OTL logfile created on: 11/3/2012 2:32:43 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\inthewindagain\Desktop
Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
2.00 Gb Total Physical Memory | 0.53 Gb Available Physical Memory | 26.32% Memory free
4.00 Gb Paging File | 2.04 Gb Available in Paging File | 51.10% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 698.52 Gb Total Space | 641.16 Gb Free Space | 91.79% Space Free | Partition Type: NTFS
Computer Name: STEVESPC | User Name: inthewindagain | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2012/11/03 14:31:07 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\inthewindagain\Desktop\OTL.exe
PRC - [2012/10/25 15:46:46 | 006,508,192 | ---- | M] (SlySoft, Inc.) -- C:\Program Files\SlySoft\AnyDVD\AnyDVDtray.exe
PRC - [2012/07/06 17:09:35 | 000,200,632 | ---- | M] (Trend Micro Inc.) -- C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe
PRC - [2012/07/06 17:09:35 | 000,142,952 | ---- | M] (Trend Micro Inc.) -- C:\Program Files\Trend Micro\AMSP\coreFrameworkHost.exe
PRC - [2012/02/27 09:44:06 | 001,006,864 | ---- | M] (Trend Micro Inc.) -- C:\Program Files\Trend Micro\UniClient\UiFrmwrk\uiSeAgnt.exe
PRC - [2012/02/27 09:44:06 | 000,133,424 | ---- | M] (Trend Micro Inc.) -- C:\Program Files\Trend Micro\UniClient\UiFrmwrk\uiWatchDog.exe
PRC - [2012/02/23 12:30:40 | 000,059,240 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Internet Services\ubd.exe
PRC - [2012/02/10 11:28:06 | 000,240,408 | ---- | M] (Microsoft Corporation.) -- C:\Program Files\Microsoft\BingBar\7.1.361.0\SeaPort.EXE
PRC - [2011/10/15 04:53:00 | 002,253,120 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
PRC - [2011/10/15 04:53:00 | 001,820,480 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
PRC - [2011/10/15 04:53:00 | 001,328,960 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
PRC - [2011/10/15 00:54:40 | 000,381,248 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2011/08/25 17:53:00 | 000,013,672 | ---- | M] (Intuit Inc.) -- C:\Program Files\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
PRC - [2011/06/24 00:22:20 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
PRC - [2011/05/18 16:52:56 | 000,142,648 | ---- | M] () -- C:\Program Files\Verizon Wireless\mp3_downloadmanager_service.exe
PRC - [2011/04/22 08:21:10 | 000,247,728 | ---- | M] (TomTom) -- C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe
PRC - [2011/04/22 08:21:10 | 000,092,592 | ---- | M] (TomTom) -- C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
PRC - [2011/02/25 01:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2011/01/10 11:56:36 | 000,689,464 | ---- | M] (Radialpoint Inc.) -- C:\Program Files\Verizon\VSP\ServicepointService.exe
PRC - [2011/01/10 11:56:32 | 004,318,520 | ---- | M] (Verizon) -- C:\Program Files\Verizon\VSP\VerizonServicepoint.exe
PRC - [2011/01/10 11:56:32 | 000,488,760 | ---- | M] (Radialpoint Inc.) -- C:\Program Files\Verizon\VSP\VerizonServicepointComHandler.exe
PRC - [2010/11/20 08:17:47 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2010/11/20 08:17:00 | 000,302,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cmd.exe
PRC - [2010/09/08 11:45:10 | 001,034,752 | ---- | M] () -- C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDFME\WDFME.exe
PRC - [2010/09/08 11:44:50 | 000,484,352 | ---- | M] () -- C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSC.exe
PRC - [2010/09/08 11:41:36 | 000,237,056 | ---- | M] (WDC) -- C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe
PRC - [2010/08/23 21:21:40 | 000,013,672 | ---- | M] (Intuit Inc.) -- C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe
PRC - [2010/06/17 03:59:54 | 000,185,640 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\NCNETWORKSDM\bin\tgsrvc.exe
PRC - [2010/06/17 03:59:46 | 000,206,120 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\NCNETWORKSDM\bin\sprtsvc.exe
PRC - [2010/06/17 03:59:28 | 000,206,120 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\NCNETWORKSDM\bin\sprtcmd.exe
PRC - [2009/04/01 23:23:44 | 000,427,376 | ---- | M] (Juniper Networks) -- C:\Program Files\Juniper Networks\Common Files\dsNcService.exe
PRC - [2008/09/24 16:57:34 | 000,935,208 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
PRC - [2008/09/24 16:57:14 | 000,081,920 | ---- | M] (Prolific Technology Inc.) -- C:\Program Files\Nero\Nero BackItUp 4\IoctlSvc.exe
========== Modules (No Company Name) ==========
MOD - [2012/07/06 17:09:35 | 000,057,344 | ---- | M] () -- C:\Program Files\Trend Micro\AMSP\boost_date_time-vc80-mt-1_36.dll
MOD - [2012/07/06 17:09:35 | 000,049,152 | ---- | M] () -- C:\Program Files\Trend Micro\AMSP\boost_thread-vc80-mt-1_36.dll
MOD - [2012/05/11 19:26:40 | 005,452,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\ba3d70b651454c7d49b407b93663bfed\System.Xml.ni.dll
MOD - [2012/05/11 19:26:36 | 007,967,232 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\ce9ff6baf9053ed2ed673d948179195c\System.ni.dll
MOD - [2012/05/11 19:26:29 | 011,492,864 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\acfc1391e45fedd2a359778ea57d914c\mscorlib.ni.dll
MOD - [2011/06/24 22:56:36 | 000,087,328 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/06/24 22:56:14 | 001,241,888 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2011/05/18 16:52:56 | 000,142,648 | ---- | M] () -- C:\Program Files\Verizon Wireless\mp3_downloadmanager_service.exe
MOD - [2011/01/10 11:47:40 | 000,158,208 | ---- | M] () -- C:\Program Files\Verizon\VSP\Windows7Features.dll
========== Services (SafeList) ==========
SRV - File not found [Auto | Running] -- C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe coreFrameworkHost.exe -- (Amsp)
SRV - [2012/02/10 11:28:06 | 000,240,408 | ---- | M] (Microsoft Corporation.) [On_Demand | Running] -- C:\Program Files\Microsoft\BingBar\7.1.361.0\SeaPort.EXE -- (BBUpdate)
SRV - [2012/02/10 11:28:06 | 000,193,816 | ---- | M] (Microsoft Corporation.) [Auto | Stopped] -- C:\Program Files\Microsoft\BingBar\7.1.361.0\BBSvc.EXE -- (BBSvc)
SRV - [2011/10/15 04:53:00 | 002,253,120 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService)
SRV - [2011/10/15 00:54:40 | 000,381,248 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2011/08/25 17:53:00 | 000,013,672 | ---- | M] (Intuit Inc.) [Auto | Running] -- C:\Program Files\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe -- (IntuitUpdateServiceV4)
SRV - [2011/04/22 08:21:10 | 000,092,592 | ---- | M] (TomTom) [Auto | Running] -- C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe -- (TomTomHOMEService)
SRV - [2011/01/10 11:56:36 | 000,689,464 | ---- | M] (Radialpoint Inc.) [Auto | Running] -- C:\Program Files\Verizon\VSP\ServicepointService.exe -- (ServicepointService)
SRV - [2010/09/08 11:45:10 | 001,034,752 | ---- | M] () [Auto | Running] -- C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDFME\WDFME.exe -- (WDFME)
SRV - [2010/09/08 11:44:50 | 000,484,352 | ---- | M] () [Auto | Running] -- C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSC.exe -- (WDSC)
SRV - [2010/09/08 11:41:36 | 000,237,056 | ---- | M] (WDC) [Auto | Running] -- C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe -- (WDDMService)
SRV - [2010/08/23 21:21:40 | 000,013,672 | ---- | M] (Intuit Inc.) [Auto | Running] -- C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe -- (IntuitUpdateService)
SRV - [2010/06/17 03:59:54 | 000,185,640 | ---- | M] (SupportSoft, Inc.) [Auto | Running] -- C:\Program Files\NCNETWORKSDM\bin\tgsrvc.exe -- (tgsrvc_ncnetworksdm)
SRV - [2010/06/17 03:59:46 | 000,206,120 | ---- | M] (SupportSoft, Inc.) [Auto | Running] -- C:\Program Files\NCNETWORKSDM\bin\sprtsvc.exe -- (sprtsvc_ncnetworksdm)
SRV - [2010/05/26 19:00:44 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2009/07/13 21:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/13 21:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2009/04/01 23:23:44 | 000,427,376 | ---- | M] (Juniper Networks) [Auto | Running] -- C:\Program Files\Juniper Networks\Common Files\dsNcService.exe -- (dsNcService)
SRV - [2008/09/24 16:57:34 | 000,935,208 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe -- (Nero BackItUp Scheduler 4.0)
SRV - [2008/09/24 16:57:14 | 000,081,920 | ---- | M] (Prolific Technology Inc.) [Auto | Running] -- C:\Program Files\Nero\Nero BackItUp 4\IoctlSvc.exe -- (PLFlash DeviceIoControl Service)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Stopped] -- D:\INSTALL\GMSIPCI.SYS -- (GMSIPCI)
DRV - [2012/08/26 08:56:17 | 000,121,248 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AnyDVD.sys -- (AnyDVD)
DRV - [2012/07/06 17:09:36 | 000,205,072 | ---- | M] (Trend Micro Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\tmcomm.sys -- (tmcomm)
DRV - [2012/07/06 17:09:36 | 000,171,280 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\tmnciesc.sys -- (tmnciesc)
DRV - [2012/07/06 17:09:36 | 000,092,432 | ---- | M] (Trend Micro Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\tmtdi.sys -- (tmtdi)
DRV - [2012/07/06 17:09:36 | 000,081,168 | ---- | M] (Trend Micro Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\tmactmon.sys -- (tmactmon)
DRV - [2012/07/06 17:09:36 | 000,068,368 | ---- | M] (Trend Micro Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\tmevtmgr.sys -- (tmevtmgr)
DRV - [2012/07/06 17:09:36 | 000,055,056 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\tmeevw.sys -- (tmeevw)
DRV - [2011/10/15 04:53:00 | 010,327,360 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2011/07/07 19:21:28 | 000,139,880 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvhda32v.sys -- (NVHDA)
DRV - [2010/11/20 06:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010/11/20 05:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2010/08/26 23:40:48 | 000,168,648 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\C771VSP.sys -- (C771VSP)
DRV - [2010/08/26 23:40:40 | 000,057,672 | ---- | M] (DEVGURU Co., LTD.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\C771BUS.sys -- (C771BUS)
DRV - [2009/07/13 19:54:16 | 000,015,872 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usb8023.sys -- (USB_RNDIS_VISTA)
DRV - [2009/07/13 18:02:47 | 000,047,104 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\L1E62x86.sys -- (L1E)
DRV - [2009/04/01 23:04:26 | 000,023,552 | ---- | M] (Juniper Networks) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\dsNcAdpt.sys -- (dsNcAdpt)
DRV - [2009/02/13 13:02:52 | 000,011,520 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\wdcsam.sys -- (WDC_SAM)
DRV - [2007/02/15 20:57:04 | 000,034,760 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ElbyCDFL.sys -- (ElbyCDFL)
DRV - [2005/01/13 09:28:02 | 000,039,040 | ---- | M] (ADMtek Incorporated.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\an983.sys -- (AN983)
DRV - [2004/08/13 09:56:20 | 000,005,810 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ASACPI.sys -- (MTsensor)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Preserve
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...&rlz=1I7ADFA_en
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@radialpoint.com/SPA,version=1: C:\Program Files\Verizon\VSP\nprpspa.dll (Verizon)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@nsroblox.roblox.com/launcher: C:\Users\inthewindagain\AppData\Local\Roblox\Versions\version-1bebb2d1460c4423\\NPRobloxProxy.dll ()
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\inthewindagain\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{38783831-6098-4faa-A9C9-1EE1E343F4D2}: C:\Program Files\Trend Micro\AMSP\Module\20002\7.1.1102\7.1.1102\firefoxextension [2012/11/02 18:16:16 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{22C7F6C6-8D67-4534-92B5-529A0EC09405}: C:\Program Files\Trend Micro\AMSP\module\20004\FxExt\firefoxextension\ [2012/11/02 18:15:33 | 000,000,000 | ---D | M]
[2010/11/30 22:13:42 | 000,000,000 | -H-D | M] (No name found) -- C:\Users\inthewindagain\AppData\Roaming\Mozilla\Extensions
[2010/11/30 22:13:42 | 000,000,000 | -H-D | M] (No name found) -- C:\Users\inthewindagain\AppData\Roaming\Mozilla\Extensions\[email protected]
[2010/06/12 13:29:47 | 000,000,000 | -H-D | M] (No name found) -- C:\Users\inthewindagain\AppData\Roaming\Mozilla\Extensions\[email protected]
========== Chrome ==========
CHR - homepage: http://www.google.com/
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}
CHR - homepage: http://www.google.com/
CHR - Extension: YouTube = C:\Users\inthewindagain\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google Search = C:\Users\inthewindagain\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: Gmail = C:\Users\inthewindagain\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
O1 HOSTS File: ([2011/07/25 21:02:01 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (TmIEPlugInBHO Class) - {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\module\20004\2.0.1313\6.8.1078\TmIEPlg.dll (Trend Micro Inc.)
O2 - BHO: (TmBpIeBHO Class) - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\module\20002\7.1.1102\7.1.1102\TmBpIe32.dll (Trend Micro Inc.)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\Microsoft\BingBar\7.1.361.0\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll File not found
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\7.1.361.0\BingExt.dll (Microsoft Corporation.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [DownloadManagerService] C:\Program Files\Verizon Wireless\dist\servicerunner.exe (Verizon Wireless)
O4 - HKLM..\Run: [NCNETWORKSDM] C:\Program Files\NCNETWORKSDM\bin\sprtcmd.exe (SupportSoft, Inc.)
O4 - HKLM..\Run: [Trend Micro Client Framework] C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe (Trend Micro Inc.)
O4 - HKLM..\Run: [Trend Micro Titanium] C:\Program Files\Trend Micro\Titanium\UIFramework\uiWinMgr.exe (Trend Micro Inc.)
O4 - HKLM..\Run: [VerizonServicepoint.exe] C:\Program Files\Verizon\VSP\VerizonServicepoint.exe (Verizon)
O4 - HKCU..\Run: [AnyDVD] C:\Program Files\SlySoft\AnyDVD\AnyDVDtray.exe (SlySoft, Inc.)
O4 - HKCU..\Run: [MobileDocuments] C:\Program Files\Common Files\Apple\Internet Services\ubd.exe (Apple Inc.)
O4 - HKCU..\Run: [OE] "C:\Program Files\Trend Micro\Internet Security\TMAS_OE\TMAS_OEMon.exe" File not found
O4 - HKCU..\Run: [TomTomHOME.exe] C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe (TomTom)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: arcelormittaltubular.com ([vpn] https in Trusted sites)
O15 - HKCU\..Trusted Domains: intuit.com ([ttlc] https in Trusted sites)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.micr...heckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} http://www.nvidia.co...sreqlab_nvd.cab (System Requirements Lab Class)
O16 - DPF: {924B4927-D3BA-41EA-9F7E-8A89194AB3AC} http://panda-plugin..../p3dactivex.cab (P3DActiveX Control)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} https://vpn.arcelorm...SetupClient.cab (JuniperSetupClientControl Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 209.18.47.61 209.18.47.62
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7A34A261-F0B5-42FE-AFB1-B3EF9AA34593}: DhcpNameServer = 209.18.47.61 209.18.47.62
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C0F4FFF9-388A-4EB9-9666-D277C919D8E1}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E150E20D-5A54-4B09-AB76-FDB804FB1A52}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\tmbp {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\7.1.1102\7.1.1102\TmBpIe32.dll (Trend Micro Inc.)
O18 - Protocol\Handler\tmpx {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\module\20004\2.0.1313\6.8.1078\TmIEPlg.dll (Trend Micro Inc.)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 17:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{38d872c7-5bdd-11e0-a5db-e0cb4e5a5c00}\Shell - "" = AutoRun
O33 - MountPoints2\{38d872c7-5bdd-11e0-a5db-e0cb4e5a5c00}\Shell\AutoRun\command - "" = F:\unlock.exe autoplay=true
O33 - MountPoints2\{3cb82879-e496-11e0-845b-e0cb4e5a5c00}\Shell - "" = AutoRun
O33 - MountPoints2\{3cb82879-e496-11e0-845b-e0cb4e5a5c00}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL F:\TL-Bootstrap.exe
O33 - MountPoints2\{a511d3be-8192-11e0-90a1-e0cb4e5a5c00}\Shell - "" = AutoRun
O33 - MountPoints2\{a511d3be-8192-11e0-90a1-e0cb4e5a5c00}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL F:\TL-Bootstrap.exe
O33 - MountPoints2\{ca204580-9dd8-11e0-ba9e-002397369034}\Shell - "" = AutoRun
O33 - MountPoints2\{ca204580-9dd8-11e0-ba9e-002397369034}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL F:\TL-Bootstrap.exe
O33 - MountPoints2\F\Shell - "" = AutoRun
O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2012/11/03 14:30:53 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\inthewindagain\Desktop\OTL.exe
[2012/10/26 18:18:45 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2012/10/26 17:34:14 | 000,000,000 | -H-D | C] -- C:\Users\inthewindagain\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\File Restore
[2012/10/13 17:22:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
[2012/10/08 07:24:46 | 000,000,000 | -H-D | C] -- C:\Users\inthewindagain\AppData\Roaming\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
========== Files - Modified Within 30 Days ==========
[2012/11/03 14:31:07 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\inthewindagain\Desktop\OTL.exe
[2012/11/03 14:18:03 | 000,015,024 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/11/03 14:18:03 | 000,015,024 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/11/03 14:10:18 | 000,000,882 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/11/03 14:10:09 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/11/03 14:10:06 | 1609,867,264 | -HS- | M] () -- C:\hiberfil.sys
[2012/11/02 22:02:05 | 000,000,886 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/11/02 18:21:00 | 000,001,099 | ---- | M] () -- C:\Users\Public\Desktop\AnyDVD.lnk
[2012/10/30 16:49:53 | 000,000,592 | -H-- | M] () -- C:\ProgramData\ol6vldapdwYHns
[2012/10/28 12:23:25 | 000,310,557 | -H-- | M] () -- C:\Users\inthewindagain\AppData\Local\census.cache
[2012/10/28 12:23:04 | 000,122,973 | -H-- | M] () -- C:\Users\inthewindagain\AppData\Local\ars.cache
[2012/10/28 12:17:09 | 000,000,036 | -H-- | M] () -- C:\Users\inthewindagain\AppData\Local\housecall.guid.cache
[2012/10/28 10:02:32 | 001,446,477 | -H-- | M] () -- C:\Users\inthewindagain\Desktop\WDFirmwareUpdater.zip
[2012/10/26 17:50:19 | 000,000,368 | -H-- | M] () -- C:\ProgramData\6uQXv6juiciJ24
[2012/10/26 17:41:15 | 000,000,368 | -H-- | M] () -- C:\ProgramData\RwRRLXgid02yG9
[2012/10/26 17:34:14 | 000,000,368 | -H-- | M] () -- C:\ProgramData\axwv5HGQrugk6w
[2012/10/13 17:22:24 | 000,002,206 | ---- | M] () -- C:\Users\Public\Desktop\Google Earth.lnk
[2012/10/13 17:21:26 | 000,002,275 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2012/10/13 17:21:26 | 000,002,259 | ---- | M] () -- C:\Users\inthewindagain\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2012/10/04 16:59:35 | 000,195,823 | -H-- | M] () -- C:\Users\inthewindagain\Documents\twc10042012.xps
[2012/10/04 16:52:11 | 000,176,682 | -H-- | M] () -- C:\Users\inthewindagain\Documents\midohioenergy10042012.xps
========== Files Created - No Company Name ==========
File not found -- C:\ProgramData\6uQXv6juiciJ24.exe
[2012/10/30 16:46:10 | 000,000,592 | -H-- | C] () -- C:\ProgramData\ol6vldapdwYHns
[2012/10/28 12:23:25 | 000,310,557 | -H-- | C] () -- C:\Users\inthewindagain\AppData\Local\census.cache
[2012/10/28 12:23:04 | 000,122,973 | -H-- | C] () -- C:\Users\inthewindagain\AppData\Local\ars.cache
[2012/10/28 12:14:48 | 000,000,036 | -H-- | C] () -- C:\Users\inthewindagain\AppData\Local\housecall.guid.cache
[2012/10/28 10:02:31 | 001,446,477 | -H-- | C] () -- C:\Users\inthewindagain\Desktop\WDFirmwareUpdater.zip
[2012/10/26 17:49:58 | 000,000,368 | -H-- | C] () -- C:\ProgramData\6uQXv6juiciJ24
[2012/10/26 17:40:52 | 000,000,368 | -H-- | C] () -- C:\ProgramData\RwRRLXgid02yG9
[2012/10/26 17:33:56 | 000,000,368 | -H-- | C] () -- C:\ProgramData\axwv5HGQrugk6w
[2012/10/13 17:22:24 | 000,002,206 | ---- | C] () -- C:\Users\Public\Desktop\Google Earth.lnk
[2012/10/04 16:59:35 | 000,195,823 | -H-- | C] () -- C:\Users\inthewindagain\Documents\twc10042012.xps
[2012/10/04 16:52:10 | 000,176,682 | -H-- | C] () -- C:\Users\inthewindagain\Documents\midohioenergy10042012.xps
[2012/07/06 17:15:13 | 000,000,056 | ---- | C] () -- C:\Windows\System32\SupportTool.exe.bat
[2012/02/24 15:37:49 | 000,000,456 | -H-- | C] () -- C:\ProgramData\6O5K3lyg3LH1OO
[2012/02/12 16:45:11 | 000,000,451 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc
[2012/01/27 16:04:47 | 000,000,959 | ---- | C] () -- C:\Windows\ODBCINST.INI
[2011/10/15 00:54:52 | 000,321,856 | ---- | C] () -- C:\Windows\System32\nvStreaming.exe
[2011/09/07 15:32:38 | 000,000,031 | ---- | C] () -- C:\Windows\warhead.ini
[2011/08/07 09:51:26 | 000,000,000 | -H-- | C] () -- C:\Users\inthewindagain\AppData\Local\{9C5A39E6-C93E-40DD-80C0-328FB335F19A}
[2011/07/16 23:00:11 | 000,000,000 | -H-- | C] () -- C:\Users\inthewindagain\AppData\Local\{BBBB5804-CDD0-4118-91DF-9E5E14150644}
[2011/05/25 16:47:30 | 000,000,000 | -H-- | C] () -- C:\Users\inthewindagain\AppData\Local\{4EC95FFE-3591-4B55-AD2D-764B70FAC9F9}
[2011/05/20 16:08:29 | 000,000,000 | -H-- | C] () -- C:\Users\inthewindagain\AppData\Local\{5B09BB26-9C30-4816-BD9D-D2F32E434DC9}
[2011/04/17 19:13:18 | 000,007,605 | -H-- | C] () -- C:\Users\inthewindagain\AppData\Local\Resmon.ResmonCfg
[2011/04/09 18:55:28 | 000,179,261 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat
[2010/12/11 20:35:48 | 000,000,102 | -H-- | C] () -- C:\Users\inthewindagain\AppData\Local\fusioncache.dat
[2010/12/11 20:23:36 | 000,038,868 | ---- | C] () -- C:\Windows\hpomdl03.dat.temp
[2010/12/11 20:23:36 | 000,029,358 | ---- | C] () -- C:\Windows\hpoins03.dat.temp
[2010/12/11 20:19:37 | 000,029,358 | ---- | C] () -- C:\Windows\hpoins03.dat
[2010/05/27 20:08:59 | 000,000,166 | -HS- | C] () -- C:\ProgramData\.zreglib
========== ZeroAccess Check ==========
[2009/07/14 00:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/09 00:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 08:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/07/13 21:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
========== LOP Check ==========
[2012/11/02 18:13:59 | 000,000,000 | ---D | M] -- C:\Users\inthewindagain\AppData\Roaming\.minecraft
[2011/11/05 17:43:54 | 000,000,000 | -H-D | M] -- C:\Users\inthewindagain\AppData\Roaming\Atari
[2012/10/08 07:24:46 | 000,000,000 | -H-D | M] -- C:\Users\inthewindagain\AppData\Roaming\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2011/07/17 14:14:15 | 000,000,000 | -H-D | M] -- C:\Users\inthewindagain\AppData\Roaming\com.verizon.mediastore.vzwdownloadmanager.BEEF85639ECFAE88C004EA3A5F976EE5386C7526.1
[2010/05/30 19:09:24 | 000,000,000 | -H-D | M] -- C:\Users\inthewindagain\AppData\Roaming\GetRightToGo
[2012/11/02 18:16:07 | 000,000,000 | ---D | M] -- C:\Users\inthewindagain\AppData\Roaming\Juniper Networks
[2010/10/31 13:22:44 | 000,000,000 | -H-D | M] -- C:\Users\inthewindagain\AppData\Roaming\Leadertech
[2012/11/02 18:14:05 | 000,000,000 | ---D | M] -- C:\Users\inthewindagain\AppData\Roaming\SPORE
[2012/11/02 18:14:05 | 000,000,000 | ---D | M] -- C:\Users\inthewindagain\AppData\Roaming\TomTom
========== Purity Check ==========
< End of report >