OTL logfile created on: 11/05/2013 21:28:42 - Run 4 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Barbara W\Desktop\Downloads Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy 2.00 Gb Total Physical Memory | 0.88 Gb Available Physical Memory | 44.15% Memory free 4.23 Gb Paging File | 2.35 Gb Available in Paging File | 55.46% Paging File free Paging file location(s): ?:\pagefile.sys %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 149.41 Gb Total Space | 18.74 Gb Free Space | 12.54% Space Free | Partition Type: NTFS Drive E: | 147.21 Gb Total Space | 65.96 Gb Free Space | 44.81% Space Free | Partition Type: NTFS Computer Name: WEBASIA | User Name: Barbara W | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2013/05/11 21:27:58 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Barbara W\Desktop\Downloads\OTL (1).exe PRC - [2013/04/29 00:40:06 | 001,345,008 | ---- | M] (Bitdefender) -- C:\Program Files\Bitdefender\Bitdefender 2013\vsserv.exe PRC - [2013/04/29 00:39:50 | 001,611,784 | ---- | M] (Bitdefender) -- C:\Program Files\Bitdefender\Bitdefender 2013\bdagent.exe PRC - [2013/03/28 21:11:33 | 000,055,984 | ---- | M] (Bitdefender) -- C:\Program Files\Bitdefender\Bitdefender 2013\updatesrv.exe PRC - [2013/03/21 23:50:35 | 001,312,720 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Chrome\Application\chrome.exe PRC - [2012/10/02 15:02:10 | 004,463,864 | ---- | M] (Emsisoft GmbH) -- C:\Program Files\Tall Emu\Online Armor\oasrv.exe PRC - [2012/10/02 15:02:10 | 002,415,104 | ---- | M] (Emsisoft GmbH) -- C:\Program Files\Tall Emu\Online Armor\oaui.exe PRC - [2012/10/02 15:02:06 | 001,248,144 | ---- | M] (Emsisoft GmbH) -- C:\Program Files\Tall Emu\Online Armor\oahlp.exe PRC - [2012/10/02 15:02:04 | 000,216,072 | ---- | M] (Emsisoft GmbH) -- C:\Program Files\Tall Emu\Online Armor\oacat.exe PRC - [2012/07/08 15:24:34 | 000,026,000 | ---- | M] (Uniblue Systems Limited) -- C:\Program Files\Uniblue\MaxiDisk\mdmonitor.exe PRC - [2012/02/29 07:03:02 | 000,249,440 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Windows\System32\spool\drivers\w32x86\3\E_FATIILE.EXE PRC - [2011/12/12 00:00:00 | 000,122,000 | ---- | M] (Seiko Epson Corporation) -- C:\Windows\System32\escsvc.exe PRC - [2011/07/28 14:00:36 | 000,053,248 | ---- | M] (Sage (UK) Limited) -- C:\Program Files\Common Files\Sage SData\Sage.SData.Service.exe PRC - [2010/07/07 02:51:10 | 000,380,928 | ---- | M] (AMD) -- C:\Windows\System32\atieclxx.exe PRC - [2010/07/07 02:50:42 | 000,176,128 | ---- | M] (AMD) -- C:\Windows\System32\atiesrxx.exe PRC - [2009/12/01 13:12:04 | 000,116,176 | ---- | M] (Toshiba Europe GmbH) -- C:\Program Files\Toshiba TEMPRO\TemproSvc.exe PRC - [2009/05/14 17:07:14 | 000,759,048 | ---- | M] (ABBYY) -- C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe PRC - [2009/04/11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2008/09/12 00:28:08 | 000,020,480 | ---- | M] (Intuit) -- C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe PRC - [2008/06/02 19:50:34 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe PRC - [2008/01/21 16:54:46 | 000,083,312 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe PRC - [2008/01/21 03:23:24 | 000,215,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\WindowsMobile\wmdSync.exe PRC - [2008/01/17 16:27:34 | 000,431,456 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe PRC - [2007/12/25 14:07:14 | 000,040,960 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\Toshiba\ConfigFree\CFSvcs.exe PRC - [2007/12/03 17:03:52 | 000,126,976 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\Toshiba\SMARTLogService\TosIPCSrv.exe PRC - [2007/11/21 18:23:32 | 000,129,632 | ---- | M] (TOSHIBA Corporation) -- C:\Windows\System32\TODDSrv.exe PRC - [2007/02/13 00:43:44 | 000,065,536 | ---- | M] (O2Micro International) -- C:\Program Files\O2Micro Flash Memory Card Driver\o2flash.exe PRC - [2006/12/19 18:23:20 | 000,094,208 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Program Files\Common Files\EPSON\EBAPI\eEBSvc.exe PRC - [2006/05/23 23:49:14 | 000,024,576 | ---- | M] (Syntek America Inc.) -- C:\Windows\System32\StkASv2K.exe [color=#E56717]========== Modules (No Company Name) ==========[/color] MOD - [2013/03/28 21:11:44 | 000,204,280 | ---- | M] () -- C:\Program Files\Bitdefender\Bitdefender 2013\txmlutil.dll MOD - [2013/03/21 23:50:33 | 000,390,096 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\26.0.1410.43\ppgooglenaclpluginchrome.dll MOD - [2013/03/21 23:50:32 | 012,662,224 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\26.0.1410.43\PepperFlash\pepflashplayer.dll MOD - [2013/03/21 23:50:31 | 004,050,896 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\26.0.1410.43\pdf.dll MOD - [2013/03/21 23:49:41 | 000,598,480 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\26.0.1410.43\libglesv2.dll MOD - [2013/03/21 23:49:40 | 000,124,368 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\26.0.1410.43\libegl.dll MOD - [2013/03/21 23:49:38 | 001,606,096 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\26.0.1410.43\ffmpegsumo.dll MOD - [2010/07/07 02:14:26 | 000,023,040 | ---- | M] () -- C:\Windows\System32\atitmpxx.dll [color=#E56717]========== Services (SafeList) ==========[/color] SRV - [2013/04/29 00:40:06 | 001,345,008 | ---- | M] (Bitdefender) [Auto | Running] -- C:\Program Files\Bitdefender\Bitdefender 2013\vsserv.exe -- (VSSERV) SRV - [2013/04/15 09:05:34 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [Disabled | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2013/03/28 21:11:33 | 000,055,984 | ---- | M] (Bitdefender) [Auto | Running] -- C:\Program Files\Bitdefender\Bitdefender 2013\updatesrv.exe -- (UPDATESRV) SRV - [2013/03/08 12:09:36 | 000,115,608 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2013/02/28 19:45:16 | 000,161,384 | R--- | M] (Skype Technologies) [Disabled | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2012/12/18 15:28:08 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Disabled | Stopped] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2012/10/02 15:02:10 | 004,463,864 | ---- | M] (Emsisoft GmbH) [Auto | Running] -- C:\Program Files\Tall Emu\Online Armor\oasrv.exe -- (SvcOnlineArmor) SRV - [2012/10/02 15:02:04 | 000,216,072 | ---- | M] (Emsisoft GmbH) [Auto | Running] -- C:\Program Files\Tall Emu\Online Armor\oacat.exe -- (OAcat) SRV - [2012/08/13 13:33:30 | 003,064,000 | ---- | M] (Skype Technologies S.A.) [Disabled | Stopped] -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service) SRV - [2012/07/08 15:24:34 | 000,030,096 | ---- | M] () [Disabled | Stopped] -- C:\Program Files\Uniblue\MaxiDisk\service.exe -- (Uniblue.MaxiDiskSvc) SRV - [2011/12/12 00:00:00 | 000,122,000 | ---- | M] (Seiko Epson Corporation) [Auto | Running] -- C:\Windows\System32\escsvc.exe -- (EpsonScanSvc) SRV - [2011/07/28 14:00:36 | 000,053,248 | ---- | M] (Sage (UK) Limited) [Auto | Running] -- C:\Program Files\Common Files\Sage SData\Sage.SData.Service.exe -- (Sage SData Service) SRV - [2011/06/13 22:09:22 | 000,267,568 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Fix it Center\Matsvc.exe -- (MatSvc) SRV - [2010/08/13 09:12:02 | 000,066,112 | ---- | M] (NOS Microsystems Ltd.) [Disabled | Stopped] -- C:\Program Files\NOS\bin\getPlus_Helper_3004.dll -- (nosGetPlusHelper) SRV - [2010/07/07 02:50:42 | 000,176,128 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility) SRV - [2009/12/01 13:12:04 | 000,116,176 | ---- | M] (Toshiba Europe GmbH) [Auto | Running] -- C:\Program Files\Toshiba TEMPRO\TemproSvc.exe -- (TemproMonitoringService) SRV - [2009/05/14 17:07:14 | 000,759,048 | ---- | M] (ABBYY) [Auto | Running] -- C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe -- (ABBYY.Licensing.FineReader.Sprint.9.0) SRV - [2008/09/12 00:28:08 | 000,020,480 | ---- | M] (Intuit) [Auto | Running] -- C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe -- (QBCFMonitorService) SRV - [2008/06/02 19:50:34 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) SRV - [2008/01/21 16:54:46 | 000,083,312 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe -- (TNaviSrv) SRV - [2008/01/21 03:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV - [2008/01/21 03:23:24 | 000,365,568 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm) SRV - [2008/01/21 03:23:24 | 000,167,936 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr) SRV - [2008/01/17 16:27:34 | 000,431,456 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe -- (TosCoSrv) SRV - [2007/12/25 14:07:14 | 000,040,960 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files\Toshiba\ConfigFree\CFSvcs.exe -- (ConfigFree Service) SRV - [2007/12/03 17:03:52 | 000,126,976 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\Toshiba\SMARTLogService\TosIPCSrv.exe -- (TOSHIBA SMART Log Service) SRV - [2007/11/21 18:23:32 | 000,129,632 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Windows\System32\TODDSrv.exe -- (TODDSrv) SRV - [2007/02/13 00:43:44 | 000,065,536 | ---- | M] (O2Micro International) [Auto | Running] -- C:\Program Files\O2Micro Flash Memory Card Driver\o2flash.exe -- (o2flash) SRV - [2007/02/08 16:13:46 | 000,212,480 | ---- | M] (Nokia.) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer) SRV - [2006/12/19 18:23:20 | 000,094,208 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\Program Files\Common Files\EPSON\EBAPI\eEBSvc.exe -- (EpsonBidirectionalService) SRV - [2006/10/09 22:01:00 | 000,071,184 | ---- | M] (Intuit Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe -- (QBFCService) SRV - [2006/08/23 17:39:48 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) [Disabled | Stopped] -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe -- (UleadBurningHelper) SRV - [2006/05/23 23:49:14 | 000,024,576 | ---- | M] (Syntek America Inc.) [Auto | Running] -- C:\Windows\System32\StkASv2K.exe -- (StkASSrv) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\tosrfusb.sys -- (Tosrfusb) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\tosrfsnd.sys -- (TosRfSnd) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\tosrfnds.sys -- (tosrfnds) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\Tosrfhid.sys -- (Tosrfhid) DRV - File not found [Kernel | On_Demand | Stopped] -- System32\Drivers\tosrfcom.sys -- (Tosrfcom) DRV - File not found [Kernel | On_Demand | Stopped] -- System32\Drivers\tosrfbnp.sys -- (tosrfbnp) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\tosrfbd.sys -- (tosrfbd) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\tosporte.sys -- (tosporte) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (NwlnkFwd) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (NwlnkFlt) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (IpInIp) DRV - [2013/04/29 00:39:38 | 000,633,344 | ---- | M] (BitDefender) [File_System | Boot | Running] -- C:\Windows\System32\drivers\avc3.sys -- (avc3) DRV - [2013/04/29 00:39:36 | 000,486,536 | ---- | M] (BitDefender) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\avckf.sys -- (avckf) DRV - [2013/03/28 21:09:42 | 000,162,976 | ---- | M] (BitDefender LLC) [File_System | Boot | Running] -- C:\Windows\System32\drivers\gzflt.sys -- (gzflt) DRV - [2012/11/12 18:11:11 | 000,066,392 | ---- | M] (BitDefender SRL) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\bdsandbox.sys -- (BDSandBox) DRV - [2012/11/02 14:17:14 | 000,242,504 | ---- | M] (BitDefender) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\avchv.sys -- (avchv) DRV - [2012/10/31 13:13:10 | 000,343,456 | ---- | M] (BitDefender S.R.L.) [File_System | Boot | Running] -- C:\Windows\System32\drivers\trufos.sys -- (trufos) DRV - [2012/10/02 15:03:04 | 000,044,992 | ---- | M] () [Kernel | System | Running] -- C:\Windows\System32\drivers\oahlp32.sys -- (oahlpXX) DRV - [2012/10/02 15:02:34 | 000,031,768 | ---- | M] (Emsisoft) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\OAnet.sys -- (OAnet) DRV - [2012/10/02 15:02:34 | 000,027,648 | ---- | M] (Emsisoft) [Kernel | System | Running] -- C:\Windows\System32\drivers\OAmon.sys -- (OAmon) DRV - [2012/10/02 15:02:32 | 000,208,320 | ---- | M] () [File_System | System | Running] -- C:\Windows\System32\drivers\OADriver.sys -- (OADevice) DRV - [2012/10/02 12:31:18 | 000,134,136 | ---- | M] (BitDefender LLC) [Kernel | System | Running] -- C:\Program Files\Bitdefender\Bitdefender 2013\bdselfpr.sys -- (bdselfpr) DRV - [2012/06/05 14:45:06 | 000,204,432 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RtHDMIV.sys -- (RTHDMIAzAudService) DRV - [2011/11/14 20:16:26 | 000,130,640 | ---- | M] (BitDefender LLC) [Kernel | System | Running] -- C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdftdif.sys -- (bdftdif) DRV - [2011/07/13 03:07:40 | 000,016,064 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tosrfec.sys -- (tosrfec) DRV - [2010/10/07 13:11:37 | 006,639,616 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NETwLv32.sys -- (NETwLv32) DRV - [2010/07/07 03:29:16 | 005,882,368 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag) DRV - [2010/07/07 03:29:16 | 005,882,368 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (amdkmdag) DRV - [2010/07/07 02:15:24 | 000,210,944 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmpag.sys -- (amdkmdap) DRV - [2010/05/31 19:58:33 | 006,638,080 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NETw5v32.sys -- (NETw5v32) DRV - [2009/08/23 16:00:52 | 000,101,904 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\AtiHdmi.sys -- (AtiHdmiService) DRV - [2009/04/11 05:42:52 | 000,031,616 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (winusb) DRV - [2008/10/09 16:42:42 | 000,017,408 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\KMWDFILTER.sys -- (KMWDFILTER) DRV - [2008/02/01 11:46:08 | 000,187,904 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CHDART.sys -- (CnxtHdAudAddService) DRV - [2008/01/21 15:42:24 | 000,285,184 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\tos_sps32.sys -- (tos_sps32) DRV - [2008/01/15 18:34:58 | 000,048,472 | ---- | M] (O2Micro ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\o2media.sys -- (O2MDRDR) DRV - [2007/12/17 11:45:20 | 000,018,432 | ---- | M] (Chicony Electronics Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\UVCFTR_S.SYS -- (UVCFTR) DRV - [2007/11/09 14:00:52 | 000,023,640 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\TVALZ_O.SYS -- (TVALZ) DRV - [2007/10/17 22:36:54 | 000,008,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio) DRV - [2007/09/26 05:12:22 | 002,251,776 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NETw4v32.sys -- (NETw4v32) DRV - [2007/04/09 16:13:00 | 000,008,192 | ---- | M] (TOSHIBA) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\QIOMem.sys -- (QIOMem) DRV - [2006/11/02 08:30:52 | 000,467,456 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\athr.sys -- (athr) DRV - [2006/10/18 12:50:04 | 000,016,128 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tdcmdpst.sys -- (tdcmdpst) DRV - [2006/09/26 20:01:36 | 000,241,628 | ---- | M] (Syntek America Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\StkAMini.sys -- (StkAMini) DRV - [2006/08/01 23:44:04 | 000,004,772 | ---- | M] (Syntek America Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\StkScan.sys -- (StkScan) DRV - [2006/06/09 09:38:24 | 000,006,909 | ---- | M] (Conexant Systems, Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\UIUSYS.SYS -- (UIUSys) DRV - [2000/06/09 20:31:52 | 000,037,376 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lvce.sys -- (QCEmerald) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com IE - HKLM\..\SearchScopes,DefaultScope = IE - HKLM\..\SearchScopes\{8544E86D-CA6D-4D1A-A14A-AF1B32938937}: "URL" = http://www.google.co.uk/search?q={searchTerms}&rls=com.microsoft:*:IE-SearchBox&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7; IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-21-2976862242-4023210721-710822804-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com IE - HKU\S-1-5-21-2976862242-4023210721-710822804-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore = IE - HKU\S-1-5-21-2976862242-4023210721-710822804-1001\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKU\S-1-5-21-2976862242-4023210721-710822804-1001\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-21-2976862242-4023210721-710822804-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKU\S-1-5-21-2976862242-4023210721-710822804-1001\..\SearchScopes\{59925257-1E3E-417A-BE85-03BAE0C8FE2A}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2832595&CUI=UN14232876943155018&UM=1 IE - HKU\S-1-5-21-2976862242-4023210721-710822804-1001\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.bing.com/search?q={searchTerms}&r=565 IE - HKU\S-1-5-21-2976862242-4023210721-710822804-1001\..\SearchScopes\{8544E86D-CA6D-4D1A-A14A-AF1B32938937}: "URL" = http://www.google.co.uk/search?q={searchTerms}&rls=com.microsoft:*:IE-SearchBox&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7; IE - HKU\S-1-5-21-2976862242-4023210721-710822804-1001\..\SearchScopes\{B016C819-1FD3-46EF-B5D2-C6990D704DCB}: "URL" = http://www.bing.com/search?q={searchTerms}&r= IE - HKU\S-1-5-21-2976862242-4023210721-710822804-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.search.defaultengine: "" FF - prefs.js..browser.search.defaulturl: "" FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..extensions.enabledAddons: %7B942cd1d4-9cc1-4d31-876a-ea8f489f7a59%7D:10.15.0.562 FF - prefs.js..browser.startup.homepage: FF - user.js - File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_6_602_180.dll () FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.17.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.17.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@nosltd.com/getPlus+(R),version=1.6.2.90: C:\Program Files\NOS\bin\np_gp.dll (NOS Microsystems Ltd.) FF - HKLM\Software\MozillaPlugins\@rayv.com/rayvplugin: C:\Program Files\RayV\RayV\plugins\nprayvplugin.dll (RayV) FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.448: C:\Program Files\VistaCodecPack\rm\browser\plugins\nppl3260.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.448: C:\Program Files\VistaCodecPack\rm\browser\plugins\nprpjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013/05/09 14:46:53 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013/05/09 14:46:53 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2013/03/06 12:08:57 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins [2010/07/22 21:40:28 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Barbara W\AppData\Roaming\Mozilla\Extensions [2010/07/22 21:40:28 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Barbara W\AppData\Roaming\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6} [2013/05/10 16:43:14 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Barbara W\AppData\Roaming\Mozilla\Firefox\Profiles\ks9zdnpz.default-1351360555011\extensions [2010/07/24 22:27:19 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Barbara W\AppData\Roaming\Mozilla\Sunbird\Profiles\5ed6t7c3.default\extensions [2013/03/08 12:09:24 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions [2013/03/19 22:33:31 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2013/03/08 12:09:24 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0039-ABCDEFFEDCBA} File not found (No name found) -- C:\USERS\BARBARA W\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KS9ZDNPZ.DEFAULT-1351360555011\EXTENSIONS\{942CD1D4-9CC1-4D31-876A-EA8F489F7A59} [2013/03/08 12:09:37 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll [2011/09/16 12:57:06 | 000,189,088 | ---- | M] ( ) -- C:\Program Files\mozilla firefox\plugins\npVividasPlayer.dll [2013/02/27 00:41:04 | 000,001,738 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-en-GB.xml [2013/02/27 00:41:04 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml [2013/02/27 00:41:04 | 000,001,148 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\chambers-en-GB.xml [2013/02/27 00:41:04 | 000,001,379 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-en-GB.xml [2013/02/27 00:41:04 | 000,002,086 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml [2013/02/27 00:41:04 | 000,001,334 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-en-GB.xml [color=#E56717]========== Chrome ==========[/color] CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter} CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\26.0.1410.43\PepperFlash\pepflashplayer.dll CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\26.0.1410.43\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\26.0.1410.43\pdf.dll CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll CHR - plugin: 2007 Microsoft Office system (Enabled) = C:\Program Files\Mozilla Firefox\plugins\NPOFF12.DLL CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll CHR - plugin: Vividas Player Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npVividasPlayer.dll CHR - plugin: getPlusPlus for Adobe 16290 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\np_gp.dll CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll CHR - plugin: Java(TM) Platform SE 7 U17 (Enabled) = C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll CHR - plugin: RayV Plugin (Enabled) = C:\Program Files\RayV\RayV\plugins\nprayvplugin.dll CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files\VistaCodecPack\rm\browser\plugins\nppl3260.dll CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files\VistaCodecPack\rm\browser\plugins\nprpjplug.dll CHR - plugin: Windows Presentation Foundation (Enabled) = C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32_11_6_602_180.dll CHR - plugin: Java Deployment Toolkit 7.0.170.2 (Enabled) = C:\Windows\system32\npDeployJava1.dll CHR - Extension: Skype Click to Call = C:\Users\Barbara W\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.6.0.11664_0\ O1 HOSTS File: ([2012/11/02 23:05:47 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\EPSON Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION) O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O2 - BHO: (no name) - AutorunsDisabled - No CLSID value found. O3 - HKLM\..\Toolbar: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\EPSON Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION) O4 - HKLM..\Run: [@OnlineArmor GUI] C:\Program Files\Tall Emu\Online Armor\oaui.exe (Emsisoft GmbH) O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) O4 - HKLM..\Run: [Bdagent] C:\Program Files\Bitdefender\Bitdefender 2013\bdagent.exe (Bitdefender) O4 - HKLM..\Run: [Windows Mobile-based device management] C:\Windows\WindowsMobile\wmdSync.exe (Microsoft Corporation) O4 - HKU\.DEFAULT..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe (Google Inc.) O4 - HKU\S-1-5-18..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe (Google Inc.) O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation) O4 - HKU\S-1-5-21-2976862242-4023210721-710822804-1001..\Run: [DesktopReminderByPolenter] C:\Program Files\Desktop-Reminder\DesktopReminder.exe (Polenter - Software Solutions) O4 - HKU\S-1-5-21-2976862242-4023210721-710822804-1001..\Run: [EPLTarget\P0000000000000000] C:\Windows\System32\spool\DRIVERS\W32X86\3\E_FATIILE.EXE (SEIKO EPSON CORPORATION) O4 - HKU\S-1-5-21-2976862242-4023210721-710822804-1001..\Run: [MaxiDisk] C:\Program Files\Uniblue\MaxiDisk\launcher.exe (Uniblue Systems Limited) O4 - Startup: C:\Users\Barbara W\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\A1Clean.lnk = C:\Program Files\A1Click Ultra PC Cleaner\A1Cleanr.exe () O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoPropertiesMyComputer = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFileAssociate = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: EnableShellExecuteHooks = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: VerboseStatus = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 0 O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-2976862242-4023210721-710822804-1001\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-2976862242-4023210721-710822804-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255 O7 - HKU\S-1-5-21-2976862242-4023210721-710822804-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoStartMenuPinnedList = 0 O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O16 - DPF: {CAFEEFAC-0016-0000-0039-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_39-windows-i586.cab (Java Plug-in 1.6.0_39) O16 - DPF: {CAFEEFAC-0017-0000-0013-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_13-windows-i586.cab (Java Plug-in 1.7.0_13) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_39-windows-i586.cab (Java Plug-in 10.17.2) O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 0.0.0.0 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{EED9C068-FD37-4C75-A00C-36ACAF1AAB63}: DhcpNameServer = 192.168.1.1 0.0.0.0 O18 - Protocol\Handler\AutorunsDisabled - No CLSID value found O18 - Protocol\Handler\AutorunsDisabled\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Handler\AutorunsDisabled\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation) O24 - Desktop WallPaper: C:\Users\Barbara W\Pictures\906.bmp O24 - Desktop BackupWallPaper: C:\Users\Barbara W\Pictures\906.bmp O28 - HKLM ShellExecuteHooks: {4F07DA45-8170-4859-9B5F-037EF2970034} - C:\Program Files\Tall Emu\Online Armor\oaevent.dll (Emsisoft GmbH) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2011/09/18 17:48:56 | 000,000,066 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) O34 - HKLM BootExecute: (DfSDKBt) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = ComFile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2013/05/11 16:13:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HD Tune [2013/05/11 16:13:32 | 000,000,000 | ---D | C] -- C:\Program Files\HD Tune [2013/05/11 11:03:23 | 000,000,000 | ---D | C] -- C:\Users\Barbara W\AppData\Local\{2D84A9BF-A860-4C3C-90D2-95BE79A553D9} [2013/05/10 19:56:25 | 000,000,000 | ---D | C] -- C:\Users\Barbara W\AppData\Local\FixItCenter [2013/05/10 19:32:45 | 000,000,000 | ---D | C] -- C:\Windows\MATS [2013/05/10 19:32:43 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Fix it Center [2013/05/10 13:19:37 | 000,000,000 | ---D | C] -- C:\Users\Barbara W\AppData\Local\{DBD511F6-F077-4206-B81A-9CCD7453BA9F} [2013/05/09 23:37:12 | 000,000,000 | ---D | C] -- C:\Users\Barbara W\AppData\Local\{B38DCA7E-E503-4796-AB0B-4D6B379B5A15} [2013/05/09 14:45:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime [2013/05/09 14:45:25 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime [2013/05/09 14:43:44 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple [2013/05/09 14:43:22 | 000,000,000 | ---D | C] -- C:\Program Files\Apple Software Update [2013/05/09 14:43:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple [2013/05/09 11:36:35 | 000,000,000 | ---D | C] -- C:\Users\Barbara W\AppData\Local\{F1CFEE9E-B989-4F60-9CE8-9363ECABB633} [2013/05/08 23:35:53 | 000,000,000 | ---D | C] -- C:\Users\Barbara W\AppData\Local\{1AE3B9C8-6A69-4BD6-9D86-CB63866933D5} [2013/05/08 11:35:03 | 000,000,000 | ---D | C] -- C:\Users\Barbara W\AppData\Local\{8B2A262D-BBCB-41BC-98E5-4BDBE0A08A8F} [2013/05/07 23:25:00 | 000,000,000 | ---D | C] -- C:\Users\Barbara W\AppData\Local\{3F0DE084-A35D-46F3-A52C-64DAE9805D1E} [2013/05/07 14:50:52 | 000,000,000 | ---D | C] -- C:\Users\Barbara W\Desktop\ACCOUNTING FOR EVERYONE 12 WEEK COURSE [2013/05/07 07:08:17 | 000,000,000 | ---D | C] -- C:\Users\Barbara W\AppData\Local\{4ACDF80F-3460-4D94-B7E3-6AC12E4B5D27} [2013/05/06 11:58:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Travelmanager UK and Ireland 2006, 2007 [2013/05/06 09:59:49 | 000,000,000 | ---D | C] -- C:\Users\Barbara W\AppData\Local\{E65E22B0-355D-4F6D-B5C7-6960634121B2} [2013/05/05 21:11:30 | 000,000,000 | ---D | C] -- C:\Users\Barbara W\AppData\Local\{1A0AADF8-3AF6-47DB-9337-AC1B40FE76D0} [2013/05/05 09:10:55 | 000,000,000 | ---D | C] -- C:\Users\Barbara W\AppData\Local\{3E4DA636-C9D3-4B93-A2EF-4CA4E03F6E5E} [2013/05/04 21:10:14 | 000,000,000 | ---D | C] -- C:\Users\Barbara W\AppData\Local\{63F57022-E488-4B87-BEB8-76E8CA5F6EE9} [2013/05/04 08:06:35 | 000,000,000 | ---D | C] -- C:\Users\Barbara W\AppData\Local\{C8FB4A6B-1441-4480-A738-9F12DC043495} [2013/05/03 13:57:07 | 000,000,000 | ---D | C] -- C:\Users\Barbara W\AppData\Local\{4D576F44-5629-4BF9-935A-E4066171F6D0} [2013/05/02 22:47:49 | 000,000,000 | ---D | C] -- C:\Users\Barbara W\AppData\Local\{B21D825A-65A3-485F-A679-2F08D5D841AD} [2013/05/02 21:00:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BoostSpeed PreActivated By XGX [2013/05/02 21:00:00 | 000,000,000 | ---D | C] -- C:\Program Files\BoostSpeed PreActivated By XGX [2013/05/02 20:51:17 | 000,000,000 | ---D | C] -- C:\Users\Barbara W\AppData\Roaming\player [2013/05/02 10:32:02 | 000,000,000 | ---D | C] -- C:\Users\Barbara W\AppData\Local\{FE9BF8BA-756A-4E70-99F7-C9942CCAF7AA} [2013/05/01 22:31:26 | 000,000,000 | ---D | C] -- C:\Users\Barbara W\AppData\Local\{0DE03EBC-06C9-45C0-B111-0CA86B686D5C} [2013/05/01 13:02:13 | 000,000,000 | ---D | C] -- C:\Users\Barbara W\AppData\Roaming\Epson [2013/05/01 12:40:43 | 000,055,808 | ---- | C] (SEIKO EPSON CORPORATION) -- C:\Windows\System32\EEBSDKIF.dll [2013/05/01 12:40:42 | 000,135,168 | ---- | C] (SEIKO EPSON CORPORATION) -- C:\Windows\System32\EEBAPI.dll [2013/05/01 12:40:42 | 000,110,592 | ---- | C] (SEIKO EPSON CORPORATION) -- C:\Windows\System32\EEBDSCVR.dll [2013/05/01 12:40:42 | 000,077,824 | ---- | C] (SEIKO EPSON CORPORATION) -- C:\Windows\System32\EBAPI.dll [2013/05/01 12:40:42 | 000,065,536 | ---- | C] (SEIKO EPSON CORPORATION) -- C:\Windows\System32\EEBUtil.dll [2013/05/01 12:32:43 | 000,000,000 | ---D | C] -- C:\Users\Barbara W\AppData\Local\ABBYY [2013/05/01 12:32:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ABBYY FineReader 9.0 Sprint [2013/05/01 12:31:42 | 000,000,000 | ---D | C] -- C:\Program Files\ABBYY FineReader 9.0 Sprint [2013/05/01 12:31:42 | 000,000,000 | ---D | C] -- C:\ProgramData\ABBYY [2013/05/01 12:31:42 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ABBYY [2013/05/01 12:30:19 | 000,000,000 | ---D | C] -- C:\ProgramData\UDL [2013/05/01 12:28:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epson Software [2013/05/01 12:26:36 | 000,476,027 | ---- | C] (SEIKO EPSON CORPORATION) -- C:\Windows\System32\ensppmon.dll [2013/05/01 12:26:36 | 000,458,310 | ---- | C] (SEIKO EPSON CORPORATION) -- C:\Windows\System32\ensppui.dll [2013/05/01 12:26:36 | 000,218,112 | ---- | C] (SEIKO EPSON CORPORATION) -- C:\Windows\System32\enspres.dll [2013/05/01 12:26:35 | 000,476,027 | ---- | C] (SEIKO EPSON CORPORATION) -- C:\Windows\System32\enppmon.dll [2013/05/01 12:26:35 | 000,458,310 | ---- | C] (SEIKO EPSON CORPORATION) -- C:\Windows\System32\enppui.dll [2013/05/01 12:26:35 | 000,218,112 | ---- | C] (SEIKO EPSON CORPORATION) -- C:\Windows\System32\enpres.dll [2013/05/01 12:26:35 | 000,000,000 | ---D | C] -- C:\Program Files\EpsonNet [2013/05/01 12:26:16 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\EPSON [2013/05/01 12:26:11 | 000,000,000 | ---D | C] -- C:\Program Files\EPSON Software [2013/05/01 12:24:27 | 000,008,192 | ---- | C] (SEIKO EPSON CORP.) -- C:\Windows\System32\E_DCINST.DLL [2013/05/01 12:24:22 | 000,095,232 | ---- | C] (SEIKO EPSON CORPORATION) -- C:\Windows\System32\E_FLBILE.DLL [2013/05/01 12:24:20 | 000,081,408 | ---- | C] (SEIKO EPSON CORPORATION) -- C:\Windows\System32\E_FD4BILE.DLL [2013/05/01 12:23:48 | 000,000,000 | ---D | C] -- C:\ProgramData\EPSON [2013/05/01 12:22:48 | 000,342,016 | ---- | C] (Seiko Epson Corporation) -- C:\Windows\System32\esw2ud.dll [2013/05/01 12:22:48 | 000,122,000 | ---- | C] (Seiko Epson Corporation) -- C:\Windows\System32\escsvc.exe [2013/05/01 12:22:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON [2013/05/01 12:22:41 | 000,000,000 | ---D | C] -- C:\Program Files\epson [2013/05/01 10:30:49 | 000,000,000 | ---D | C] -- C:\Users\Barbara W\AppData\Local\{99D4AAF4-7AD7-4F3D-B944-41859C01EC42} [2013/04/30 22:30:12 | 000,000,000 | ---D | C] -- C:\Users\Barbara W\AppData\Local\{AC266B12-F04E-4A36-9A8D-565B4784B2DD} [2013/04/30 07:36:49 | 000,000,000 | ---D | C] -- C:\Users\Barbara W\AppData\Local\{57AADA7C-D3BF-4FF0-B108-B690A94D2AE0} [2013/04/29 13:06:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickBooks [2013/04/29 13:03:51 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\AnswerWorks 4.0 [2013/04/29 12:56:56 | 000,000,000 | ---D | C] -- C:\Users\Barbara W\AppData\Local\{3131B728-44A7-4CFE-A525-8717A52A6EE3} [2013/04/28 08:41:21 | 000,000,000 | ---D | C] -- C:\Users\Barbara W\AppData\Local\{7EC34DAC-AAC4-4CDA-8CF1-360D7B282B78} [2013/04/27 20:00:33 | 000,000,000 | ---D | C] -- C:\Users\Barbara W\AppData\Local\{4F032D3B-6230-46FF-A437-FC0334A3A6F8} [2013/04/27 07:59:56 | 000,000,000 | ---D | C] -- C:\Users\Barbara W\AppData\Local\{06F2D2CE-157A-4AEB-BD7C-5D114772680B} [2013/04/26 19:59:19 | 000,000,000 | ---D | C] -- C:\Users\Barbara W\AppData\Local\{B0B74938-A50C-4CA7-A260-C5D09A33D15F} [2013/04/26 19:45:03 | 000,000,000 | ---D | C] -- C:\Users\Barbara W\AppData\Local\{4C297EAC-72F8-4F31-A2AA-F431BD599734} [2013/04/26 07:16:22 | 000,000,000 | ---D | C] -- C:\Users\Barbara W\AppData\Local\{4BE7B36A-78CF-4E17-A2E8-7367AA92C1D1} [2013/04/25 13:23:56 | 000,000,000 | ---D | C] -- C:\Users\Barbara W\AppData\Local\{99118B50-7721-47A5-8B4D-D37BB93FECEC} [2013/04/24 23:41:56 | 000,000,000 | ---D | C] -- C:\Users\Barbara W\AppData\Local\{51EFB1C0-0916-4BAF-B778-2A62DAC26B2E} [2013/04/24 07:56:57 | 000,000,000 | ---D | C] -- C:\Users\Barbara W\AppData\Local\{6682C5F4-C7AF-4CF5-B468-2B28211B3C96} [2013/04/23 23:49:27 | 000,198,656 | ---- | C] (CANON INC.) -- C:\Windows\System32\CNMLM8O.DLL [2013/04/23 10:32:01 | 000,000,000 | ---D | C] -- C:\Users\Barbara W\AppData\Local\{47AC08CD-C37C-445D-B571-4EAB8AE3ED3F} [2013/04/22 21:28:25 | 000,000,000 | ---D | C] -- C:\Users\Barbara W\AppData\Local\{58459AD0-C94A-4D83-AF2D-5ED62778AA27} [2013/04/22 08:57:13 | 000,000,000 | ---D | C] -- C:\Users\Barbara W\AppData\Local\{65F9F057-4337-4C63-8268-1A3C84586E07} [2013/04/21 20:56:33 | 000,000,000 | ---D | C] -- C:\Users\Barbara W\AppData\Local\{E492BB00-2FD2-4468-832A-6643E19ECCBA} [2013/04/21 08:56:08 | 000,000,000 | ---D | C] -- C:\Users\Barbara W\AppData\Local\{07CDC092-49B6-4649-A79E-9E66ADC26C4C} [2013/04/20 22:35:29 | 000,000,000 | ---D | C] -- C:\Users\Barbara W\AppData\Local\{0DF6BA56-E9A4-4481-BB57-C684B19D4EEC} [2013/04/20 09:45:31 | 000,000,000 | ---D | C] -- C:\Users\Barbara W\AppData\Local\{A8C23397-34E9-40C7-870F-A5DC143451EB} [2013/04/19 21:43:29 | 000,000,000 | ---D | C] -- C:\Users\Barbara W\AppData\Local\{A676F2AA-8413-415A-80AC-C40F1B09929A} [2013/04/19 14:53:43 | 000,000,000 | ---D | C] -- C:\Users\Barbara W\Desktop\P and L in Excell [2013/04/19 09:43:04 | 000,000,000 | ---D | C] -- C:\Users\Barbara W\AppData\Local\{531E8FE7-1744-415E-8ADE-DF07603AF744} [2013/04/18 21:42:26 | 000,000,000 | ---D | C] -- C:\Users\Barbara W\AppData\Local\{D5071CB1-CB6F-4D47-87BF-1084A96316E0} [2013/04/18 07:34:48 | 000,000,000 | ---D | C] -- C:\Users\Barbara W\AppData\Local\{5D9A17B7-BD9A-4B70-9AD4-E71B0E538956} [2013/04/17 13:07:45 | 000,000,000 | ---D | C] -- C:\Users\Barbara W\Desktop\clients tax returns 08-04-2013 [2013/04/17 10:58:15 | 000,000,000 | ---D | C] -- C:\Users\Barbara W\Desktop\Corporation Tax 30-09-2012 working [2013/04/17 07:43:08 | 000,000,000 | ---D | C] -- C:\Users\Barbara W\AppData\Local\{72D6E297-DF51-4AE9-947F-79835AC4BCDE} [2013/04/16 16:09:21 | 000,000,000 | ---D | C] -- C:\Users\Barbara W\AppData\Local\{A5293010-6093-42C8-A790-E2B990E5F8AE} [2013/04/15 23:22:18 | 000,000,000 | ---D | C] -- C:\Users\Barbara W\AppData\Local\{A245E28E-7AC5-4F3E-A2FE-01036A5394E5} [2013/04/15 09:12:12 | 000,000,000 | ---D | C] -- C:\Users\Barbara W\AppData\Local\{0AF73DA3-DFD4-4667-A7EC-4FC2A6FC7C75} [2013/04/14 21:11:33 | 000,000,000 | ---D | C] -- C:\Users\Barbara W\AppData\Local\{EFCFA590-8ABF-4A82-90D1-5F85A3392B26} [2013/04/14 09:11:07 | 000,000,000 | ---D | C] -- C:\Users\Barbara W\AppData\Local\{27C3DEA6-FF6A-4264-BDF2-613C05B060E0} [2013/04/13 15:03:57 | 000,000,000 | ---D | C] -- C:\Users\Barbara W\AppData\Local\{F1BC215E-6305-4C1F-BBDB-A195FA9C4C61} [2013/04/13 03:05:14 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb [2013/04/13 03:05:13 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll [2013/04/13 03:05:13 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll [2013/04/13 03:05:12 | 000,607,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll [2013/04/13 03:05:12 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe [2013/04/13 03:05:11 | 001,800,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll [2013/04/13 03:05:11 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll [2013/04/13 03:05:10 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl [2013/04/12 22:16:36 | 000,000,000 | ---D | C] -- C:\Users\Barbara W\AppData\Local\{CDBCFEB6-AFAA-4923-9B14-78C98AF2A8FF} [2013/04/12 10:16:11 | 000,000,000 | ---D | C] -- C:\Users\Barbara W\AppData\Local\{9CB9D8D4-C6BF-4BF5-85BB-00650E68CD3B} [2013/04/11 22:15:39 | 000,000,000 | ---D | C] -- C:\Users\Barbara W\AppData\Local\{FB96FE40-8FBF-4C10-8401-CF1E2E98656F} [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2013/05/11 19:37:54 | 000,000,326 | ---- | M] () -- C:\Windows\tasks\MaxiDisk.job [2013/05/11 19:37:40 | 000,003,744 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2013/05/11 19:37:40 | 000,003,744 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2013/05/11 19:35:58 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2013/05/11 19:35:56 | 2143,756,288 | -HS- | M] () -- C:\hiberfil.sys [2013/05/11 18:00:00 | 000,000,476 | ---- | M] () -- C:\Windows\tasks\SpeedyPC Registration3.job [2013/05/10 19:32:46 | 000,000,807 | ---- | M] () -- C:\Users\Public\Desktop\Microsoft Fix it Center.lnk [2013/05/10 16:40:16 | 000,003,234 | ---- | M] () -- C:\Users\Barbara W\Documents\cc_20130510_163956.reg [2013/05/10 16:33:34 | 000,000,999 | ---- | M] () -- C:\Users\Barbara W\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\A1Clean.lnk [2013/05/09 14:45:54 | 000,001,691 | ---- | M] () -- C:\Users\Public\Desktop\QuickTime Player.lnk [2013/05/06 11:58:58 | 000,000,979 | ---- | M] () -- C:\Users\Public\Desktop\TM UK & Ireland.lnk [2013/05/06 10:00:38 | 308,971,752 | ---- | M] () -- C:\Users\Barbara W\Documents\mydiscimage.ashdisc [2013/05/02 21:11:30 | 000,000,957 | ---- | M] () -- C:\Users\Barbara W\Application Data\Microsoft\Internet Explorer\Quick Launch\BoostSpeed PreActivated By XGX.lnk [2013/05/02 21:11:30 | 000,000,933 | ---- | M] () -- C:\Users\Public\Desktop\BoostSpeed.lnk [2013/05/02 16:40:06 | 000,052,143 | ---- | M] () -- C:\Users\Barbara W\Documents\201210-05 D Vehicle Repairs.pdf [2013/05/01 12:30:20 | 000,001,913 | ---- | M] () -- C:\Users\Public\Desktop\Epson Easy Photo Print.lnk [2013/05/01 12:29:24 | 000,000,308 | ---- | M] () -- C:\Windows\setup.iss [2013/05/01 12:28:42 | 000,002,167 | ---- | M] () -- C:\Users\Public\Desktop\Network Guide EPSON XP-205 207 Series.lnk [2013/05/01 12:28:35 | 000,002,167 | ---- | M] () -- C:\Users\Public\Desktop\User's Guide EPSON XP-205 207 Series.lnk [2013/05/01 12:22:49 | 000,000,770 | ---- | M] () -- C:\Users\Public\Desktop\EPSON Scan.lnk [2013/04/29 19:31:39 | 000,437,792 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2013/04/29 00:39:38 | 000,633,344 | ---- | M] (BitDefender) -- C:\Windows\System32\drivers\avc3.sys [2013/04/29 00:39:36 | 000,486,536 | ---- | M] (BitDefender) -- C:\Windows\System32\drivers\avckf.sys [2013/04/27 16:25:16 | 014,879,744 | ---- | M] () -- C:\Users\Barbara W\Desktop\JD VECHICLE REPAIR 1 07-09-12 od jacka (Backup 27 Apr 2013 04 24 PM).QBB [2013/04/24 15:09:43 | 000,006,938 | ---- | M] () -- C:\Users\Barbara W\Documents\Untitled2.jpg [2013/04/16 07:23:50 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2013/04/15 09:05:33 | 000,691,592 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe [2013/04/15 09:05:33 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl [color=#E56717]========== Files Created - No Company Name ==========[/color] [2013/05/10 19:32:47 | 000,000,819 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Fix it Center.lnk [2013/05/10 19:32:46 | 000,000,807 | ---- | C] () -- C:\Users\Public\Desktop\Microsoft Fix it Center.lnk [2013/05/10 16:40:04 | 000,003,234 | ---- | C] () -- C:\Users\Barbara W\Documents\cc_20130510_163956.reg [2013/05/10 16:33:34 | 000,000,999 | ---- | C] () -- C:\Users\Barbara W\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\A1Clean.lnk [2013/05/09 14:45:53 | 000,001,691 | ---- | C] () -- C:\Users\Public\Desktop\QuickTime Player.lnk [2013/05/09 14:43:22 | 000,001,830 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk [2013/05/06 11:58:58 | 000,000,979 | ---- | C] () -- C:\Users\Public\Desktop\TM UK & Ireland.lnk [2013/05/02 21:11:30 | 000,000,957 | ---- | C] () -- C:\Users\Barbara W\Application Data\Microsoft\Internet Explorer\Quick Launch\BoostSpeed PreActivated By XGX.lnk [2013/05/02 21:11:30 | 000,000,933 | ---- | C] () -- C:\Users\Public\Desktop\BoostSpeed.lnk [2013/05/02 16:40:05 | 000,052,143 | ---- | C] () -- C:\Users\Barbara W\Documents\201210-05 D Vehicle Repairs.pdf [2013/05/01 12:30:20 | 000,001,913 | ---- | C] () -- C:\Users\Public\Desktop\Epson Easy Photo Print.lnk [2013/05/01 12:29:04 | 000,000,308 | ---- | C] () -- C:\Windows\setup.iss [2013/05/01 12:28:42 | 000,002,167 | ---- | C] () -- C:\Users\Public\Desktop\Network Guide EPSON XP-205 207 Series.lnk [2013/05/01 12:28:35 | 000,002,167 | ---- | C] () -- C:\Users\Public\Desktop\User's Guide EPSON XP-205 207 Series.lnk [2013/05/01 12:22:49 | 000,000,770 | ---- | C] () -- C:\Users\Public\Desktop\EPSON Scan.lnk [2013/04/27 18:56:01 | 014,879,744 | ---- | C] () -- C:\Users\Barbara W\Desktop\JD VECHICLE REPAIR 1 07-09-12 od jacka (Backup 27 Apr 2013 04 24 PM).QBB [2013/04/24 15:09:43 | 000,006,938 | ---- | C] () -- C:\Users\Barbara W\Documents\Untitled2.jpg [2013/03/30 23:03:58 | 2143,756,288 | -HS- | C] () -- \hiberfil.sys [2013/03/30 12:38:44 | 000,000,026 | ---- | C] () -- C:\Windows\System32\ntlp_201.dll [2013/03/20 12:13:41 | 000,074,703 | ---- | C] () -- C:\Windows\System32\mfc45.dat [2013/03/19 22:20:39 | 000,479,421 | ---- | C] () -- C:\ProgramData\1363723398.bdinstall.bin [2013/03/19 22:17:56 | 000,000,308 | -H-- | C] () -- \bdr-cf01 [2013/03/19 21:20:38 | 002,294,848 | -H-- | C] () -- \bdr-bz01 [2013/03/19 21:20:38 | 000,009,216 | -H-- | C] () -- \bdr-ld01.mbr [2013/03/19 21:19:36 | 035,184,777 | -H-- | C] () -- \bdr-im01.gz [2013/03/19 21:19:35 | 000,253,404 | -H-- | C] () -- \bdr-ld01 [2013/03/11 21:18:35 | 000,010,240 | ---- | C] () -- C:\Windows\System32\vidx16.dll [2013/01/13 21:37:41 | 000,216,064 | ---- | C] ( ) -- C:\Windows\System32\lagarith.dll [2012/10/17 16:01:14 | 000,000,759 | ---- | C] () -- \fix.vbs [2012/10/17 12:01:06 | 000,044,992 | ---- | C] () -- C:\Windows\System32\drivers\oahlp32.sys [2012/10/16 17:14:49 | 000,100,864 | ---- | C] () -- \fgldqpow.sys [2012/09/11 06:45:50 | 001,048,576 | ---- | C] () -- C:\Windows\System32\syndata.bin [2012/07/28 11:52:43 | 000,000,000 | ---- | C] () -- C:\Users\Barbara W\AppData\Roaming\bibstats [2012/06/04 20:01:20 | 000,000,022 | -HS- | C] () -- C:\Users\Barbara W\AppData\Roaming\Windows1569_SettingsRepository.bin [2012/06/04 20:01:20 | 000,000,022 | -HS- | C] () -- C:\Windows\90C7D912BE2316.sys [2012/02/26 09:28:26 | 000,437,792 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT [2011/12/31 21:01:29 | 000,454,656 | ---- | C] () -- C:\Windows\System32\PaintX.dll [2011/11/01 23:05:05 | 000,098,304 | ---- | C] () -- C:\Windows\System32\redmonnt.dll [2011/09/06 23:40:28 | 000,116,224 | ---- | C] () -- C:\Windows\System32\pdfmonnt.dll [2011/09/06 23:40:23 | 000,000,164 | ---- | C] () -- C:\Windows\System32\psconv.ini [2011/09/06 23:30:37 | 000,000,031 | ---- | C] () -- C:\Windows\System32\wcsodsini.dll [2011/07/27 13:20:46 | 000,073,728 | ---- | C] () -- C:\Windows\System32\SageFolderBrowser.dll [2011/07/27 13:20:34 | 000,245,760 | ---- | C] () -- C:\Windows\System32\SageEventHandler.exe [2011/07/27 13:20:30 | 000,364,544 | ---- | C] () -- C:\Windows\System32\SGCDlg32.dll [2011/07/27 13:20:24 | 000,368,640 | ---- | C] () -- C:\Windows\System32\SGList32.dll [2011/07/27 13:20:22 | 000,065,536 | ---- | C] () -- C:\Windows\System32\SGAppBar.dll [2011/07/27 13:20:20 | 000,278,528 | ---- | C] () -- C:\Windows\System32\SGSchemeXML.dll [2011/07/27 13:20:18 | 000,053,248 | ---- | C] () -- C:\Windows\System32\SGStat32.dll [2011/07/27 13:20:16 | 000,172,032 | ---- | C] () -- C:\Windows\System32\SGSchemeDefault.dll [2011/07/27 13:20:16 | 000,122,880 | ---- | C] () -- C:\Windows\System32\SGSchemeXP.dll [2011/07/27 13:20:10 | 000,294,912 | ---- | C] () -- C:\Windows\System32\SGTBar32.dll [2011/07/27 13:20:08 | 000,253,952 | ---- | C] () -- C:\Windows\System32\SGWebBrowser.dll [2011/07/27 13:20:04 | 000,208,896 | ---- | C] () -- C:\Windows\System32\SGSTDREG.dll [2011/07/27 13:20:02 | 000,245,760 | ---- | C] () -- C:\Windows\System32\SGJPEG32.dll [2011/07/27 13:20:02 | 000,225,280 | ---- | C] () -- C:\Windows\System32\SGSchemeManager.dll [2011/07/27 13:20:02 | 000,053,248 | ---- | C] () -- C:\Windows\System32\SGLogo32.dll [2011/07/27 13:20:00 | 000,065,536 | ---- | C] () -- C:\Windows\System32\SG3D32.dll [2011/07/27 13:19:58 | 000,262,144 | ---- | C] () -- C:\Windows\System32\SGHelp32.dll [2011/07/27 13:19:58 | 000,102,400 | ---- | C] () -- C:\Windows\System32\SGIntl32.dll [2011/07/27 13:19:50 | 000,090,112 | ---- | C] () -- C:\Windows\System32\SGRegister.dll [2011/07/27 13:19:48 | 000,114,688 | ---- | C] () -- C:\Windows\System32\SGCom32.dll [2011/07/27 13:10:06 | 000,143,360 | ---- | C] () -- C:\Windows\System32\SGCtrlEx.dll [2011/07/27 13:01:02 | 000,090,112 | ---- | C] () -- C:\Windows\System32\SGDt32.dll [2010/05/08 22:09:35 | 000,000,097 | ---- | C] () -- C:\Users\Barbara W\AppData\Local\fusioncache.dat [2010/05/02 22:14:10 | 000,000,000 | RHS- | C] () -- \MSDOS.SYS [2010/05/02 22:14:10 | 000,000,000 | RHS- | C] () -- \IO.SYS [2010/04/25 20:34:33 | 000,111,213 | ---- | C] () -- C:\Users\Barbara W\user-agreement.html [2010/04/25 20:34:33 | 000,032,943 | ---- | C] () -- C:\Users\Barbara W\sitemap.html [2010/04/25 20:34:32 | 000,091,506 | ---- | C] () -- C:\Users\Barbara W\uk.shopping.com [2010/04/25 20:34:32 | 000,038,540 | ---- | C] () -- C:\Users\Barbara W\stores.shop.ebay.co.uk [2010/04/25 20:34:32 | 000,022,576 | ---- | C] () -- C:\Users\Barbara W\uk [2010/02/16 21:22:37 | 000,000,188 | ---- | C] () -- C:\Users\Barbara W\AppData\Local\RAExpertHistory.xml [2010/02/14 22:16:44 | 000,001,356 | ---- | C] () -- C:\Users\Barbara W\AppData\Local\d3d9caps.dat [2009/12/15 19:43:59 | 000,022,528 | ---- | C] () -- C:\Users\Barbara W\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2009/09/23 17:20:19 | 000,000,048 | -H-- | C] () -- C:\ProgramData\iPodAccessv4_OwnerName [2009/02/10 09:43:51 | 000,000,258 | RHS- | C] () -- C:\ProgramData\ntuser.pol [2008/10/13 21:16:18 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat [2008/02/15 13:16:21 | 000,333,257 | RHS- | C] () -- \bootmgr [2007/11/07 08:12:28 | 000,232,960 | ---- | C] () -- \VC_RED.MSI [2007/11/07 08:09:22 | 001,442,522 | ---- | C] () -- \VC_RED.cab [2007/11/07 08:03:18 | 000,097,296 | ---- | C] () -- \install.res.1036.dll [2007/11/07 08:03:18 | 000,096,272 | ---- | C] () -- \install.res.3082.dll [2007/11/07 08:03:18 | 000,096,272 | ---- | C] () -- \install.res.1031.dll [2007/11/07 08:03:18 | 000,095,248 | ---- | C] () -- \install.res.1040.dll [2007/11/07 08:03:18 | 000,091,152 | ---- | C] () -- \install.res.1033.dll [2007/11/07 08:03:18 | 000,081,424 | ---- | C] () -- \install.res.1041.dll [2007/11/07 08:03:18 | 000,079,888 | ---- | C] () -- \install.res.1042.dll [2007/11/07 08:03:18 | 000,076,304 | ---- | C] () -- \install.res.1028.dll [2007/11/07 08:03:18 | 000,075,792 | ---- | C] () -- \install.res.2052.dll [2007/11/07 08:00:40 | 000,005,686 | ---- | C] () -- \vcredist.bmp [2007/11/07 08:00:40 | 000,001,110 | ---- | C] () -- \globdata.ini [2007/11/07 08:00:40 | 000,000,843 | ---- | C] () -- \install.ini [2006/11/02 11:23:09 | 000,000,066 | ---- | C] () -- \AUTOEXEC.BAT [2006/11/02 07:25:08 | 000,000,010 | ---- | C] () -- \config.sys [color=#E56717]========== ZeroAccess Check ==========[/color] [2006/11/02 13:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2012/06/08 18:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2009/04/11 07:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] "" = %systemroot%\system32\wbem\wbemess.dll -- [2009/04/11 07:28:25 | 000,347,648 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [color=#E56717]========== LOP Check ==========[/color] [2012/08/05 14:22:31 | 000,000,000 | ---D | M] -- C:\Users\Barbara W\AppData\Roaming\12Pay [2010/06/16 19:03:51 | 000,000,000 | ---D | M] -- C:\Users\Barbara W\AppData\Roaming\Ashampoo [2010/07/03 11:48:02 | 000,000,000 | ---D | M] -- C:\Users\Barbara W\AppData\Roaming\Ashampoo Photo Commander 5 [2013/04/01 14:42:59 | 000,000,000 | ---D | M] -- C:\Users\Barbara W\AppData\Roaming\Auslogics [2013/03/19 21:21:23 | 000,000,000 | ---D | M] -- C:\Users\Barbara W\AppData\Roaming\Bitdefender [2010/10/22 21:30:06 | 000,000,000 | ---D | M] -- C:\Users\Barbara W\AppData\Roaming\ChomikBox [2010/07/29 21:09:57 | 000,000,000 | ---D | M] -- C:\Users\Barbara W\AppData\Roaming\DesktopReminder [2013/03/06 13:26:29 | 000,000,000 | ---D | M] -- C:\Users\Barbara W\AppData\Roaming\DriverCure [2013/05/10 21:05:20 | 000,000,000 | ---D | M] -- C:\Users\Barbara W\AppData\Roaming\Dropbox [2013/05/01 13:02:13 | 000,000,000 | ---D | M] -- C:\Users\Barbara W\AppData\Roaming\Epson [2012/06/15 18:54:16 | 000,000,000 | ---D | M] -- C:\Users\Barbara W\AppData\Roaming\FileZilla [2013/03/30 12:30:45 | 000,000,000 | ---D | M] -- C:\Users\Barbara W\AppData\Roaming\Foresight Software [2010/09/28 23:35:24 | 000,000,000 | ---D | M] -- C:\Users\Barbara W\AppData\Roaming\GetRightToGo [2012/10/04 17:55:53 | 000,000,000 | ---D | M] -- C:\Users\Barbara W\AppData\Roaming\GG [2011/05/05 06:44:36 | 000,000,000 | ---D | M] -- C:\Users\Barbara W\AppData\Roaming\GHISLER [2012/11/13 16:18:11 | 000,000,000 | ---D | M] -- C:\Users\Barbara W\AppData\Roaming\HMRC [2010/08/10 20:51:04 | 000,000,000 | ---D | M] -- C:\Users\Barbara W\AppData\Roaming\ipla [2010/12/27 13:14:33 | 000,000,000 | ---D | M] -- C:\Users\Barbara W\AppData\Roaming\kompozer.net [2011/06/16 21:10:48 | 000,000,000 | ---D | M] -- C:\Users\Barbara W\AppData\Roaming\Leadertech [2010/02/17 22:50:28 | 000,000,000 | ---D | M] -- C:\Users\Barbara W\AppData\Roaming\maxup [2010/08/07 21:50:43 | 000,000,000 | ---D | M] -- C:\Users\Barbara W\AppData\Roaming\Mp3tag [2010/01/06 00:22:27 | 000,000,000 | ---D | M] -- C:\Users\Barbara W\AppData\Roaming\myphotobook [2010/11/09 21:56:38 | 000,000,000 | ---D | M] -- C:\Users\Barbara W\AppData\Roaming\NCH Swift Sound [2010/02/13 12:49:16 | 000,000,000 | ---D | M] -- C:\Users\Barbara W\AppData\Roaming\o2.pl [2013/05/02 08:37:02 | 000,000,000 | ---D | M] -- C:\Users\Barbara W\AppData\Roaming\OnlineArmor [2010/03/06 21:26:05 | 000,000,000 | ---D | M] -- C:\Users\Barbara W\AppData\Roaming\OpenOffice.org [2013/01/06 01:30:32 | 000,000,000 | ---D | M] -- C:\Users\Barbara W\AppData\Roaming\Opera [2012/11/13 14:44:43 | 000,000,000 | ---D | M] -- C:\Users\Barbara W\AppData\Roaming\PdfMerger [2013/05/05 08:50:47 | 000,000,000 | ---D | M] -- C:\Users\Barbara W\AppData\Roaming\player [2013/03/19 21:17:37 | 000,000,000 | ---D | M] -- C:\Users\Barbara W\AppData\Roaming\QuickScan [2012/06/16 17:31:28 | 000,000,000 | ---D | M] -- C:\Users\Barbara W\AppData\Roaming\RayV [2011/02/14 23:01:48 | 000,000,000 | ---D | M] -- C:\Users\Barbara W\AppData\Roaming\Softinterface, Inc [2013/03/06 13:26:28 | 000,000,000 | ---D | M] -- C:\Users\Barbara W\AppData\Roaming\SpeedyPC Software [2013/03/22 21:16:38 | 000,000,000 | ---D | M] -- C:\Users\Barbara W\AppData\Roaming\SystemRequirementsLab [2011/07/12 23:00:32 | 000,000,000 | ---D | M] -- C:\Users\Barbara W\AppData\Roaming\The Bat! [2010/07/22 21:40:26 | 000,000,000 | ---D | M] -- C:\Users\Barbara W\AppData\Roaming\Thunderbird [2010/02/07 23:46:11 | 000,000,000 | ---D | M] -- C:\Users\Barbara W\AppData\Roaming\TOSHIBA [2011/06/05 18:30:26 | 000,000,000 | ---D | M] -- C:\Users\Barbara W\AppData\Roaming\Trusteer [2010/02/27 20:40:53 | 000,000,000 | ---D | M] -- C:\Users\Barbara W\AppData\Roaming\TuneUp Software [2013/03/02 10:38:17 | 000,000,000 | ---D | M] -- C:\Users\Barbara W\AppData\Roaming\Uniblue [2013/04/13 23:00:30 | 000,000,000 | ---D | M] -- C:\Users\Barbara W\AppData\Roaming\uTorrent [2010/04/09 22:32:34 | 000,000,000 | ---D | M] -- C:\Users\Barbara W\AppData\Roaming\VistaCodecs [2010/12/24 00:03:02 | 000,000,000 | ---D | M] -- C:\Users\Barbara W\AppData\Roaming\Web Page Maker [2013/02/20 14:59:53 | 000,000,000 | ---D | M] -- C:\Users\Barbara W\AppData\Roaming\webex [2011/06/16 21:03:09 | 000,000,000 | ---D | M] -- C:\Users\Barbara W\AppData\Roaming\WinBatch [2011/01/05 01:08:50 | 000,000,000 | ---D | M] -- C:\Users\Barbara W\AppData\Roaming\Windows Live Writer [2010/02/07 20:19:23 | 000,000,000 | ---D | M] -- C:\Users\Barbara W\AppData\Roaming\ZiggyTV [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Alternate Data Streams ==========[/color] @Alternate Data Stream - 146 bytes -> C:\ProgramData\TEMP:07BF512B < End of report >