OTL logfile created on: 7/10/2013 5:17:40 PM - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Tim\Desktop Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 3.25 Gb Total Physical Memory | 2.20 Gb Available Physical Memory | 67.82% Memory free 5.09 Gb Paging File | 4.10 Gb Available in Paging File | 80.65% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 119.23 Gb Total Space | 34.52 Gb Free Space | 28.95% Space Free | Partition Type: NTFS Drive E: | 60.26 Gb Total Space | 26.39 Gb Free Space | 43.79% Space Free | Partition Type: FAT32 Computer Name: TIM | User Name: Tim | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Quick Scan Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2013/07/10 17:10:01 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Tim\Desktop\OTL.exe PRC - [2013/06/27 08:47:41 | 000,182,184 | ---- | M] (Oracle Corporation) -- C:\Program Files\Java\jre7\bin\jqs.exe PRC - [2013/06/08 07:14:38 | 000,202,576 | ---- | M] (LogMeIn, Inc.) -- C:\Program Files\LogMeIn\x86\ramaint.exe PRC - [2013/06/08 07:14:29 | 000,375,120 | ---- | M] (LogMeIn, Inc.) -- C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe PRC - [2012/12/12 11:28:14 | 000,163,000 | ---- | M] (Geek Software GmbH) -- C:\Program Files\PDF24\pdf24.exe PRC - [2012/11/08 10:01:42 | 004,654,152 | R--- | M] (Carbonite, Inc. (www.carbonite.com)) -- C:\Program Files\Carbonite\Carbonite Backup\CarboniteService.exe PRC - [2012/11/08 10:01:42 | 001,065,032 | R--- | M] (Carbonite, Inc.) -- C:\Program Files\Carbonite\Carbonite Backup\CarboniteUI.exe PRC - [2012/10/17 04:05:54 | 001,837,672 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\HP Officejet Pro 8500 A910\Bin\ScanToPCActivationApp.exe PRC - [2012/10/17 04:05:10 | 000,673,384 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\HP Officejet Pro 8500 A910\Bin\HPNetworkCommunicator.exe PRC - [2012/10/10 11:22:30 | 000,063,048 | ---- | M] (LogMeIn, Inc.) -- C:\Program Files\LogMeIn\x86\LogMeInSystray.exe PRC - [2012/09/13 00:38:44 | 000,204,136 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe PRC - [2012/09/13 00:38:20 | 000,264,040 | ---- | M] () -- C:\Program Files\Logitech\LWS\Webcam Software\CameraHelperShell.exe PRC - [2012/08/24 14:41:32 | 000,390,528 | ---- | M] (LogMeIn, Inc.) -- C:\Program Files\LogMeIn\x86\LogMeIn.exe PRC - [2011/12/06 06:40:30 | 001,248,256 | ---- | M] (Intuit Inc.) -- C:\Program Files\Common Files\Intuit\DataProtect\QBIDPService.exe PRC - [2008/04/14 07:00:00 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe [color=#E56717]========== Modules (No Company Name) ==========[/color] MOD - [2013/05/15 08:59:21 | 000,971,264 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\17440cd05eee7f87026b3c17119eed58\System.Configuration.ni.dll MOD - [2013/05/15 08:09:29 | 012,433,920 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\81b85db6e9fe04e4d1c9547b993acfce\System.Windows.Forms.ni.dll MOD - [2013/05/15 08:08:12 | 000,303,104 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll MOD - [2013/02/14 18:23:58 | 011,817,472 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web\e143370f0583abe015d8e3d2d536185e\System.Web.ni.dll MOD - [2013/02/14 18:23:51 | 000,212,992 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\d7ee03714420b252415b952d40ef59e4\System.ServiceProcess.ni.dll MOD - [2013/01/11 17:46:10 | 000,025,600 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Accessibility\cbee94ec6a0fe649e3b4643cea6e1259\Accessibility.ni.dll MOD - [2013/01/11 17:37:54 | 005,450,752 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\fe025743210c22bea2f009e1612c38bf\System.Xml.ni.dll MOD - [2013/01/11 17:37:39 | 001,593,856 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\7782f356a838c403b4a8e9c80df5a577\System.Drawing.ni.dll MOD - [2013/01/11 17:36:43 | 007,977,984 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\aeac298c43c77d8860db8e7634d9f2eb\System.ni.dll MOD - [2013/01/11 17:36:38 | 011,492,352 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\eab2340ead8e1a84bdf1a87868659979\mscorlib.ni.dll MOD - [2012/09/13 00:39:18 | 000,336,232 | ---- | M] () -- C:\Program Files\Common Files\LogiShrd\LWSPlugins\LWS\Applets\CameraHelper\DevManagerCore.dll MOD - [2012/09/13 00:38:52 | 007,955,304 | ---- | M] () -- C:\Program Files\Logitech\LWS\Webcam Software\QTGui4.dll MOD - [2012/09/13 00:38:52 | 000,341,352 | ---- | M] () -- C:\Program Files\Logitech\LWS\Webcam Software\QTXml4.dll MOD - [2012/09/13 00:38:52 | 000,127,336 | ---- | M] () -- C:\Program Files\Logitech\LWS\Webcam Software\ImageFormats\QJpeg4.dll MOD - [2012/09/13 00:38:52 | 000,028,008 | ---- | M] () -- C:\Program Files\Logitech\LWS\Webcam Software\ImageFormats\QGif4.dll MOD - [2012/09/13 00:38:44 | 002,144,104 | ---- | M] () -- C:\Program Files\Logitech\LWS\Webcam Software\QTCore4.dll MOD - [2012/09/13 00:38:20 | 000,264,040 | ---- | M] () -- C:\Program Files\Logitech\LWS\Webcam Software\CameraHelperShell.exe MOD - [2011/07/28 18:22:00 | 000,270,336 | ---- | M] () -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll MOD - [2011/02/28 17:37:32 | 000,180,624 | ---- | M] () -- C:\WINDOWS\system32\Primomonnt.dll MOD - [2010/03/16 13:22:12 | 000,014,848 | ---- | M] () -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\AxInterop.WBOCXLib.dll [color=#E56717]========== Services (SafeList) ==========[/color] SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ) SRV - [2013/06/27 08:47:41 | 000,182,184 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Program Files\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService) SRV - [2013/06/08 07:14:38 | 000,202,576 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files\LogMeIn\x86\ramaint.exe -- (LMIMaint) SRV - [2013/06/08 07:14:29 | 000,375,120 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe -- (LMIGuardianSvc) SRV - [2013/05/31 10:02:22 | 000,045,056 | ---- | M] (Intuit) [Auto | Stopped] -- C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe -- (QBCFMonitorService) SRV - [2013/01/27 12:11:46 | 000,020,456 | ---- | M] () [Auto | Stopped] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc) SRV - [2012/11/08 10:01:42 | 004,654,152 | R--- | M] (Carbonite, Inc. (www.carbonite.com)) [Auto | Running] -- C:\Program Files\Carbonite\Carbonite Backup\CarboniteService.exe -- (CarboniteService) SRV - [2012/11/02 11:15:44 | 000,077,944 | ---- | M] (Autodesk) [On_Demand | Stopped] -- C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe -- (Autodesk Licensing Service) SRV - [2012/10/29 08:57:55 | 000,250,808 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2012/08/24 14:41:32 | 000,390,528 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files\LogMeIn\x86\LogMeIn.exe -- (LogMeIn) SRV - [2012/01/25 15:23:54 | 000,240,408 | ---- | M] (Microsoft Corporation.) [On_Demand | Stopped] -- C:\Program Files\Microsoft\BingBar\7.1.355.0\SeaPort.EXE -- (BBUpdate) SRV - [2012/01/25 15:23:54 | 000,192,792 | ---- | M] (Microsoft Corporation.) [Auto | Stopped] -- C:\Program Files\Microsoft\BingBar\7.1.355.0\BBSvc.EXE -- (BBSvc) SRV - [2011/12/06 06:40:30 | 001,248,256 | ---- | M] (Intuit Inc.) [Auto | Running] -- C:\Program Files\Common Files\Intuit\DataProtect\QBIDPService.exe -- (QBVSS) SRV - [2011/12/06 06:40:08 | 000,061,440 | ---- | M] (Intuit Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe -- (QBFCService) SRV - [2011/12/06 06:38:54 | 000,679,936 | ---- | M] (Intuit, Inc.) [Auto | Stopped] -- C:\Program Files\Intuit\QuickBooks 2012\QBDBMgrN.exe -- (QuickBooksDB22) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP) DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump) DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc) DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\gdrv.sys -- (gdrv) DRV - File not found [Kernel | System | Stopped] -- -- (Changer) DRV - [2013/06/08 07:14:30 | 000,086,888 | ---- | M] (LogMeIn, Inc.) [File_System | Disabled | Stopped] -- C:\WINDOWS\System32\LMIRfsClientNP.dll -- (LMIRfsClientNP) DRV - [2013/05/25 07:14:33 | 000,013,624 | ---- | M] (LogMeIn, Inc.) [Kernel | Auto | Running] -- C:\Program Files\LogMeIn\x86\rainfo.sys -- (LMIInfo) DRV - [2012/09/21 14:09:06 | 004,261,224 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\lvuvc.sys -- (LVUVC) DRV - [2012/09/21 14:09:00 | 000,310,504 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\lvrs.sys -- (LVRS) DRV - [2012/08/24 14:41:32 | 000,047,640 | ---- | M] (LogMeIn, Inc.) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\LMIRfsDriver.sys -- (LMIRfsDriver) DRV - [2011/12/08 01:09:16 | 000,327,400 | R--- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp) DRV - [2011/10/18 06:53:14 | 006,439,528 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) DRV - [2011/07/28 17:20:11 | 007,084,544 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag) DRV - [2010/12/15 10:06:46 | 000,036,096 | R--- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\usbfilter.sys -- (usbfilter) DRV - [2010/06/29 16:01:10 | 000,011,832 | R--- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\amdide.sys -- (amdide) DRV - [2009/11/17 18:17:00 | 001,395,800 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Monfilt.sys -- (Monfilt) DRV - [2009/11/17 18:16:00 | 001,691,480 | ---- | M] (Creative) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Ambfilt.sys -- (Ambfilt) DRV - [2009/10/26 22:57:36 | 000,105,984 | ---- | M] (QUALCOMM Incorporated) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\qcmdmxp.sys -- (qcusbser) DRV - [2009/01/24 02:36:22 | 000,103,424 | ---- | M] (QUALCOMM Incorporated) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\qcserxp.sys -- (qcserxp) DRV - [2008/12/24 05:40:12 | 000,080,256 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\NmPar.sys -- (NmPar) DRV - [2008/10/09 16:42:42 | 000,017,408 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\KMWDFILTER.sys -- (KMWDFILTER) DRV - [2008/04/14 00:06:42 | 000,063,744 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mf.sys -- (mf) DRV - [2007/04/22 23:51:22 | 000,019,840 | ---- | M] (RDM Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ustp2.sys -- (ustp2) DRV - [2007/04/16 22:46:00 | 000,033,792 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AmdPPM.sys -- (AmdPPM) DRV - [2002/09/25 17:11:00 | 000,076,288 | ---- | M] (Rainbow Technologies, Inc.) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\SENTINEL.SYS -- (Sentinel) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?} IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ IE - HKCU\..\SearchScopes,DefaultScope = {593AF7E1-543D-4A8E-82AE-F41517AF5F5D} IE - HKCU\..\SearchScopes\{593AF7E1-543D-4A8E-82AE-F41517AF5F5D}: "URL" = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?} IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.25.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@mozilla.zeniko.ch/PDFlite_Browser_Plugin: C:\Program Files\PDFlite\npPdfViewer.dll File not found FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.149\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.149\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\@mozilla.zeniko.ch/PDFlite_Browser_Plugin: C:\Program Files\PDFlite\npPdfViewer.dll File not found [color=#E56717]========== Chrome ==========[/color] CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter} CHR - homepage: http://www.google.com/ CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\27.0.1453.116\PepperFlash\pepflashplayer.dll CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\27.0.1453.116\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\27.0.1453.116\pdf.dll CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll CHR - plugin: Java(TM) Platform SE 7 U9 (Enabled) = C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll CHR - plugin: Java Deployment Toolkit 7.0.90.5 (Enabled) = C:\WINDOWS\system32\npDeployJava1.dll CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll CHR - plugin: Windows Presentation Foundation (Enabled) = c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll CHR - Extension: Google Drive = C:\Documents and Settings\Tim\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.2_0\ CHR - Extension: YouTube = C:\Documents and Settings\Tim\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\ CHR - Extension: Google Search = C:\Documents and Settings\Tim\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\ CHR - Extension: Gmail = C:\Documents and Settings\Tim\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\ O1 HOSTS File: ([2008/04/14 07:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\Microsoft\BingBar\7.1.355.0\BingExt.dll (Microsoft Corporation.) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\7.1.355.0\BingExt.dll (Microsoft Corporation.) O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) O4 - HKLM..\Run: [Carbonite Backup] C:\Program Files\Carbonite\Carbonite Backup\CarboniteUI.exe (Carbonite, Inc.) O4 - HKLM..\Run: [Intuit SyncManager] C:\Program Files\Common Files\Intuit\Sync\IntuitSyncManager.exe (Intuit Inc. All rights reserved.) O4 - HKLM..\Run: [LogMeIn GUI] C:\Program Files\LogMeIn\x86\LogMeInSystray.exe (LogMeIn, Inc.) O4 - HKLM..\Run: [LWS] C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe (Logitech Inc.) O4 - HKLM..\Run: [MobisynapseSyncHelper] C:\Program Files\Mobisynapse\MobisynapseSyncHelper.exe (Innovation Technology Inc.) O4 - HKLM..\Run: [PDFPrint] C:\Program Files\PDF24\pdf24.exe (Geek Software GmbH) O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKLM..\Run: [VMM Mode Selection] C:\Program Files\HTC\ModeSelection\VMMModeSelection.exe () O4 - HKCU..\Run: [HP Officejet Pro 8500 A910 (NET)] C:\Program Files\HP\HP Officejet Pro 8500 A910\Bin\ScanToPCActivationApp.exe (Hewlett-Packard Co.) O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\AutoCAD Startup Accelerator.lnk = C:\Program Files\Common Files\Autodesk Shared\acstart17.exe (Autodesk, Inc) O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Intuit Data Protect.lnk = C:\Program Files\Common Files\Intuit\DataProtect\IntuitDataProtect.exe (Intuit Inc.) O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\QuickBooks_Standard_21.lnk = C:\Program Files\Intuit\QuickBooks 2012\QBW32.EXE (Intuit Inc.) O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\spnsrv9x.exe (Rainbow Technologies) O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O15 - HKCU\..Trusted Domains: localhost ([]* in Local intranet) O15 - HKCU\..Trusted Domains: wellsfargo.com ([]https in Trusted sites) O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool) O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://windowsupdate.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1351515244065 (WUWebControl Class) O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} https://secure.logmein.com//activex/ractrl.cab?lmi=972 (Performance Viewer Activex Control) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6709F088-2BE3-4594-B9DD-D451A08265E4}: DhcpNameServer = 192.168.1.1 O18 - Protocol\Handler\intu-help-qb5 {867FCB77-9823-4cd6-8210-D85F968D466F} - C:\Program Files\Intuit\QuickBooks 2012\HelpAsyncPluggableProtocol.dll (Intuit, Inc.) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation) O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.) O20 - Winlogon\Notify\LMIinit: DllName - (LMIinit.dll) - C:\WINDOWS\System32\LMIinit.dll (LogMeIn, Inc.) O24 - Desktop WallPaper: C:\Documents and Settings\Tim\Local Settings\Application Data\Microsoft\Wallpaper1.bmp O24 - Desktop BackupWallPaper: C:\Documents and Settings\Tim\Local Settings\Application Data\Microsoft\Wallpaper1.bmp O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2012/10/29 08:39:20 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O33 - MountPoints2\{a7cd05b7-df33-11e2-9247-fc6448db03ce}\Shell - "" = AutoRun O33 - MountPoints2\{a7cd05b7-df33-11e2-9247-fc6448db03ce}\Shell\AutoRun - "" = Auto&Play O33 - MountPoints2\{a7cd05b7-df33-11e2-9247-fc6448db03ce}\Shell\AutoRun\command - "" = F:\TL-Bootstrap.exe O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2013/07/10 17:10:00 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Tim\Desktop\OTL.exe [2013/07/10 16:34:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\LastGood [2013/07/10 14:11:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\ErrorEND [2013/07/10 14:11:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Tim\Start Menu\Programs\ErrorEND [2013/07/10 14:11:06 | 000,000,000 | ---D | C] -- C:\Program Files\ErrorEND [2013/07/10 14:05:05 | 000,000,000 | ---D | C] -- C:\58a9201ed71c08eeab [2013/07/10 13:41:19 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Windows Live [2013/06/27 08:48:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Tim\Application Data\Oracle [2013/06/21 07:37:03 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft [2013/06/18 12:55:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Tim\My Documents\ArcGIS Explorer [2013/06/18 12:55:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Tim\Local Settings\Application Data\ESRI [2013/06/18 12:55:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Tim\Application Data\esri [2013/06/18 12:43:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\ArcGIS Explorer Desktop [2013/06/18 12:43:29 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ArcGIS [2013/06/18 12:43:09 | 000,000,000 | ---D | C] -- C:\Program Files\Explorer (x86) [2013/06/14 15:53:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Apple Computer [2013/06/14 08:40:40 | 000,000,000 | ---D | C] -- C:\WINDOWS\Downloaded Program Files [2013/06/13 10:59:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Tim\Application Data\Apple Computer [2013/06/13 10:54:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\QuickTime [2013/06/13 10:54:38 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime [2013/06/13 10:54:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Apple Computer [2013/06/13 10:54:22 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple [2013/06/13 10:54:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Tim\Local Settings\Application Data\Apple [2013/06/13 10:54:12 | 000,000,000 | ---D | C] -- C:\Program Files\Apple Software Update [2013/06/13 10:54:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Apple [2013/06/13 10:54:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Tim\Local Settings\Application Data\Apple Computer [3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2013/07/10 17:10:01 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Tim\Desktop\OTL.exe [2013/07/10 16:38:00 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job [2013/07/10 14:25:02 | 000,002,587 | ---- | M] () -- C:\Documents and Settings\Tim\Desktop\Office Word 2007.lnk [2013/07/10 14:25:02 | 000,002,587 | ---- | M] () -- C:\Documents and Settings\Tim\Desktop\Office Outlook 2007.lnk [2013/07/10 14:25:02 | 000,002,549 | ---- | M] () -- C:\Documents and Settings\Tim\Desktop\Office Excel 2007.lnk [2013/07/10 14:25:02 | 000,002,539 | ---- | M] () -- C:\Documents and Settings\Tim\Desktop\Office PowerPoint 2007.lnk [2013/07/10 14:25:02 | 000,002,493 | ---- | M] () -- C:\Documents and Settings\Tim\Desktop\Office Picture Manager.lnk [2013/07/10 14:11:14 | 000,000,378 | ---- | M] () -- C:\WINDOWS\tasks\ErrorEND.job [2013/07/10 14:11:07 | 000,000,682 | ---- | M] () -- C:\Documents and Settings\Tim\Desktop\ErrorEND.lnk [2013/07/10 14:07:37 | 000,001,965 | ---- | M] () -- C:\WINDOWS\epplauncher.mif [2013/07/10 14:05:13 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2013/07/10 14:00:09 | 000,000,462 | ---- | M] () -- C:\WINDOWS\tasks\At4.job [2013/07/10 13:56:09 | 000,015,960 | ---- | M] () -- C:\FixitRegBackup.reg [2013/07/10 13:34:51 | 000,000,876 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job [2013/07/10 13:34:44 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2013/07/10 11:51:00 | 000,000,482 | -H-- | M] () -- C:\WINDOWS\tasks\WoodMax 1351612689.job [2013/07/10 10:10:00 | 000,000,462 | ---- | M] () -- C:\WINDOWS\tasks\At1.job [2013/07/10 07:46:37 | 000,000,226 | ---- | M] () -- C:\WINDOWS\tasks\CopyBackups.job [2013/07/10 07:36:09 | 000,000,462 | ---- | M] () -- C:\WINDOWS\tasks\At3.job [2013/07/10 06:38:17 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat [2013/07/09 21:35:01 | 000,000,384 | -H-- | M] () -- C:\WINDOWS\tasks\Microsoft Antimalware Scheduled Scan.job [2013/07/09 20:40:09 | 000,000,462 | ---- | M] () -- C:\WINDOWS\tasks\At2.job [2013/07/09 20:01:00 | 000,000,490 | -H-- | M] () -- C:\WINDOWS\tasks\WoodMax 1351611950.job [2013/07/03 10:24:16 | 000,000,291 | ---- | M] () -- C:\Documents and Settings\Tim\Desktop\KVSC 88.1 FM.url [2013/07/03 07:07:40 | 000,000,728 | ---- | M] () -- C:\Documents and Settings\Tim\Desktop\SalesLog.lnk [2013/07/01 13:56:28 | 000,002,519 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\QuickBooks Connection Diagnostic Tool.lnk [2013/06/27 09:16:57 | 000,000,435 | ---- | M] () -- C:\Documents and Settings\Tim\My Documents\Mobisynapse_Native_Screenshot_2012_192.168.1.8.bat [2013/06/27 08:50:56 | 000,000,127 | ---- | M] () -- C:\WINDOWS\System32\MRT.INI [2013/06/27 08:49:30 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK [2013/06/26 13:20:40 | 000,046,592 | ---- | M] () -- C:\Documents and Settings\Tim\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2013/06/26 08:39:04 | 000,000,090 | ---- | M] () -- C:\WINDOWS\QBChanUtil_Trigger.ini [2013/06/21 07:36:41 | 000,002,005 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\HP Officejet Pro 8500 A910.lnk [2013/06/21 07:36:20 | 000,000,057 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\Ament.ini [2013/06/19 12:11:55 | 000,008,268 | ---- | M] () -- C:\WINDOWS\System32\acdb.err [2013/06/18 12:43:30 | 000,001,692 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\ArcGIS Explorer Desktop.lnk [2013/06/13 10:54:44 | 000,001,604 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\QuickTime Player.lnk [3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2013/07/10 14:11:14 | 000,000,378 | ---- | C] () -- C:\WINDOWS\tasks\ErrorEND.job [2013/07/10 14:11:07 | 000,000,682 | ---- | C] () -- C:\Documents and Settings\Tim\Desktop\ErrorEND.lnk [2013/07/10 13:56:09 | 000,015,960 | ---- | C] () -- C:\FixitRegBackup.reg [2013/07/03 07:07:40 | 000,000,728 | ---- | C] () -- C:\Documents and Settings\Tim\Desktop\SalesLog.lnk [2013/06/27 09:16:57 | 000,000,435 | ---- | C] () -- C:\Documents and Settings\Tim\My Documents\Mobisynapse_Native_Screenshot_2012_192.168.1.8.bat [2013/06/27 08:50:56 | 000,000,127 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI [2013/06/21 07:36:56 | 000,000,661 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\I.R.I.S. OCR Registration.lnk [2013/06/21 07:36:45 | 000,000,462 | ---- | C] () -- C:\WINDOWS\tasks\At4.job [2013/06/21 07:36:45 | 000,000,462 | ---- | C] () -- C:\WINDOWS\tasks\At3.job [2013/06/21 07:36:45 | 000,000,462 | ---- | C] () -- C:\WINDOWS\tasks\At2.job [2013/06/21 07:36:45 | 000,000,462 | ---- | C] () -- C:\WINDOWS\tasks\At1.job [2013/06/21 07:36:41 | 000,002,005 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\HP Officejet Pro 8500 A910.lnk [2013/06/21 07:36:20 | 000,000,057 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\Ament.ini [2013/06/18 12:43:30 | 000,001,692 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\ArcGIS Explorer Desktop.lnk [2013/06/13 10:54:44 | 000,001,604 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\QuickTime Player.lnk [2013/03/15 07:21:35 | 000,512,376 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat [2012/12/26 18:14:55 | 000,596,042 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-S-1-5-21-1644491937-287218729-682003330-1006-0.dat [2012/11/02 00:26:08 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat [2012/10/31 10:44:25 | 000,046,592 | ---- | C] () -- C:\Documents and Settings\Tim\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2012/10/30 11:09:36 | 000,180,624 | ---- | C] () -- C:\WINDOWS\System32\Primomonnt.dll [2012/10/29 18:03:50 | 000,924,696 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-S-1-5-21-1644491937-287218729-682003330-1003-0.dat [2012/10/29 18:03:50 | 000,327,970 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat [2012/10/29 17:31:45 | 000,000,090 | ---- | C] () -- C:\WINDOWS\QBChanUtil_Trigger.ini [2012/10/29 15:26:58 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI [2012/10/29 15:26:12 | 000,361,728 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2012/10/29 14:58:06 | 000,569,436 | ---- | C] () -- C:\WINDOWS\System32\pktlib.dll [2012/10/29 14:58:06 | 000,122,880 | ---- | C] () -- C:\WINDOWS\System32\ncppa.dll [2012/10/29 14:58:06 | 000,114,688 | ---- | C] () -- C:\WINDOWS\System32\utils.dll [2012/10/29 14:52:27 | 000,061,440 | ---- | C] () -- C:\WINDOWS\System32\pss_lib.dll [2012/10/29 14:52:26 | 000,684,544 | ---- | C] () -- C:\WINDOWS\System32\hinstd.dll [2012/10/29 14:52:26 | 000,463,872 | ---- | C] () -- C:\WINDOWS\System32\calcldat.dll [2012/10/29 14:52:26 | 000,016,384 | ---- | C] () -- C:\WINDOWS\System32\hbridge.dll [2012/10/29 14:52:26 | 000,016,384 | ---- | C] () -- C:\WINDOWS\System32\dbgalloc.dll [2012/10/29 14:50:41 | 000,079,360 | ---- | C] () -- C:\WINDOWS\System32\acdbres.dll [2012/10/29 08:50:10 | 000,016,836 | ---- | C] () -- C:\WINDOWS\System32\drivers\RTAIODAT.DAT [2012/10/29 08:49:29 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ativpsrm.bin [2012/10/29 08:49:26 | 000,887,724 | R--- | C] () -- C:\WINDOWS\System32\ativva6x.dat [2012/10/29 08:49:26 | 000,234,855 | R--- | C] () -- C:\WINDOWS\System32\atiicdxx.dat [2012/10/29 08:49:26 | 000,000,003 | R--- | C] () -- C:\WINDOWS\System32\ativva5x.dat [2012/10/29 08:46:05 | 000,207,400 | R--- | C] () -- C:\WINDOWS\GSetup.exe [2012/10/29 08:46:05 | 000,000,010 | ---- | C] () -- C:\WINDOWS\GSetup.ini [2012/10/29 08:40:52 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat [2012/10/29 08:37:26 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat [2012/10/29 08:09:03 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll [2012/09/21 14:08:36 | 010,919,784 | ---- | C] () -- C:\WINDOWS\System32\LogiDPP.dll [2012/09/21 14:08:36 | 000,338,136 | ---- | C] () -- C:\WINDOWS\System32\DevManagerCore.dll [2012/09/21 14:08:36 | 000,103,272 | ---- | C] () -- C:\WINDOWS\System32\LogiDPPApp.exe [2012/09/21 13:48:30 | 000,028,418 | ---- | C] () -- C:\WINDOWS\System32\lvcoinst.ini [2012/09/12 16:20:50 | 000,008,592 | ---- | C] () -- C:\WINDOWS\System32\ractrlkeyhook.dll [2011/12/06 06:34:10 | 000,667,280 | ---- | C] () -- C:\WINDOWS\System32\tx12.dll [2011/12/06 06:34:10 | 000,000,530 | ---- | C] () -- C:\WINDOWS\System32\tx12_ic.ini [2011/12/06 06:34:10 | 000,000,186 | ---- | C] () -- C:\WINDOWS\System32\Gsw32.exe.config [2011/07/28 18:49:12 | 000,053,760 | ---- | C] () -- C:\WINDOWS\System32\OVDecode.dll [color=#E56717]========== ZeroAccess Check ==========[/color] [2013/05/20 08:00:52 | 000,002,048 | -HS- | M] () -- C:\RECYCLER\S-1-5-18\$c1d8c4cd0eea34ee49f3d9f610e4e601\@ [2013/05/20 08:00:52 | 000,000,000 | -HSD | M] -- C:\RECYCLER\S-1-5-18\$c1d8c4cd0eea34ee49f3d9f610e4e601\L [2013/06/27 04:29:25 | 000,000,000 | -HSD | M] -- C:\RECYCLER\S-1-5-18\$c1d8c4cd0eea34ee49f3d9f610e4e601\U [2013/06/27 04:29:25 | 000,000,912 | ---- | M] () -- C:\RECYCLER\S-1-5-18\$c1d8c4cd0eea34ee49f3d9f610e4e601\U\00000001.@ [2013/05/20 08:01:13 | 000,011,776 | ---- | M] () -- C:\RECYCLER\S-1-5-18\$c1d8c4cd0eea34ee49f3d9f610e4e601\U\80000000.@ [2013/05/20 08:01:13 | 000,022,016 | ---- | M] () -- C:\RECYCLER\S-1-5-18\$c1d8c4cd0eea34ee49f3d9f610e4e601\U\800000cb.@ [2012/10/29 08:47:58 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] "ThreadingModel" = Both "" = C:\RECYCLER\S-1-5-21-1644491937-287218729-682003330-1003\$c1d8c4cd0eea34ee49f3d9f610e4e601\o. -- File not found [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shdocvw.dll -- [2012/08/30 15:29:36 | 001,510,400 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] "" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008/04/14 07:00:00 | 000,273,920 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [color=#E56717]========== LOP Check ==========[/color] [2012/11/02 11:10:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Autodesk [2012/11/02 08:59:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Carbonite [2012/10/29 17:31:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\COMMON FILES [2013/07/10 14:16:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ErrorEND [2013/07/10 06:22:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\LogMeIn [2012/10/29 17:31:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Nuance [2012/10/31 14:52:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SQL Anywhere 11 [2012/11/06 09:10:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tim\Application Data\Autodesk [2013/06/18 12:55:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tim\Application Data\esri [2012/11/20 08:47:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tim\Application Data\Interact Commerce [2013/05/03 13:04:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tim\Application Data\Leadertech [2013/07/08 14:49:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tim\Application Data\MB4Outlook [2013/07/08 14:49:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tim\Application Data\Mobisynapse [2013/06/27 08:48:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tim\Application Data\Oracle [2012/11/02 15:17:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tim\Application Data\PrimoPDF [2012/11/02 13:53:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tim\Application Data\Softland [2013/05/17 09:44:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tim\Application Data\TeamViewer [color=#E56717]========== Purity Check ==========[/color] < End of report >