I am running AVG Free 2013 with up-to-date virus definitions, and do periodic scans with up-to-date versions of SuperAntiSpyware and Malwarebytes (program files as well as definitions), all of which come up clean. I've posted the requested OTL logs below. Any idea what is going on?
OTL logfile created on: 10/20/2013 9:48:41 AM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\owner\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1.99 Gb Total Physical Memory | 1.02 Gb Available Physical Memory | 51.09% Memory free
4.22 Gb Paging File | 2.92 Gb Available in Paging File | 69.02% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 288.04 Gb Total Space | 164.50 Gb Free Space | 57.11% Space Free | Partition Type: NTFS
Drive D: | 10.00 Gb Total Space | 5.02 Gb Free Space | 50.23% Space Free | Partition Type: NTFS
Computer Name: ARDCBZJ3C6D | User Name: owner | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2013/10/20 09:47:13 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\owner\Desktop\OTL (1).exe
PRC - [2013/10/08 20:02:45 | 000,844,752 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
PRC - [2013/08/15 11:53:50 | 004,411,440 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgui.exe
PRC - [2013/07/23 19:09:28 | 000,283,136 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgwdsvc.exe
PRC - [2013/07/10 01:33:22 | 000,452,144 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgcsrvx.exe
PRC - [2013/07/04 15:53:28 | 000,763,952 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgrsx.exe
PRC - [2013/07/04 15:53:26 | 001,117,744 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgnsx.exe
PRC - [2013/07/04 15:53:10 | 004,939,312 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgidsagent.exe
PRC - [2013/03/18 02:38:48 | 000,799,280 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgemcx.exe
PRC - [2012/07/11 14:54:49 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SASCore.exe
PRC - [2012/04/04 01:53:50 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2010/08/24 17:56:14 | 000,608,528 | ---- | M] (TiVo Inc.) -- C:\Program Files\TiVo\Desktop\TiVoTransfer.exe
PRC - [2010/08/24 17:56:10 | 000,437,520 | ---- | M] (TiVo Inc.) -- C:\Program Files\TiVo\Desktop\TiVoNotify.exe
PRC - [2009/04/11 02:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2007/12/05 06:17:24 | 000,077,824 | ---- | M] (Andrea Electronics Corporation) -- C:\Windows\System32\AERTSrv.exe
PRC - [2007/11/15 10:23:56 | 000,202,544 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\Dell Support Center\bin\sprtsvc.exe
PRC - [2007/11/15 10:23:56 | 000,202,544 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\Dell Support Center\bin\sprtcmd.exe
========== Modules (No Company Name) ==========
MOD - [2013/10/08 20:02:43 | 000,415,184 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\30.0.1599.101\ppgooglenaclpluginchrome.dll
MOD - [2013/10/08 20:02:42 | 013,584,336 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\30.0.1599.101\PepperFlash\pepflashplayer.dll
MOD - [2013/10/08 20:02:41 | 004,055,504 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\30.0.1599.101\pdf.dll
MOD - [2013/10/08 20:01:47 | 001,604,560 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\30.0.1599.101\ffmpegsumo.dll
MOD - [2013/08/25 03:36:44 | 005,462,016 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\1c092babce41da3df570557a64aff484\System.Xml.ni.dll
MOD - [2013/08/25 03:34:17 | 007,977,984 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\d7153acb7b6ccb5a6a886d6f0ab732b1\System.ni.dll
MOD - [2013/07/11 03:50:20 | 011,497,984 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\6a938df70a8b7996a3890b4f34c83906\mscorlib.ni.dll
MOD - [2011/09/27 08:23:00 | 000,087,912 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/09/27 08:22:40 | 001,242,472 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2003/01/30 07:04:00 | 000,618,496 | ---- | M] () -- C:\Program Files\TiVo\Desktop\StlpMt45.dll
========== Services (SafeList) ==========
SRV - [2013/07/23 19:09:28 | 000,283,136 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2013\avgwdsvc.exe -- (avgwd)
SRV - [2013/07/04 15:53:10 | 004,939,312 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2013\avgidsagent.exe -- (AVGIDSAgent)
SRV - [2012/07/11 14:54:49 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCore.exe -- (!SASCORE)
SRV - [2012/04/04 01:53:50 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2010/08/24 17:56:04 | 001,104,656 | ---- | M] (TiVo Inc.) [Disabled | Stopped] -- C:\Program Files\TiVo\Desktop\TiVoBeacon.exe -- (TivoBeacon2)
SRV - [2008/11/09 16:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Disabled | Stopped] -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
SRV - [2008/01/19 03:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007/12/05 06:17:24 | 000,077,824 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\System32\AERTSrv.exe -- (AERTFilters)
SRV - [2007/11/15 10:23:56 | 000,202,544 | ---- | M] (SupportSoft, Inc.) [Auto | Running] -- C:\Program Files\Dell Support Center\bin\sprtsvc.exe -- (sprtsvc_dellsupportcenter)
SRV - [2007/05/31 10:21:24 | 000,379,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2007/05/31 10:21:18 | 000,183,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | System | Stopped] -- C:\Windows\system32\drivers\tlsvvakc.sys -- (tlsvvakc)
DRV - File not found [Kernel | System | Stopped] -- C:\Windows\system32\drivers\rhniffka.sys -- (rhniffka)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | System | Stopped] -- C:\Windows\system32\drivers\mvhhdklw.sys -- (mvhhdklw)
DRV - File not found [Kernel | System | Stopped] -- C:\Windows\system32\drivers\mpacajnc.sys -- (mpacajnc)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | System | Stopped] -- C:\Windows\system32\drivers\hhchoofm.sys -- (hhchoofm)
DRV - File not found [Kernel | System | Stopped] -- C:\Windows\system32\drivers\ebvcslun.sys -- (ebvcslun)
DRV - File not found [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\blbdrive.sys -- (blbdrive)
DRV - File not found [Kernel | System | Stopped] -- C:\Windows\system32\drivers\bboxugol.sys -- (bboxugol)
DRV - [2013/09/10 01:34:48 | 000,022,328 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgidsshimx.sys -- (AVGIDSShim)
DRV - [2013/09/05 01:43:42 | 000,039,224 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\System32\drivers\avgrkx86.sys -- (Avgrkx86)
DRV - [2013/07/20 01:51:00 | 000,246,072 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\System32\drivers\avglogx.sys -- (Avglogx)
DRV - [2013/07/20 01:50:56 | 000,208,184 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\System32\drivers\avgidsdriverx.sys -- (AVGIDSDriver)
DRV - [2013/07/20 01:50:56 | 000,060,216 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\System32\drivers\avgidshx.sys -- (AVGIDSHX)
DRV - [2013/07/20 01:50:50 | 000,171,320 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\System32\drivers\avgldx86.sys -- (Avgldx86)
DRV - [2013/07/01 01:45:28 | 000,096,568 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\System32\drivers\avgmfx86.sys -- (Avgmfx86)
DRV - [2013/03/21 03:08:24 | 000,182,072 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgtdix.sys -- (Avgtdix)
DRV - [2011/07/22 12:27:02 | 000,012,880 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2011/07/12 17:55:22 | 000,067,664 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2008/01/19 01:56:29 | 000,017,408 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\asyncmac.sys -- (AsyncMac)
DRV - [2008/01/19 00:25:05 | 000,220,672 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\e1e6032.sys -- (e1express)
DRV - [2007/10/01 16:24:36 | 000,023,864 | ---- | M] (Webroot Software Inc (www.webroot.com)) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sskbfd.sys -- (SSKBFD)
DRV - [2007/03/12 03:12:00 | 000,256,000 | ---- | M] (Ralink Technology Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WUSB54GCx86.sys -- (netr73)
DRV - [2006/11/02 03:36:43 | 002,028,032 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (R300)
DRV - [2006/11/02 03:30:56 | 000,047,104 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtnicxp.sys -- (RTL8023xp)
DRV - [2006/10/18 14:08:18 | 000,258,048 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSXHWBS2.sys -- (HSXHWBS2)
DRV - [2006/08/04 20:39:10 | 000,008,192 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio)
DRV - [2003/01/10 17:13:04 | 000,033,588 | ---- | M] (America Online, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\wanatw4.sys -- (wanatw)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.co...=us&ibd=2080124
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...ie7&rlz=1I7DKUS
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.co...=us&ibd=2080124
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://my.screennam...522b1&locale=us
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
IE - HKCU\..\SearchScopes,DefaultScope = {171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}: "URL" = http://websearch.ask...5E-0A2604967D1C
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...ie7&rlz=1I7DKUS
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@viewpoint.com/VMP: C:\Program Files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll ()
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{b64982b1-d112-42b5-b1e4-d3867c4533f8}: C:\ProgramData\Browser Manager\2.3.796.11\{16cdff19-861d-48e3-a751-d99a27784753}\FirefoxExtension [2012/11/12 20:56:33 | 000,000,000 | ---D | M]
========== Chrome ==========
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - homepage: http://www.google.com/
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\30.0.1599.101\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\30.0.1599.101\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\30.0.1599.101\pdf.dll
CHR - plugin: Application Manager (Enabled) = C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgafcinpmmpklohkojmllohdhomoefph\1.0_0\spext.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin8.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll
CHR - plugin: MetaStream 3 Plugin (Enabled) = C:\Program Files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - Extension: Chrome In-App Payments service = C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\
CHR - Extension: Settings Protector = C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgafcinpmmpklohkojmllohdhomoefph\1.0_0\
O1 HOSTS File: ([2012/02/16 14:59:45 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll (Google Inc.)
O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll (Dell Inc.)
O2 - BHO: (Webroot Browser Helper Object) - {e08861fe-8847-4b2a-8ec2-08edb20e4020} - C:\Program Files\Webroot\Security\install\products\WISE\toolbar\LPBar.dll File not found
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (Webroot Toolbar) - {d84a64a0-f2b2-4975-b264-3a3bce8d57d6} - C:\Program Files\Webroot\Security\install\products\WISE\toolbar\LPBar.dll File not found
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [AVG_UI] C:\Program Files\AVG\AVG2013\avgui.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [DellSupportCenter] C:\Program Files\Dell Support Center\bin\sprtcmd.exe (SupportSoft, Inc.)
O4 - HKLM..\Run: [dscactivate] C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe ( )
O4 - HKCU..\Run: [AVG-Secure-Search-Update_0913a] C:\Users\owner\AppData\Roaming\AVG 0913a Campaign\AVG-Secure-Search-Update-0913a.exe /PROMPT --mid 9e8295c4816a47d3ac34d1438bf90ec0-0db82b3a1cfb2ec0fb1328a5d68a7246bd3e1208 --CMPID 0913a File not found
O4 - HKCU..\Run: [DellSupportCenter] C:\Program Files\Dell Support Center\bin\sprtcmd.exe (SupportSoft, Inc.)
O4 - HKCU..\Run: [ROC_ROC_APR2013_AV] C:\Users\owner\AppData\Roaming\AVG April 2013 Campaign\AVG-Secure-Search-Update.exe /PROMPT --mid 9e8295c4816a47d3ac34d1438bf90ec0-0db82b3a1cfb2ec0fb1328a5d68a7246bd3e1208 --CMPID ROC_APR2013_AV --CMPIDEXTRA 2013 File not found
O4 - HKCU..\Run: [TivoNotify] C:\Program Files\TiVo\Desktop\TiVoNotify.exe (TiVo Inc.)
O4 - HKCU..\Run: [TivoServer] C:\Program Files\TiVo\Desktop\TiVoServer.exe (TiVo Inc.)
O4 - HKCU..\Run: [TivoTransfer] C:\Program Files\TiVo\Desktop\TiVoTransfer.exe (TiVo Inc.)
O4 - HKCU..\Run: [TranscodingService] C:\Program Files\TiVo\Desktop\Plus\\TranscodingService.exe ()
O4 - HKCU..\Run: [ujIDnApRpKen] C:\ProgramData\ujIDnApRpKen.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoViewOnDrive = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: DisableLocalMachineRun = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: DisableLocalMachineRunOnce = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: DisableCurrentUserRun = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: DisableCurrentUserRunOnce = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoViewContextMenu = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoShellSearchButton = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFind = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFile = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideClock = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoTrayContextMenu = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoTrayItemsDisplay = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSetFolders = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDevMgrUpdate = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoClose = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSetTaskbar = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDeletePrinter = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDFSTab = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoChangeStartMenu = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLogoff = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: StartMenuLogoff = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoWindowsUpdate = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoEncryptOnMove = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRunasInstallPrompt = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSaveSettings = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoHardwareTab = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoStartMenuSubFolders = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispAppearancePage = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispBackgroundPage = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispSettingsPage = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoViewOnDrive = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: DisableLocalMachineRun = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: DisableLocalMachineRunOnce = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: DisableCurrentUserRun = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: DisableCurrentUserRunOnce = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoViewContextMenu = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoShellSearchButton = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFind = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFile = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideClock = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoTrayContextMenu = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoTrayItemsDisplay = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSetFolders = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDevMgrUpdate = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoClose = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSetTaskbar = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDeletePrinter = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDFSTab = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoChangeStartMenu = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLogoff = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: StartMenuLogoff = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoWindowsUpdate = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoEncryptOnMove = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRunasInstallPrompt = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSaveSettings = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoHardwareTab = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoStartMenuSubFolders = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktop = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispAppearancePage = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispBackgroundPage = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispSettingsPage = 0
O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: aol.com ([objects] * is out of zone range - 5)
O15 - HKCU\..Trusted Ranges: GD ([http] in Local intranet)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.micr...heckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\Yinsthelper.dll (Installation Support)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 65.32.5.111 65.32.5.112
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3EA53507-2519-4FB6-9429-961757AFC748}: DhcpNameServer = 65.32.5.111 65.32.5.112
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8581EBA1-40C0-41D7-B55E-0FE641600CD7}: DhcpNameServer = 65.32.5.111 65.32.5.112
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\DfLogon: DllName - (LogonDll.dll) - File not found
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img16.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img16.jpg
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O29 - HKLM SecurityProviders - (msapsspc.dll) - File not found
O29 - HKLM SecurityProviders - (digest.dll) - File not found
O29 - HKLM SecurityProviders - (msnsspc.dll) - File not found
O30 - LSA: Security Packages - (pku2u) - File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 17:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O35 - HKCU\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKCU\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
========== Files/Folders - Created Within 30 Days ==========
[2013/10/20 09:47:10 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\owner\Desktop\OTL (1).exe
[2013/10/11 03:30:42 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2013/10/11 03:30:35 | 000,607,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2013/10/11 03:30:35 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2013/10/11 03:30:35 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2013/10/11 03:30:35 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2013/10/11 03:30:34 | 001,800,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2013/10/11 03:30:33 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2013/10/11 03:30:31 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2013/10/10 16:57:13 | 001,172,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10warp.dll
[2013/10/10 16:57:13 | 001,069,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DWrite.dll
[2013/10/10 16:57:13 | 000,683,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d2d1.dll
[2013/10/10 16:57:13 | 000,486,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10level9.dll
[2013/10/10 16:57:13 | 000,219,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1core.dll
[2013/10/10 16:57:12 | 001,029,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10.dll
[2013/10/10 16:57:12 | 000,189,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10core.dll
[2013/10/10 16:57:12 | 000,160,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1.dll
[2013/10/10 16:57:11 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cdd.dll
[2013/10/10 16:57:09 | 000,102,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationCFFRasterizerNative_v0300.dll
[2013/10/10 16:57:06 | 002,050,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2013/10/10 16:56:58 | 000,226,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbport.sys
[2013/10/10 16:56:58 | 000,006,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbd.sys
[2013/10/10 16:56:53 | 000,293,376 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll
[2013/10/10 16:56:52 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll
[2013/10/10 16:56:47 | 000,025,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\hidparse.sys
[2013/01/19 23:52:35 | 009,842,040 | ---- | C] (Webroot Software, Inc.) -- C:\Program Files\Common Files\wruninstall.exe
========== Files - Modified Within 30 Days ==========
[2013/10/20 09:47:13 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\owner\Desktop\OTL (1).exe
[2013/10/20 09:30:21 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/10/20 08:29:27 | 000,003,696 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2013/10/20 08:29:27 | 000,003,696 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2013/10/20 08:29:00 | 000,000,880 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/10/19 12:29:07 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/10/18 16:43:26 | 000,002,609 | ---- | M] () -- C:\Users\owner\Desktop\Word.lnk
[2013/10/18 15:57:11 | 000,020,950 | ---- | M] () -- C:\Users\owner\AppData\Roaming\wklnhst.dat
[2013/10/12 17:59:32 | 000,613,270 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013/10/12 17:59:32 | 000,108,228 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2013/10/11 04:39:31 | 000,331,824 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2013/10/11 04:33:25 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2013/10/07 18:49:16 | 000,000,908 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013/09/22 06:22:59 | 001,800,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2013/09/22 06:14:39 | 001,427,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2013/09/22 06:12:32 | 000,231,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2013/09/22 06:09:55 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2013/09/22 06:08:41 | 000,142,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2013/09/22 06:05:42 | 000,607,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2013/09/22 06:03:18 | 002,382,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2013/09/22 05:59:06 | 000,176,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
========== Files Created - No Company Name ==========
[2013/09/06 17:57:23 | 000,000,376 | ---- | C] () -- C:\Windows\ODBC.INI
[2013/02/18 21:43:47 | 000,000,120 | ---- | C] () -- C:\Windows\QUICKEN.INI
[2012/07/28 17:06:32 | 000,000,680 | ---- | C] () -- C:\Users\owner\AppData\Local\d3d9caps.dat
[2009/11/23 21:13:58 | 000,001,892 | ---- | C] () -- C:\Users\owner\IncrediMail.lnk
[2008/04/03 14:01:42 | 000,020,950 | ---- | C] () -- C:\Users\owner\AppData\Roaming\wklnhst.dat
[2008/03/31 14:18:33 | 000,031,232 | ---- | C] () -- C:\Users\owner\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
========== ZeroAccess Check ==========
[2006/11/02 08:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/08 13:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %SystemRoot%\system32\wbem\fastprox.dll -- [2009/04/11 02:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/04/11 02:28:25 | 000,347,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
< End of report >
OTL Extras logfile created on: 10/20/2013 9:48:41 AM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\owner\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1.99 Gb Total Physical Memory | 1.02 Gb Available Physical Memory | 51.09% Memory free
4.22 Gb Paging File | 2.92 Gb Available in Paging File | 69.02% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 288.04 Gb Total Space | 164.50 Gb Free Space | 57.11% Space Free | Partition Type: NTFS
Drive D: | 10.00 Gb Total Space | 5.02 Gb Free Space | 50.23% Space Free | Partition Type: NTFS
Computer Name: ARDCBZJ3C6D | User Name: owner | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"FirewallOverride" = 0
"AntivirusOverride" = 0
"UacDisableNotify" = 0
"AntiSpywareDisableNotify" = 0
"AutoUpdateDisableNotify" = 0
"InternetSettingsDisableNotify" = 0
"UpdatesDisableNotify" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiSpywareOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"FirewallOverride" = 0
"AntivirusOverride" = 0
"UacDisableNotify" = 0
"AntiSpywareDisableNotify" = 0
"AutoUpdateDisableNotify" = 0
"InternetSettingsDisableNotify" = 0
"UpdatesDisableNotify" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\S-1-5-21-3043727718-1022667866-1691337262-1001]
"EnableNotifications" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{09A95318-12FC-40C2-B09B-6C7EB00366F5}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{11C771BE-E951-4356-A8FE-5DF2B7BA4331}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{12B6A5A2-E9AA-4580-BA13-6D0C9BCB21A9}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{21E38DD1-12F7-4CFF-9CBC-FFAAADB084A2}" = lport=53 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{2A0FD2D8-C7DB-485A-BE5A-CC8FCA709B0F}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{2C27E1D2-1444-4017-8331-C4F2B8DE993D}" = lport=445 | protocol=6 | dir=in | app=system |
"{2E17683C-1A8B-4E61-A64A-66C44A08C9EF}" = lport=138 | protocol=17 | dir=in | app=system |
"{3D8C9CE9-3CB9-45D6-9E01-18667DACFC1F}" = rport=10243 | protocol=6 | dir=out | app=system |
"{3D9F3CB7-8440-4E7D-A965-1C72E6C4055A}" = lport=2869 | protocol=6 | dir=in | app=system |
"{458D8299-C594-43DA-9367-5AC347496D01}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{4B2C2F62-E9DF-4CAC-8318-B3F7C3ACA2DF}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{6BD2A7BA-4C50-415B-B993-E8D563E4B39A}" = rport=445 | protocol=6 | dir=out | app=system |
"{74C45EF4-314D-41EE-AE26-00F8E1A51C9D}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{8635D863-C871-49C5-8B2D-722B7E1EEBB2}" = lport=10243 | protocol=6 | dir=in | app=system |
"{8BF32F69-3E6D-44A8-982D-58437771FE60}" = lport=7288 | protocol=6 | dir=in | name=tivo hme host: port %d |
"{98DF9A05-E569-49BF-A3DF-676DD3093993}" = rport=139 | protocol=6 | dir=out | app=system |
"{9E4A8B6E-E056-4DC6-A0CA-5953615CF4F6}" = rport=138 | protocol=17 | dir=out | app=system |
"{A123AF28-C7FA-43A7-B4D8-22F9C2486998}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | [email protected],-28539 |
"{A9B43C39-A8C3-4189-98EC-A273EC52C04F}" = rport=137 | protocol=17 | dir=out | app=system |
"{AB7DA117-77BF-400E-87FC-D5FD330F1D16}" = lport=139 | protocol=6 | dir=in | app=system |
"{AC5E4CD1-CBE9-4F5D-8665-8018C82FFFE5}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{B8E4C58D-56CE-4A00-8440-6CE7FCF69380}" = lport=547 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{BF2F821F-278F-468D-9604-957743D251B7}" = lport=2869 | protocol=6 | dir=in | app=system |
"{CFCDDB17-36A8-4341-8937-B5286705EF1D}" = lport=68 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{DA04C225-8814-438F-A9C5-DC3C95CAD664}" = lport=137 | protocol=17 | dir=in | app=system |
"{E9C4CF46-DF42-4976-B8A3-9E85CA59F7B4}" = lport=5353 | protocol=17 | dir=in | name=mdns-sd/bonjour |
"{F0257C8F-2C5A-4B2D-95A2-37429EA7D49D}" = rport=2869 | protocol=6 | dir=out | app=system |
"{F4DBE433-2091-4BD9-BB80-F5A303B93D1D}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{FAE2F8FB-012F-41D4-81E7-C0AB9CDA209A}" = lport=67 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{091D00F0-F9E6-4512-9087-3EBA7F4DBB85}" = protocol=17 | dir=in | app=c:\program files\avg\avg2013\avgdiagex.exe |
"{0FB8FEF9-EA0C-4D8A-A59F-101D88865000}" = protocol=17 | dir=in | app=c:\program files\common files\aol\topspeed\3.0\aoltpsd3.exe |
"{1B140EBA-AE94-45B6-92BC-615543D7FEB1}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{1C065940-C899-4DD4-8ABD-539D447B0CA5}" = dir=in | app=c:\program files\hp\digital imaging\bin\hposid01.exe |
"{1C3FC693-CE63-44F0-94E1-4E71A4C84928}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqusgh.exe |
"{215EA4C6-E217-42CC-B431-6CC65A4FEFC5}" = protocol=1 | dir=in | [email protected],-28543 |
"{24842666-E00A-477C-988D-C58FAF620BA5}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{28DC9D16-0CEE-4D6D-92EB-FDD5613B6F53}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqste08.exe |
"{36747FD8-2627-4CA9-9F8D-1D6F513D1ADD}" = protocol=6 | dir=in | app=c:\program files\tivo\desktop\curl.exe |
"{38F5FE87-A603-4E74-938F-A5CFB5215590}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{39B75AE0-01B3-48BF-9731-84D36F04EB06}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe |
"{3AF48221-D0F0-4F68-9543-A6BD6AD0FCF0}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqusgm.exe |
"{3EFBF33C-484E-4414-99E3-F418A680A773}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqgplgtupl.exe |
"{3F28A11B-E254-4890-AA38-736A60786C76}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpfccopy.exe |
"{424A032F-38EF-43BC-AA8D-1879B8EC942A}" = protocol=6 | dir=in | app=c:\program files\tivo\desktop\tivobeacon.exe |
"{48DF072F-0DD8-412D-8987-1CCC1403746E}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpiscnapp.exe |
"{58BFBA3A-CB8E-4853-A800-0C52EBBD00E7}" = protocol=6 | dir=in | app=c:\program files\common files\aol\topspeed\3.0\aoltpsd3.exe |
"{5D5DD29B-A85C-4DDD-821E-8D6EBB480F6D}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{5DB56E79-A99B-4BE2-845E-D051881BB9EC}" = protocol=6 | dir=in | app=c:\program files\common files\aol\loader\aolload.exe |
"{5F8999EC-8835-4800-B13B-F37DD1C872CB}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqgpc01.exe |
"{6000266D-6017-476A-80B7-4000CF50988A}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqcopy2.exe |
"{62A9E65E-722F-4809-802B-0B3285CCC189}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpzwiz01.exe |
"{62EC4A5A-CE0E-4F21-8967-0158015EA20B}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{63E5B72D-3F00-4C60-9F93-E48FC4200727}" = protocol=58 | dir=in | [email protected],-148 |
"{6482D4C9-F257-4D29-B065-8CC9180F9348}" = protocol=6 | dir=in | app=c:\program files\tivo\desktop\tivodesktop.exe |
"{76127351-2B76-46A9-A329-FEFF1C265A8E}" = dir=in | app=c:\program files\hp\digital imaging\smart web printing\smartwebprintexe.exe |
"{76D49047-30C4-4F92-8BB3-F472E8BD3D5D}" = protocol=17 | dir=in | app=c:\program files\common files\aol\acs\aoldial.exe |
"{7AB2CC16-78FC-485B-AB52-44F0450FA7EA}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{8E3C1D94-E5E3-4191-A0E4-5B41DCF3A118}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{91163584-A85F-47DD-9B6C-872DE9ACCAE8}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{921D7DE2-F93E-40AC-9F0D-117BF86B6035}" = protocol=6 | dir=out | app=system |
"{9702B604-695B-4E63-BC1C-1B0965B640EE}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{97567798-8FD6-4F19-8A30-8467DE57060E}" = protocol=6 | dir=in | app=c:\program files\common files\aol\system information\sinf.exe |
"{9B4E3E2D-1629-480B-9426-729C6B97C35D}" = protocol=6 | dir=in | app=c:\program files\avg\avg2013\avgmfapx.exe |
"{9B60A1A1-C171-4B61-A400-F46104049B56}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqkygrp.exe |
"{9D49792C-0EE2-4729-BB30-3AADEDB8F1ED}" = protocol=6 | dir=in | app=c:\program files\common files\aol\acs\aoldial.exe |
"{9D8BCB69-1087-4110-96F1-E55C25201648}" = dir=in | app=c:\program files\itunes\itunes.exe |
"{9DF3F632-77C3-4705-A412-A31B128D484F}" = protocol=17 | dir=in | app=c:\program files\tivo\desktop\tivoserver.exe |
"{9E3817D7-0FD4-4B79-9086-2F1D7C4F8354}" = protocol=17 | dir=in | app=c:\program files\common files\aol\loader\aolload.exe |
"{9EEBFE1D-7386-487E-8AC1-F47D5F17A55C}" = protocol=17 | dir=in | app=c:\program files\avg\avg2013\avgnsx.exe |
"{9FBDFE1F-8945-4E07-B137-90FEB61C6257}" = protocol=17 | dir=in | app=c:\program files\aol 9.0\waol.exe |
"{A10A0B68-4BA0-46C3-B29D-9DC3787A0291}" = protocol=17 | dir=in | app=c:\program files\tivo\desktop\tivobeacon.exe |
"{AAE44917-973D-409A-A7F8-B251094292F5}" = protocol=17 | dir=in | app=c:\program files\common files\aol\acs\aolacsd.exe |
"{AB796C1C-D64B-458F-839E-842A8A1A4B82}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{B02A00A7-7DE2-4AE9-9090-AD4DD37DE739}" = protocol=1 | dir=out | [email protected],-28544 |
"{B2CA5D10-518C-49AD-8DD3-BFED1A12A426}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{B4E11F25-E8E0-47AF-A51A-140225F4B709}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{B5116723-5503-4FA3-B51F-A6A0B211CC32}" = dir=in | app=c:\program files\common files\hp\digital imaging\bin\hpqphotocrm.exe |
"{B571592D-83C4-49F7-8267-28FFAFE171D3}" = protocol=6 | dir=in | app=c:\program files\tivo\desktop\tivotransfer.exe |
"{B594A955-76C6-4E9C-B4A7-379F6A8263AF}" = protocol=6 | dir=in | app=c:\program files\avg\avg2013\avgdiagex.exe |
"{B9BE34B3-332F-43A1-9C21-3703878C755A}" = protocol=17 | dir=in | app=c:\program files\tivo\desktop\tivodesktop.exe |
"{BB103649-99C3-4FE5-98F3-61402DE9482B}" = protocol=6 | dir=in | app=c:\program files\common files\aol\acs\aolacsd.exe |
"{C6ACFFD1-9994-481A-A040-5DFAB7D80FC7}" = dir=out | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{CDC10746-4AF3-47E8-8E17-732199C4B668}" = protocol=17 | dir=in | app=c:\program files\avg\avg2013\avgemcx.exe |
"{D290CCC0-28F9-42E1-8389-EE02EA698C68}" = protocol=6 | dir=in | app=c:\program files\tivo\desktop\tivodiag.exe |
"{D907EC8C-2899-4B63-8050-52C8B5B9AF65}" = protocol=17 | dir=in | app=c:\program files\tivo\desktop\tivotransfer.exe |
"{DD517714-3398-4459-BAC4-FB6B1FF51CBA}" = protocol=17 | dir=in | app=c:\program files\tivo\desktop\curl.exe |
"{DD92F4E0-A883-4EEB-8413-57B47F8FD4C4}" = protocol=58 | dir=in | [email protected],-28545 |
"{DF547C16-0A80-4DBF-90E8-1464185EF6EC}" = dir=in | app=c:\program files\hp\digital imaging\bin\hposfx08.exe |
"{E1418D74-DD94-43AE-A9D7-684464580A4C}" = protocol=6 | dir=in | app=c:\program files\tivo\desktop\tivoserver.exe |
"{E1636444-BAFB-4BD0-8C75-CF5DDB01B94A}" = dir=in | app=c:\program files\hp\hp software update\hpwucli.exe |
"{E17190DE-6F13-46C0-8A94-B535E074B15E}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{E49604C9-1C4B-4D52-B3A0-186D841CB11A}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{E4A874AA-64E8-441C-A492-57D97BF22655}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{E7A05528-3C7E-4071-A380-7FA04CF593B0}" = protocol=6 | dir=in | app=c:\program files\avg\avg2013\avgemcx.exe |
"{EACF5AB4-5DC7-4106-8AB9-9B8B0DEED505}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqtra08.exe |
"{EB069A31-B3B5-4D3F-93EF-2C50D17F756F}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpoews01.exe |
"{ECBD3167-4E1A-4204-BFBD-A26D6A3E55AC}" = protocol=58 | dir=out | [email protected],-28546 |
"{F1910020-F445-42A2-A6AA-1D421CBC4EB0}" = protocol=17 | dir=in | app=c:\program files\tivo\desktop\tivodiag.exe |
"{F21D55BD-F153-446D-AB1A-62BC839BD2D2}" = protocol=17 | dir=in | app=c:\program files\avg\avg2013\avgmfapx.exe |
"{F24D92F6-377E-4EBD-9F50-D76100FE106F}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{F7D94155-5030-48AF-8458-EADE52C06868}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{F8023BA7-846A-42D7-A8C7-1A3E0BB11EDA}" = protocol=6 | dir=in | app=c:\program files\aol 9.0\waol.exe |
"{F8FA4D3C-6BC8-4AE5-87D6-80FCC12E0984}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{FC0519C1-85AD-4F2D-9816-69B78A175212}" = protocol=6 | dir=in | app=c:\program files\avg\avg2013\avgnsx.exe |
"{FE9478F1-F753-43DA-83C4-709AB752629B}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{FFC3A8E0-9B88-40C1-A383-6D7A81186865}" = protocol=17 | dir=in | app=c:\program files\common files\aol\system information\sinf.exe |
"{FFEF74C4-4C19-4904-9705-640ADC3498EF}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpofxm08.exe |
"TCP Query User{665E13A1-6FBA-42FB-94AB-BE5C077841EC}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{12CF8691-522E-47F9-AC2D-B23E9BC3EF49}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{034DD4BB-F0D6-4ECF-B064-8E39E3EF7076}" = Quicken 2013
"{0394CDC8-FABD-4ed8-B104-03393876DFDF}" = Roxio Creator Tools
"{07FB17D8-7DB6-4F06-80C4-8BE1719CB6A1}" = hpWLPGInstaller
"{0D397393-9B50-4c52-84D5-77E344289F87}" = Roxio Creator Data
"{0E64B098-8018-4256-BA23-C316A43AD9B0}" = QuickTime
"{0F367CA3-3B2F-43F9-A44A-25A8EE69E45D}" = Scan
"{175F0111-2968-4935-8F70-33108C6A4DE3}" = MarketResearch
"{18A8E78B-9EF2-496E-B310-BCD8E4C1DAB3}" = iSEEK AnswerWorks English Runtime
"{1B758D8A-B999-45AD-B7AA-14D10FDC19D2}_is1" = E-Z Contact Book version 2.7.0.0
"{1C8A4EE2-9D97-440F-9D8D-DA19C9657178}" = AVG 2013
"{21A2F5EE-1DC5-488A-BE7E-E526F8C61488}" = DeviceDiscovery
"{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}" = BufferChm
"{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}" = HP Update
"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Roxio Update Manager
"{3127F76D-5335-4AC7-BD1E-2F5247A23C24}" = iTunes
"{32343DB6-9A52-40C9-87E4-5E7C79791C87}" = MSXML 4.0 SP2 and SOAP Toolkit 3.0
"{35E1EC43-D4FC-4E4A-AAB3-20DDA27E8BB0}" = Sonic Activation Module
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3F92ABBB-6BBF-11D5-B229-002078017FBF}" = NetWaiting
"{43CDF946-F5D9-4292-B006-BA0D92013021}" = WebReg
"{44CDBD1B-89FB-4E02-8319-2A4C550F664A}" = RTC Client API v1.2
"{46C045BF-2B3F-4BC4-8E4C-00E0CF8BD9DB}" = Adobe AIR
"{497072FE-0A75-4E5C-A5B7-EB1FA67F66F1}" = DJ_AIO_05_F4400_Software_Min
"{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}" = SolutionCenter
"{4E839090-3B68-436A-B3CF-A2A08C38DD26}" = TiVo Desktop 2.8.3
"{5AEBB4A3-6878-4CEE-AD34-0F6958A983F0}" = HP Deskjet F4400 Printer Driver Software 13.0 Rel .5
"{5CD29180-A95E-11D3-A4EB-00C04F7BDB2C}" = User's Guides
"{619CDD8A-14B6-43a1-AB6C-0F4EE48CE048}" = Roxio Creator Copy
"{62230596-37E5-4618-A329-0D21F529A86F}" = Browser Address Error Redirector
"{631E66F3-5BCC-4FF8-9F42-95AF0BFA38B7}" = AVG 2013
"{63FF21C9-A810-464F-B60A-3111747B1A6D}" = GPBaseService2
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler
"{68A10D12-0D0F-4212-BDE6-D87FAD32A8FA}" = SmartWebPrinting
"{6B2FFB21-AC88-45C3-9A7D-4BB3E744EC91}" = HPSSupply
"{6BBA26E9-AB03-4FE7-831A-3535584CA002}" = Toolbox
"{6D52C408-B09A-4520-9B18-475B81D393F1}" = Microsoft Works
"{777CA40C-0206-4EF6-A0FC-618BF06BF8D0}" = Intel® PRO Network Connections 12.1.11.0
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}" = Dell Getting Started Guide
"{8153ED9A-C94A-426E-9880-5E6775C08B62}" = Apple Mobile Device Support
"{83475EE2-08BD-4134-B4F9-F3FA46EDC508}" = Geek Squad 24 Hour Computer Support
"{83FFCFC7-88C6-41c6-8752-958A45325C82}" = Roxio Creator Audio
"{880AF49C-34F7-4285-A8AD-8F7A3D1C33DC}" = Roxio Creator BDAV Plugin
"{89CEAE14-DD0F-448E-9554-15781EC9DB24}" = Product Documentation Launcher
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8EAD600D-1912-4DEF-92B5-0C7525E17ED2}" = F4400
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{904CCF62-818D-4675-BC76-D37EB399F917}" = Windows Mobile Device Center
"{90850409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Word Viewer 2003
"{91120409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Standard Edition 2003
"{92127AF5-FDD8-4ADF-BC40-C356C9EE0B7D}" = 32 Bit HP CIO Components Installer
"{A75BC59B-10BF-6B87-DCC7-3501F158ACC6}" = Times Reader
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.3)
"{AE8705FB-E13C-40A9-8A2D-68D6733FBFC2}" = Status
"{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations
"{C43326F5-F135-4551-8270-7F7ABA0462E1}" = HPProductAssistant
"{C559CCD6-E2B8-4C7B-9791-AB68F382F9C2}" = DirectShow Dump
"{C75CDBA2-3C86-481e-BD10-BDDA758F9DFF}" = hpPrintProjects
"{C8B0680B-CDAE-4809-9F91-387B6DE00F7C}" = Roxio Creator DE
"{CAE4213F-F797-439D-BD9E-79B71D115BE3}" = HPPhotoGadget
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D639085F-4B6E-4105-9F37-A0DBB023E2FB}" = Roxio MyDVD DE
"{D7769185-9A7C-48D4-8874-5388743A1DE2}" = Music, Photos & Videos Launcher
"{DC0A5F99-FD66-433F-9D3A-05DCBA64BE42}" = TrayApp
"{E3BFEE55-39E2-4BE0-B966-89FE583822C1}" = Dell Support Center
"{E646DCF0-5A68-11D5-B229-002078017FBF}" = Digital Line Detect
"{E7044E25-3038-4A76-9064-344AC038043E}" = Windows Mobile Device Center Driver Update
"{EB879750-CCBD-4013-BFD5-0294D4DA5BD0}" = Apple Application Support
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F63A3748-B93D-4360-9AD4-B064481A5C7B}" = Modem Diagnostic Tool
"{F855C3AE-992D-4B84-A09D-07103CDCDAC2}" = Linksys Compact Wireless-G USB Adapter Driver - WUSB54GC
"{FAF26102-09D7-4C58-AB01-0D59A2E517CA}" = Copy
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"AVG" = AVG 2013
"Avidemux 2.5" = Avidemux 2.5 (32-bit)
"CNXT_MODEM_PCI_VEN_14F1&DEV_2F20&SUBSYS_200F14F1" = Conexant D850 PCI V.92 Modem
"com.nyt.timesreader.78C54164786ADE80CB31E1C5D95607D0938C987A.1" = Times Reader
"Google Chrome" = Google Chrome
"HDMI" = Intel® Graphics Media Accelerator Driver
"HP Imaging Device Functions" = HP Imaging Device Functions 13.0
"HP Print Projects" = HP Print Projects 1.0
"HP Smart Web Printing" = HP Smart Web Printing 4.5
"HP Solution Center & Imaging Support Tools" = HP Solution Center 13.0
"HPExtendedCapabilities" = HP Customer Participation Program 13.0
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.75.0.1300
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"PrimoPDF" = PrimoPDF -- brought to you by Nitro PDF Software
"PROSetDX" = Intel® PRO Network Connections 12.1.11.0
"RealPlayer 6.0" = RealPlayer Basic
"Shop for HP Supplies" = Shop for HP Supplies
"StreetPlugin" = Learn2 Player (Uninstall Only)
"SyncBack_is1" = SyncBack
"ViewpointMediaPlayer" = Viewpoint Media Player
"Yahoo! Companion" = Yahoo! Toolbar
"Yahoo! Search Defender" = Yahoo! Search Protection
"Yahoo! Software Update" = Yahoo! Software Update
"YInstHelper" = Yahoo! Install Manager
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"309a46b1dc89b774" = Dell Driver Download Manager
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 7/12/2013 5:02:08 AM | Computer Name = ARDCBZJ3C6D | Source = TivoTransfer | ID = 0
Description =
Error - 7/19/2013 8:43:46 PM | Computer Name = ARDCBZJ3C6D | Source = TivoTransfer | ID = 0
Description =
Error - 7/30/2013 7:14:58 PM | Computer Name = ARDCBZJ3C6D | Source = Application Hang | ID = 1002
Description = The program iexplore.exe version 9.0.8112.16496 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Problem Reports and Solutions control panel. Process
ID: 130 Start Time: 01ce8d7a7bf1c5e0 Termination Time: 3
Error - 8/6/2013 5:03:56 AM | Computer Name = ARDCBZJ3C6D | Source = Application Hang | ID = 1002
Description = The program iexplore.exe version 9.0.8112.16496 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Problem Reports and Solutions control panel. Process
ID: 638 Start Time: 01ce92839adad9c0 Termination Time: 4
Error - 9/7/2013 10:05:20 PM | Computer Name = ARDCBZJ3C6D | Source = Application Hang | ID = 1002
Description = The program WINWORD.EXE version 11.0.8402.0 stopped interacting with
Windows and was closed. To see if more information about the problem is available,
check the problem history in the Problem Reports and Solutions control panel. Process
ID: 16e8 Start Time: 01ceac37693284e8 Termination Time: 60000
Error - 10/7/2013 10:02:49 AM | Computer Name = ARDCBZJ3C6D | Source = EventSystem | ID = 4609
Description =
Error - 10/7/2013 10:03:05 AM | Computer Name = ARDCBZJ3C6D | Source = Microsoft-Windows-CAPI2 | ID = 131584
Description =
Error - 10/7/2013 2:26:21 PM | Computer Name = ARDCBZJ3C6D | Source = Windows Backup | ID = 4104
Description =
Error - 10/7/2013 2:26:34 PM | Computer Name = ARDCBZJ3C6D | Source = Windows Backup | ID = 4104
Description =
Error - 10/7/2013 2:26:51 PM | Computer Name = ARDCBZJ3C6D | Source = Windows Backup | ID = 4104
Description =
[ Media Center Events ]
Error - 10/7/2009 1:30:34 PM | Computer Name = ARDCBZJ3C6D | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.
[ System Events ]
Error - 10/7/2013 10:02:52 AM | Computer Name = ARDCBZJ3C6D | Source = DCOM | ID = 10010
Description =
Error - 10/7/2013 10:02:55 AM | Computer Name = ARDCBZJ3C6D | Source = DCOM | ID = 10005
Description =
Error - 10/7/2013 10:02:55 AM | Computer Name = ARDCBZJ3C6D | Source = DCOM | ID = 10005
Description =
Error - 10/7/2013 10:02:55 AM | Computer Name = ARDCBZJ3C6D | Source = Service Control Manager | ID = 7001
Description =
Error - 10/7/2013 10:02:55 AM | Computer Name = ARDCBZJ3C6D | Source = Service Control Manager | ID = 7001
Description =
Error - 10/7/2013 3:52:16 PM | Computer Name = ARDCBZJ3C6D | Source = Service Control Manager | ID = 7006
Description =
Error - 10/11/2013 4:33:00 AM | Computer Name = ARDCBZJ3C6D | Source = Service Control Manager | ID = 7006
Description =
Error - 10/11/2013 4:39:42 AM | Computer Name = ARDCBZJ3C6D | Source = Print | ID = 19
Description = The print spooler failed to share printer PrimoPDF with shared resource
name PrimoPDF. Error 2114. The printer cannot be used by others on the network.
Error - 10/19/2013 12:29:20 PM | Computer Name = ARDCBZJ3C6D | Source = EventLog | ID = 6008
Description = The previous system shutdown at 11:37:07 AM on 10/19/2013 was unexpected.
Error - 10/19/2013 12:30:42 PM | Computer Name = ARDCBZJ3C6D | Source = Service Control Manager | ID = 7006
Description =
< End of report >