http://dl.dropbox.co...7, 20 15 24.jpg
If you cannot read it, it basically is saying that my computer has been locked due illegal being viewed, and that if I am to re-gain use of my computer, I need to pay a £100 fine.
I am still able to Ctrl-Alt-Del out of it and access Task Manager, but I was unable to see any out of the ordinary processes, and when I shut-down the computer I briefly see my desktop before the Shutting Down screen appears.
I booted up in Safe Mode with no problems, and ran OTL as you specified.
-------------------
OTL logfile created on: 27/12/2011 20:31:34 - Run 3
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Deborah\Desktop
Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy
3.00 Gb Total Physical Memory | 2.43 Gb Available Physical Memory | 80.95% Memory free
5.99 Gb Paging File | 5.47 Gb Available in Paging File | 91.30% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 455.69 Gb Total Space | 293.47 Gb Free Space | 64.40% Space Free | Partition Type: NTFS
Drive D: | 10.00 Gb Total Space | 6.03 Gb Free Space | 60.27% Space Free | Partition Type: NTFS
Computer Name: DEBORAH-PC | User Name: Deborah | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Users\Deborah\Desktop\OTL.scr (OldTimer Tools)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
========== Modules (No Company Name) ==========
MOD - C:\Windows\System32\Macromed\Flash\NPSWF32.dll ()
MOD - C:\Program Files\Mozilla Firefox\mozjs.dll ()
========== Win32 Services (SafeList) ==========
SRV - (RapportMgmtService) -- C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe (Trusteer Ltd.)
SRV - (AVGIDSAgent) -- C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe (AVG Technologies CZ, s.r.o.)
SRV - (ServiceLayer) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe (Nokia)
SRV - (AVG Security Toolbar Service) -- C:\Program Files\AVG\AVG10\Toolbar\ToolbarBroker.exe ()
SRV - (avgfws) -- C:\Program Files\AVG\AVG10\avgfws.exe (AVG Technologies CZ, s.r.o.)
SRV - (avgwd) -- C:\Program Files\AVG\AVG10\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
SRV - (AMD External Events Utility) -- C:\Windows\System32\atiesrxx.exe (AMD)
SRV - (PCToolsSSDMonitorSvc) -- C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe (PC Tools)
SRV - (WatAdminSvc) -- C:\Windows\System32\Wat\WatAdminSvc.exe (Microsoft Corporation)
SRV - (uagqecsvc) -- C:\Program Files\Microsoft Forefront UAG\Endpoint Components\3.1.0\uagqecsvc.exe (Microsoft ® Corporation)
SRV - (McComponentHostService) -- C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe (McAfee, Inc.)
SRV - (LVPrcSrv) -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe (Logitech Inc.)
SRV - (TomTomHOMEService) -- C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe (TomTom)
SRV - (MSCamSvc) -- C:\Program Files\Microsoft LifeCam\MSCamS32.exe (Microsoft Corporation)
SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (sprtsvc_dellsupportcenter) SupportSoft Sprocket Service (dellsupportcenter) -- C:\Program Files\Dell Support Center\bin\sprtsvc.exe (SupportSoft, Inc.)
SRV - (GoToAssist) -- C:\Program Files\Citrix\GoToAssist\514\g2aservice.exe (Citrix Online, a division of Citrix Systems, Inc.)
SRV - (DockLoginService) -- C:\Program Files\Dell\DellDock\DockLogin.exe (Stardock Corporation)
SRV - (lxdi_device) -- C:\Windows\System32\lxdicoms.exe ( )
SRV - (LtcyCfgSvc) -- C:\Program Files\PCI Latency Tool 3\LtcyCfgSvc.exe ()
========== Driver Services (SafeList) ==========
DRV - (RapportCerberus_34302) -- C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\34302\RapportCerberus32_34302.sys ()
DRV - (RapportEI) -- C:\Program Files\Trusteer\Rapport\bin\RapportEI.sys (Trusteer Ltd.)
DRV - (RapportPG) -- C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys (Trusteer Ltd.)
DRV - (RapportKELL) -- C:\Windows\System32\Drivers\RapportKELL.sys (Trusteer Ltd.)
DRV - (Avgldx86) -- C:\Windows\System32\drivers\avgldx86.sys (AVG Technologies CZ, s.r.o.)
DRV - (sptd) -- C:\Windows\System32\Drivers\sptd.sys (Duplex Secure Ltd.)
DRV - (Avgtdix) -- C:\Windows\System32\drivers\avgtdix.sys (AVG Technologies CZ, s.r.o.)
DRV - (LADF_SBVM) -- C:\Windows\System32\drivers\ladfSBVMi386.sys (Logitech)
DRV - (LADF_DHP2) -- C:\Windows\System32\drivers\ladfDHP2i386.sys (Logitech)
DRV - (AVGIDSEH) -- C:\Windows\system32\DRIVERS\AVGIDSEH.Sys (AVG Technologies CZ, s.r.o. )
DRV - (Avgmfx86) -- C:\Windows\System32\drivers\avgmfx86.sys (AVG Technologies CZ, s.r.o.)
DRV - (Avgrkx86) -- C:\Windows\system32\DRIVERS\avgrkx86.sys (AVG Technologies CZ, s.r.o.)
DRV - (atikmdag) -- C:\Windows\System32\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV - (amdkmdag) -- C:\Windows\System32\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV - (amdkmdap) -- C:\Windows\System32\drivers\atikmpag.sys (Advanced Micro Devices, Inc.)
DRV - (AVGIDSShim) -- C:\Windows\System32\drivers\AVGIDSShim.sys (AVG Technologies CZ, s.r.o. )
DRV - (AVGIDSDriver) -- C:\Windows\System32\drivers\AVGIDSDriver.sys (AVG Technologies CZ, s.r.o. )
DRV - (AVGIDSFilter) -- C:\Windows\System32\drivers\AVGIDSFilter.sys (AVG Technologies CZ, s.r.o. )
DRV - (Avgfwfd) -- C:\Windows\System32\drivers\avgfwd6x.sys (AVG Technologies CZ, s.r.o.)
DRV - (hamachi) -- C:\Windows\System32\drivers\hamachi.sys (LogMeIn, Inc.)
DRV - (TPkd) -- C:\Windows\System32\drivers\TPkd.sys (PACE Anti-Piracy, Inc.)
DRV - (SCREAMINGBDRIVER) -- C:\Windows\System32\drivers\ScreamingBAudio.sys (Screaming Bee LLC)
DRV - (RTL8187B) -- C:\Windows\System32\drivers\wg111v3.sys (NETGEAR Inc. )
DRV - (LVUVC) Logitech QuickCam Ultra Vision(UVC) -- C:\Windows\System32\drivers\lvuvc.sys (Logitech Inc.)
DRV - (LVRS) -- C:\Windows\System32\drivers\lvrs.sys (Logitech Inc.)
DRV - (lvpopflt) -- C:\Windows\System32\drivers\lvpopflt.sys (Logitech Inc.)
DRV - (LVPr2Mon) -- C:\Windows\System32\drivers\LVPr2Mon.sys ()
DRV - (VX6000) -- C:\Windows\System32\drivers\VX6000Xp.sys (Microsoft Corporation
)
DRV - (vwifimp) -- C:\Windows\System32\drivers\vwifimp.sys (Microsoft Corporation)
DRV - (WinUsb) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation)
DRV - (e1express) Intel® -- C:\Windows\System32\drivers\e1e6032.sys (Intel Corporation)
DRV - (MREMP50) -- C:\Program Files\Common Files\Motive\MREMP50.sys (Printing Communications Assoc., Inc. (PCAUSA))
DRV - (MRESP50) -- C:\Program Files\Common Files\Motive\MRESP50.sys (Printing Communications Assoc., Inc. (PCAUSA))
DRV - (pccsmcfd) -- C:\Windows\System32\drivers\pccsmcfd.sys (Nokia)
DRV - (LVUSBSta) -- C:\Windows\System32\drivers\LVUSBSta.sys (Logitech Inc.)
DRV - (PID_PEPI) Logitech QuickCam IM(PID_PEPI) -- C:\Windows\System32\drivers\LV302V32.SYS (Logitech Inc.)
DRV - (pepifilter) -- C:\Windows\System32\drivers\lv302af.sys (Logitech Inc.)
DRV - (SaiK0728) -- C:\Windows\System32\drivers\SaiK0728.sys (Saitek)
DRV - (SiBulk) -- C:\Windows\System32\drivers\EsonicBulk.sys (Silicon Laboratories)
DRV - (TarFltr) -- C:\Windows\System32\drivers\UsbFltr.sys (Razer USA Ltd.)
DRV - (whfltr2k) -- C:\Windows\System32\drivers\whfltr2k.sys ()
DRV - (LtcyCfgWDM) -- C:\Windows\System32\drivers\LtcyCfgWDM.sys ()
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.co...=uk&ibd=1080718
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://inboxtoolbar....tb_id&%language
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.inbox.com...id=80150&lng=en
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {D3D233D5-9F6D-436C-B6C7-E63F77503B30} - C:\Program Files\Inbox Toolbar\Inbox.dll (Inbox.com, Inc.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "Google"
FF - prefs.js..browser.search.defaulturl: "http://search.yahoo....fr=ytff-ybf&p="
FF - prefs.js..browser.search.order.1: "Crawler Search"
FF - prefs.js..browser.search.param.yahoo-fr: "moz2-ytff-ybf"
FF - prefs.js..browser.search.param.yahoo-fr-cjkt: "moz2-ytff-ybf"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.google.co.uk/"
FF - prefs.js..extensions.enabledItems: {a2880346-35bb-45bb-9190-eedb49c132c5}:1.300.306
FF - prefs.js..extensions.enabledItems: {D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}:0.9.7
FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:1.0
FF - prefs.js..extensions.enabledItems: {53A03D43-5363-4669-8190-99061B2DEBA5}:1.3.7
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:4.2.0.5198
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {3f963a5b-e555-4543-90e2-c3908898db71}:10.0.0.1178
FF - prefs.js..extensions.enabledItems: avg@igeared:6.103.018.001
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..keyword.URL: "http://search.avg.co...k&lng=en-GB&q="
FF - prefs.js..network.proxy.http: "127.0.0.1"
FF - prefs.js..network.proxy.http_port: 8118
FF - prefs.js..network.proxy.ssl: "127.0.0.1"
FF - prefs.js..network.proxy.ssl_port: 8118
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: File not found
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@idsoftware.com/QuakeLive: C:\ProgramData\id Software\QuakeLive\npquakezero.dll (id Software Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.450: c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=1.0.3.448: c:\program files\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.448: c:\program files\real\realplayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKCU\Software\MozillaPlugins\@onlive.com/OnLiveGameClientDetector,version=1.0.0: C:\Program Files\OnLive\Plugin\npolgdet.dll File not found
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\Deborah\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\Program Files\AVG\AVG10\Firefox\ [2011/02/10 08:52:53 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\avg@igeared: C:\Program Files\AVG\AVG10\Toolbar\Firefox\avg@igeared [2011/03/25 16:22:05 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011/12/19 19:26:21 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/11/13 08:42:46 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/10/29 20:44:04 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 3.0.11\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2011/10/29 20:44:04 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011/12/19 19:26:21 | 000,000,000 | ---D | M]
[2010/05/03 11:12:11 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Deborah\AppData\Roaming\Mozilla\Extensions
[2010/05/03 11:12:11 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Deborah\AppData\Roaming\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2009/07/05 13:55:55 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Deborah\AppData\Roaming\Mozilla\Extensions\[email protected]
[2011/12/23 10:42:04 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Deborah\AppData\Roaming\Mozilla\Firefox\Profiles\lcbkhoyn.default\extensions
[2010/07/23 06:49:01 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Deborah\AppData\Roaming\Mozilla\Firefox\Profiles\lcbkhoyn.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011/06/02 08:44:33 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Users\Deborah\AppData\Roaming\Mozilla\Firefox\Profiles\lcbkhoyn.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2010/01/31 00:24:41 | 000,000,000 | ---D | M] (CoolChaser Layout Auto Insert) -- C:\Users\Deborah\AppData\Roaming\Mozilla\Firefox\Profiles\lcbkhoyn.default\extensions\{a2880346-35bb-45bb-9190-eedb49c132c5}
[2011/11/18 17:25:06 | 000,000,000 | ---D | M] (Battlefield Heroes Updater) -- C:\Users\Deborah\AppData\Roaming\Mozilla\Firefox\Profiles\lcbkhoyn.default\extensions\[email protected]
[2011/12/23 10:00:56 | 000,000,000 | ---D | M] ("Inbox Toolbar") -- C:\Users\Deborah\AppData\Roaming\Mozilla\Firefox\Profiles\lcbkhoyn.default\extensions\[email protected]
[2011/04/01 20:24:04 | 000,002,292 | ---- | M] () -- C:\Users\Deborah\AppData\Roaming\Mozilla\Firefox\Profiles\lcbkhoyn.default\searchplugins\inbox-search.xml
[2010/01/31 00:25:00 | 000,001,753 | ---- | M] () -- C:\Users\Deborah\AppData\Roaming\Mozilla\Firefox\Profiles\lcbkhoyn.default\searchplugins\search-the-web.xml
[2011/12/23 10:02:53 | 000,001,524 | ---- | M] () -- C:\Users\Deborah\AppData\Roaming\Mozilla\Firefox\Profiles\lcbkhoyn.default\searchplugins\swagbuckscom.xml
[2011/11/13 08:42:55 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011/10/22 17:26:29 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2011/11/13 08:42:46 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011/05/04 03:52:23 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2011/10/03 15:12:23 | 000,001,538 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-en-GB.xml
[2011/10/03 15:12:23 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2011/10/03 15:12:23 | 000,000,947 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\chambers-en-GB.xml
[2007/07/26 12:05:16 | 000,001,329 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\crawlersrch.xml
[2011/10/03 15:12:23 | 000,001,180 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-en-GB.xml
[2011/10/03 15:12:23 | 000,001,135 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-en-GB.xml
========== Chrome ==========
CHR - default_search_provider: Google ()
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?client=chrome&hl={language}&q={searchTerms}
O1 HOSTS File: ([2010/05/07 20:15:39 | 000,000,098 | ---- | M]) - C:\Windows\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Yahoo! Toolbar Helper) - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - c:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG10\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (AVG Security Toolbar BHO) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll ()
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll (Dell Inc.)
O2 - BHO: (Inbox Toolbar) - {D3D233D5-9F6D-436C-B6C7-E63F77503B30} - C:\Program Files\Inbox Toolbar\Inbox.dll (Inbox.com, Inc.)
O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll ()
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (&Inbox Toolbar) - {D7E97865-918F-41E4-9CD0-25AB1C574CE8} - C:\Program Files\Inbox Toolbar\Inbox.dll (Inbox.com, Inc.)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKCU\..\Toolbar\WebBrowser: (&Inbox Toolbar) - {D7E97865-918F-41E4-9CD0-25AB1C574CE8} - C:\Program Files\Inbox Toolbar\Inbox.dll (Inbox.com, Inc.)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [ATICustomerCare] C:\Program Files\ATI\ATICustomerCare\ATICustomerCare.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG10\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [btbb_McciTrayApp] C:\Program Files\BT Broadband Desktop Help\btbb\BTHelpNotifier.exe (Motive Communications, Inc.)
O4 - HKLM..\Run: [DellSupportCenter] C:\Program Files\Dell Support Center\bin\sprtcmd.exe (SupportSoft, Inc.)
O4 - HKLM..\Run: [dscactivate] C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe ( )
O4 - HKLM..\Run: [LifeCam] C:\Program Files\Microsoft LifeCam\LifeExp.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Logitech G35] C:\Program Files\Logitech\G35\G35.exe (Logitech©)
O4 - HKLM..\Run: [LogitechQuickCamRibbon] C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe ()
O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [SSDMonitor] C:\Program Files\Common Files\PC Tools\sMonitor\SSDMonitor.exe (PC Tools)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [VX6000] C:\Windows\vVX6000.exe (Microsoft Corporation
)
O4 - HKLM..\Run: [WheelMouse] C:\Stinger Mouse Driver\wh_exec.exe ()
O4 - HKCU..\Run: [] File not found
O4 - HKCU..\Run: [DellSupportCenter] C:\Program Files\Dell Support Center\bin\sprtcmd.exe (SupportSoft, Inc.)
O4 - HKCU..\Run: [Facebook Update] C:\Users\Deborah\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
O4 - HKCU..\Run: [gStart] C:\Garmin\gStart.exe (GARMIN Corp.)
O4 - HKCU..\Run: [TomTomHOME.exe] C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe (TomTom)
F3 - HKCU WinNT: Load - (C:\Users\Deborah\AppData\Local\Temp\D4E5D80EA8CCAD4CEFFB.exe) -C:\Users\Deborah\AppData\Local\Temp\D4E5D80EA8CCAD4CEFFB.exe (Movi Ucynetud)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 223
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegedit = 1
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html File not found
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: localhost ([]http in Local intranet)
O15 - HKCU\..Trusted Ranges: GD ([http] in Local intranet)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\Yinsthelper.dll (Installation Support)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {8D9563A9-8D5F-459B-87F2-BA842255CB9A} https://portal.sefto.../WhlCompMgr.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_05)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{440C48B4-5D11-4CD6-813E-20CBCD4E5072}: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E636149E-6F81-4A0D-A30F-D4D15E2C4B1A}: DhcpNameServer = 192.168.1.254
O18 - Protocol\Handler\avgsecuritytoolbar {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll ()
O18 - Protocol\Handler\inbox {37540F19-DD4C-478B-B2DF-C19281BCAF27} - C:\Program Files\Inbox Toolbar\Inbox.dll (Inbox.com, Inc.)
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG10\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Filter\application/x-internet-signup {A173B69A-1F9B-4823-9FDA-412F641E65D6} - C:\Program Files\Tiscali\Tiscali Internet\dlls\tiscalifilter.dll ()
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~1\GO36F4~1.DLL) -C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) -C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - Winlogon\Notify\GoToAssist: DllName - (C:\Program Files\Citrix\GoToAssist\514\G2AWinLogon.dll) - C:\Program Files\Citrix\GoToAssist\514\g2awinlogon.dll (Citrix Online, a division of Citrix Systems, Inc.)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O22 - SharedTaskScheduler: {5FF49FE8-B332-4CB9-B102-FB6951629E55} - Virtual Storage Mount Notification - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 21:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{1b82a3ae-ff90-11df-9cb4-001ec9679b82}\Shell - "" = AutoRun
O33 - MountPoints2\{1b82a3ae-ff90-11df-9cb4-001ec9679b82}\Shell\AutoRun\command - "" = F:\setup.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2011/12/27 20:31:27 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\Deborah\Desktop\OTL.scr
[2011/12/27 20:27:25 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\Deborah\Desktop\OTL.exe
[2011/12/27 18:35:02 | 000,000,000 | ---D | C] -- C:\Users\Deborah\AppData\Roaming\Malwarebytes
[2011/12/23 08:53:04 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Homework
[2011/12/19 19:25:25 | 000,000,000 | ---D | C] -- C:\ProgramData\HP Product Assistant
[2011/12/19 19:24:02 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\HP
[2011/12/17 20:32:56 | 000,000,000 | ---D | C] -- C:\Users\Deborah\AppData\Local\Adam_Reece
[2011/12/16 17:34:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UKCS Connect Plugins
[2011/12/12 22:10:32 | 000,000,000 | ---D | C] -- C:\Users\Deborah\Desktop\screens
[2011/12/10 14:06:45 | 000,000,000 | ---D | C] -- C:\Program Files\UKCS Connect Plugins
[2011/12/10 14:06:25 | 000,000,000 | ---D | C] -- C:\UKCS_Temp
[2011/12/09 19:16:04 | 000,000,000 | ---D | C] -- C:\Users\Deborah\Desktop\phongless
[2011/12/02 21:35:45 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Facade
[2011/12/02 17:59:55 | 000,000,000 | ---D | C] -- C:\Users\Deborah\Desktop\redsn0w_win_0.9.6b5
[2011/11/30 18:31:34 | 000,000,000 | ---D | C] -- C:\Users\Deborah\Desktop\Sumotori Dreams
[2011/11/30 13:03:52 | 000,000,000 | ---D | C] -- C:\Users\Deborah\AppData\Roaming\Registry Mechanic
[2011/11/29 20:22:52 | 000,000,000 | ---D | C] -- C:\Users\Deborah\AppData\Local\Facebook
[2011/11/29 20:22:38 | 000,493,520 | ---- | C] (Facebook Inc.) -- C:\Users\Deborah\Desktop\FacebookVideoCallSetup_v1.2.203.0.exe
[2007/06/11 15:14:54 | 000,320,432 | ---- | C] ( ) -- C:\Windows\System32\lxdiih.exe
[2007/06/11 15:14:52 | 000,517,040 | ---- | C] ( ) -- C:\Windows\System32\lxdicoms.exe
[2007/06/11 15:14:50 | 000,340,912 | ---- | C] ( ) -- C:\Windows\System32\lxdicfg.exe
[2007/05/17 16:06:54 | 000,614,400 | ---- | C] ( ) -- C:\Windows\System32\lxdipmui.dll
[2007/05/17 16:05:36 | 001,187,840 | ---- | C] ( ) -- C:\Windows\System32\lxdiserv.dll
[2007/05/17 16:00:54 | 000,360,448 | ---- | C] ( ) -- C:\Windows\System32\lxdicomm.dll
[2007/05/17 16:00:50 | 000,532,480 | ---- | C] ( ) -- C:\Windows\System32\lxdilmpm.dll
[2007/05/17 16:00:08 | 000,671,744 | ---- | C] ( ) -- C:\Windows\System32\lxdihbn3.dll
[2007/05/17 15:58:54 | 000,053,248 | ---- | C] ( ) -- C:\Windows\System32\lxdipplc.dll
[2007/05/17 15:58:38 | 000,942,080 | ---- | C] ( ) -- C:\Windows\System32\lxdiusb1.dll
[2007/05/17 15:58:12 | 000,765,952 | ---- | C] ( ) -- C:\Windows\System32\lxdicomc.dll
[2007/05/17 15:55:16 | 000,339,968 | ---- | C] ( ) -- C:\Windows\System32\lxdiiesc.dll
[2007/05/17 15:55:12 | 000,356,352 | ---- | C] ( ) -- C:\Windows\System32\lxdiinpa.dll
[2007/05/17 15:54:16 | 000,053,248 | ---- | C] ( ) -- C:\Windows\System32\lxdiprox.dll
[1 C:\Program Files\*.tmp files -> C:\Program Files\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2011/12/27 20:31:27 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Deborah\Desktop\OTL.scr
[2011/12/27 20:27:26 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Deborah\Desktop\OTL.exe
[2011/12/27 20:26:05 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/12/27 20:25:53 | 2414,481,408 | -HS- | M] () -- C:\hiberfil.sys
[2011/12/27 20:24:33 | 000,000,000 | ---- | M] () -- C:\Windows\System32\drivers\lvuvc.hs
[2011/12/27 20:18:51 | 000,009,728 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011/12/27 20:18:51 | 000,009,728 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011/12/27 18:34:09 | 000,458,064 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2011/12/27 18:28:00 | 000,000,902 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3544165439-1176164352-1535213105-1001UA.job
[2011/12/27 17:28:01 | 000,000,936 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3544165439-1176164352-1535213105-1000UA.job
[2011/12/27 07:24:00 | 141,583,922 | ---- | M] () -- C:\Windows\System32\drivers\AVG\incavi.avm
[2011/12/26 20:28:00 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3544165439-1176164352-1535213105-1000Core.job
[2011/12/26 19:28:00 | 000,000,850 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3544165439-1176164352-1535213105-1001Core.job
[2011/12/26 19:00:00 | 000,000,252 | ---- | M] () -- C:\Windows\tasks\RMSchedule.job
[2011/12/24 14:14:46 | 001,402,226 | ---- | M] () -- C:\Users\Deborah\Desktop\meet_the_christmas.jpg
[2011/12/24 07:23:56 | 000,620,194 | ---- | M] () -- C:\Windows\System32\drivers\AVG\iavifw.avm
[2011/12/19 19:34:03 | 000,197,206 | ---- | M] () -- C:\Windows\hpoins30.dat
[2011/12/19 19:31:08 | 000,628,024 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011/12/19 19:31:08 | 000,110,208 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011/12/19 19:26:07 | 000,002,127 | ---- | M] () -- C:\Users\Public\Desktop\HP Photosmart Essential 3.5.lnk
[2011/12/19 19:25:45 | 000,001,121 | ---- | M] () -- C:\Users\Public\Desktop\Shop for HP Supplies.lnk
[2011/12/19 19:25:21 | 000,001,275 | ---- | M] () -- C:\Users\Public\Desktop\HP Solution Center.lnk
[2011/12/19 19:24:54 | 000,002,071 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
[2011/12/02 18:06:40 | 578,084,840 | ---- | M] () -- C:\Users\Deborah\Desktop\iPad1,1_4.2.1_8C148_Restore.ipsw
[2011/12/01 22:06:42 | 000,608,256 | ---- | M] () -- C:\Users\Deborah\Desktop\blackra1n.exe
[2011/11/29 20:22:42 | 000,493,520 | ---- | M] (Facebook Inc.) -- C:\Users\Deborah\Desktop\FacebookVideoCallSetup_v1.2.203.0.exe
[2011/11/29 07:07:42 | 003,584,014 | ---- | M] () -- C:\Users\Deborah\Desktop\MATHS.pdf
[1 C:\Program Files\*.tmp files -> C:\Program Files\*.tmp -> ]
========== Files Created - No Company Name ==========
[2011/12/24 14:14:45 | 001,402,226 | ---- | C] () -- C:\Users\Deborah\Desktop\meet_the_christmas.jpg
[2011/12/19 19:26:07 | 000,002,127 | ---- | C] () -- C:\Users\Public\Desktop\HP Photosmart Essential 3.5.lnk
[2011/12/19 19:25:45 | 000,001,121 | ---- | C] () -- C:\Users\Public\Desktop\Shop for HP Supplies.lnk
[2011/12/19 19:25:21 | 000,001,275 | ---- | C] () -- C:\Users\Public\Desktop\HP Solution Center.lnk
[2011/12/19 19:24:54 | 000,002,071 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
[2011/12/19 19:22:33 | 000,197,206 | ---- | C] () -- C:\Windows\hpoins30.dat
[2011/12/19 19:22:33 | 000,000,587 | ---- | C] () -- C:\Windows\hpomdl30.dat
[2011/12/02 18:02:44 | 578,084,840 | ---- | C] () -- C:\Users\Deborah\Desktop\iPad1,1_4.2.1_8C148_Restore.ipsw
[2011/12/01 22:09:13 | 005,298,620 | ---- | C] () -- C:\Users\Deborah\Desktop\greenpois0n.exe
[2011/12/01 22:09:13 | 000,002,744 | ---- | C] () -- C:\Users\Deborah\Desktop\README
[2011/12/01 22:06:40 | 000,608,256 | ---- | C] () -- C:\Users\Deborah\Desktop\blackra1n.exe
[2011/11/29 20:23:09 | 000,000,936 | ---- | C] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3544165439-1176164352-1535213105-1000UA.job
[2011/11/29 20:23:05 | 000,000,914 | ---- | C] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3544165439-1176164352-1535213105-1000Core.job
[2011/11/29 07:07:39 | 003,584,014 | ---- | C] () -- C:\Users\Deborah\Desktop\MATHS.pdf
[2011/07/28 16:49:12 | 000,053,760 | ---- | C] () -- C:\Windows\System32\OVDecode.dll
[2011/01/03 20:07:57 | 000,082,289 | ---- | C] () -- C:\Windows\System32\lvcoinst.ini
[2010/11/22 00:48:02 | 000,075,136 | ---- | C] () -- C:\Windows\System32\PnkBstrA.exe
[2010/10/27 23:19:20 | 000,037,336 | ---- | C] () -- C:\Windows\System32\CleanMFT32.exe
[2010/10/17 01:23:01 | 000,094,208 | ---- | C] () -- C:\Windows\System32\zmbv.dll
[2010/09/29 11:34:38 | 000,075,096 | ---- | C] () -- C:\Windows\System32\LADFCoinst_i386.dll
[2010/08/26 14:58:28 | 000,150,212 | ---- | C] () -- C:\Windows\hpoins30.dat.temp
[2010/08/26 14:58:28 | 000,000,547 | ---- | C] () -- C:\Windows\hpomdl30.dat.temp
[2010/06/18 22:15:27 | 000,205,636 | -H-- | C] () -- C:\Windows\System32\mlfcache.dat
[2010/06/16 13:22:56 | 000,219,348 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2010/06/15 22:28:54 | 000,002,857 | ---- | C] () -- C:\Windows\System32\atipblag.dat
[2010/05/02 13:47:09 | 000,000,562 | ---- | C] () -- C:\Windows\eReg.dat
[2009/12/27 10:34:34 | 000,023,114 | ---- | C] () -- C:\Windows\hpqins15.dat
[2009/12/09 10:36:56 | 000,006,144 | ---- | C] () -- C:\Users\Deborah\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/11/04 10:50:37 | 000,021,316 | ---- | C] () -- C:\Windows\System32\emptyregdb.dat
[2009/11/04 10:10:41 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2009/10/07 01:46:36 | 000,025,752 | ---- | C] () -- C:\Windows\System32\drivers\LVPr2Mon.sys
[2009/10/07 01:23:08 | 000,013,584 | ---- | C] () -- C:\Windows\System32\drivers\iKeyLFT2.dll
[2009/09/11 00:01:44 | 000,041,872 | ---- | C] () -- C:\Windows\System32\xfcodec.dll
[2009/09/08 15:21:13 | 000,006,784 | ---- | C] () -- C:\Windows\System32\drivers\whfltr2k.sys
[2009/07/24 15:05:26 | 000,015,497 | ---- | C] () -- C:\Windows\VX6KStd.ini
[2009/07/14 04:57:37 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009/07/14 04:33:53 | 000,458,064 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2009/07/14 02:05:48 | 000,628,024 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2009/07/14 02:05:48 | 000,291,294 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2009/07/14 02:05:48 | 000,110,208 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2009/07/14 02:05:48 | 000,031,548 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2009/07/14 02:05:05 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2009/07/14 02:04:11 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2009/07/14 00:13:33 | 001,977,856 | ---- | C] () -- C:\Windows\System32\NlsData0002.dll
[2009/07/13 23:55:01 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009/07/13 23:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll
[2009/07/13 23:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll
[2009/07/13 08:07:56 | 001,506,304 | ---- | C] () -- C:\Program Files\Voice Manager.exe
[2009/07/05 21:55:43 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009/06/10 21:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2009/05/29 14:58:01 | 000,000,025 | ---- | C] () -- C:\Windows\cdplayer.ini
[2009/05/19 16:16:04 | 000,131,072 | ---- | C] () -- C:\Windows\System32\SpoonUninstall.exe
[2009/02/18 17:55:20 | 000,294,912 | ---- | C] () -- C:\Windows\System32\ATIODE.exe
[2009/02/03 20:52:02 | 000,045,056 | ---- | C] () -- C:\Windows\System32\ATIODCLI.exe
[2008/10/07 09:13:30 | 000,197,912 | ---- | C] () -- C:\Windows\System32\physxcudart_20.dll
[2008/10/07 09:13:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelTraditionalChinese.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSwedish.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSpanish.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSimplifiedChinese.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelPortugese.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelKorean.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelJapanese.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelGerman.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelFrench.dll
[2008/09/22 21:52:32 | 000,045,056 | ---- | C] () -- C:\Windows\System32\LXF3PMON.DLL
[2008/09/22 21:52:32 | 000,032,768 | ---- | C] () -- C:\Windows\System32\LXF3FXPU.DLL
[2008/09/22 21:52:12 | 000,036,864 | ---- | C] () -- C:\Windows\System32\lxf3oem.dll
[2008/09/22 21:52:12 | 000,012,288 | ---- | C] () -- C:\Windows\System32\LXF3PMRC.DLL
[2008/09/21 20:34:56 | 000,000,376 | ---- | C] () -- C:\Windows\ODBC.INI
[2008/07/18 22:41:45 | 003,107,788 | ---- | C] () -- C:\Windows\System32\atiumdva.dat
[2007/05/22 08:04:16 | 000,208,896 | ---- | C] () -- C:\Windows\System32\lxdigrd.dll
[2007/03/30 15:13:24 | 000,344,064 | ---- | C] () -- C:\Windows\System32\lxdicoin.dll
[2006/08/01 06:53:18 | 000,040,960 | ---- | C] () -- C:\Windows\System32\lxdivs.dll
[2005/12/25 23:24:00 | 000,006,656 | ---- | C] () -- C:\Windows\System32\drivers\LtcyCfgWDM.sys
========== LOP Check ==========
[2011/03/25 21:45:04 | 000,000,000 | ---D | M] -- C:\Users\Deborah\AppData\Roaming\.minecraft
[2010/03/31 15:40:57 | 000,000,000 | ---D | M] -- C:\Users\Deborah\AppData\Roaming\Armagetron
[2010/06/26 16:27:38 | 000,000,000 | ---D | M] -- C:\Users\Deborah\AppData\Roaming\Audacity
[2011/02/10 09:08:11 | 000,000,000 | ---D | M] -- C:\Users\Deborah\AppData\Roaming\AVG
[2011/02/10 08:56:39 | 000,000,000 | ---D | M] -- C:\Users\Deborah\AppData\Roaming\AVG10
[2011/10/26 14:25:02 | 000,000,000 | ---D | M] -- C:\Users\Deborah\AppData\Roaming\DAEMON Tools Lite
[2010/09/26 14:16:49 | 000,000,000 | ---D | M] -- C:\Users\Deborah\AppData\Roaming\DAEMON Tools Net
[2009/11/04 10:39:53 | 000,000,000 | ---D | M] -- C:\Users\Deborah\AppData\Roaming\dBpoweramp
[2010/02/09 21:35:13 | 000,000,000 | ---D | M] -- C:\Users\Deborah\AppData\Roaming\Fit3DLive
[2010/03/03 20:58:58 | 000,000,000 | ---D | M] -- C:\Users\Deborah\AppData\Roaming\GameTracker
[2010/05/03 11:05:58 | 000,000,000 | ---D | M] -- C:\Users\Deborah\AppData\Roaming\GARMIN
[2010/05/02 18:15:27 | 000,000,000 | ---D | M] -- C:\Users\Deborah\AppData\Roaming\gtk-2.0
[2011/03/22 21:31:52 | 000,000,000 | ---D | M] -- C:\Users\Deborah\AppData\Roaming\Gyazo
[2011/10/26 13:40:13 | 000,000,000 | ---D | M] -- C:\Users\Deborah\AppData\Roaming\Hardcore
[2010/05/18 06:44:42 | 000,000,000 | ---D | M] -- C:\Users\Deborah\AppData\Roaming\HLSW
[2009/11/21 03:05:43 | 000,000,000 | ---D | M] -- C:\Users\Deborah\AppData\Roaming\ijjigame
[2009/11/04 10:39:53 | 000,000,000 | ---D | M] -- C:\Users\Deborah\AppData\Roaming\Lexmark Productivity Studio
[2009/11/04 10:39:53 | 000,000,000 | ---D | M] -- C:\Users\Deborah\AppData\Roaming\LG Electronics
[2010/10/23 22:11:46 | 000,000,000 | ---D | M] -- C:\Users\Deborah\AppData\Roaming\ManyCam
[2010/01/23 18:06:53 | 000,000,000 | ---D | M] -- C:\Users\Deborah\AppData\Roaming\Nokia
[2010/01/23 18:06:00 | 000,000,000 | ---D | M] -- C:\Users\Deborah\AppData\Roaming\Nokia Ovi Suite
[2011/10/26 14:12:59 | 000,000,000 | ---D | M] -- C:\Users\Deborah\AppData\Roaming\Notepad++
[2011/12/21 11:39:13 | 000,000,000 | ---D | M] -- C:\Users\Deborah\AppData\Roaming\OnLive App
[2010/01/23 18:06:03 | 000,000,000 | ---D | M] -- C:\Users\Deborah\AppData\Roaming\PC Suite
[2011/10/26 11:42:41 | 000,000,000 | ---D | M] -- C:\Users\Deborah\AppData\Roaming\Philipp Winterberg
[2009/11/04 10:40:12 | 000,000,000 | ---D | M] -- C:\Users\Deborah\AppData\Roaming\Publish Providers
[2011/04/01 19:58:24 | 000,000,000 | ---D | M] -- C:\Users\Deborah\AppData\Roaming\RebateInformer
[2010/06/08 18:45:06 | 000,000,000 | ---D | M] -- C:\Users\Deborah\AppData\Roaming\Reg Tool
[2011/11/30 13:07:20 | 000,000,000 | ---D | M] -- C:\Users\Deborah\AppData\Roaming\Registry Mechanic
[2010/01/31 12:07:34 | 000,000,000 | ---D | M] -- C:\Users\Deborah\AppData\Roaming\Screaming Bee
[2009/11/04 10:40:50 | 000,000,000 | ---D | M] -- C:\Users\Deborah\AppData\Roaming\Sony
[2009/12/21 21:24:06 | 000,000,000 | ---D | M] -- C:\Users\Deborah\AppData\Roaming\Subversion
[2011/05/25 19:56:04 | 000,000,000 | ---D | M] -- C:\Users\Deborah\AppData\Roaming\SystemRequirementsLab
[2010/05/03 11:12:10 | 000,000,000 | ---D | M] -- C:\Users\Deborah\AppData\Roaming\Thunderbird
[2009/11/04 10:40:50 | 000,000,000 | ---D | M] -- C:\Users\Deborah\AppData\Roaming\TomTom
[2009/11/04 10:40:51 | 000,000,000 | ---D | M] -- C:\Users\Deborah\AppData\Roaming\Trusteer
[2010/02/11 16:43:06 | 000,000,000 | ---D | M] -- C:\Users\Deborah\AppData\Roaming\TS3Client
[2011/05/02 11:34:56 | 000,000,000 | ---D | M] -- C:\Users\Deborah\AppData\Roaming\TuneAid
[2010/01/24 19:02:32 | 000,000,000 | ---D | M] -- C:\Users\Deborah\AppData\Roaming\Unity
[2009/12/18 17:32:45 | 000,000,000 | ---D | M] -- C:\Users\Deborah\AppData\Roaming\X-Chat 2
[2011/12/26 20:28:00 | 000,000,914 | ---- | M] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3544165439-1176164352-1535213105-1000Core.job
[2011/12/27 17:28:01 | 000,000,936 | ---- | M] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3544165439-1176164352-1535213105-1000UA.job
[2011/12/26 19:00:00 | 000,000,252 | ---- | M] () -- C:\Windows\Tasks\RMSchedule.job
[2011/01/04 19:05:48 | 000,032,620 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
========== Files - Unicode (All) ==========
[2011/03/02 15:38:12 | 000,000,036 | ---- | M] ()(C:\Windows\System32\??) -- C:\Windows\System32\䍰ɩ
[2011/03/02 15:38:12 | 000,000,036 | ---- | C] ()(C:\Windows\System32\??) -- C:\Windows\System32\䍰ɩ
========== Alternate Data Streams ==========
@Alternate Data Stream - 149 bytes -> C:\ProgramData\TEMP:0B4227B4
@Alternate Data Stream - 143 bytes -> C:\ProgramData\TEMP:D1B5B4F1
@Alternate Data Stream - 113 bytes -> C:\ProgramData\TEMP:76650B61
< End of report >
Thanks in advance