OTL logfile created on: 7/1/2012 11:13:01 AM - Run 3
OTL by OldTimer - Version 3.2.53.0     Folder = C:\Program Files\Scan_OTL
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
3.12 Gb Total Physical Memory | 2.37 Gb Available Physical Memory | 76.00% Memory free
4.96 Gb Paging File | 4.34 Gb Available in Paging File | 87.43% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 462.24 Gb Total Space | 394.69 Gb Free Space | 85.39% Space Free | Partition Type: NTFS
Drive D: | 2.33 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF
 
Computer Name: SPARTIN | User Name: Dave Keough | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
[color=#E56717]========== Processes (SafeList) ==========[/color]
 
PRC - [2012/06/30 11:49:31 | 000,596,992 | ---- | M] (OldTimer Tools) -- C:\Program Files\Scan_OTL\OTL.exe
PRC - [2012/06/29 20:33:42 | 000,913,888 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2012/05/24 14:39:22 | 027,112,840 | ---- | M] (Dropbox, Inc.) -- C:\Documents and Settings\Dave Keough\Application Data\Dropbox\bin\Dropbox.exe
PRC - [2012/02/23 15:57:36 | 000,563,104 | ---- | M] (Affinegy, Inc.) -- C:\Program Files\Belkin\Router Setup and Monitor\BelkinService.exe
PRC - [2012/02/23 15:57:34 | 001,885,088 | ---- | M] (Affinegy, Inc.) -- C:\Program Files\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe
PRC - [2012/02/23 15:57:30 | 007,029,664 | ---- | M] (Affinegy, Inc.) -- C:\Program Files\Belkin\Router Setup and Monitor\BelkinSetup.exe
PRC - [2011/12/28 10:26:22 | 000,296,056 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\real\realplayer\Update\realsched.exe
PRC - [2011/06/24 21:16:56 | 000,061,440 | ---- | M] (Palm) -- C:\Program Files\Palm, Inc\novacomd\x86\novacomd.exe
PRC - [2010/10/01 23:06:36 | 000,348,760 | ---- | M] (Kaspersky Lab) -- C:\Program Files\Kaspersky Lab\Kaspersky PURE\avp.exe
PRC - [2010/07/15 19:30:48 | 000,020,480 | ---- | M] (WeatherBlink) -- C:\Program Files\WeatherBlink\bar\1.bin\gcbrmon.exe
PRC - [2009/12/21 18:34:38 | 000,743,992 | ---- | M] (Infowatch) -- C:\Program Files\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe
PRC - [2009/07/24 19:38:50 | 000,189,728 | ---- | M] (Protexis Inc.) -- c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
PRC - [2008/04/14 12:42:20 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008/04/14 12:42:20 | 000,180,224 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\dwwin.exe
PRC - [2007/08/09 03:27:52 | 000,073,728 | ---- | M] (HP) -- C:\WINDOWS\system32\HPZipm12.exe
PRC - [2007/04/04 17:41:28 | 000,177,672 | R--- | M] (Authentium, Inc.) -- C:\Program Files\Common Files\Authentium\AntiVirus\dvpapi.exe
 
 
[color=#E56717]========== Modules (No Company Name) ==========[/color]
 
MOD - [2012/06/29 20:33:39 | 002,042,848 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2012/02/23 15:57:38 | 000,022,944 | ---- | M] () -- C:\Program Files\Belkin\Router Setup and Monitor\BelkinServicePS.dll
MOD - [2012/02/23 15:19:16 | 000,669,696 | ---- | M] () -- C:\Program Files\Belkin\Router Setup and Monitor\gateways\GenericBelkinGatewayLOC.dll
MOD - [2010/10/01 23:05:46 | 008,972,888 | ---- | M] () -- C:\Program Files\Kaspersky Lab\Kaspersky PURE\QtGui4.dll
MOD - [2010/10/01 23:05:42 | 002,456,152 | ---- | M] () -- C:\Program Files\Kaspersky Lab\Kaspersky PURE\QtCore4.dll
MOD - [2010/10/01 23:05:28 | 002,111,064 | ---- | M] () -- C:\Program Files\Kaspersky Lab\Kaspersky PURE\avzkrnl.dll
MOD - [2010/10/01 22:07:46 | 000,733,184 | ---- | M] () -- C:\Program Files\Kaspersky Lab\Kaspersky PURE\localization_manager.dll
MOD - [2010/08/22 20:01:36 | 007,187,456 | ---- | M] () -- C:\Program Files\Belkin\Router Setup and Monitor\QtGui4.dll
MOD - [2010/08/22 20:01:08 | 000,325,632 | ---- | M] () -- C:\Program Files\Belkin\Router Setup and Monitor\QtXml4.dll
MOD - [2010/08/22 20:01:06 | 001,954,304 | ---- | M] () -- C:\Program Files\Belkin\Router Setup and Monitor\QtCore4.dll
MOD - [2010/08/22 20:01:06 | 000,847,360 | ---- | M] () -- C:\Program Files\Belkin\Router Setup and Monitor\QtNetwork4.dll
MOD - [2010/08/22 19:32:34 | 000,119,808 | ---- | M] () -- C:\Program Files\Belkin\Router Setup and Monitor\imageformats\qjpeg4.dll
MOD - [2009/10/30 21:32:30 | 000,410,496 | ---- | M] () -- C:\Program Files\Kaspersky Lab\Kaspersky PURE\dblite.dll
MOD - [2006/11/30 17:24:16 | 000,086,016 | ---- | M] () -- C:\WINDOWS\system32\custmon32.dll
 
 
[color=#E56717]========== Win32 Services (SafeList) ==========[/color]
 
SRV - [2012/06/29 20:33:40 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/06/20 11:22:00 | 000,257,224 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/02/23 15:57:36 | 000,563,104 | ---- | M] (Affinegy, Inc.) [Auto | Running] -- C:\Program Files\Belkin\Router Setup and Monitor\BelkinService.exe -- (AffinegyService)
SRV - [2011/06/24 21:16:56 | 000,061,440 | ---- | M] (Palm) [Auto | Running] -- C:\Program Files\Palm, Inc\novacomd\x86\novacomd.exe -- (NovacomD)
SRV - [2010/10/01 23:06:36 | 000,348,760 | ---- | M] (Kaspersky Lab) [Auto | Running] -- C:\Program Files\Kaspersky Lab\Kaspersky PURE\avp.exe -- (AVP)
SRV - [2010/07/15 19:30:48 | 000,028,766 | ---- | M] (WeatherBlink) [Auto | Stopped] -- C:\Program Files\WeatherBlink\bar\1.bin\gcbarsvc.exe -- (WeatherBlinkService)
SRV - [2010/02/19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009/12/21 18:34:38 | 000,743,992 | ---- | M] (Infowatch) [Auto | Running] -- C:\Program Files\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe -- (CSObjectsSrv)
SRV - [2009/07/24 19:38:50 | 000,189,728 | ---- | M] (Protexis Inc.) [Auto | Running] -- c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2)
SRV - [2008/03/17 18:59:36 | 000,099,056 | ---- | M] (Radialpoint Inc.) [On_Demand | Stopped] -- C:\Program Files\Verizon\PC Security Checkup\rpsupdaterR.exe -- (RPSUpdaterR)
SRV - [2007/08/09 03:27:52 | 000,073,728 | ---- | M] (HP) [Auto | Running] -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12)
SRV - [2007/04/04 17:41:28 | 000,177,672 | R--- | M] (Authentium, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Authentium\AntiVirus\dvpapi.exe -- (dvpapi)
 
 
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
 
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] --  -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] --  -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] --  -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] --  -- (Changer)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\Drivers\AFGMp50.sys -- (AFGMp50)
DRV - [2012/02/24 16:53:40 | 000,315,408 | ---- | M] (Kaspersky Lab) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\klif.sys -- (KLIF)
DRV - [2010/08/22 20:01:54 | 000,027,072 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\AFGSp50.sys -- (AFGSp50)
DRV - [2009/12/14 13:44:24 | 000,088,632 | ---- | M] (Infowatch) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\CSCrySec.sys -- (CSCrySec)
DRV - [2009/12/14 13:44:24 | 000,039,352 | ---- | M] (Infowatch) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\CSVirtualDiskDrv.sys -- (CSVirtualDiskDrv)
DRV - [2009/10/14 22:18:34 | 000,036,880 | ---- | M] (Kaspersky Lab) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\klbg.sys -- (KLBG)
DRV - [2009/10/02 20:39:44 | 000,019,472 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\klmouflt.sys -- (klmouflt)
DRV - [2009/09/14 15:42:46 | 000,032,272 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\klim5.sys -- (klim5)
DRV - [2009/09/01 16:29:50 | 000,128,016 | ---- | M] (Kaspersky Lab) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\kl1.sys -- (kl1)
DRV - [2008/05/09 00:23:22 | 000,238,080 | R--- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\viahduaa.sys -- (VIAHdAudAddService)
DRV - [2008/02/14 17:12:00 | 001,389,056 | R--- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\monfilt.sys -- (monfilt)
DRV - [2007/11/17 18:43:56 | 000,022,016 | R--- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus)
DRV - [2007/11/17 18:43:46 | 000,054,016 | R--- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD)
DRV - [2006/11/02 07:00:08 | 000,039,368 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\winusb.sys -- (WinUSB)
DRV - [2005/08/03 16:59:38 | 000,008,960 | R--- | M] (Prolific Technology Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbbc2.sys -- (PLUsbbc2)
DRV - [2005/08/03 16:59:36 | 000,004,736 | R--- | M] (Laplink Software, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\llusbflt.sys -- (LLUSBFLT)
DRV - [2004/08/12 11:00:00 | 000,005,810 | R--- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ASACPI.sys -- (MTsensor)
 
 
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== Internet Explorer ==========[/color]
 
IE - HKLM\..\SearchScopes,DefaultScope = {597b1823-7ff0-4cd3-8095-9d8cba514992}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKLM\..\SearchScopes\{597b1823-7ff0-4cd3-8095-9d8cba514992}: "URL" = http://search.mywebsearch.com/mywebsearch/GGmain.jhtml?id=XNxdm003YYUS&ptb=CD928B4D-56E1-45B9-85D4-A0B9C5AA3299&psa=&ind=2010071519&ptnrS=XNxdm003YYUS&si=&st=sb&n=77cf41df&searchfor={searchTerms}
IE - HKLM\..\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}: "URL" = http://www.ask.com/web?&o=101881&l=dis&q={SEARCHTERMS}
 
 
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/mywaybiz
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,First Home Page = http://www.dell4me.com/mywaybiz
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.dell4me.com/mywaybiz
IE - HKU\.DEFAULT\..\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}: "URL" = http://www.ask.com/web?&o=101881&l=dis&q={SEARCHTERMS}
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/mywaybiz
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,First Home Page = http://www.dell4me.com/mywaybiz
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.dell4me.com/mywaybiz
IE - HKU\S-1-5-18\..\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}: "URL" = http://www.ask.com/web?&o=101881&l=dis&q={SEARCHTERMS}
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-19\..\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}: "URL" = http://www.ask.com/web?&o=101881&l=dis&q={SEARCHTERMS}
 
IE - HKU\S-1-5-20\..\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}: "URL" = http://www.ask.com/web?&o=101881&l=dis&q={SEARCHTERMS}
 
IE - HKU\S-1-5-21-1589236084-246377985-422513938-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ycomp/defaults/sb/*http://www.yahoo.com/search/ie.html
IE - HKU\S-1-5-21-1589236084-246377985-422513938-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ycomp/defaults/sp/*http://www.yahoo.com
IE - HKU\S-1-5-21-1589236084-246377985-422513938-1004\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Yahoo! Search
IE - HKU\S-1-5-21-1589236084-246377985-422513938-1004\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
IE - HKU\S-1-5-21-1589236084-246377985-422513938-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
IE - HKU\S-1-5-21-1589236084-246377985-422513938-1004\..\URLSearchHook: {8ba2cfef-a1bc-4964-aadc-33be1ae5a33c} - C:\Program Files\WeatherBlink\bar\1.bin\gcSrcAs.dll (WeatherBlink)
IE - HKU\S-1-5-21-1589236084-246377985-422513938-1004\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-1589236084-246377985-422513938-1004\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-1589236084-246377985-422513938-1004\..\SearchScopes\{597b1823-7ff0-4cd3-8095-9d8cba514992}: "URL" = http://search.mywebsearch.com/mywebsearch/GGmain.jhtml?id=XNxdm003YYUS&ptb=CD928B4D-56E1-45B9-85D4-A0B9C5AA3299&psa=&ind=2010071519&ptnrS=XNxdm003YYUS&si=&st=sb&n=77cf41df&searchfor={searchTerms}
IE - HKU\S-1-5-21-1589236084-246377985-422513938-1004\..\SearchScopes\{9C085DF1-A080-424A-B9E8-D338FB9300F8}: "URL" = http://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
IE - HKU\S-1-5-21-1589236084-246377985-422513938-1004\..\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}: "URL" = http://www.ask.com/web?&o=101881&l=dis&q={SEARCHTERMS}
IE - HKU\S-1-5-21-1589236084-246377985-422513938-1004\..\SearchScopes\{CB59DDF8-2D50-4521-80A8-0398C2640266}: "URL" = http://www.infospace.com/vzn.dsl.tbar.sbie7/redirs_all.htm?pgtarg=wbsdogpile&qcat=web&qkw={searchTerms}
IE - HKU\S-1-5-21-1589236084-246377985-422513938-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1589236084-246377985-422513938-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
[color=#E56717]========== FireFox ==========[/color]
 
FF - prefs.js..network.proxy.no_proxies_on: "*.local"
FF - prefs.js..network.proxy.type: 0
FF - user.js - File not found
 
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pages.tvunetworks.com/WebPlayer: C:\Program Files\TVUPlayer\npTVUAx.dll (TVU networks)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=15.0.1.13: c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.1.13: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.1.13: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=15.0.1.13: c:\program files\real\realplayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=:  File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@viewpoint.com/VMP: C:\Program Files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll File not found
FF - HKLM\Software\MozillaPlugins\@WeatherBlink.com/Plugin: C:\Program Files\WeatherBlink\bar\1.bin\NPgcStub.dll (WeatherBlink)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\gcffxtbr@WeatherBlink.com: C:\Program Files\WeatherBlink\bar\1.bin [2011/04/06 16:37:21 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\virtualKeyboard@kaspersky.ru: C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\virtualKeyboard@kaspersky.ru
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\KavAntiBanner@Kaspersky.ru: C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\KavAntiBanner@kaspersky.ru
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\linkfilter@kaspersky.ru: C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\linkfilter@kaspersky.ru
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/06/29 20:33:42 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\{eea12ec4-729d-4703-bc37-106ce9879ce2}: C:\Program Files\Kaspersky Lab\Kaspersky PURE\THBExt [2012/02/24 16:54:36 | 000,000,000 | ---D | M]
 
[2012/06/10 16:53:45 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Dave Keough\Application Data\Mozilla\Extensions
[2012/06/29 20:42:08 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Dave Keough\Application Data\Mozilla\Firefox\Profiles\7bmwf9v2.default\extensions
[2012/06/10 20:02:18 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012/06/10 20:02:20 | 000,000,000 | ---D | M] (Kaspersky URL Advisor) -- C:\Program Files\Mozilla Firefox\extensions\linkfilter@kaspersky.ru
[2012/06/29 20:42:08 | 000,094,344 | ---- | M] () (No name found) -- C:\DOCUMENTS AND SETTINGS\DAVE KEOUGH\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\7BMWF9V2.DEFAULT\EXTENSIONS\CANITBECHEAPER@TRAFFICBROKER.CO.UK.XPI
[2012/06/29 20:33:42 | 000,085,472 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012/06/01 11:39:16 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012/06/01 11:39:16 | 000,002,040 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml
 
O1 HOSTS File: ([2006/02/28 08:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2 - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky PURE\ievkbd.dll (Kaspersky Lab)
O2 - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky PURE\klwtbbho.dll (Kaspersky Lab)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4 - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeCS6ServiceManager] C:\Program Files\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AVP] C:\Program Files\Kaspersky Lab\Kaspersky PURE\avp.exe (Kaspersky Lab)
O4 - HKLM..\Run: [InstaLAN] C:\Program Files\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe (Affinegy, Inc.)
O4 - HKLM..\Run: [KeePass 2 PreLoad] C:\Program Files\KeePass Password Safe 2\KeePass.exe (Dominik Reichl)
O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [Recguard] C:\WINDOWS\SMINST\Recguard.exe ()
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [TkBellExe] C:\program files\real\realplayer\update\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u File not found
O4 - HKLM..\Run: [WeatherBlink Browser Plugin Loader] C:\Program Files\WeatherBlink\bar\1.bin\gcbrmon.exe (WeatherBlink)
O4 - HKU\S-1-5-21-1589236084-246377985-422513938-1004..\Run: [AdobeBridge]  File not found
O4 - HKU\.DEFAULT..\RunOnce: [PCmover CookieMerge] C:\Program Files\Laplink\PCmover\CookieMerge.exe ()
O4 - HKU\S-1-5-18..\RunOnce: [PCmover CookieMerge] C:\Program Files\Laplink\PCmover\CookieMerge.exe ()
O4 - HKU\S-1-5-19..\RunOnce: [PCmover CookieMerge] C:\Program Files\Laplink\PCmover\CookieMerge.exe ()
O4 - Startup: C:\Documents and Settings\Dave Keough\Start Menu\Programs\Startup\Dropbox.lnk = C:\Documents and Settings\Dave Keough\Application Data\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 28
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1589236084-246377985-422513938-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Add to Anti-Banner - C:\Program Files\Kaspersky Lab\Kaspersky PURE\ie_banner_deny.htm ()
O9 - Extra Button: &Virtual Keyboard - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky Lab\Kaspersky PURE\klwtbbho.dll (Kaspersky Lab)
O9 - Extra Button: URLs c&heck - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky PURE\klwtbbho.dll (Kaspersky Lab)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://go.microsoft.com/fwlink/?LinkId=39204&clcid=0x409 (Windows Genuine Advantage Validation Tool)
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} http://download.mcafee.com/molbin/shared/mcinsctl/en-us/4,0,0,84/mcinsctl.cab (McAfee.com Operating System Class)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1220642520802 (WUWebControl Class)
O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} https://webdl.symantec.com/activex/symdlmgr.cab (Symantec Download Manager)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1243798764343 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} http://download.mcafee.com/molbin/shared/mcgdmgr/en-us/1,0,0,21/mcgdmgr.cab (DwnldGroupMgr Class)
O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} https://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} https://djoglobal.webex.com/client/WBXclient-T27L10NSP32EP1-13926/webex/ieatgpc.cab (GpcContainer Class)
O16 - DPF: Garmin Communicator Plug-In https://static.garmincdn.com/gcp/ie/2.9.3.0/GarminAxControl.CAB (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6020CEC8-F257-473C-9DE7-8DA93979E0D4}: DhcpNameServer = 192.168.2.1
O20 - AppInit_DLLs: (C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll) - C:\Program Files\Kaspersky Lab\Kaspersky PURE\kloehk.dll (Kaspersky Lab)
O20 - AppInit_DLLs: (C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll) - C:\Program Files\Kaspersky Lab\Kaspersky PURE\mzvkbd3.dll (Kaspersky Lab)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\klogon: DllName - (C:\WINDOWS\system32\klogon.dll) - C:\WINDOWS\system32\klogon.dll (Kaspersky Lab)
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008/09/05 21:08:40 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2009/07/14 05:26:40 | 000,000,043 | R--- | M] () - D:\autorun.inf -- [ UDF ]
O33 - MountPoints2\{63dc5374-9cad-11de-ac7c-002354b8f787}\Shell\AutoRun\command - "" = I:\Autorun.exe /run
O33 - MountPoints2\{63dc5374-9cad-11de-ac7c-002354b8f787}\Shell\Shell00\Command - "" = I:\Autorun.exe /run
O33 - MountPoints2\{63dc5374-9cad-11de-ac7c-002354b8f787}\Shell\Shell01\Command - "" = I:\Autorun.exe /action
O33 - MountPoints2\{63dc5374-9cad-11de-ac7c-002354b8f787}\Shell\Shell02\Command - "" = I:\Autorun.exe /uninstall
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
NetSvcs: 6to4 -  File not found
NetSvcs: Ias -  File not found
NetSvcs: Iprip -  File not found
NetSvcs: Irmon -  File not found
NetSvcs: NWCWorkstation -  File not found
NetSvcs: Nwsapagent -  File not found
NetSvcs: WmdmPmSp -  File not found
 
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
 
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
 
[2012/06/30 11:49:12 | 000,000,000 | ---D | C] -- C:\Program Files\Scan_OTL
[2012/06/30 11:48:38 | 000,027,072 | ---- | C] (Printing Communications Assoc., Inc. (PCAUSA)) -- C:\WINDOWS\System32\drivers\AFGSp50.sys
[2012/06/30 11:48:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Affinegy
[2012/06/10 19:56:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Belkin
[2012/06/10 19:53:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Belkin
[2012/06/10 19:52:09 | 000,000,000 | ---D | C] -- C:\Program Files\Belkin
[2012/06/10 16:53:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dave Keough\Local Settings\Application Data\Mozilla
[2012/06/10 16:53:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dave Keough\Application Data\Mozilla
[2012/06/10 16:30:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Mozilla
[2012/06/10 16:30:31 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Maintenance Service
[2012/06/10 16:30:18 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2012/06/04 12:51:10 | 000,000,000 | ---D | C] -- C:\Program Files\Dropbox
[9 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[2 C:\Documents and Settings\All Users\Application Data\*.tmp files -> C:\Documents and Settings\All Users\Application Data\*.tmp -> ]
 
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
 
[2012/07/01 11:04:33 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012/07/01 11:03:41 | 000,000,290 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-1589236084-246377985-422513938-1004.job
[2012/07/01 11:03:37 | 000,000,892 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2012/07/01 11:03:34 | 000,000,292 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-1589236084-246377985-422513938-1005.job
[2012/07/01 11:03:34 | 000,000,278 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-1589236084-246377985-422513938-501.job
[2012/07/01 11:03:21 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012/06/30 20:56:00 | 000,000,896 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2012/06/30 20:54:01 | 000,000,830 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2012/06/30 11:49:03 | 000,000,089 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\lmhosts
[2012/06/29 20:50:18 | 000,002,515 | ---- | M] () -- C:\Documents and Settings\Dave Keough\Desktop\Microsoft Office Word 2007.lnk
[2012/06/29 02:00:00 | 000,000,354 | ---- | M] () -- C:\WINDOWS\tasks\AdobeAAMUpdater-1.0-SPARTIN-Dave Keough.job
[2012/06/27 09:48:00 | 000,000,298 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-1589236084-246377985-422513938-1004.job
[2012/06/25 20:00:00 | 000,000,634 | ---- | M] () -- C:\WINDOWS\tasks\Norton Internet Security - Run Full System Scan - Dave Keough.job
[2012/06/25 08:39:00 | 000,000,286 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-1589236084-246377985-422513938-501.job
[2012/06/23 06:44:00 | 000,000,300 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-1589236084-246377985-422513938-1005.job
[2012/06/18 13:08:50 | 000,061,343 | ---- | M] () -- C:\Documents and Settings\Dave Keough\My Documents\fidelity roth ira statement 5-12.pdf
[2012/06/18 12:58:01 | 000,035,861 | ---- | M] () -- C:\Documents and Settings\Dave Keough\My Documents\Portfolio Positions by Account Fidelity Investments.htm
[2012/06/15 01:00:00 | 000,000,350 | ---- | M] () -- C:\WINDOWS\tasks\McDefragTask.job
[2012/06/13 14:25:12 | 000,002,473 | ---- | M] () -- C:\Documents and Settings\Dave Keough\Desktop\Microsoft Office Excel 2007.lnk
[2012/06/13 03:39:01 | 003,709,448 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012/06/13 03:20:06 | 000,484,862 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012/06/13 03:20:06 | 000,080,750 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012/06/13 03:07:53 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2012/06/10 16:30:36 | 000,000,742 | ---- | M] () -- C:\Documents and Settings\Dave Keough\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2012/06/10 16:30:36 | 000,000,724 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2012/06/04 12:51:18 | 000,001,046 | ---- | M] () -- C:\Documents and Settings\Dave Keough\Start Menu\Programs\Startup\Dropbox.lnk
[2012/06/04 12:51:03 | 000,001,042 | ---- | M] () -- C:\Documents and Settings\Dave Keough\Desktop\Dropbox.lnk
[9 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[2 C:\Documents and Settings\All Users\Application Data\*.tmp files -> C:\Documents and Settings\All Users\Application Data\*.tmp -> ]
 
[color=#E56717]========== Files Created - No Company Name ==========[/color]
 
[2012/06/18 13:08:50 | 000,061,343 | ---- | C] () -- C:\Documents and Settings\Dave Keough\My Documents\fidelity roth ira statement 5-12.pdf
[2012/06/18 12:58:01 | 000,035,861 | ---- | C] () -- C:\Documents and Settings\Dave Keough\My Documents\Portfolio Positions by Account Fidelity Investments.htm
[2012/06/10 16:30:36 | 000,000,742 | ---- | C] () -- C:\Documents and Settings\Dave Keough\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2012/06/10 16:30:36 | 000,000,724 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2012/06/10 16:30:35 | 000,000,730 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Mozilla Firefox.lnk
[2012/02/24 16:55:32 | 000,115,369 | ---- | C] () -- C:\WINDOWS\System32\drivers\klin.dat
[2012/02/24 16:55:32 | 000,097,961 | ---- | C] () -- C:\WINDOWS\System32\drivers\klick.dat
[2012/02/14 17:08:59 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2011/07/24 18:50:21 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011/01/13 04:18:19 | 000,282,970 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat
[2009/04/07 15:17:11 | 000,000,163 | ---- | C] () -- C:\Documents and Settings\Dave Keough\default.pls
[2009/01/11 15:07:43 | 000,000,996 | RH-- | C] () -- C:\Documents and Settings\Dave Keough\Application Data\Delete.vbs
[2007/06/24 17:34:13 | 000,061,678 | ---- | C] () -- C:\Documents and Settings\Dave Keough\Application Data\PFP120JPR.{PB
[2007/06/24 17:34:12 | 000,012,358 | ---- | C] () -- C:\Documents and Settings\Dave Keough\Application Data\PFP120JCM.{PB
[2007/01/24 17:03:07 | 000,056,912 | ---- | C] () -- C:\Documents and Settings\Dave Keough\g2mdlhlpx.exe
[2005/09/25 19:29:38 | 000,003,809 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2005/06/08 22:11:55 | 000,000,134 | ---- | C] () -- C:\Documents and Settings\Dave Keough\Local Settings\Application Data\fusioncache.dat
[2005/01/27 16:01:43 | 000,056,320 | ---- | C] () -- C:\Documents and Settings\Dave Keough\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
 
[color=#E56717]========== LOP Check ==========[/color]
 
[2008/09/05 21:57:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\SampleView
[2009/02/05 18:40:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Spearit
[2012/06/30 11:48:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Affinegy
[2012/06/10 19:56:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Belkin
[2009/02/05 18:40:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Laplink
[2009/02/05 19:15:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MCA2F8.tmp
[2009/02/05 19:15:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MCA306.tmp
[2009/04/13 12:13:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PCSettings
[2012/03/27 22:28:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PDF Writer
[2012/03/27 23:03:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\regid.1986-12.com.adobe
[2009/02/05 18:40:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Spearit
[2009/02/05 19:17:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SupportSoft
[2012/03/26 21:46:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2009/02/05 19:17:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
[2008/09/05 22:08:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{0BA93836-BC46-4268-B5B7-7C67A4C2A7E8}
[2009/11/13 15:13:55 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{2A28C3FB-FC79-4677-A128-0D87F28F7084}
[2009/02/10 17:17:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
[2009/09/10 17:55:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{7B6BA59A-FB0E-4499-8536-A7420338BF3B}
[2009/02/10 16:03:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dave Keough\Application Data\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2012/07/01 11:05:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dave Keough\Application Data\Dropbox
[2011/01/11 17:15:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dave Keough\Application Data\GARMIN
[2009/02/05 20:16:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dave Keough\Application Data\ICAClient
[2009/02/05 20:16:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dave Keough\Application Data\Image Zone Express
[2011/09/20 14:51:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dave Keough\Application Data\Jason Robitaille
[2012/04/29 00:05:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dave Keough\Application Data\KeePass
[2009/02/05 20:16:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dave Keough\Application Data\Leadertech
[2012/03/27 23:01:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dave Keough\Application Data\PDAppFlex
[2012/03/27 22:28:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dave Keough\Application Data\PDF Writer
[2008/09/05 21:57:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dave Keough\Application Data\SampleView
[2009/02/05 20:17:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dave Keough\Application Data\Snapfish
[2009/02/05 18:40:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dave Keough\Application Data\Spearit
[2009/02/05 20:18:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dave Keough\Application Data\vol_toolbar
[2008/09/05 21:57:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Default User\Application Data\SampleView
[2009/02/05 18:40:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Default User\Application Data\Spearit
[2008/09/05 21:57:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Guest\Application Data\SampleView
[2009/02/05 18:40:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Guest\Application Data\Spearit
[2008/09/05 21:57:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Someone Else\Application Data\SampleView
[2009/02/05 18:40:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Someone Else\Application Data\Spearit
[2012/06/15 01:00:00 | 000,000,350 | ---- | M] () -- C:\WINDOWS\Tasks\McDefragTask.job
[2012/06/01 01:00:00 | 000,000,352 | ---- | M] () -- C:\WINDOWS\Tasks\McQcTask.job
 
[color=#E56717]========== Purity Check ==========[/color]
 
 
 
[color=#E56717]========== Custom Scans ==========[/color]
 
[color=#A23BEC]< %SYSTEMDRIVE%\*.exe >[/color]
 
[color=#A23BEC]< MD5 for: WUAUENG.DL_  >[/color]
[2006/02/28 08:00:00 | 000,449,604 | ---- | M] () MD5=1A22CAE104E5634856DA6994F0F0829A -- C:\WINDOWS\I386\WUAUENG.DL_
 
[color=#A23BEC]< MD5 for: WUAUENG.DLL  >[/color]
[2012/06/02 15:19:18 | 001,933,848 | ---- | M] (Microsoft Corporation) MD5=278157F6E631F5F58D300C356E15FDC4 -- C:\WINDOWS\system32\wuaueng.dll
[2004/08/04 07:00:00 | 001,134,592 | ---- | M] (Microsoft Corporation) MD5=B8401A8BBFA8A75E713D3D465AAA54A8 -- C:\I386\WUAUENG.DLL
[2006/02/28 08:00:00 | 001,134,592 | ---- | M] (Microsoft Corporation) MD5=B8401A8BBFA8A75E713D3D465AAA54A8 -- C:\WINDOWS\$NtServicePackUninstall$\wuaueng.dll
[2008/04/14 12:42:12 | 001,135,616 | ---- | M] (Microsoft Corporation) MD5=D2F77E5DC1800BBC2CFFB5E76586B293 -- C:\WINDOWS\ServicePackFiles\i386\wuaueng.dll
[2012/06/02 15:19:18 | 001,933,848 | ---- | M] (Microsoft Corporation) MD5=FC3EC24FCE372C89423E015A2AC1A31E -- C:\WINDOWS\system32\dllcache\wuaueng.dll
 
[color=#A23BEC]< MD5 for: WUAUENG.DLL.MUI  >[/color]
[2012/06/02 15:19:30 | 000,017,944 | ---- | M] (Microsoft Corporation) MD5=086D3BAAB62616874AFB672D7362492F -- C:\WINDOWS\system32\wuaueng.dll.mui
 
[color=#A23BEC]< HKEY_CURRENT_USER\Software\Microsoft\Windows Media\WMSDK\Local\AutoProxyCache /s >[/color]
 
[color=#E56717]========== Alternate Data Streams ==========[/color]
 
@Alternate Data Stream - 104 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:4829695F

< End of report >