Here is the Otl.txt - notepad:
OTL logfile created on: 10/29/2013 12:27:36 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Owner\My Documents\Downloads
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
2.23 Gb Total Physical Memory | 0.64 Gb Available Physical Memory | 28.56% Memory free
4.31 Gb Paging File | 2.26 Gb Available in Paging File | 52.47% Paging File free
Paging file location(s): C:\pagefile.sys 0 0 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 931.50 Gb Total Space | 759.52 Gb Free Space | 81.54% Space Free | Partition Type: NTFS
Drive E: | 3.80 Gb Total Space | 2.72 Gb Free Space | 71.65% Space Free | Partition Type: FAT32
Computer Name: OWNER-5F64AFAA0 | User Name: Owner | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2013/10/29 12:27:16 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner\My Documents\Downloads\OTL.exe
PRC - [2013/10/08 20:02:45 | 000,844,752 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
PRC - [2013/09/22 07:57:32 | 003,470,624 | ---- | M] (Conduit) -- C:\Documents and Settings\Owner\Application Data\SearchProtect\bin\cltmng.exe
PRC - [2013/08/20 16:52:16 | 000,040,512 | ---- | M] (White Sky, Inc.) -- C:\Program Files\Constant Guard Protection Suite\IDVaultSvc.exe
PRC - [2013/08/20 16:52:13 | 003,857,984 | ---- | M] (White Sky, Inc.) -- C:\Program Files\Constant Guard Protection Suite\IDVault.exe
PRC - [2013/07/11 21:28:45 | 000,295,512 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Real\RealPlayer\Update\realsched.exe
PRC - [2013/05/21 00:44:22 | 000,144,368 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton Security Suite\Engine\20.4.0.40\ccsvchst.exe
PRC - [2013/05/08 02:18:34 | 000,097,056 | ---- | M] (Conduit) -- C:\Program Files\SearchProtect\bin\CltMngSvc.exe
PRC - [2013/04/16 03:07:08 | 000,039,056 | ---- | M] () -- C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
PRC - [2013/02/14 05:16:13 | 001,683,456 | ---- | M] (Bandoo Media Inc) -- C:\Program Files\Search Results Toolbar\Datamngr\datamngrUI.exe
PRC - [2013/01/12 11:07:43 | 000,199,016 | ---- | M] (Tidy Network) -- C:\Documents and Settings\Owner\Local Settings\Application Data\TidyNetwork.com\tidynetwork008.exe
PRC - [2012/11/20 16:30:38 | 001,653,760 | R--- | M] (AWS Convergence Technologies, Inc.) -- C:\Program Files\AWS\WeatherBug\Weather.exe
PRC - [2012/09/02 13:15:12 | 000,161,768 | ---- | M] (Oracle Corporation) -- C:\Program Files\Java\jre7\bin\jqs.exe
PRC - [2011/11/12 12:21:58 | 006,141,792 | ---- | M] (LeapFrog Enterprises, Inc.) -- C:\Program Files\LeapFrog\LeapFrog Connect\CommandService.exe
PRC - [2010/04/08 16:46:20 | 000,154,152 | ---- | M] (Authentium, Inc) -- C:\Program Files\Common Files\Authentium\AntiVirus5\vseqrts.exe
PRC - [2010/04/08 16:46:18 | 000,117,288 | R--- | M] (Authentium, Inc) -- C:\Program Files\Common Files\Authentium\AntiVirus5\vsedsps.exe
PRC - [2010/04/08 16:46:12 | 000,117,288 | R--- | M] (Authentium, Inc) -- C:\Program Files\Common Files\Authentium\AntiVirus5\vseamps.exe
PRC - [2009/08/28 16:33:28 | 000,116,032 | ---- | M] (Dell Inc.) -- C:\Program Files\Dell Printers\Additional Color Laser Software\Status Monitor\dlpwdnt.exe
PRC - [2009/02/10 03:01:49 | 000,116,104 | ---- | M] () -- C:\Program Files\Canon\IJPLM\ijplmsvc.exe
PRC - [2008/04/14 08:00:00 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2006/12/07 17:52:14 | 000,140,184 | ---- | M] (Dell Inc.) -- C:\Program Files\Dell Printers\Additional Color Laser Software\Status Monitor\dlsdbnt.exe
PRC - [2003/05/15 01:19:50 | 000,217,193 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe
========== Modules (No Company Name) ==========
MOD - [2013/10/08 20:02:43 | 000,415,184 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\30.0.1599.101\ppgooglenaclpluginchrome.dll
MOD - [2013/10/08 20:02:42 | 013,584,336 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\30.0.1599.101\PepperFlash\pepflashplayer.dll
MOD - [2013/10/08 20:02:41 | 004,055,504 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\30.0.1599.101\pdf.dll
MOD - [2013/10/08 20:01:47 | 001,604,560 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\30.0.1599.101\ffmpegsumo.dll
MOD - [2013/08/20 16:52:19 | 000,549,272 | ---- | M] () -- C:\Program Files\Constant Guard Protection Suite\sqlite3.dll
MOD - [2013/04/16 03:07:08 | 000,039,056 | ---- | M] () -- C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
MOD - [2012/06/14 13:44:32 | 000,245,760 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\WindowsFormsIntegra#\cc063533b04f9420d1aa571a36d1fabd\WindowsFormsIntegration.ni.dll
MOD - [2012/06/14 13:44:22 | 001,828,352 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Web.Services\87e09dfbe3a44d6b00d3a5895f5a21a6\System.Web.Services.ni.dll
MOD - [2012/06/14 13:44:17 | 000,365,056 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\76a5d670ce969c0c65a905b7303d4bbf\System.ServiceModel.Routing.ni.dll
MOD - [2012/06/14 13:44:17 | 000,220,672 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.ServiceProce#\6e7f1bdc845816dfc797f8002b76b5e8\System.ServiceProcess.ni.dll
MOD - [2012/06/14 13:44:16 | 001,127,424 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\dbf07cb14b4dcc210cdf8b5d90a12a56\System.ServiceModel.Discovery.ni.dll
MOD - [2012/06/14 13:44:14 | 001,388,032 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\52481fccddb053768631c640d5059d4b\System.ServiceModel.Activities.ni.dll
MOD - [2012/06/14 13:44:14 | 000,082,432 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\c3831eb95ccf3904bab81a97a9b08ed3\System.ServiceModel.Channels.ni.dll
MOD - [2012/06/14 13:44:11 | 017,919,488 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.ServiceModel\250b525aa8c17327216e102569c0d766\System.ServiceModel.ni.dll
MOD - [2012/06/14 13:43:46 | 001,159,168 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Management\6a6f4be744ed5bc5273cbcf0fcf303e3\System.Management.ni.dll
MOD - [2012/06/14 13:43:41 | 001,065,984 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.IdentityModel\9eac876f58a3ebca8878b8654efdc817\System.IdentityModel.ni.dll
MOD - [2012/06/14 13:41:49 | 000,645,632 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Transactions\dd9dbf82e44454689976a49a9e4ddb6d\System.Transactions.ni.dll
MOD - [2012/06/14 13:41:48 | 001,011,200 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Runtime.Dura#\f3989d3e9cb8904e4edf23ede5adb6c1\System.Runtime.DurableInstancing.ni.dll
MOD - [2012/06/14 13:41:46 | 000,142,336 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\SMDiagnostics\4d2a51c03b27e615ff9f1c430f2014ba\SMDiagnostics.ni.dll
MOD - [2012/06/14 13:41:45 | 002,625,024 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\e9f8a45b1063d6c6a62718c88a5623d1\System.Runtime.Serialization.ni.dll
MOD - [2012/06/14 13:41:41 | 001,776,640 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Xaml\035910922f160d304fb834aae41f45a6\System.Xaml.ni.dll
MOD - [2012/06/14 13:17:53 | 017,629,184 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\7f91eecda3ff7ce478146b6458580c98\PresentationFramework.ni.dll
MOD - [2012/06/14 13:17:40 | 013,006,336 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\17e020ae92d7fab33bcc1c98b25019d0\System.Windows.Forms.ni.dll
MOD - [2012/06/14 13:17:32 | 011,057,664 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\PresentationCore\3963e9ce8d44f50e8367e92a8e3e42e6\PresentationCore.ni.dll
MOD - [2012/06/14 13:17:20 | 006,754,816 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Data\92cccedc7cda413ff6fc6492cb256b58\System.Data.ni.dll
MOD - [2012/06/14 13:17:18 | 003,779,072 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\WindowsBase\d17606e813f01376bd0def23726ecc62\WindowsBase.ni.dll
MOD - [2012/06/14 13:17:13 | 001,651,200 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Drawing\dd57bc19f5807c6dbe8f88d4a23277f6\System.Drawing.ni.dll
MOD - [2012/06/14 13:17:07 | 007,025,664 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Core\713647b987b140a17e3c4ffe4c721f85\System.Core.ni.dll
MOD - [2012/06/14 13:17:04 | 005,571,584 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Xml\e997d0200c25f7db6bd32313d50b729d\System.Xml.ni.dll
MOD - [2012/06/14 13:16:58 | 000,973,312 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Configuration\ac18c2dcd06bd2a0589bac94ccae5716\System.Configuration.ni.dll
MOD - [2012/06/14 13:16:56 | 000,283,648 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\f5e029e2215c95ab38a1eefef7b32ac9\PresentationFramework.Classic.ni.dll
MOD - [2012/06/14 13:16:54 | 009,000,960 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System\964da027ebca3b263a05cadb8eaa20a3\System.ni.dll
MOD - [2012/06/14 13:16:45 | 000,144,896 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Numerics\b07f0d26a34ad53fc369248f289d1126\System.Numerics.ni.dll
MOD - [2012/06/14 13:16:44 | 014,415,872 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\mscorlib\246f1a5abb686b9dcdf22d3505b08cea\mscorlib.ni.dll
MOD - [2012/05/30 10:51:08 | 000,699,280 | R--- | M] () -- C:\Program Files\Norton Security Suite\Engine\20.4.0.40\wincfi39.dll
MOD - [2011/06/24 22:56:36 | 000,087,328 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/06/24 22:56:14 | 001,241,888 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2011/03/17 01:11:16 | 004,297,568 | ---- | M] () -- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
MOD - [2010/10/20 16:45:26 | 008,801,120 | ---- | M] () -- C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
MOD - [2009/02/10 03:01:49 | 000,116,104 | ---- | M] () -- C:\Program Files\Canon\IJPLM\ijplmsvc.exe
MOD - [2008/04/14 08:00:00 | 000,059,904 | ---- | M] () -- C:\WINDOWS\system32\devenum.dll
MOD - [2008/04/14 08:00:00 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
========== Services (SafeList) ==========
SRV - [2013/10/08 23:27:56 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/08/20 16:52:16 | 000,040,512 | ---- | M] (White Sky, Inc.) [Auto | Running] -- C:\Program Files\Constant Guard Protection Suite\IDVaultSvc.exe -- (IDVaultSvc)
SRV - [2013/07/10 21:36:51 | 000,117,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/06/03 16:21:54 | 000,162,408 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013/05/21 00:44:22 | 000,144,368 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Norton Security Suite\Engine\20.4.0.40\ccSvcHst.exe -- (N360)
SRV - [2013/05/08 02:18:34 | 000,097,056 | ---- | M] (Conduit) [Auto | Running] -- C:\Program Files\SearchProtect\bin\CltMngSvc.exe -- (CltMngSvc)
SRV - [2013/04/16 03:07:08 | 000,039,056 | ---- | M] () [Auto | Running] -- C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe -- (RealNetworks Downloader Resolver Service)
SRV - [2012/11/18 15:59:49 | 000,042,504 | ---- | M] (COMPANYVERS_NAME) [Auto | Stopped] -- C:\Program Files\VideoDownloadConverter_4z\bar\1.bin\4zbarsvc.exe -- (VideoDownloadConverter_4zService)
SRV - [2012/09/02 13:15:12 | 000,161,768 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Program Files\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2011/11/12 12:21:58 | 006,141,792 | ---- | M] (LeapFrog Enterprises, Inc.) [Auto | Running] -- C:\Program Files\LeapFrog\LeapFrog Connect\CommandService.exe -- (LeapFrog Connect Device Service)
SRV - [2011/09/27 15:03:28 | 000,295,192 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe -- (LBTServ)
SRV - [2011/06/27 12:14:41 | 000,034,320 | ---- | M] (MyWebSearch.com) [Auto | Stopped] -- C:\Program Files\MyWebSearch\bar\1.bin\MWSSVC.EXE -- (MyWebSearchService)
SRV - [2011/06/12 11:15:00 | 031,125,880 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE -- (Microsoft SharePoint Workspace Audit Service)
SRV - [2010/04/08 16:46:20 | 000,154,152 | ---- | M] (Authentium, Inc) [Auto | Running] -- C:\Program Files\Common Files\Authentium\AntiVirus5\vseqrts.exe -- (vseqrts)
SRV - [2010/04/08 16:46:18 | 000,117,288 | R--- | M] (Authentium, Inc) [Auto | Running] -- C:\Program Files\Common Files\Authentium\AntiVirus5\vsedsps.exe -- (vsedsps)
SRV - [2010/04/08 16:46:12 | 000,117,288 | R--- | M] (Authentium, Inc) [Auto | Running] -- C:\Program Files\Common Files\Authentium\AntiVirus5\vseamps.exe -- (vseamps)
SRV - [2010/01/15 08:49:20 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe -- (McComponentHostService)
SRV - [2009/08/28 16:33:28 | 000,116,032 | ---- | M] (Dell Inc.) [Auto | Running] -- C:\Program Files\Dell Printers\Additional Color Laser Software\Status Monitor\dlpwdnt.exe -- (DLPWD)
SRV - [2009/02/10 03:01:49 | 000,116,104 | ---- | M] () [Auto | Running] -- C:\Program Files\Canon\IJPLM\ijplmsvc.exe -- (IJPLMSVC)
SRV - [2006/12/07 17:52:14 | 000,140,184 | ---- | M] (Dell Inc.) [Auto | Running] -- C:\Program Files\Dell Printers\Additional Color Laser Software\Status Monitor\dlsdbnt.exe -- (DLSDB)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\Owner\LOCALS~1\Temp\jbridgep.sys -- (jbridgep)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\AVGIDSShim.Sys -- (AVGIDSShim)
DRV - [2013/10/28 16:59:35 | 000,380,824 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\IPSDefs\20131025.002\IDSXpx86.sys -- (IDSxpx86)
DRV - [2013/10/22 19:11:14 | 001,096,280 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\BASHDefs\20131022.001\BHDrvx86.sys -- (BHDrvx86)
DRV - [2013/09/17 17:59:51 | 000,080,104 | ---- | M] (Zemana Ltd.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AntiLog32.sys -- (AntiLog32)
DRV - [2013/08/28 22:01:44 | 001,612,376 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\VirusDefs\20131028.038\NAVEX15.SYS -- (NAVEX15)
DRV - [2013/08/28 22:01:44 | 000,093,272 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\VirusDefs\20131028.038\NAVENG.SYS -- (NAVENG)
DRV - [2013/08/26 21:42:13 | 000,376,920 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2013/08/26 21:42:13 | 000,108,120 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2013/07/24 11:25:24 | 000,024,520 | ---- | M] (Zemana Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\KeyCrypt32.sys -- (keycrypt)
DRV - [2013/07/16 11:36:09 | 000,142,496 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2013/05/23 01:25:28 | 000,934,488 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\N360\1404000.028\symefa.sys -- (SymEFA)
DRV - [2013/05/21 01:02:00 | 000,367,704 | ---- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\N360\1404000.028\symds.sys -- (SymDS)
DRV - [2013/05/16 01:02:14 | 000,603,224 | ---- | M] (Symantec Corporation) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\N360\1404000.028\srtsp.sys -- (SRTSP)
DRV - [2013/04/24 20:43:56 | 000,396,760 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\N360\1404000.028\symtdi.sys -- (SYMTDI)
DRV - [2013/04/15 22:41:14 | 000,134,744 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\N360\1404000.028\ccsetx86.sys -- (ccSet_N360)
DRV - [2013/03/04 21:21:36 | 000,032,344 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\N360\1404000.028\srtspx.sys -- (SRTSPX)
DRV - [2012/10/30 19:51:56 | 000,020,624 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswKbd.sys -- (aswKbd)
DRV - [2012/07/27 23:05:22 | 000,175,264 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\N360\1404000.028\ironx86.sys -- (SymIRON)
DRV - [2011/09/02 02:31:28 | 000,039,192 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LMouFilt.Sys -- (LMouFilt)
DRV - [2011/09/02 02:31:28 | 000,030,360 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LUsbFilt.sys -- (LUsbFilt)
DRV - [2011/09/02 02:31:20 | 000,041,240 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LHidFilt.Sys -- (LHidFilt)
DRV - [2011/09/02 02:31:10 | 000,042,648 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LEqdUsb.sys -- (LEqdUsb)
DRV - [2011/09/02 02:31:10 | 000,012,184 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LHidEqd.sys -- (LHidEqd)
DRV - [2011/09/02 02:30:58 | 000,012,184 | ---- | M] (Logitech, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\LBeepKE.sys -- (LBeepKE)
DRV - [2011/08/05 12:27:40 | 000,018,560 | ---- | M] (LeapFrog) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\FlyUsb.sys -- (FlyUsb)
DRV - [2009/12/18 13:58:52 | 000,011,336 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\SystemRequirementsLab\cpudrv.sys -- (cpudrv)
DRV - [2009/03/12 15:53:46 | 001,550,613 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sthda.sys -- (STHDA)
DRV - [2001/04/09 14:11:00 | 000,024,424 | ---- | M] (ADMtek) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\NET8511.SYS -- (ADM8511)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\..\SearchScopes,DefaultScope = {afdbddaa-5d3f-42ee-b79c-185a7020515b}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...ferrer:source?}
IE - HKLM\..\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0}: "URL" = http://search.mywebs...r={searchTerms}
IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = http://dts.search-re...q={searchTerms}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.searchnu.com/406
IE - HKCU\..\URLSearchHook: - No CLSID value found
IE - HKCU\..\URLSearchHook: {00A6FAF6-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\bar\1.bin\MWSSRCAS.DLL (MyWebSearch.com)
IE - HKCU\..\URLSearchHook: {535ae879-ef3b-449c-8726-e1e644ae2290} - C:\Program Files\NewFreeScreensavers\prxtbNew2.dll (Conduit Ltd.)
IE - HKCU\..\URLSearchHook: {93a3111f-4f74-4ed8-895e-d9708497629e} - No CLSID value found
IE - HKCU\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0}: "URL" = http://search.mywebs...r={searchTerms}
IE - HKCU\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = http://dts.search-re...q={searchTerms}
IE - HKCU\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.condui...&ctid=CT3185678
IE - HKCU\..\SearchScopes\{B156CE15-8648-4CE0-8E98-2A424CE71429}: "URL" = http://us.yhs.search...p={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - prefs.js..CT3185678.browser.search.defaultthis.engineName: true
FF - prefs.js..browser.search.defaultenginename: "Search Results"
FF - prefs.js..browser.search.order.1: "Search Results"
FF - prefs.js..browser.search.selectedEngine: "Search Results"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.searchnu.com/406"
FF - prefs.js..extensions.enabledAddons: %7B195A3098-0BD5-4e90-AE22-BA1C540AFD1E%7D:4.0.4
FF - prefs.js..extensions.enabledAddons: %7B4DC70064-89E2-4a55-8FC6-E8CDEAE3618C%7D:0.7.7
FF - prefs.js..extensions.enabledAddons: %7B1FD91A9C-410C-4090-BBCC-55D3450EF433%7D:1.0
FF - prefs.js..extensions.enabledAddons: %7B0113D088-8ED1-468C-B225-585A9C53B5E3%7D:1.0
FF - prefs.js..extensions.enabledAddons: idvaultaddin%40whitesky:1.13.624.1
FF - prefs.js..extensions.enabledAddons: tidynetwork%40tidynetwork:1.0
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:22.0
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:5.0.0.6906
FF - prefs.js..extensions.enabledItems: [email protected]:1.2.8
FF - prefs.js..keyword.URL: "http://dts.search-re...&o=APN10645&q="
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@mywebsearch.com/Plugin: C:\Program Files\MyWebSearch\bar\1.bin\NPMyWebS.dll (MyWebSearch.com)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=16.0.2.32: c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlchromebrowserrecordext;version=1.3.2: C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlhtml5videoshim;version=1.3.2: C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlpepperflashvideoshim;version=1.3.2: C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=16.0.2.32: c:\program files\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF - HKLM\Software\MozillaPlugins\@realnetworks.com/npdlplugin;version=1: C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@VideoDownloadConverter_4z.com/Plugin: C:\Program Files\VideoDownloadConverter_4z\bar\1.bin\NP4zStub.dll (MindSpark)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.7: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tightropeinteractive.com/Plugin: C:\Documents and Settings\Owner\Local Settings\Application Data\TNT2\2.0.0.1378\npTNT2.dll (Search.Us.com)
FF - HKCU\Software\MozillaPlugins\@tnt2ghost.com/Plugin: C:\Documents and Settings\Owner\Local Settings\Application Data\TNT2\2.0.0.1378\npTNT2ghost.dll (Search.Us.com)
FF - HKCU\Software\MozillaPlugins\amazon.com/AmazonMP3DownloaderPlugin: C:\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101752.dll (Amazon.com, Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\avg@igeared: C:\Program Files\AVG\AVG10\Toolbar\Firefox\avg@igeared
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\[email protected]: C:\Program Files\MyWebSearch\bar\1.bin [2011/11/07 17:26:30 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\4zffxtbr@VideoDownloadConverter_4z.com: C:\Program Files\VideoDownloadConverter_4z\bar\1.bin [2012/11/18 15:59:54 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2013/07/11 21:30:53 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\coFFPlgn\ [2013/10/29 12:00:08 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{FCE04E1F-9378-4f39-96F6-5689A9159E45}: C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ [2013/07/11 21:30:53 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\IPSFF [2013/10/09 12:19:09 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 22.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013/10/08 23:26:57 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 22.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013/10/08 23:26:57 | 000,000,000 | ---D | M]
[2013/03/05 18:09:54 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Extensions
[2013/08/12 14:27:15 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\0zyzye2a.default\extensions
[2013/07/07 01:32:54 | 000,000,000 | ---D | M] (TopArcadeHits) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\0zyzye2a.default\extensions\{0113D088-8ED1-468C-B225-585A9C53B5E3}
[2012/12/01 01:29:42 | 000,000,000 | ---D | M] (Garmin Communicator) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\0zyzye2a.default\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}
[2013/03/05 18:09:47 | 000,000,000 | ---D | M] (Search-Results Toolbar) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\0zyzye2a.default\extensions\{377e5d4d-77e5-476a-8716-7e70a9272da0}
[2013/03/21 00:03:10 | 000,000,000 | ---D | M] (VideoDownloadConverter) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\0zyzye2a.default\extensions\4zffxtbr@VideoDownloadConverter_4z.com
[2010/09/28 23:47:17 | 000,000,000 | ---D | M] (foof) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\0zyzye2a.default\extensions\[email protected]
[2013/07/15 15:37:37 | 000,000,000 | ---D | M] (XFINITY Constant Guard Protection Suite) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\0zyzye2a.default\extensions\idvaultaddin@whitesky
[2011/11/07 17:26:31 | 000,000,000 | ---D | M] (My Web Search) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\0zyzye2a.default\extensions\[email protected]
[2013/07/14 13:35:30 | 000,018,166 | ---- | M] () (No name found) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\0zyzye2a.default\extensions\[email protected]
[2013/10/29 12:01:02 | 000,003,634 | ---- | M] () (No name found) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\0zyzye2a.default\extensions\[email protected]
[2013/01/04 14:39:39 | 000,013,345 | ---- | M] () (No name found) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\0zyzye2a.default\extensions\{4DC70064-89E2-4a55-8FC6-E8CDEAE3618C}.xpi
[2012/11/18 15:30:43 | 000,001,068 | ---- | M] () -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\0zyzye2a.default\searchplugins\newfreescreensavers-customized-web-search.xml
[2013/03/05 18:09:31 | 000,002,687 | ---- | M] () -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\0zyzye2a.default\searchplugins\Search_Results.xml
[2013/07/10 21:35:56 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2013/07/10 21:35:59 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2013/07/10 21:35:55 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2013/07/10 21:35:55 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2013/07/10 21:36:56 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2013/03/05 18:09:54 | 000,000,000 | ---D | M] (DataMngr) -- C:\PROGRAM FILES\SEARCH RESULTS TOOLBAR\DATAMNGR\FIREFOXEXTENSION
[2011/06/27 17:36:55 | 000,466,944 | ---- | M] (Catalina Marketing Corporation) -- C:\Program Files\mozilla firefox\plugins\NPcol400.dll
[2012/02/13 13:26:53 | 000,091,552 | ---- | M] (Coupons, Inc.) -- C:\Program Files\mozilla firefox\plugins\npCouponPrinter.dll
[2011/05/04 04:52:23 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2012/02/13 13:26:54 | 000,091,552 | ---- | M] (Coupons, Inc.) -- C:\Program Files\mozilla firefox\plugins\npMozCouponPrinter.dll
[2013/07/11 21:29:00 | 000,124,504 | ---- | M] (RealPlayer) -- C:\Program Files\mozilla firefox\plugins\nprpplugin.dll
[2013/03/05 18:09:31 | 000,002,687 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\Search_Results.xml
O1 HOSTS File: ([2008/04/14 08:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (MyWebSearch Search Assistant BHO) - {00A6FAF1-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\bar\1.bin\MWSSRCAS.DLL (MyWebSearch.com)
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (mwsBar BHO) - {07B18EA1-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL (MyWebSearch.com)
O2 - BHO: (RealNetworks Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
O2 - BHO: (Toolbar BHO) - {312f84fb-8970-4fd3-bddb-7012eac4afc9} - C:\Program Files\VideoDownloadConverter_4z\bar\1.bin\4zbar.dll (MindSpark)
O2 - BHO: (Search-Results Toolbar) - {377e5d4d-77e5-476a-8716-7e70a9272da0} - C:\Program Files\Search Results Toolbar\Datamngr\SRTOOL~1\searchresultsDx.dll (APN LLC)
O2 - BHO: (Canon Easy-WebPrint EX BHO) - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
O2 - BHO: (NewFreeScreensavers Toolbar) - {535ae879-ef3b-449c-8726-e1e644ae2290} - C:\Program Files\NewFreeScreensavers\prxtbNew2.dll (Conduit Ltd.)
O2 - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Security Suite\Engine\20.4.0.40\coieplg.dll (Symantec Corporation)
O2 - BHO: (Norton Vulnerability Protection) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Security Suite\Engine\20.4.0.40\ips\ipsbho.dll (Symantec Corporation)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (TopArcadeHits Games) - {A7A9D7E7-E0C0-4202-9F13-6A06BD073CDA} - C:\Documents and Settings\Owner\Local Settings\Application Data\TopArcadeHits\Toparcadehits.dll ()
O2 - BHO: (AcroIEToolbarHelper Class) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll ()
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Constant Guard Protection Suite) - {B84CDBE7-1B46-494B-A188-01D4C52DEB61} - C:\Documents and Settings\All Users\Application Data\White Sky, Inc\ID Vault\IEBHO1.13.820.2\NativeBHO.dll (WhiteSky)
O2 - BHO: (DataMngr) - {C1ED9DA0-AFD0-4b90-AC6A-D3874F591014} - C:\Program Files\Search Results Toolbar\Datamngr\BrowserConnection.dll (Bandoo Media Inc)
O2 - BHO: (Search Assistant BHO) - {c547c6c2-561b-4169-a2a5-20ba771ca93b} - C:\Program Files\VideoDownloadConverter_4z\bar\1.bin\4zSrcAs.dll (MindSpark)
O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (My Web Search) - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL (MyWebSearch.com)
O3 - HKLM\..\Toolbar: (Search-Results Toolbar) - {377e5d4d-77e5-476a-8716-7e70a9272da0} - C:\Program Files\Search Results Toolbar\Datamngr\SRTOOL~1\searchresultsDx.dll (APN LLC)
O3 - HKLM\..\Toolbar: (no name) - {3E2DEBED-55FF-41F1-A5CB-E0AD4DCADB14} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll ()
O3 - HKLM\..\Toolbar: (VideoDownloadConverter) - {48586425-6bb7-4f51-8dc6-38c88e3ebb58} - C:\Program Files\VideoDownloadConverter_4z\bar\1.bin\4zbar.dll (MindSpark)
O3 - HKLM\..\Toolbar: (NewFreeScreensavers Toolbar) - {535ae879-ef3b-449c-8726-e1e644ae2290} - C:\Program Files\NewFreeScreensavers\prxtbNew2.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Security Suite\Engine\20.4.0.40\coieplg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (My Web Search) - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL (MyWebSearch.com)
O3:HKU - HKCU\..\Toolbar\WebBrowser: (m VLCapp.com Search.us.com Toolbar) - {3E2DEBED-55FF-41F1-A5CB-E0AD4DCADB14} - C:\Documents and Settings\Owner\Local Settings\Application Data\TNT2\Profiles\10295\passport.dll (Search.Us.com)
O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (VideoDownloadConverter) - {48586425-6BB7-4F51-8DC6-38C88E3EBB58} - C:\Program Files\VideoDownloadConverter_4z\bar\1.bin\4zbar.dll (MindSpark)
O3 - HKCU\..\Toolbar\WebBrowser: (NewFreeScreensavers Toolbar) - {535AE879-EF3B-449C-8726-E1E644AE2290} - C:\Program Files\NewFreeScreensavers\prxtbNew2.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [DATAMNGR] C:\Program Files\Search Results Toolbar\Datamngr\datamngrUI.exe (Bandoo Media Inc)
O4 - HKLM..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k File not found
O4 - HKLM..\Run: [My Web Search Bar Search Scope Monitor] C:\Program Files\MyWebSearch\bar\1.bin\M3SRCHMN.EXE (MyWebSearch.com)
O4 - HKLM..\Run: [SearchProtectAll] C:\Program Files\SearchProtect\bin\cltmng.exe (Conduit)
O4 - HKLM..\Run: [TkBellExe] C:\program files\real\realplayer\update\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [VideoDownloadConverter Search Scope Monitor] C:\Program Files\VideoDownloadConverter_4z\bar\1.bin\4zSrchMn.exe (MindSpark)
O4 - HKCU..\Run: [E2A6CA641BD771C06D3776C293639FEB79099F12._service_run] C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)
O4 - HKCU..\Run: [RDReminder] C:\Program Files\RegClean Pro\RegCleanPro.exe (Systweak Inc)
O4 - HKCU..\Run: [SanDiskSecureAccess_Manager.exe] C:\Documents and Settings\Owner\Application Data\SanDisk\SanDiskSecureAccess_Manager.exe (Gemalto N.V.)
O4 - HKCU..\Run: [SearchProtect] C:\Documents and Settings\Owner\Application Data\SearchProtect\bin\cltmng.exe (Conduit)
O4 - HKCU..\Run: [TidyNetwork.com] C:\Documents and Settings\Owner\Local Settings\Application Data\TidyNetwork.com\tidynetwork008.exe (Tidy Network)
O4 - HKCU..\Run: [Weather] C:\Program Files\AWS\WeatherBug\Weather.exe (AWS Convergence Technologies, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Acrobat Assistant.lnk = C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe (Adobe Systems Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Constant Guard.lnk = C:\Program Files\Constant Guard Protection Suite\IDVault.exe (White Sky, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk = File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: &Search - http://tbedits.video...2012111815&cv=2 File not found
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.micros...b?1279485110015 (WUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} http://content.syste...el_4.1.66.0.cab (SysInfo Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 75.75.75.75 75.75.76.76
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{43252356-6AC6-4445-909D-D73C3DC47A47}: DhcpNameServer = 75.75.75.75 75.75.76.76
O18 - Protocol\Handler\avgsecuritytoolbar - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - AppInit_DLLs: (C:\PROGRA~1\KEYCRY~1\KEYCRY~4.DLL) - C:\Program Files\KeyCryptSDK\KeyCrypt32(2).dll (Zemana Ltd.)
O20 - AppInit_DLLs: (C:\DOCUME~1\ALLUSE~1\APPLIC~1\Wincert\WIN32C~1.DLL C:\PROGRA~1\SEARCH~1\Datamngr\datamngr.dll C:\PROGRA~1\SEARCH~1\Datamngr\IEBHO.dll) - C:\Documents and Settings\All Users\Application Data\Wincert\win32cert.dll ()
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\LBTWlgn: DllName - (c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll) - c:\Program Files\Common Files\Logishrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O24 - Desktop WallPaper: C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010/07/18 15:24:02 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
========== Files/Folders - Created Within 30 Days ==========
[2013/10/08 23:36:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\iTunes
[2013/10/08 23:35:01 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2013/10/08 23:34:57 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2013/10/08 23:34:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\188F1432-103A-4ffb-80F1-36B633C5C9E1
[2013/10/08 23:28:47 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2013/10/08 23:26:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\QuickTime
[2013/10/08 23:26:19 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime
[6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[2 C:\Documents and Settings\Owner\My Documents\*.tmp files -> C:\Documents and Settings\Owner\My Documents\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2013/10/29 12:27:15 | 000,000,830 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2013/10/29 12:13:00 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2013/10/29 12:06:50 | 000,000,334 | ---- | M] () -- C:\WINDOWS\tasks\TopArcadeHits.job
[2013/10/29 12:02:02 | 000,001,298 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Clean Registry for Free!.lnk
[2013/10/29 12:01:01 | 000,000,278 | ---- | M] () -- C:\WINDOWS\tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-1482476501-412668190-1417001333-1003.job
[2013/10/29 12:00:33 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2013/10/29 12:00:29 | 000,000,286 | ---- | M] () -- C:\WINDOWS\tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-1482476501-412668190-1417001333-1003.job
[2013/10/29 11:59:31 | 000,000,880 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2013/10/29 11:59:29 | 000,000,278 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-1482476501-412668190-1417001333-1003.job
[2013/10/29 11:59:10 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013/10/29 06:46:20 | 000,000,884 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2013/10/28 20:47:35 | 000,019,025 | ---- | M] () -- C:\Documents and Settings\Owner\My Documents\Dora stensil.pdf
[2013/10/28 20:37:51 | 000,115,295 | ---- | M] () -- C:\Documents and Settings\Owner\My Documents\Pirate ship stensil.pdf
[2013/10/28 15:02:27 | 000,000,264 | ---- | M] () -- C:\WINDOWS\tasks\RegClean Pro_DEFAULT.job
[2013/10/25 22:53:02 | 000,000,286 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-1482476501-412668190-1417001333-1003.job
[2013/10/25 10:51:34 | 000,084,980 | ---- | M] () -- C:\Documents and Settings\Owner\My Documents\bat costume.jpg
[2013/10/24 09:54:07 | 000,000,272 | ---- | M] () -- C:\WINDOWS\tasks\RegClean Pro_UPDATES.job
[2013/10/23 13:11:10 | 000,000,036 | -H-- | M] () -- C:\WINDOWS\System32\f9t.dat
[2013/10/19 07:38:39 | 000,218,616 | ---- | M] () -- C:\Documents and Settings\Owner\My Documents\WTH MMFCU.pdf
[2013/10/16 00:58:50 | 000,768,360 | ---- | M] () -- C:\Documents and Settings\Owner\My Documents\10-building-blocks-for-biz-success.pdf
[2013/10/15 12:51:30 | 000,001,813 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Google Chrome.lnk
[2013/10/08 23:36:02 | 000,001,542 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2013/10/08 23:26:41 | 000,001,604 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\QuickTime Player.lnk
[2013/10/03 23:46:36 | 001,319,148 | ---- | M] () -- C:\Documents and Settings\Owner\My Documents\Dharma Fiber Reactive Procion Dyes.pdf
[6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[2 C:\Documents and Settings\Owner\My Documents\*.tmp files -> C:\Documents and Settings\Owner\My Documents\*.tmp -> ]
========== Files Created - No Company Name ==========
[2013/10/28 20:47:34 | 000,019,025 | ---- | C] () -- C:\Documents and Settings\Owner\My Documents\Dora stensil.pdf
[2013/10/28 20:37:35 | 000,115,295 | ---- | C] () -- C:\Documents and Settings\Owner\My Documents\Pirate ship stensil.pdf
[2013/10/25 10:51:34 | 000,084,980 | ---- | C] () -- C:\Documents and Settings\Owner\My Documents\bat costume.jpg
[2013/10/19 07:38:29 | 000,218,616 | ---- | C] () -- C:\Documents and Settings\Owner\My Documents\WTH MMFCU.pdf
[2013/10/16 00:58:49 | 000,768,360 | ---- | C] () -- C:\Documents and Settings\Owner\My Documents\10-building-blocks-for-biz-success.pdf
[2013/10/08 23:36:02 | 000,001,542 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2013/10/08 23:26:40 | 000,001,604 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\QuickTime Player.lnk
[2013/10/03 23:46:33 | 001,319,148 | ---- | C] () -- C:\Documents and Settings\Owner\My Documents\Dharma Fiber Reactive Procion Dyes.pdf
[2013/06/27 22:18:38 | 000,000,175 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswVmm.sys.sum
[2013/06/26 23:58:15 | 000,000,175 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswSnx.sys.sum
[2013/06/26 23:58:14 | 000,000,175 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswSP.sys.sum
[2013/03/30 09:36:15 | 000,000,036 | -H-- | C] () -- C:\WINDOWS\System32\f9t.dat
[2012/12/23 01:46:33 | 000,000,288 | ---- | C] () -- C:\Documents and Settings\Owner\Application Data\.backup.dm
[2010/12/21 11:31:00 | 767,354,880 | ---- | C] () -- C:\Program Files\SW_DVD5_Office_Professional_Plus_2010_W32_English_MLF_X16-52536.ISO
========== ZeroAccess Check ==========
[2012/12/23 01:54:54 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2010/04/16 12:09:07 | 001,509,888 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009/02/09 08:10:48 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008/04/14 08:00:00 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
========== LOP Check ==========
[2013/10/08 23:35:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\188F1432-103A-4ffb-80F1-36B633C5C9E1
[2013/07/29 00:01:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVAST Software
[2010/08/18 12:14:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\avg9
[2012/09/20 11:35:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Big Fish Games
[2013/03/05 18:09:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\boost_interprocess
[2012/01/08 15:08:17 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonBJ
[2013/09/30 20:46:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\CanonIJ
[2010/07/27 10:38:36 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonIJMyPrinter
[2013/10/16 09:45:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\CanonIJPLM
[2010/07/27 11:46:06 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonIJScan
[2010/07/27 11:42:37 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonIJSolutionMenu
[2013/01/12 06:29:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Casual Arts
[2012/12/23 01:59:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ClubSanDisk
[2010/09/28 21:03:35 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Common Files
[2013/06/08 15:18:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\IsolatedStorage
[2011/11/04 16:36:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Leapfrog
[2010/09/28 20:51:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MFAData
[2012/12/23 09:17:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Tarma Installer
[2013/01/20 17:56:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2012/11/18 16:13:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TuneUp Software
[2013/06/08 15:14:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\White Sky, Inc
[2013/03/05 18:10:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Wincert
[2012/11/26 14:03:34 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Application Data\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}
[2013/03/30 09:38:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{F7367F58-5836-4168-962C-6EE09FA340B5}
[2010/09/28 22:09:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\AVG10
[2010/08/22 06:14:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\AVG9
[2012/12/22 02:15:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Brabl
[2012/11/03 13:22:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Canon
[2010/07/27 10:34:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Canon Easy-WebPrint EX
[2013/01/12 06:29:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Casual Arts
[2011/06/14 16:06:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Catalina Marketing Corp
[2012/12/08 00:21:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\com.Rhapsody.RhapsodyCloudSync
[2012/11/14 16:27:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\DivoGames
[2012/06/14 15:46:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Garmin
[2013/10/29 12:07:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\ID Vault
[2013/06/10 15:01:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\ilividtoolbargaw
[2012/02/11 21:54:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Leadertech
[2012/11/18 16:12:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\OpenCandy
[2010/08/18 12:10:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\OpenOffice.org
[2013/07/07 01:33:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\PandoraRecovery
[2013/10/19 20:44:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\PriceGong
[2013/10/29 12:14:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\SanDisk
[2012/12/23 01:47:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\SanDisk SecureAccess
[2013/07/10 21:30:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\SearchProtect
[2013/06/10 14:59:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\searchresultstb
[2013/07/31 11:33:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Stamps.com Internet Postage
[2013/07/10 21:35:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Systweak
[2012/09/20 15:42:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\ThreeDays2
[2011/06/27 13:15:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Tific
[2012/11/18 16:13:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\TuneUp Software
[2013/01/06 08:36:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\VideoDownloadConverter_4z
[2012/12/23 09:17:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\WeatherBug
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 226 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:08DB8D99
@Alternate Data Stream - 150 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:CBAB74CB
@Alternate Data Stream - 147 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:D987CB43
@Alternate Data Stream - 139 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:3A0561F3
@Alternate Data Stream - 138 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:F65A2273
@Alternate Data Stream - 138 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:EBCF5924
@Alternate Data Stream - 135 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:7D1C258F
@Alternate Data Stream - 133 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:FEECF2C8
@Alternate Data Stream - 131 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:EF5B3572
@Alternate Data Stream - 129 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:6764D965
@Alternate Data Stream - 127 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:71AEFFEB
@Alternate Data Stream - 126 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:D3A82449
@Alternate Data Stream - 126 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:699BDADB
@Alternate Data Stream - 125 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:D1A3680D
@Alternate Data Stream - 125 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5539129F
@Alternate Data Stream - 124 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:C84C408C
@Alternate Data Stream - 123 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:30DA8392
@Alternate Data Stream - 122 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:7B52659E
@Alternate Data Stream - 121 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:B36361EE
@Alternate Data Stream - 121 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:3BC173E4
@Alternate Data Stream - 118 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:AB03533D
@Alternate Data Stream - 118 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:8AED9359
@Alternate Data Stream - 116 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:6401C7FF
@Alternate Data Stream - 114 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:98F6F85C
@Alternate Data Stream - 113 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:512E1728
@Alternate Data Stream - 113 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:2E49FF93
@Alternate Data Stream - 110 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:2342AE46
@Alternate Data Stream - 104 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:3559A02E
@Alternate Data Stream - 103 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:0459F5AC
< End of report >
Here is the Extras.Txt-notepad:
OTL Extras logfile created on: 10/29/2013 12:27:36 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Owner\My Documents\Downloads
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
2.23 Gb Total Physical Memory | 0.64 Gb Available Physical Memory | 28.56% Memory free
4.31 Gb Paging File | 2.26 Gb Available in Paging File | 52.47% Paging File free
Paging file location(s): C:\pagefile.sys 0 0 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 931.50 Gb Total Space | 759.52 Gb Free Space | 81.54% Space Free | Partition Type: NTFS
Drive E: | 3.80 Gb Total Space | 2.72 Gb Free Space | 71.65% Space Free | Partition Type: FAT32
Computer Name: OWNER-5F64AFAA0 | User Name: Owner | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = ChromeHTML] -- C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" /p %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 1
"FirewallDisableNotify" = 1
"UpdatesDisableNotify" = 1
"AntiVirusOverride" = 1
"FirewallOverride" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
"DisableNotifications" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
"DisableNotifications" = 1
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Program Files\LeapFrog\LeapFrog Connect\LeapFrogConnect.exe" = C:\Program Files\LeapFrog\LeapFrog Connect\LeapFrogConnect.exe:*:Enabled:LeapFrog Connect -- (LeapFrog Enterprises, Inc.)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Program Files\Skype\Plugin Manager\skypePM.exe" = C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager
"C:\Program Files\Microsoft Office\Office14\GROOVE.EXE" = C:\Program Files\Microsoft Office\Office14\GROOVE.EXE:*:Enabled:Microsoft SharePoint Workspace -- (Microsoft Corporation)
"C:\Program Files\Microsoft Office\Office14\ONENOTE.EXE" = C:\Program Files\Microsoft Office\Office14\ONENOTE.EXE:*:Enabled:Microsoft OneNote -- (Microsoft Corporation)
"C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE" = C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook -- (Microsoft Corporation)
"C:\Program Files\Skype\Phone\Skype.exe" = C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype -- (Skype Technologies S.A.)
"C:\Program Files\Steam\Steam.exe" = C:\Program Files\Steam\Steam.exe:*:Enabled:Steam -- (Valve Corporation)
"C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe" = C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit -- (Apple Inc.)
"C:\Program Files\Bonjour\mDNSResponder.exe" = C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour Service -- (Apple Inc.)
"C:\Program Files\iTunes\iTunes.exe" = C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.)
"C:\Program Files\Steam\SteamApps\common\sid meier's civilization v\Launcher.exe" = C:\Program Files\Steam\SteamApps\common\sid meier's civilization v\Launcher.exe:*:Enabled:Sid Meier's Civilization V -- (Firaxis Games)
"C:\Program Files\LeapFrog\LeapFrog Connect\LeapFrogConnect.exe" = C:\Program Files\LeapFrog\LeapFrog Connect\LeapFrogConnect.exe:*:Enabled:LeapFrog Connect -- (LeapFrog Enterprises, Inc.)
"C:\Program Files\2K Games\Firaxis Games\Sid Meier's Civilization 4 Complete\Civilization4.exe" = C:\Program Files\2K Games\Firaxis Games\Sid Meier's Civilization 4 Complete\Civilization4.exe:*:Enabled:Sid Meier's Civilization 4 Complete -- (Firaxis Games)
"C:\Program Files\2K Games\Firaxis Games\Sid Meier's Civilization 4 Complete\Warlords\Civ4Warlords.exe" = C:\Program Files\2K Games\Firaxis Games\Sid Meier's Civilization 4 Complete\Warlords\Civ4Warlords.exe:*:Enabled:Sid Meier's Civilization 4: Warlords -- (Firaxis Games)
"C:\Program Files\2K Games\Firaxis Games\Sid Meier's Civilization 4 Complete\Beyond the Sword\Civ4BeyondSword.exe" = C:\Program Files\2K Games\Firaxis Games\Sid Meier's Civilization 4 Complete\Beyond the Sword\Civ4BeyondSword.exe:*:Enabled:Sid Meier's Civilization 4: Beyond the Sword -- (Firaxis Games)
"C:\Program Files\2K Games\Firaxis Games\Sid Meier's Civilization IV Colonization\Colonization.exe" = C:\Program Files\2K Games\Firaxis Games\Sid Meier's Civilization IV Colonization\Colonization.exe:*:Enabled:Sid Meier's Civilization IV Colonization -- (Firaxis Games)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{0592EF96-69D8-4E4B-9CC9-88F58EA86F01}" = Apple Mobile Device Support
"{105F3CE5-FE55-408E-BF30-E78F85BA0B12}" = Dell Printer Software
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP560_series" = Canon MP560 series MP Drivers
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{2157961D-0507-44A8-BCF2-1EE2D439E8DF}" = Civilization III
"{2437DF07-D3CB-4D85-8397-ED8AE9ED26D5}" = LeapFrog Tag Junior Plugin
"{26A24AE4-039D-4CA4-87B4-2F83216021FF}" = Java 6 Update 26
"{26A24AE4-039D-4CA4-87B4-2F83217007FF}" = Java 7 Update 7
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{297DCADA-86A1-4A42-8A13-66B7D7A09FD2}" = WeatherBug
"{2BA00471-0328-3743-93BD-FA813353A783}" = Microsoft .NET Framework 3.0 Service Pack 1
"{30D1F3D2-54CF-481D-A005-F94B0E98FEEC}" = Sid Meier's Civilization 4 Complete
"{30DBAD4A-BA6D-4F9D-8AB0-2F6C7B0612A4}" = AVSDK5
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3B8811DB-64BA-4F9A-8E0F-481D5583F1E5}" = Living Marine Aquarium 2 Animated Wallpaper
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3DC873BB-FFE3-46BF-9701-26B9AE371F9F}" = RealDownloader
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = eReg
"{46F044A5-CE8B-4196-984E-5BD6525E361D}" = Apple Application Support
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4D46DE30-49FE-4043-99F7-D7E8C06175E0}_is1" = AntiLogger SDK version 1.6.6.247
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.5
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{6815FCDD-401D-481E-BA88-31B4754C2B46}" = Macromedia Flash Player 8
"{698AC01B-DF0C-4BCE-940C-EB29AD23A560}" = Stamps.com
"{6ADD0603-16EF-400D-9F9E-486432835002}" = OpenOffice.org 3.2
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{88D68A69-D247-466B-90DD-575F6BE16230}_is1" = CardRecovery 6.10
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90140000-0010-0409-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (English) 14
"{90140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010
"{90140000-0015-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010
"{90140000-0016-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010
"{90140000-0018-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010
"{90140000-0019-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010
"{90140000-001A-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010
"{90140000-001B-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUS_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUS_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010
"{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.PROPLUS_{DEA87BE2-FFCC-4F33-9946-FCBE55A1E998}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010
"{90140000-002C-0409-0000-0000000FF1CE}_Office14.PROPLUS_{7CA93DF4-8902-449E-A42E-4C5923CFBDE3}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2010
"{90140000-0044-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010
"{90140000-006E-0409-0000-0000000FF1CE}_Office14.PROPLUS_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010
"{90140000-00A1-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2010
"{90140000-00BA-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010
"{90140000-0115-0409-0000-0000000FF1CE}_Office14.PROPLUS_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010
"{90140000-0117-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{96AD3B61-EAE2-11E2-9E72-B8AC6F98CCE3}" = Google Earth
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A0087DDE-69D0-11E2-AD57-43CA6188709B}" = Adobe AIR
"{A92919B8-EE3B-6EF9-422D-0381D4658827}" = Rhapsody Cloud Sync
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AAECF7BA-E83B-4A10-87EA-DE0B333F8734}" = RealNetworks - Microsoft Visual C++ 2010 Runtime
"{AC76BA86-1033-0000-7760-000000000001}" = Adobe Acrobat 6.0 Professional
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.8)
"{B2B7CAD5-6032-416A-9049-1E9C2721CBF6}" = Lightning Storm
"{B508B3F1-A24A-32C0-B310-85786919EF28}" = Microsoft .NET Framework 2.0 Service Pack 1
"{B5336D19-B526-47CC-8F56-67DF30FECC70}" = Winbond Desktop SI/O with Consumer IR support
"{B67BAFBA-4C9F-48FA-9496-933E3B255044}" = QuickTime
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{D5558268-0050-4B95-AD5E-426960E1EFE1}" = Intel® Network Connections 15.3.68.0
"{DE29025A-091F-4998-AD2D-24C84421190F}" = Railroad Tycoon 3
"{E05D82D8-FE70-4228-B073-B0C07FE27595}" = iTunes
"{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}" = IDT Audio
"{EF36A836-BF89-4A4F-B079-057B0C68C1E0}" = Sid Meier's Civilization IV Colonization
"{F7FC9307-374E-4017-8E9D-DE1154780480}" = System Requirements Lab for Intel
"{F9D59E62-845F-49A2-8B75-DDB00661673C}" = LeapFrog Connect
"781745E87AFF80C0C1388CFF79D19ECAB2E9BB47" = Windows Driver Package - LeapFrog (FlyUsb) USB (11/05/2008 1.1.1.0)
"8F14F2ECEDE68D26EA515B48DC25B39103C4FE8D" = Windows Driver Package - Leapfrog (Leapfrog-USBLAN) Net (09/10/2009 02.03.05.012)
"Adobe AIR" = Adobe AIR
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Amazon MP3 Downloader" = Amazon MP3 Downloader 1.0.17
"BFG-3 Days - Amulet Secret" = 3 Days - Amulet Secret
"BFG-3 Days - Zoo Mystery" = 3 Days: Zoo Mystery
"BFG-Adventure Chronicles - The Search for Lost Treasure" = Adventure Chronicles: The Search for Lost Treasure
"BFG-Alice's Magical Mahjong" = Alice's Magical Mahjong
"BFG-Be Richest!" = Be Richest!
"BFG-Be Richest! Strategy Guide" = Be Richest! Strategy Guide
"BFG-Bob the Builder - Can Do Carnival" = Bob the Builder: Can Do Carnival
"BFG-Bob the Builder - Can Do Zoo" = Bob the Builder - Can Do Zoo
"BFG-Brain Training for Dummies" = Brain Training for Dummies
"BFGC" = Big Fish Games: Game Manager
"BFG-Christmas Stories - Nutcracker Collector's Edition" = Christmas Stories: Nutcracker Collector's Edition
"BFG-Christmas Tales - Fellina's Journey" = Christmas Tales: Fellina's Journey
"BFG-Christmas Wonderland" = Christmas Wonderland
"BFG-Christmas Wonderland 2" = Christmas Wonderland 2
"BFG-Christmasville" = Christmasville
"BFG-Clutter" = Clutter
"BFG-Clutter II - He Said She Said" = Clutter II: He Said, She Said
"BFG-Diego Dinosaur Rescue" = Diego Dinosaur Rescue
"BFG-Diego`s Dinosaur Adventure" = Diego`s Dinosaur Adventure
"BFG-Diego`s Safari Adventure" = Diego`s Safari Adventure
"BFG-Family Feud - Battle of the Sexes" = Family Feud: Battle of the Sexes
"BFG-Gardenscapes - Mansion Makeover" = Gardenscapes: Mansion Makeover™
"BFG-Go Diego Go Ultimate Rescue League" = Go Diego Go Ultimate Rescue League
"BFG-I SPY - Treasure Hunt" = I SPY: Treasure Hunt
"BFG-I SPY™ Fun House" = I SPY™ Fun House
"BFG-Monopoly" = Monopoly ®
"BFG-Nick Jr. Bingo" = Nick Jr. Bingo
"BFG-Risk" = Risk™
"BFG-Tales of Lagoona - Orphans of the Ocean" = Tales of Lagoona: Orphans of the Ocean
"BFG-The Game of Life" = The Game of Life ®
"BFG-The Price is Right 2010" = The Price is Right 2010
"BFG-Treasure Seekers - The Time Has Come" = Treasure Seekers: The Time Has Come
"BFG-Ultimate Dominoes" = Ultimate Dominoes
"BFG-Where's Waldo - The Fantastic Journey" = Where's Waldo: The Fantastic Journey
"Canon MP560 series User Registration" = Canon MP560 series User Registration
"CANONIJPLM100" = Canon Inkjet Printer/Scanner/Fax Extended Survey Program
"CanonMyPrinter" = Canon Utilities My Printer
"CanonSolutionMenu" = Canon Utilities Solution Menu
"Cars2_MissionImpossible_Screensaver" = Cars2_MissionImpossible_Screensaver
"com.Rhapsody.RhapsodyCloudSync" = Rhapsody Cloud Sync
"Coupon Printer for Windows5.0.0.1" = Coupon Printer for Windows
"Easy-WebPrint EX" = Canon Easy-WebPrint EX
"FairPoint DSL Security Improvement Upgrade_is1" = FairPoint DSL Security Improvement Upgrade
"Fire Place 3D New Free Screensaver_is1" = NewFreeScreensaver nfsFirePlace3D
"Google Chrome" = Google Chrome
"HDMI" = Intel® Graphics Media Accelerator Driver
"ID Vault" = Constant Guard Protection Suite
"ie8" = Windows Internet Explorer 8
"iLivid" = iLivid
"ilividtoolbargaw" = Search-Results Toolbar
"InstallShield_{2157961D-0507-44A8-BCF2-1EE2D439E8DF}" = Civilization III
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Mozilla Firefox 22.0 (x86 en-US)" = Mozilla Firefox 22.0 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MP Navigator EX 3.0" = Canon MP Navigator EX 3.0
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"MyWebSearch bar Uninstall" = My Web Search (Popular Screensavers)
"N360" = Norton Security Suite
"NewFreeScreensavers Toolbar" = NewFreeScreensavers Toolbar
"Office14.PROPLUS" = Microsoft Office Professional Plus 2010
"PandoraRecovery" = PandoraRecovery (Remove Only)
"RealPlayer 16.0" = RealPlayer
"RegClean Pro_is1" = RegClean Pro
"SearchProtect" = Search Protect by conduit
"sp6" = Logitech SetPoint 6.32
"Stamps.com" = Stamps.com
"Steam App 8930" = Sid Meier's Civilization V
"TagJuniorPlugin" = Use the entry named LeapFrog Connect to uninstall (LeapFrog Tag Junior Plugin)
"Under Water 18 New Free Screensaver_is1" = NewFreeScreensaver nfsUnderWater18
"UPCShell" = LeapFrog Connect
"VDC_is1" = Video Download Converter version 1.0.0.0
"VideoDownloadConverter_4zbar Uninstall" = VideoDownloadConverter Toolbar
"VirtualCloneDrive" = VirtualCloneDrive
"VLC media player" = VLC media player 2.0.7
"Wdf01009" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Winter Train 3D Screensaver_is1" = Winter Train 3D Screensaver 1.2.0
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0
"YTdetect" = Yahoo! Detect
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"@@__UNKNOWN__@@SanDiskSecureAccess_Manager.exe" = SanDiskSecureAccess_Manager.exe
"{C1C3E833-420E-4D78-9BA7-86AEBB272384}" = TopArcadeHits
"TidyNetwork.com" = TidyNetwork.com
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 10/24/2013 6:57:24 AM | Computer Name = OWNER-5F64AFAA0 | Source = .NET Runtime | ID = 1026
Description = Application: IDVaultSvc.exe Framework Version: v4.0.30319 Description:
The process was terminated due to an unhandled exception. Exception Info: System.OutOfMemoryException
Stack:
at System.Threading.Thread.StartInternal(System.Security.Principal.IPrincipal,
System.Threading.StackCrawlMark ByRef) at System.Threading.Thread.Start(System.Threading.StackCrawlMark
ByRef) at System.Threading.Thread.Start() at GuardId.IdVaultCore.Tracking.TrackingService+GenericTrackingService.SubmitHeartbeat(System.Object)
at System.Threading._TimerCallback.TimerCallback_Context(System.Object) at
System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback,
System.Object, Boolean) at System.Threading._TimerCallback.PerformTimerCallback(System.Object)
Error - 10/24/2013 6:57:47 AM | Computer Name = OWNER-5F64AFAA0 | Source = .NET Runtime | ID = 1026
Description =
Error - 10/25/2013 9:05:59 AM | Computer Name = OWNER-5F64AFAA0 | Source = Application Error | ID = 1000
Description = Faulting application updater.exe, version 0.0.0.0, faulting module
updater.exe, version 0.0.0.0, fault address 0x000021b7.
Error - 10/25/2013 5:07:31 PM | Computer Name = OWNER-5F64AFAA0 | Source = Microsoft Office 14 | ID = 5000
Description = EventType officelifeboathang, P1 outlook.exe, P2 14.0.6109.5005, P3
ntdll.dll, P4 5.1.2600.6055, P5 NIL, P6 NIL, P7 NIL, P8 NIL, P9 NIL, P10 NIL.
Error - 10/25/2013 5:08:48 PM | Computer Name = OWNER-5F64AFAA0 | Source = Application Hang | ID = 1002
Description = Hanging application OUTLOOK.EXE, version 14.0.6109.5005, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.
Error - 10/25/2013 5:22:28 PM | Computer Name = OWNER-5F64AFAA0 | Source = Microsoft Office 14 | ID = 2001
Description = Microsoft Outlook: Rejected Safe Mode action : Outlook experienced
a serious problem with the 'norton antispam outlook plugin' add-in. If you have
seen this message multiple times, you should disable this add-in and check to see
if an update is available. Do you want to disable this add-in?.
Error - 10/26/2013 6:06:41 AM | Computer Name = OWNER-5F64AFAA0 | Source = Application Error | ID = 1000
Description = Faulting application updater.exe, version 0.0.0.0, faulting module
updater.exe, version 0.0.0.0, fault address 0x000021b7.
Error - 10/26/2013 8:55:14 AM | Computer Name = OWNER-5F64AFAA0 | Source = .NET Runtime | ID = 1026
Description =
Error - 10/26/2013 8:55:15 AM | Computer Name = OWNER-5F64AFAA0 | Source = .NET Runtime | ID = 1026
Description = Application: IDVaultSvc.exe Framework Version: v4.0.30319 Description:
The process was terminated due to an unhandled exception. Exception Info: System.OutOfMemoryException
Stack:
at System.Threading.Thread.StartInternal(System.Security.Principal.IPrincipal,
System.Threading.StackCrawlMark ByRef) at System.Threading.Thread.Start(System.Threading.StackCrawlMark
ByRef) at System.Threading.Thread.Start() at GuardId.IdVaultCore.Tracking.TrackingService+GenericTrackingService.SubmitHeartbeat(System.Object)
at System.Threading._TimerCallback.TimerCallback_Context(System.Object) at
System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback,
System.Object, Boolean) at System.Threading._TimerCallback.PerformTimerCallback(System.Object)
Error - 10/27/2013 6:34:38 AM | Computer Name = OWNER-5F64AFAA0 | Source = .NET Runtime | ID = 1026
Description =
[ System Events ]
Error - 10/29/2013 10:16:30 AM | Computer Name = OWNER-5F64AFAA0 | Source = Srv | ID = 2019
Description = The server was unable to allocate from the system nonpaged pool because
the pool was empty.
Error - 10/29/2013 10:28:30 AM | Computer Name = OWNER-5F64AFAA0 | Source = Srv | ID = 2019
Description = The server was unable to allocate from the system nonpaged pool because
the pool was empty.
Error - 10/29/2013 10:40:30 AM | Computer Name = OWNER-5F64AFAA0 | Source = Srv | ID = 2019
Description = The server was unable to allocate from the system nonpaged pool because
the pool was empty.
Error - 10/29/2013 10:52:30 AM | Computer Name = OWNER-5F64AFAA0 | Source = Srv | ID = 2019
Description = The server was unable to allocate from the system nonpaged pool because
the pool was empty.
Error - 10/29/2013 11:04:30 AM | Computer Name = OWNER-5F64AFAA0 | Source = Srv | ID = 2019
Description = The server was unable to allocate from the system nonpaged pool because
the pool was empty.
Error - 10/29/2013 11:16:30 AM | Computer Name = OWNER-5F64AFAA0 | Source = Srv | ID = 2019
Description = The server was unable to allocate from the system nonpaged pool because
the pool was empty.
Error - 10/29/2013 11:28:30 AM | Computer Name = OWNER-5F64AFAA0 | Source = Srv | ID = 2019
Description = The server was unable to allocate from the system nonpaged pool because
the pool was empty.
Error - 10/29/2013 11:40:30 AM | Computer Name = OWNER-5F64AFAA0 | Source = Srv | ID = 2019
Description = The server was unable to allocate from the system nonpaged pool because
the pool was empty.
Error - 10/29/2013 11:52:30 AM | Computer Name = OWNER-5F64AFAA0 | Source = Srv | ID = 2019
Description = The server was unable to allocate from the system nonpaged pool because
the pool was empty.
Error - 10/29/2013 12:00:25 PM | Computer Name = OWNER-5F64AFAA0 | Source = System Error | ID = 1003
Description = Error code c000021a, parameter1 e10d2c08, parameter2 c0000006, parameter3
00000000, parameter4 00000000.
< End of report >
Edited by Faithsa, 29 October 2013 - 10:56 AM.