OTL Extras logfile created on: 10/28/2013 6:12:27 PM - Run 3 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Allen\Desktop\Clean1013 64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 3.96 Gb Total Physical Memory | 2.19 Gb Available Physical Memory | 55.32% Memory free 8.10 Gb Paging File | 5.93 Gb Available in Paging File | 73.23% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 298.09 Gb Total Space | 178.13 Gb Free Space | 59.76% Space Free | Partition Type: NTFS Drive D: | 4.36 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: CDFS Computer Name: ALLEN-PC | User Name: Allen | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Extra Registry (All) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\] .chm[@ = chm.file] -- C:\Windows\hh.exe (Microsoft Corporation) .cpl[@ = cplfile] -- C:\Windows\SysNative\control.exe (Microsoft Corporation) .hlp[@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation) .hta[@ = htafile] -- C:\Windows\SysWOW64\mshta.exe (Microsoft Corporation) .html[@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) .inf[@ = inffile] -- C:\Windows\SysNative\NOTEPAD.EXE (Microsoft Corporation) .ini[@ = inifile] -- C:\Windows\SysNative\NOTEPAD.EXE (Microsoft Corporation) .url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation) .js[@ = JSFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation) .jse[@ = JSEFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation) .reg[@ = regfile] -- C:\Windows\regedit.exe (Microsoft Corporation) .txt[@ = txtfile] -- C:\Windows\SysNative\NOTEPAD.EXE (Microsoft Corporation) .vbe[@ = VBEFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation) .vbs[@ = VBSFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation) .wsf[@ = WSFFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation) .wsh[@ = WSHFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\] .bat [@ = batfile] -- "%1" %* .chm [@ = chm.file] -- C:\Windows\hh.exe (Microsoft Corporation) .cmd [@ = cmdfile] -- "%1" %* .com [@ = comfile] -- "%1" %* .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation) .exe [@ = exefile] -- "%1" %* .hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation) .hta [@ = htafile] -- C:\Windows\SysWOW64\mshta.exe (Microsoft Corporation) .html [@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) .inf [@ = inffile] -- C:\Windows\SysWow64\NOTEPAD.EXE (Microsoft Corporation) .ini [@ = inifile] -- C:\Windows\SysWow64\NOTEPAD.EXE (Microsoft Corporation) .url [@ = InternetShortcut] -- C:\Windows\SysWOW64\rundll32.exe (Microsoft Corporation) .js [@ = JSFile] -- C:\Windows\SysWOW64\WScript.exe (Microsoft Corporation) .jse [@ = JSEFile] -- C:\Windows\SysWOW64\WScript.exe (Microsoft Corporation) .pif [@ = piffile] -- "%1" %* .reg [@ = regfile] -- C:\Windows\SysWow64\regedit.exe (Microsoft Corporation) .scr [@ = scrfile] -- "%1" /S .txt [@ = txtfile] -- C:\Windows\SysWow64\NOTEPAD.EXE (Microsoft Corporation) .vbe [@ = VBEFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation) .vbs [@ = VBSFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation) .wsf [@ = WSFFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation) .wsh [@ = WSHFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation) [HKEY_CURRENT_USER\SOFTWARE\Classes\] .html [@ = ChromeHTML] -- Reg Error: Key error. File not found [color=#E56717]========== Shell Spawning ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command] batfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation) batfile [open] -- "%1" %* batfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation) chm.file [open] -- "%SystemRoot%\hh.exe" %1 (Microsoft Corporation) cmdfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation) cmdfile [open] -- "%1" %* cmdfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation) comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation) htafile [open] -- C:\Windows\SysWOW64\mshta.exe "%1" %* (Microsoft Corporation) htmlfile [edit] -- "C:\Program Files (x86)\Microsoft Office\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation) htmlfile [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation) htmlfile [opennew] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) htmlfile [print] -- "C:\Program Files (x86)\Microsoft Office\OFFICE11\msohtmed.exe" /p %1 (Microsoft Corporation) http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.) https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) inffile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation) inffile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation) inifile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation) inifile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation) InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation) InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) jsfile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation) jsfile [open] -- C:\Windows\System32\WScript.exe "%1" %* (Microsoft Corporation) jsfile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation) jsefile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation) jsefile [open] -- C:\Windows\System32\WScript.exe "%1" %* (Microsoft Corporation) jsefile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation) piffile [open] -- "%1" %* regfile [edit] -- %SystemRoot%\system32\notepad.exe "%1" (Microsoft Corporation) regfile [open] -- regedit.exe "%1" (Microsoft Corporation) regfile [merge] -- Reg Error: Key error. regfile [print] -- %SystemRoot%\system32\notepad.exe /p "%1" (Microsoft Corporation) scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. txtfile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation) txtfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation) txtfile [printto] -- %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4" (Microsoft Corporation) vbefile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation) vbefile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation) vbefile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation) vbsfile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation) vbsfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation) vbsfile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation) wsffile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation) wsffile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation) wsffile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation) wshfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation) Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Applications\iexplore.exe [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command] batfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation) batfile [open] -- "%1" %* batfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation) chm.file [open] -- "%SystemRoot%\hh.exe" %1 (Microsoft Corporation) cmdfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation) cmdfile [open] -- "%1" %* cmdfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation) comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation) htafile [open] -- C:\Windows\SysWOW64\mshta.exe "%1" %* (Microsoft Corporation) htmlfile [edit] -- "C:\Program Files (x86)\Microsoft Office\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation) htmlfile [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation) htmlfile [opennew] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) htmlfile [print] -- "C:\Program Files (x86)\Microsoft Office\OFFICE11\msohtmed.exe" /p %1 (Microsoft Corporation) http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.) https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) inffile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation) inffile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation) inifile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation) inifile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation) InternetShortcut [open] -- "C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\ieframe.dll",OpenURL %l (Microsoft Corporation) InternetShortcut [print] -- "C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) jsfile [edit] -- C:\Windows\SysWOW64\Notepad.exe %1 (Microsoft Corporation) jsfile [open] -- C:\Windows\SysWOW64\WScript.exe "%1" %* (Microsoft Corporation) jsfile [print] -- C:\Windows\SysWOW64\Notepad.exe /p %1 (Microsoft Corporation) jsefile [edit] -- C:\Windows\SysWOW64\Notepad.exe %1 (Microsoft Corporation) jsefile [open] -- C:\Windows\SysWOW64\WScript.exe "%1" %* (Microsoft Corporation) jsefile [print] -- C:\Windows\SysWOW64\Notepad.exe /p %1 (Microsoft Corporation) piffile [open] -- "%1" %* regfile [edit] -- %SystemRoot%\system32\notepad.exe "%1" (Microsoft Corporation) regfile [open] -- regedit.exe "%1" (Microsoft Corporation) regfile [merge] -- Reg Error: Key error. regfile [print] -- %SystemRoot%\system32\notepad.exe /p "%1" (Microsoft Corporation) scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. txtfile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation) txtfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation) txtfile [printto] -- %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4" (Microsoft Corporation) vbefile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation) vbefile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation) vbefile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation) vbsfile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation) vbsfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation) vbsfile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation) wsffile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation) wsffile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation) wsffile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation) wshfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation) Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Applications\iexplore.exe [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" (Microsoft Corporation) [color=#E56717]========== Security Center Settings ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 "VistaSp1" = 9F 9E 16 8C DC 5B C8 01 [binary data] "VistaSp2" = A2 71 05 4C DD 5F CA 01 [binary data] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "oobe_av" = 1 [color=#E56717]========== Firewall Settings ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [color=#E56717]========== Authorized Applications List ==========[/color] [color=#E56717]========== Vista Active Open Ports Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{45A53126-6E34-449D-840A-E0EBB32761BC}" = lport=37675 | protocol=17 | dir=in | name=oovoo udp port 37675 | "{7F0DC70C-9B87-4B8F-AFA4-2ED9734D23DD}" = lport=443 | protocol=6 | dir=in | name=oovoo tcp port 443 | "{7F99730B-032C-4CB0-93E2-1BE9D737C3E4}" = rport=80 | protocol=6 | dir=out | app=c:\program files (x86)\common files\intuit\update service v4\intuitupdater.exe | "{A1308D2D-DAA2-4EF6-9873-9F415E57F28F}" = lport=37674 | protocol=17 | dir=in | name=oovoo udp port 37674 | "{AD34CBEA-6E4B-4C8D-B0DF-33316B1EF091}" = lport=443 | protocol=17 | dir=in | name=oovoo udp port 443 | "{C5253F05-2186-4B88-8DB4-E2AD88E5680F}" = rport=80 | protocol=6 | dir=out | app=c:\program files (x86)\common files\intuit\update service v4\intuitupdateservice.exe | "{E2AD2546-3AC3-4095-B57B-2B8C29EFE86D}" = lport=37674 | protocol=6 | dir=in | name=oovoo tcp port 37674 | [color=#E56717]========== Vista Active Application Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{02E9340D-4A8E-43DC-9D1E-A386B749A9DB}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | "{02F8D8DD-7896-4F04-8A2A-9F8F8F4DC26E}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | "{052AC7DA-4910-4051-9BA2-DB23241BB842}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd dx\powerdvd.exe | "{07E458C3-6D84-4F32-97BE-7990D9BA9E14}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | "{1B144AFB-9DAC-4930-885E-CBA2DDA72AFC}" = protocol=17 | dir=in | app=c:\program files (x86)\itunes\itunes.exe | "{50C4BC7F-E91B-4C9E-8DAF-16086D316064}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | "{52C00A1F-05BE-43B1-AB39-D1DEEF4B2FEE}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | "{583B653C-9085-4CAE-A4F0-4F21C4404AB3}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe | "{6AA555C6-B6D1-4F7C-A14E-262F72AD3AB5}" = protocol=6 | dir=in | app=c:\program files\bitcomet\bitcomet.exe | "{74840B61-346A-4F31-8241-5CB40630D01B}" = protocol=6 | dir=in | app=c:\program files (x86)\itunes\itunes.exe | "{7FC56D7B-B5BC-4400-8BCB-C31D0D4EC379}" = protocol=17 | dir=in | app=c:\program files\bitcomet\bitcomet.exe | "{8C63CF53-D5F8-4473-930E-AA8062750963}" = protocol=17 | dir=in | app=c:\program files (x86)\imesh applications\imesh\imesh.exe | "{90EB3F95-466A-4FC7-B898-3A0A3499DD5E}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | "{9612F44E-3340-45C6-A55A-C499F970A42E}" = protocol=6 | dir=in | app=c:\program files (x86)\imesh applications\imesh\imesh.exe | "{A0113038-8E7F-44AF-92D8-85E4E4FF112B}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | "{A75E223D-2971-4824-9D98-E6025FB01DFD}" = protocol=6 | dir=in | app=c:\program files (x86)\limewire\limewire.exe | "{BE36144F-CC6F-4A36-AD66-FBA3FF5B7B20}" = protocol=17 | dir=in | app=c:\program files (x86)\imesh applications\imesh\imesh.exe | "{CE42BAD0-7D15-434E-A770-6A91A9BF883D}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd dx\pdvddxsrv.exe | "{D5F8EFA2-2547-4717-80A1-E07E24EC5AB6}" = protocol=17 | dir=in | app=c:\program files (x86)\limewire\limewire.exe | "{E68AA0BD-BC02-4F6A-996D-95457943A355}" = protocol=6 | dir=in | app=c:\program files (x86)\imesh applications\imesh\imesh.exe | "TCP Query User{028479C8-CAB0-4170-B0DA-BD9904C17B93}C:\program files (x86)\imesh applications\imesh\imesh.exe" = protocol=6 | dir=in | app=c:\program files (x86)\imesh applications\imesh\imesh.exe | "TCP Query User{077DEF5A-E1E2-4773-8A9A-F35F5974FE12}C:\users\allen\appdata\roaming\ehypqe\itokzyi.exe" = protocol=6 | dir=in | app=c:\users\allen\appdata\roaming\ehypqe\itokzyi.exe | "TCP Query User{64475156-24F9-4081-9992-648F9BB68479}C:\program files (x86)\itunes\itunes.exe" = protocol=6 | dir=in | app=c:\program files (x86)\itunes\itunes.exe | "TCP Query User{82F8095B-13C0-4C45-9E13-1A2C188D690D}C:\program files (x86)\google\google earth\client\googleearth.exe" = protocol=6 | dir=in | app=c:\program files (x86)\google\google earth\client\googleearth.exe | "TCP Query User{88906B25-88FA-4967-A8D1-38EE8193CA69}C:\program files (x86)\limewire\limewire.exe" = protocol=6 | dir=in | app=c:\program files (x86)\limewire\limewire.exe | "TCP Query User{89EC0A47-6F38-4606-9F40-74AEAF8AAAE0}C:\program files (x86)\oovoo\oovoo.exe" = protocol=6 | dir=in | app=c:\program files (x86)\oovoo\oovoo.exe | "UDP Query User{1D9BDED5-71AF-405D-BC95-AC22E5279439}C:\program files (x86)\itunes\itunes.exe" = protocol=17 | dir=in | app=c:\program files (x86)\itunes\itunes.exe | "UDP Query User{4C0E3C25-5C4F-4A66-8C4C-259A7ED2B1EB}C:\users\allen\appdata\roaming\ehypqe\itokzyi.exe" = protocol=17 | dir=in | app=c:\users\allen\appdata\roaming\ehypqe\itokzyi.exe | "UDP Query User{762418DD-160D-4F14-A891-733909B0C701}C:\program files (x86)\limewire\limewire.exe" = protocol=17 | dir=in | app=c:\program files (x86)\limewire\limewire.exe | "UDP Query User{7818883D-D90E-4B8B-B249-4E98CE6EDC39}C:\program files (x86)\google\google earth\client\googleearth.exe" = protocol=17 | dir=in | app=c:\program files (x86)\google\google earth\client\googleearth.exe | "UDP Query User{A27289B0-58E8-43EE-8634-D109F1E70B69}C:\program files (x86)\imesh applications\imesh\imesh.exe" = protocol=17 | dir=in | app=c:\program files (x86)\imesh applications\imesh\imesh.exe | "UDP Query User{F1A5358C-3E22-411C-8FB1-9344EA8EC164}C:\program files (x86)\oovoo\oovoo.exe" = protocol=17 | dir=in | app=c:\program files (x86)\oovoo\oovoo.exe | [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64) "{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP970_series" = Canon MP970 series "{1493B2AE-0261-47D2-B1AA-F4DAD0F6C48B}" = iTunes "{4BC310C4-B898-46E2-B5FB-B85A30AA7142}" = iCloud "{5254156F-AA77-499A-B7C1-D5581D44E788}" = Marvell Miniport Driver "{6DD01FF3-63CE-436B-96DB-61363EAA4EB8}" = MobileMe Control Panel "{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour "{7446FE8D-C1F9-4D42-AAAE-5DBCE58605A6}" = Apple Mobile Device Support "{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = Dell Touchpad "{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64) "{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile "Broadcom 802.11b Network Adapter" = Dell Wireless WLAN Card Utility "CanonMyPrinter" = Canon My Printer "Creative OA009" = Integrated Webcam Driver (1.00.02.0825) "HDMI" = Intel(R) Graphics Media Accelerator Driver "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Speccy" = Speccy [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{0877F595-254F-45F4-991D-3F72E86B17CE}" = Quicken 2014 "{0DFB3DE8-65B9-44FF-AA0A-3BECC5A2BFD1}" = Adobe Flash Player 10 Plugin "{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}" = Microsoft Works "{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer "{18A8E78B-9EF2-496E-B310-BCD8E4C1DAB3}" = iSEEK AnswerWorks English Runtime "{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer "{26A24AE4-039D-4CA4-87B4-2F83217045FF}" = Java 7 Update 45 "{42929F0F-CE14-47AF-9FC7-FF297A603021}" = Dell Resource CD "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.9 "{52E225FC-FCB4-41F7-837B-6E37FB05BD7B}" = Adobe AIR "{6421F085-1FAA-DE13-D02A-CFB412C522A4}" = Acrobat.com "{65D0C510-D7B6-4438-9FC8-E6B91115AB0D}" = Live! Cam Avatar Creator "{669C7BD8-DAA2-49B6-966C-F1E2AAE6B17E}" = Cisco PEAP Module "{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD "{6D3963B0-E13B-4FC3-B0FF-506A304BB043}" = Cisco EAP-FAST Module "{83770D14-21B9-44B3-8689-F7B523F94560}" = Cisco LEAP Module "{85309D89-7BE9-4094-BB17-24999C6118FC}" = ArcSoft PhotoStudio 5.5 "{89EC099E-958D-462E-972C-385591946978}" = TurboTax 2012 WinPerFedFormset "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{90110409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003 "{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system "{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In "{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English) "{96AD3B61-EAE2-11E2-9E72-B8AC6F98CCE3}" = Google Earth "{A8B1F076-965D-4663-A9D4-C2FB58A42AE4}" = TurboTax 2012 WinPerTaxSupport "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{AC76BA86-7AD7-1033-7B44-AB0000000001}" = Adobe Reader XI (11.0.04) "{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}" = QuickTime "{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy "{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Click to Call with Skype "{C6579A65-9CAE-4B31-8B6B-3306E0630A66}" = Apple Software Update "{DC24971E-1946-445D-8A82-CE685433FA7D}" = Realtek USB 2.0 Card Reader "{E83F5F27-43F3-4163-ABE5-F68C989286ED}" = TurboTax 2012 wrapper "{EFD2807A-C66B-4C13-8FB8-42FCA6DEF171}" = TurboTax 2012 wcaiper "{F014B696-28C5-4554-802F-A15380418F53}" = TurboTax 2012 WinPerReleaseEngine "{F5266D28-E0B2-4130-BFC5-EE155AD514DC}" = Apple Application Support "{FA4C2D53-205F-4245-9717-F3761154824D}" = Safari "Adobe AIR" = Adobe AIR "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Advanced Audio FX Engine" = Advanced Audio FX Engine "Avast" = avast! Free Antivirus "Canon MP970 series User Registration" = Canon MP970 series User Registration "Canon_IJ_Network_Scan_UTILITY" = Canon IJ Network Scan Utility "Canon_IJ_Network_UTILITY" = Canon IJ Network Tool "com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com "Dell Webcam Central" = Dell Webcam Central "DMUninstaller" = DMUninstaller "Easy-PhotoPrint EX" = Canon Utilities Easy-PhotoPrint EX "ERUNT_is1" = ERUNT 1.1j "FileHippo.com" = FileHippo.com Update Checker "Google Chrome" = Google Chrome "Higher Score on the SAT/PSAT_is1" = Higher Score on the SAT/PSAT "Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.75.0.1300 "TurboTax 2012" = TurboTax 2012 "WinRAR archiver" = WinRAR 4.20 (32-bit) [color=#E56717]========== HKEY_CURRENT_USER Uninstall List ==========[/color] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "GoToMeeting" = GoToMeeting 4.5.0.457 "JNLP" = JNLP "Move Media Player" = Move Media Player [color=#E56717]========== Last 20 Event Log Errors ==========[/color] [ Application Events ] Error - 10/28/2013 12:14:00 AM | Computer Name = Allen-PC | Source = Application Hang | ID = 1002 Description = The program iexplore.exe version 9.0.8112.16514 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Problem Reports and Solutions control panel. Process ID: a98 Start Time: 01ced393e1ecf6f0 Termination Time: 0 Error - 10/28/2013 12:14:41 AM | Computer Name = Allen-PC | Source = Application Hang | ID = 1002 Description = The program iexplore.exe version 9.0.8112.16514 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Problem Reports and Solutions control panel. Process ID: c30 Start Time: 01ced39415937010 Termination Time: 0 Error - 10/28/2013 12:16:40 AM | Computer Name = Allen-PC | Source = EventSystem | ID = 4621 Description = Error - 10/28/2013 12:20:10 AM | Computer Name = Allen-PC | Source = Application Hang | ID = 1002 Description = The program iexplore.exe version 9.0.8112.16514 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Problem Reports and Solutions control panel. Process ID: 11e4 Start Time: 01ced394e5e4e7d0 Termination Time: 7 Error - 10/28/2013 12:25:35 AM | Computer Name = Allen-PC | Source = EventSystem | ID = 4621 Description = Error - 10/28/2013 12:27:16 AM | Computer Name = Allen-PC | Source = Application Hang | ID = 1002 Description = The program iexplore.exe version 9.0.8112.16514 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Problem Reports and Solutions control panel. Process ID: 13f8 Start Time: 01ced395d0bcd6f0 Termination Time: 6 Error - 10/28/2013 12:32:48 AM | Computer Name = Allen-PC | Source = Application Hang | ID = 1002 Description = The program iexplore.exe version 9.0.8112.16514 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Problem Reports and Solutions control panel. Process ID: ad8 Start Time: 01ced39639938de0 Termination Time: 178 Error - 10/28/2013 3:03:10 AM | Computer Name = Allen-PC | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: Continuously busy for more than a second Error - 10/28/2013 3:03:10 AM | Computer Name = Allen-PC | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: m->NextScheduledEvent 1186 Error - 10/28/2013 3:03:10 AM | Computer Name = Allen-PC | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: m->NextScheduledSPRetry 1186 [ Broadcom Wireless LAN Events ] Error - 3/19/2012 10:56:42 PM | Computer Name = Allen-PC | Source = WLAN-Tray | ID = 0 Description = 19:56:41, Mon, Mar 19, 12 Error - Unable to gain access to user store Error - 3/22/2012 10:05:16 PM | Computer Name = Allen-PC | Source = WLAN-Tray | ID = 0 Description = 19:05:15, Thu, Mar 22, 12 Error - Unable to gain access to user store Error - 4/16/2012 11:12:15 AM | Computer Name = Allen-PC | Source = WLAN-Tray | ID = 0 Description = 08:12:14, Mon, Apr 16, 12 Error - Unable to gain access to user store Error - 5/24/2012 9:53:26 PM | Computer Name = Allen-PC | Source = WLAN-Tray | ID = 0 Description = 18:53:23, Thu, May 24, 12 Error - Unable to gain access to user store Error - 7/16/2012 4:13:28 AM | Computer Name = Allen-PC | Source = WLAN-Tray | ID = 0 Description = 01:13:28, Mon, Jul 16, 12 Error - Unable to decrypt string Error - 8/5/2012 4:12:09 PM | Computer Name = Allen-PC | Source = WLAN-Tray | ID = 0 Description = 13:12:08, Sun, Aug 05, 12 Error - Unable to gain access to user store Error - 10/15/2012 8:03:27 PM | Computer Name = Allen-PC | Source = WLAN-Tray | ID = 0 Description = 17:03:27, Mon, Oct 15, 12 Error - Unable to gain access to user store Error - 10/17/2012 5:09:40 PM | Computer Name = Allen-PC | Source = WLAN-Tray | ID = 0 Description = 14:09:39, Wed, Oct 17, 12 Error - Unable to gain access to user store Error - 10/28/2012 12:36:31 PM | Computer Name = Allen-PC | Source = WLAN-Tray | ID = 0 Description = 09:36:31, Sun, Oct 28, 12 Error - Unable to gain access to user store Error - 5/9/2013 9:54:33 PM | Computer Name = Allen-PC | Source = WLAN-Tray | ID = 0 Description = 18:54:32, Thu, May 09, 13 Error - Unable to gain access to user store [ System Events ] Error - 10/23/2013 10:34:18 PM | Computer Name = Allen-PC | Source = DCOM | ID = 10010 Description = Error - 10/23/2013 10:35:49 PM | Computer Name = Allen-PC | Source = Service Control Manager | ID = 7000 Description = Error - 10/23/2013 10:35:49 PM | Computer Name = Allen-PC | Source = Service Control Manager | ID = 7000 Description = Error - 10/23/2013 10:53:07 PM | Computer Name = Allen-PC | Source = volsnap | ID = 393236 Description = The shadow copies of volume C: were aborted because of a failed free space computation. Error - 10/23/2013 11:06:35 PM | Computer Name = Allen-PC | Source = DCOM | ID = 10005 Description = Error - 10/23/2013 11:06:35 PM | Computer Name = Allen-PC | Source = Service Control Manager | ID = 7009 Description = Error - 10/23/2013 11:06:36 PM | Computer Name = Allen-PC | Source = Service Control Manager | ID = 7000 Description = Error - 10/23/2013 11:17:41 PM | Computer Name = Allen-PC | Source = Service Control Manager | ID = 7030 Description = Error - 10/28/2013 12:09:03 AM | Computer Name = Allen-PC | Source = Service Control Manager | ID = 7000 Description = Error - 10/28/2013 12:09:03 AM | Computer Name = Allen-PC | Source = Service Control Manager | ID = 7000 Description = < End of report >