I have a laptop infected with Ukash, running AVG free anti-virus. Just before getting infected I noticed that the firewall had deactivated. I have run HitmanPro from USB but to no avail. This thread, http://www.geekstogo...mp-ukash-virus/ reflects very much my experience. Any help much appreciated. OTL.txt file as follows.
Many thanks
Chris
--------------------------------------------------------------------------------
OTL logfile created on: 5/14/2013 2:07:47 PM - Run
OTLPE by OldTimer - Version 3.1.48.0 Folder = X:\Programs\OTLPE
Microsoft Windows XP Service Pack 3 (Version = 5.1.2600) - Type = SYSTEM
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy
2.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 87.00% Memory free
2.00 Gb Paging File | 2.00 Gb Available in Paging File | 97.00% Paging File free
Paging file location(s): C:\pagefile.sys 0 0 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 67.81 Gb Total Space | 17.31 Gb Free Space | 25.53% Space Free | Partition Type: NTFS
Drive X: | 284.12 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet002
========== Win32 Services (SafeList) ==========
SRV - [2013/04/16 16:26:25 | 000,115,608 | ---- | M] (Mozilla Foundation) [On_Demand] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/11/15 19:34:30 | 005,814,904 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto] -- C:\Program Files\AVG\AVG2013\avgidsagent.exe -- (AVGIDSAgent)
SRV - [2012/10/22 09:05:08 | 000,196,664 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto] -- C:\Program Files\AVG\AVG2013\avgwdsvc.exe -- (avgwd)
SRV - [2012/10/19 12:14:08 | 000,160,944 | R--- | M] (Skype Technologies) [Auto] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/09/25 04:08:08 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) [Auto] -- C:\Program Files\SUPERAntiSpyware\SASCORE.EXE -- (!SASCORE)
SRV - [2010/03/23 09:19:32 | 001,528,616 | ---- | M] (Cisco Systems, Inc.) [Auto] -- C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe -- (CVPND)
SRV - [2009/12/19 20:00:00 | 006,095,504 | ---- | M] (MySQL AB) [Auto] -- C:\Program Files\Xampp\xampp\mysql\bin\mysqld.exe -- (MySQL)
SRV - [2009/12/19 20:00:00 | 000,029,416 | ---- | M] (Apache Software Foundation) [Auto] -- C:\Program Files\Xampp\xampp\apache\bin\httpd.exe -- (Apache2.2)
SRV - [2009/05/21 10:28:38 | 000,874,768 | ---- | M] (Intel® Corporation) [Auto] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng) Intel®
SRV - [2009/05/21 09:23:04 | 000,909,312 | ---- | M] (Intel® Corporation) [Auto] -- C:\Program Files\Intel\WiFi\bin\S24EvMon.exe -- (S24EventMonitor) Intel®
SRV - [2009/05/21 09:04:14 | 000,473,360 | ---- | M] (Intel® Corporation) [Auto] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc) Intel®
SRV - [2004/10/04 00:47:04 | 000,098,304 | ---- | M] () [Auto] -- C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor)
SRV - [2004/10/03 23:40:50 | 000,118,784 | ---- | M] () [Auto] -- C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsDeviceConnect.exe -- (PhotoshopElementsDeviceConnect)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand] -- -- (wanatw) WAN Miniport (ATW)
DRV - File not found [Kernel | On_Demand] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand] -- -- (PDCOMP)
DRV - File not found [Kernel | System] -- -- (PCIDump)
DRV - File not found [Kernel | System] -- -- (mde67b2)
DRV - File not found [Kernel | System] -- -- (lbrtfdc)
DRV - File not found [Kernel | Auto] -- -- (DellBIOS)
DRV - File not found [Kernel | System] -- -- (Changer)
DRV - File not found [Kernel | System] -- -- (bhif686)
DRV - [2012/11/15 19:33:26 | 000,094,048 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot] -- C:\WINDOWS\system32\drivers\avgmfx86.sys -- (Avgmfx86)
DRV - [2012/10/22 09:02:46 | 000,179,936 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | System] -- C:\WINDOWS\system32\drivers\avgidsdriverx.sys -- (AVGIDSDriver)
DRV - [2012/10/14 23:48:52 | 000,055,776 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\avgidshx.sys -- (AVGIDSHX)
DRV - [2012/10/01 23:30:38 | 000,159,712 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System] -- C:\WINDOWS\system32\drivers\avgldx86.sys -- (Avgldx86)
DRV - [2012/09/20 23:46:06 | 000,164,832 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System] -- C:\WINDOWS\system32\drivers\avgtdix.sys -- (Avgtdix)
DRV - [2012/09/20 23:46:00 | 000,177,376 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\avglogx.sys -- (Avglogx)
DRV - [2012/09/20 23:45:54 | 000,019,936 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | System] -- C:\WINDOWS\system32\drivers\avgidsshimx.sys -- (AVGIDSShim)
DRV - [2012/09/13 23:05:20 | 000,035,552 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot] -- C:\WINDOWS\system32\drivers\avgrkx86.sys -- (Avgrkx86)
DRV - [2012/03/11 08:48:52 | 000,071,440 | ---- | M] (Trusteer Ltd.) [Kernel | System] -- C:\Program Files\Trusteer\Rapport\bin\RapportEI.sys -- (RapportEI)
DRV - [2012/03/11 08:48:50 | 000,164,112 | ---- | M] (Trusteer Ltd.) [Kernel | System] -- C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys -- (RapportPG)
DRV - [2012/03/11 08:48:50 | 000,056,208 | ---- | M] (Trusteer Ltd.) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\RapportKELL.sys -- (RapportKELL)
DRV - [2011/12/15 12:51:11 | 000,228,208 | ---- | M] () [Kernel | System] -- C:\Documents and Settings\All Users\Application Data\Trusteer\Rapport\store\exts\RapportCerberus\34302\RapportCerberus32_34302.sys -- (RapportCerberus_34302)
DRV - [2011/12/09 11:35:58 | 000,025,704 | ---- | M] (Wondershare) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\WsAudio_DeviceS(5).sys -- (WsAudio_DeviceS(5)) WsAudio_DeviceS(5)
DRV - [2011/12/09 11:35:58 | 000,025,704 | ---- | M] (Wondershare) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\WsAudio_DeviceS(4).sys -- (WsAudio_DeviceS(4)) WsAudio_DeviceS(4)
DRV - [2011/12/09 11:35:58 | 000,025,704 | ---- | M] (Wondershare) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\WsAudio_DeviceS(3).sys -- (WsAudio_DeviceS(3)) WsAudio_DeviceS(3)
DRV - [2011/12/09 11:35:58 | 000,025,704 | ---- | M] (Wondershare) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\WsAudio_DeviceS(2).sys -- (WsAudio_DeviceS(2)) WsAudio_DeviceS(2)
DRV - [2011/12/09 11:35:58 | 000,025,704 | ---- | M] (Wondershare) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\WsAudio_DeviceS(1).sys -- (WsAudio_DeviceS(1)) WsAudio_DeviceS(1)
DRV - [2011/08/17 04:06:46 | 000,021,520 | ---- | M] (Trusteer Ltd.) [Kernel | On_Demand] -- C:\Documents and Settings\All Users\Application Data\Trusteer\Rapport\store\exts\RapportMS\28896\RapportIaso.sys -- (RapportIaso)
DRV - [2011/07/22 12:27:02 | 000,012,880 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2011/07/12 17:55:22 | 000,067,664 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2010/03/23 09:15:36 | 000,308,859 | ---- | M] (Cisco Systems, Inc.) [Kernel | Auto] -- C:\WINDOWS\system32\drivers\CVPNDRVA.sys -- (CVPNDRVA)
DRV - [2009/05/28 18:23:24 | 004,203,392 | ---- | M] (Intel Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\NETw5x32.sys -- (NETw5x32) Intel®
DRV - [2008/11/16 14:39:44 | 000,131,984 | ---- | M] (Deterministic Networks, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\dne2000.sys -- (DNE)
DRV - [2008/08/13 13:23:56 | 000,011,904 | ---- | M] (Intel Corporation) [Kernel | Auto] -- C:\WINDOWS\system32\drivers\s24trans.sys -- (s24trans)
DRV - [2007/11/14 15:05:16 | 000,394,952 | ---- | M] (Zone Labs, LLC) [Kernel | On_Demand] -- C:\WINDOWS\system32\vsdatant.sys -- (vsdatant)
DRV - [2007/01/18 16:28:02 | 000,005,275 | ---- | M] (Cisco Systems, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\CVirtA.sys -- (CVirtA)
DRV - [2006/08/25 03:23:08 | 000,044,544 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\bcm4sbxp.sys -- (bcm4sbxp)
DRV - [2006/04/26 19:13:04 | 001,429,632 | ---- | M] (Intel® Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\w39n51.sys -- (w39n51) Intel®
DRV - [2006/03/24 19:34:30 | 001,156,648 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\sthda.sys -- (STHDA)
DRV - [2006/01/10 07:07:58 | 000,004,864 | ---- | M] (GTek Technologies Ltd.) [Kernel | On_Demand] -- C:\Program Files\Dell Support\GTAction\triggers\DSproct.sys -- (DSproct)
DRV - [2005/10/14 11:40:18 | 000,307,968 | ---- | M] (REDC) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\rixdptsk.sys -- (rismxdp)
DRV - [2005/10/14 11:40:18 | 000,051,328 | ---- | M] (REDC) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2005/10/14 11:40:18 | 000,028,544 | ---- | M] (REDC) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2005/08/12 13:50:46 | 000,016,128 | ---- | M] (Dell Inc) [Kernel | System] -- C:\WINDOWS\SYSTEM32\DRIVERS\APPDRV.SYS -- (APPDRV)
DRV - [2005/07/21 23:02:12 | 001,035,008 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\HSF_DPV.sys -- (HSF_DPV)
DRV - [2005/07/21 23:01:08 | 000,201,600 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\HSFHWAZL.sys -- (HSFHWAZL)
DRV - [2005/07/21 23:01:00 | 000,717,952 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2004/06/09 04:29:56 | 000,006,977 | ---- | M] (Gteko Ltd.) [Kernel | On_Demand] -- C:\WINDOWS\system32\DDMI2.sys -- (SDDMI2)
DRV - [2004/02/13 12:46:00 | 000,017,153 | ---- | M] (Dell Inc) [Kernel | System] -- C:\WINDOWS\system32\drivers\omci.sys -- (omci)
DRV - [1999/09/10 08:06:00 | 000,025,244 | ---- | M] (Adaptec) [Kernel | Auto] -- C:\WINDOWS\System32\drivers\aspi32.sys -- (Aspi32)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Page_URL = www.google.co.uk/ig/dell?hl=en&client=dell-usuk&channel=uk&ibd=2061119
IE - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKLM\Software\Microsoft\Internet Explorer\Search,Start Page = www.google.co.uk/ig/dell?hl=en&client=dell-usuk&channel=uk&ibd=2061119
IE - HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.co.uk/ig/dell?hl=en&client=dell-usuk&channel=uk&ibd=2061119
IE - HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.co.uk/ig/dell?hl=en&client=dell-usuk&channel=uk&ibd=2061119
IE - HKU\.DEFAULT\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - Reg Error: Key error. File not found
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\Administrator_ON_C\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.co.uk/ig/dell?hl=en&client=dell-usuk&channel=uk&ibd=2061119
IE - HKU\Administrator_ON_C\Software\Microsoft\Internet Explorer\Main,First Home Page = http://www1.euro.del...c=uk&l=en&s=gen
IE - HKU\Administrator_ON_C\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.co...html?channel=uk
IE - HKU\Administrator_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.co.uk/ig/dell?hl=en&client=dell-usuk&channel=uk&ibd=2061119
IE - HKU\Administrator_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\Chris_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page =
IE - HKU\Chris_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://uk.msn.com/?ocid=iehp
IE - HKU\Chris_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-gb
IE - HKU\Chris_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = D6 E6 41 2E 10 B2 CC 01 [binary data]
IE - HKU\Chris_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\Chris_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
IE - HKU\Fiona_ON_C\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.co.uk/ig/dell?hl=en&client=dell-usuk&channel=uk&ibd=2061119
IE - HKU\Fiona_ON_C\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\Fiona_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/
IE - HKU\Fiona_ON_C\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKU\Fiona_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\HelpAssistant_ON_C\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.skybroadband.com
IE - HKU\HelpAssistant_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKU\HelpAssistant_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_7_700_169.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw_1202122.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Picasa2\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=15.0.2.72: C:\Program Files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=15.0.2.72: C:\Program Files\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.2.72: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.2.72: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=15.0.2.72: C:\Program Files\real\realplayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=:
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@viewpoint.com/VMP: C:\Program Files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll ()
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013/04/16 16:26:26 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013/04/16 16:26:10 | 000,000,000 | ---D | M]
[2013/04/16 16:26:01 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2013/04/16 16:26:26 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2013/04/16 16:26:21 | 000,001,738 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-en-GB.xml
[2013/04/16 16:26:21 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2013/04/16 16:26:21 | 000,001,148 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\chambers-en-GB.xml
[2013/04/16 16:26:21 | 000,001,379 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-en-GB.xml
[2013/04/16 16:26:21 | 000,002,086 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml
[2013/04/16 16:26:21 | 000,001,334 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-en-GB.xml
O1 HOSTS File: ([2004/08/10 01:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - File not found
O2 - BHO: (Search Results Toolbar) - {94366e2c-9923-431c-b0d6-747447dd0f2b} - C:\Program Files\searchresults1\toolbar2X.dll (Ask.com)
O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\BAE\BAE.dll (Dell Inc.)
O3 - HKLM\..\Toolbar: (Search Results Toolbar) - {94366e2c-9923-431c-b0d6-747447dd0f2b} - C:\Program Files\searchresults1\toolbar2X.dll (Ask.com)
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKU\Fiona_ON_C\..\Toolbar\WebBrowser: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKU\HelpAssistant_ON_C\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\HelpAssistant_ON_C\..\Toolbar\WebBrowser: (no name) - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - No CLSID value found.
O4 - HKLM..\Run: [AVG_UI] C:\Program Files\AVG\AVG2013\avgui.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [CTSVolFE.exe] C:\Program Files\Creative\Mixer\CTSVolFE.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [IntelWireless] C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe (Intel® Corporation)
O4 - HKLM..\Run: [IntelZeroConfig] C:\Program Files\Intel\WiFi\bin\ZCfgSvc.exe (Intel® Corporation)
O4 - HKLM..\Run: [SigmatelSysTrayApp] C:\WINDOWS\stsystra.exe (SigmaTel, Inc.)
O4 - HKLM..\Run: [TkBellExe] C:\program files\real\realplayer\update\realsched.exe (RealNetworks, Inc.)
O4 - HKU\Administrator_ON_C..\Run: [DellSupport] C:\Program Files\Dell Support\DSAgnt.exe (Gteko Ltd.)
O4 - HKU\Administrator_ON_C..\Run: [ModemOnHold] C:\Program Files\NetWaiting\netwaiting.exe ()
O4 - HKU\Chris_ON_C..\Run: [DellSupport] C:\Program Files\Dell Support\DSAgnt.exe (Gteko Ltd.)
O4 - HKU\Chris_ON_C..\Run: [ModemOnHold] C:\Program Files\NetWaiting\netwaiting.exe ()
O4 - HKU\Chris_ON_C..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE (SUPERAntiSpyware.com)
O4 - HKU\Fiona_ON_C..\Run: [DellSupport] C:\Program Files\Dell Support\DSAgnt.exe (Gteko Ltd.)
O4 - HKU\Fiona_ON_C..\Run: [ModemOnHold] C:\Program Files\NetWaiting\netwaiting.exe ()
O4 - HKU\HelpAssistant_ON_C..\Run: [buefwftm] File not found
O4 - HKU\HelpAssistant_ON_C..\Run: [DellSupport] C:\Program Files\Dell Support\DSAgnt.exe (Gteko Ltd.)
O4 - HKU\HelpAssistant_ON_C..\Run: [ModemOnHold] C:\Program Files\NetWaiting\netwaiting.exe ()
O4 - HKU\HelpAssistant_ON_C..\Run: [updateMgr] File not found
O4 - HKLM..\RunOnce: [AvgUninstallURL] C:\WINDOWS\System32\cmd.exe (Microsoft Corporation)
O4 - HKU\.DEFAULT..\RunOnce: [FlashPlayerUpdate] C:\WINDOWS\system32\Macromed\Flash\FlashUtil10e.exe (Adobe Systems, Inc.)
O4 - HKU\.DEFAULT..\RunOnce: [tscuninstall] C:\WINDOWS\system32\tscupgrd.exe (Microsoft Corporation)
O4 - HKU\HelpAssistant_ON_C..\RunOnce: [spchecker] File not found
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\VPN Client.lnk = C:\WINDOWS\Installer\{B0BF7057-6869-4E4B-920C-EA2A58DA07F0}\Icon3E5562ED7.ico ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallVisualStyle = C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles (Microsoft)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallTheme = C:\WINDOWS\Resources\Themes\Royale.theme ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\Administrator_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\Chris_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\Chris_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = C2 FF FF 03 [binary data]
O7 - HKU\Fiona_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\HelpAssistant_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\LocalService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\NetworkService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - File not found
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://go.microsoft....k/?linkid=39204 (Windows Genuine Advantage Validation Tool)
O16 - DPF: {2EDF75C0-5ABD-49f9-BAB6-220476A32034} http://intel-drv-cdn...reqlab_srlx.cab (Reg Error: Key error.)
O16 - DPF: {31435657-9980-0010-8000-00AA00389B71} http://download.micr...78f/wvc1dmo.cab (Reg Error: Key error.)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.micros...b?1271724035390 (WUWebControl Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.mi...b?1260201689765 (MUWebControl Class)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...r/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0_06)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_03)
O16 - DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ent/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - File not found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKU\.DEFAULT Winlogon: Shell - (cmd.exe) - C:\WINDOWS\System32\cmd.exe (Microsoft Corporation)
O24 - Desktop WallPaper: B:\Documents and Settings\Default User\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: B:\Documents and Settings\Default User\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2005/08/16 00:43:04 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2006/03/24 07:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
O33 - MountPoints2\{361ac05d-0e0d-11da-9aa9-806d6172696f}\Shell - "" = AutoRun
O33 - MountPoints2\{361ac05d-0e0d-11da-9aa9-806d6172696f}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{361ac05d-0e0d-11da-9aa9-806d6172696f}\Shell\AutoRun\command - "" = E:\setup.exe
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG2013\avgrsx.exe /sync /restart) - C:\Program Files\AVG\AVG2013\avgrsx.exe (AVG Technologies CZ, s.r.o.)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2013/05/12 05:27:38 | 000,000,000 | ---D | C] -- C:\WINDOWS\Microsoft Antimalware
[2013/05/11 17:00:58 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Fiona\Cookies
[2013/04/28 13:41:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Chris\My Documents\Trials 2
[2013/04/28 13:41:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Chris\Local Settings\Application Data\Redlynx
[2013/04/28 13:37:14 | 003,734,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_36.dll
[2013/04/28 13:36:48 | 000,081,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xinput1_3.dll
[2013/04/28 13:36:27 | 000,000,000 | ---D | C] -- C:\Program Files\OpenAL
[2013/04/28 13:36:26 | 000,413,696 | ---- | C] (Creative Labs) -- C:\WINDOWS\System32\wrap_oal.dll
[2013/04/28 13:36:26 | 000,110,592 | ---- | C] (Portions © Creative Labs Inc. and NVIDIA Corp.) -- C:\WINDOWS\System32\OpenAL32.dll
[2013/04/28 13:36:07 | 000,000,000 | ---D | C] -- C:\Program Files\Trials 2 Second Edition
[2013/04/25 14:58:40 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2013/04/25 14:41:48 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\smtpapi.dll
[2013/04/25 14:41:48 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rwnh.dll
[2013/04/25 14:41:47 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ieencode.dll
[2013/04/25 14:41:38 | 000,000,000 | ---D | C] -- C:\Program Files\msn
[2013/04/25 14:21:53 | 000,000,000 | ---D | C] -- C:\328562c906c870eeac9003
[2013/04/25 11:44:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\UAB
[2013/04/25 11:44:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Chris\Local Settings\Application Data\PC_Drivers_Headquarters
[2013/04/25 11:44:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Driver Inspector
[2013/04/25 11:42:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Driver Inspector
[2013/04/25 11:42:38 | 000,000,000 | ---D | C] -- C:\Program Files\Driver Inspector
[2013/04/25 09:01:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Chris\Application Data\Dell
[2013/04/25 09:00:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Dell Support Center
[2013/04/25 09:00:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\PCDr
[2013/04/25 08:59:30 | 000,000,000 | ---D | C] -- C:\Program Files\Dell Support Center
[2013/04/25 08:56:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Chris\Application Data\PCDr
[2013/04/25 08:51:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Chris\Local Settings\Application Data\Deployment
[2013/04/23 17:01:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Chris\Desktop\Africa2
[2013/04/23 16:53:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Chris\Desktop\Africa
[2013/04/16 17:20:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Chris\Application Data\ElevatedDiagnostics
[2013/04/16 17:12:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Windows PowerShell 1.0
[2013/04/16 17:12:05 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\windowspowershell
[2013/04/16 16:25:56 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2007/11/10 17:28:25 | 005,822,168 | ---- | C] (Mozilla) -- C:\Program Files\Firefox Setup 2.0.0.9.exe
[24 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[14 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2013/05/12 15:23:06 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013/05/12 04:38:29 | 000,000,412 | ---- | M] () -- C:\WINDOWS\tasks\RNUpgradeHelperLogonPrompt_Chris.job
[2013/05/12 04:37:30 | 000,000,278 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-1381835960-4241067638-2893470200-1005.job
[2013/05/12 04:37:11 | 000,000,880 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2013/05/12 04:37:03 | 000,000,280 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-18.job
[2013/05/11 19:37:04 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At1.job
[2013/05/11 19:34:00 | 000,000,418 | ---- | M] () -- C:\WINDOWS\tasks\At25.job
[2013/05/11 17:02:00 | 000,000,884 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2013/05/11 17:00:02 | 000,000,418 | ---- | M] () -- C:\WINDOWS\tasks\At47.job
[2013/05/11 17:00:01 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At23.job
[2013/05/11 16:29:12 | 000,116,782 | ---- | M] () -- C:\WINDOWS\system32\config\systemprofile\Application Data\2433f433
[2013/05/11 16:29:11 | 000,116,755 | ---- | M] () -- C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\2433f433
[2013/05/11 16:29:11 | 000,116,747 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\2433f433
[2013/05/11 16:26:48 | 000,503,458 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2013/05/11 16:26:48 | 000,087,094 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2013/05/11 16:22:00 | 000,002,447 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\VPN Client.lnk
[2013/05/11 12:09:13 | 000,000,418 | ---- | M] () -- C:\WINDOWS\tasks\At41.job
[2013/05/11 12:09:12 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At17.job
[2013/05/11 07:07:04 | 000,000,406 | ---- | M] () -- C:\WINDOWS\tasks\ReclaimerUpdateFiles_Chris.job
[2013/05/11 07:00:00 | 000,000,506 | ---- | M] () -- C:\WINDOWS\tasks\SystemToolsDailyTest.job
[2013/05/11 07:00:00 | 000,000,418 | ---- | M] () -- C:\WINDOWS\tasks\At37.job
[2013/05/11 07:00:00 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At13.job
[2013/05/11 05:00:00 | 000,000,418 | ---- | M] () -- C:\WINDOWS\tasks\At35.job
[2013/05/11 05:00:00 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At11.job
[2013/05/10 06:00:00 | 000,000,418 | ---- | M] () -- C:\WINDOWS\tasks\At36.job
[2013/05/10 06:00:00 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At12.job
[2013/05/10 04:00:00 | 000,000,418 | ---- | M] () -- C:\WINDOWS\tasks\At34.job
[2013/05/10 04:00:00 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At10.job
[2013/05/09 18:00:00 | 000,000,418 | ---- | M] () -- C:\WINDOWS\tasks\At48.job
[2013/05/09 18:00:00 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At24.job
[2013/05/09 16:00:00 | 000,000,418 | ---- | M] () -- C:\WINDOWS\tasks\At46.job
[2013/05/09 16:00:00 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At22.job
[2013/05/09 15:00:00 | 000,000,418 | ---- | M] () -- C:\WINDOWS\tasks\At45.job
[2013/05/09 15:00:00 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At21.job
[2013/05/09 12:00:00 | 000,000,418 | ---- | M] () -- C:\WINDOWS\tasks\At42.job
[2013/05/09 12:00:00 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At18.job
[2013/05/09 10:01:13 | 000,000,418 | ---- | M] () -- C:\WINDOWS\tasks\At40.job
[2013/05/09 10:01:12 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At16.job
[2013/05/08 09:00:00 | 000,000,418 | ---- | M] () -- C:\WINDOWS\tasks\At39.job
[2013/05/08 09:00:00 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At15.job
[2013/05/08 08:00:00 | 000,000,418 | ---- | M] () -- C:\WINDOWS\tasks\At38.job
[2013/05/08 08:00:00 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At14.job
[2013/05/08 06:37:16 | 000,002,489 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Word.lnk
[2013/05/06 13:06:02 | 000,000,402 | ---- | M] () -- C:\WINDOWS\tasks\ReclaimerUpdateXML_Chris.job
[2013/05/06 10:17:00 | 000,000,288 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-18.job
[2013/05/02 14:00:00 | 000,000,418 | ---- | M] () -- C:\WINDOWS\tasks\At44.job
[2013/05/02 14:00:00 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At20.job
[2013/05/01 16:38:38 | 000,002,487 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Excel.lnk
[2013/04/30 15:17:23 | 000,129,576 | ---- | M] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2013/04/30 13:00:00 | 000,000,418 | ---- | M] () -- C:\WINDOWS\tasks\At43.job
[2013/04/30 13:00:00 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At19.job
[2013/04/28 13:41:51 | 000,000,802 | ---- | M] () -- C:\Documents and Settings\Chris\Desktop\trials2_low.exe.lnk
[2013/04/28 13:36:27 | 000,413,696 | ---- | M] (Creative Labs) -- C:\WINDOWS\System32\wrap_oal.dll
[2013/04/28 13:36:26 | 000,110,592 | ---- | M] (Portions © Creative Labs Inc. and NVIDIA Corp.) -- C:\WINDOWS\System32\OpenAL32.dll
[2013/04/25 17:52:32 | 000,276,008 | ---- | M] () -- C:\Documents and Settings\Chris\Desktop\bookmarks .html
[2013/04/25 15:54:17 | 000,224,816 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2013/04/25 15:05:41 | 000,000,568 | ---- | M] () -- C:\WINDOWS\tasks\PCDoctorBackgroundMonitorTask.job
[2013/04/25 14:58:40 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2013/04/25 14:42:12 | 000,000,000 | R--D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\Accessories
[2013/04/25 11:58:21 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2013/04/25 11:42:53 | 000,002,064 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Driver Inspector.lnk
[2013/04/25 11:42:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\Driver Inspector
[2013/04/25 09:00:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\Dell Support Center
[2013/04/22 11:38:46 | 000,080,247 | ---- | M] () -- C:\Documents and Settings\Chris\My Documents\600px-Brosen_windrose_Full.svg.png
[2013/04/19 20:00:00 | 000,000,418 | ---- | M] () -- C:\WINDOWS\tasks\At26.job
[2013/04/19 20:00:00 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At2.job
[2013/04/18 05:25:47 | 000,885,975 | ---- | M] () -- C:\Documents and Settings\Chris\Desktop\Chris Cartwright PVG.pdf
[2013/04/17 04:10:40 | 000,691,592 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2013/04/17 04:10:40 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2013/04/16 17:12:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\Windows PowerShell 1.0
[2013/04/16 17:02:16 | 000,000,706 | ---- | M] () -- C:\Documents and Settings\Chris\My Documents\CleanSilverlight.cmd
[24 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[14 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
========== Files Created - No Company Name ==========
[2013/05/11 16:29:12 | 000,116,782 | ---- | C] () -- C:\WINDOWS\system32\config\systemprofile\Application Data\2433f433
[2013/05/11 16:29:11 | 000,116,755 | ---- | C] () -- C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\2433f433
[2013/05/11 16:29:11 | 000,116,747 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\2433f433
[2013/04/30 15:17:23 | 000,129,576 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2013/04/28 13:41:22 | 000,000,802 | ---- | C] () -- C:\Documents and Settings\Chris\Desktop\trials2_low.exe.lnk
[2013/04/25 17:52:32 | 000,276,008 | ---- | C] () -- C:\Documents and Settings\Chris\Desktop\bookmarks .html
[2013/04/25 15:05:39 | 000,000,568 | ---- | C] () -- C:\WINDOWS\tasks\PCDoctorBackgroundMonitorTask.job
[2013/04/25 15:05:37 | 000,000,506 | ---- | C] () -- C:\WINDOWS\tasks\SystemToolsDailyTest.job
[2013/04/25 15:05:20 | 000,000,788 | ---- | C] () -- C:\Documents and Settings\LocalService\Start Menu\Programs\Windows Media Player.lnk
[2013/04/25 11:42:53 | 000,002,064 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Driver Inspector.lnk
[2013/04/22 11:38:44 | 000,080,247 | ---- | C] () -- C:\Documents and Settings\Chris\My Documents\600px-Brosen_windrose_Full.svg.png
[2013/04/18 05:25:47 | 000,885,975 | ---- | C] () -- C:\Documents and Settings\Chris\Desktop\Chris Cartwright PVG.pdf
[2013/04/16 17:12:48 | 000,001,374 | ---- | C] () -- C:\WINDOWS\imsins.BAK
[2013/04/16 17:02:16 | 000,000,706 | ---- | C] () -- C:\Documents and Settings\Chris\My Documents\CleanSilverlight.cmd
[2012/12/04 09:36:57 | 000,047,987 | ---- | C] () -- C:\Documents and Settings\Chris\orchard1.jpg
[2012/09/15 12:17:10 | 000,021,504 | ---- | C] () -- C:\WINDOWS\jestertb.dll
[2012/03/14 05:46:55 | 000,224,282 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-S-1-5-21-1381835960-4241067638-2893470200-1005-0.dat
[2012/03/14 05:46:44 | 000,224,282 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat
[2011/12/03 19:23:58 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Chris\Local Settings\Application Data\{2563EFFB-83AC-48D0-B015-958E2E3A1995}
[2011/10/29 05:22:35 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Chris\Local Settings\Application Data\{332581EF-AD9C-4813-A416-0D2699B8DA44}
[2011/09/01 13:41:20 | 000,000,008 | RHS- | C] () -- C:\Documents and Settings\Chris\ntuser.pol
[2011/05/13 16:11:29 | 000,001,348 | -HS- | C] () -- C:\Documents and Settings\Chris\Local Settings\Application Data\13nnf18pd0364y8w46p0i346m583t86kk1odd1c8w0
[2011/05/13 16:11:29 | 000,001,348 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\13nnf18pd0364y8w46p0i346m583t86kk1odd1c8w0
[2011/02/10 00:03:48 | 000,000,314 | ---- | C] () -- C:\WINDOWS\primopdf.ini
[2010/09/07 11:14:52 | 000,180,624 | ---- | C] () -- C:\WINDOWS\System32\Primomonnt.dll
[2010/08/04 05:07:07 | 000,077,374 | ---- | C] () -- C:\WINDOWS\hpqins05.dat
[2010/04/19 19:53:33 | 000,000,797 | ---- | C] () -- C:\Documents and Settings\Chris\Application Data\Launch Internet Explorer Browser.lnk
[2010/04/19 03:28:07 | 000,012,182 | -HS- | C] () -- C:\Documents and Settings\Chris\Local Settings\Application Data\w3u38AFn
[2010/04/19 03:28:07 | 000,012,182 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\w3u38AFn
[2010/03/26 16:34:53 | 000,015,076 | -HS- | C] () -- C:\Documents and Settings\Fiona\Local Settings\Application Data\OgDBc43wel
[2010/03/26 16:34:53 | 000,015,076 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\OgDBc43wel
[2010/03/26 16:19:39 | 000,002,528 | ---- | C] () -- C:\Documents and Settings\Fiona\Application Data\$_hpcst$.hpc
[2010/03/23 09:26:48 | 000,201,512 | ---- | C] () -- C:\WINDOWS\System32\vpnapi.dll
[2010/03/23 09:17:40 | 000,197,416 | ---- | C] () -- C:\WINDOWS\System32\CSGina.dll
[2010/02/12 13:37:28 | 000,002,528 | ---- | C] () -- C:\Documents and Settings\LocalService\Application Data\$_hpcst$.hpc
[2010/01/13 22:41:00 | 000,309,248 | ---- | C] () -- C:\WINDOWS\System32\sqlite36_engine.dll
[2010/01/13 22:38:00 | 000,023,552 | ---- | C] () -- C:\WINDOWS\System32\DirectCOM.dll
[2009/12/08 08:32:43 | 000,000,053 | ---- | C] () -- C:\Documents and Settings\Chris\Local Settings\Application Data\mm-device-08.ini
[2009/11/03 08:41:39 | 000,019,518 | ---- | C] () -- C:\WINDOWS\hpqins13.dat
[2009/10/19 03:01:10 | 000,000,118 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI
[2009/06/16 07:56:58 | 000,002,528 | ---- | C] () -- C:\Documents and Settings\Chris\Application Data\$_hpcst$.hpc
[2009/05/13 16:07:00 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Fiona\Ÿ9Ÿ9
[2009/04/14 12:26:44 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2009/03/28 14:59:52 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Chris\Ÿ9Ÿ9
[2009/03/28 14:55:21 | 000,262,144 | ---- | C] () -- C:\WINDOWS\System32\MFSLib2888.dll
[2009/03/28 14:55:21 | 000,139,264 | ---- | C] () -- C:\WINDOWS\System32\MFSBaseLib2888.dll
[2009/01/08 14:46:57 | 000,352,256 | ---- | C] () -- C:\WINDOWS\System32\rbvss.exe
[2008/07/09 16:22:32 | 000,038,425 | ---- | C] () -- C:\Documents and Settings\Fiona\Application Data\mdb.bin
[2008/05/26 16:59:42 | 000,018,904 | ---- | C] () -- C:\WINDOWS\System32\structuredqueryschematrivial.bin
[2008/05/26 16:59:40 | 000,106,605 | ---- | C] () -- C:\WINDOWS\System32\structuredqueryschema.bin
[2007/12/20 02:27:31 | 000,002,907 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2007/09/27 05:51:02 | 000,020,698 | ---- | C] () -- C:\WINDOWS\System32\idxcntrs.ini
[2007/09/27 05:48:48 | 000,030,628 | ---- | C] () -- C:\WINDOWS\System32\gsrvctr.ini
[2007/09/27 05:48:28 | 000,031,698 | ---- | C] () -- C:\WINDOWS\System32\gthrctr.ini
[2007/09/01 03:29:56 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\instlsp.exe
[2007/04/20 15:37:54 | 000,000,037 | ---- | C] () -- C:\WINDOWS\iltwain.ini
[2007/01/08 18:19:28 | 000,082,044 | ---- | C] () -- C:\Documents and Settings\Chris\c5_1.prn
[2006/12/10 16:10:14 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2006/12/07 05:51:20 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Fiona\Application Data\wklnhst.dat
[2006/12/06 14:55:24 | 000,061,952 | ---- | C] () -- C:\Documents and Settings\Chris\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2006/11/30 17:25:15 | 000,040,156 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2006/11/30 12:59:24 | 000,086,214 | ---- | C] () -- C:\WINDOWS\System32\EPPICPrinterDB.dat
[2006/11/30 12:59:24 | 000,026,154 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern1.dat
[2006/11/30 12:59:24 | 000,024,903 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern3.dat
[2006/11/30 12:59:24 | 000,021,390 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern5.dat
[2006/11/30 12:59:24 | 000,020,148 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern2.dat
[2006/11/30 12:59:24 | 000,011,811 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern4.dat
[2006/11/30 12:59:24 | 000,004,943 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern6.dat
[2006/11/30 12:59:24 | 000,001,146 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_DU.dat
[2006/11/30 12:59:24 | 000,001,139 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_PT.dat
[2006/11/30 12:59:24 | 000,001,139 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_BP.dat
[2006/11/30 12:59:24 | 000,001,136 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_ES.dat
[2006/11/30 12:59:24 | 000,001,129 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_FR.dat
[2006/11/30 12:59:24 | 000,001,129 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_CF.dat
[2006/11/30 12:59:24 | 000,001,120 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_IT.dat
[2006/11/30 12:59:24 | 000,001,107 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_GE.dat
[2006/11/30 12:59:24 | 000,001,104 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_EN.dat
[2006/11/30 12:59:24 | 000,000,099 | ---- | C] () -- C:\WINDOWS\System32\PICSDK.ini
[2006/11/30 12:58:52 | 000,000,025 | ---- | C] () -- C:\WINDOWS\CDED68PE.ini
[2006/11/22 16:47:50 | 000,000,002 | ---- | C] () -- C:\WINDOWS\msoffice.ini
[2006/11/22 15:59:16 | 000,005,642 | -HS- | C] () -- C:\WINDOWS\System32\KGyGaAvL.sys
[2006/11/22 15:59:16 | 000,000,168 | RHS- | C] () -- C:\WINDOWS\System32\7D77566AE0.sys
[2006/11/22 15:29:27 | 000,007,168 | ---- | C] () -- C:\Documents and Settings\Fiona\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2006/11/22 15:27:48 | 000,000,128 | ---- | C] () -- C:\Documents and Settings\Fiona\Local Settings\Application Data\fusioncache.dat
[2006/11/22 15:20:38 | 000,000,150 | ---- | C] () -- C:\Documents and Settings\Chris\Application Data\wklnhst.dat
[2006/11/22 15:12:46 | 000,000,128 | ---- | C] () -- C:\Documents and Settings\Chris\Local Settings\Application Data\fusioncache.dat
[2006/11/22 15:11:50 | 000,000,136 | ---- | C] () -- C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\fusioncache.dat
[2006/11/19 06:48:08 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2006/11/19 06:37:53 | 000,000,136 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2006/11/19 06:35:35 | 000,000,335 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2006/11/19 06:05:02 | 000,049,152 | ---- | C] () -- C:\WINDOWS\setpwrcg.exe
[2006/11/19 06:04:54 | 000,016,480 | ---- | C] () -- C:\WINDOWS\System32\rixdicon.dll
[2006/11/19 06:04:46 | 000,000,474 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2005/08/16 16:52:01 | 000,000,136 | ---- | C] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\fusioncache.dat
[2005/08/16 00:48:31 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2005/08/16 00:38:45 | 000,034,380 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2005/08/16 00:37:24 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2005/08/16 00:33:38 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2005/08/16 00:27:59 | 000,224,816 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2005/08/16 00:18:33 | 000,503,458 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2005/08/16 00:18:33 | 000,087,094 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2005/08/16 00:18:28 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2005/04/09 13:04:54 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2005/03/22 18:38:24 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2005/03/22 18:38:24 | 000,004,627 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2004/08/10 07:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2004/08/10 07:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2004/08/10 07:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2004/08/10 07:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2004/08/10 07:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2004/08/10 07:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004/08/10 07:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2004/08/10 00:11:42 | 000,235,008 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
========== LOP Check ==========
[2012/12/13 03:08:39 | 000,000,000 | ---D | M] -- C:\WINDOWS\system32\config\systemprofile\Application Data\AVG2013
[2012/03/30 06:06:30 | 000,000,000 | ---D | M] -- C:\WINDOWS\system32\config\systemprofile\Application Data\searchresults1
[2012/03/15 08:18:33 | 000,000,000 | ---D | M] -- C:\WINDOWS\system32\config\systemprofile\Application Data\searchresultstb
[2011/09/16 02:29:58 | 000,000,000 | ---D | M] -- C:\WINDOWS\system32\config\systemprofile\Application Data\Trusteer
[2010/02/08 06:18:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Chris\Application Data\Akadamia
[2010/03/23 18:57:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Chris\Application Data\Artweaver
[2011/12/04 19:58:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Chris\Application Data\AVG
[2012/12/13 03:13:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Chris\Application Data\AVG2013
[2010/04/19 06:27:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Chris\Application Data\AVG9
[2009/12/14 18:27:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Chris\Application Data\BBCiPlayerDesktop.61DB7A798358575D6A969CCD73DDBBD723A6DA9D.1
[2010/11/20 14:10:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Chris\Application Data\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2010/04/19 05:36:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Chris\Application Data\Cuheq
[2011/11/21 18:36:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Chris\Application Data\Digiarty
[2011/08/25 17:54:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Chris\Application Data\Dropbox
[2013/04/16 17:20:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Chris\Application Data\ElevatedDiagnostics
[2006/11/30 13:11:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Chris\Application Data\EPSON
[2011/11/25 18:29:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Chris\Application Data\HandBrake
[2007/11/08 18:38:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Chris\Application Data\iShell
[2013/03/27 17:43:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Chris\Application Data\JAM Software
[2006/11/22 18:14:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Chris\Application Data\Leadertech
[2011/08/16 18:01:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Chris\Application Data\MSNInstaller
[2010/10/09 05:26:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Chris\Application Data\NCH Swift Sound
[2010/04/19 02:54:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Chris\Application Data\Noreag
[2013/04/25 09:01:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Chris\Application Data\PCDr
[2011/01/09 16:15:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Chris\Application Data\PriceGong
[2013/03/25 19:19:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Chris\Application Data\PrimoPDF
[2012/05/03 12:27:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Chris\Application Data\Scribus
[2012/11/19 13:47:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Chris\Application Data\searchresults1
[2012/11/19 13:46:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Chris\Application Data\searchresultstb
[2010/10/28 06:26:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Chris\Application Data\Stellarium
[2006/12/07 18:12:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Chris\Application Data\Template
[2009/09/25 15:58:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Chris\Application Data\Trusteer
[2012/12/13 03:07:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Chris\Application Data\TuneUp Software
[2009/12/06 20:35:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Chris\Application Data\Uniblue
[2008/08/10 15:20:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Chris\Application Data\Viewpoint
[2010/04/21 07:56:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Chris\Application Data\Windows Desktop Search
[2010/04/21 08:22:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Chris\Application Data\Windows Search
[2007/08/31 06:15:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Fiona\Application Data\AVG7
[2012/09/29 10:07:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Fiona\Application Data\searchresults1
[2012/09/29 10:07:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Fiona\Application Data\searchresultstb
[2006/12/07 05:51:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Fiona\Application Data\Template
[2009/10/18 14:34:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Fiona\Application Data\Trusteer
[2010/03/26 16:49:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Application Data\Trusteer
[2010/03/23 18:57:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Artweaver
[2013/01/25 16:06:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG January 2013 Campaign
[2011/12/04 17:01:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG10
[2012/12/28 08:25:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG2013
[2010/10/17 07:20:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\avg9
[2010/10/17 07:52:24 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Common Files
[2013/04/25 11:44:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Driver Inspector
[2011/12/24 10:46:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Driver Manager
[2012/02/09 07:05:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\dvdfab
[2009/12/03 19:55:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\IObit
[2009/12/08 08:46:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Memory-Map-License
[2013/05/02 04:09:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MFAData
[2010/10/09 05:27:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NCH Swift Sound
[2013/04/25 09:01:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PCDr
[2009/01/08 14:46:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PliE6QGS
[2012/11/08 16:29:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SecTaskMan
[2011/12/04 19:58:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2009/09/25 15:58:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Trusteer
[2013/04/25 11:44:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\UAB
[2006/11/30 13:01:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\UDL
[2006/11/19 06:36:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
[2011/01/09 15:32:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\xml_param
[2011/06/11 16:26:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2010/02/12 11:10:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2013/05/11 19:37:04 | 000,000,416 | ---- | M] () -- C:\WINDOWS\Tasks\At1.job
[2013/05/10 04:00:00 | 000,000,416 | ---- | M] () -- C:\WINDOWS\Tasks\At10.job
[2013/05/11 05:00:00 | 000,000,416 | ---- | M] () -- C:\WINDOWS\Tasks\At11.job
[2013/05/10 06:00:00 | 000,000,416 | ---- | M] () -- C:\WINDOWS\Tasks\At12.job
[2013/05/11 07:00:00 | 000,000,416 | ---- | M] () -- C:\WINDOWS\Tasks\At13.job
[2013/05/08 08:00:00 | 000,000,416 | ---- | M] () -- C:\WINDOWS\Tasks\At14.job
[2013/05/08 09:00:00 | 000,000,416 | ---- | M] () -- C:\WINDOWS\Tasks\At15.job
[2013/05/09 10:01:12 | 000,000,416 | ---- | M] () -- C:\WINDOWS\Tasks\At16.job
[2013/05/11 12:09:12 | 000,000,416 | ---- | M] () -- C:\WINDOWS\Tasks\At17.job
[2013/05/09 12:00:00 | 000,000,416 | ---- | M] () -- C:\WINDOWS\Tasks\At18.job
[2013/04/30 13:00:00 | 000,000,416 | ---- | M] () -- C:\WINDOWS\Tasks\At19.job
[2013/04/19 20:00:00 | 000,000,416 | ---- | M] () -- C:\WINDOWS\Tasks\At2.job
[2013/05/02 14:00:00 | 000,000,416 | ---- | M] () -- C:\WINDOWS\Tasks\At20.job
[2013/05/09 15:00:00 | 000,000,416 | ---- | M] () -- C:\WINDOWS\Tasks\At21.job
[2013/05/09 16:00:00 | 000,000,416 | ---- | M] () -- C:\WINDOWS\Tasks\At22.job
[2013/05/11 17:00:01 | 000,000,416 | ---- | M] () -- C:\WINDOWS\Tasks\At23.job
[2013/05/09 18:00:00 | 000,000,416 | ---- | M] () -- C:\WINDOWS\Tasks\At24.job
[2013/05/11 19:34:00 | 000,000,418 | ---- | M] () -- C:\WINDOWS\Tasks\At25.job
[2013/04/19 20:00:00 | 000,000,418 | ---- | M] () -- C:\WINDOWS\Tasks\At26.job
[2013/02/21 22:00:00 | 000,000,418 | ---- | M] () -- C:\WINDOWS\Tasks\At27.job
[2013/02/23 23:00:00 | 000,000,418 | ---- | M] () -- C:\WINDOWS\Tasks\At28.job
[2013/02/09 00:00:00 | 000,000,418 | ---- | M] () -- C:\WINDOWS\Tasks\At29.job
[2013/02/21 22:00:00 | 000,000,416 | ---- | M] () -- C:\WINDOWS\Tasks\At3.job
[2013/02/09 01:00:00 | 000,000,418 | ---- | M] () -- C:\WINDOWS\Tasks\At30.job
[2012/10/31 02:00:00 | 000,000,418 | ---- | M] () -- C:\WINDOWS\Tasks\At31.job
[2013/03/07 03:00:00 | 000,000,418 | ---- | M] () -- C:\WINDOWS\Tasks\At32.job
[2013/04/14 03:00:00 | 000,000,418 | ---- | M] () -- C:\WINDOWS\Tasks\At33.job
[2013/05/10 04:00:00 | 000,000,418 | ---- | M] () -- C:\WINDOWS\Tasks\At34.job
[2013/05/11 05:00:00 | 000,000,418 | ---- | M] () -- C:\WINDOWS\Tasks\At35.job
[2013/05/10 06:00:00 | 000,000,418 | ---- | M] () -- C:\WINDOWS\Tasks\At36.job
[2013/05/11 07:00:00 | 000,000,418 | ---- | M] () -- C:\WINDOWS\Tasks\At37.job
[2013/05/08 08:00:00 | 000,000,418 | ---- | M] () -- C:\WINDOWS\Tasks\At38.job
[2013/05/08 09:00:00 | 000,000,418 | ---- | M] () -- C:\WINDOWS\Tasks\At39.job
[2013/02/23 23:00:00 | 000,000,416 | ---- | M] () -- C:\WINDOWS\Tasks\At4.job
[2013/05/09 10:01:13 | 000,000,418 | ---- | M] () -- C:\WINDOWS\Tasks\At40.job
[2013/05/11 12:09:13 | 000,000,418 | ---- | M] () -- C:\WINDOWS\Tasks\At41.job
[2013/05/09 12:00:00 | 000,000,418 | ---- | M] () -- C:\WINDOWS\Tasks\At42.job
[2013/04/30 13:00:00 | 000,000,418 | ---- | M] () -- C:\WINDOWS\Tasks\At43.job
[2013/05/02 14:00:00 | 000,000,418 | ---- | M] () -- C:\WINDOWS\Tasks\At44.job
[2013/05/09 15:00:00 | 000,000,418 | ---- | M] () -- C:\WINDOWS\Tasks\At45.job
[2013/05/09 16:00:00 | 000,000,418 | ---- | M] () -- C:\WINDOWS\Tasks\At46.job
[2013/05/11 17:00:02 | 000,000,418 | ---- | M] () -- C:\WINDOWS\Tasks\At47.job
[2013/05/09 18:00:00 | 000,000,418 | ---- | M] () -- C:\WINDOWS\Tasks\At48.job
[2013/02/09 00:00:00 | 000,000,416 | ---- | M] () -- C:\WINDOWS\Tasks\At5.job
[2013/02/09 01:00:00 | 000,000,416 | ---- | M] () -- C:\WINDOWS\Tasks\At6.job
[2012/10/31 02:00:00 | 000,000,416 | ---- | M] () -- C:\WINDOWS\Tasks\At7.job
[2013/03/07 03:00:00 | 000,000,416 | ---- | M] () -- C:\WINDOWS\Tasks\At8.job
[2013/04/14 03:00:00 | 000,000,416 | ---- | M] () -- C:\WINDOWS\Tasks\At9.job
[2013/04/25 15:05:41 | 000,000,568 | ---- | M] () -- C:\WINDOWS\Tasks\PCDoctorBackgroundMonitorTask.job
[2013/03/21 12:41:07 | 000,000,268 | ---- | M] () -- C:\WINDOWS\Tasks\prismDowngrade.job
[2013/01/11 10:02:03 | 000,000,268 | ---- | M] () -- C:\WINDOWS\Tasks\prismShakeIcon.job
[2013/05/11 07:07:04 | 000,000,406 | ---- | M] () -- C:\WINDOWS\Tasks\ReclaimerUpdateFiles_Chris.job
[2013/05/06 13:06:02 | 000,000,402 | ---- | M] () -- C:\WINDOWS\Tasks\ReclaimerUpdateXML_Chris.job
[2013/05/12 04:38:29 | 000,000,412 | ---- | M] () -- C:\WINDOWS\Tasks\RNUpgradeHelperLogonPrompt_Chris.job
[2013/01/08 10:18:11 | 000,000,278 | ---- | M] () -- C:\WINDOWS\Tasks\switchShakeIcon.job
[2013/05/11 07:00:00 | 000,000,506 | ---- | M] () -- C:\WINDOWS\Tasks\SystemToolsDailyTest.job
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 137 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:0B4227B4
@Alternate Data Stream - 105 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:C39E55C5
< End of report >