Here are the results of the scans:
TDSKiller did not find any rootkit items.
*---------------OTL.Txt --------------------------------------*
OTL logfile created on: 11/7/2013 6:14:26 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Kathy\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1.93 Gb Total Physical Memory | 0.82 Gb Available Physical Memory | 42.57% Memory free
4.10 Gb Paging File | 2.58 Gb Available in Paging File | 62.80% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 220.88 Gb Total Space | 132.94 Gb Free Space | 60.18% Space Free | Partition Type: NTFS
Computer Name: KATHYS-PC | User Name: Kathy | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ========== PRC - [2013/11/07 18:13:02 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Kathy\Desktop\OTL.exe
PRC - [2013/10/09 09:58:16 | 003,275,136 | ---- | M] (Skype Technologies S.A.) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
PRC - [2013/09/12 17:39:59 | 000,295,512 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\real\realplayer\Update\realsched.exe
PRC - [2013/09/06 19:53:20 | 001,423,008 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\Office14\WINWORD.EXE
PRC - [2013/08/14 14:19:24 | 000,039,056 | ---- | M] () -- C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
PRC - [2013/08/12 09:12:38 | 000,295,376 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\NisSrv.exe
PRC - [2013/08/12 09:12:38 | 000,022,208 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\MsMpEng.exe
PRC - [2013/06/24 20:12:32 | 000,044,784 | ---- | M] (MindSpark) -- C:\Program Files\FromDocToPDF_65\bar\1.bin\65SrchMn.exe
PRC - [2013/06/24 20:12:18 | 000,042,504 | ---- | M] (COMPANYVERS_NAME) -- C:\Program Files\FromDocToPDF_65\bar\1.bin\65barsvc.exe
PRC - [2013/06/24 20:12:18 | 000,030,096 | ---- | M] (VER_COMPANY_NAME) -- C:\Program Files\FromDocToPDF_65\bar\1.bin\65brmon.exe
PRC - [2013/05/24 18:47:30 | 027,776,968 | ---- | M] (Dropbox, Inc.) -- C:\Users\Kathy\AppData\Roaming\Dropbox\bin\Dropbox.exe
PRC - [2013/01/27 09:04:34 | 000,166,880 | ---- | M] (Soluto) -- C:\Program Files\Soluto\SolutoLauncherService.exe
PRC - [2013/01/27 09:04:32 | 000,553,440 | ---- | M] (Soluto) -- C:\Program Files\Soluto\SolutoService.exe
PRC - [2013/01/27 09:04:30 | 001,229,280 | ---- | M] (Soluto) -- c:\Program Files\Soluto\Soluto.exe
PRC - [2010/03/24 20:50:00 | 002,516,296 | ---- | M] (CANON INC.) -- C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
PRC - [2010/03/02 19:52:00 | 000,140,640 | ---- | M] (CANON INC.) -- C:\Program Files\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe
PRC - [2009/11/08 22:18:00 | 000,065,216 | ---- | M] (WordWeb Software) -- C:\Program Files\WordWeb\wweb32.exe
PRC - [2009/07/31 10:49:54 | 000,200,704 | ---- | M] () -- C:\Windows\PLFSetI.exe
PRC - [2009/06/18 19:00:24 | 000,723,488 | ---- | M] (Acer Incorporated) -- C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
PRC - [2009/06/18 19:00:24 | 000,703,008 | ---- | M] (Acer Incorporated) -- C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
PRC - [2009/06/18 19:00:22 | 000,453,152 | ---- | M] (Acer Incorporated) -- C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe
PRC - [2009/04/29 16:09:14 | 000,237,568 | ---- | M] (AlcorMicro Co., Ltd.) -- C:\Program Files\Selective Suspend Driver\AmIcoSinglun.exe
PRC - [2009/04/11 00:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009/03/16 17:14:00 | 000,565,248 | ---- | M] (Acer Incorporated) -- C:\Program Files\Acer\Acer VCM\AcerVCM.exe
PRC - [2009/02/11 18:38:40 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
PRC - [2009/02/11 18:38:38 | 000,186,904 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
PRC - [2009/02/05 09:14:56 | 000,237,568 | ---- | M] (Acer Incorporated) -- C:\Program Files\Acer\Acer VCM\RS_Service.exe
PRC - [2008/09/15 03:57:04 | 000,262,360 | ---- | M] (Data Perceptions / PowerProgrammer) -- C:\Windows\System32\WebUpdateSvc4.exe
PRC - [2004/06/09 13:27:34 | 000,471,040 | ---- | M] (PalmSource, Inc) -- C:\Program Files\palmOne\Hotsync.exe
========== Modules (No Company Name) ========== MOD - [2013/10/13 03:22:41 | 000,039,936 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PCGRSPProbe\4de87dcff56b1cc480bc9489122b35e0\PCGRSPProbe.ni.dll
MOD - [2013/10/13 03:22:39 | 000,055,296 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PCGUsersCenter\f5bad3277e4eb7b75277bb33f6d8e325\PCGUsersCenter.ni.dll
MOD - [2013/10/13 03:22:37 | 000,156,160 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PCGAppControlPlugin#\4e76c0ef0b27898e1287e1992c35cf6b\PCGAppControlPluginLoader.ni.dll
MOD - [2013/10/13 03:22:34 | 003,510,272 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PCGClientCommon\1a0c08e04a85290bfc9711006f51bbf1\PCGClientCommon.ni.dll
MOD - [2013/10/13 03:22:22 | 000,157,696 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PCGBootVisualizingC#\5fe86020912d2e6925231ba54be932f3\PCGBootVisualizingCommon.ni.dll
MOD - [2013/10/13 03:22:19 | 000,221,696 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PCGDriverProbe\730d462a7e3a215f3ed446a536604690\PCGDriverProbe.ni.dll
MOD - [2013/10/13 03:21:09 | 000,068,096 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PCGConfiguration\f3880f6048502089cfad0cb7bb86e67c\PCGConfiguration.ni.dll
MOD - [2013/10/13 03:21:06 | 002,617,856 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PCGDatabase\92e575065f18cf53803222d76c14fa4a\PCGDatabase.ni.dll
MOD - [2013/10/13 03:20:57 | 001,550,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PCGAzureShared\1f8ab68728e907a1baad5cda57dda0a9\PCGAzureShared.ni.dll
MOD - [2013/10/13 03:20:52 | 001,197,056 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PCGCommunication\3f02b42d4f0ea21dd631f3433d6b9b91\PCGCommunication.ni.dll
MOD - [2013/10/13 03:18:46 | 000,188,416 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PCGPrestoSerializer\2e1807f7639b94cb03fc048c33c7d8ba\PCGPrestoSerializer.ni.dll
MOD - [2013/10/13 03:18:42 | 002,128,384 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Newtonsoft.Json.Net#\c7d17aafbcdcc3aa47f35d53f325bda8\Newtonsoft.Json.Net35.ni.dll
MOD - [2013/10/13 03:18:19 | 002,731,520 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PCGFramework\d1c2b9f1041e0151787073a4b1888746\PCGFramework.ni.dll
MOD - [2013/10/13 03:17:49 | 001,620,992 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Soluto\ddd7b435f33a355a1d6d5977fe3ab7b3\Soluto.ni.exe
MOD - [2013/10/13 03:13:11 | 000,978,944 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\f453ecc6bb7fc8d52d61247676944623\System.Configuration.ni.dll
MOD - [2013/10/13 03:08:16 | 012,434,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\73d9bc894522543b561a0342dac87c06\System.Windows.Forms.ni.dll
MOD - [2013/10/13 03:07:54 | 002,518,016 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data.Linq\3815d0ee28da0b5a6e6c1f083ef437f6\System.Data.Linq.ni.dll
MOD - [2013/10/13 03:07:47 | 002,295,808 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Core\ab40b51ac49fbee9a48b5b74ff78d5d6\System.Core.ni.dll
MOD - [2013/08/16 19:14:17 | 000,212,992 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\5974034f0f53755b11bde4c9698261cb\System.ServiceProcess.ni.dll
MOD - [2013/08/16 19:13:48 | 011,820,032 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\59eba2680c01c33b2b3f5385979e32c6\System.Web.ni.dll
MOD - [2013/08/16 16:54:30 | 002,327,552 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Community.CsharpSql#\6c07f76ab73ce7b4dc02ccfec040ddc3\Community.CsharpSqlite.ni.dll
MOD - [2013/08/16 16:40:00 | 000,656,896 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PCGPostBootResources\05f479f87e6ac55f0fd3cd6ae1c10739\PCGPostBootResources.ni.dll
MOD - [2013/08/16 16:39:59 | 000,051,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PCGHIDProbe\c3d6831db800db604e16702ac6a0d091\PCGHIDProbe.ni.dll
MOD - [2013/08/16 16:32:52 | 000,048,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PCGAzureEntityFrame#\6260744bbbdeb48359e51f5d24f8cf3d\PCGAzureEntityFramework.ni.dll
MOD - [2013/08/16 16:32:42 | 001,707,008 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PCGPreCompiled\074b1bcfde67d61ff1989f4818b0f419\PCGPreCompiled.ni.dll
MOD - [2013/08/16 15:17:43 | 000,596,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Ionic.Zip.Reduced\36bdd5973166173b1547256acbedb674\Ionic.Zip.Reduced.ni.dll
MOD - [2013/08/16 11:48:46 | 005,462,016 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\09f5b3f7a363b742a73937e818595597\System.Xml.ni.dll
MOD - [2013/08/16 11:46:37 | 001,593,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\c0df7e124d8d5e2821fd7d3921d404f7\System.Drawing.ni.dll
MOD - [2013/08/16 11:39:26 | 007,977,984 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\d7153acb7b6ccb5a6a886d6f0ab732b1\System.ni.dll
MOD - [2013/07/23 18:40:08 | 000,202,240 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PCGWuInfo\fe73c0ce3b7f9f61db4b2f8453521a2d\PCGWuInfo.ni.dll
MOD - [2013/07/23 18:40:07 | 000,100,864 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Interop.IWshRuntime#\449c932b29b1df04449197f0693226a0\Interop.IWshRuntimeLibrary.ni.dll
MOD - [2013/07/21 16:58:41 | 002,052,096 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.Xml.dll
MOD - [2013/07/21 16:58:40 | 000,425,984 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.dll
MOD - [2013/07/11 12:12:33 | 011,497,984 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\6a938df70a8b7996a3890b4f34c83906\mscorlib.ni.dll
MOD - [2013/03/13 14:48:52 | 024,978,944 | ---- | M] () -- C:\Users\Kathy\AppData\Roaming\Dropbox\bin\libcef.dll
MOD - [2013/01/27 09:00:18 | 000,077,880 | ---- | M] () -- c:\Program Files\Soluto\PCGDllExportInspector.dll
MOD - [2012/11/13 17:32:50 | 003,558,400 | ---- | M] () -- C:\Users\Kathy\AppData\Roaming\Dropbox\bin\wxmsw28uh_vc.dll
MOD - [2012/10/05 04:59:03 | 003,194,880 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
MOD - [2011/03/16 23:11:16 | 004,297,568 | ---- | M] () -- C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
MOD - [2011/02/18 09:04:04 | 000,196,448 | ---- | M] () -- C:\Program Files\Microsoft Office\Office14\IEAWSDC.DLL
MOD - [2010/03/25 06:57:51 | 000,667,648 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Core\3.5.0.0__b77a5c561934e089\System.Core.dll
MOD - [2009/08/19 19:59:06 | 000,022,736 | ---- | M] () -- C:\Program Files\WordWeb\WUCNT.dll
MOD - [2009/07/31 10:49:54 | 000,200,704 | ---- | M] () -- C:\Windows\PLFSetI.exe
========== Services (SafeList) ========== SRV - [2013/10/09 09:58:16 | 003,275,136 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2013/10/08 13:07:50 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/08/14 14:19:24 | 000,039,056 | ---- | M] () [Auto | Running] -- C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe -- (RealNetworks Downloader Resolver Service)
SRV - [2013/08/12 09:12:38 | 000,295,376 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- c:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV - [2013/08/12 09:12:38 | 000,022,208 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV - [2013/06/24 20:12:18 | 000,042,504 | ---- | M] (COMPANYVERS_NAME) [Auto | Running] -- C:\Program Files\FromDocToPDF_65\bar\1.bin\65barsvc.exe -- (FromDocToPDF_65Service)
SRV - [2013/01/27 09:04:34 | 000,166,880 | ---- | M] (Soluto) [Auto | Running] -- C:\Program Files\Soluto\SolutoLauncherService.exe -- (SolutoLauncherService)
SRV - [2013/01/27 09:04:32 | 000,553,440 | ---- | M] (Soluto) [Auto | Running] -- C:\Program Files\Soluto\SolutoService.exe -- (SolutoService)
SRV - [2013/01/27 09:00:18 | 001,239,552 | ---- | M] (Soluto) [On_Demand | Stopped] -- C:\Program Files\Soluto\SolutoRemoteService.exe -- (SolutoRemoteService)
SRV - [2012/07/13 18:17:12 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice_tmp.exe -- (MozillaMaintenance)
SRV - [2012/07/13 12:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2009/06/18 19:00:24 | 000,723,488 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe -- (ePowerSvc)
SRV - [2009/02/11 18:38:40 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON)
SRV - [2009/02/05 09:14:56 | 000,237,568 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files\Acer\Acer VCM\RS_Service.exe -- (RS_Service)
SRV - [2008/09/15 03:57:04 | 000,262,360 | ---- | M] (Data Perceptions / PowerProgrammer) [Auto | Running] -- C:\Windows\System32\WebUpdateSvc4.exe -- (WebUpdate4)
SRV - [2008/01/20 20:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
========== Driver Services (SafeList) ========== DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\LV302V32.SYS -- (PID_PEPI)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\lv302af.sys -- (pepifilter)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | System | Stopped] -- C:\Windows\system32\drivers\npbgsgld.sys -- (npbgsgld)
DRV - File not found [Kernel | On_Demand | Unknown] -- C:\Users\Kathy\AppData\Local\Temp\mbr.sys -- (mbr)
DRV - File not found [Kernel | Auto | Stopped] -- System32\Drivers\Lxarscan.sys -- (LXARScan)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\LVUSBSta.sys -- (LVUSBSta)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\lvrs.sys -- (LVRS)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | On_Demand | Running] -- C:\Windows\TEMP\cpuz136\cpuz136_x32.sys -- (cpuz136)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\TEMP\cpuz135\cpuz135_x32.sys -- (cpuz135)
DRV - [2013/11/07 18:11:01 | 000,040,392 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{A4AC8977-8438-4010-B824-9307E3751523}\MpKsl35a872e1.sys -- (MpKsl35a872e1)
DRV - [2013/06/18 20:50:08 | 000,107,392 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\NisDrvWFP.sys -- (NisDrv)
DRV - [2013/01/27 08:59:58 | 000,051,144 | ---- | M] (Soluto LTD.) [File_System | Boot | Running] -- C:\Windows\System32\drivers\Soluto.sys -- (Soluto)
DRV - [2010/03/28 18:24:37 | 000,016,694 | ---- | M] (PalmSource, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\PalmUSBD.sys -- (PalmUSBD)
DRV - [2009/04/27 02:16:04 | 000,050,176 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\L1C60x86.sys -- (L1C)
DRV - [2009/04/07 21:14:40 | 000,014,848 | ---- | M] (Alcor Micro, Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\SSUSB.sys -- (SSUSB)
DRV - [2009/03/30 15:35:12 | 000,010,752 | ---- | M] (Alcor Micro, Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\SSDISK.sys -- (SSDISK)
DRV - [2009/03/03 20:49:22 | 004,232,704 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NETw5v32.sys -- (NETw5v32)
DRV - [2008/12/04 12:25:38 | 000,112,640 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\IntcHdmi.sys -- (IntcHdmiAddService)
DRV - [2008/09/30 21:50:50 | 000,010,504 | ---- | M] (Dritek System Inc.) [Kernel | System | Running] -- C:\Program Files\GridVista\DPMemGridVista.sys -- (DPMemGridVista)
DRV - [2003/10/01 08:29:50 | 000,069,632 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\OEM\factory\int15.sys -- (int15.sys)
========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://homepage.acer.com/rdr.aspx?b=ACA ... 5w47j1r735IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://homepage.acer.com/rdr.aspx?b=ACA ... 5w47j1r735IE - HKLM\..\SearchScopes,DefaultScope = {67A2568C-7A0A-4EED-AECC-B5405DE63B64}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" =
http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" =
http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" =
http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKU\.DEFAULT\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - No CLSID value found
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - No CLSID value found
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1403424136-2531779536-1460617787-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://www.msn.com/?ocid=EIE9HP&PC=UP50IE - HKU\S-1-5-21-1403424136-2531779536-1460617787-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
http://www.google.comIE - HKU\S-1-5-21-1403424136-2531779536-1460617787-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://home.mywebsearch.com/index.jhtml?n=77DE8857&p2=^Y6^xdm003^YY^us&ptb=87F9B5A7-1A6A-4179-A4B1-5C9585FE55A5&si=CNrN44-Q_rcCFc1cMgodX1oAuA
IE - HKU\S-1-5-21-1403424136-2531779536-1460617787-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore =
http://mail.google.com/a/dishmail.net/? ... .net#inboxIE - HKU\S-1-5-21-1403424136-2531779536-1460617787-1000\..\URLSearchHook: {4c60e5ab-5c68-4c59-abaa-885010b24b32} - No CLSID value found
IE - HKU\S-1-5-21-1403424136-2531779536-1460617787-1000\..\SearchScopes,DefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKU\S-1-5-21-1403424136-2531779536-1460617787-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" =
http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-1403424136-2531779536-1460617787-1000\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" =
http://search.babylon.com/?q={searchTerms}&affID=114066&tt=2912_7&babsrc=SP_ss&mntrId=285fc8d00000000000000022fb66b6b8
IE - HKU\S-1-5-21-1403424136-2531779536-1460617787-1000\..\SearchScopes\{2487D5C1-0C30-4457-8532-2431C3BCB8EE}: "URL" =
http://isearch.avg.com/search?cid={DECFAAD5-80B9-48B6-B814-2D9C0F3A1129}&mid=812065f8a3e237250d9030fa7aa40137-b60c989b9a805664a229481db4ea5b647d6c2de4&lang=en&ds=AVG&pr=fr&d=2011-10-15 14:24:37&v=9.0.0.18&sap=dsp&q={searchTerms}
IE - HKU\S-1-5-21-1403424136-2531779536-1460617787-1000\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" =
http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW_en
IE - HKU\S-1-5-21-1403424136-2531779536-1460617787-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" =
http://www.google.com/search?q={searchTerms}&rlz=1I7ACAW_en&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKU\S-1-5-21-1403424136-2531779536-1460617787-1000\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" =
http://www.bing.com/search?FORM=UP50DF&PC=UP50&q={searchTerms}&src=IE-SearchBox
IE - HKU\S-1-5-21-1403424136-2531779536-1460617787-1000\..\SearchScopes\{C04B7D22-5AEC-4561-8F49-27F6269208F6}: "URL" =
http://www2.inbox.com/search/dispatcher.aspx?tp=bs&qkw={searchTerms}&tbid=82079&iwk=273&lng=en
IE - HKU\S-1-5-21-1403424136-2531779536-1460617787-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ========== FF - prefs.js..extensions.enabledAddons: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:2.4.8.20120412011105
FF - prefs.js..extensions.enabledAddons:
amznUWL2@amazon.com:1.10
FF - prefs.js..extensions.enabledAddons: {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}:6.11.0.13348
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF - HKLM\Software\MozillaPlugins\@canon.com/MycameraPlugin: C:\Program Files\Canon\MyCamera Download Plugin\NPCIG.dll (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@FromDocToPDF_65.com/Plugin: C:\Program Files\FromDocToPDF_65\bar\1.bin\NP65Stub.dll (MindSpark)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8051.1204: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=16.0.3.51: c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlchromebrowserrecordext;version=1.3.3: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlhtml5videoshim;version=1.3.3: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlpepperflashvideoshim;version=1.3.3: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=16.0.3.51: c:\program files\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF - HKLM\Software\MozillaPlugins\@realnetworks.com/npdlplugin;version=1: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\Kathy\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF - HKCU\Software\MozillaPlugins\amazon.com/AmazonMP3DownloaderPlugin: C:\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101752.dll (Amazon.com, Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\65ffxtbr@FromDocToPDF_65.com: C:\Program Files\FromDocToPDF_65\bar\1.bin [2013/11/05 05:21:50 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2013/09/12 17:42:58 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{DF153AFF-6948-45d7-AC98-4FC4AF8A08E2}: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ [2013/09/12 17:42:58 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/07/17 18:17:21 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013/09/12 17:40:57 | 000,000,000 | ---D | M]
[2010/03/24 18:34:48 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Kathy\AppData\Roaming\Mozilla\Extensions
[2013/06/24 20:13:08 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Kathy\AppData\Roaming\Mozilla\Firefox\Profiles\ojyrvpn2.default\extensions
[2010/06/07 17:36:07 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Kathy\AppData\Roaming\Mozilla\Firefox\Profiles\ojyrvpn2.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2012/05/19 18:38:27 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Users\Kathy\AppData\Roaming\Mozilla\Firefox\Profiles\ojyrvpn2.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2013/06/24 20:13:09 | 000,000,000 | ---D | M] (FromDocToPDF) -- C:\Users\Kathy\AppData\Roaming\Mozilla\Firefox\Profiles\ojyrvpn2.default\extensions\65ffxtbr@FromDocToPDF_65.com
[2011/02/03 20:24:36 | 000,000,000 | ---D | M] (Search Toolbar) -- C:\Users\Kathy\AppData\Roaming\Mozilla\Firefox\Profiles\ojyrvpn2.default\extensions\searchtoolbar@zugo.com
[2012/10/06 21:11:02 | 000,243,287 | ---- | M] () (No name found) -- C:\Users\Kathy\AppData\Roaming\Mozilla\Firefox\Profiles\ojyrvpn2.default\extensions\amznUWL2@amazon.com.xpi
[2011/02/03 20:24:38 | 000,001,919 | ---- | M] () -- C:\Users\Kathy\AppData\Roaming\Mozilla\Firefox\Profiles\ojyrvpn2.default\searchplugins\bing-zugo.xml
[2012/07/17 18:17:21 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2013/10/20 14:09:47 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2013/04/24 11:44:23 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2013/10/20 14:09:46 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2012/07/13 18:17:47 | 000,136,672 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011/03/18 12:32:12 | 000,091,552 | ---- | M] (Coupons, Inc.) -- C:\Program Files\mozilla firefox\plugins\npCouponPrinter.dll
[2011/11/10 05:54:13 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2011/03/18 12:32:14 | 000,091,552 | ---- | M] (Coupons, Inc.) -- C:\Program Files\mozilla firefox\plugins\npMozCouponPrinter.dll
[2013/09/12 17:40:31 | 000,124,504 | ---- | M] (RealPlayer) -- C:\Program Files\mozilla firefox\plugins\nprpplugin.dll
[2012/07/09 16:16:47 | 000,003,767 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\avg-secure-search.xml
[2012/07/18 09:23:08 | 000,002,349 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\babylon.xml
[2012/07/13 18:16:36 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012/07/13 18:16:36 | 000,002,040 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml
O1 HOSTS File: ([2006/09/18 15:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (RealNetworks Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Toolbar BHO) - {a235e1e3-6296-4710-af39-104a7faa6c7c} - C:\Program Files\FromDocToPDF_65\bar\1.bin\65bar.dll (MindSpark)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Search Assistant BHO) - {f236ca79-3123-4afb-9f74-e98117ad5625} - C:\Program Files\FromDocToPDF_65\bar\1.bin\65SrcAs.dll (MindSpark)
O3 - HKLM\..\Toolbar: (FromDocToPDF) - {c66a678d-5e6c-4af9-8f57-c6192f42cf74} - C:\Program Files\FromDocToPDF_65\bar\1.bin\65bar.dll (MindSpark)
O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKU\S-1-5-21-1403424136-2531779536-1460617787-1000\..\Toolbar\WebBrowser: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKU\S-1-5-21-1403424136-2531779536-1460617787-1000\..\Toolbar\WebBrowser: (no name) - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No CLSID value found.
O4 - HKLM..\Run: [Acer Assist Launcher] C:\Program Files\Acer\Acer Assist\launcher.exe ()
O4 - HKLM..\Run: [Acer ePower Management] C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe (Acer Incorporated)
O4 - HKLM..\Run: [AmIcoSinglun] C:\Program Files\Selective Suspend Driver\AmIcoSinglun.exe (AlcorMicro Co., Ltd.)
O4 - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4 - HKLM..\Run: [FromDocToPDF Search Scope Monitor] C:\Program Files\FromDocToPDF_65\bar\1.bin\65SrchMn.exe (MindSpark)
O4 - HKLM..\Run: [FromDocToPDF_65 Browser Plugin Loader] C:\Program Files\FromDocToPDF_65\bar\1.bin\65brmon.exe (VER_COMPANY_NAME)
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4 - HKLM..\Run: [IJNetworkScanUtility] C:\Program Files\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe (CANON INC.)
O4 - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [PLFSetI] C:\Windows\PLFSetI.exe ()
O4 - HKLM..\Run: [ROC_roc_dec12] "C:\Program Files\AVG Secure Search\ROC_roc_dec12.exe" /PROMPT /CMPID=roc_dec12 File not found
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-1403424136-2531779536-1460617787-1000..\Run: [Google Update] Reg Error: Value error. File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Low Rights present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Google Sidewiki... -
res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html File not found
O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93}
http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA}
http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_30)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.10.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1A48B34A-7608-4D4D-AFC9-BC7194A9B2B1}: DhcpNameServer = 192.168.10.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B5DF368C-F419-4932-BD75-7A02B9585635}: DhcpNameServer = 192.168.10.1
O18 - Protocol\Handler\inbox {37540F19-DD4C-478B-B2DF-C19281BCAF27} - C:\PROGRA~1\INBOXT~1\Inbox.dll File not found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (c:\windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (c:\program files\soluto\soluto.exe /userinit) - c:\program files\soluto\soluto.exe (Soluto)
O24 - Desktop WallPaper: C:\Users\Kathy\Pictures\Lighthouse.jpg
O24 - Desktop BackupWallPaper: C:\Users\Kathy\Pictures\Lighthouse.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 15:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{7e71ba7c-376f-11df-9e5f-00269e0b901e}\Shell - "" = AutoRun
O33 - MountPoints2\{7e71ba7c-376f-11df-9e5f-00269e0b901e}\Shell\AutoRun\command - "" = D:\LaunchU3.exe -a
O33 - MountPoints2\{de46b73d-1093-11e0-ab74-00269e0b901e}\Shell\AutoRun\command - "" = E:\Windows\bin\eblSetup.exe
O33 - MountPoints2\{ef6316fd-2fea-11e0-abad-00269e0b901e}\Shell - "" = AutoRun
O33 - MountPoints2\{ef6316fd-2fea-11e0-abad-00269e0b901e}\Shell\AutoRun\command - "" = D:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
========== Files/Folders - Created Within 30 Days ========== [2013/11/07 18:13:01 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Kathy\Desktop\OTL.exe
[2013/11/07 18:10:00 | 004,121,952 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\Kathy\Desktop\tdsskiller.exe
[2013/11/05 12:26:05 | 000,000,000 | ---D | C] -- C:\Users\Kathy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDVD
[2013/10/13 02:14:01 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2013/10/13 02:13:59 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2013/10/13 02:13:58 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2013/10/13 02:13:58 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2013/10/13 02:13:57 | 000,607,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2013/10/13 02:13:55 | 001,800,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2013/10/13 02:13:54 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2013/10/13 02:13:51 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2013/10/10 12:21:15 | 001,172,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10warp.dll
[2013/10/10 12:21:15 | 001,069,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DWrite.dll
[2013/10/10 12:21:15 | 000,486,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10level9.dll
[2013/10/10 12:21:14 | 001,029,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10.dll
[2013/10/10 12:21:14 | 000,683,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d2d1.dll
[2013/10/10 12:21:14 | 000,219,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1core.dll
[2013/10/10 12:21:14 | 000,189,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10core.dll
[2013/10/10 12:21:14 | 000,160,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1.dll
[2013/10/10 12:21:10 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cdd.dll
[2013/10/10 12:21:07 | 000,102,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationCFFRasterizerNative_v0300.dll
[2013/10/10 12:21:05 | 002,050,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2013/10/10 12:20:57 | 000,226,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbport.sys
[2013/10/10 12:20:57 | 000,006,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbd.sys
[2013/10/10 12:17:53 | 000,293,376 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll
[2013/10/10 12:17:52 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll
[2013/10/10 12:17:47 | 000,025,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\hidparse.sys
[2011/06/10 11:44:36 | 003,080,864 | ---- | C] (Adobe Systems, Inc.) -- C:\Program Files\install_flash_player.exe
[1964/01/03 08:35:38 | 000,053,248 | ---- | C] (Silitek Corp.) -- C:\Program Files\ACMonitor_X73.exe
[4 C:\*.tmp files -> C:\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files - Modified Within 30 Days ========== [2013/11/07 18:13:02 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Kathy\Desktop\OTL.exe
[2013/11/07 18:10:04 | 004,121,952 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\Kathy\Desktop\tdsskiller.exe
[2013/11/07 18:09:26 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/11/07 18:08:48 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/11/06 21:42:09 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2013/11/06 21:42:09 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2013/11/06 21:22:02 | 000,000,928 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1403424136-2531779536-1460617787-1000UA.job
[2013/11/06 21:21:00 | 000,000,906 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1403424136-2531779536-1460617787-1000Core.job
[2013/11/05 12:27:46 | 000,618,148 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013/11/05 12:27:46 | 000,109,218 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2013/11/05 06:21:50 | 2075,045,888 | -HS- | M] () -- C:\hiberfil.sys
[2013/11/04 21:28:52 | 000,000,910 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013/11/04 18:39:22 | 264,443,960 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2013/10/25 13:15:45 | 001,822,775 | ---- | M] () -- C:\Users\Kathy\Desktop\ColoringPages.pdf
[2013/10/25 11:53:07 | 000,002,637 | ---- | M] () -- C:\Users\Kathy\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Word 2010.lnk
[2013/10/16 02:03:05 | 000,001,945 | ---- | M] () -- C:\Windows\epplauncher.mif
[2013/10/13 03:03:24 | 000,403,736 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[4 C:\*.tmp files -> C:\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files Created - No Company Name ========== [2013/11/04 21:28:52 | 000,000,910 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013/10/25 13:15:45 | 001,822,775 | ---- | C] () -- C:\Users\Kathy\Desktop\ColoringPages.pdf
[2012/09/19 13:54:47 | 000,047,633 | ---- | C] () -- C:\Windows\System32\wuwuninst.exe
[2012/07/17 18:27:14 | 000,000,193 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
[2012/07/14 22:03:55 | 000,027,520 | ---- | C] () -- C:\Users\Kathy\AppData\Local\dt.dat
[2011/04/06 14:54:18 | 000,000,680 | ---- | C] () -- C:\Users\Kathy\AppData\Local\d3d9caps.dat
[2011/03/29 21:33:28 | 000,000,000 | ---- | C] () -- C:\Users\Kathy\AppData\Roaming\124tre.ini
[2010/06/14 17:14:02 | 000,000,000 | ---- | C] () -- C:\Users\Kathy\AppData\Local\prvlcl.dat
[2010/03/24 18:44:53 | 000,020,480 | ---- | C] () -- C:\Users\Kathy\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/03/23 20:25:09 | 000,000,210 | ---- | C] () -- C:\Users\Kathy\AppData\Roaming\wklnhst.dat
[2001/07/20 09:48:06 | 000,008,116 | ---- | C] () -- C:\Program Files\OSLO3071b2.USB
[2000/12/05 14:56:34 | 000,114,688 | ---- | C] () -- C:\Program Files\lxarscan.dll
[2000/01/11 11:50:48 | 000,000,047 | ---- | C] () -- C:\Program Files\ACMonitor_X73.ini
[1964/01/18 07:07:18 | 000,000,768 | ---- | C] () -- C:\Program Files\x73_lut.dat
[1964/01/03 08:25:18 | 000,001,437 | ---- | C] () -- C:\Program Files\gtx73.ini
========== ZeroAccess Check ========== [2011/04/02 11:52:34 | 001,150,396 | ---- | M] () -- C:\$Recycle.bin\S-1-5-21-1403424136-2531779536-1460617787-1000\$RFTDUQK\L.JPG
[2006/11/02 06:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/08 11:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/04/11 00:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/04/11 00:28:25 | 000,347,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
========== Alternate Data Streams ========== @Alternate Data Stream - 177 bytes -> C:\ProgramData\TEMP:DCAF903C
@Alternate Data Stream - 173 bytes -> C:\ProgramData\TEMP:F94CB4DD
@Alternate Data Stream - 169 bytes -> C:\ProgramData\TEMP:B623B5B8
@Alternate Data Stream - 163 bytes -> C:\ProgramData\TEMP:F7862839
@Alternate Data Stream - 160 bytes -> C:\ProgramData\TEMP:8750DCE4
@Alternate Data Stream - 157 bytes -> C:\ProgramData\TEMP:798A3728
@Alternate Data Stream - 142 bytes -> C:\ProgramData\TEMP:51574724
@Alternate Data Stream - 141 bytes -> C:\ProgramData\TEMP:94188BC6
@Alternate Data Stream - 125 bytes -> C:\ProgramData\TEMP:BB24555F
@Alternate Data Stream - 119 bytes -> C:\ProgramData\TEMP:B203B914
@Alternate Data Stream - 117 bytes -> C:\ProgramData\TEMP:3064D21D
@Alternate Data Stream - 116 bytes -> C:\ProgramData\TEMP:9E22BBE8
@Alternate Data Stream - 114 bytes -> C:\ProgramData\TEMP:131C0EE9
@Alternate Data Stream - 113 bytes -> C:\ProgramData\TEMP:ABE89FFE
@Alternate Data Stream - 105 bytes -> C:\ProgramData\TEMP:CE0A077E
@Alternate Data Stream - 103 bytes -> C:\ProgramData\TEMP:35759C73
< End of report >
*------------------------ OTL Extras -----------------------------*
OTL Extras logfile created on: 11/7/2013 6:14:26 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Kathy\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1.93 Gb Total Physical Memory | 0.82 Gb Available Physical Memory | 42.57% Memory free
4.10 Gb Paging File | 2.58 Gb Available in Paging File | 62.80% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 220.88 Gb Total Space | 132.94 Gb Free Space | 60.18% Space Free | Partition Type: NTFS
Computer Name: KATHYS-PC | User Name: Kathy | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
[HKEY_USERS\S-1-5-21-1403424136-2531779536-1460617787-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistUMP] -- "C:\Program Files\UMPlayer\umplayer.exe" -add-to-playlist "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithUMP] -- "C:\Program Files\UMPlayer\umplayer.exe" -play-dir "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== Firewall Settings ========== ========== Authorized Applications List ========== ========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00203668-8170-44A0-BE44-B632FA4D780F}" = Adobe AIR
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = LG CyberLink YouCam
"{020D8396-D6D9-4B53-A9A1-83C47E2E27AA}" = Windows Live Call
"{047F790A-7A2A-4B6A-AD02-38092BA63DAC}" = Acer VCM
"{0AAA9C97-74D4-47CE-B089-0B147EF3553C}" = Windows Live Messenger
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5200_series" = Canon MG5200 series MP Drivers
"{15D967B5-A4BE-42AE-9E84-64CD062B25AA}" = eSobi v2
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = LG Power Tools
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 30
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3DB0448D-AD82-4923-B305-D001E521A964}" = Acer ePower Management
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4AB8B41B-3AF1-46BE-99B0-0ACD3B300C0A}" = Junk Mail filter update
"{4D24F198-A2CB-46B5-BB16-41B69C644B6C}" = Microsoft Security Client
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{59716973-C123-4B46-B44B-36FCD9CEB8A3}" = Print Artist Silver 22
"{5B63A470-9334-44D1-AF61-6CE2DB565AE9}" = Orion
"{63C1109E-D977-49ED-BCE3-D00D0BF187D6}" = Windows Live Mail
"{6471B123-F60F-4DC8-8FB4-DE0879A01BB3}" = Alcor Micro Card Rader Driver and Utility
"{67E03279-F703-408F-B4BF-46B5FC8D70CD}" = Microsoft Works
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{6A92E5C5-0578-443D-91F3-92ECE5F2CAE2}" = Windows Live Writer
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{71C2828F-2678-4675-BDEC-895424861262}_is1" = C:\Program Files\Acer GameZone\GameConsole
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{77DCDCE3-2DED-62F3-8154-05E745472D07}" = Acrobat.com
"{7F811A54-5A09-4579-90E1-C93498E230D9}" = Acer eRecovery Management
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110111700}" = Zuma Deluxe
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110184263}" = Puzzle Express
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111125700}" = Rainbow Web
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111202970}" = Word Jong To Go
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11120457}" = Tumble Bees To Go
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111205743}" = Tri-Peaks Solitaire To Go
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111252743}" = Mahjong Escape Ancient China
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111307457}" = Galapago
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11219217}" = Cradle of Rome
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}" = Choice Guard
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90140000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010
"{90140000-0015-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010
"{90140000-0016-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010
"{90140000-0018-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010
"{90140000-0019-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010
"{90140000-001A-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010
"{90140000-001B-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.SingleImage_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-040C-0000-0000000FF1CE}_Office14.SingleImage_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010
"{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.SingleImage_{DEA87BE2-FFCC-4F33-9946-FCBE55A1E998}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010
"{90140000-002C-0409-0000-0000000FF1CE}_Office14.SingleImage_{7CA93DF4-8902-449E-A42E-4C5923CFBDE3}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-003D-0000-0000-0000000FF1CE}" = Microsoft Office Single Image 2010
"{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010
"{90140000-006E-0409-0000-0000000FF1CE}_Office14.SingleImage_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010
"{90140000-00A1-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010
"{90140000-0115-0409-0000-0000000FF1CE}_Office14.SingleImage_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010
"{90140000-0117-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{9422C8EA-B0C6-4197-B8FC-DC797658CA00}" = Windows Live Sign-in Assistant
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A048005D-3B95-4830-BC02-5CA5C4C55257}" = Soluto
"{AAECF7BA-E83B-4A10-87EA-DE0B333F8734}" = RealNetworks - Microsoft Visual C++ 2010 Runtime
"{AC76BA86-7AD7-1033-7B44-A95000000001}" = Adobe Reader 9.5.2
"{ADD5DB49-72CF-11D8-9D75-000129760D75}" = LG CyberLink PowerBackup
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = LG CyberLink PowerProducer
"{B92C5909-1D37-4C51-8397-A28BB28E5DC3}" = Facebook Video Calling 1.2.0.287
"{C8E8D2E3-EF6A-4B1D-A09E-7B27EBE2F3CE}" = RealDownloader
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D0ACE89D-EC7F-470F-80BE-4C98ED366B32}" = Acer Crystal Eye webcam Ver:1.1.87.603
"{D9D754A1-EAC5-406C-A28B-C49B1E846711}" = Windows Live Essentials
"{DF592394-16C4-4C44-9A31-C8241A55164A}" = Premier Predictor Pro
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{F0681859-D086-4384-B204-386FA7D80A5B}" = SplashShopper
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F69E83CF-B440-43F8-89E6-6EA80712109B}" = Windows Live Communications Platform
"{F73A5B18-EB75-4B2C-B32D-9457576E2417}" = Windows Live Photo Gallery
"{FDD810CA-D5E3-40E9-AB7B-36440B0D41EF}" = Windows Live Sync
"{FF24F097-D090-41D2-8E9C-BAFEBBFD938C}" = palmOne
"Acer Assist" = Acer Assist
"Acer Registration" = Acer Registration
"Acer Screensaver" = Acer ScreenSaver
"Adobe AIR" = Adobe AIR
"Adobe Digital Editions 2.0" = Adobe Digital Editions 2.0
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Amazon MP3 Downloader" = Amazon MP3 Downloader 1.0.17
"CameraUserGuide-PSELPH300HS_IXUS220HS" = Canon PowerShot ELPH 300 HS_IXUS 220 HS Camera User Guide
"CameraWindowDC8" = Canon Utilities CameraWindow DC 8
"CameraWindowLauncher" = Canon Utilities CameraWindow Launcher
"CANON iMAGE GATEWAY Task" = CANON iMAGE GATEWAY Task for ZoomBrowser EX
"Canon MG5200 series User Registration" = Canon MG5200 series User Registration
"Canon MOV Decoder" = Canon MOV Decoder
"Canon MOV Encoder" = Canon MOV Encoder
"Canon_IJ_Network_Scan_UTILITY" = Canon IJ Network Scan Utility
"Canon_IJ_Network_UTILITY" = Canon IJ Network Tool
"CanonMyPrinter" = Canon My Printer
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"Coupon Printer for Windows5.0.0.1" = Coupon Printer for Windows
"Emicsoft DVD Ripper_is1" = Emicsoft DVD Ripper
"Free Mp3 Wma Converter_is1" = Free Mp3 Wma Converter V 1.91
"FromDocToPDF_65bar Uninstall" = FromDocToPDF Toolbar
"GridVista" = GridVista
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = LG CyberLink YouCam
"InstallShield_{15D967B5-A4BE-42AE-9E84-64CD062B25AA}" = eSobi v2
"InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = LG Power Tools
"InstallShield_{6471B123-F60F-4DC8-8FB4-DE0879A01BB3}" = Alcor Micro Card Rader Driver and Utility
"LManager" = Launch Manager
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.75.0.1300
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft Security Client" = Microsoft Security Essentials
"MovieEditTask" = Canon MovieEdit Task for ZoomBrowser EX
"MovieUploaderForYouTube" = Canon Utilities Movie Uploader for YouTube
"Mozilla Firefox 14.0.1 (x86 en-US)" = Mozilla Firefox 14.0.1 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MP Navigator EX 4.0" = Canon MP Navigator EX 4.0
"MyCamera" = Canon Utilities MyCamera
"MyCamera Download Plugin" = CANON iMAGE GATEWAY MyCamera Download Plugin
"Office14.SingleImage" = Microsoft Office Home and Student 2010
"PhotoStitch" = Canon Utilities PhotoStitch
"Premier Predictor Pro" = Premier Predictor Pro
"RealPlayer 16.0" = RealPlayer
"Search Toolbar" = Search Toolbar
"Software Guide" = Canon DIGITAL CAMERA Solution Disk Software Guide
"Software Update Wizard (Redistributable)" = Software Update Wizard (Redistributable) 4.5
"SplashShopper Desktop" = SplashShopper Desktop 3.1.0
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"Ticket To Ride 1.0" = Ticket To Ride 1.0
"TVWiz" = Intel(R) TV Wizard
"UMPlayer" = UMPlayer 0.98 [P3]
"WinLiveSuite_Wave3" = Windows Live Essentials
"WordWeb" = WordWeb
"ZoomBrowser EX" = Canon Utilities ZoomBrowser EX
"ZoomBrowser EX Memory Card Utility" = Canon ZoomBrowser EX Memory Card Utility
========== HKEY_USERS Uninstall List ========== [HKEY_USERS\S-1-5-21-1403424136-2531779536-1460617787-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Amazon Kindle For PC" = Amazon Kindle For PC
"Dropbox" = Dropbox
========== Last 20 Event Log Errors ========== [ Application Events ]
Error - 11/5/2013 4:56:25 PM | Computer Name = Kathys-PC | Source = Windows Search Service | ID = 3013
Description =
Error - 11/5/2013 4:56:25 PM | Computer Name = Kathys-PC | Source = Windows Search Service | ID = 3013
Description =
Error - 11/5/2013 4:56:29 PM | Computer Name = Kathys-PC | Source = Windows Search Service | ID = 3013
Description =
Error - 11/5/2013 4:56:29 PM | Computer Name = Kathys-PC | Source = Windows Search Service | ID = 3013
Description =
Error - 11/5/2013 4:56:30 PM | Computer Name = Kathys-PC | Source = Windows Search Service | ID = 3013
Description =
Error - 11/5/2013 4:56:30 PM | Computer Name = Kathys-PC | Source = Windows Search Service | ID = 3013
Description =
Error - 11/5/2013 4:56:31 PM | Computer Name = Kathys-PC | Source = Windows Search Service | ID = 3013
Description =
Error - 11/5/2013 4:56:31 PM | Computer Name = Kathys-PC | Source = Windows Search Service | ID = 3013
Description =
Error - 11/5/2013 4:56:33 PM | Computer Name = Kathys-PC | Source = Windows Search Service | ID = 3013
Description =
Error - 11/5/2013 4:56:33 PM | Computer Name = Kathys-PC | Source = Windows Search Service | ID = 3013
Description =
[ Media Center Events ]
Error - 5/11/2011 12:32:29 PM | Computer Name = Kathys-PC | Source = Media Center Guide | ID = 0
Description = Event Info: ERROR: SqmApiWrapper.TimerRecord failed; Win32 GetLastError
returned 10000105 Process: DefaultDomain Object Name: Media Center Guide
Error - 5/25/2011 2:41:16 PM | Computer Name = Kathys-PC | Source = Media Center Guide | ID = 0
Description = Event Info: ERROR: SqmApiWrapper.TimerRecord failed; Win32 GetLastError
returned 10000105 Process: DefaultDomain Object Name: Media Center Guide
Error - 7/31/2011 6:34:59 PM | Computer Name = Kathys-PC | Source = Media Center Guide | ID = 0
Description = Event Info: ERROR: SqmApiWrapper.TimerRecord failed; Win32 GetLastError
returned 10000105 Process: DefaultDomain Object Name: Media Center Guide
Error - 8/27/2011 8:28:16 PM | Computer Name = Kathys-PC | Source = Media Center Guide | ID = 0
Description = Event Info: ERROR: SqmApiWrapper.TimerRecord failed; Win32 GetLastError
returned 10000105 Process: DefaultDomain Object Name: Media Center Guide
Error - 10/7/2011 1:31:31 PM | Computer Name = Kathys-PC | Source = Media Center Guide | ID = 0
Description = Event Info: ERROR: SqmApiWrapper.TimerRecord failed; Win32 GetLastError
returned 10000105 Process: DefaultDomain Object Name: Media Center Guide
Error - 4/21/2012 3:10:47 PM | Computer Name = Kathys-PC | Source = Media Center Guide | ID = 0
Description = Event Info: ERROR: SqmApiWrapper.TimerRecord failed; Win32 GetLastError
returned 10000105 Process: DefaultDomain Object Name: Media Center Guide
Error - 5/20/2012 9:35:39 PM | Computer Name = Kathys-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.
Error - 5/21/2012 2:26:21 PM | Computer Name = Kathys-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.
Error - 5/22/2012 5:56:57 PM | Computer Name = Kathys-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.
Error - 5/18/2013 1:12:55 PM | Computer Name = Kathys-PC | Source = MCUpdate | ID = 0
Description = Failed to wait on MCUpdate mutex with exception: 'The wait completed
due to an abandoned mutex.'.
[ System Events ]
Error - 11/4/2013 8:41:04 PM | Computer Name = Kathys-PC | Source = Service Control Manager | ID = 7009
Description =
Error - 11/4/2013 8:41:04 PM | Computer Name = Kathys-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 11/4/2013 8:41:05 PM | Computer Name = Kathys-PC | Source = Service Control Manager | ID = 7026
Description =
Error - 11/4/2013 8:47:54 PM | Computer Name = Kathys-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 11/4/2013 8:47:54 PM | Computer Name = Kathys-PC | Source = Service Control Manager | ID = 7026
Description =
Error - 11/5/2013 7:25:09 AM | Computer Name = Kathys-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 11/5/2013 7:25:09 AM | Computer Name = Kathys-PC | Source = Service Control Manager | ID = 7026
Description =
Error - 11/5/2013 8:23:41 AM | Computer Name = Kathys-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 11/5/2013 8:23:41 AM | Computer Name = Kathys-PC | Source = Service Control Manager | ID = 7026
Description =
Error - 11/6/2013 2:12:30 PM | Computer Name = Kathys-PC | Source = Service Control Manager | ID = 7011
Description =
< End of report >