Hi,
First OTL log file here:
OTL logfile created on: 3/19/2014 10:43:44 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Clare\Desktop
Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16750)
Locale: 00000409 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy
3.46 Gb Total Physical Memory | 2.14 Gb Available Physical Memory | 61.85% Memory free
6.91 Gb Paging File | 5.46 Gb Available in Paging File | 78.97% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 231.96 Gb Total Space | 176.30 Gb Free Space | 76.00% Space Free | Partition Type: NTFS
Computer Name: CLARE-PC | User Name: Clare | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ========== PRC - [2014/03/19 22:36:54 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Clare\Desktop\OTL.exe
PRC - [2013/12/14 21:16:06 | 000,309,328 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe
PRC - [2013/09/02 06:45:00 | 001,654,520 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Internet Content Filter\UpdateService.exe
PRC - [2013/09/02 06:44:04 | 003,331,920 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Internet Content Filter\mfp.exe
PRC - [2013/09/02 06:44:04 | 002,048,504 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Internet Content Filter\mfeicfcore.exe
PRC - [2013/08/07 11:59:14 | 000,172,416 | ---- | M] (McAfee, Inc.) -- C:\Windows\System32\mfevtps.exe
PRC - [2013/08/07 11:55:26 | 000,169,320 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
PRC - [2013/08/02 00:52:57 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
PRC - [2012/11/23 02:48:41 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2012/07/24 19:26:54 | 000,040,960 | ---- | M] () -- C:\Users\Clare\AppData\Local\Programs\TouchFreeze\TouchFreeze.exe
PRC - [2011/08/18 00:33:26 | 000,659,296 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgrsx.exe
PRC - [2011/05/23 13:13:04 | 000,657,248 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgchsvx.exe
PRC - [2011/02/25 05:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2010/01/05 19:23:58 | 000,034,232 | ---- | M] (Broadcom Corporation) -- C:\Program Files\Dell\Dell ControlPoint\Security Manager\BcmDeviceAndTaskStatusService.exe
PRC - [2010/01/05 13:04:04 | 000,147,328 | ---- | M] (Wave Systems Corp.) -- C:\Program Files\Wave Systems Corp\Services Manager\DocMgr\bin\WavXDocMgr.exe
PRC - [2009/12/22 10:23:34 | 000,077,312 | ---- | M] (Smith Micro Software, Inc.) -- C:\Program Files\Dell\Dell ControlPoint\Connection Manager\SMManager.exe
PRC - [2009/12/10 12:44:26 | 001,327,392 | ---- | M] (Dell Inc.) -- C:\Program Files\Dell\Dell ControlPoint\System Manager\DCPSysMgr.exe
PRC - [2009/12/10 12:41:38 | 000,386,848 | ---- | M] (Dell Inc.) -- c:\Program Files\Dell\Dell ControlPoint\System Manager\DCPSysMgrSvc.exe
PRC - [2009/11/24 14:48:36 | 001,148,264 | ---- | M] (Wave Systems Corp.) -- C:\Program Files\Wave Systems Corp\Trusted Drive Manager\TdmService.exe
PRC - [2009/11/24 14:48:32 | 000,132,456 | ---- | M] (Wave Systems Corp.) -- C:\Program Files\Wave Systems Corp\Trusted Drive Manager\TdmNotify.exe
PRC - [2009/11/20 16:42:48 | 000,278,304 | ---- | M] (Dell Inc.) -- C:\Program Files\Dell\Dell ControlPoint\DCPButtonSvc.exe
PRC - [2009/11/02 10:40:54 | 000,657,920 | ---- | M] (Dell Inc.) -- C:\Program Files\Dell\Dell ControlPoint\Dell.ControlPoint.exe
PRC - [2009/09/21 13:55:12 | 000,858,384 | ---- | M] (Intel(R) Corporation) -- c:\Program Files\Intel\WiFi\bin\EvtEng.exe
PRC - [2009/09/21 13:31:36 | 000,473,360 | ---- | M] (Intel(R) Corporation) -- c:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
PRC - [2009/08/11 15:09:52 | 000,582,944 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
PRC - [2009/08/07 04:29:54 | 000,186,904 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
PRC - [2009/08/07 04:29:36 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
PRC - [2009/08/01 00:16:12 | 000,458,844 | ---- | M] (IDT, Inc.) -- C:\Program Files\IDT\WDM\sttray.exe
PRC - [2009/08/01 00:16:12 | 000,221,266 | ---- | M] (IDT, Inc.) -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_450b431403c091e3\stacsv.exe
PRC - [2009/06/24 19:19:50 | 000,140,520 | ---- | M] (CyberLink Corp.) -- C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe
PRC - [2009/06/19 22:57:40 | 000,249,856 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\Apoint.exe
PRC - [2009/05/15 16:33:40 | 001,803,512 | ---- | M] (AuthenTec, Inc.) -- C:\Program Files\Fingerprint Sensor\AtService.exe
PRC - [2009/02/01 08:15:38 | 000,049,152 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\ApntEx.exe
PRC - [2009/02/01 06:43:30 | 000,049,250 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\hidfind.exe
PRC - [2008/11/24 21:56:46 | 000,054,568 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\ApMsgFwd.exe
PRC - [2002/03/18 11:12:50 | 000,188,416 | ---- | M] (HP) -- C:\Windows\System32\spool\drivers\w32x86\3\hpztsb05.exe
========== Modules (No Company Name) ========== MOD - [2014/02/01 18:39:53 | 001,051,136 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\9a1bc983c28c695729b3e46acdc6933e\System.Management.ni.dll
MOD - [2014/02/01 18:36:48 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\ef0a534be135cd8f0d99d938d8b1814a\System.Windows.Forms.ni.dll
MOD - [2014/02/01 18:36:40 | 001,593,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\5aa44bce7933e4de09d935848f868a4b\System.Drawing.ni.dll
MOD - [2014/02/01 18:35:48 | 005,464,064 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\09db78d6068543df01862a023aca785a\System.Xml.ni.dll
MOD - [2014/02/01 18:35:38 | 000,978,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\29f3ae8d313e62b4daed1107ccd29f9f\System.Configuration.ni.dll
MOD - [2014/02/01 18:35:35 | 007,989,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\5d22a30e587e2cac106b81fb351e7c08\System.ni.dll
MOD - [2014/02/01 18:35:07 | 011,499,520 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\9a6c1b7af18b4d5a91dc7f8d6617522f\mscorlib.ni.dll
MOD - [2012/07/24 19:26:54 | 000,040,960 | ---- | M] () -- C:\Users\Clare\AppData\Local\Programs\TouchFreeze\TouchFreeze.exe
MOD - [2012/07/24 19:26:54 | 000,034,304 | ---- | M] () -- C:\Users\Clare\AppData\Local\Programs\TouchFreeze\TouchFreeze.dll
MOD - [2010/03/22 20:09:12 | 000,046,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\Status Lib\1.6.453.27565__f25c74fcad379103\Status Lib.dll
MOD - [2010/03/22 20:09:12 | 000,014,240 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\StatusInterfaces\1.6.453.27562__4ca2a925deedf37d\StatusInterfaces.dll
MOD - [2009/11/19 14:47:10 | 000,249,856 | ---- | M] () -- C:\Windows\System32\wxvault.dll
MOD - [2009/11/13 07:17:00 | 000,010,752 | ---- | M] () -- C:\Windows\System32\Wavx_ESC_Logging.dll
MOD - [2008/11/12 12:24:40 | 000,004,608 | ---- | M] () -- C:\Program Files\NTRU Cryptosystems\NTRU TCG Software Stack\bin\TspPopup_ENU.dll
========== Services (SafeList) ========== SRV - [2014/03/17 22:28:09 | 000,257,928 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/09/02 06:45:00 | 001,654,520 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Internet Content Filter\UpdateService.exe -- (mfeicfupdate)
SRV - [2013/09/02 06:44:04 | 002,048,504 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Internet Content Filter\mfeicfcore.exe -- (mfeicfcore)
SRV - [2013/08/07 11:59:14 | 000,172,416 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Windows\System32\mfevtps.exe -- (mfevtp)
SRV - [2013/08/07 11:55:26 | 000,169,320 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe -- (mfefire)
SRV - [2013/07/25 07:52:52 | 000,162,672 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013/05/27 04:57:27 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2012/01/31 15:02:52 | 007,391,072 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Stopped] -- C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe -- (AVGIDSAgent)
SRV - [2011/02/08 04:33:42 | 000,269,520 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Stopped] -- C:\Program Files\AVG\AVG10\avgwdsvc.exe -- (avgwd)
SRV - [2010/12/18 21:22:11 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2009/12/22 10:23:34 | 000,077,312 | ---- | M] (Smith Micro Software, Inc.) [Auto | Running] -- C:\Program Files\Dell\Dell ControlPoint\Connection Manager\SMManager.exe -- (SMManager)
SRV - [2009/12/10 12:41:38 | 000,386,848 | ---- | M] (Dell Inc.) [Auto | Running] -- c:\Program Files\Dell\Dell ControlPoint\System Manager\DCPSysMgrSvc.exe -- (dcpsysmgrsvc)
SRV - [2009/11/24 14:48:36 | 001,148,264 | ---- | M] (Wave Systems Corp.) [Auto | Running] -- C:\Program Files\Wave Systems Corp\Trusted Drive Manager\TdmService.exe -- (TdmService)
SRV - [2009/11/20 16:42:48 | 000,278,304 | ---- | M] (Dell Inc.) [Auto | Running] -- C:\Program Files\Dell\Dell ControlPoint\DCPButtonSvc.exe -- (buttonsvc32)
SRV - [2009/11/18 15:35:48 | 001,032,192 | ---- | M] (Wave Systems Corp.) [On_Demand | Stopped] -- C:\Program Files\Wave Systems Corp\Secure Storage Manager\SecureStorageService.exe -- (SecureStorageService)
SRV - [2009/09/21 13:55:12 | 000,858,384 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- c:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng)
SRV - [2009/09/21 13:31:36 | 000,473,360 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- c:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc)
SRV - [2009/08/11 15:09:52 | 000,582,944 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins)
SRV - [2009/08/07 04:29:36 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON)
SRV - [2009/08/01 00:16:12 | 000,221,266 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_450b431403c091e3\stacsv.exe -- (STacSV)
SRV - [2009/07/14 01:16:15 | 000,016,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\StorSvc.dll -- (StorSvc)
SRV - [2009/07/14 01:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/14 01:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009/05/15 16:33:40 | 001,803,512 | ---- | M] (AuthenTec, Inc.) [Auto | Running] -- C:\Program Files\Fingerprint Sensor\AtService.exe -- (ATService)
SRV - [2008/11/12 12:25:48 | 001,273,856 | ---- | M] () [Auto | Stopped] -- C:\Program Files\NTRU Cryptosystems\NTRU TCG Software Stack\bin\tcsd_win32.exe -- (tcsd_win32.exe)
========== Driver Services (SafeList) ========== DRV - File not found [Kernel | On_Demand | Stopped] -- System32\Drivers\NvtSp50.sys -- (NvtSp50)
DRV - [2013/08/07 11:59:26 | 000,213,232 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\mfewfpk.sys -- (mfewfpk)
DRV - [2013/08/07 11:56:38 | 000,568,632 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\mfehidk.sys -- (mfehidk)
DRV - [2013/08/07 11:55:38 | 000,365,224 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mfefirek.sys -- (mfefirek)
DRV - [2013/08/07 11:54:36 | 000,235,520 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mfeavfk.sys -- (mfeavfk)
DRV - [2013/08/07 11:53:54 | 000,133,992 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mfeapfk.sys -- (mfeapfk)
DRV - [2012/11/12 04:47:48 | 000,255,968 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgldx86.sys -- (Avgldx86)
DRV - [2011/05/27 18:05:32 | 000,134,480 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AVGIDSDriver.sys -- (AVGIDSDriver)
DRV - [2011/04/04 23:59:56 | 000,297,168 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgtdix.sys -- (Avgtdix)
DRV - [2011/03/16 15:03:20 | 000,032,592 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\System32\drivers\avgrkx86.sys -- (Avgrkx86)
DRV - [2011/03/01 13:25:18 | 000,034,896 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\System32\drivers\avgmfx86.sys -- (Avgmfx86)
DRV - [2011/02/22 07:12:50 | 000,022,992 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\AVGIDSEH.sys -- (AVGIDSEH)
DRV - [2011/02/10 06:53:42 | 000,021,968 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AVGIDSShim.sys -- (AVGIDSShim)
DRV - [2011/02/10 06:53:40 | 000,024,144 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AVGIDSFilter.sys -- (AVGIDSFilter)
DRV - [2010/11/20 12:30:15 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus)
DRV - [2010/11/20 12:30:15 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
DRV - [2010/11/20 12:30:15 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc)
DRV - [2010/11/20 10:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010/11/20 09:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2010/11/20 09:14:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2010/11/20 09:14:41 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap)
DRV - [2010/10/23 05:56:54 | 000,084,336 | ---- | M] (Juniper Networks) [Kernel | System | Running] -- C:\Windows\System32\drivers\NEOFLTR_700_16899.SYS -- (NEOFLTR_700_16899)
DRV - [2010/01/05 13:03:58 | 000,211,328 | ---- | M] (Wave Systems Corp.) [File_System | Auto | Running] -- C:\Windows\System32\drivers\WavxDMgr.sys -- (WavxDMgr)
DRV - [2009/11/24 23:30:34 | 000,217,136 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Apfiltr.sys -- (ApfiltrService)
DRV - [2009/09/15 19:40:18 | 006,114,816 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NETw5s32.sys -- (NETw5s32)
DRV - [2009/08/01 00:16:12 | 000,409,088 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\stwrt.sys -- (STHDA)
DRV - [2009/07/14 00:18:07 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV - [2009/07/13 23:52:10 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vwifimp.sys -- (vwifimp)
DRV - [2009/07/13 23:45:33 | 000,083,456 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\serial.sys -- (Serial)
DRV - [2009/07/13 23:45:20 | 000,007,680 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\acpials.sys -- (acpials)
DRV - [2009/07/05 02:37:08 | 000,038,400 | ---- | M] (REDC) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rixdpe86.sys -- (rixdpcie)
DRV - [2009/07/02 16:50:16 | 000,047,104 | ---- | M] (REDC) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rimspe86.sys -- (rimspci)
DRV - [2009/07/01 03:28:28 | 000,049,152 | ---- | M] (REDC) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\risdpe86.sys -- (risdpcie)
DRV - [2009/06/26 00:58:10 | 000,048,128 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2009/06/26 00:25:58 | 000,038,400 | ---- | M] (REDC) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rixdptsk.sys -- (rismxdp)
DRV - [2009/06/26 00:10:48 | 000,044,544 | ---- | M] (REDC) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2009/05/26 19:12:36 | 000,122,368 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\IntcHdmi.sys -- (IntcHdmiAddService)
DRV - [2009/05/16 01:56:06 | 000,540,288 | ---- | M] (AuthenTec, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ATSwpWDF.sys -- (ATSwpWDF)
DRV - [2009/05/11 10:55:12 | 000,084,992 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\basp.sys -- (Blfp)
DRV - [2008/06/04 12:14:00 | 000,026,608 | ---- | M] (Dell Inc) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\PBADRV.sys -- (PBADRV)
========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" =
http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\..\SearchScopes\{DA3AD9F4-9AC3-4849-8864-B78AB9BC1487}: "URL" =
http://www.bing.com/search?q={searchTerms}&form=DLRDF8&pc=MDDR&src=IE-SearchBox
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-4264242866-4040763346-4289907682-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://g.uk.msn.com/USREL/2IE - HKU\S-1-5-21-4264242866-4040763346-4289907682-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://www.bbc.co.uk/newsIE - HKU\S-1-5-21-4264242866-4040763346-4289907682-1001\..\SearchScopes,DefaultScope = {DA3AD9F4-9AC3-4849-8864-B78AB9BC1487}
IE - HKU\S-1-5-21-4264242866-4040763346-4289907682-1001\..\SearchScopes\{0D257AF7-4790-4F4A-BC14-C622EE6D6118}: "URL" =
http://search.avg.com/route/?d=4b3d2cf0 ... =chrome&q={searchTerms}&lng={language}&ychte=us&nt=1
IE - HKU\S-1-5-21-4264242866-4040763346-4289907682-1001\..\SearchScopes\{1CB98906-8E2A-4238-BD61-51E6C4D4084F}: "URL" =
http://websearch.ask.com/redirect?clien ... &src=kw&q={searchTerms}&locale=&apn_ptnrs=U3&apn_dtid=OSJ000YYGB&apn_uid=02DB62DF-A731-44B3-9DB1-B5EBA6C277BC&apn_sauid=D9BA71EA-1A24-4E7B-AAE7-645566202C47
IE - HKU\S-1-5-21-4264242866-4040763346-4289907682-1001\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" =
http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}
IE - HKU\S-1-5-21-4264242866-4040763346-4289907682-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-4264242866-4040763346-4289907682-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ========== FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.21.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.21.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\3.0.40624.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010/12/03 19:37:35 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files\AVG\AVG10\Firefox4\ [2013/09/07 11:44:45 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010/12/03 19:37:35 | 000,000,000 | ---D | M]
========== Chrome ========== CHR - Extension: No name found = C:\Users\Clare\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\10.0.0.1409_0\
O1 HOSTS File: ([2009/06/10 21:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG10\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKU\S-1-5-21-4264242866-4040763346-4289907682-1001\..\Toolbar\WebBrowser: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O4 - HKLM..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe (Alps Electric Co., Ltd.)
O4 - HKLM..\Run: [DellConnectionManager] C:\Program Files\Dell\Dell ControlPoint\Connection Manager\Dell.UCM.exe (Smith Micro Software, Inc.)
O4 - HKLM..\Run: [DellControlPoint] C:\Program Files\Dell\Dell ControlPoint\Dell.ControlPoint.exe (Dell Inc.)
O4 - HKLM..\Run: [HPDJ Taskbar Utility] C:\Windows\System32\spool\drivers\w32x86\3\hpztsb05.exe (HP)
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4 - HKLM..\Run: [PDVDDXSrv] C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray.exe (IDT, Inc.)
O4 - HKLM..\Run: [USCService] C:\Program Files\Dell\Dell ControlPoint\Security Manager\BcmDeviceAndTaskStatusService.exe (Broadcom Corporation)
O4 - HKLM..\Run: [WavXMgr] C:\Program Files\Wave Systems Corp\Services Manager\DocMgr\bin\WavXDocMgr.exe (Wave Systems Corp.)
O4 - HKU\S-1-5-21-4264242866-4040763346-4289907682-1001..\Run: [TouchFreeze] C:\Users\Clare\AppData\Local\Programs\TouchFreeze\TouchFreeze.exe ()
O4 - HKU\.DEFAULT..\RunOnce: [SPReview] C:\Windows\System32\SPReview\SPReview.exe (Microsoft Corporation)
O4 - HKU\S-1-5-18..\RunOnce: [SPReview] C:\Windows\System32\SPReview\SPReview.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8 - Extra context menu item: Free YouTube to iPod Converter - C:\Users\Clare\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetoipodconverter.htm ()
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089}
http://office.microsoft.com/sites/produ ... wsdc32.cab (Microsoft Office Template and Media Control)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000}
http://download.macromedia.com/pub/shoc ... tor/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93}
http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab (Java Plug-in 10.21.2)
O16 - DPF: {CAFEEFAC-0017-0000-0021-ABCDEFFEDCBA}
http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab (Java Plug-in 1.7.0_21)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab (Java Plug-in 1.7.0_21)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7}
http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F}
https://sslvpn.delarue.com/dana-cached/ ... Client.cab (JuniperSetupClientControl Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{739F0FD0-2CBC-44D0-A234-3496567D9F66}: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{AB32F540-C2BA-4D8A-AE5E-54DB9C01614A}: DhcpNameServer = 192.168.1.254
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG10\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O30 - LSA: Authentication Packages - (wvauth) - C:\Windows\System32\wvauth.dll (Wave Systems Corp.)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 21:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{c80a2f2f-d93a-11e0-9717-904ce5cee7c4}\Shell - "" = AutoRun
O33 - MountPoints2\{c80a2f2f-d93a-11e0-9717-904ce5cee7c4}\Shell\AutoRun\command - "" = E:\laucher.exe
O33 - MountPoints2\E\Shell - "" = AutoRun
O33 - MountPoints2\E\Shell\AutoRun\command - "" = E:\laucher.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG10\avgchsvx.exe /sync)
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG10\avgrsx.exe /sync /restart)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ========== [2014/03/19 22:36:54 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Clare\Desktop\OTL.exe
[2014/03/19 18:20:21 | 000,000,000 | ---D | C] -- C:\MGADiagToolOutput
[2014/03/19 18:20:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Office Genuine Advantage
[2014/03/19 18:19:19 | 002,031,992 | ---- | C] (Microsoft Corporation) -- C:\Users\Clare\Desktop\MGADiag.exe
[3 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[3 C:\Users\Clare\Documents\*.tmp files -> C:\Users\Clare\Documents\*.tmp -> ]
========== Files - Modified Within 30 Days ========== [2014/03/19 22:36:54 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Clare\Desktop\OTL.exe
[2014/03/19 22:28:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014/03/19 22:18:00 | 000,000,886 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/03/19 22:10:07 | 000,025,424 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014/03/19 22:10:07 | 000,025,424 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014/03/19 22:07:34 | 000,000,000 | ---- | M] () -- C:\Users\Clare\AppData\Local\WavXMapDrive.bat
[2014/03/19 22:07:33 | 000,000,882 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/03/19 22:07:27 | 000,628,460 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2014/03/19 22:07:27 | 000,110,612 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2014/03/19 22:02:48 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/03/19 22:02:48 | 000,001,024 | ---- | M] () -- C:\.rnd
[2014/03/19 22:02:46 | 2783,313,920 | -HS- | M] () -- C:\hiberfil.sys
[2014/03/19 18:23:49 | 000,025,088 | ---- | M] () -- C:\Users\Clare\Desktop\codecheck.exe
[2014/03/19 18:19:19 | 002,031,992 | ---- | M] (Microsoft Corporation) -- C:\Users\Clare\Desktop\MGADiag.exe
[2014/03/19 18:13:14 | 000,468,480 | ---- | M] () -- C:\Users\Clare\Desktop\CKScanner.exe
[2014/03/18 20:49:00 | 000,001,073 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2014/03/17 22:28:09 | 000,692,616 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2014/03/17 22:28:09 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[3 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[3 C:\Users\Clare\Documents\*.tmp files -> C:\Users\Clare\Documents\*.tmp -> ]
========== Files Created - No Company Name ========== [2014/03/19 22:02:48 | 000,001,024 | ---- | C] () -- C:\.rnd
[2014/03/19 18:23:49 | 000,025,088 | ---- | C] () -- C:\Users\Clare\Desktop\codecheck.exe
[2014/03/19 18:13:14 | 000,468,480 | ---- | C] () -- C:\Users\Clare\Desktop\CKScanner.exe
[2014/01/25 18:21:54 | 000,206,945 | ---- | C] () -- C:\Users\Clare\AppData\Local\census.cache
[2014/01/25 18:21:49 | 000,128,592 | ---- | C] () -- C:\Users\Clare\AppData\Local\ars.cache
[2013/07/22 05:57:08 | 000,201,555 | ---- | C] () -- C:\Users\Clare\krakow8.pdf
[2013/07/22 05:56:55 | 000,202,053 | ---- | C] () -- C:\Users\Clare\krakow7.pdf
[2013/07/22 05:56:38 | 000,201,664 | ---- | C] () -- C:\Users\Clare\krakow5.pdf
[2013/07/22 05:56:25 | 000,201,956 | ---- | C] () -- C:\Users\Clare\krakow4.pdf
[2013/07/22 05:56:08 | 000,215,704 | ---- | C] () -- C:\Users\Clare\krakow3.pdf
[2013/07/22 05:55:53 | 000,216,422 | ---- | C] () -- C:\Users\Clare\krakow2.pdf
[2013/07/22 05:55:37 | 000,215,491 | ---- | C] () -- C:\Users\Clare\krakow1.pdf
[2013/07/22 05:55:14 | 000,216,326 | ---- | C] () -- C:\Users\Clare\BoardingPass.pdf
[2013/07/16 20:07:48 | 000,196,181 | ---- | C] () -- C:\Users\Clare\Tree_of_Life_by_graemeb.jpg
[2013/06/25 18:51:58 | 000,065,967 | ---- | C] () -- C:\Users\Clare\Certificate_of_Motor_Insurance_BCB9B8E3B7C6A51D1207668475B3483E.pdf
[2013/03/26 20:48:49 | 000,106,166 | ---- | C] () -- C:\Users\Clare\GT-I8160OKABTU-downloads.htm
[2012/12/27 20:59:21 | 001,163,206 | ---- | C] () -- C:\Users\Clare\25%20years%20recipe%20book.pdf
[2011/11/27 19:52:54 | 003,100,680 | ---- | C] () -- C:\Users\Clare\RedSaveCancel.pdf
[2011/09/01 15:42:21 | 000,004,096 | -H-- | C] () -- C:\Users\Clare\AppData\Local\keyfile3.drm
[2011/06/15 11:23:59 | 000,269,521 | ---- | C] () -- C:\Users\Clare\Philippines-50-(2010)-Sergio-Osmena-portrait-2.jpg
[2011/06/15 11:23:59 | 000,259,902 | ---- | C] () -- C:\Users\Clare\Philippines-20-(2010)-intaglio-denomination-tactility-detail-2.jpg
[2011/06/15 11:23:59 | 000,250,823 | ---- | C] () -- C:\Users\Clare\Philippines-1000-(2010)-intaglio-denomination-tactility.jpg
[2011/06/15 11:23:59 | 000,247,033 | ---- | C] () -- C:\Users\Clare\Philippines-50-(2010)-Sergio-Osmena-portrait.jpg
[2011/06/15 11:23:59 | 000,196,184 | ---- | C] () -- C:\Users\Clare\Philippines-1000-(2010)-undersea-world-detail.jpg
[2011/06/15 11:23:59 | 000,167,624 | ---- | C] () -- C:\Users\Clare\Philippines-1000-(2010)-watermark-detail.jpg
[2011/06/15 11:23:59 | 000,157,508 | ---- | C] () -- C:\Users\Clare\Philippines-50-(2010)-Sergio-Osmena-portrait-1.jpg
[2011/06/15 11:23:59 | 000,138,003 | ---- | C] () -- C:\Users\Clare\Philippines-50-(2010)-latent-image-detail-positive.jpg
[2011/06/15 11:23:59 | 000,136,867 | ---- | C] () -- C:\Users\Clare\Philippines-1000-(2010)-undersea-world-detail-1.jpg
[2011/06/15 11:23:59 | 000,126,152 | ---- | C] () -- C:\Users\Clare\Philippines-20-(2010)-intaglio-denomination-tactility-detail-1.jpg
[2011/06/15 11:23:59 | 000,125,376 | ---- | C] () -- C:\Users\Clare\Philippines-50-(2010)-latent-image-detail-negative.jpg
[2011/06/15 11:23:59 | 000,119,048 | ---- | C] () -- C:\Users\Clare\Philippines-200-(2010)-latent-image-detail-positive.jpg
[2011/06/15 11:23:59 | 000,100,117 | ---- | C] () -- C:\Users\Clare\Philippines-50-(2010)-lacework-border-detail.jpg
[2011/04/27 14:03:19 | 000,072,080 | ---- | C] () -- C:\Users\Clare\g2mdlhlpx.exe
[2010/11/17 17:53:17 | 000,000,036 | ---- | C] () -- C:\Users\Clare\AppData\Local\housecall.guid.cache
[2010/10/11 10:07:40 | 000,028,771 | -HS- | C] () -- C:\Users\Clare\Folder.jpg
[2010/10/11 10:07:40 | 000,007,225 | -HS- | C] () -- C:\Users\Clare\AlbumArtSmall.jpg
[2010/10/06 16:21:03 | 000,004,036 | ---- | C] () -- C:\Users\Clare\ikeaorder.pdf
[2010/03/26 18:55:56 | 000,000,000 | ---- | C] () -- C:\Users\Clare\AppData\Local\WavXMapDrive.bat
========== ZeroAccess Check ========== [2009/07/14 04:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/07/26 01:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 12:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/07/14 01:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
========== LOP Check ========== [2013/09/07 14:51:52 | 000,000,000 | ---D | M] -- C:\Users\Clare\AppData\Roaming\.minecraft
[2013/09/07 11:45:25 | 000,000,000 | ---D | M] -- C:\Users\Clare\AppData\Roaming\AVG10
[2010/03/26 18:55:56 | 000,000,000 | ---D | M] -- C:\Users\Clare\AppData\Roaming\Broadcom
[2013/09/07 14:49:50 | 000,000,000 | ---D | M] -- C:\Users\Clare\AppData\Roaming\Dropbox
[2011/02/10 17:01:32 | 000,000,000 | ---D | M] -- C:\Users\Clare\AppData\Roaming\DVDVideoSoftIEHelpers
[2011/03/24 17:12:46 | 000,000,000 | ---D | M] -- C:\Users\Clare\AppData\Roaming\GetRightToGo
[2010/10/24 20:19:09 | 000,000,000 | ---D | M] -- C:\Users\Clare\AppData\Roaming\ICAClient
[2011/01/18 12:08:01 | 000,000,000 | ---D | M] -- C:\Users\Clare\AppData\Roaming\Juniper Networks
[2013/09/07 11:26:25 | 000,000,000 | ---D | M] -- C:\Users\Clare\AppData\Roaming\TuneUp Software
[2010/03/26 18:55:56 | 000,000,000 | ---D | M] -- C:\Users\Clare\AppData\Roaming\Wave Systems Corp
[2013/09/07 11:45:26 | 000,000,000 | ---D | M] -- C:\Users\Connor itunes\AppData\Roaming\AVG10
[2010/10/17 19:09:16 | 000,000,000 | ---D | M] -- C:\Users\Connor itunes\AppData\Roaming\Broadcom
[2010/10/17 19:09:16 | 000,000,000 | ---D | M] -- C:\Users\Connor itunes\AppData\Roaming\Wave Systems Corp
[2013/09/07 11:45:26 | 000,000,000 | ---D | M] -- C:\Users\Connors Itunes\AppData\Roaming\AVG10
[2013/04/01 16:13:04 | 000,000,000 | ---D | M] -- C:\Users\Connors Itunes\AppData\Roaming\Broadcom
[2012/12/11 18:27:52 | 000,000,000 | ---D | M] -- C:\Users\Connors Itunes\AppData\Roaming\TuneUp Software
[2013/04/01 16:13:05 | 000,000,000 | ---D | M] -- C:\Users\Connors Itunes\AppData\Roaming\Wave Systems Corp
[2012/12/11 18:27:52 | 000,000,000 | ---D | M] -- C:\Users\Default\AppData\Roaming\TuneUp Software
[2012/12/11 18:27:52 | 000,000,000 | ---D | M] -- C:\Users\Default User\AppData\Roaming\TuneUp Software
========== Purity Check ========== < End of report >