Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Unsure of infection


  • Please log in to reply

#1
neemim

neemim

    New Member

  • Member
  • Pip
  • 2 posts
Hi, Basically about a week a go I started getting adyieldmanager popups. I tried doing a system restore but it did not work. The problem now is that it will not allow me to go to websites that I know are working and that I can get up on computers on the same network no problem. I have performed the steps and will post the reports below. Any help greatly appreciated as I am stumped

Malwarebytes' Anti-Malware 1.42
Database version: 3289
Windows 5.1.2600 Service Pack 2
Internet Explorer 8.0.6001.18702

14/12/2009 18:10:05
mbam-log-2009-12-14 (18-10-05).txt

Scan type: Quick Scan
Objects scanned: 106198
Time elapsed: 5 minute(s), 45 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

OTL logfile created on: 14/12/2009 18:41:17 - Run 1
OTL by OldTimer - Version 3.1.17.0 Folder = C:\Documents and Settings\Neil Cobbold\Desktop
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

2.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 100.00% Memory free
4.00 Gb Paging File | 4.00 Gb Available in Paging File | 100.00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 93.16 Gb Total Space | 39.24 Gb Free Space | 42.12% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
Drive E: | 5.45 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: DESIGNER-A03BEB
Current User Name: Neil Cobbold
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 14 Days
Output = Standard
Quick Scan

========== Processes (SafeList) ==========

PRC - [2009/12/14 17:53:02 | 00,538,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Neil Cobbold\Desktop\OTL.exe
PRC - [2009/12/14 11:04:23 | 02,033,432 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgtray.exe
PRC - [2009/12/14 11:04:18 | 00,503,576 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgrsx.exe
PRC - [2009/12/14 11:04:17 | 00,600,344 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgnsx.exe
PRC - [2009/12/14 11:04:07 | 02,303,680 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgfws9.exe
PRC - [2009/12/11 12:44:56 | 01,055,000 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgchsvx.exe
PRC - [2009/12/11 12:44:42 | 00,827,160 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgam.exe
PRC - [2009/12/11 12:44:42 | 00,702,744 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgcsrvx.exe
PRC - [2009/12/11 12:44:39 | 00,285,392 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgwdsvc.exe
PRC - [2009/12/11 12:44:36 | 00,592,392 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\Identity Protection\Agent\Bin\AVGIDSMonitor.exe
PRC - [2009/12/11 12:44:34 | 05,832,712 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\Identity Protection\Agent\Bin\AVGIDSAgent.exe
PRC - [2009/12/03 16:14:02 | 00,429,392 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2009/12/03 16:14:02 | 00,276,816 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2009/11/24 23:51:35 | 00,138,680 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe
PRC - [2009/11/02 09:14:37 | 00,654,848 | ---- | M] (Macrovision Europe Ltd.) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
PRC - [2009/10/30 18:30:14 | 00,039,408 | ---- | M] (Google Inc.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
PRC - [2009/08/28 19:42:54 | 00,144,672 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
PRC - [2009/03/17 09:12:52 | 00,032,768 | ---- | M] (Tablet Driver) -- C:\WINDOWS\system32\WTClient.exe
PRC - [2009/03/04 10:04:22 | 00,069,632 | ---- | M] (Tablet Driver) -- C:\WINDOWS\system32\drivers\WTSrv.exe
PRC - [2009/02/27 07:54:22 | 00,870,672 | ---- | M] (Intel® Corporation) -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe
PRC - [2009/02/27 07:22:10 | 01,368,064 | ---- | M] (Intel® Corporation) -- C:\Program Files\Intel\WiFi\bin\ZCfgSvc.exe
PRC - [2009/02/27 06:55:20 | 00,909,312 | ---- | M] (Intel® Corporation) -- C:\Program Files\Intel\WiFi\bin\S24EvMon.exe
PRC - [2009/02/27 06:40:52 | 01,202,448 | ---- | M] (Intel® Corporation) -- C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
PRC - [2009/02/27 06:38:38 | 00,473,360 | ---- | M] (Intel® Corporation) -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
PRC - [2008/12/12 11:17:38 | 00,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe
PRC - [2007/11/17 03:03:00 | 00,155,716 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvsvc32.exe
PRC - [2007/09/25 08:10:50 | 02,007,088 | ---- | M] (FlashGet.com) -- C:\Program Files\FlashGet\flashget.exe
PRC - [2007/07/20 16:55:46 | 01,228,800 | ---- | M] (Dell Inc.) -- C:\Program Files\Dell\QuickSet\quickset.exe
PRC - [2007/07/20 16:53:52 | 00,475,136 | ---- | M] (Dell Inc.) -- C:\Program Files\Dell\QuickSet\NicConfigSvc.exe
PRC - [2007/05/10 22:46:20 | 00,624,248 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\Adobe\Acrobat 8.0\Acrobat\acrotray.exe
PRC - [2007/05/10 10:22:32 | 00,405,504 | ---- | M] (SigmaTel, Inc.) -- C:\Program Files\SigmaTel\C-Major Audio\WDM\stsystra.exe
PRC - [2006/11/13 13:39:52 | 01,289,000 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft ActiveSync\wcescomm.exe
PRC - [2006/11/13 13:39:34 | 00,199,464 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft ActiveSync\rapimgr.exe
PRC - [2006/10/27 00:47:42 | 00,031,016 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
PRC - [2006/10/26 13:45:04 | 00,293,376 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\WISPTIS.EXE
PRC - [2006/02/28 12:00:00 | 01,032,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2006/02/28 12:00:00 | 00,016,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\unsecapp.exe
PRC - [2005/10/18 17:11:08 | 00,061,440 | ---- | M] (Broadcom Corporation) -- C:\Program Files\Broadcom\ASFIPMon\AsfIpMon.exe


========== Modules (SafeList) ==========

MOD - [2009/12/14 17:53:02 | 00,538,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Neil Cobbold\Desktop\OTL.exe
MOD - [2009/11/24 23:50:32 | 00,139,264 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\AhJsctNs.dll
MOD - [2007/07/20 16:56:14 | 00,098,304 | ---- | M] () -- C:\Program Files\Dell\QuickSet\dadkeyb.dll
MOD - [2007/05/18 16:13:08 | 00,053,329 | ---- | M] (www.flashget.com) -- C:\Program Files\FlashGet\fgmgr.dll
MOD - [2006/02/28 12:00:00 | 01,050,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - [2009/12/14 11:04:07 | 02,303,680 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG9\avgfws9.exe -- (avgfws9)
SRV - [2009/12/11 12:44:39 | 00,285,392 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG9\avgwdsvc.exe -- (avg9wd)
SRV - [2009/12/11 12:44:34 | 05,832,712 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG9\Identity Protection\Agent\Bin\AVGIDSAgent.exe -- (AVGIDSAgent)
SRV - [2009/12/03 16:14:02 | 00,276,816 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2009/11/24 23:51:35 | 00,138,680 | ---- | M] (ALWIL Software) [Disabled | Running] -- C:\Program Files\Alwil Software\Avast4\ashServ.exe -- (avast! Antivirus)
SRV - [2009/11/12 16:33:00 | 00,545,568 | ---- | M] (Apple Inc.) [On_Demand | Stopped] -- C:\Program Files\iPod\bin\iPodService.exe -- (iPod Service)
SRV - [2009/11/02 09:14:37 | 00,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Running] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2009/10/30 18:30:11 | 00,182,768 | ---- | M] (Google) [On_Demand | Stopped] -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc)
SRV - [2009/08/28 19:42:54 | 00,144,672 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2009/03/04 10:04:22 | 00,069,632 | ---- | M] (Tablet Driver) [Auto | Running] -- C:\WINDOWS\System32\Drivers\WTSRV.EXE -- (WinTabService)
SRV - [2009/02/27 07:54:22 | 00,870,672 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng) Intel®
SRV - [2009/02/27 06:55:20 | 00,909,312 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\S24EvMon.exe -- (S24EventMonitor) Intel®
SRV - [2009/02/27 06:38:38 | 00,473,360 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc) Intel®
SRV - [2008/12/12 11:17:38 | 00,238,888 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Bonjour\mDNSResponder.exe -- (Bonjour Service)
SRV - [2007/11/17 03:03:00 | 00,155,716 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\WINDOWS\system32\nvsvc32.exe -- (NVSvc)
SRV - [2007/07/20 16:53:52 | 00,475,136 | ---- | M] (Dell Inc.) [Auto | Running] -- C:\Program Files\Dell\QuickSet\NicConfigSvc.exe -- (NICCONFIGSVC)
SRV - [2007/03/20 16:41:24 | 00,153,792 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe -- (Adobe Version Cue CS3)
SRV - [2006/10/27 00:47:54 | 00,065,824 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe -- (Microsoft Office Groove Audit Service)
SRV - [2006/10/26 19:49:34 | 00,441,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv)
SRV - [2006/10/26 14:03:08 | 00,145,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
SRV - [2005/10/18 17:11:08 | 00,061,440 | ---- | M] (Broadcom Corporation) [Auto | Running] -- C:\Program Files\Broadcom\ASFIPMon\AsfIpMon.exe -- (ASFIPmon)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://www.google.com/"

FF - HKLM\software\mozilla\Firefox\Extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\Program Files\AVG\AVG9\Firefox [2009/12/14 11:05:23 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.5\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2009/12/11 12:16:53 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.5\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2009/12/11 12:16:52 | 00,000,000 | ---D | M]

[2009/10/30 20:40:15 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Neil Cobbold\Application Data\Mozilla\Extensions
[2009/10/30 20:40:15 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Neil Cobbold\Application Data\Mozilla\Firefox\Profiles\b19h4u3y.default\extensions
[2009/10/30 20:39:51 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2007/02/20 16:04:02 | 02,463,976 | ---- | M] () -- C:\Program Files\Mozilla Firefox\plugins\NPSWF32.dll
[2009/12/11 12:16:45 | 00,001,538 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazon-en-GB.xml
[2009/12/11 12:16:45 | 00,000,947 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\chambers-en-GB.xml
[2009/12/11 12:16:45 | 00,000,769 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay-en-GB.xml
[2009/12/11 12:16:45 | 00,000,831 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-en-GB.xml

O1 HOSTS File: (734 bytes) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (ContributeBHO Class) - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files\Adobe\/Adobe Contribute CS3/contributeieplugin.dll ()
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (Skype add-on (mastermind)) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O2 - BHO: (FGCatchUrl) - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Program Files\FlashGet\jccatch.dll (www.flashget.com)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll (Google Inc.)
O2 - BHO: (FlashGet GetFlash Class) - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Program Files\FlashGet\getflash.dll (www.flashget.com)
O3 - HKLM\..\Toolbar: (no name) - - No CLSID value found.
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Contribute Toolbar) - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files\Adobe\/Adobe Contribute CS3/contributeieplugin.dll ()
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [Adobe ARM] C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Adobe_ID0EYTHM] C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3Tray.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AVG9_TRAY] C:\Program Files\AVG\AVG9\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe (Dell Inc.)
O4 - HKLM..\Run: [Flashget] C:\Program Files\FlashGet\FlashGet.exe (FlashGet.com)
O4 - HKLM..\Run: [GrooveMonitor] C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe (Microsoft Corporation)
O4 - HKLM..\Run: [IntelWireless] C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe (Intel® Corporation)
O4 - HKLM..\Run: [IntelZeroConfig] C:\Program Files\Intel\WiFi\bin\ZCfgSvc.exe (Intel® Corporation)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NVHotkey] C:\WINDOWS\System32\nvhotkey.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [SigmatelSysTrayApp] C:\Program Files\SigmaTel\C-Major Audio\WDM\stsystra.exe (SigmaTel, Inc.)
O4 - HKLM..\Run: [WTClient] C:\WINDOWS\System32\WTClient.exe (Tablet Driver)
O4 - HKCU..\Run: [H/PC Connection Agent] C:\Program Files\Microsoft ActiveSync\Wcescomm.exe (Microsoft Corporation)
O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: &Download All with FlashGet - C:\Program Files\FlashGet\JC_ALL.HTM ()
O8 - Extra context menu item: &Download with FlashGet - C:\Program Files\FlashGet\JC_LINK.HTM ()
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\flashget.exe (FlashGet.com)
O9 - Extra 'Tools' menuitem : FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\flashget.exe (FlashGet.com)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = Foundations.local
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\avgrsstarter: DllName - avgrsstx.dll - C:\WINDOWS\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
O22 - SharedTaskScheduler: {DF77E339-A5EB-45A9-94D4-5D6F3D0BC2E0} - NppracoxUna - C:\WINDOWS\System32\nppracox.dll File not found
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/10/30 14:33:44 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2007/03/15 15:15:36 | 00,000,038 | R--- | M] () - E:\AUTORUN.INF -- [ CDFS ]
O33 - MountPoints2\{31b00a70-d469-11de-bc8d-0019d24dd049}\Shell\AutoRun\command - "" = F:\autorun.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - comfile [open] -- "%1" %*
O35 - exefile [open] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: Ias - C:\WINDOWS\system32\ias [2009/10/30 13:49:55 | 00,000,000 | ---D | M]
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

CREATERESTOREPOINT
Restore point Set: OTL Restore Point (16891947461378048)

========== Files/Folders - Created Within 14 Days ==========

[2009/12/14 18:48:40 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Neil Cobbold\Desktop\Fixing
[2009/12/14 17:58:58 | 00,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2009/12/14 17:58:32 | 00,000,000 | ---D | C] -- C:\Program Files\ERUNT
[2009/12/11 12:45:31 | 00,000,000 | -H-D | C] -- C:\$AVG
[2009/12/11 12:45:18 | 00,012,464 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\avgrsstx.dll
[2009/12/11 12:45:17 | 00,360,584 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgtdix.sys
[2009/12/11 12:45:12 | 00,333,192 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgldx86.sys
[2009/12/11 12:45:10 | 00,028,424 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgmfx86.sys
[2009/12/11 12:45:05 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\Avg
[2009/12/11 12:44:46 | 00,025,608 | ---- | C] (AVG Technologies ) -- C:\WINDOWS\System32\drivers\AVGIDSxx.sys
[2009/12/11 12:44:44 | 00,161,800 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgrkx86.sys
[2009/12/11 12:44:42 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\LogFiles
[2009/12/11 12:44:19 | 00,050,968 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\avgfwdx.dll
[2009/12/11 12:44:19 | 00,030,104 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgfwdx.sys
[2009/12/11 12:44:15 | 00,000,000 | ---D | C] -- C:\Program Files\AVG
[2009/12/11 12:44:10 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\avg9
[2009/12/11 12:42:39 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft
[2009/12/11 12:42:38 | 00,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Application Data\Microsoft
[2009/12/11 12:39:05 | 00,000,000 | ---D | C] -- C:\Program Files\Panda Security
[2009/12/11 12:11:47 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\appmgmt
[2009/12/11 12:11:46 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Google
[2009/12/11 12:11:46 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\Adobe
[2009/12/11 12:11:26 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\Skype
[2009/12/11 12:11:26 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\Apple Computer
[2009/12/11 12:01:04 | 00,000,000 | ---D | C] -- C:\Config.Msi
[2009/12/11 11:29:45 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab Setup Files
[2009/12/11 11:29:23 | 00,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Application Data\Microsoft
[2009/12/11 11:29:02 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft
[2009/12/09 20:11:35 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Adobe
[2009/12/09 17:51:59 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\Macromedia
[2009/12/09 17:51:23 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\Google
[2009/12/09 17:37:20 | 00,000,000 | ---D | C] -- C:\Program Files\Microsoft Tablet PC Platform SDK
[2009/12/09 16:57:08 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Apple Computer
[2009/12/09 16:23:06 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Identities
[2009/12/09 15:57:31 | 00,000,000 | ---D | C] -- C:\Program Files\Microsoft ActiveSync
[2009/12/09 14:57:29 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Neil Cobbold\Desktop\My Mobile
[2009/12/09 11:25:24 | 00,000,000 | ---D | C] -- C:\Program Files\TABLET
[2009/12/04 13:01:01 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Neil Cobbold\Desktop\DECEMBER FORMS
[2009/12/04 11:34:06 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Neil Cobbold\Application Data\ntr
[2009/12/03 18:36:46 | 00,000,000 | ---D | C] -- C:\WINDOWS\pss
[2009/12/02 10:48:34 | 00,000,000 | ---D | C] -- C:\Vixensoft
[2009/12/02 10:48:34 | 00,000,000 | ---D | C] -- C:\Temp
[2009/12/02 10:48:34 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Business Objects
[2009/12/02 10:48:34 | 00,000,000 | ---D | C] -- C:\Program Files\Business Objects
[2009/12/02 10:47:40 | 00,225,280 | ---- | C] (IBPhoenix Inc.) -- C:\WINDOWS\System32\IscDbc.dll
[2009/12/02 10:47:40 | 00,200,704 | ---- | C] (IBPhoenix Inc) -- C:\WINDOWS\System32\OdbcJdbc.dll
[2009/12/02 10:47:40 | 00,086,016 | ---- | C] (IBPhoenix Inc.) -- C:\WINDOWS\System32\OdbcJdbcSetup.dll
[2009/12/02 10:47:38 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Neil Cobbold\Local Settings\Application Data\OdbcJdbcSetup
[2009/12/02 10:47:37 | 00,000,000 | ---D | C] -- C:\Program Files\Firebird
[2009/12/02 10:44:53 | 00,000,000 | ---D | C] -- C:\Program Files\ViXEN Software
[2009/11/27 17:24:28 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Neil Cobbold\My Documents\Multi File Downloads
[2009/11/27 13:28:23 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Neil Cobbold\My Documents\Re-House
[2009/11/26 11:06:50 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Neil Cobbold\My Documents\Paragon.Total.Defrag.v2010.8713.Incl.Keymaker-CORE
[2009/11/17 07:25:03 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Neil Cobbold\My Documents\Thomas' Birthday
[2009/11/03 17:53:31 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Neil Cobbold\My Documents\Updater5
[2009/11/02 09:09:39 | 00,000,000 | -HSD | C] -- C:\WINDOWS\CSC
[2009/11/02 08:57:16 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Neil Cobbold\My Documents\website
[2009/11/02 08:57:13 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Neil Cobbold\My Documents\The_Fray-Never_Say_Never-DVDRip-x264-2009-SNO
[2009/11/02 08:57:08 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Neil Cobbold\My Documents\Plexus_Illustrator_files
[2009/11/02 08:56:36 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Neil Cobbold\Desktop\Plexus Folder
[2009/11/02 08:56:35 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Neil Cobbold\My Documents\Health & Safety
[2009/11/02 08:55:03 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Neil Cobbold\My Documents\ConvertediTeddyFiles
[2009/11/02 08:55:02 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Neil Cobbold\My Documents\Blackberry files
[2009/11/02 08:53:55 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Neil Cobbold\Desktop\102_FUJI
[2009/11/02 08:45:56 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Neil Cobbold\My Documents\Trojan_Remover_v6.8.1_Build_2591
[2009/11/02 08:45:56 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Neil Cobbold\My Documents\Thank You For Ordering!_files
[2009/11/02 08:45:56 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Neil Cobbold\My Documents\Simply Super Software
[2009/11/02 08:45:56 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Neil Cobbold\My Documents\Poker Superstars III - Gold Chip Challenge Documents
[2009/11/02 08:43:59 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Neil Cobbold\My Documents\Plexus
[2009/11/02 08:43:58 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Neil Cobbold\My Documents\Planning Pack
[2009/11/02 08:38:27 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Neil Cobbold\My Documents\Mr_Hudson-Straight_No_Chaser-(Repack)-2009-H3X
[2009/11/02 08:38:25 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Neil Cobbold\My Documents\Land of runes
[2009/11/02 08:38:25 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Neil Cobbold\My Documents\HT
[2009/11/02 08:38:22 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\GroupPolicy
[2009/11/02 08:38:20 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Neil Cobbold\My Documents\Elven Legacy
[2009/11/02 08:37:50 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Neil Cobbold\My Documents\Desktop
[2009/11/02 08:37:41 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Neil Cobbold\My Documents\Courtyard
[2009/11/02 08:37:41 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Neil Cobbold\My Documents\Content
[2009/11/02 08:33:39 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Neil Cobbold\My Documents\Camera Photo's
[2009/11/02 08:33:39 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Neil Cobbold\My Documents\Avid Projects
[2009/11/02 08:32:00 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Neil Cobbold\My Documents\SmitfraudFix
[2009/11/02 08:32:00 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Neil Cobbold\My Documents\Scanned Documents
[2009/11/02 08:31:54 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Neil Cobbold\My Documents\saver booklet
[2009/11/02 08:31:50 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Neil Cobbold\My Documents\Samsung Stuff
[2009/11/02 08:31:46 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Neil Cobbold\My Documents\Samsung PC Studio 3
[2009/11/02 08:31:46 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Neil Cobbold\My Documents\Safe Contracter
[2009/11/02 08:31:34 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Neil Cobbold\My Documents\Regional Saver Booklet
[2009/11/02 08:31:33 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Neil Cobbold\My Documents\referencing
[2009/11/02 08:31:32 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Neil Cobbold\My Documents\Property Refurb Pidgeon [bleep]
[2009/11/02 08:31:29 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Neil Cobbold\My Documents\Plexus Folder
[2009/11/02 08:31:29 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Neil Cobbold\My Documents\pictures
[2009/11/02 08:31:28 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Neil Cobbold\My Documents\Petrol Cards
[2009/11/02 08:31:28 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Neil Cobbold\My Documents\Personal letters
[2009/11/02 08:31:26 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Neil Cobbold\My Documents\PDF files
[2009/11/02 08:31:24 | 00,000,000 | R--D | C] -- C:\Documents and Settings\Neil Cobbold\My Documents\My Videos
[2009/11/02 08:31:24 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Neil Cobbold\My Documents\OneNote Notebooks
[2009/11/02 08:31:24 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Neil Cobbold\My Documents\NeroVision
[2009/11/02 08:31:19 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Neil Cobbold\My Documents\My Downloads
[2009/11/02 08:31:16 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Neil Cobbold\My Documents\Word Files
[2009/11/02 08:31:15 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Neil Cobbold\My Documents\Updater
[2009/11/02 08:31:15 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Neil Cobbold\My Documents\TT Installer Logs
[2009/11/02 08:31:15 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Neil Cobbold\My Documents\The Lord of the Rings - Conquest
[2009/11/02 08:30:55 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Neil Cobbold\My Documents\Samsung PC Studio
[2009/11/02 08:30:55 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Neil Cobbold\My Documents\Reporting Sheets
[2009/11/02 08:29:44 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Neil Cobbold\My Documents\Private
[2009/11/02 08:28:58 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Neil Cobbold\My Documents\My Scans
[2009/11/02 08:26:55 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Neil Cobbold\My Documents\My Games
[2009/11/02 08:26:54 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Neil Cobbold\My Documents\Movies
[2009/11/02 08:26:54 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Neil Cobbold\My Documents\mark1
[2009/11/02 08:24:16 | 00,000,000 | R--D | C] -- C:\Documents and Settings\Neil Cobbold\My Documents\Azureus Downloads
[2009/11/02 08:22:56 | 00,000,000 | --SD | C] -- C:\Documents and Settings\Neil Cobbold\My Documents\My Data Sources
[2009/11/02 08:22:56 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Neil Cobbold\My Documents\Mark
[2009/11/02 08:22:56 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Neil Cobbold\My Documents\Mailmerge Lists
[2009/11/02 08:22:45 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Neil Cobbold\My Documents\Foundations Websites
[2009/11/02 08:22:43 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Neil Cobbold\My Documents\Excell Files
[2009/11/02 08:22:43 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Neil Cobbold\My Documents\EPC's
[2009/11/02 08:22:35 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Neil Cobbold\My Documents\Design Files
[2009/11/02 08:22:35 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Neil Cobbold\My Documents\Council Packs
[2009/11/02 08:22:35 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Neil Cobbold\My Documents\AdobeStockPhotos
[2009/11/02 08:21:19 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Neil Cobbold\My Documents\102_FUJI
[2009/11/02 08:20:33 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Neil Cobbold\My Documents\DriverGenius
[2009/11/02 08:14:32 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Neil Cobbold\Neil Cobbold
[2009/11/01 12:07:02 | 00,000,000 | -HSD | C] -- C:\Documents and Settings\Neil Cobbold\IECompatCache
[2009/11/01 11:52:21 | 00,000,000 | ---D | C] -- C:\WINDOWS\SHELLNEW
[2009/11/01 11:46:09 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Neil Cobbold\My Documents\Microsoft Office 2007
[2009/10/30 20:46:47 | 00,456,536 | ---- | C] (Xceed Software Inc (450) 442-2626 [email protected] www.xceedsoft.com) -- C:\WINDOWS\System32\XCEEDZIP.DLL
[2009/10/30 20:28:48 | 00,000,000 | ---D | C] -- C:\WINDOWS\Downloaded Installations
[2009/10/30 20:23:13 | 00,000,000 | ---D | C] -- C:\WINDOWS\nview
[2009/10/30 18:52:32 | 00,000,000 | -HSD | C] -- C:\Documents and Settings\Neil Cobbold\PrivacIE
[2009/10/30 18:52:01 | 00,000,000 | -HSD | C] -- C:\Documents and Settings\Neil Cobbold\IETldCache
[2009/10/30 18:50:37 | 00,000,000 | ---D | C] -- C:\WINDOWS\WBEM
[2009/10/30 18:49:27 | 00,000,000 | -H-D | C] -- C:\WINDOWS\ie8
[2009/10/30 18:49:27 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\en-US
[2009/10/30 18:20:31 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Neil Cobbold\My Documents\Downloads
[2009/10/30 15:26:45 | 00,000,000 | R-SD | C] -- C:\WINDOWS\assembly
[2009/10/30 15:26:17 | 00,000,000 | ---D | C] -- C:\WINDOWS\Microsoft.NET
[2009/10/30 15:22:28 | 00,000,000 | -HSD | C] -- C:\Documents and Settings\Neil Cobbold\UserData
[2009/10/30 15:08:54 | 00,146,944 | ---- | C] (IDT, Inc.) -- C:\WINDOWS\System32\st325602.dll
[2009/10/30 15:07:22 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Application Data\Intel
[2009/10/30 15:07:22 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\Intel
[2009/10/30 15:05:13 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\ReinstallBackups
[2009/10/30 15:05:11 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\DRVSTORE
[2009/10/30 14:57:25 | 00,000,000 | R--D | C] -- C:\Documents and Settings\Neil Cobbold\My Documents\My Pictures
[2009/10/30 14:57:25 | 00,000,000 | R--D | C] -- C:\Documents and Settings\Neil Cobbold\My Documents\My Music
[2009/10/30 14:55:45 | 00,000,000 | RH-D | C] -- C:\Documents and Settings\Neil Cobbold\SendTo
[2009/10/30 14:55:45 | 00,000,000 | RH-D | C] -- C:\Documents and Settings\Neil Cobbold\Recent
[2009/10/30 14:55:45 | 00,000,000 | RH-D | C] -- C:\Documents and Settings\Neil Cobbold\Application Data
[2009/10/30 14:55:45 | 00,000,000 | R--D | C] -- C:\Documents and Settings\Neil Cobbold\Start Menu
[2009/10/30 14:55:45 | 00,000,000 | R--D | C] -- C:\Documents and Settings\Neil Cobbold\My Documents
[2009/10/30 14:55:45 | 00,000,000 | R--D | C] -- C:\Documents and Settings\Neil Cobbold\Favorites
[2009/10/30 14:55:45 | 00,000,000 | -HSD | C] -- C:\Documents and Settings\Neil Cobbold\Cookies
[2009/10/30 14:55:45 | 00,000,000 | -H-D | C] -- C:\Documents and Settings\Neil Cobbold\Templates
[2009/10/30 14:55:45 | 00,000,000 | -H-D | C] -- C:\Documents and Settings\Neil Cobbold\PrintHood
[2009/10/30 14:55:45 | 00,000,000 | -H-D | C] -- C:\Documents and Settings\Neil Cobbold\NetHood
[2009/10/30 14:55:45 | 00,000,000 | -H-D | C] -- C:\Documents and Settings\Neil Cobbold\Local Settings
[2009/10/30 14:55:45 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Neil Cobbold\Desktop
[2009/10/30 14:55:03 | 00,000,000 | ---D | C] -- C:\WINDOWS\SoftwareDistribution
[2009/10/30 14:55:02 | 00,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2009/10/30 14:55:01 | 00,000,000 | --SD | C] -- C:\WINDOWS\System32\Microsoft
[2009/10/30 14:43:12 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\xircom
[2009/10/30 14:34:04 | 00,000,000 | -H-D | C] -- C:\WINDOWS\$hf_mig$
[2009/10/30 14:32:55 | 00,000,000 | -HSD | C] -- C:\Documents and Settings\All Users\DRM
[2009/10/30 14:32:48 | 00,000,000 | R--D | C] -- C:\WINDOWS\Offline Web Pages
[2009/10/30 14:32:47 | 00,000,000 | --SD | C] -- C:\WINDOWS\Downloaded Program Files
[2009/10/30 14:32:19 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\DirectX
[2009/10/30 14:31:43 | 00,000,000 | --SD | C] -- C:\WINDOWS\Tasks
[2009/10/30 14:31:37 | 00,000,000 | ---D | C] -- C:\WINDOWS\srchasst
[2009/10/30 14:31:36 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\Macromed
[2009/10/30 14:31:17 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\Restore
[2009/10/30 14:30:55 | 00,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\My Pictures
[2009/10/30 14:30:20 | 00,000,000 | ---D | C] -- C:\WINDOWS\Registration
[2009/10/30 14:30:12 | 00,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\My Music
[2009/10/30 14:29:11 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\MsDtc
[2009/10/30 14:28:54 | 00,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\My Videos
[2009/10/30 13:59:07 | 00,000,000 | -HSD | C] -- C:\WINDOWS\Installer
[2009/10/30 13:58:36 | 00,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Start Menu
[2009/10/30 13:58:36 | 00,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents
[2009/10/30 13:58:36 | 00,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Templates
[2009/10/30 13:58:36 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Favorites
[2009/10/30 13:58:36 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Desktop
[2009/10/30 13:57:53 | 00,000,000 | RH-D | C] -- C:\Documents and Settings\All Users\Application Data
[2009/10/30 13:48:30 | 00,000,000 | R-SD | C] -- C:\WINDOWS\Fonts
[2009/10/30 13:48:30 | 00,000,000 | RHSD | C] -- C:\WINDOWS\System32\dllcache
[2009/10/30 13:48:30 | 00,000,000 | R--D | C] -- C:\WINDOWS\Web
[2009/10/30 13:48:30 | 00,000,000 | -H-D | C] -- C:\WINDOWS\inf
[2009/10/30 13:48:30 | 00,000,000 | ---D | C] -- C:\WINDOWS\WinSxS
[2009/10/30 13:48:30 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\wins
[2009/10/30 13:48:30 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\wbem
[2009/10/30 13:48:30 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\usmt
[2009/10/30 13:48:30 | 00,000,000 | ---D | C] -- C:\WINDOWS\twain_32
[2009/10/30 13:48:30 | 00,000,000 | ---D | C] -- C:\WINDOWS\Temp
[2009/10/30 13:48:30 | 00,000,000 | ---D | C] -- C:\WINDOWS\system32
[2009/10/30 13:48:30 | 00,000,000 | ---D | C] -- C:\WINDOWS\system
[2009/10/30 13:48:30 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\spool
[2009/10/30 13:48:30 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\ShellExt
[2009/10/30 13:48:30 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\Setup
[2009/10/30 13:48:30 | 00,000,000 | ---D | C] -- C:\WINDOWS\security
[2009/10/30 13:48:30 | 00,000,000 | ---D | C] -- C:\WINDOWS\Resources
[2009/10/30 13:48:30 | 00,000,000 | ---D | C] -- C:\WINDOWS\repair
[2009/10/30 13:48:30 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\ras
[2009/10/30 13:48:30 | 00,000,000 | ---D | C] -- C:\WINDOWS\Provisioning
[2009/10/30 13:48:30 | 00,000,000 | ---D | C] -- C:\WINDOWS\PeerNet
[2009/10/30 13:48:30 | 00,000,000 | ---D | C] -- C:\WINDOWS\pchealth
[2009/10/30 13:48:30 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\oobe
[2009/10/30 13:48:30 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\npp
[2009/10/30 13:48:30 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\mui
[2009/10/30 13:48:30 | 00,000,000 | ---D | C] -- C:\WINDOWS\mui
[2009/10/30 13:48:30 | 00,000,000 | ---D | C] -- C:\WINDOWS\msapps
[2009/10/30 13:48:30 | 00,000,000 | ---D | C] -- C:\WINDOWS\msagent
[2009/10/30 13:48:30 | 00,000,000 | ---D | C] -- C:\WINDOWS\Media
[2009/10/30 13:48:30 | 00,000,000 | ---D | C] -- C:\WINDOWS\java
[2009/10/30 13:48:30 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\inetsrv
[2009/10/30 13:48:30 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\IME
[2009/10/30 13:48:30 | 00,000,000 | ---D | C] -- C:\WINDOWS\ime
[2009/10/30 13:48:30 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\icsxml
[2009/10/30 13:48:30 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\ias
[2009/10/30 13:48:30 | 00,000,000 | ---D | C] -- C:\WINDOWS\Help
[2009/10/30 13:48:30 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\export
[2009/10/30 13:48:30 | 00,000,000 | ---D | C] -- C:\WINDOWS\ehome
[2009/10/30 13:48:30 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers
[2009/10/30 13:48:30 | 00,000,000 | ---D | C] -- C:\WINDOWS\Driver Cache
[2009/10/30 13:48:30 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\dhcp
[2009/10/30 13:48:30 | 00,000,000 | ---D | C] -- C:\WINDOWS\Debug
[2009/10/30 13:48:30 | 00,000,000 | ---D | C] -- C:\WINDOWS\Cursors
[2009/10/30 13:48:30 | 00,000,000 | ---D | C] -- C:\WINDOWS\Connection Wizard
[2009/10/30 13:48:30 | 00,000,000 | ---D | C] -- C:\WINDOWS\Config
[2009/10/30 13:48:30 | 00,000,000 | ---D | C] -- C:\WINDOWS\AppPatch
[2009/10/30 13:48:30 | 00,000,000 | ---D | C] -- C:\WINDOWS\addins
[1996/01/19 09:48:10 | 00,338,432 | ---- | C] (Software FX, Inc.) -- C:\Program Files\Common Files\cfx32.ocx
[6 C:\Documents and Settings\Neil Cobbold\My Documents\*.tmp files -> C:\Documents and Settings\Neil Cobbold\My Documents\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 14 Days ==========

[2009/12/14 18:46:04 | 00,130,720 | ---- | M] () -- C:\WINDOWS\System32\nvModes.001
[2009/12/14 18:37:10 | 00,000,000 | ---- | M] () -- C:\Documents and Settings\Neil Cobbold\Desktop\settings.dat
[2009/12/14 18:28:00 | 00,002,577 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2009/12/14 18:01:59 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009/12/14 18:01:53 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009/12/14 18:00:26 | 03,145,728 | -H-- | M] () -- C:\Documents and Settings\Neil Cobbold\NTUSER.DAT
[2009/12/14 18:00:26 | 00,000,178 | -HS- | M] () -- C:\Documents and Settings\Neil Cobbold\ntuser.ini
[2009/12/14 17:58:41 | 00,000,611 | ---- | M] () -- C:\Documents and Settings\Neil Cobbold\Desktop\NTREGOPT.lnk
[2009/12/14 17:58:41 | 00,000,592 | ---- | M] () -- C:\Documents and Settings\Neil Cobbold\Desktop\ERUNT.lnk
[2009/12/14 17:55:28 | 00,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2009/12/14 17:00:11 | 00,000,436 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{63813DF2-2BFC-49F4-AF8B-E149FE364323}.job
[2009/12/14 16:57:56 | 00,130,720 | ---- | M] () -- C:\WINDOWS\System32\nvModes.dat
[2009/12/14 13:15:56 | 36,741,7986 | ---- | M] () -- C:\Documents and Settings\Neil Cobbold\Desktop\OneDDL.com-merlin.2x12.the_fires_of_idirsholas.ws_pdtv_xvid-fov.avi
[2009/12/14 13:12:45 | 00,002,547 | ---- | M] () -- C:\Documents and Settings\Neil Cobbold\Desktop\ViXEN Avixsys.lnk
[2009/12/14 13:09:56 | 00,029,696 | ---- | M] () -- C:\Documents and Settings\Neil Cobbold\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/12/14 12:48:07 | 18,358,8880 | ---- | M] () -- C:\Documents and Settings\Neil Cobbold\Desktop\OneDDL.com-the.simpsons.s21e08.hdtv.xvid-fqm.avi
[2009/12/14 10:53:39 | 00,548,544 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\iavifw.avm
[2009/12/14 10:53:38 | 46,607,184 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\incavi.avm
[2009/12/14 10:53:13 | 00,123,841 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\microavi.avg
[2009/12/14 10:01:09 | 00,002,521 | ---- | M] () -- C:\Documents and Settings\Neil Cobbold\Desktop\Microsoft Office Outlook 2007.lnk
[2009/12/11 12:45:18 | 00,012,464 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\avgrsstx.dll
[2009/12/11 12:45:17 | 00,360,584 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgtdix.sys
[2009/12/11 12:45:12 | 00,333,192 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgldx86.sys
[2009/12/11 12:45:10 | 00,113,461 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\iavichjw.avm
[2009/12/11 12:45:10 | 00,028,424 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgmfx86.sys
[2009/12/11 12:45:05 | 06,061,540 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\avi7.avg
[2009/12/11 12:45:05 | 00,492,629 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\miniavi.avg
[2009/12/11 12:44:46 | 00,025,608 | ---- | M] (AVG Technologies ) -- C:\WINDOWS\System32\drivers\AVGIDSxx.sys
[2009/12/11 12:44:44 | 00,161,800 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgrkx86.sys
[2009/12/11 12:44:19 | 00,050,968 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\avgfwdx.dll
[2009/12/11 12:44:19 | 00,030,104 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgfwdx.sys
[2009/12/11 10:25:44 | 00,000,552 | ---- | M] () -- C:\WINDOWS\win.ini
[2009/12/11 10:25:44 | 00,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
[2009/12/11 10:25:44 | 00,000,211 | -HS- | M] () -- C:\boot.ini
[2009/12/09 18:01:26 | 00,002,515 | ---- | M] () -- C:\Documents and Settings\Neil Cobbold\Desktop\Microsoft Office Word 2007.lnk
[2009/12/09 16:18:40 | 00,003,513 | ---- | M] () -- C:\WINDOWS\Tablet5500x4000.ini
[2009/12/09 16:00:42 | 00,416,812 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2009/12/09 16:00:42 | 00,066,896 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2009/12/09 16:00:41 | 00,491,566 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2009/12/09 15:59:02 | 00,002,528 | ---- | M] () -- C:\Documents and Settings\Neil Cobbold\Application Data\$_hpcst$.hpc
[2009/12/04 15:30:20 | 01,356,800 | ---- | M] () -- C:\Documents and Settings\Neil Cobbold\Desktop\Company Let Agreement hamptons.doc
[2009/12/03 16:14:06 | 00,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2009/12/03 16:13:56 | 00,019,160 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2009/12/02 17:31:13 | 00,084,368 | ---- | M] () -- C:\Documents and Settings\Neil Cobbold\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2009/12/02 17:30:03 | 01,610,320 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2009/12/02 14:40:15 | 01,381,376 | ---- | M] () -- C:\Documents and Settings\Neil Cobbold\Desktop\CustomerReport1.xls
[2009/12/02 10:50:59 | 00,000,254 | ---- | M] () -- C:\WINDOWS\ODBC.INI
[2009/12/02 10:49:11 | 00,007,139 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\services
[2009/12/02 10:47:40 | 00,225,280 | ---- | M] (IBPhoenix Inc.) -- C:\WINDOWS\System32\IscDbc.dll
[2009/12/02 10:47:40 | 00,200,704 | ---- | M] (IBPhoenix Inc) -- C:\WINDOWS\System32\OdbcJdbc.dll
[2009/12/02 10:47:40 | 00,086,016 | ---- | M] (IBPhoenix Inc.) -- C:\WINDOWS\System32\OdbcJdbcSetup.dll
[2009/12/02 10:47:40 | 00,028,947 | ---- | M] () -- C:\WINDOWS\System32\OdbcJdbc.chm
[2009/12/02 10:47:40 | 00,004,346 | ---- | M] () -- C:\WINDOWS\ODBCINST.INI
[2009/12/02 08:45:13 | 25,344,724 | ---- | M] () -- C:\Documents and Settings\Neil Cobbold\My Documents\cheerleader_hardcore.wmv
[2009/11/28 16:34:52 | 00,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2009/11/27 11:13:04 | 00,300,032 | ---- | M] () -- C:\Documents and Settings\Neil Cobbold\My Documents\BUCON INVOICE 27-11-09.doc
[2009/11/26 08:31:14 | 20,617,62560 | ---- | M] () -- C:\Documents and Settings\Neil Cobbold\Desktop\OneDDL.com-sr-snh2.iso
[2009/11/24 18:25:18 | 00,509,831 | ---- | M] () -- C:\Documents and Settings\Neil Cobbold\My Documents\Address List.xlsx
[2009/11/24 15:54:11 | 02,363,392 | ---- | M] () -- C:\Documents and Settings\Neil Cobbold\Desktop\Foundations.mdb
[2009/11/24 11:17:06 | 00,059,392 | ---- | M] () -- C:\Documents and Settings\Neil Cobbold\My Documents\Client List.xls
[2009/11/24 11:05:51 | 00,060,928 | ---- | M] () -- C:\Documents and Settings\Neil Cobbold\My Documents\Backup of Client List.xlk
[2009/11/24 10:33:30 | 00,052,201 | ---- | M] () -- C:\Documents and Settings\Neil Cobbold\My Documents\FrmEstateAgents.xlsx
[2009/11/23 18:49:50 | 01,636,925 | ---- | M] () -- C:\Documents and Settings\Neil Cobbold\My Documents\FrmCustomers.xlsx
[2009/11/23 16:54:58 | 00,007,476 | ---- | M] () -- C:\Documents and Settings\Neil Cobbold\My Documents\database.xlsx
[2009/11/23 09:05:09 | 00,000,625 | ---- | M] () -- C:\Documents and Settings\Neil Cobbold\Desktop\My Documents.lnk
[2009/11/19 13:58:00 | 00,057,856 | ---- | M] () -- C:\Documents and Settings\Neil Cobbold\My Documents\PlexusUK_CashFlow_2011.xls
[2009/11/18 17:40:42 | 00,000,056 | -H-- | M] () -- C:\WINDOWS\System32\ezsidmv.dat
[2009/11/10 10:20:42 | 00,012,365 | ---- | M] () -- C:\Documents and Settings\Neil Cobbold\My Documents\Neil1.docx
[2009/11/04 17:09:15 | 00,001,800 | ---- | M] () -- C:\Documents and Settings\Neil Cobbold\Desktop\Land Of Runes.lnk
[2009/11/04 15:02:31 | 00,153,600 | ---- | M] () -- C:\Documents and Settings\Neil Cobbold\My Documents\30 Mayfield Close Hillingdon Middlesex UB10 0DS 3 (2).doc
[2009/11/02 13:13:51 | 00,300,032 | ---- | M] () -- C:\Documents and Settings\Neil Cobbold\My Documents\FOUNDATIONS INVOICE 28-10-09.doc
[2009/11/02 09:00:01 | 05,979,880 | -H-- | M] () -- C:\Documents and Settings\Neil Cobbold\Local Settings\Application Data\IconCache.db
[2009/11/02 08:38:42 | 00,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2009/11/01 11:58:03 | 00,002,561 | ---- | M] () -- C:\Documents and Settings\Neil Cobbold\Desktop\Microsoft Office Excel 2007.lnk
[2009/10/30 20:40:01 | 00,000,000 | ---- | M] () -- C:\WINDOWS\nsreg.dat
[2009/10/30 20:39:53 | 00,001,602 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2009/10/30 20:36:36 | 00,021,956 | ---- | M] () -- C:\WINDOWS\System32\nvwsapps.xml
[2009/10/30 18:59:03 | 15,601,27488 | ---- | M] () -- C:\Documents and Settings\Neil Cobbold\My Documents\TBATLT.avi
[2009/10/30 18:22:08 | 00,000,682 | ---- | M] () -- C:\Documents and Settings\Neil Cobbold\Desktop\FlashGet.lnk
[2009/10/30 15:19:05 | 00,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.bak
[2009/10/30 15:08:12 | 00,000,206 | ---- | M] () -- C:\WINDOWS\hbcikrnl.ini
[2009/10/30 14:46:49 | 00,008,192 | ---- | M] () -- C:\WINDOWS\REGLOCS.OLD
[2009/10/30 14:45:28 | 00,000,372 | ---- | M] () -- C:\WINDOWS\System32\$winnt$.inf
[2009/10/30 14:33:44 | 00,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2009/10/30 14:33:44 | 00,000,000 | RHS- | M] () -- C:\IO.SYS
[2009/10/30 14:33:44 | 00,000,000 | ---- | M] () -- C:\WINDOWS\control.ini
[2009/10/30 14:33:44 | 00,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2009/10/30 14:33:44 | 00,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2009/10/30 14:33:41 | 00,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx
[2009/10/30 14:33:40 | 00,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb
[2009/10/30 14:33:40 | 00,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb
[2009/10/30 14:32:47 | 00,000,488 | RH-- | M] () -- C:\WINDOWS\System32\WindowsLogon.manifest
[2009/10/30 14:32:47 | 00,000,488 | RH-- | M] () -- C:\WINDOWS\System32\logonui.exe.manifest
[2009/10/30 14:32:42 | 00,000,749 | RH-- | M] () -- C:\WINDOWS\System32\wuaucpl.cpl.manifest
[2009/10/30 14:32:42 | 00,000,749 | RH-- | M] () -- C:\WINDOWS\WindowsShell.Manifest
[2009/10/30 14:32:42 | 00,000,749 | RH-- | M] () -- C:\WINDOWS\System32\sapi.cpl.manifest
[2009/10/30 14:32:42 | 00,000,749 | RH-- | M] () -- C:\WINDOWS\System32\nwc.cpl.manifest
[2009/10/30 14:32:42 | 00,000,749 | RH-- | M] () -- C:\WINDOWS\System32\ncpa.cpl.manifest
[2009/10/30 14:32:42 | 00,000,749 | RH-- | M] () -- C:\WINDOWS\System32\cdplayer.exe.manifest
[2009/10/30 14:30:36 | 00,021,640 | ---- | M] () -- C:\WINDOWS\System32\emptyregdb.dat
[2009/10/30 14:30:25 | 00,000,037 | ---- | M] () -- C:\WINDOWS\vbaddin.ini
[2009/10/30 14:30:25 | 00,000,036 | ---- | M] () -- C:\WINDOWS\vb.ini
[2009/10/29 09:02:56 | 01,463,009 | ---- | M] () -- C:\Documents and Settings\Neil Cobbold\My Documents\SCAN0007.JPG
[2009/10/29 08:30:08 | 00,021,224 | ---- | M] () -- C:\Documents and Settings\Neil Cobbold\My Documents\FoundationsLogo.png
[2009/10/28 11:41:12 | 00,300,032 | ---- | M] () -- C:\Documents and Settings\Neil Cobbold\My Documents\BUCON INVOICE 28-10-09.doc
[2009/10/28 11:41:12 | 00,000,162 | -H-- | M] () -- C:\Documents and Settings\Neil Cobbold\My Documents\~$CON INVOICE 28-10-09.doc
[2009/10/26 15:25:28 | 00,129,024 | ---- | M] () -- C:\Documents and Settings\Neil Cobbold\My Documents\registrations from london show and NEC show 26 oct 09.xls
[2009/10/21 15:46:40 | 00,044,234 | ---- | M] () -- C:\Documents and Settings\Neil Cobbold\My Documents\Hillingdon Council Training Agenda.docx
[2009/10/21 07:27:36 | 00,954,303 | ---- | M] () -- C:\Documents and Settings\Neil Cobbold\My Documents\SCAN0004.JPG
[2009/10/21 07:24:18 | 02,117,417 | ---- | M] () -- C:\Documents and Settings\Neil Cobbold\My Documents\SCAN0002.JPG
[2009/10/21 07:22:30 | 01,753,833 | ---- | M] () -- C:\Documents and Settings\Neil Cobbold\My Documents\SCAN0001.JPG
[2009/10/20 19:43:44 | 73,487,9744 | ---- | M] () -- C:\Documents and Settings\Neil Cobbold\My Documents\The.Keeper.2009.DVDRip.XviD-DiVERSE.avi
[2009/10/20 15:37:04 | 00,093,696 | ---- | M] () -- C:\Documents and Settings\Neil Cobbold\My Documents\registrations from london show and NEC show 20 oct 09.xls
[2009/10/19 18:55:50 | 00,044,544 | ---- | M] () -- C:\Documents and Settings\Neil Cobbold\My Documents\EtonPornyPTAminutes5[1].10.09.doc
[2009/10/19 15:59:12 | 00,000,162 | -H-- | M] () -- C:\Documents and Settings\Neil Cobbold\My Documents\~$S Longs - Ver 5.rtf
[6 C:\Documents and Settings\Neil Cobbold\My Documents\*.tmp files -> C:\Documents and Settings\Neil Cobbold\My Documents\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2009/12/14 18:37:10 | 00,000,000 | ---- | C] () -- C:\Documents and Settings\Neil Cobbold\Desktop\settings.dat
[2009/12/14 17:58:41 | 00,000,611 | ---- | C] () -- C:\Documents and Settings\Neil Cobbold\Desktop\NTREGOPT.lnk
[2009/12/14 17:58:41 | 00,000,592 | ---- | C] () -- C:\Documents and Settings\Neil Cobbold\Desktop\ERUNT.lnk
[2009/12/14 13:15:24 | 36,741,7986 | ---- | C] () -- C:\Documents and Settings\Neil Cobbold\Desktop\OneDDL.com-merlin.2x12.the_fires_of_idirsholas.ws_pdtv_xvid-fov.avi
[2009/12/14 12:47:39 | 18,358,8880 | ---- | C] () -- C:\Documents and Settings\Neil Cobbold\Desktop\OneDDL.com-the.simpsons.s21e08.hdtv.xvid-fqm.avi
[2009/12/11 12:45:10 | 00,548,544 | ---- | C] () -- C:\WINDOWS\System32\drivers\Avg\iavifw.avm
[2009/12/11 12:45:10 | 00,113,461 | ---- | C] () -- C:\WINDOWS\System32\drivers\Avg\iavichjw.avm
[2009/12/11 12:45:05 | 46,607,184 | ---- | C] () -- C:\WINDOWS\System32\drivers\Avg\incavi.avm
[2009/12/11 12:45:05 | 06,061,540 | ---- | C] () -- C:\WINDOWS\System32\drivers\Avg\avi7.avg
[2009/12/11 12:45:05 | 00,492,629 | ---- | C] () -- C:\WINDOWS\System32\drivers\Avg\miniavi.avg
[2009/12/11 12:45:05 | 00,123,841 | ---- | C] () -- C:\WINDOWS\System32\drivers\Avg\microavi.avg
[2009/12/11 11:53:13 | 00,000,436 | -H-- | C] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{63813DF2-2BFC-49F4-AF8B-E149FE364323}.job
[2009/12/09 16:18:40 | 00,003,513 | ---- | C] () -- C:\WINDOWS\Tablet5500x4000.ini
[2009/12/09 15:59:02 | 00,002,528 | ---- | C] () -- C:\Documents and Settings\Neil Cobbold\Application Data\$_hpcst$.hpc
[2009/12/04 15:23:00 | 01,356,800 | ---- | C] () -- C:\Documents and Settings\Neil Cobbold\Desktop\Company Let Agreement hamptons.doc
[2009/12/02 14:40:13 | 01,381,376 | ---- | C] () -- C:\Documents and Settings\Neil Cobbold\Desktop\CustomerReport1.xls
[2009/12/02 10:49:12 | 00,000,254 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2009/12/02 10:47:40 | 00,028,947 | ---- | C] () -- C:\WINDOWS\System32\OdbcJdbc.chm
[2009/12/02 10:44:59 | 00,002,547 | ---- | C] () -- C:\Documents and Settings\Neil Cobbold\Desktop\ViXEN Avixsys.lnk
[2009/12/02 08:30:33 | 25,344,724 | ---- | C] () -- C:\Documents and Settings\Neil Cobbold\My Documents\cheerleader_hardcore.wmv
[2009/11/28 16:34:49 | 00,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2009/11/27 11:13:04 | 00,300,032 | ---- | C] () -- C:\Documents and Settings\Neil Cobbold\My Documents\BUCON INVOICE 27-11-09.doc
[2009/11/26 17:55:02 | 20,617,62560 | ---- | C] () -- C:\Documents and Settings\Neil Cobbold\Desktop\OneDDL.com-sr-snh2.iso
[2009/11/24 18:25:17 | 00,509,831 | ---- | C] () -- C:\Documents and Settings\Neil Cobbold\My Documents\Address List.xlsx
[2009/11/24 11:01:59 | 00,060,928 | ---- | C] () -- C:\Documents and Settings\Neil Cobbold\My Documents\Backup of Client List.xlk
[2009/11/24 11:01:59 | 00,059,392 | ---- | C] () -- C:\Documents and Settings\Neil Cobbold\My Documents\Client List.xls
[2009/11/24 10:33:29 | 00,052,201 | ---- | C] () -- C:\Documents and Settings\Neil Cobbold\My Documents\FrmEstateAgents.xlsx
[2009/11/23 16:56:28 | 01,636,925 | ---- | C] () -- C:\Documents and Settings\Neil Cobbold\My Documents\FrmCustomers.xlsx
[2009/11/23 16:54:58 | 00,007,476 | ---- | C] () -- C:\Documents and Settings\Neil Cobbold\My Documents\database.xlsx
[2009/11/23 09:05:09 | 00,000,625 | ---- | C] () -- C:\Documents and Settings\Neil Cobbold\Desktop\My Documents.lnk
[2009/11/19 13:53:13 | 00,057,856 | ---- | C] () -- C:\Documents and Settings\Neil Cobbold\My Documents\PlexusUK_CashFlow_2011.xls
[2009/11/18 17:40:42 | 00,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2009/11/10 10:20:42 | 00,012,365 | ---- | C] () -- C:\Documents and Settings\Neil Cobbold\My Documents\Neil1.docx
[2009/11/04 17:09:15 | 00,001,800 | ---- | C] () -- C:\Documents and Settings\Neil Cobbold\Desktop\Land Of Runes.lnk
[2009/11/04 15:02:31 | 00,153,600 | ---- | C] () -- C:\Documents and Settings\Neil Cobbold\My Documents\30 Mayfield Close Hillingdon Middlesex UB10 0DS 3 (2).doc
[2009/11/02 13:36:39 | 15,601,27488 | ---- | C] () -- C:\Documents and Settings\Neil Cobbold\My Documents\TBATLT.avi
[2009/11/02 13:13:50 | 00,300,032 | ---- | C] () -- C:\Documents and Settings\Neil Cobbold\My Documents\FOUNDATIONS INVOICE 28-10-09.doc
[2009/11/02 09:31:59 | 02,463,976 | ---- | C] () -- C:\WINDOWS\System32\NPSWF32.dll
[2009/11/02 08:53:54 | 01,972,267 | ---- | C] () -- C:\Documents and Settings\Neil Cobbold\My Documents\safecontractor round RGB.eps
[2009/11/02 08:53:54 | 01,003,038 | ---- | C] () -- C:\Documents and Settings\Neil Cobbold\My Documents\logo.eps
[2009/11/02 08:53:54 | 00,444,627 | ---- | C] () -- C:\Documents and Settings\Neil Cobbold\My Documents\TrustMark logo with NAPIT.jpg
[2009/11/02 08:53:54 | 00,011,103 | ---- | C] () -- C:\Documents and Settings\Neil Cobbold\My Documents\Nicola Profile.docx
[2009/11/02 08:53:53 | 03,826,688 | ---- | C] () -- C:\Documents and Settings\Neil Cobbold\My Documents\backup2.pst
[2009/11/02 08:53:53 | 02,363,392 | ---- | C] () -- C:\Documents and Settings\Neil Cobbold\Desktop\Foundations.mdb
[2009/11/02 08:53:53 | 01,917,073 | ---- | C] () -- C:\Documents and Settings\Neil Cobbold\My Documents\Logo's.docx
[2009/11/02 08:53:53 | 00,290,098 | ---- | C] () -- C:\Documents and Settings\Neil Cobbold\My Documents\gsreg_logo_reg.eps
[2009/11/02 08:53:53 | 00,087,552 | ---- | C] () -- C:\Documents and Settings\Neil Cobbold\My Documents\[email protected]
[2009/11/02 08:53:53 | 00,003,147 | ---- | C] () -- C:\Documents and Settings\Neil Cobbold\My Documents\Hillingdon homes.gif
[2009/11/02 08:53:34 | 34,945,5360 | ---- | C] () -- C:\Documents and Settings\Neil Cobbold\My Documents\backup.pst
[2009/11/02 08:33:39 | 00,023,256 | ---- | C] () -- C:\Documents and Settings\Neil Cobbold\My Documents\what is a method statement.pdf
[2009/11/02 08:33:39 | 00,000,162 | -H-- | C] () -- C:\Documents and Settings\Neil Cobbold\My Documents\~$S Longs - Ver 5.rtf
[2009/11/02 08:33:39 | 00,000,162 | -H-- | C] () -- C:\Documents and Settings\Neil Cobbold\My Documents\~$CON INVOICE 28-10-09.doc
[2009/11/02 08:33:39 | 00,000,162 | -H-- | C] () -- C:\Documents and Settings\Neil Cobbold\My Documents\~$August.docx
[2009/11/02 08:33:06 | 73,487,9744 | ---- | C] () -- C:\Documents and Settings\Neil Cobbold\My Documents\The.Keeper.2009.DVDRip.XviD-DiVERSE.avi
[2009/11/02 08:33:06 | 00,093,184 | ---- | C] () -- C:\Documents and Settings\Neil Cobbold\My Documents\SLA with Plexus.doc
[2009/11/02 08:33:06 | 00,019,218 | ---- | C] () -- C:\Documents and Settings\Neil Cobbold\My Documents\Thank You For Ordering!.htm
[2009/11/02 08:33:06 | 00,011,522 | ---- | C] () -- C:\Documents and Settings\Neil Cobbold\My Documents\Sitemap.docx
[2009/11/02 08:32:45 | 46,345,9869 | ---- | C] () -- C:\Documents and Settings\Neil Cobbold\My Documents\show2.wmv.MP4.bak
[2009/11/02 08:32:45 | 02,117,417 | ---- | C] () -- C:\Documents and Settings\Neil Cobbold\My Documents\SCAN0002.JPG
[2009/11/02 08:32:45 | 01,463,009 | ---- | C] () -- C:\Documents and Settings\Neil Cobbold\My Documents\SCAN0007.JPG
[2009/11/02 08:32:45 | 00,954,303 | ---- | C] () -- C:\Documents and Settings\Neil Cobbold\My Documents\SCAN0004.JPG
[2009/11/02 08:32:44 | 06,534,068 | ---- | C] () -- C:\Documents and Settings\Neil Cobbold\My Documents\ReHouse3.ai
[2009/11/02 08:32:44 | 04,502,557 | ---- | C] () -- C:\Documents and Settings\Neil Cobbold\My Documents\Re-House UK Presentation.pptx
[2009/11/02 08:32:44 | 04,502,557 | ---- | C] () -- C:\Documents and Settings\Neil Cobbold\My Documents\Re-House UK Presentation.ppsx
[2009/11/02 08:32:44 | 01,753,833 | ---- | C] () -- C:\Documents and Settings\Neil Cobbold\My Documents\SCAN0001.JPG
[2009/11/02 08:32:44 | 01,627,681 | ---- | C] () -- C:\Documents and Settings\Neil Cobbold\My Documents\Re-House UK olympia Presentation.pptx
[2009/11/02 08:32:44 | 00,267,440 | ---- | C] () -- C:\Documents and Settings\Neil Cobbold\My Documents\policy_summary.pdf
[2009/11/02 08:32:44 | 00,246,784 | ---- | C] () -- C:\Documents and Settings\Neil Cobbold\My Documents\NON-conformity (3).doc
[2009/11/02 08:32:44 | 00,129,024 | ---- | C] () -- C:\Documents and Settings\Neil Cobbold\My Documents\registrations from london show and NEC show 26 oct 09.xls
[2009/11/02 08:32:44 | 00,093,696 | ---- | C] () -- C:\Documents and Settings\Neil Cobbold\My Documents\registrations from london show and NEC show 20 oct 09.xls
[2009/11/02 08:32:44 | 00,081,770 | ---- | C] () -- C:\Documents and Settings\Neil Cobbold\My Documents\Rehouse Invoice.pdf
[2009/11/02 08:32:44 | 00,080,384 | ---- | C] () -- C:\Documents and Settings\Neil Cobbold\My Documents\Registration Details Form.doc
[2009/11/02 08:32:44 | 00,056,823 | ---- | C] () -- C:\Documents and Settings\Neil Cobbold\My Documents\Registration Details Form.docx
[2009/11/02 08:32:44 | 00,027,769 | ---- | C] () -- C:\Documents and Settings\Neil Cobbold\My Documents\Plexus Robin King 07.08.09.docx
[2009/11/02 08:32:44 | 00,027,136 | ---- | C] () -- C:\Documents and Settings\Neil Cobbold\My Documents\RHUK Olympia v1.ppt
[2009/11/02 08:32:44 | 00,011,348 | ---- | C] () -- C:\Documents and Settings\Neil Cobbold\My Documents\Rehouse uk follow up letter.docx
[2009/11/02 08:32:41 | 20,383,873 | ---- | C] () -- C:\Documents and Settings\Neil Cobbold\My Documents\NHS Longs - Ver 5.rtf
[2009/11/02 08:32:41 | 02,016,583 | ---- | C] () -- C:\Documents and Settings\Neil Cobbold\My Documents\LEAFLET.pdf
[2009/11/02 08:32:41 | 01,131,008 | ---- | C] () -- C:\Documents and Settings\Neil Cobbold\My Documents\Foundations Invoices.doc
[2009/11/02 08:32:41 | 00,643,595 | ---- | C] () -- C:\Documents and Settings\Neil Cobbold\My Documents\Foundations H&S Policy.pdf
[2009/11/02 08:32:41 | 00,626,729 | ---- | C] () -- C:\Documents and Settings\Neil Cobbold\My Documents\Network early term.pdf
[2009/11/02 08:32:41 | 00,200,772 | ---- | C] () -- C:\Documents and Settings\Neil Cobbold\My Documents\gsreg_logo_bw.jpg
[2009/11/02 08:32:41 | 00,194,560 | ---- | C] () -- C:\Documents and Settings\Neil Cobbold\My Documents\FOUNDATIONS LIAB.doc
[2009/11/02 08:32:41 | 00,165,490 | ---- | C] () -- C:\Documents and Settings\Neil Cobbold\My Documents\Foundations_Comp_Layout 1.pdf
[2009/11/02 08:32:41 | 00,148,086 | ---- | C] () -- C:\Documents and Settings\Neil Cobbold\My Documents\Foundations_Letterhead_Layout 1.pdf
[2009/11/02 08:32:41 | 00,141,145 | ---- | C] () -- C:\Documents and Settings\Neil Cobbold\My Documents\Foundations_Letterhead_Layout 1.ai
[2009/11/02 08:32:41 | 00,095,696 | ---- | C] () -- C:\Documents and Settings\Neil Cobbold\My Documents\Invoice #5379.pdf
[2009/11/02 08:32:41 | 00,073,897 | ---- | C] () -- C:\Documents and Settings\Neil Cobbold\My Documents\gsreg_logo.jpg
[2009/11/02 08:32:41 | 00,044,544 | ---- | C] () -- C:\Documents and Settings\Neil Cobbold\My Documents\EtonPornyPTAminutes5[1].10.09.doc
[2009/11/02 08:32:41 | 00,044,234 | ---- | C] () -- C:\Documents and Settings\Neil Cobbold\My Documents\Hillingdon Council Training Agenda.docx
[2009/11/02 08:32:41 | 00,041,039 | ---- | C] () -- C:\Documents and Settings\Neil Cobbold\My Documents\NAPIT_fullcolour_logo_E.jpg
[2009/11/02 08:32:41 | 00,028,160 | ---- | C] () -- C:\Documents and Settings\Neil Cobbold\My Documents\Information.doc
[2009/11/02 08:32:41 | 00,021,224 | ---- | C] () -- C:\Documents and Settings\Neil Cobbold\My Documents\FoundationsLogo.png
[2009/11/02 08:32:41 | 00,015,841 | ---- | C] () -- C:\Documents and Settings\Neil Cobbold\My Documents\June Report.docx
[2009/11/02 08:32:41 | 00,013,082 | ---- | C] () -- C:\Documents and Settings\Neil Cobbold\My Documents\LA'S FAQ'S.docx
[2009/11/02 08:32:41 | 00,011,230 | ---- | C] () -- C:\Documents and Settings\Neil Cobbold\My Documents\Lifesaver sponsorship.docx
[2009/11/02 08:32:41 | 00,011,086 | ---- | C] () -- C:\Documents and Settings\Neil Cobbold\My Documents\HIA Letter.docx
[2009/11/02 08:32:41 | 00,007,244 | ---- | C] () -- C:\Documents and Settings\Neil Cobbold\My Documents\gas safe black and white.png
[2009/11/02 08:32:41 | 00,000,689 | ---- | C] () -- C:\Documents and Settings\Neil Cobbold\My Documents\HandBrakeCLI.exe.stackdump
[2009/11/02 08:32:40 | 06,943,987 | ---- | C] () -- C:\Documents and Settings\Neil Cobbold\My Documents\clickMoneyCD.zip
[2009/11/02 08:32:40 | 00,869,888 | ---- | C] () -- C:\Documents and Settings\Neil Cobbold\My Documents\Documentary Release Form.doc
[2009/11/02 08:32:40 | 00,122,336 | ---- | C] () -- C:\Documents and Settings\Neil Cobbold\My Documents\claim form.pdf
[2009/11/02 08:32:40 | 00,078,336 | ---- | C] () -- C:\Documents and Settings\Neil Cobbold\My Documents\Copy of [email protected]
[2009/11/02 08:32:40 | 00,041,472 | ---- | C] () -- C:\Documents and Settings\Neil Cobbold\My Documents\E-mail Form.doc
[2009/11/02 08:32:40 | 00,032,768 | ---- | C] () -- C:\Documents and Settings\Neil Cobbold\My Documents\costings for brian neil.xls
[2009/11/02 08:32:40 | 00,029,385 | ---- | C] () -- C:\Documents and Settings\Neil Cobbold\My Documents\E-mail Form.docx
[2009/11/02 08:32:40 | 00,026,112 | ---- | C] () -- C:\Documents and Settings\Neil Cobbold\My Documents\COMPANY INFORMATION.doc
[2009/11/02 08:32:40 | 00,017,676 | ---- | C] () -- C:\Documents and Settings\Neil Cobbold\My Documents\Data Protection and Privacy Policy on Re.docx
[2009/11/02 08:32:40 | 00,011,896 | ---- | C] () -- C:\Documents and Settings\Neil Cobbold\My Documents\Doc1 (3).docx
[2009/11/02 08:32:02 | 73,393,3568 | ---- | C] () -- C:\Documents and Settings\Neil Cobbold\My Documents\cic-lfs.avi
[2009/11/02 08:32:02 | 00,437,816 | ---- | C] () -- C:\Documents and Settings\Neil Cobbold\My Documents\Business cards1.eps
[2009/11/02 08:32:02 | 00,437,376 | ---- | C] () -- C:\Documents and Settings\Neil Cobbold\My Documents\Business cards.eps
[2009/11/02 08:32:02 | 00,437,310 | ---- | C] () -- C:\Documents and Settings\Neil Cobbold\My Documents\Business cards2.eps
[2009/11/02 08:32:02 | 00,300,544 | ---- | C] () -- C:\Documents and Settings\Neil Cobbold\My Documents\BUCON INVOICE2 (3).doc
[2009/11/02 08:32:02 | 00,300,032 | ---- | C] () -- C:\Documents and Settings\Neil Cobbold\My Documents\BUCON INVOICE 28-10-09.doc
[2009/11/02 08:32:02 | 00,056,611 | ---- | C] () -- C:\Documents and Settings\Neil Cobbold\My Documents\Binder3.pdf
[2009/11/02 08:32:02 | 00,016,723 | ---- | C] () -- C:\Documents and Settings\Neil Cobbold\My Documents\August Report.docx
[2009/11/02 08:32:02 | 00,015,033 | ---- | C] () -- C:\Documents and Settings\Neil Cobbold\My Documents\August.docx
[2009/11/02 08:32:02 | 00,010,170 | ---- | C] () -- C:\Documents and Settings\Neil Cobbold\My Documents\changes.docx
[2009/11/02 08:32:02 | 00,004,456 | ---- | C] () -- C:\Documents and Settings\Neil Cobbold\My Documents\1.jpg
[2009/11/02 08:23:03 | 73,374,1056 | ---- | C] () -- C:\Documents and Settings\Neil Cobbold\My Documents\Lee.Evans.Big.Live.2008.DVDRiP.XViD-CD1.avi
[2009/11/02 08:21:51 | 00,077,824 | ---- | C] () -- C:\WINDOWS\System32\xvid.ax
[2009/11/02 08:21:18 | 04,140,270 | ---- | C] () -- C:\Documents and Settings\Neil Cobbold\My Documents\Umbrella.mp3
[2009/11/02 08:21:18 | 00,744,743 | ---- | C] () -- C:\Documents and Settings\Neil Cobbold\My Documents\Tenant Application.pdf
[2009/11/02 08:21:18 | 00,097,491 | ---- | C] () -- C:\Documents and Settings\Neil Cobbold\My Documents\Short term letter 3.docx
[2009/11/02 08:21:18 | 00,097,471 | ---- | C] () -- C:\Documents and Settings\Neil Cobbold\My Documents\Short term letter 2.docx
[2009/11/02 08:21:18 | 00,028,672 | ---- | C] () -- C:\Documents and Settings\Neil Cobbold\My Documents\TO WHOM IT MAY CONCERN.doc
[2009/11/02 08:21:18 | 00,026,112 | ---- | C] () -- C:\Documents and Settings\Neil Cobbold\My Documents\Valentine Prize Draw.doc
[2009/11/02 08:21:18 | 00,025,600 | ---- | C] () -- C:\Documents and Settings\Neil Cobbold\My Documents\Voucher Opening Letter.doc
[2009/11/02 08:21:18 | 00,025,088 | ---- | C] () -- C:\Documents and Settings\Neil Cobbold\My Documents\Suitability Statement.doc
[2009/11/02 08:21:17 | 03,962,492 | ---- | C] () -- C:\Documents and Settings\Neil Cobbold\My Documents\killers-human.mp3
[2009/11/02 08:21:17 | 01,082,097 | ---- | C] () -- C:\Documents and Settings\Neil Cobbold\My Documents\plexus homepage.ai
[2009/11/02 08:21:17 | 01,070,318 | ---- | C] () -- C:\Documents and Settings\Neil Cobbold\My Documents\plexus about us.ai
[2009/11/02 08:21:17 | 00,112,128 | ---- | C] () -- C:\Documents and Settings\Neil Cobbold\My Documents\Plexus Council Letter1 v2.doc
[2009/11/02 08:21:17 | 00,097,842 | ---- | C] () -- C:\Documents and Settings\Neil Cobbold\My Documents\Short term letter 1.docx
[2009/11/02 08:21:17 | 00,092,672 | ---- | C] () -- C:\Documents and Settings\Neil Cobbold\My Documents\PQQ for term contracts 1 (2).doc
[2009/11/02 08:21:17 | 00,092,160 | ---- | C] () -- C:\Documents and Settings\Neil Cobbold\My Documents\PQQ for term contracts 3.doc
[2009/11/02 08:21:17 | 00,092,160 | ---- | C] () -- C:\Documents and Settings\Neil Cobbold\My Documents\PQQ for term contracts 1.doc
[2009/11/02 08:21:17 | 00,073,383 | ---- | C] () -- C:\Documents and Settings\Neil Cobbold\My Documents\Inspire Info.pdf
[2009/11/02 08:21:17 | 00,061,440 | ---- | C] () -- C:\Documents and Settings\Neil Cobbold\My Documents\Outstanding Quote jobs.xls
[2009/11/02 08:21:17 | 00,036,352 | ---- | C] () -- C:\Documents and Settings\Neil Cobbold\My Documents\House Builders in the UK information.doc
[2009/11/02 08:21:17 | 00,033,280 | ---- | C] () -- C:\Documents and Settings\Neil Cobbold\My Documents\Multi Pack Voucher.doc
[2009/11/02 08:21:17 | 00,032,256 | ---- | C] () -- C:\Documents and Settings\Neil Cobbold\My Documents\Pre-Paid Voucher.doc
[2009/11/02 08:21:17 | 00,031,232 | ---- | C] () -- C:\Documents and Settings\Neil Cobbold\My Documents\Money Off Voucher.doc
[2009/11/02 08:21:17 | 00,028,672 | ---- | C] () -- C:\Documents and Settings\Neil Cobbold\My Documents\Property refurb Quote.doc
[2009/11/02 08:21:17 | 00,027,648 | ---- | C] () -- C:\Documents and Settings\Neil Cobbold\My Documents\Plexus UK Company Structure.doc
[2009/11/02 08:21:17 | 00,027,648 | ---- | C] () -- C:\Documents and Settings\Neil Cobbold\My Documents\Plexus Speadsheet.xls
[2009/11/02 08:21:17 | 00,026,624 | ---- | C] () -- C:\Documents and Settings\Neil Cobbold\My Documents\Non-Member Voucher Letter.doc
[2009/11/02 08:21:17 | 00,026,112 | ---- | C] () -- C:\Documents and Settings\Neil Cobbold\My Documents\Private Company Letter.doc
[2009/11/02 08:21:17 | 00,025,600 | ---- | C] () -- C:\Documents and Settings\Neil Cobbold\My Documents\Member Voucher Letter.doc
[2009/11/02 08:21:17 | 00,024,576 | ---- | C] () -- C:\Documents and Settings\Neil Cobbold\My Documents\Letter List.xls
[2009/11/02 08:21:17 | 00,023,552 | ---- | C] () -- C:\Documents and Settings\Neil Cobbold\My Documents\Mick Humber.doc
[2009/11/02 08:21:17 | 00,022,016 | ---- | C] () -- C:\Documents and Settings\Neil Cobbold\My Documents\Sales End of Day.doc
[2009/11/02 08:21:17 | 00,022,016 | ---- | C] () -- C:\Documents and Settings\Neil Cobbold\My Documents\Maintenance End of Day.doc
[2009/11/02 08:21:17 | 00,022,016 | ---- | C] () -- C:\Documents and Settings\Neil Cobbold\My Documents\Loans End of Day.doc
[2009/11/02 08:21:17 | 00,022,016 | ---- | C] () -- C:\Documents and Settings\Neil Cobbold\My Documents\Inventory End of Day.doc
[2009/11/02 08:21:17 | 00,010,223 | ---- | C] () -- C:\Documents and Settings\Neil Cobbold\My Documents\I LOVE MUMMY.docx
[2009/11/02 08:21:17 | 00,005,755 | ---- | C] () -- C:\Documents and Settings\Neil Cobbold\My Documents\Neil theme.Theme
[2009/11/02 08:21:16 | 05,212,160 | ---- | C] () -- C:\Documents and Settings\Neil Cobbold\My Documents\hotncold.mp3
[2009/11/02 08:21:16 | 00,138,240 | ---- | C] () -- C:\Documents and Settings\Neil Cobbold\My Documents\health and safety handbook.doc
[2009/11/02 08:21:15 | 15,854,592 | ---- | C] () -- C:\Documents and Settings\Neil Cobbold\My Documents\Greenford Property 29 01 09.doc
[2009/11/02 08:21:14 | 01,602,007 | ---- | C] () -- C:\Documents and Settings\Neil Cobbold\My Documents\Ginger Ent Busi Cards.pdf
[2009/11/02 08:21:14 | 01,594,860 | ---- | C] () -- C:\Documents and Settings\Neil Cobbold\My Documents\Ginger Enterprises Ltd Letterhead.pdf
[2009/11/02 08:21:14 | 01,430,953 | ---- | C] () -- C:\Documents and Settings\Neil Cobbold\My Documents\Foundations Folder.pdf
[2009/11/02 08:21:14 | 00,475,733 | ---- | C] () -- C:\Documents and Settings\Neil Cobbold\My Documents\Frost Langley Tenant Application.pdf
[2009/11/02 08:21:14 | 00,108,032 | ---- | C] () -- C:\Documents and Settings\Neil Cobbold\My Documents\Foundations procedure.doc
[2009/11/02 08:21:14 | 00,047,104 | ---- | C] () -- C:\Documents and Settings\Neil Cobbold\My Documents\Foundations.doc
[2009/11/02 08:21:14 | 00,028,954 | ---- | C] () -- C:\Documents and Settings\Neil Cobbold\My Documents\frost logo.bmp
[2009/11/02 08:21:14 | 00,010,135 | ---- | C] () -- C:\Documents and Settings\Neil Cobbold\My Documents\Foundations Revenue from 9 weeks.docx
[2009/11/02 08:21:13 | 02,092,983 | ---- | C] () -- C:\Documents and Settings\Neil Cobbold\My Documents\Foundations Busi Cards x 7.pdf
[2009/11/02 08:21:13 | 01,687,552 | ---- | C] () -- C:\Documents and Settings\Neil Cobbold\My Documents\Debtors List.xls
[2009/11/02 08:21:13 | 00,778,184 | ---- | C] () -- C:\Documents and Settings\Neil Cobbold\My Documents\Foundations Business Network Card.pdf
[2009/11/02 08:21:13 | 00,697,856 | ---- | C] () -- C:\Documents and Settings\Neil Cobbold\My Documents\Debtors List (Autosaved)2 (Recovered) (Recovered) (Autosaved) (Recovered) (Recovered) (Recovered) (Recovered) (Recovered) (Autosaved).xlsx
[2009/11/02 08:21:13 | 00,110,592 | ---- | C] () -- C:\Documents and Settings\Neil Cobbold\My Documents\Foundations 10-10-08.doc
[2009/11/02 08:21:13 | 00,110,592 | ---- | C] () -- C:\Documents and Settings\Neil Cobbold\My Documents\Foundations 02-02-09.doc
[2009/11/02 08:21:13 | 00,109,056 | ---- | C] () -- C:\Documents and Settings\Neil Cobbold\My Documents\Foundations 19-12-08.doc
[2009/11/02 08:21:13 | 00,099,328 | ---- | C] () -- C:\Documents and Settings\Neil Cobbold\My Documents\Employee handbook (2).doc
[2009/11/02 08:21:13 | 00,026,112 | ---- | C] () -- C:\Documents and Settings\Neil Cobbold\My Documents\Financial for Sub Let opportunity.doc
[2009/11/02 08:21:13 | 00,022,528 | ---- | C] () -- C:\Documents and Settings\Neil Cobbold\My Documents\Doc1 (2).doc
[2009/11/02 08:21:13 | 00,013,857 | ---- | C] () -- C:\Documents and Settings\Neil Cobbold\My Documents\Foundations Company Let Opportunity.docx
[2009/11/02 08:21:12 | 03,109,252 | ---- | C] () -- C:\Documents and Settings\Neil Cobbold\My Documents\Barbie_Girl.mp3
[2009/11/02 08:21:12 | 01,631,232 | ---- | C] () -- C:\Documents and Settings\Neil Cobbold\My Documents\Debtors List (Autosaved)2 (Recovered) (Recovered) (Autosaved) (Recovered) (Recovered) (Recovered) (Recovered) (Recovered) (Autosaved).xls
[2009/11/02 08:21:12 | 01,630,720 | ---- | C] () -- C:\Documents and Settings\Neil Cobbold\My Documents\Debtors List
[2009/11/02 08:21:12 | 00,652,137 | ---- | C] () -- C:\Documents and Settings\Neil Cobbold\My Documents\Body Service UK Letterhead.pdf
[2009/11/02 08:21:12 | 00,649,728 | ---- | C] () -- C:\Documents and Settings\Neil Cobbold\My Documents\Company Let Agreement.doc
[2009/11/02 08:21:12 | 00,637,013 | ---- | C] () -- C:\Documents and Settings\Neil Cobbold\My Documents\Body Service Busi Card.pdf
[2009/11/02 08:21:12 | 00,218,624 | ---- | C] () -- C:\Documents and Settings\Neil Cobbold\My Documents\Basic Package.doc
[2009/11/02 08:21:12 | 00,082,432 | ---- | C] () -- C:\Documents and Settings\Neil Cobbold\My Documents\Blue Enterprises Ltd (2).doc
[2009/11/02 08:21:12 | 00,075,264 | ---- | C] () -- C:\Documents and Settings\Neil Cobbold\My Documents\Cash_Flow_Plexus @050209 (3).xls
[2009/11/02 08:21:12 | 00,074,752 | ---- | C] () -- C:\Documents and Settings\Neil Cobbold\My Documents\Cash_Flow_Plexus_Housing Scheme @050209 (2).xls
[2009/11/02 08:21:12 | 00,046,592 | ---- | C] () -- C:\Documents and Settings\Neil Cobbold\My Documents\COMMERCIAL LEASE AGREEMENT.doc
[2009/11/02 08:21:12 | 00,044,032 | ---- | C] () -- C:\Documents and Settings\Neil Cobbold\My Documents\AGENTS WHAT THEY SIGNED FOR.xls
[2009/11/02 08:21:12 | 00,043,520 | ---- | C] () -- C:\Documents and Settings\Neil Cobbold\My Documents\Copy of plexus uk figs for les.xls
[2009/11/02 08:21:12 | 00,039,424 | ---- | C] () -- C:\Documents and Settings\Neil Cobbold\My Documents\Agent Fact Find Sheet.xls
[2009/11/02 08:21:12 | 00,027,648 | ---- | C] () -- C:\Documents and Settings\Neil Cobbold\My Documents\Agent Information Sheet.doc
[2009/11/02 08:21:12 | 00,026,624 | ---- | C] () -- C:\Documents and Settings\Neil Cobbold\My Documents\Council Letter.doc
[2009/11/02 08:21:12 | 00,025,600 | ---- | C] () -- C:\Documents and Settings\Neil Cobbold\My Documents\Charity Nominations.doc
[2009/11/02 08:21:12 | 00,025,088 | ---- | C] () -- C:\Documents and Settings\Neil Cobbold\My Documents\Costings.xls
[2009/11/02 08:21:12 | 00,025,088 | ---- | C] () -- C:\Documents and Settings\Neil Cobbold\My Documents\brent council letter.doc
[2009/11/02 08:21:12 | 00,024,576 | ---- | C] () -- C:\Documents and Settings\Neil Cobbold\My Documents\Dear Boris.doc
[2009/11/02 08:21:12 | 00,024,576 | ---- | C] () -- C:\Documents and Settings\Neil Cobbold\My Documents\Brent Boris.doc
[2009/11/02 08:21:12 | 00,024,064 | ---- | C] () -- C:\Documents and Settings\Neil Cobbold\My Documents\Council List.doc
[2009/11/02 08:21:12 | 00,023,552 | ---- | C] () -- C:\Documents and Settings\Neil Cobbold\My Documents\Contact Problems.doc
[2009/11/02 08:21:12 | 00,023,040 | ---- | C] () -- C:\Documents and Settings\Neil Cobbold\My Documents\Background to Foundations.doc
[2009/11/02 08:21:12 | 00,022,192 | ---- | C] () -- C:\Documents and Settings\Neil Cobbold\My Documents\aqua_barbie_girl.mp3
[2009/11/02 08:21:12 | 00,022,016 | ---- | C] () -- C:\Documents and Settings\Neil Cobbold\My Documents\Credit Control End of Day.doc
[2009/11/02 08:21:12 | 00,022,016 | ---- | C] () -- C:\Documents and Settings\Neil Cobbold\My Documents\Cashflow End of Day.doc
[2009/11/02 08:21:12 | 00,020,242 | ---- | C] () -- C:\Documents and Settings\Neil Cobbold\My Documents\agents emails.xlsx
[2009/11/02 08:21:12 | 00,015,839 | ---- | C] () -- C:\Documents and Settings\Neil Cobbold\My Documents\Copy of sales sheet.xlsx
[2009/11/02 08:21:12 | 00,011,361 | ---- | C] () -- C:\Documents and Settings\Neil Cobbold\My Documents\Costings.xlsx
[2009/11/02 08:21:12 | 00,008,645 | ---- | C] () -- C:\Documents and Settings\Neil Cobbold\My Documents\Book1.xlsx
[2009/11/02 08:21:12 | 00,006,746 | ---- | C] () -- C:\Documents and Settings\Neil Cobbold\My Documents\Audio1.nra
[2009/11/02 08:21:11 | 03,236,864 | ---- | C] () -- C:\Documents and Settings\Neil Cobbold\My Documents\2009 Plexus Business Plan (2).doc
[2009/11/02 08:21:11 | 00,310,423 | ---- | C] () -- C:\Documents and Settings\Neil Cobbold\My Documents\7 Rowan Court.pdf
[2009/11/02 08:21:11 | 00,022,016 | ---- | C] () -- C:\Documents and Settings\Neil Cobbold\My Documents\Accounts End of Day.doc
[2009/11/02 08:20:33 | 00,336,429 | ---- | C] () -- C:\Documents and Settings\Neil Cobbold\My Documents\LoaderBackup-(2009-05-12).ipd
[2009/11/02 08:20:33 | 00,000,165 | -H-- | C] () -- C:\Documents and Settings\Neil Cobbold\My Documents\~$Hillingdonhomesjob.xlsx
[2009/11/02 08:20:33 | 00,000,162 | -H-- | C] () -- C:\Documents and Settings\Neil Cobbold\My Documents\~$y Update.doc
[2009/11/02 08:20:33 | 00,000,162 | -H-- | C] () -- C:\Documents and Settings\Neil Cobbold\My Documents\~$undations Company Let Opportunity.docx
[2009/11/02 08:20:33 | 00,000,162 | -H-- | C] () -- C:\Documents and Settings\Neil Cobbold\My Documents\~$uncil List.doc
[2009/11/02 08:20:33 | 00,000,162 | -H-- | C] () -- C:\Documents and Settings\Neil Cobbold\My Documents\~$signer London reseller price list.docx
[2009/11/02 08:20:33 | 00,000,162 | -H-- | C] () -- C:\Documents and Settings\Neil Cobbold\My Documents\~$RMS AND CONDITIONS FOR ADVERTISERS.docx
[2009/11/02 08:20:33 | 00,000,162 | -H-- | C] () -- C:\Documents and Settings\Neil Cobbold\My Documents\~$ril Update.doc
[2009/11/02 08:20:33 | 00,000,162 | -H-- | C] () -- C:\Documents and Settings\Neil Cobbold\My Documents\~$rformance Target Breakdown.doc
[2009/11/02 08:20:33 | 00,000,162 | -H-- | C] () -- C:\Documents and Settings\Neil Cobbold\My Documents\~$r reseller purchase Price List.docx
[2009/11/02 08:20:33 | 00,000,162 | -H-- | C] () -- C:\Documents and Settings\Neil Cobbold\My Documents\~$Page Business Plan.doc
[2009/11/02 08:20:33 | 00,000,162 | -H-- | C] () -- C:\Documents and Settings\Neil Cobbold\My Documents\~$out Plexus.doc
[2009/11/02 08:20:33 | 00,000,162 | -H-- | C] () -- C:\Documents and Settings\Neil Cobbold\My Documents\~$ont_Cover.doc
[2009/11/02 08:20:33 | 00,000,162 | -H-- | C] () -- C:\Documents and Settings\Neil Cobbold\My Documents\~$mpetitors.docx
[2009/11/02 08:20:33 | 00,000,162 | -H-- | C] () -- C:\Documents and Settings\Neil Cobbold\My Documents\~$mpany Organisational Chart.doc
[2009/11/02 08:20:33 | 00,000,162 | -H-- | C] () -- C:\Documents and Settings\Neil Cobbold\My Documents\~$mpany Let Agreement.doc
[2009/11/02 08:20:33 | 00,000,162 | -H-- | C] () -- C:\Documents and Settings\Neil Cobbold\My Documents\~$Mint.docx
[2009/11/02 08:20:33 | 00,000,162 | -H-- | C] () -- C:\Documents and Settings\Neil Cobbold\My Documents\~$ivate Company Letter.doc
[2009/11/02 08:20:33 | 00,000,162 | -H-- | C] () -- C:\Documents and Settings\Neil Cobbold\My Documents\~$inance.doc
[2009/11/02 08:20:33 | 00,000,162 | -H-- | C] () -- C:\Documents and Settings\Neil Cobbold\My Documents\~$exus Council Letter1 v2.doc
[2009/11/02 08:20:33 | 00,000,162 | -H-- | C] () -- C:\Documents and Settings\Neil Cobbold\My Documents\~$eting Key points.docx
[2009/11/02 08:20:33 | 00,000,162 | -H-- | C] () -- C:\Documents and Settings\Neil Cobbold\My Documents\~$arantor.doc
[2009/11/02 08:20:33 | 00,000,162 | -H-- | C] () -- C:\Documents and Settings\Neil Cobbold\My Documents\~$ar Boris.doc
[2009/11/02 08:20:33 | 00,000,162 | -H-- | C] () -- C:\Documents and Settings\Neil Cobbold\My Documents\~$anding and Promotional Projects.doc
[2009/11/02 08:20:33 | 00,000,162 | -H-- | C] () -- C:\Documents and Settings\Neil Cobbold\My Documents\~$ Do List.docx
[2009/11/01 12:10:49 | 00,029,696 | ---- | C] () -- C:\Documents and Settings\Neil Cobbold\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/11/01 12:04:25 | 00,002,561 | ---- | C] () -- C:\Documents and Settings\Neil Cobbold\Desktop\Microsoft Office Excel 2007.lnk
[2009/11/01 12:04:17 | 00,002,521 | ---- | C] () -- C:\Documents and Settings\Neil Cobbold\Desktop\Microsoft Office Outlook 2007.lnk
[2009/11/01 11:58:03 | 00,002,515 | ---- | C] () -- C:\Documents and Settings\Neil Cobbold\Desktop\Microsoft Office Word 2007.lnk
[2009/10/30 20:40:01 | 00,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2009/10/30 20:39:53 | 00,001,602 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2009/10/30 20:23:34 | 00,130,720 | ---- | C] () -- C:\WINDOWS\System32\nvModes.dat
[2009/10/30 20:23:34 | 00,130,720 | ---- | C] () -- C:\WINDOWS\System32\nvModes.001
[2009/10/30 20:23:15 | 00,134,756 | ---- | C] () -- C:\WINDOWS\System32\nvapps.xml
[2009/10/30 20:23:15 | 00,021,956 | ---- | C] () -- C:\WINDOWS\System32\nvwsapps.xml
[2009/10/30 20:23:13 | 00,017,527 | ---- | C] () -- C:\WINDOWS\System32\nvdisp.nvu
[2009/10/30 20:22:17 | 01,703,936 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2009/10/30 20:22:17 | 01,626,112 | ---- | C] () -- C:\WINDOWS\System32\nwiz.exe
[2009/10/30 20:22:17 | 01,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2009/10/30 20:22:16 | 00,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2009/10/30 20:22:16 | 00,073,728 | ---- | C] () -- C:\WINDOWS\System32\nvtuicpl.cpl
[2009/10/30 20:22:15 | 01,474,560 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2009/10/30 20:22:15 | 01,339,392 | ---- | C] () -- C:\WINDOWS\System32\nvdspsch.exe
[2009/10/30 20:22:14 | 00,442,368 | ---- | C] () -- C:\WINDOWS\System32\nvappbar.exe
[2009/10/30 20:22:13 | 00,425,984 | ---- | C] () -- C:\WINDOWS\System32\keystone.exe
[2009/10/30 18:22:08 | 00,000,682 | ---- | C] () -- C:\Documents and Settings\Neil Cobbold\Desktop\FlashGet.lnk
[2009/10/30 15:19:07 | 00,013,646 | ---- | C] () -- C:\WINDOWS\System32\wpa.bak
[2009/10/30 15:08:06 | 00,000,206 | ---- | C] () -- C:\WINDOWS\hbcikrnl.ini
[2009/10/30 15:00:23 | 00,016,480 | ---- | C] () -- C:\WINDOWS\System32\rixdicon.dll
[2009/10/30 14:58:57 | 00,000,162 | ---- | C] () -- C:\Documents and Settings\Neil Cobbold\default.pls
[2009/10/30 14:55:47 | 00,000,178 | -HS- | C] () -- C:\Documents and Settings\Neil Cobbold\ntuser.ini
[2009/10/30 14:55:45 | 03,145,728 | -H-- | C] () -- C:\Documents and Settings\Neil Cobbold\NTUSER.DAT
[2009/10/30 14:46:49 | 00,008,192 | ---- | C] () -- C:\WINDOWS\REGLOCS.OLD
[2009/10/30 14:45:24 | 00,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2009/10/30 14:39:13 | 00,034,638 | ---- | C] () -- C:\WINDOWS\WMPrfSLV.prx
[2009/10/30 14:36:43 | 00,039,348 | ---- | C] () -- C:\WINDOWS\WMPrfSKY.prx
[2009/10/30 14:33:40 | 00,316,640 | ---- | C] () -- C:\WINDOWS\WMSysPr9.prx
[2009/10/30 14:33:40 | 00,023,392 | ---- | C] () -- C:\WINDOWS\System32\nscompat.tlb
[2009/10/30 14:32:47 | 00,000,488 | RH-- | C] () -- C:\WINDOWS\System32\WindowsLogon.manifest
[2009/10/30 14:32:47 | 00,000,488 | RH-- | C] () -- C:\WINDOWS\System32\logonui.exe.manifest
[2009/10/30 14:32:42 | 00,000,749 | RH-- | C] () -- C:\WINDOWS\System32\wuaucpl.cpl.manifest
[2009/10/30 14:32:42 | 00,000,749 | RH-- | C] () -- C:\WINDOWS\WindowsShell.Manifest
[2009/10/30 14:32:42 | 00,000,749 | RH-- | C] () -- C:\WINDOWS\System32\sapi.cpl.manifest
[2009/10/30 14:32:42 | 00,000,749 | RH-- | C] () -- C:\WINDOWS\System32\nwc.cpl.manifest
[2009/10/30 14:32:42 | 00,000,749 | RH-- | C] () -- C:\WINDOWS\System32\ncpa.cpl.manifest
[2009/10/30 14:31:55 | 00,048,680 | -HS- | C] () -- C:\WINDOWS\winnt256.bmp
[2009/10/30 14:31:55 | 00,048,680 | -HS- | C] () -- C:\WINDOWS\winnt.bmp
[2009/10/30 14:30:36 | 00,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2009/10/30 14:29:47 | 00,009,522 | ---- | C] () -- C:\WINDOWS\Zapotec.bmp
[2009/10/30 14:29:46 | 00,065,978 | ---- | C] () -- C:\WINDOWS\Soap Bubbles.bmp
[2009/10/30 14:29:46 | 00,065,954 | ---- | C] () -- C:\WINDOWS\Prairie Wind.bmp
[2009/10/30 14:29:46 | 00,065,832 | ---- | C] () -- C:\WINDOWS\Santa Fe Stucco.bmp
[2009/10/30 14:29:46 | 00,026,680 | ---- | C] () -- C:\WINDOWS\River Sumida.bmp
[2009/10/30 14:29:46 | 00,026,582 | ---- | C] () -- C:\WINDOWS\Greenstone.bmp
[2009/10/30 14:29:46 | 00,017,362 | ---- | C] () -- C:\WINDOWS\Rhododendron.bmp
[2009/10/30 14:29:46 | 00,017,336 | ---- | C] () -- C:\WINDOWS\Gone Fishing.bmp
[2009/10/30 14:29:46 | 00,017,062 | ---- | C] () -- C:\WINDOWS\Coffee Bean.bmp
[2009/10/30 14:29:46 | 00,016,730 | ---- | C] () -- C:\WINDOWS\FeatherTexture.bmp
[2009/10/30 14:29:46 | 00,001,272 | ---- | C] () -- C:\WINDOWS\Blue Lace 16.bmp
[2009/10/30 14:29:45 | 00,093,702 | ---- | C] () -- C:\WINDOWS\System32\subrange.uce
[2009/10/30 14:29:45 | 00,060,458 | ---- | C] () -- C:\WINDOWS\System32\ideograf.uce
[2009/10/30 14:29:45 | 00,024,006 | ---- | C] () -- C:\WINDOWS\System32\gb2312.uce
[2009/10/30 14:29:45 | 00,016,740 | ---- | C] () -- C:\WINDOWS\System32\shiftjis.uce
[2009/10/30 14:29:45 | 00,012,876 | ---- | C] () -- C:\WINDOWS\System32\korean.uce
[2009/10/30 14:29:45 | 00,008,484 | ---- | C] () -- C:\WINDOWS\System32\kanji_2.uce
[2009/10/30 14:29:45 | 00,006,948 | ---- | C] () -- C:\WINDOWS\System32\kanji_1.uce
[2009/10/30 14:29:43 | 00,003,286 | ---- | C] () -- C:\WINDOWS\System32\tslabels.h
[2009/10/30 14:29:43 | 00,001,161 | ---- | C] () -- C:\WINDOWS\System32\usrlogon.cmd
[2009/10/30 14:29:42 | 00,000,768 | ---- | C] () -- C:\WINDOWS\System32\msdtcprf.h
[2009/10/30 14:29:35 | 00,063,488 | ---- | C] () -- C:\WINDOWS\System32\wmimgmt.msc
[2009/10/30 13:59:10 | 00,001,374 | ---- | C] () -- C:\WINDOWS\imsins.BAK
[2009/10/30 13:57:24 | 01,610,320 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2009/08/27 19:04:44 | 00,557,003 | ---- | C] () -- C:\WINDOWS\System32\libmplayer.dll
[2009/08/27 19:04:32 | 00,811,835 | ---- | C] () -- C:\WINDOWS\System32\ff_x264.dll
[2009/08/27 19:03:52 | 04,456,201 | ---- | C] () -- C:\WINDOWS\System32\libavcodec.dll
[2009/08/25 18:07:36 | 00,328,334 | ---- | C] () -- C:\WINDOWS\System32\ff_kernelDeint.dll
[2009/08/25 17:38:04 | 00,425,040 | ---- | C] () -- C:\WINDOWS\System32\TomsMoComp_ff.dll
[2009/08/25 16:56:56 | 00,829,781 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2009/08/25 16:37:02 | 00,146,098 | ---- | C] () -- C:\WINDOWS\System32\libmpeg2_ff.dll
[2009/06/12 08:04:18 | 00,192,512 | ---- | C] () -- C:\WINDOWS\System32\WinTab32.dll
[2009/06/02 17:15:44 | 00,113,152 | ---- | C] () -- C:\WINDOWS\System32\ff_unrar.dll
[2009/06/02 17:15:18 | 00,146,944 | ---- | C] () -- C:\WINDOWS\System32\ff_tremor.dll
[2009/06/02 17:15:04 | 00,183,296 | ---- | C] () -- C:\WINDOWS\System32\ff_samplerate.dll
[2009/06/02 17:14:56 | 00,178,688 | ---- | C] () -- C:\WINDOWS\System32\ff_libmad.dll
[2009/06/02 17:14:30 | 00,486,400 | ---- | C] () -- C:\WINDOWS\System32\ff_libfaad2.dll
[2009/06/02 17:13:58 | 00,257,024 | ---- | C] () -- C:\WINDOWS\System32\ff_libdts.dll
[2009/06/02 17:13:50 | 00,142,848 | ---- | C] () -- C:\WINDOWS\System32\ff_liba52.dll
[2009/06/02 17:11:26 | 00,098,304 | ---- | C] () -- C:\WINDOWS\System32\ff_wmv9.dll
[2009/06/02 17:11:16 | 00,085,504 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2009/01/10 22:17:32 | 00,163,840 | ---- | C] () -- C:\WINDOWS\System32\ts.dll
[2009/01/10 22:16:56 | 00,148,480 | ---- | C] () -- C:\WINDOWS\System32\mkx.dll
[2009/01/10 22:16:50 | 00,108,032 | ---- | C] () -- C:\WINDOWS\System32\avi.dll
[2009/01/10 22:16:14 | 00,141,312 | ---- | C] () -- C:\WINDOWS\System32\mp4.dll
[2009/01/10 22:15:54 | 00,120,832 | ---- | C] () -- C:\WINDOWS\System32\ogm.dll
[2009/01/10 22:15:44 | 00,159,744 | ---- | C] () -- C:\WINDOWS\System32\mmfinfo.dll
[2009/01/10 22:15:32 | 00,102,400 | ---- | C] () -- C:\WINDOWS\System32\avss.dll
[2009/01/10 22:15:28 | 00,246,784 | ---- | C] () -- C:\WINDOWS\System32\dxr.dll
[2009/01/10 22:15:12 | 00,097,280 | ---- | C] () -- C:\WINDOWS\System32\avs.dll
[2009/01/10 22:14:08 | 00,079,360 | ---- | C] () -- C:\WINDOWS\System32\mkzlib.dll
[2009/01/10 22:14:06 | 00,023,552 | ---- | C] () -- C:\WINDOWS\System32\mkunicode.dll
[2008/12/03 22:11:50 | 00,180,224 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2008/11/06 16:37:32 | 03,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2008/11/06 16:34:00 | 00,000,416 | ---- | C] () -- C:\WINDOWS\System32\dtu100.dll.manifest
[2007/10/13 09:30:20 | 00,000,137 | ---- | C] () -- C:\WINDOWS\System32\Registration.ini
[2007/09/27 10:51:02 | 00,020,698 | ---- | C] () -- C:\WINDOWS\System32\idxcntrs.ini
[2007/09/27 10:48:48 | 00,030,628 | ---- | C] () -- C:\WINDOWS\System32\gsrvctr.ini
[2007/09/27 10:48:28 | 00,031,698 | ---- | C] () -- C:\WINDOWS\System32\gthrctr.ini
[2007/07/10 17:10:12 | 00,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest
[2007/04/24 17:31:12 | 00,010,240 | ---- | C] () -- C:\WINDOWS\System32\ucinst32.dll
[2006/02/28 12:00:00 | 00,027,440 | ---- | C] () -- C:\WINDOWS\System32\drivers\secdrv.sys
[2002/02/27 10:41:28 | 00,024,576 | ---- | C] () -- C:\WINDOWS\System32\nsldappr32v50.dll
[2002/02/27 10:41:26 | 00,139,264 | ---- | C] () -- C:\WINDOWS\System32\nsldap32v50.dll
[2002/02/27 10:41:26 | 00,040,960 | ---- | C] () -- C:\WINDOWS\System32\nsldapssl32v50.dll
[2001/03/30 13:23:38 | 00,032,768 | RHS- | C] () -- C:\WINDOWS\System32\zsoftsh.dll

========== LOP Check ==========

[2009/12/11 12:44:13 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\avg9
[2009/12/11 12:11:47 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\boost_interprocess
[2009/11/26 11:13:04 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\launcher
[2009/11/27 13:47:29 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\OfficeRecovery
[2009/10/30 16:54:27 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Drivers HeadQuarters
[2009/11/28 16:24:39 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2009/11/05 14:14:41 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Neil Cobbold\Application Data\FileZilla
[2009/11/06 07:21:49 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Neil Cobbold\Application Data\Land Of Runes
[2009/11/27 17:25:29 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Neil Cobbold\Application Data\Multi File Downloader
[2009/12/11 12:11:18 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Neil Cobbold\Application Data\ntr
[2009/11/27 13:48:05 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Neil Cobbold\Application Data\OfficeRecovery
[2009/11/02 09:03:10 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Neil Cobbold\Application Data\Windows Desktop Search
[2009/11/02 08:53:43 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Neil Cobbold\Application Data\Windows Search
[2009/12/14 17:00:11 | 00,000,436 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{63813DF2-2BFC-49F4-AF8B-E149FE364323}.job

========== Purity Check ==========



========== Custom Scans ==========


< %SYSTEMDRIVE%\*.exe >
[2008/04/11 08:03:48 | 00,562,688 | ---- | M] (Microsoft Corporation) -- C:\install.exe


< MD5 for: ATAPI.SYS >
[2004/08/03 22:59:44 | 00,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\dllcache\atapi.sys
[2004/08/03 22:59:44 | 00,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\drivers\atapi.sys
[2006/02/28 12:00:00 | 00,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0002\DriverFiles\i386\atapi.sys

< MD5 for: EVENTLOG.DLL >
[2006/02/28 12:00:00 | 00,055,808 | ---- | M] (Microsoft Corporation) MD5=82B24CB70E5944E6E34662205A2A5B78 -- C:\WINDOWS\system32\dllcache\eventlog.dll
[2006/02/28 12:00:00 | 00,055,808 | ---- | M] (Microsoft Corporation) MD5=82B24CB70E5944E6E34662205A2A5B78 -- C:\WINDOWS\system32\eventlog.dll

< MD5 for: NETLOGON.DLL >
[2006/02/28 12:00:00 | 00,407,040 | ---- | M] (Microsoft Corporation) MD5=96353FCECBA774BB8DA74A1C6507015A -- C:\WINDOWS\system32\dllcache\netlogon.dll
[2006/02/28 12:00:00 | 00,407,040 | ---- | M] (Microsoft Corporation) MD5=96353FCECBA774BB8DA74A1C6507015A -- C:\WINDOWS\system32\netlogon.dll

< MD5 for: SCECLI.DLL >
[2006/02/28 12:00:00 | 00,180,224 | ---- | M] (Microsoft Corporation) MD5=0F78E27F563F2AAF74B91A49E2ABF19A -- C:\WINDOWS\system32\dllcache\scecli.dll
[2006/02/28 12:00:00 | 00,180,224 | ---- | M] (Microsoft Corporation) MD5=0F78E27F563F2AAF74B91A49E2ABF19A -- C:\WINDOWS\system32\scecli.dll

< %systemroot%\*. /mp /s >

< >
< End of report >

OTL Extras logfile created on: 14/12/2009 18:41:17 - Run 1
OTL by OldTimer - Version 3.1.17.0 Folder = C:\Documents and Settings\Neil Cobbold\Desktop
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

2.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 100.00% Memory free
4.00 Gb Paging File | 4.00 Gb Available in Paging File | 100.00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 93.16 Gb Total Space | 39.24 Gb Free Space | 42.12% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
Drive E: | 5.45 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: DESIGNER-A03BEB
Current User Name: Neil Cobbold
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 14 Days
Output = Standard
Quick Scan

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~2\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"26675:TCP" = 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"3703:TCP" = 3703:TCP:*:Enabled:Adobe Version Cue CS3 Server
"3704:TCP" = 3704:TCP:*:Enabled:Adobe Version Cue CS3 Server
"50900:TCP" = 50900:TCP:*:Enabled:Adobe Version Cue CS3 Server
"50901:TCP" = 50901:TCP:*:Enabled:Adobe Version Cue CS3 Server
"26675:TCP" = 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Program Files\Microsoft ActiveSync\rapimgr.exe" = C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager -- (Microsoft Corporation)
"C:\Program Files\Microsoft ActiveSync\wcescomm.exe" = C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager -- (Microsoft Corporation)
"C:\Program Files\Microsoft ActiveSync\WCESMgr.exe" = C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application -- (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Program Files\FlashGet\flashget.exe" = C:\Program Files\FlashGet\flashget.exe:*:Enabled:Flashget -- (FlashGet.com)
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE" = C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook -- (Microsoft Corporation)
"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE" = C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove -- (Microsoft Corporation)
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE" = C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote -- (Microsoft Corporation)
"C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe" = C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe:*:Enabled:Adobe Version Cue CS3 Server -- (Adobe Systems Incorporated)
"C:\Program Files\Skype\Plugin Manager\skypePM.exe" = C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager -- (Skype Technologies)
"C:\Program Files\Multi File Downloader\MultiFileDownloader.exe" = C:\Program Files\Multi File Downloader\MultiFileDownloader.exe:*:Disabled:Multi File Downloader -- File not found
"C:\Program Files\Bonjour\mDNSResponder.exe" = C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour -- (Apple Inc.)
"C:\Program Files\iTunes\iTunes.exe" = C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.)
"C:\Documents and Settings\Neil Cobbold\Local Settings\Temporary Internet Files\Content.IE5\37NH9EAD\NTRsupport_77196[1].exe" = C:\Documents and Settings\Neil Cobbold\Local Settings\Temporary Internet Files\Content.IE5\37NH9EAD\NTRsupport_77196[1].exe:*:Enabled:NTRsupport -- File not found
"C:\Documents and Settings\Neil Cobbold\Desktop\My Mobile\MyMobiler\MyMobiler.exe" = C:\Documents and Settings\Neil Cobbold\Desktop\My Mobile\MyMobiler\MyMobiler.exe:*:Enabled:My Mobile - My Mobiler -- ()
"C:\Program Files\Microsoft ActiveSync\rapimgr.exe" = C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager -- (Microsoft Corporation)
"C:\Program Files\Microsoft ActiveSync\wcescomm.exe" = C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager -- (Microsoft Corporation)
"C:\Program Files\Microsoft ActiveSync\WCESMgr.exe" = C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application -- (Microsoft Corporation)
"C:\Program Files\Skype\Phone\Skype.exe" = C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype -- (Skype Technologies S.A.)
"C:\Program Files\AVG\AVG9\avgam.exe" = C:\Program Files\AVG\AVG9\avgam.exe:*:Enabled:avgam.exe -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG9\avgdiagex.exe" = C:\Program Files\AVG\AVG9\avgdiagex.exe:*:Enabled:avgdiagex.exe -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG9\avgupd.exe" = C:\Program Files\AVG\AVG9\avgupd.exe:*:Enabled:avgupd.exe -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG9\avgnsx.exe" = C:\Program Files\AVG\AVG9\avgnsx.exe:*:Enabled:avgnsx.exe -- (AVG Technologies CZ, s.r.o.)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0046FA01-C5B9-4985-BACB-398DC480FC05}" = Adobe Photoshop CS3
"{0224CACC-994D-45F8-B973-D65056EA9C2F}" = Adobe XMP DVA Panels CS3
"{0327FA9D-975C-448C-A086-577D57BB25B8}" = Adobe Soundbooth CS3 Codecs
"{071B9AFA-EBE8-4ABF-8F4A-9F92612F517E}" = Broadcom ASF Management Applications
"{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting
"{0A951414-25D5-46EA-89CF-E273350FC25A}" = NppracoxUna
"{0C0BE272-6214-41D7-B4A3-421EA51D0A1D}" = Microsoft Windows XP Tablet PC Edition Development Kit Version 1.7
"{14081443-583A-4605-BB91-83D38ADAC939}" = Microsoft Windows XP Tablet PC Edition 2005 Recognizer Pack
"{1451DE6B-ABE1-4F62-BE9A-B363A17588A2}" = QuickTime
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}" = Adobe WinSoft Linguistics Plugin
"{193EAFD0-1BAF-4FB4-B18F-79D5D6A4B285}" = Adobe After Effects CS3 Presets
"{1B54FF9E-5FDD-11DE-8B01-005056C00008}" = Paragon Total Defrag™ 2010
"{1D58229F-C505-45CA-8223-F35F3A34B963}" = Adobe Version Cue CS3 Server
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26E1BFB0-E87E-4696-9F89-B467F01F81E5}" = Broadcom Advanced Control Suite
"{29E5EA97-5F74-4A57-B8B2-D4F169117183}" = Adobe Stock Photos CS3
"{2EFFFC71-1E66-454E-A6E6-CEEC800B96D2}" = Adobe Flash Video Encoder
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{38E15A1C-9C7C-4D8B-AA7A-1DD7BE30ADBB}" = Recovery for Excel
"{3FA365DF-2D68-45ED-8F83-8C8A33E65143}" = Apple Application Support
"{4458C442-7376-4CF9-AF58-E8CEA6722363}" = Adobe Setup
"{485ACF57-F364-440A-8496-E1E81C8FA1AA}" = Adobe Premiere Pro CS3 Third Party Content
"{50F102CA-4BE2-41A9-9810-5BB05EB91B9A}" = Adobe Premiere Pro CS3 Functional Content
"{541DEAC0-5F3D-45E6-B7CB-94ECF3B96748}" = Skype web features
"{54793AA1-5001-42F4-ABB6-C364617C6078}" = Adobe Linguistics CS3
"{54B2EAD9-A110-43F7-B010-2859A1BD2AFE}" = Adobe Encore CS3
"{585F07D1-C9F0-4848-BF57-BF63E13A3744}" = ViXEN Avixsys
"{58DCEEE5-532E-44F4-B1D7-A146EF9E9FDA}" = Adobe Premiere Pro CS3
"{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6ABE0BEE-D572-4FE8-B434-9E72A289431B}" = Adobe Fonts All
"{6B52140A-F189-4945-BFFC-DB3F00B8C589}" = Adobe Flash CS3
"{6B708481-748A-4EB4-97C1-CD386244FF77}" = Adobe MotionPicture Color Files
"{6BBAA81D-6A7E-43AD-8889-2F002DCAAFDD}" = AHV content for Acrobat and Flash
"{6D8D64BE-F500-55B6-705D-DFD08AFE0624}" = Acrobat.com
"{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}" = Adobe Asset Services CS3
"{7131646D-CD3C-40F4-97B9-CD9E4E6262EF}" = Microsoft .NET Framework 2.0
"{73B5D990-04EA-4751-B10F-5534770B91F2}" = Adobe Color EU Recommended Settings
"{7ACFB90E-8FD0-4397-AD3A-5195412623A3}" = Adobe Help Viewer CS3
"{7C10F5C7-F00F-4BD3-A110-C7D240D2DD25}" = Adobe Dreamweaver CS3
"{7DFC1012-D346-46CE-B03E-FF79125AE029}" = Adobe Fireworks CS3
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{845A8DB9-8802-4FD3-9FE3-938A6C46A2EC}" = Adobe Video Profiles
"{8718DC03-D066-4957-94E5-50C3C5042E8E}" = Adobe Creative Suite 3 Master Collection
"{88D422DB-E9C7-4E16-9D80-2999F4FD6AD9}" = Adobe Flash Player 9 Plugin
"{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3
"{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}" = Adobe Type Support
"{90120000-0010-0409-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (English) 12
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{CEA4C7D0-ABBE-4074-A488-173BB382CDFF}" =
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3
"{99052DB7-9592-4522-A558-5417BBAD48EE}" = Microsoft ActiveSync
"{99AA7E28-EE0F-4CB2-8C5B-3DD8FF42DD29}" = OZ776 SCR Driver V1.1.4.204
"{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3
"{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}" = Adobe CMaps
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A2D81E70-2A98-4A08-A628-94388B063C5E}" = Adobe Color - Photoshop Specific
"{A462213D-EED4-42C2-9A60-7BDD4D4B0B17}" = SigmaTel Audio
"{A6B23EFA-6590-482C-A11F-5ACE1B91F5B9}" = Adobe Soundbooth CS3
"{A6FDF86A-F541-4E7B-AEA0-8849A2A700D5}" = iTunes
"{AADEA55D-C834-4BCB-98A3-4B8D1C18F4EE}" = Apple Mobile Device Support
"{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}" = PDF Settings
"{AC76BA86-1033-0000-7760-000000000003}" = Adobe Acrobat 8 Professional
"{AC76BA86-7AD7-1033-7B44-A92000000001}" = Adobe Reader 9.2
"{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0
"{B671CBFD-4109-4D35-9252-3062D3CCB7B2}" = Adobe SING CS3
"{B73CFB12-C814-4638-AFFD-7E3AAFAF0B4E}" = Adobe BridgeTalk Plugin CS3
"{B7F54262-AB66-44B3-88BF-9FC69941B643}" = Broadcom Gigabit Integrated Controller
"{B8B7A4D8-80E1-4DAE-BD33-7FD535BA3931}" = Adobe Encore CS3 Codecs
"{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}" = Adobe Default Language CS3
"{BC4F8E84-5E29-49EC-B4E7-E6F9CB50986C}" = Adobe Flash Player 9 ActiveX
"{BE5F3842-8309-4754-92D5-83E02E6077A3}" = Adobe Extension Manager CS3
"{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}" = Adobe ExtendScript Toolkit 2
"{C5074CC4-0E26-4716-A307-960272A90040}" = QuickSet
"{C5BD220A-EFE8-48A5-B70E-9503D535FACE}" = Adobe WAS CS3
"{CB3F8375-B600-4B9F-83C9-238ED1E583FD}" = Adobe InDesign CS3
"{CEF17689-9BE3-41B5-90AF-CA97FA6FD99E}" = Vixensoft Diary/Avixsys Plugins
"{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.1
"{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}" = Adobe PDF Library Files
"{D5A31AB1-345D-47C7-A87B-036A669F6DF1}" = Adobe XMP Panels CS3
"{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}" = Adobe Color Common Settings
"{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}" = Adobe Color JA Extra Settings
"{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3
"{EA7B3CC4-366D-4CF6-8350-FD7A7034116E}" = Adobe InDesign CS3 Icon Handler
"{EB0202F7-016A-410C-ADE4-40F848CCC661}" = Adobe After Effects CS3
"{F08E8D2E-F132-4742-9C87-D5FF223A016A}" = Adobe Illustrator CS3
"{F22FD942-651D-4EE8-BD6F-7E0AF5E17625}" = Intel® PROSet/Wireless WiFi Software
"{FC9E08AA-CD59-4C59-BEF9-87E05B9E37D7}" = Adobe Contribute CS3
"{FF29A7E2-FF40-4D07-B7E4-2093DE59E10A}" = Adobe Color NA Extra Settings
"4569969E1360D2854474C661EF9B4D54F143EB16" = Windows Driver Package - Ricoh Company (rimsptsk) hdc (11/14/2006 6.00.01.04)
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe_4dcfd9b7e901b57f81f667144603236" = Add or Remove Adobe Creative Suite 3 Master Collection
"AVG9Uninstall" = AVG 9.0
"CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_14F100C3" = Conexant HDA D110 MDC V.92 Modem
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"D-i-v-X - AVI Codec Pack Pro" = D-i-v-X AVI Codec Pack Pro 2.4.0
"ENTERPRISE" = Microsoft Office Enterprise 2007
"ERUNT_is1" = ERUNT 1.1j
"FileZilla Client" = FileZilla Client 3.2.8.1
"Firebird ODBC Driver_is1" = Firebird ODBC Driver 1.2.0.69
"FlashGet" = FlashGet 1.9.6.1073
"ie8" = Windows Internet Explorer 8
"InstallShield_{99AA7E28-EE0F-4CB2-8C5B-3DD8FF42DD29}" = OZ776 SCR Driver V1.1.4.204
"Land Of Runes ." = Land Of Runes .
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Media Player - Codec Pack" = Media Player Codec Pack 3.8.0
"Microsoft .NET Framework 2.0" = Microsoft .NET Framework 2.0
"Mozilla Firefox (3.5.5)" = Mozilla Firefox (3.5.5)
"NVIDIA Drivers" = NVIDIA Drivers
"PenReader Desktop" = Paragon Software PenReader Desktop edition
"PowerISO" = PowerISO
"ProInst" = Intel PROSet Wireless
"Windows Essentials Media Codec Pack" = Windows Essentials Media Codec Pack 2.3d
"WinRAR archiver" = WinRAR archiver
"Xvid_is1" = Xvid 1.1.3 final uninstall

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"309a46b1dc89b774" = Dell Driver Download Manager

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 07/12/2009 11:37:28 | Computer Name = DESIGNER-A03BEB | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 07/12/2009 13:27:40 | Computer Name = DESIGNER-A03BEB | Source = AutoEnrollment | ID = 15
Description = Automatic certificate enrollment for local system failed to contact
the active directory (0x8007054b). The specified domain either does not exist
or could not be contacted. Enrollment will not be performed.

Error - 08/12/2009 03:46:51 | Computer Name = DESIGNER-A03BEB | Source = Userenv | ID = 1054
Description = Windows cannot obtain the domain controller name for your computer
network. (The specified domain either does not exist or could not be contacted.
). Group Policy processing aborted.

Error - 08/12/2009 03:48:06 | Computer Name = DESIGNER-A03BEB | Source = AutoEnrollment | ID = 15
Description = Automatic certificate enrollment for local system failed to contact
the active directory (0x8007054b). The specified domain either does not exist
or could not be contacted. Enrollment will not be performed.

Error - 08/12/2009 04:33:25 | Computer Name = DESIGNER-A03BEB | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 8.0.6001.18702, faulting
module jccatch.dll, version 1.8.4.1007, fault address 0x00007859.

Error - 08/12/2009 11:48:06 | Computer Name = DESIGNER-A03BEB | Source = AutoEnrollment | ID = 15
Description = Automatic certificate enrollment for local system failed to contact
the active directory (0x8007054b). The specified domain either does not exist
or could not be contacted. Enrollment will not be performed.

Error - 08/12/2009 12:39:20 | Computer Name = DESIGNER-A03BEB | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 09/12/2009 07:19:42 | Computer Name = DESIGNER-A03BEB | Source = AutoEnrollment | ID = 15
Description = Automatic certificate enrollment for local system failed to contact
the active directory (0x8007054b). The specified domain either does not exist
or could not be contacted. Enrollment will not be performed.

Error - 09/12/2009 07:27:17 | Computer Name = DESIGNER-A03BEB | Source = Userenv | ID = 1054
Description = Windows cannot obtain the domain controller name for your computer
network. (The specified domain either does not exist or could not be contacted.
). Group Policy processing aborted.

Error - 09/12/2009 07:28:27 | Computer Name = DESIGNER-A03BEB | Source = AutoEnrollment | ID = 15
Description = Automatic certificate enrollment for local system failed to contact
the active directory (0x8007054b). The specified domain either does not exist
or could not be contacted. Enrollment will not be performed.

[ OSession Events ]
Error - 02/11/2009 14:37:03 | Computer Name = DESIGNER-A03BEB | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 33339
seconds with 2820 seconds of active time. This session ended with a crash.

Error - 07/12/2009 08:09:51 | Computer Name = DESIGNER-A03BEB | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 60
seconds with 0 seconds of active time. This session ended with a crash.

[ System Events ]
Error - 25/11/2009 04:48:45 | Computer Name = DESIGNER-A03BEB | Source = W32Time | ID = 39452701
Description = The time provider NtpClient is configured to acquire time from one
or more time sources, however none of the sources are currently accessible. No attempt
to contact a source will be made for 29 minutes. NtpClient has no source of accurate
time.

Error - 25/11/2009 05:18:45 | Computer Name = DESIGNER-A03BEB | Source = W32Time | ID = 39452701
Description = The time provider NtpClient is configured to acquire time from one
or more time sources, however none of the sources are currently accessible. No attempt
to contact a source will be made for 59 minutes. NtpClient has no source of accurate
time.

Error - 25/11/2009 06:18:45 | Computer Name = DESIGNER-A03BEB | Source = W32Time | ID = 39452701
Description = The time provider NtpClient is configured to acquire time from one
or more time sources, however none of the sources are currently accessible. No attempt
to contact a source will be made for 119 minutes. NtpClient has no source of accurate
time.

Error - 25/11/2009 07:08:21 | Computer Name = DESIGNER-A03BEB | Source = W32Time | ID = 39452701
Description = The time provider NtpClient is configured to acquire time from one
or more time sources, however none of the sources are currently accessible. No attempt
to contact a source will be made for 14 minutes. NtpClient has no source of accurate
time.

Error - 25/11/2009 07:15:34 | Computer Name = DESIGNER-A03BEB | Source = NETLOGON | ID = 5719
Description = No Domain Controller is available for domain FOUNDATIONS due to the
following: %%1311. Make sure that the computer is connected to the network and try
again.
If the problem persists, please contact your domain administrator.

Error - 25/11/2009 07:15:42 | Computer Name = DESIGNER-A03BEB | Source = W32Time | ID = 39452701
Description = The time provider NtpClient is configured to acquire time from one
or more time sources, however none of the sources are currently accessible. No attempt
to contact a source will be made for 14 minutes. NtpClient has no source of accurate
time.

Error - 25/11/2009 07:27:25 | Computer Name = DESIGNER-A03BEB | Source = W32Time | ID = 39452701
Description = The time provider NtpClient is configured to acquire time from one
or more time sources, however none of the sources are currently accessible. No attempt
to contact a source will be made for 14 minutes. NtpClient has no source of accurate
time.

Error - 25/11/2009 16:57:38 | Computer Name = DESIGNER-A03BEB | Source = Dhcp | ID = 1002
Description = The IP address lease 192.168.1.6 for the Network Card with network
address 0019D24DD049 has been denied by the DHCP server 192.168.0.1 (The DHCP Server
sent a DHCPNACK message).

Error - 25/11/2009 16:57:41 | Computer Name = DESIGNER-A03BEB | Source = W32Time | ID = 39452701
Description = The time provider NtpClient is configured to acquire time from one
or more time sources, however none of the sources are currently accessible. No attempt
to contact a source will be made for 14 minutes. NtpClient has no source of accurate
time.

Error - 25/11/2009 16:57:43 | Computer Name = DESIGNER-A03BEB | Source = W32Time | ID = 39452701
Description = The time provider NtpClient is configured to acquire time from one
or more time sources, however none of the sources are currently accessible. No attempt
to contact a source will be made for 15 minutes. NtpClient has no source of accurate
time.


< End of report >

ROOTREPEAL © AD, 2007-2009
==================================================
Scan Start Time: 2009/12/14 18:39
Program Version: Version 1.3.5.0
Windows Version: Windows XP SP2
==================================================

Drivers
-------------------
Name: Aavmker4.SYS
Image Path: C:\WINDOWS\System32\Drivers\Aavmker4.SYS
Address: 0xBAC90000 Size: 19520 File Visible: No Signed: -
Status: -

Name: aswFsBlk.sys
Image Path: C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys
Address: 0xBAB60000 Size: 32768 File Visible: No Signed: -
Status: -

Name: aswMon2.SYS
Image Path: C:\WINDOWS\System32\Drivers\aswMon2.SYS
Address: 0xB6769000 Size: 87424 File Visible: No Signed: -
Status: -

Name: aswRdr.SYS
Image Path: C:\WINDOWS\System32\Drivers\aswRdr.SYS
Address: 0xB4D95000 Size: 15104 File Visible: No Signed: -
Status: -

Name: aswSP.SYS
Image Path: C:\WINDOWS\System32\Drivers\aswSP.SYS
Address: 0xB6DC8000 Size: 135168 File Visible: No Signed: -
Status: -

Name: aswTdi.SYS
Image Path: C:\WINDOWS\System32\Drivers\aswTdi.SYS
Address: 0xBAA28000 Size: 39104 File Visible: No Signed: -
Status: -

Name: dump_atapi.sys
Image Path: C:\WINDOWS\System32\Drivers\dump_atapi.sys
Address: 0xB6D88000 Size: 98304 File Visible: No Signed: -
Status: -

Name: dump_WMILIB.SYS
Image Path: C:\WINDOWS\System32\Drivers\dump_WMILIB.SYS
Address: 0xBADE2000 Size: 8192 File Visible: No Signed: -
Status: -

Name: rootrepeal.sys
Image Path: C:\WINDOWS\system32\drivers\rootrepeal.sys
Address: 0xB4553000 Size: 49152 File Visible: No Signed: -
Status: -

SSDT
-------------------
#: 025 Function Name: NtClose
Status: Hooked by "C:\WINDOWS\System32\Drivers\aswSP.SYS" at address 0xb6dd06b8

#: 041 Function Name: NtCreateKey
Status: Hooked by "C:\WINDOWS\System32\Drivers\aswSP.SYS" at address 0xb6dd0574

#: 065 Function Name: NtDeleteValueKey
Status: Hooked by "C:\WINDOWS\System32\Drivers\aswSP.SYS" at address 0xb6dd0a52

#: 068 Function Name: NtDuplicateObject
Status: Hooked by "C:\WINDOWS\System32\Drivers\aswSP.SYS" at address 0xb6dd014c

#: 119 Function Name: NtOpenKey
Status: Hooked by "C:\WINDOWS\System32\Drivers\aswSP.SYS" at address 0xb6dd064e

#: 122 Function Name: NtOpenProcess
Status: Hooked by "C:\Program Files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_XP\AVGIDSShim.sys" at address 0xbaba9470

#: 128 Function Name: NtOpenThread
Status: Hooked by "C:\WINDOWS\System32\Drivers\aswSP.SYS" at address 0xb6dd00f0

#: 177 Function Name: NtQueryValueKey
Status: Hooked by "C:\WINDOWS\System32\Drivers\aswSP.SYS" at address 0xb6dd076e

#: 204 Function Name: NtRestoreKey
Status: Hooked by "C:\WINDOWS\System32\Drivers\aswSP.SYS" at address 0xb6dd072e

#: 247 Function Name: NtSetValueKey
Status: Hooked by "C:\WINDOWS\System32\Drivers\aswSP.SYS" at address 0xb6dd08ae

#: 257 Function Name: NtTerminateProcess
Status: Hooked by "C:\Program Files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_XP\AVGIDSShim.sys" at address 0xbaba9520

#: 258 Function Name: NtTerminateThread
Status: Hooked by "C:\Program Files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_XP\AVGIDSShim.sys" at address 0xbaba95c0

#: 277 Function Name: NtWriteVirtualMemory
Status: Hooked by "C:\Program Files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_XP\AVGIDSShim.sys" at address 0xbaba9660

==EOF==
  • 0

Advertisements


#2
neemim

neemim

    New Member

  • Topic Starter
  • Member
  • Pip
  • 2 posts
Problem fixed. was able to access site in safe mode. so added to ingnore list in malwarebytes and disabled IE addons and it works. AVG ran with tracing cookies ticked and it found 123 trackie cookies and these stopped the popups.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP