Ok sounds good. The only problem so far is on otl by old timer is not showing the extras.doc I did a search of my documents and found where i saved one on 08-18-2012 i attached it the only document showing was the otl.txt document after the scan no minimized extras.doc.
OTL logfile created on: 8/20/2012 6:50:49 PM - Run 5
OTL by OldTimer - Version 3.2.58.1 Folder = C:\Users\Mike Kinlaw\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1.75 Gb Total Physical Memory | 0.71 Gb Available Physical Memory | 40.50% Memory free
3.50 Gb Paging File | 1.54 Gb Available in Paging File | 44.05% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 451.66 Gb Total Space | 397.88 Gb Free Space | 88.09% Space Free | Partition Type: NTFS
Drive D: | 1011.84 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: UDF
Computer Name: MIKEKINLAW-PC | User Name: Mike Kinlaw | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ========== PRC - C:\Users\Mike Kinlaw\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe (Google Inc.)
PRC - C:\Program Files (x86)\Software Assist\Software Assist-bg.exe (Software Assist)
PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Program Files (x86)\LeapFrog\LeapFrog Connect\CommandService.exe (LeapFrog Enterprises, Inc.)
PRC - C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation)
PRC - C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation)
PRC - C:\Program Files\Defender Pro\Defender Pro\Antispam32\pchooklaunch32.exe (Defender Pro)
PRC - C:\Program Files (x86)\PDFLite Toolbar\ToolbarUpdaterService.exe ()
PRC - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe (TomTom)
PRC - C:\Program Files\eMachines\eMachines Updater\UpdaterService.exe (Acer Group)
PRC - C:\Program Files (x86)\eMachines\Registration\GREGsvc.exe (Acer Incorporated)
PRC - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.)
PRC - C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe (Yahoo! Inc.)
========== Modules (No Company Name) ========== ========== Win32 Services (SafeList) ========== SRV:
64bit: - (!SASCORE) -- C:\Program Files\SUPERAntiSpyware\SASCore64.exe (SUPERAntiSpyware.com)
SRV:
64bit: - (VSSERV) -- C:\Program Files\Defender Pro\Defender Pro\vsserv.exe (Defender Pro)
SRV:
64bit: - (UPDATESRV) -- C:\Program Files\Defender Pro\Defender Pro\updatesrv.exe (Defender Pro)
SRV:
64bit: - (SafeBox) -- C:\Program Files\Defender Pro\Defender Pro Safebox\safeboxservice.exe (Defender Pro)
SRV:
64bit: - (Update Server) -- C:\Program Files\Common Files\Defender Pro\Defender Pro Arrakis Server\bin\arrakis3.exe (Defender Pro)
SRV:
64bit: - (wlcrasvc) -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe (Microsoft Corporation)
SRV:
64bit: - (Updater Service) -- C:\Program Files\eMachines\eMachines Updater\UpdaterService.exe (Acer Group)
SRV:
64bit: - (nSvcIp) -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe ()
SRV:
64bit: - (ForceWare Intelligent Application Manager (IAM) -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe ()
SRV:
64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (LeapFrog Connect Device Service) -- C:\Program Files (x86)\LeapFrog\LeapFrog Connect\CommandService.exe (LeapFrog Enterprises, Inc.)
SRV - (sftvsa) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation)
SRV - (sftlist) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation)
SRV - (Updater Service for PDFLite Toolbar) -- C:\Program Files (x86)\PDFLite Toolbar\ToolbarUpdaterService.exe ()
SRV - (TomTomHOMEService) -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe (TomTom)
SRV - (GameConsoleService) -- C:\Program Files (x86)\eMachines Games\eMachines Game Console\GameConsoleService.exe (WildTangent, Inc.)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (Nero BackItUp Scheduler 4.0) -- C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe (Nero AG)
SRV - (GREGService) -- C:\Program Files (x86)\eMachines\Registration\GREGsvc.exe (Acer Incorporated)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (YahooAUService) -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe (Yahoo! Inc.)
========== Driver Services (SafeList) ========== DRV:
64bit: - (esgiguard) -- C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys File not found
DRV:
64bit: - (USBAAPL64) -- C:\Windows\SysNative\drivers\usbaapl64.sys (Apple, Inc.)
DRV:
64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:
64bit: - (Sftvol) -- C:\Windows\SysNative\drivers\Sftvollh.sys (Microsoft Corporation)
DRV:
64bit: - (Sftplay) -- C:\Windows\SysNative\drivers\Sftplaylh.sys (Microsoft Corporation)
DRV:
64bit: - (Sftredir) -- C:\Windows\SysNative\drivers\Sftredirlh.sys (Microsoft Corporation)
DRV:
64bit: - (Sftfs) -- C:\Windows\SysNative\drivers\Sftfslh.sys (Microsoft Corporation)
DRV:
64bit: - (trufos) -- C:\Windows\SysNative\drivers\trufos.sys (BitDefender S.R.L.)
DRV:
64bit: - (SASDIFSV) -- C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV:
64bit: - (avckf) -- C:\Windows\SysNative\drivers\avckf.sys (BitDefender)
DRV:
64bit: - (avchv) -- C:\Windows\SysNative\drivers\avchv.sys (BitDefender)
DRV:
64bit: - (avc3) -- C:\Windows\SysNative\drivers\avc3.sys (BitDefender)
DRV:
64bit: - (SASKUTIL) -- C:\Program Files\SUPERAntiSpyware\saskutil64.sys (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV:
64bit: - (bdsandbox) -- C:\Windows\SysNative\drivers\bdsandbox.sys (Windows (R) Win 7 DDK provider)
DRV:
64bit: - (bdfsfltr) -- C:\Windows\SysNative\drivers\bdfsfltr.sys (BitDefender)
DRV:
64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:
64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:
64bit: - (BdfNdisf) -- c:\Program Files\Common Files\Defender Pro\Defender Pro Firewall\bdfndisf6.sys (BitDefender LLC)
DRV:
64bit: - (bdfwfpf) -- C:\Program Files\Common Files\Defender Pro\Defender Pro Firewall\bdfwfpf.sys (BitDefender LLC)
DRV:
64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:
64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:
64bit: - (amdiox64) -- C:\Windows\SysNative\drivers\amdiox64.sys (Advanced Micro Devices)
DRV:
64bit: - (BDVEDISK) -- C:\Windows\SysNative\drivers\bdvedisk.sys (BitDefender)
DRV:
64bit: - (NVNET) -- C:\Windows\SysNative\drivers\nvmf6264.sys (NVIDIA Corporation)
DRV:
64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:
64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:
64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:
64bit: - (NVENETFD) -- C:\Windows\SysNative\drivers\nvm62x64.sys (NVIDIA Corporation)
DRV:
64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:
64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:
64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:
64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:
64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:
64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://emachines.msn.comIE:
64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://emachines.msn.comIE:
64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE:
64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" =
http://www.bing.com/search?q={searchTerms}&form=AEMTDF&pc=MAEM&src=IE-SearchBox
IE:
64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" =
http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://emachines.msn.comIE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://emachines.msn.comIE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" =
http://www.bing.com/search?q={searchTerms}&form=AEMTDF&pc=MAEM&src=IE-SearchBox
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" =
http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://emachines.msn.comIE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://www.google.com/ieIE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar =
http://www.google.com/ieIE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
http://www.google.comIE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://www.google.com/IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore =
http://www.aol.com/?mtmhp=1IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL =
http://www.google.com/ieIE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =
http://www.google.com/ieIE - HKCU\..\URLSearchHook: {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn1\yt.dll (Yahoo! Inc.)
IE - HKCU\..\SearchScopes,DefaultScope = {FFDAB188-0702-4507-BA61-BA3B15456577}
IE - HKCU\..\SearchScopes\{0B85D0B2-60F4-94A0-3164-F228253EF30E}: "URL" =
http://amns.startnow.com/s/?q={searchTerms}&src=defsearch&provider=bing&provider_name=bing&provider_code=Z074&partner_id=673&product_id=735&affiliate_id=&channel=AdWords&toolbar_id=206&toolbar_version=2.1.1&install_country=US&install_date=20110720&user_guid=E9A5E2B126674D79A43003A6F56D02F1&machine_id=a64045ef19cd760d7c1d12c03d395733&browser=IE&os=win&os_version=6.1-x64-SP1&iesrc={referrer:source}
IE - HKCU\..\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}: "URL" =
http://safesearchr.lavasoft.com/?source ... 5FC7A86&q={searchTerms}
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" =
http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKCU\..\SearchScopes\{91607fa7-3c2f-4f90-93e3-d5337a6b0ac2}: "URL" =
http://search.ibryte.com/i/browseforcha ... 84b&query={searchTerms}
IE - HKCU\..\SearchScopes\{BA40C86A-6CCF-4397-A03A-957D451EB524}: "URL" =
http://search.yahoo.com/search?p={searchTerms}&fr=chr-tyc8
IE - HKCU\..\SearchScopes\{FFDAB188-0702-4507-BA61-BA3B15456577}: "URL" =
http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}&rlz=1I7GGLS_enUS497
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>;*.local
========== FireFox ========== FF - prefs.js..extensions.enabledItems:
MapShare-status@tomtom.com:1.7.1
FF - prefs.js..extensions.enabledItems:
baseTheme@tomtom.com:1.0.2
FF - user.js - File not found
FF:
64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:
64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5: C:\ProgramData\Visan\plugins\npRLSecurePluginLayer.dll (RocketLife, LLP)
FF - HKLM\Software\MozillaPlugins\@soe.sony.com/installer,version=1.0.3: C:\Windows\Downloaded Program Files\npsoe.dll ()
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Mike Kinlaw\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\bdThunderbird@bitdefender.com: C:\PROGRAM FILES\DEFENDER PRO\DEFENDER PRO\BDTBEXT\ [2012/08/18 21:07:54 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\bdThunderbird@bitdefender.com: C:\Program Files\Defender Pro\Defender Pro\bdtbext\ [2012/08/18 21:07:54 | 000,000,000 | ---D | M]
[2011/04/02 14:41:14 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Mike Kinlaw\AppData\Roaming\Mozilla\Extensions
[2011/04/02 14:41:14 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Mike Kinlaw\AppData\Roaming\Mozilla\Extensions\home2@tomtom.com
[2011/04/02 14:40:56 | 000,000,000 | ---D | M] (Map status indicator) -- C:\PROGRAM FILES (X86)\TOMTOM HOME 2\XUL\EXTENSIONS\MAPSHARE-STATUS@TOMTOM.COM
========== Chrome ========== CHR - homepage:
http://safesearchr.lavasoft.com/?source ... 5005FC7A86CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - homepage:
http://safesearchr.lavasoft.com/?source ... 5005FC7A86CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\21.0.1180.79\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\21.0.1180.79\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\21.0.1180.79\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Picasa (Enabled) = C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Unity Player (Enabled) = C:\Users\Mike Kinlaw\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
CHR - plugin: SOE Web Installer (Enabled) = C:\Windows\Downloaded Program Files\npsoe.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - Extension: YouTube = C:\Users\Mike Kinlaw\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google Search = C:\Users\Mike Kinlaw\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: Software Assist = C:\Users\Mike Kinlaw\AppData\Local\Google\Chrome\User Data\Default\Extensions\jenkhamomijcoocoblchfbobohfabaff\1.19.33_0\crossrider
CHR - Extension: Software Assist = C:\Users\Mike Kinlaw\AppData\Local\Google\Chrome\User Data\Default\Extensions\jenkhamomijcoocoblchfbobohfabaff\1.19.33_0\
CHR - Extension: Gmail = C:\Users\Mike Kinlaw\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
O1 HOSTS File: ([2009/06/10 17:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:
64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn1\yt.dll (Yahoo! Inc.)
O2 - BHO: (Software Assist) - {11111111-1111-1111-1111-110011301126} - C:\Program Files (x86)\Software Assist\Software Assist.dll (Software Assist)
O2 - BHO: (Facetheme) - {4ca528f7-7928-48a0-9456-1dced287412e} - C:\Program Files (x86)\Object\bho_project.dll (InternetEngine)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (PDFLite Toolbar Helper) - {7413F9FC-8E54-4c93-BEB7-1225EB0970CA} - C:\Program Files (x86)\PDFLite Toolbar\Toolbar32.dll (PDFLite)
O2 - BHO: (Yontoo) - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files (x86)\Yontoo\YontooIEClient.dll (Yontoo LLC)
O3:
64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:
64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (PDFLite Toolbar) - {7C8ACEEB-B1D8-43cc-A387-DA838515368D} - C:\Program Files (x86)\PDFLite Toolbar\Toolbar32.dll (PDFLite)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn1\yt.dll (Yahoo! Inc.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3:
64bit: - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O4:
64bit: - HKLM..\Run: [BDAgent] C:\Program Files\Defender Pro\Defender Pro\bdagent.exe (Defender Pro)
O4 - HKLM..\Run: [] File not found
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8:
64bit: - Extra context menu item: Add to Google Photos Screensa&ver -
res://C:\Windows\system32\GPhotos.scr/200 File not found
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10:
64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13
64bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: freerealms.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: soe.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: sony.com ([]* in Trusted sites)
O16 - DPF: {000F1EA4-5E08-4564-A29B-29076F63A37A}
http://launch.soe.com/plugin/web/SOEWebInstaller.cab (SOE Web Installer)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000}
http://download.macromedia.com/pub/shoc ... tor/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files (x86)\Yahoo!\Common\Yinsthelper.dll (Installation Support)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7}
http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 66.207.234.14 66.207.224.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{068BA458-B45C-47FE-A520-7FA3691B0CDC}: DhcpNameServer = 66.207.234.14 66.207.224.1
O18:
64bit: - Protocol\Handler\livecall - No CLSID value found
O18:
64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:
64bit: - Protocol\Handler\msnim - No CLSID value found
O18:
64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:
64bit: - Protocol\Handler\wlpg - No CLSID value found
O20:
64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:
64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:
64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:
64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:
64bit: - HKLM\..comfile [open] -- "%1" %*
O35:
64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:
64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:
64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ========== [2012/08/20 18:37:09 | 000,000,000 | ---D | C] -- C:\Users\Mike Kinlaw\Desktop\New folder
[2012/08/20 18:25:38 | 000,596,480 | ---- | C] (OldTimer Tools) -- C:\Users\Mike Kinlaw\Desktop\OTL.exe
[2012/08/19 17:01:17 | 000,000,000 | ---D | C] -- C:\Users\Mike Kinlaw\AppData\Roaming\SpeedyPC Software
[2012/08/19 17:01:17 | 000,000,000 | ---D | C] -- C:\Users\Mike Kinlaw\AppData\Roaming\DriverCure
[2012/08/19 17:00:53 | 000,000,000 | ---D | C] -- C:\ProgramData\SpeedyPC Software
[2012/08/19 12:52:00 | 000,000,000 | ---D | C] -- C:\Users\Mike Kinlaw\AppData\Roaming\SUPERAntiSpyware.com
[2012/08/19 12:51:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
[2012/08/19 12:51:47 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com
[2012/08/19 12:51:47 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2012/08/19 00:01:47 | 000,000,000 | ---D | C] -- C:\BitDefender
[2012/08/18 21:10:38 | 000,000,000 | ---D | C] -- C:\Users\Mike Kinlaw\AppData\Roaming\BitDefender
[2012/08/18 21:07:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Defender Pro
[2012/08/18 21:05:20 | 000,000,000 | ---D | C] -- C:\Users\Mike Kinlaw\AppData\Roaming\QuickScan
[2012/08/18 21:04:31 | 000,431,176 | ---- | C] (BitDefender) -- C:\Windows\SysNative\drivers\bdfsfltr.sys
[2012/08/18 21:04:31 | 000,288,600 | ---- | C] (BitDefender S.R.L.) -- C:\Windows\SysNative\drivers\trufos.sys
[2012/08/18 20:02:58 | 000,000,000 | ---D | C] -- C:\Program Files\Enigma Software Group
[2012/08/18 20:01:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Wise Installation Wizard
[2012/08/18 17:33:47 | 000,000,000 | ---D | C] -- C:\ProgramData\XoftSpySE
[2012/08/18 17:25:16 | 000,000,000 | ---D | C] -- C:\TDSSKiller_Quarantine
[2012/08/18 14:52:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Symantec Shared
[2012/08/18 14:41:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NortonInstaller
[2012/08/08 19:12:22 | 000,000,000 | R--D | C] -- C:\Users\Mike Kinlaw\Documents\HP Photo Creations
[2012/08/08 18:11:12 | 000,000,000 | ---D | C] -- C:\Users\Mike Kinlaw\.gimp-2.7
[2012/08/08 18:11:11 | 000,000,000 | ---D | C] -- C:\Users\Mike Kinlaw\AppData\Local\gegl-0.1
[2012/08/08 18:05:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Yontoo
[2012/08/08 18:05:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Tarma Installer
[2012/08/08 18:05:37 | 000,000,000 | ---D | C] -- C:\Users\Mike Kinlaw\AppData\Local\Software Assist
[2012/08/08 18:05:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Software Assist
[2012/08/08 17:00:43 | 000,000,000 | ---D | C] -- C:\Users\Mike Kinlaw\AppData\Local\fontconfig
[2012/08/08 17:00:42 | 000,000,000 | ---D | C] -- C:\Users\Mike Kinlaw\.gimp-2.8
[2012/08/08 17:00:41 | 000,000,000 | ---D | C] -- C:\Users\Mike Kinlaw\AppData\Local\gegl-0.2
[2012/08/01 13:08:49 | 000,000,000 | ---D | C] -- C:\Windows\pss
[2012/08/01 11:37:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy
[2012/08/01 11:37:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2012/08/01 11:37:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
========== Files - Modified Within 30 Days ========== [2012/08/20 18:42:39 | 000,000,305 | ---- | M] () -- C:\Windows\SysNative\checkdnsid.xml
[2012/08/20 18:25:42 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Users\Mike Kinlaw\Desktop\OTL.exe
[2012/08/20 18:17:00 | 000,000,908 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/08/20 18:17:00 | 000,000,350 | ---- | M] () -- C:\Windows\tasks\HP Photo Creations Communicator.job
[2012/08/20 13:43:37 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/08/20 07:31:40 | 000,000,904 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/08/19 14:30:09 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/08/19 14:30:09 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/08/19 14:27:13 | 000,780,156 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/08/19 14:27:13 | 000,660,732 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/08/19 14:27:13 | 000,121,402 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/08/19 14:22:39 | 1408,786,432 | -HS- | M] () -- C:\hiberfil.sys
[2012/08/19 13:58:49 | 000,003,120 | ---- | M] () -- C:\Windows\FDK47J7J.ocx
[2012/08/19 12:51:51 | 000,001,817 | ---- | M] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2012/08/19 08:08:55 | 000,003,120 | ---- | M] () -- C:\Windows\SysWow64\FEHXUQ9Q.ocx
[2012/08/18 22:42:40 | 000,000,275 | -H-- | M] () -- C:\bdr-conf
[2012/08/18 21:21:21 | 000,152,016 | ---- | M] () -- C:\ProgramData\1345338259.bdinstall.bin
[2012/08/18 21:08:15 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_avchv_01009.Wdf
[2012/08/18 21:07:57 | 000,002,086 | ---- | M] () -- C:\Users\Public\Desktop\Defender Pro 15-in-1.lnk
[2012/08/16 03:22:13 | 000,341,296 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012/08/08 18:02:25 | 000,001,546 | ---- | M] () -- C:\Users\Mike Kinlaw\AppData\Local\recently-used.xbel
[2012/08/01 11:37:24 | 000,001,287 | ---- | M] () -- C:\Users\Mike Kinlaw\Application Data\Microsoft\Internet Explorer\Quick Launch\Spybot - Search & Destroy.lnk
[2012/08/01 11:37:24 | 000,001,263 | ---- | M] () -- C:\Users\Mike Kinlaw\Desktop\Spybot - Search & Destroy.lnk
[2012/07/22 19:52:49 | 218,746,932 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
========== Files Created - No Company Name ========== [2012/08/19 13:58:49 | 000,003,120 | ---- | C] () -- C:\Windows\FDK47J7J.ocx
[2012/08/19 12:51:51 | 000,001,817 | ---- | C] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2012/08/19 08:08:55 | 000,003,120 | ---- | C] () -- C:\Windows\SysWow64\FEHXUQ9Q.ocx
[2012/08/18 21:23:55 | 000,000,305 | ---- | C] () -- C:\Windows\SysNative\checkdnsid.xml
[2012/08/18 21:21:21 | 000,152,016 | ---- | C] () -- C:\ProgramData\1345338259.bdinstall.bin
[2012/08/18 21:08:57 | 029,123,542 | -H-- | C] () -- C:\bdrescue.gz
[2012/08/18 21:08:57 | 002,510,608 | -H-- | C] () -- C:\bdrescue.vm
[2012/08/18 21:08:57 | 000,217,769 | -H-- | C] () -- C:\bdrescue
[2012/08/18 21:08:57 | 000,009,216 | -H-- | C] () -- C:\bdrescue.mbr
[2012/08/18 21:08:57 | 000,000,275 | -H-- | C] () -- C:\bdr-conf
[2012/08/18 21:08:15 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_avchv_01009.Wdf
[2012/08/18 21:07:57 | 000,002,086 | ---- | C] () -- C:\Users\Public\Desktop\Defender Pro 15-in-1.lnk
[2012/08/08 18:02:25 | 000,001,546 | ---- | C] () -- C:\Users\Mike Kinlaw\AppData\Local\recently-used.xbel
[2012/08/01 11:37:24 | 000,001,287 | ---- | C] () -- C:\Users\Mike Kinlaw\Application Data\Microsoft\Internet Explorer\Quick Launch\Spybot - Search & Destroy.lnk
[2012/08/01 11:37:24 | 000,001,263 | ---- | C] () -- C:\Users\Mike Kinlaw\Desktop\Spybot - Search & Destroy.lnk
[2012/07/06 13:23:59 | 000,149,580 | -H-- | C] () -- C:\Windows\SysWow64\mlfcache.dat
[2011/04/02 17:35:17 | 000,000,121 | ---- | C] () -- C:\Windows\bdagent.INI
[2011/03/29 20:05:26 | 000,773,880 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011/03/21 19:56:22 | 000,059,904 | ---- | C] () -- C:\Windows\SysWow64\OVDecode.dll
[2010/12/15 23:13:22 | 000,307,316 | ---- | C] () -- C:\Windows\SysWow64\AVI_LIB.dll
[2010/12/15 23:13:22 | 000,233,554 | ---- | C] () -- C:\Windows\SysWow64\JPG_TO_BMP_LIB.dll
========== LOP Check ========== [2012/07/17 20:04:14 | 000,000,000 | ---D | M] -- C:\Users\Mike Kinlaw\AppData\Roaming\Ad-Aware Antivirus
[2012/08/18 21:10:38 | 000,000,000 | ---D | M] -- C:\Users\Mike Kinlaw\AppData\Roaming\BitDefender
[2011/04/02 17:02:06 | 000,000,000 | ---D | M] -- C:\Users\Mike Kinlaw\AppData\Roaming\Defender Pro
[2012/08/19 17:01:17 | 000,000,000 | ---D | M] -- C:\Users\Mike Kinlaw\AppData\Roaming\DriverCure
[2012/06/17 20:00:48 | 000,000,000 | ---D | M] -- C:\Users\Mike Kinlaw\AppData\Roaming\Kuma Games
[2011/02/26 21:44:36 | 000,000,000 | ---D | M] -- C:\Users\Mike Kinlaw\AppData\Roaming\OEM
[2011/07/20 16:06:24 | 000,000,000 | ---D | M] -- C:\Users\Mike Kinlaw\AppData\Roaming\PDFlite
[2012/08/18 21:05:20 | 000,000,000 | ---D | M] -- C:\Users\Mike Kinlaw\AppData\Roaming\QuickScan
[2012/04/12 03:22:22 | 000,000,000 | ---D | M] -- C:\Users\Mike Kinlaw\AppData\Roaming\SoftGrid Client
[2012/08/19 17:01:17 | 000,000,000 | ---D | M] -- C:\Users\Mike Kinlaw\AppData\Roaming\SpeedyPC Software
[2011/04/02 14:41:13 | 000,000,000 | ---D | M] -- C:\Users\Mike Kinlaw\AppData\Roaming\TomTom
[2011/07/18 22:10:57 | 000,000,000 | ---D | M] -- C:\Users\Mike Kinlaw\AppData\Roaming\TP
[2011/06/07 16:52:43 | 000,000,000 | ---D | M] -- C:\Users\Mike Kinlaw\AppData\Roaming\Unity
[2011/02/26 22:24:57 | 000,000,000 | ---D | M] -- C:\Users\Mike Kinlaw\AppData\Roaming\Visan
[2011/02/26 22:54:37 | 000,000,000 | ---D | M] -- C:\Users\Mike Kinlaw\AppData\Roaming\WildTangent
[2011/03/02 19:42:01 | 000,000,000 | ---D | M] -- C:\Users\Mike Kinlaw\AppData\Roaming\Windows Live Writer
[2012/08/18 17:26:52 | 000,032,606 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ========== ========== Alternate Data Streams ========== @Alternate Data Stream - 16 bytes -> C:\Users\Mike Kinlaw\Desktop\OTL.exe:BDU
and the extras.doc
OTL Extras logfile created on: 8/18/2012 5:12:20 PM - Run 1
OTL by OldTimer - Version 3.2.58.0 Folder = C:\Users\Mike Kinlaw\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1.75 Gb Total Physical Memory | 0.72 Gb Available Physical Memory | 40.97% Memory free
3.50 Gb Paging File | 2.26 Gb Available in Paging File | 64.70% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 451.66 Gb Total Space | 398.84 Gb Free Space | 88.30% Space Free | Partition Type: NTFS
Unable to calculate disk information.
Computer Name: MIKEKINLAW-PC | User Name: Mike Kinlaw | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ========== ========== File Associations ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
========== Shell Spawning ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
========== Vista Active Open Ports Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{09A9F6AA-5989-4B86-AFF9-2BF34233D4D5}" = lport=137 | protocol=17 | dir=in | app=system |
"{107C131C-A621-4442-9840-3346BC726CA8}" = lport=10243 | protocol=6 | dir=in | app=system |
"{1A9F0BA5-768B-43C9-8B21-BDD2D2E491F0}" = lport=2869 | protocol=6 | dir=in | app=system |
"{1B30D7BE-B959-4EEE-B739-0D54704397C2}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{2821267C-2124-418D-8AB7-0406D74F25BB}" = rport=10243 | protocol=6 | dir=out | app=system |
"{2F2FFC5F-ACBD-499B-847F-9B8D760093DA}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{308C0C42-7F79-4AD0-8781-550E044E5C51}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{338CB608-4D86-4EF8-9C2F-0512EC116EDE}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{3922C017-EB66-4718-AC53-1685784B61A7}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{3F945474-06C4-4352-81F6-FC346B6D1C15}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{4FED4576-749D-4FCC-BBF6-2525EA616E8B}" = lport=445 | protocol=6 | dir=in | app=system |
"{525C2B63-B1F4-4EF7-9EED-A0EDACAA44BF}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{610AEBF5-D6B3-4559-AC41-2EC2962841CF}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{634CDE4F-ACC4-41A5-A397-27CE3D133F7D}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{6A8D3A8A-723B-43F5-9576-69E25C1D9C9B}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{79429BB7-3B6A-411A-AE06-1A04CB01D62B}" = lport=138 | protocol=17 | dir=in | app=system |
"{7C9C77B7-61EC-458C-845C-CB2B5C974536}" = rport=445 | protocol=6 | dir=out | app=system |
"{86C66A8E-185E-4041-AFE5-79D0DB75E65F}" = rport=137 | protocol=17 | dir=out | app=system |
"{C239CF0C-10A5-4FFD-BD2F-683501CF1D5F}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{C5BD3CF7-8254-4F22-B5DE-794313546B77}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{CDC8DB2B-C7DD-4A08-A321-BEA856595FE5}" = rport=138 | protocol=17 | dir=out | app=system |
"{CDED9471-478B-49EE-A521-BE846CD57A90}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{D112653E-AC7F-4955-8DFF-3A2044936DEE}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{D6C963C8-BD9E-4566-A5F6-EF0BE30F334B}" = lport=139 | protocol=6 | dir=in | app=system |
"{E034E640-BF5A-4C69-86AD-7DAC3FF30863}" = rport=139 | protocol=6 | dir=out | app=system |
"{FA6FB6F0-3BDB-4F5E-9797-61C296A655BD}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe |
========== Vista Active Application Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{29199BA0-9F6D-42F4-B1EC-39D1AA71EB62}" = protocol=17 | dir=in | app=c:\program files\hp\hp photosmart plus b210 series\bin\devicesetup.exe |
"{3CD17587-37EE-44D7-AA10-28B43CC6429E}" = protocol=6 | dir=in | app=c:\program files\defender pro\defender pro\antispam32\dpreg.exe |
"{3D87B618-E9CE-4473-87F7-2887AE856615}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{3DDB15EF-C30C-441F-A826-331E4B694318}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{3F814F09-4006-4F7E-B590-9C238431A420}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{40BF3732-5923-4619-A1C9-2B28D7406B67}" = protocol=6 | dir=in | app=c:\program files\defender pro\defender pro\antispam32\dpreg.exe |
"{42953702-16E7-4404-993B-64A44E085538}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{47DD5E6F-EA2E-4A99-8D9F-FC43511AD4AC}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{4BC8D3CC-72C0-4BA7-BD5B-5F77FE25852E}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{4E34C99E-27DA-49AD-BD07-B9BC65D19FD3}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{5E2475F6-E31D-4D1D-B5F2-FEA7FE36A77D}" = protocol=17 | dir=in | app=c:\program files\hp\hp photosmart plus b210 series\bin\hpnetworkcommunicator.exe |
"{5EFC7C70-92A3-47C6-BF05-4F2B25B5DCA2}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{6287BF51-6B70-409D-ADB3-69B262F16E13}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{6B07965F-DCB7-43F7-8EED-D9CDAE788016}" = dir=in | app=c:\program files (x86)\leapfrog\leapfrog connect\leapfrogconnect.exe |
"{6E20AFCB-8DBB-4117-800C-F573C8A97F08}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{6E220999-9FB0-4855-9B69-1E054FD24D44}" = protocol=6 | dir=in | app=c:\program files\hp\hp photosmart plus b210 series\bin\hpnetworkcommunicator.exe |
"{776C001E-BB93-4F8D-A1BA-3E8A6361BC68}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{806786BB-254F-4C16-9DAA-7F36AC056B97}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{81A50485-8BBA-4F40-BEA1-BF80E4FD746D}" = protocol=6 | dir=out | app=system |
"{8643E6E6-818A-4CB5-BC25-64B5306814E4}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{875F7E5A-74B0-4D99-AEB2-B03D01BA5F7E}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{91B25DC0-EB0D-4551-95A3-47AD55388D84}" = protocol=6 | dir=in | app=c:\program files (x86)\animal planet games\kuma.exe |
"{96A899DD-6354-4EFC-ABB9-6041F7737F9D}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{9A3F7E86-B776-4E78-9921-D32C4478F2CB}" = protocol=6 | dir=in | app=c:\program files\hp\hp photosmart plus b210 series\bin\devicesetup.exe |
"{9ABED004-CB9B-4B36-886A-FE37CF96F97A}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{9ACE0ABE-2065-426F-9B86-0E003B3202E9}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe |
"{9BC35E3E-6685-4EDF-969D-94C02D4E9AB3}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{9CB0365E-5838-480A-AD3A-B94E0F2E7F6B}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{A57AB9AE-2E02-4BC8-93DD-8A988B2761C2}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{AD29E111-A222-47CD-856B-8129D4F46A47}" = protocol=17 | dir=in | app=c:\program files\defender pro\defender pro\antispam32\dpreg.exe |
"{B3334D31-CA16-436B-8855-D734970594AE}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{B7BD176F-E8E3-42FA-858A-C6B7B457B5F2}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{BA8D82FD-C304-4A2C-A6B5-1B5B770A2BA5}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{BBD09082-3D65-46D9-A664-0BBC10154E8E}" = protocol=17 | dir=in | app=c:\users\mike kinlaw\appdata\local\akamai\netsession_win.exe |
"{C5572531-2FE9-46D6-9A55-2E0342AD571C}" = protocol=17 | dir=in | app=c:\program files (x86)\animal planet games\kuma.exe |
"{CDAFD356-0AA8-4780-8E3A-7F53C32D051E}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{D0983115-DDF9-405A-A6B4-3DD64E08EAA3}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{D247552A-C30E-46AF-A080-5CD9CD60E7DE}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{D54AC453-FE25-45BA-9727-53E3813CAA98}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{DE62A12C-946C-4BE6-A83F-C2ECA6E3B80D}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{E25D9270-990F-4F21-A6C7-BD0B691752FB}" = protocol=6 | dir=in | app=c:\users\mike kinlaw\appdata\local\akamai\netsession_win.exe |
"{E545510B-0057-4F0C-BF3A-D7A48322153C}" = protocol=17 | dir=in | app=c:\program files\defender pro\defender pro\antispam32\dpreg.exe |
"{F312B2C6-ED7E-43D8-AA0C-89C3D07928E9}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"TCP Query User{F1C8F1CF-F7EC-48F6-A2A2-59D365040CB0}C:\users\mike kinlaw\appdata\local\akamai\netsession_win.exe" = protocol=6 | dir=in | app=c:\users\mike kinlaw\appdata\local\akamai\netsession_win.exe |
"UDP Query User{C274006C-12BA-4FB4-A578-E795C8DA77BF}C:\users\mike kinlaw\appdata\local\akamai\netsession_win.exe" = protocol=17 | dir=in | app=c:\users\mike kinlaw\appdata\local\akamai\netsession_win.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{13AC9B67-96DE-4DF6-9FB8-974DD24A7AD6}" = HP Photosmart Plus B210 series Basic Device Software
"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{5EB6F3CB-46F4-451F-A028-7F6D8D35D7D0}" = Windows Live Language Selector
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources
"{664AE3A4-2B08-401F-9D54-471C1844838B}" = HP Photosmart Plus B210 series Product Improvement Study
"{6A76BEAF-6D1F-4273-A79B-DA8410A2E56B}" = Apple Mobile Device Support
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{7CFA46E3-CC2F-4355-82AE-6012DC3633FD}" = NVIDIA ForceWare Network Access Manager
"{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
"{840A3BAA-4C68-4581-9C7A-6F8D6CF531B9}" = iTunes
"{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources
"{889DF117-14D1-44EE-9F31-C5FB5D47F68B}" = Yontoo 1.10.02
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2010
"{90140000-006D-0409-1000-0000000FF1CE}" = Microsoft Office Click-to-Run 2010
"{90140000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"8F14F2ECEDE68D26EA515B48DC25B39103C4FE8D" = Windows Driver Package - Leapfrog (Leapfrog-USBLAN) Net (09/10/2009 02.03.05.012)
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX 64-bit
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"NVIDIA Drivers" = NVIDIA Drivers
"Redirection Port Monitor" = RedMon - Redirection Port Monitor
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{00c2a207-da3e-416e-a2ba-6d34ce191335}" = Nero 9 Essentials
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{122ADF8C-DDA1-480C-9936-C88F2825B265}" = Apple Application Support
"{15EB20D6-5F13-41D0-BEF9-C9C44D6AC620}" = SDFormatter
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{20400DBD-E6DB-45B8-9B6B-1DD7033818EC}" = Nero InfoTool Help
"{2348B586-C9AE-46CE-936C-A68E9426E214}" = Nero StartSmart Help
"{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com
"{28E82311-8616-11E1-BEB0-B8AC6F97B88E}" = Google Earth
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{33CF58F5-48D8-4575-83D6-96F574E4D83A}" = Nero DriveSpeed
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{491ADA37-04EE-2ECE-9F86-DDC0106047AC}" = Times Reader
"{4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}" = Windows Live PIMT Platform
"{4D43D635-6FDA-4FA5-AA9B-23CF73D058EA}" = Nero StartSmart OEM
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{595A3116-40BB-4E0F-A2E8-D7951DA56270}" = NeroExpress
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6A05FEDF-662E-46BF-8A25-010E3F1C9C69}" = Windows Live UX Platform Language Pack
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{730E03E4-350E-48E5-9D3E-4329903D454D}" = Itibiti RTC
"{7748AC8C-18E3-43BB-959B-088FAEA16FB2}" = Nero StartSmart
"{787D1A33-A97B-4245-87C0-7174609A540C}" = HP Update
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7F5FDEA1-D0AC-4D80-9D95-59775FCCFA40}" = HP Photosmart Plus B210 series Help
"{7F811A54-5A09-4579-90E1-C93498E230D9}" = eMachines Recovery Management
"{80956555-A512-4190-9CAD-B000C36D6B6B}" = Windows Live Messenger
"{83202942-84B3-4C50-8622-B8C0AA2D2885}" = Nero Express Help
"{869200DB-287A-4DC0-B02B-2B6787FBCD4C}" = Nero DiscSpeed
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}" = TomTom HOME Visual Studio Merge Modules
"{9013B370-99D4-404B-9DB9-779B51CEB5FF}" = LeapFrog My Pals Plugin
"{90140000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010
"{90140000-0015-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010
"{90140000-0016-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010
"{90140000-0018-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010
"{90140000-0019-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010
"{90140000-001A-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010
"{90140000-001B-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.SingleImage_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-040C-0000-0000000FF1CE}_Office14.SingleImage_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010
"{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.SingleImage_{DEA87BE2-FFCC-4F33-9946-FCBE55A1E998}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{967EF02C-5C7E-4718-8FCB-BDC050190CCF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0409-1000-0000000FF1CE}_Office14.SingleImage_{D6C6B46A-6CE1-4561-84A0-EFD58B8AB979}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010
"{90140000-002C-0409-0000-0000000FF1CE}_Office14.SingleImage_{7CA93DF4-8902-449E-A42E-4C5923CFBDE3}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-003D-0000-0000-0000000FF1CE}" = Microsoft Office Single Image 2010
"{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010
"{90140000-006E-0409-0000-0000000FF1CE}_Office14.SingleImage_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010
"{90140000-00A1-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010
"{90140000-0115-0409-0000-0000000FF1CE}_Office14.SingleImage_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0116-0409-1000-0000000FF1CE}_Office14.SingleImage_{D6C6B46A-6CE1-4561-84A0-EFD58B8AB979}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010
"{90140000-0117-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140011-0066-0409-0000-0000000FF1CE}" = Microsoft Office Starter 2010 - English
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.3)
"{B194272D-1F92-46DF-99EB-8D5CE91CB4EC}" = Adobe AIR
"{B2EC4A38-B545-4A00-8214-13FE0E915E6D}" = Advertising Center
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{BD5CA0DA-71AD-43DA-B19E-6EEE0C9ADC9A}" = Nero ControlCenter
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{C81A2FE0-3574-00A9-CED4-BDAA334CBE8E}" = Nero Online Upgrade
"{CC019E3F-59D2-4486-8D4B-878105B62A71}" = Nero DiscSpeed Help
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E0B19DF7-B1C7-4937-82C4-0E4B1E346965}" = eBay Worldwide
"{E5C7D048-F9B4-4219-B323-8BDB01A2563D}" = Nero DriveSpeed Help
"{E8A80433-302B-4FF1-815D-FCC8EAC482FF}" = Nero Installer
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{EE171732-BEB4-4576-887D-CB62727F01CA}" = eMachines Updater
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F4041DCE-3FE1-4E18-8A9E-9DE65231EE36}" = Nero ControlCenter
"{F9D59E62-845F-49A2-8B75-DDB00661673C}" = LeapFrog Connect
"{FBCDFD61-7DCF-4E71-9226-873BA0053139}" = Nero InfoTool
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"Adobe AIR" = Adobe AIR
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"com.nyt.timesreader.78C54164786ADE80CB31E1C5D95607D0938C987A.1" = Times Reader
"Coupon Printer for Windows5.0.0.0" = Coupon Printer for Windows
"eMachines Game Console" = eMachines Game Console
"eMachines Registration" = eMachines Registration
"eMachines Screensaver" = eMachines ScreenSaver
"eMachines Welcome Center" = Welcome Center
"facetheme" = Facetheme
"Google Chrome" = Google Chrome
"Hotkey Utility" = Hotkey Utility
"HP Photo Creations" = HP Photo Creations
"Identity Card" = Identity Card
"InstallShield_{7CFA46E3-CC2F-4355-82AE-6012DC3633FD}" = NVIDIA ForceWare Network Access Manager
"MyPalsPlugin" = Use the entry named LeapFrog Connect to uninstall (LeapFrog My Pals Plugin)
"N360" = Norton 360
"NSS" = Norton Security Scan
"Office14.Click2Run" = Microsoft Office Click-to-Run 2010
"Office14.SingleImage" = Microsoft Office Home and Student 2010
"PDFlite" = PDFlite (remove only)
"PDFLite Toolbar" = PDFLite Toolbar
"Picasa 3" = Picasa 3
"Plot Stalker 1.0" = Plot Stalker 1.0
"Software Assist" = Software Assist
"TomTom HOME" = TomTom HOME 2.8.1.2218
"UPCShell" = LeapFrog Connect
"WildTangent emachines Master Uninstall" = eMachines Games
"WinLiveSuite" = Windows Live Essentials
"WT088147" = Agatha Christie - Death on the Nile
"WT088155" = Bejeweled 2 Deluxe
"WT088159" = Build-a-lot 2
"WT088166" = Chuzzle Deluxe
"WT088175" = Diner Dash 2 Restaurant Rescue
"WT088194" = Jewel Quest Solitaire 2
"WT088203" = Plants vs. Zombies
"WT088374" = Blackhawk Striker 2
"WT088394" = Dora's Carnival Adventure
"WT088414" = FATE
"WT088446" = John Deere Drive Green
"WT088450" = Penguins!
"WT088454" = Polar Bowler
"WT088458" = Polar Golfer
"WT088506" = Virtual Villagers 4 - The Tree of Life
"WT088521" = Zuma's Revenge
"WT088650" = 18 Wheels of Steel - American Long Haul
"WT088654" = Jewel Quest - Heritage
"Yahoo! Companion" = Yahoo! Toolbar
"Yahoo! Software Update" = Yahoo! Software Update
"YInstHelper" = Yahoo! Install Manager
========== HKEY_CURRENT_USER Uninstall List ========== [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Akamai" = Akamai NetSession Interface
"bd7158ff910bf43e" = Buckscore
"UnityWebPlayer" = Unity Web Player
========== Last 20 Event Log Errors ========== [ Application Events ]
Error - 7/25/2012 5:20:19 PM | Computer Name = MikeKinlaw-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
Error - 7/25/2012 5:20:19 PM | Computer Name = MikeKinlaw-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 9033
Error - 7/25/2012 5:20:19 PM | Computer Name = MikeKinlaw-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 9033
Error - 7/25/2012 5:20:20 PM | Computer Name = MikeKinlaw-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
Error - 7/25/2012 5:20:20 PM | Computer Name = MikeKinlaw-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 10031
Error - 7/25/2012 5:20:20 PM | Computer Name = MikeKinlaw-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 10031
Error - 7/25/2012 5:20:21 PM | Computer Name = MikeKinlaw-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
Error - 7/25/2012 5:20:21 PM | Computer Name = MikeKinlaw-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 11030
Error - 7/25/2012 5:20:21 PM | Computer Name = MikeKinlaw-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 11030
Error - 7/25/2012 5:20:22 PM | Computer Name = MikeKinlaw-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
Error - 7/25/2012 5:20:22 PM | Computer Name = MikeKinlaw-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 12028
Error - 7/25/2012 5:20:22 PM | Computer Name = MikeKinlaw-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 12028
Error - 7/26/2012 2:26:47 PM | Computer Name = MikeKinlaw-PC | Source = CVHSVC | ID = 100
Description = Information only. (Patch task for {90140011-0066-0409-0000-0000000FF1CE}):
DownloadLatest Failed: There are currently no active network connections. Background
Intelligent Transfer Service (BITS) will try again when an adapter is connected.
[ System Events ]
Error - 3/14/2012 3:00:42 AM | Computer Name = MikeKinlaw-PC | Source = bowser | ID = 8003
Description =
Error - 3/14/2012 3:23:01 AM | Computer Name = MikeKinlaw-PC | Source = Service Control Manager | ID = 7011
Description = A timeout (30000 milliseconds) was reached while waiting for a transaction
response from the eventlog service.
Error - 3/14/2012 3:23:31 AM | Computer Name = MikeKinlaw-PC | Source = Service Control Manager | ID = 7011
Description = A timeout (30000 milliseconds) was reached while waiting for a transaction
response from the Schedule service.
Error - 3/14/2012 3:23:31 AM | Computer Name = MikeKinlaw-PC | Source = Service Control Manager | ID = 7011
Description = A timeout (30000 milliseconds) was reached while waiting for a transaction
response from the eventlog service.
Error - 3/16/2012 8:42:20 PM | Computer Name = MikeKinlaw-PC | Source = bowser | ID = 8003
Description =
Error - 3/22/2012 6:02:11 PM | Computer Name = MikeKinlaw-PC | Source = bowser | ID = 8003
Description =
Error - 3/30/2012 9:10:53 AM | Computer Name = MikeKinlaw-PC | Source = bowser | ID = 8003
Description =
Error - 4/7/2012 3:00:41 AM | Computer Name = MikeKinlaw-PC | Source = bowser | ID = 8003
Description =
Error - 4/11/2012 10:18:37 AM | Computer Name = MikeKinlaw-PC | Source = bowser | ID = 8003
Description =
Error - 4/20/2012 10:25:58 AM | Computer Name = MikeKinlaw-PC | Source = bowser | ID = 8003
Description =
< End of report >
< End of report >