File | 6.00 Gb Available in Paging File | 73.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 216.33 Gb Total Space | 50.65 Gb Free Space | 23.41% Space Free | Partition Type: NTFS
Drive D: | 7.59 Gb Total Space | 7.53 Gb Free Space | 99.14% Space Free | Partition Type: NTFS
Computer Name: CLAIRE-PC | User Name: Claire | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 90 Days
========== Processes (SafeList) ========== PRC - [2010/10/22 18:19:14 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Claire\Desktop\OTL.exe
PRC - [2010/07/09 09:08:24 | 002,048,352 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG8\avgtray.exe
PRC - [2009/09/07 08:41:41 | 000,297,752 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG8\avgwdsvc.exe
PRC - [2009/03/19 22:46:46 | 000,214,536 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Real\RealPlayer\realplay.exe
PRC - [2009/03/02 15:38:26 | 000,040,448 | ---- | M] () -- C:\Program Files (x86)\Novatel Wireless\NovaCore\Server\NvtlSrvr.exe
PRC - [2008/07/18 23:39:30 | 000,083,312 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files (x86)\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe
PRC - [2008/05/08 13:11:58 | 004,787,712 | ---- | M] () -- C:\Program Files\Camera Assistant Software for Toshiba\CEC_MAIN.exe
PRC - [2008/04/29 13:33:28 | 000,417,792 | ---- | M] (Chicony) -- C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe
PRC - [2008/04/17 03:21:24 | 001,056,768 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe
PRC - [2008/04/17 03:19:48 | 000,040,960 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe
PRC - [2008/04/17 03:19:16 | 000,405,504 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe
PRC - [2008/04/04 00:01:28 | 000,036,864 | ---- | M] (TOSHIBA Corporation.) -- C:\Program Files (x86)\TOSHIBA\ConfigFree\CFProcSRVC.exe
PRC - [2008/01/20 22:49:12 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\conime.exe
PRC - [2007/01/09 02:23:04 | 000,191,552 | ---- | M] (Agere Systems) -- C:\Program Files\ltmoh\ltmoh.exe
PRC - [2006/08/23 19:39:48 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) -- C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
PRC - [2005/07/15 17:48:33 | 000,479,232 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Gmail Notifier\gnotify.exe
========== Modules (SafeList) ========== MOD - [2010/10/22 18:19:14 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Claire\Desktop\OTL.exe
MOD - [2010/08/31 11:39:57 | 001,684,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18523_none_5cdd65e20837faf2\comctl32.dll
MOD - [2008/01/20 22:50:15 | 002,085,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msi.dll
MOD - [2008/01/20 22:49:15 | 000,038,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\sfc_os.dll
MOD - [2006/11/02 05:46:13 | 000,004,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\sfc.dll
MOD - [2006/11/02 05:46:07 | 000,015,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msiltcfg.dll
========== Win32 Services (SafeList) ========== SRV:
64bit: - [2010/06/29 13:49:27 | 000,128,752 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE -- (!SASCORE)
SRV:
64bit: - [2008/04/24 21:57:40 | 000,084,992 | ---- | M] (Toshiba) [On_Demand | Running] -- C:\Program Files\TOSHIBA\SmartFaceV\SmartFaceVWatchSrv.exe -- (SmartFaceVWatchSrv)
SRV:
64bit: - [2008/02/06 16:50:18 | 000,434,016 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe -- (TosCoSrv)
SRV:
64bit: - [2008/01/20 22:47:32 | 000,383,544 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:
64bit: - [2007/12/10 23:11:30 | 000,015,872 | ---- | M] () [Auto | Running] -- C:\Windows\SysNative\agr64svc.exe -- (AgereModemAudio)
SRV:
64bit: - [2007/12/03 20:04:48 | 000,175,104 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe -- (TOSHIBA SMART Log Service)
SRV:
64bit: - [2007/11/21 19:53:16 | 000,135,168 | ---- | M] () [Auto | Running] -- C:\Windows\SysNative\TODDSrv.exe -- (TODDSrv)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/09/07 08:41:41 | 000,297,752 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG8\avgwdsvc.exe -- (avg8wd)
SRV - [2009/03/02 15:38:26 | 000,040,448 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Novatel Wireless\Novacore\Server\NvtlSrvr.exe -- (NvtlService)
SRV - [2008/07/27 14:03:13 | 000,069,632 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008/07/18 23:39:30 | 000,083,312 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files (x86)\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe -- (TNaviSrv)
SRV - [2008/04/17 03:19:48 | 000,040,960 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe -- (ConfigFree Service)
SRV - [2008/04/16 18:53:00 | 000,954,368 | ---- | M] (Atheros Communications, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Jumpstart\jswpsapi.exe -- (jswpsapi)
SRV - [2008/04/04 00:01:28 | 000,036,864 | ---- | M] (TOSHIBA Corporation.) [Auto | Running] -- C:\Program Files (x86)\TOSHIBA\ConfigFree\CFProcSRVC.exe -- (ConfigFree Gadget Service)
SRV - [2006/08/23 19:39:48 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe -- (UleadBurningHelper)
========== Driver Services (SafeList) ========== DRV:
64bit: - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV:
64bit: - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV:
64bit: - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\ipinip.sys -- (IpInIp)
DRV:
64bit: - [2010/02/17 14:23:05 | 000,014,920 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys -- (SASDIFSV)
DRV:
64bit: - [2010/02/17 14:23:05 | 000,012,360 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\saskutil64.sys -- (SASKUTIL)
DRV:
64bit: - [2009/09/07 08:41:49 | 000,033,416 | ---- | M] () [File_System | System | Running] -- C:\Windows\SysNative\Drivers\avgmfx64.sys -- (AvgMfx64)
DRV:
64bit: - [2009/09/07 08:41:48 | 000,427,016 | ---- | M] () [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\avgldx64.sys -- (AvgLdx64)
DRV:
64bit: - [2009/09/07 08:41:44 | 000,133,640 | ---- | M] () [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\avgtdia.sys -- (AvgTdiA)
DRV:
64bit: - [2009/08/28 20:42:52 | 000,049,152 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\usbaapl64.sys -- (USBAAPL64)
DRV:
64bit: - [2009/05/18 15:17:08 | 000,034,152 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:
64bit: - [2008/12/19 12:26:38 | 000,255,488 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\NWADIenum.sys -- (NWADI)
DRV:
64bit: - [2008/12/04 10:57:32 | 000,213,248 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\nwusbser2.sys -- (NWUSBPort2)
DRV:
64bit: - [2008/12/04 10:57:32 | 000,213,248 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\nwusbser.sys -- (NWUSBPort)
DRV:
64bit: - [2008/12/04 10:57:32 | 000,213,248 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\nwusbmdm.sys -- (NWUSBModem)
DRV:
64bit: - [2008/07/18 21:52:16 | 000,504,912 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\DRIVERS\tos_sps64.sys -- (tos_sps64)
DRV:
64bit: - [2008/07/07 12:23:56 | 000,025,600 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\NwUsbCdFil64.sys -- (NWUSBCDFIL64)
DRV:
64bit: - [2008/06/12 06:51:36 | 007,911,840 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\igdkmd64.sys -- (igfx)
DRV:
64bit: - [2008/05/19 22:44:00 | 001,137,152 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\athrx.sys -- (athr)
DRV:
64bit: - [2008/04/28 19:59:26 | 000,026,624 | ---- | M] () [Kernel | System | Running] -- C:\Windows\SysNative\DRIVERS\jswpslwfx.sys -- (JSWPSLWF)
DRV:
64bit: - [2008/04/15 20:54:16 | 000,388,120 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\DRIVERS\iaStor.sys -- (iaStor)
DRV:
64bit: - [2008/04/14 22:05:42 | 000,161,792 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\Rtlh64.sys -- (RTL8169)
DRV:
64bit: - [2008/04/02 20:27:18 | 000,065,024 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RTSTOR64.SYS -- (RTSTOR)
DRV:
64bit: - [2008/02/29 02:59:32 | 001,252,352 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\agrsm64.sys -- (AgereSoftModem)
DRV:
64bit: - [2008/01/20 22:47:28 | 000,046,080 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\wpdusb.sys -- (WpdUsb)
DRV:
64bit: - [2008/01/20 22:46:57 | 000,022,528 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\WSDPrint.sys -- (WSDPrintDevice)
DRV:
64bit: - [2007/12/20 19:10:50 | 000,028,200 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\UVCFTR_S.SYS -- (UVCFTR)
DRV:
64bit: - [2007/12/11 17:03:36 | 000,027,272 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\tdcmdpst.sys -- (tdcmdpst)
DRV:
64bit: - [2007/12/06 06:12:56 | 000,320,048 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\SynTP.sys -- (SynTP)
DRV:
64bit: - [2007/11/09 17:00:30 | 000,026,968 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\DRIVERS\TVALZ_O.SYS -- (TVALZ)
DRV:
64bit: - [2007/06/14 14:57:54 | 000,041,280 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\PCASp50a64.sys -- (PCASp50a64)
DRV:
64bit: - [2006/11/20 01:11:06 | 000,008,704 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\FwLnk.sys -- (FwLnk)
DRV:
64bit: - [2006/09/18 17:36:24 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\Wbem\ntfs.mof -- (Ntfs)
DRV - [2009/03/02 15:39:08 | 000,041,280 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\PCASp50a64.sys -- (PCASp50a64)
========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:
64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://www.shoptoshiba.ca/welcomeIE:
64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE:
64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://www.shoptoshiba.ca/welcomeIE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://www.google.ca/IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
========== FireFox ========== FF - prefs.js..extensions.enabledItems: {3f963a5b-e555-4543-90e2-c3908898db71}:8.5.0.429
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - HKLM\software\mozilla\Firefox\Extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\Program Files (x86)\AVG\AVG8\Firefox [2010/01/05 10:45:40 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.19\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2010/10/17 21:30:36 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.19\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2010/10/17 21:30:36 | 000,000,000 | ---D | M]
[2008/12/06 19:40:36 | 000,000,000 | ---D | M] -- C:\Users\Claire\AppData\Roaming\Mozilla\Extensions
[2010/10/17 17:42:32 | 000,000,000 | ---D | M] -- C:\Users\Claire\AppData\Roaming\Mozilla\Firefox\Profiles\x5yxlu9k.default\extensions
[2009/09/21 11:20:22 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Claire\AppData\Roaming\Mozilla\Firefox\Profiles\x5yxlu9k.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/10/17 16:41:05 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2010/06/08 11:58:07 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010/06/08 11:57:54 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
[2010/02/18 21:27:55 | 000,001,538 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\amazon-en-GB.xml
[2010/02/18 21:27:55 | 000,000,947 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\chambers-en-GB.xml
[2010/02/18 21:27:55 | 000,000,759 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\eBay-en-GB.xml
[2010/02/18 21:27:55 | 000,000,831 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\yahoo-en-GB.xml
O1 HOSTS File: ([2006/09/18 17:37:24 | 000,000,761 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O4:
64bit: - HKLM..\Run: [00TCrdMain] C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe (TOSHIBA Corporation)
O4:
64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe ()
O4:
64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe ()
O4:
64bit: - HKLM..\Run: [LtMoh] C:\Program Files\ltmoh\ltmoh.exe (Agere Systems)
O4:
64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe ()
O4:
64bit: - HKLM..\Run: [RtHDVCpl] C:\Windows\RAVCpl64.exe (Realtek Semiconductor)
O4:
64bit: - HKLM..\Run: [Skytel] C:\Windows\SkyTel.exe (Realtek Semiconductor Corp.)
O4:
64bit: - HKLM..\Run: [SmoothView] C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe (TOSHIBA Corporation)
O4:
64bit: - HKLM..\Run: [TPwrMain] C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe (TOSHIBA Corporation)
O4:
64bit: - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] C:\Program Files (x86)\Google\Gmail Notifier\gnotify.exe (Google Inc.)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files (x86)\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AVG8_TRAY] C:\Program Files (x86)\AVG\AVG8\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [Camera Assistant Software] C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe (Chicony)
O4 - HKLM..\Run: [cfFncEnabler.exe] File not found
O4 - HKLM..\Run: [MCStart] C:\Program Files (x86)\Bell Mobility\Mobile Connect Basic\tscui.exe (Bell)
O4 - HKLM..\Run: [NDSTray.exe] File not found
O4 - HKLM..\Run: [tscui] C:\Program Files (x86)\Bell Mobility\Mobile Connect Basic\tscui.exe (Bell)
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - Reg Error: Value error. File not found
O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - Reg Error: Value error. File not found
O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {001EE746-A1F9-460E-80AD-269E088D6A01}
http://site.ebrary.com.cat1.lib.trentu.ca:8080/lib/ocultrent/support/plugins/ebraryRdr.cab (Infotl Control)
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565}
http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab (Solitaire Showdown Class)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968}
http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93}
http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C}
http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072}
http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab (MessengerStatsClient Class)
O16 - DPF: {CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA}
http://java.sun.com/update/1.6.0/jinstall-1_6_0_06-windows-i586.cab (Java Plug-in 1.6.0_06)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000}
http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 10.0.0.2
O18:
64bit: - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:
64bit: - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:
64bit: - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:
64bit: - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:
64bit: - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - Reg Error: Key error. File not found
O18:
64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:
64bit: - Protocol\Handler\msdaipp - No CLSID value found
O18:
64bit: - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:
64bit: - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:
64bit: - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - Reg Error: Key error. File not found
O18:
64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:
64bit: - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - Reg Error: Key error. File not found
O18:
64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18:
64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - Reg Error: Key error. File not found
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG8\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18:
64bit: - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - Reg Error: Key error. File not found
O20:
64bit: - AppInit_DLLs: (avgrssta.dll) - C:\Windows\SysNative\avgrssta.dll ()
O20:
64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20:
64bit: - Winlogon\Notify\igfxcui: DllName - Reg Error: Key error. - C:\Windows\SysNative\igfxdev.dll ()
O24 - Desktop WallPaper: C:\Users\Claire\Pictures\Tim Wynne-Jones IS NOT David Suzuki2.jpg
O24 - Desktop BackupWallPaper: C:\Users\Claire\Pictures\Tim Wynne-Jones IS NOT David Suzuki2.jpg
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{42fdd507-6446-11de-97fe-001e336c4c59}\Shell - "" = AutoRun
O33 - MountPoints2\{42fdd507-6446-11de-97fe-001e336c4c59}\Shell\AutoRun\command - "" = G:\AutoLaunch.exe -- File not found
O33 - MountPoints2\{50246a7d-487c-11df-8788-001e336c4c59}\Shell - "" = AutoRun
O33 - MountPoints2\{50246a7d-487c-11df-8788-001e336c4c59}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -- File not found
O33 - MountPoints2\{91181b92-7f60-11df-a571-001e336c4c59}\Shell\Auto\command - "" = F:\launcher.exe -- File not found
O33 - MountPoints2\{bca807ad-7a07-11df-b627-001e336c4c59}\Shell\Auto\command - "" = F:\launcher.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:
64bit: - HKLM\..comfile [open] -- "%1" %*
O35:
64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:
64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:
64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
SafeBootMin:
64bit: !SASCORE - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE (SUPERAntiSpyware.com)
SafeBootMin:
64bit: AppMgmt - Service
SafeBootMin:
64bit: Base - Driver Group
SafeBootMin:
64bit: Boot Bus Extender - Driver Group
SafeBootMin:
64bit: Boot file system - Driver Group
SafeBootMin:
64bit: File system - Driver Group
SafeBootMin:
64bit: Filter - Driver Group
SafeBootMin:
64bit: HelpSvc - Service
SafeBootMin:
64bit: PCI Configuration - Driver Group
SafeBootMin:
64bit: PEVSystemStart - Service
SafeBootMin:
64bit: PNP Filter - Driver Group
SafeBootMin:
64bit: Primary disk - Driver Group
SafeBootMin:
64bit: procexp90.Sys - Driver
SafeBootMin:
64bit: sacsvr - Service
SafeBootMin:
64bit: SCSI Class - Driver Group
SafeBootMin:
64bit: System Bus Extender - Driver Group
SafeBootMin:
64bit: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootMin:
64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin:
64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin:
64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin:
64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin:
64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin:
64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin:
64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin:
64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin:
64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin:
64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin:
64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin:
64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin:
64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin:
64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin:
64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin:
64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin:
64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootMin: AppMgmt - Service
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PEVSystemStart - Service
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: procexp90.Sys - Driver
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootNet:
64bit: !SASCORE - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE (SUPERAntiSpyware.com)
SafeBootNet:
64bit: AppMgmt - Service
SafeBootNet:
64bit: Base - Driver Group
SafeBootNet:
64bit: Boot Bus Extender - Driver Group
SafeBootNet:
64bit: Boot file system - Driver Group
SafeBootNet:
64bit: File system - Driver Group
SafeBootNet:
64bit: Filter - Driver Group
SafeBootNet:
64bit: HelpSvc - Service
SafeBootNet:
64bit: Messenger - Service
SafeBootNet:
64bit: NDIS Wrapper - Driver Group
SafeBootNet:
64bit: NetBIOSGroup - Driver Group
SafeBootNet:
64bit: NetDDEGroup - Driver Group
SafeBootNet:
64bit: Network - Driver Group
SafeBootNet:
64bit: NetworkProvider - Driver Group
SafeBootNet:
64bit: PCI Configuration - Driver Group
SafeBootNet:
64bit: PEVSystemStart - Service
SafeBootNet:
64bit: PNP Filter - Driver Group
SafeBootNet:
64bit: PNP_TDI - Driver Group
SafeBootNet:
64bit: Primary disk - Driver Group
SafeBootNet:
64bit: procexp90.Sys - Driver
SafeBootNet:
64bit: rdsessmgr - Service
SafeBootNet:
64bit: sacsvr - Service
SafeBootNet:
64bit: SCSI Class - Driver Group
SafeBootNet:
64bit: Streams Drivers - Driver Group
SafeBootNet:
64bit: System Bus Extender - Driver Group
SafeBootNet:
64bit: TDI - Driver Group
SafeBootNet:
64bit: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootNet:
64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet:
64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet:
64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet:
64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet:
64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet:
64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet:
64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet:
64bit: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet:
64bit: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet:
64bit: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet:
64bit: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet:
64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet:
64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet:
64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet:
64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet:
64bit: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet:
64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet:
64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet:
64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet:
64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet:
64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet:
64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootNet: AppMgmt - Service
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PEVSystemStart - Service
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: procexp90.Sys - Driver
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
ActiveX:
64bit: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} -
ActiveX:
64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 11.0
ActiveX:
64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX:
64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX:
64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX:
64bit: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} -
ActiveX:
64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX:
64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX:
64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX:
64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX:
64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX:
64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX:
64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX:
64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX:
64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX:
64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\system32\ie4uinit.exe -BaseSettings
ActiveX:
64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX:
64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX:
64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX:
64bit: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX:
64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX:
64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX:
64bit: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX:
64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework
ActiveX:
64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\system32\unregmp2.exe /ShowWMP
ActiveX:
64bit: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\system32\ie4uinit.exe -UserIconConfig
ActiveX:
64bit: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Windows Media Player 5.2
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - Web Folders
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\SysWOW64\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\SysWOW64\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
Drivers32:
64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm ()
Drivers32: msacm.dvacm - C:\Program Files (x86)\Common Files\Ulead Systems\vio\DVACM.acm (Ulead Systems, Inc.)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
========== Files/Folders - Created Within 90 Days ========== [2010/10/22 18:19:02 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Users\Claire\Desktop\OTL.exe
[2010/10/18 23:15:25 | 000,000,000 | R--D | C] -- C:\32788R22FWJFW
[2010/10/18 22:13:07 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2010/10/17 23:27:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Trend Micro
[2010/10/17 17:50:05 | 000,000,000 | ---D | C] -- C:\Users\Claire\AppData\Roaming\SUPERAntiSpyware.com
[2010/10/17 17:50:05 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com
[2010/10/17 17:50:00 | 000,000,000 | ---D | C] -- C:\ProgramData\!SASCORE
[2010/10/17 17:49:57 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2010/08/15 15:34:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Poladroid
[2010/08/12 23:48:31 | 000,000,000 | ---D | C] -- C:\Users\Claire\AppData\Roaming\Hoyle FaceCreator
[2010/08/12 23:48:30 | 000,000,000 | ---D | C] -- C:\Users\Claire\AppData\Roaming\Hoyle Card Games
[2010/08/12 23:47:56 | 000,000,000 | RH-D | C] -- C:\Users\Claire\AppData\Roaming\SecuROM
[2010/08/12 23:47:55 | 000,178,800 | ---- | C] (Sony DADC Austria AG.) -- C:\Windows\SysWow64\CmdLineExt_x64.dll
[2010/08/12 23:44:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Encore
[2010/07/30 12:13:03 | 000,000,000 | ---D | C] -- C:\Users\Claire\AppData\Roaming\U3
[2 C:\Users\Claire\Documents\*.tmp files -> C:\Users\Claire\Documents\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files - Modified Within 90 Days ========== [2010/10/22 18:19:14 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Claire\Desktop\OTL.exe
[2010/10/22 18:14:16 | 000,869,051 | ---- | M] () -- C:\Users\Claire\Desktop\SecurityCheck.exe
[2010/10/22 18:09:20 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010/10/22 07:41:10 | 000,002,255 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2010/10/22 07:40:00 | 000,000,912 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3337527313-3042692976-367435044-1000UA.job
[2010/10/21 22:00:00 | 000,000,392 | ---- | M] () -- C:\Windows\tasks\At23.job
[2010/10/21 21:40:11 | 000,000,420 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{4DA7B80F-1DE0-4AFF-87B4-A638EF97D42C}.job
[2010/10/21 19:00:00 | 000,000,392 | ---- | M] () -- C:\Windows\tasks\At20.job
[2010/10/20 23:00:00 | 000,000,392 | ---- | M] () -- C:\Windows\tasks\At24.job
[2010/10/20 22:02:59 | 000,003,216 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010/10/20 22:02:59 | 000,003,216 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010/10/20 21:00:00 | 000,000,392 | ---- | M] () -- C:\Windows\tasks\At22.job
[2010/10/20 19:59:59 | 000,000,392 | ---- | M] () -- C:\Windows\tasks\At21.job
[2010/10/20 06:59:59 | 000,000,392 | ---- | M] () -- C:\Windows\tasks\At8.job
[2010/10/19 18:00:00 | 000,000,392 | ---- | M] () -- C:\Windows\tasks\At19.job
[2010/10/19 17:46:49 | 066,570,953 | ---- | M] () -- C:\Windows\SysNative\drivers\Avg\incavi.avm
[2010/10/19 06:45:33 | 4156,555,264 | -HS- | M] () -- C:\hiberfil.sys
[2010/10/18 23:14:36 | 003,880,194 | ---- | M] () -- C:\Users\Claire\Desktop\blackpudding.bat
[2010/10/18 22:13:28 | 000,005,184 | ---- | M] () -- C:\ProgramData\N360BUOptions.ini
[2010/10/18 02:00:00 | 000,000,392 | ---- | M] () -- C:\Windows\tasks\At3.job
[2010/10/18 01:00:00 | 000,000,392 | ---- | M] () -- C:\Windows\tasks\At2.job
[2010/10/18 00:02:00 | 000,000,392 | ---- | M] () -- C:\Windows\tasks\At1.job
[2010/10/17 23:31:19 | 000,001,917 | ---- | M] () -- C:\Users\Claire\Desktop\HijackThis.lnk
[2010/10/17 23:30:54 | 000,001,007 | ---- | M] () -- C:\Users\Claire\Desktop\sniper.exe - Shortcut.lnk
[2010/10/17 17:50:00 | 000,001,767 | ---- | M] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2010/10/17 17:00:00 | 000,000,392 | ---- | M] () -- C:\Windows\tasks\At18.job
[2010/10/17 13:02:55 | 000,002,633 | ---- | M] () -- C:\Users\Claire\Desktop\Microsoft Office Word 2003.lnk
[2010/10/17 13:00:00 | 000,000,392 | ---- | M] () -- C:\Windows\tasks\At14.job
[2010/10/17 12:54:38 | 000,000,392 | ---- | M] () -- C:\Windows\tasks\At9.job
[2010/10/15 15:59:59 | 000,000,392 | ---- | M] () -- C:\Windows\tasks\At17.job
[2010/10/15 15:40:00 | 000,000,860 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3337527313-3042692976-367435044-1000Core.job
[2010/10/15 14:00:01 | 000,000,392 | ---- | M] () -- C:\Windows\tasks\At15.job
[2010/10/15 12:00:00 | 000,000,392 | ---- | M] () -- C:\Windows\tasks\At13.job
[2010/10/15 10:59:59 | 000,000,392 | ---- | M] () -- C:\Windows\tasks\At12.job
[2010/10/15 09:59:59 | 000,000,392 | ---- | M] () -- C:\Windows\tasks\At11.job
[2010/10/14 09:00:00 | 000,000,392 | ---- | M] () -- C:\Windows\tasks\At10.job
[2010/10/14 08:48:19 | 000,318,824 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2010/10/14 08:27:30 | 000,714,002 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2010/10/14 08:27:30 | 000,598,900 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2010/10/14 08:27:30 | 000,104,914 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2010/10/12 21:33:40 | 000,097,792 | ---- | M] () -- C:\Users\Claire\Documents\Resume - Claire Marble.doc
[2010/10/01 22:31:59 | 000,071,680 | ---- | M] () -- C:\Users\Claire\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/09/23 07:35:25 | 000,002,058 | ---- | M] () -- C:\Users\Claire\Desktop\Google Chrome.lnk
[2010/09/23 07:35:25 | 000,002,020 | ---- | M] () -- C:\Users\Claire\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2010/09/22 21:13:42 | 000,029,696 | ---- | M] () -- C:\Users\Claire\Documents\Celina's Letter.doc
[2010/09/21 14:59:59 | 000,000,392 | ---- | M] () -- C:\Windows\tasks\At16.job
[2010/09/20 08:14:32 | 000,316,416 | ---- | M] () -- C:\Windows\SysNative\msshsq.dll
[2010/09/17 22:54:33 | 000,042,496 | ---- | M] () -- C:\Users\Claire\Documents\Another List.doc
[2010/09/17 18:02:18 | 000,073,728 | ---- | M] () -- C:\Users\Claire\Documents\Cover Letter and Resume - Claire Marble.doc
[2010/09/10 13:30:57 | 013,425,152 | ---- | M] () -- C:\Windows\SysNative\wmp.dll
[2010/09/10 11:52:05 | 008,147,968 | ---- | M] () -- C:\Windows\SysNative\wmploc.DLL
[2010/09/08 12:45:03 | 000,208,896 | ---- | M] () -- C:\Windows\SysNative\occache.dll
[2010/09/08 12:43:55 | 000,758,784 | ---- | M] () -- C:\Windows\SysNative\mshtmled.dll
[2010/09/08 12:43:53 | 000,590,848 | ---- | M] () -- C:\Windows\SysNative\msfeeds.dll
[2010/09/08 12:43:12 | 000,249,856 | ---- | M] () -- C:\Windows\SysNative\iepeers.dll
[2010/09/08 12:43:11 | 000,422,400 | ---- | M] () -- C:\Windows\SysNative\ieapfltr.dll
[2010/09/08 12:43:11 | 000,267,776 | ---- | M] () -- C:\Windows\SysNative\ieaksie.dll
[2010/09/08 12:43:11 | 000,086,528 | ---- | M] () -- C:\Windows\SysNative\ieencode.dll
[2010/09/08 11:26:20 | 000,485,376 | ---- | M] () -- C:\Windows\SysNative\html.iec
[2010/09/06 11:59:19 | 000,012,288 | ---- | M] () -- C:\Windows\SysNative\sscore.dll
[2010/09/06 11:57:48 | 000,017,920 | ---- | M] () -- C:\Windows\SysNative\netevent.dll
[2010/08/31 11:21:34 | 000,633,856 | ---- | M] () -- C:\Windows\SysNative\comctl32.dll
[2010/08/30 18:52:32 | 000,263,680 | ---- | M] () -- C:\Users\Claire\Documents\Simulation crosswords-backups.doc
[2010/08/26 12:27:46 | 000,189,952 | ---- | M] () -- C:\Windows\SysNative\t2embed.dll
[2010/08/20 11:56:01 | 001,090,048 | ---- | M] () -- C:\Windows\SysNative\wmpmde.dll
[2010/08/16 09:04:07 | 000,000,474 | ---- | M] () -- C:\Users\Claire\AppData\Roaming\Poladroid prefs.plist
[2010/08/15 15:34:53 | 000,000,987 | ---- | M] () -- C:\Users\Claire\Application Data\Microsoft\Internet Explorer\Quick Launch\Poladroid 9.6.0.lnk
[2010/08/15 15:34:53 | 000,000,963 | ---- | M] () -- C:\Users\Public\Desktop\Poladroid 0.9.6r0.lnk
[2010/08/15 07:54:27 | 000,000,392 | ---- | M] () -- C:\Windows\tasks\At4.job
[2010/08/13 04:00:00 | 000,000,392 | ---- | M] () -- C:\Windows\tasks\At5.job
[2010/08/12 23:47:55 | 000,178,800 | ---- | M] (Sony DADC Austria AG.) -- C:\Windows\SysWow64\CmdLineExt_x64.dll
[2010/08/12 23:47:36 | 000,000,995 | ---- | M] () -- C:\Users\Public\Desktop\Hoyle Card Games 2008.lnk
[2010/08/02 06:00:00 | 000,000,392 | ---- | M] () -- C:\Windows\tasks\At7.job
[2010/08/01 16:02:38 | 000,208,896 | ---- | M] () -- C:\Users\Claire\Documents\Simulation calculations.doc
[2 C:\Users\Claire\Documents\*.tmp files -> C:\Users\Claire\Documents\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files Created - No Company Name ========== [2010/10/22 18:14:16 | 000,869,051 | ---- | C] () -- C:\Users\Claire\Desktop\SecurityCheck.exe
[2010/10/18 23:14:37 | 003,880,194 | ---- | C] () -- C:\Users\Claire\Desktop\blackpudding.bat
[2010/10/18 22:13:28 | 000,005,184 | ---- | C] () -- C:\ProgramData\N360BUOptions.ini
[2010/10/17 23:30:54 | 000,001,007 | ---- | C] () -- C:\Users\Claire\Desktop\sniper.exe - Shortcut.lnk
[2010/10/17 23:27:30 | 000,001,917 | ---- | C] () -- C:\Users\Claire\Desktop\HijackThis.lnk
[2010/10/17 17:50:00 | 000,001,767 | ---- | C] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2010/10/17 17:40:14 | 4156,555,264 | -HS- | C] () -- C:\hiberfil.sys
[2010/10/14 08:33:27 | 000,316,416 | ---- | C] () -- C:\Windows\SysNative\msshsq.dll
[2010/10/13 18:10:38 | 001,923,584 | ---- | C] () -- C:\Windows\SysNative\ole32.dll
[2010/10/13 18:10:23 | 000,189,952 | ---- | C] () -- C:\Windows\SysNative\t2embed.dll
[2010/10/13 18:10:21 | 000,633,856 | ---- | C] () -- C:\Windows\SysNative\comctl32.dll
[2010/10/13 18:08:55 | 002,751,488 | ---- | C] () -- C:\Windows\SysNative\win32k.sys
[2010/10/13 18:08:45 | 013,425,152 | ---- | C] () -- C:\Windows\SysNative\wmp.dll
[2010/10/13 18:08:35 | 008,147,968 | ---- | C] () -- C:\Windows\SysNative\wmploc.DLL
[2010/10/13 18:07:18 | 007,015,424 | ---- | C] () -- C:\Windows\SysNative\ieframe.dll
[2010/10/13 18:07:15 | 005,692,928 | ---- | C] () -- C:\Windows\SysNative\mshtml.dll
[2010/10/13 18:07:12 | 000,590,848 | ---- | C] () -- C:\Windows\SysNative\msfeeds.dll
[2010/10/13 18:07:08 | 000,758,784 | ---- | C] () -- C:\Windows\SysNative\mshtmled.dll
[2010/10/13 18:07:01 | 001,426,944 | ---- | C] () -- C:\Windows\SysNative\urlmon.dll
[2010/10/13 18:06:58 | 001,129,984 | ---- | C] () -- C:\Windows\SysNative\mstime.dll
[2010/10/13 18:06:58 | 001,032,704 | ---- | C] () -- C:\Windows\SysNative\wininet.dll
[2010/10/13 18:06:56 | 000,267,776 | ---- | C] () -- C:\Windows\SysNative\ieaksie.dll
[2010/10/13 18:06:55 | 000,485,376 | ---- | C] () -- C:\Windows\SysNative\html.iec
[2010/10/13 18:06:54 | 000,249,856 | ---- | C] () -- C:\Windows\SysNative\iepeers.dll
[2010/10/13 18:06:53 | 000,480,256 | ---- | C] () -- C:\Windows\SysNative\iedkcs32.dll
[2010/10/13 18:06:53 | 000,375,296 | ---- | C] () -- C:\Windows\SysNative\iertutil.dll
[2010/10/13 18:06:53 | 000,208,896 | ---- | C] () -- C:\Windows\SysNative\occache.dll
[2010/10/13 18:06:52 | 000,086,528 | ---- | C] () -- C:\Windows\SysNative\ieencode.dll
[2010/10/13 18:06:51 | 000,032,256 | ---- | C] () -- C:\Windows\SysNative\jsproxy.dll
[2010/10/13 18:06:50 | 001,383,424 | ---- | C] () -- C:\Windows\SysNative\mshtml.tlb
[2010/10/13 18:06:49 | 000,422,400 | ---- | C] () -- C:\Windows\SysNative\ieapfltr.dll
[2010/10/13 18:06:33 | 000,461,824 | ---- | C] () -- C:\Windows\SysNative\drivers\srv.sys
[2010/10/13 18:06:33 | 000,179,712 | ---- | C] () -- C:\Windows\SysNative\srvsvc.dll
[2010/10/13 18:06:33 | 000,175,104 | ---- | C] () -- C:\Windows\SysNative\drivers\srv2.sys
[2010/10/13 18:06:33 | 000,144,896 | ---- | C] () -- C:\Windows\SysNative\drivers\srvnet.sys
[2010/10/13 18:06:32 | 000,017,920 | ---- | C] () -- C:\Windows\SysNative\netevent.dll
[2010/10/13 18:06:32 | 000,012,288 | ---- | C] () -- C:\Windows\SysNative\sscore.dll
[2010/10/13 18:06:28 | 000,343,040 | ---- | C] () -- C:\Windows\SysNative\schannel.dll
[2010/10/13 18:06:27 | 001,090,048 | ---- | C] () -- C:\Windows\SysNative\wmpmde.dll
[2010/09/28 17:28:03 | 000,002,048 | ---- | C] () -- C:\Windows\SysNative\tzres.dll
[2010/09/22 21:03:22 | 000,029,696 | ---- | C] () -- C:\Users\Claire\Documents\Celina's Letter.doc
[2010/09/14 20:24:46 | 000,295,424 | ---- | C] () -- C:\Windows\SysNative\MP4SDECD.DLL
[2010/09/14 20:24:44 | 000,267,776 | ---- | C] () -- C:\Windows\SysNative\spoolsv.exe
[2010/09/14 20:21:29 | 000,975,360 | ---- | C] () -- C:\Windows\SysNative\inetcomm.dll
[2010/09/14 20:21:19 | 000,622,080 | ---- | C] () -- C:\Windows\SysNative\usp10.dll
[2010/08/31 13:38:26 | 000,073,728 | ---- | C] () -- C:\Users\Claire\Documents\Cover Letter and Resume - Claire Marble.doc
[2010/08/30 23:07:14 | 000,097,792 | ---- | C] () -- C:\Users\Claire\Documents\Resume - Claire Marble.doc
[2010/08/17 13:17:03 | 000,263,680 | ---- | C] () -- C:\Users\Claire\Documents\Simulation crosswords-backups.doc
[2010/08/15 15:35:18 | 000,000,474 | ---- | C] () -- C:\Users\Claire\AppData\Roaming\Poladroid prefs.plist
[2010/08/15 15:34:53 | 000,000,987 | ---- | C] () -- C:\Users\Claire\Application Data\Microsoft\Internet Explorer\Quick Launch\Poladroid 9.6.0.lnk
[2010/08/15 15:34:53 | 000,000,963 | ---- | C] () -- C:\Users\Public\Desktop\Poladroid 0.9.6r0.lnk
[2010/08/12 23:47:36 | 000,000,995 | ---- | C] () -- C:\Users\Public\Desktop\Hoyle Card Games 2008.lnk
[2010/08/12 22:04:18 | 001,420,176 | ---- | C] () -- C:\Windows\SysNative\drivers\tcpip.sys
[2010/08/12 22:04:01 | 004,690,832 | ---- | C] () -- C:\Windows\SysNative\ntoskrnl.exe
[2010/08/12 22:03:55 | 000,050,688 | ---- | C] () -- C:\Windows\SysNative\rtutils.dll
[2010/08/12 22:03:45 | 001,875,456 | ---- | C] () -- C:\Windows\SysNative\msxml3.dll
[2010/08/04 18:55:46 | 012,898,304 | ---- | C] () -- C:\Windows\SysNative\shell32.dll
[2009/06/27 20:39:53 | 000,010,240 | ---- | C] () -- C:\Windows\SysWow64\vidx16.dll
[2009/06/27 20:38:13 | 000,000,891 | ---- | C] () -- C:\Windows\disney.ini
[2009/03/19 22:47:48 | 000,000,024 | ---- | C] () -- C:\Windows\cdplayer.ini
[2008/10/30 21:44:12 | 000,700,730 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2008/10/27 18:22:28 | 000,001,096 | ---- | C] () -- C:\Users\Claire\AppData\Roaming\wklnhst.dat
[2008/10/26 18:56:30 | 000,071,680 | ---- | C] () -- C:\Users\Claire\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/10/26 09:41:45 | 000,204,800 | ---- | C] () -- C:\Windows\SysWow64\IVIresizeW7.dll
[2008/10/26 09:41:45 | 000,200,704 | ---- | C] () -- C:\Windows\SysWow64\IVIresizeA6.dll
[2008/10/26 09:41:45 | 000,192,512 | ---- | C] () -- C:\Windows\SysWow64\IVIresizeP6.dll
[2008/10/26 09:41:45 | 000,192,512 | ---- | C] () -- C:\Windows\SysWow64\IVIresizeM6.dll
[2008/10/26 09:41:45 | 000,188,416 | ---- | C] () -- C:\Windows\SysWow64\IVIresizePX.dll
[2008/10/26 09:41:45 | 000,020,480 | ---- | C] () -- C:\Windows\SysWow64\IVIresize.dll
[2008/10/26 09:25:55 | 000,128,113 | ---- | C] () -- C:\Windows\SysWow64\csellang.ini
[2008/10/26 09:25:55 | 000,045,056 | ---- | C] () -- C:\Windows\SysWow64\csellang.dll
[2008/10/26 09:25:55 | 000,007,671 | ---- | C] () -- C:\Windows\SysWow64\cseltbl.ini
[2008/10/26 09:24:28 | 000,000,680 | ---- | C] () -- C:\Users\Claire\AppData\Local\d3d9caps.dat
[2008/10/26 09:23:20 | 000,000,732 | ---- | C] () -- C:\Users\Claire\AppData\Local\d3d9caps64.dat
[2008/10/25 19:12:12 | 000,000,376 | ---- | C] () -- C:\Windows\ODBC.INI
[2008/07/10 21:53:00 | 000,000,000 | ---- | C] () -- C:\Windows\NDSTray.INI
[2008/01/20 22:50:05 | 000,060,124 | ---- | C] () -- C:\Windows\SysWow64\tcpmon.ini
[2008/01/20 22:49:49 | 000,368,640 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2003/01/07 18:05:08 | 000,002,695 | ---- | C] () -- C:\Windows\SysWow64\OUTLPERF.INI
========== LOP Check ========== [2010/10/19 19:42:24 | 000,000,000 | ---D | M] -- C:\Users\Claire\AppData\Roaming\Hoyle Card Games
[2010/08/12 23:49:33 | 000,000,000 | ---D | M] -- C:\Users\Claire\AppData\Roaming\Hoyle FaceCreator
[2009/06/27 20:45:27 | 000,000,000 | ---D | M] -- C:\Users\Claire\AppData\Roaming\Leadertech
[2008/10/27 18:22:29 | 000,000,000 | ---D | M] -- C:\Users\Claire\AppData\Roaming\Template
[2008/10/26 09:37:21 | 000,000,000 | ---D | M] -- C:\Users\Claire\AppData\Roaming\toshiba
[2010/10/18 00:02:00 | 000,000,392 | ---- | M] () -- C:\Windows\Tasks\At1.job
[2010/10/14 09:00:00 | 000,000,392 | ---- | M] () -- C:\Windows\Tasks\At10.job
[2010/10/15 09:59:59 | 000,000,392 | ---- | M] () -- C:\Windows\Tasks\At11.job
[2010/10/15 10:59:59 | 000,000,392 | ---- | M] () -- C:\Windows\Tasks\At12.job
[2010/10/15 12:00:00 | 000,000,392 | ---- | M] () -- C:\Windows\Tasks\At13.job
[2010/10/17 13:00:00 | 000,000,392 | ---- | M] () -- C:\Windows\Tasks\At14.job
[2010/10/15 14:00:01 | 000,000,392 | ---- | M] () -- C:\Windows\Tasks\At15.job
[2010/09/21 14:59:59 | 000,000,392 | ---- | M] () -- C:\Windows\Tasks\At16.job
[2010/10/15 15:59:59 | 000,000,392 | ---- | M] () -- C:\Windows\Tasks\At17.job
[2010/10/17 17:00:00 | 000,000,392 | ---- | M] () -- C:\Windows\Tasks\At18.job
[2010/10/19 18:00:00 | 000,000,392 | ---- | M] () -- C:\Windows\Tasks\At19.job
[2010/10/18 01:00:00 | 000,000,392 | ---- | M] () -- C:\Windows\Tasks\At2.job
[2010/10/21 19:00:00 | 000,000,392 | ---- | M] () -- C:\Windows\Tasks\At20.job
[2010/10/20 19:59:59 | 000,000,392 | ---- | M] () -- C:\Windows\Tasks\At21.job
[2010/10/20 21:00:00 | 000,000,392 | ---- | M] () -- C:\Windows\Tasks\At22.job
[2010/10/21 22:00:00 | 000,000,392 | ---- | M] () -- C:\Windows\Tasks\At23.job
[2010/10/20 23:00:00 | 000,000,392 | ---- | M] () -- C:\Windows\Tasks\At24.job
[2010/10/18 02:00:00 | 000,000,392 | ---- | M] () -- C:\Windows\Tasks\At3.job
[2010/08/15 07:54:27 | 000,000,392 | ---- | M] () -- C:\Windows\Tasks\At4.job
[2010/08/13 04:00:00 | 000,000,392 | ---- | M] () -- C:\Windows\Tasks\At5.job
[2010/06/26 05:00:00 | 000,000,392 | ---- | M] () -- C:\Windows\Tasks\At6.job
[2010/08/02 06:00:00 | 000,000,392 | ---- | M] () -- C:\Windows\Tasks\At7.job
[2010/10/20 06:59:59 | 000,000,392 | ---- | M] () -- C:\Windows\Tasks\At8.job
[2010/10/17 12:54:38 | 000,000,392 | ---- | M] () -- C:\Windows\Tasks\At9.job
[2010/10/18 23:20:02 | 000,032,578 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2010/10/21 21:40:11 | 000,000,420 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{4DA7B80F-1DE0-4AFF-87B4-A638EF97D42C}.job
========== Purity Check ========== ========== Custom Scans ========== < %SYSTEMDRIVE%\*.exe > < %systemroot%\*. /mp /s > < c:\$recycle.bin\*.* /s >[2010/04/22 12:04:12 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3337527313-3042692976-367435044-1000\$I0AZEFH.jpg
[2010/04/22 12:05:53 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3337527313-3042692976-367435044-1000\$I0SLV11.jpg
[2010/04/20 15:47:50 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3337527313-3042692976-367435044-1000\$I149R5T.m4v
[2010/04/20 15:47:50 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3337527313-3042692976-367435044-1000\$I1UKN6L.m4v
[2010/07/11 18:17:48 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3337527313-3042692976-367435044-1000\$I1UUKT9.m4a
[2010/04/20 15:47:51 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3337527313-3042692976-367435044-1000\$I1V4I81.m4v
[2010/04/20 15:47:51 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3337527313-3042692976-367435044-1000\$I1XDP2H.m4v
[2010/04/22 12:04:38 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-33375