OTL Extras logfile created on: 6/16/2014 3:26:03 AM - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Shaboing Boing\Downloads 64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation Internet Explorer (Version = 9.11.9600.17031) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 3.87 Gb Total Physical Memory | 2.27 Gb Available Physical Memory | 58.58% Memory free 7.75 Gb Paging File | 6.18 Gb Available in Paging File | 79.69% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86) Drive C: | 444.21 Gb Total Space | 405.76 Gb Free Space | 91.34% Space Free | Partition Type: NTFS Computer Name: BOING | User Name: Shaboing Boing | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\] .html[@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation) .url[@ = internetshortcut] -- C:\WINDOWS\SysNative\rundll32.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\] .cpl [@ = cplfile] -- C:\WINDOWS\SysWow64\control.exe (Microsoft Corporation) .html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation) [HKEY_CURRENT_USER\SOFTWARE\Classes\] .html [@ = ChromeHTML] -- Reg Error: Key error. File not found [color=#E56717]========== Shell Spawning ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [edit] -- Reg Error: Key error. htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation) htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation) htmlfile [print] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) InternetShortcut [open] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\ieframe.dll",OpenURL %l (Microsoft Corporation) InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- Reg Error: Value error. Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation) CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [edit] -- Reg Error: Key error. htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation) htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation) http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- Reg Error: Value error. Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation) CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error. [color=#E56717]========== Security Center Settings ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = AC 1C AE C5 46 9F CE 01 [binary data] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Upgrade] "UpgradeTime" = [binary data] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "AntiVirusDisableNotify" = 0 "FirewallDisableNotify" = 0 "FirewallOverride" = 0 "AntivirusOverride" = 0 "UacDisableNotify" = 0 "AntiSpywareDisableNotify" = 0 "AutoUpdateDisableNotify" = 0 "InternetSettingsDisableNotify" = 0 "UpdatesDisableNotify" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] "DisableMonitoring" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] "DisableMonitoring" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] "DisableMonitoring" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Upgrade] "UpgradeTime" = Reg Error: Unknown registry data type -- File not found [color=#E56717]========== System Restore Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore] "DisableSR" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr] "Start" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService] "Start" = 2 [color=#E56717]========== Firewall Settings ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [color=#E56717]========== Authorized Applications List ==========[/color] [color=#E56717]========== Vista Active Open Ports Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{9E835905-E224-44C0-A818-B972D817FB78}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) | "{DB976C7D-0F91-4268-89D9-93C9888B22BF}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) | [color=#E56717]========== Vista Active Application Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{033A751F-768E-4180-BF33-024B22DC14C5}" = dir=out | name=@{microsoft.bingmaps_2.1.2922.2139_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} | "{07FA624F-5FCE-4F58-80CC-40870F0F6021}" = protocol=6 | dir=in | app=c:\users\shaboing boing\appdata\roaming\dropbox\bin\dropbox.exe | "{0E9A5131-B22B-4037-8962-CEAC67D547E0}" = dir=out | name=@{microsoft.zunemusic_1.5.216.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/ids_manifest_music_app_name} | "{1520DA18-C58A-42F7-9A1C-954920BACA77}" = dir=in | name=skype | "{15B0B2CD-8FBB-48FD-B421-5D7545FA63EF}" = protocol=6 | dir=in | app=c:\program files (x86)\tango\tango.exe | "{1B05927C-B450-466F-B0D4-65F95ABD5A43}" = protocol=17 | dir=in | app=c:\program files (x86)\movies toolbar\datamngr\srtool~1\ie\dtuser.exe | "{1D6B439C-58A7-481E-9AB4-4EC6AEF7B79A}" = dir=in | name=@{microsoft.reader_6.2.9200.20780_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} | "{23F764BD-6D96-455E-A7E3-59F3FD29B2A4}" = dir=out | name=@{microsoft.xboxlivegames_1.3.10.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxlivegames/resources/34150} | "{2803DE99-5046-4D95-B8E7-799881FD54BE}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd10\powerdvd10.exe | "{292EF6AD-C899-4B20-9903-862AEF19EA86}" = dir=out | name=@{microsoft.binghealthandfitness_3.0.2.258_x64__8wekyb3d8bbwe?ms-resource://microsoft.binghealthandfitness/resources/apptitle} | "{3258299E-87BB-49AA-A691-6AF1671E5FA3}" = dir=out | name=check point vpn | "{39B2243A-183A-47AD-9E41-799CB867AD22}" = dir=out | name=@{microsoft.bingweather_2.0.0.310_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/apptitle} | "{3B1A3B60-7F84-443D-90ED-81D64F35E3C0}" = dir=out | name=sonicwall mobile connect | "{3C4D8EFC-F60E-46F9-B448-E9C14A47BCCB}" = dir=out | name=@{microsoft.windowsreadinglist_6.3.9654.20349_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsreadinglist/resources/apppackagename} | "{4282FE99-8560-4BC7-9576-5F3ED84E263F}" = dir=in | name=checkpoint.vpn | "{4372D52F-DC00-4500-A9E9-A401AC443987}" = dir=out | name=@{microsoft.zunemusic_2.2.886.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/ids_manifest_music_app_name} | "{457DC7F2-AB3A-4939-A6A1-FD36FC138146}" = dir=out | name=windows_ie_ac_001 | "{499DD63A-5B89-4F2D-87A1-C6BD68B174FA}" = dir=out | name=@{microsoft.windowscommunicationsapps_17.5.9600.20498_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} | "{4B383E95-E62A-4993-A5D7-6883F818C7DC}" = dir=out | name=@{microsoft.zunevideo_2.2.902.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/ids_manifest_video_app_name} | "{5454C703-01C6-4215-9E0E-E5E09386657B}" = dir=out | name=pinball fx2 | "{548DCF8C-BFF2-4BA4-AA88-FBAF9AC8BCC6}" = dir=in | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} | "{560448D6-095C-4907-B046-AC7F710701A7}" = dir=in | name=sonicwall.mobileconnect | "{5B0B570F-5892-4288-9980-5081721D518D}" = dir=out | name=skype | "{5B275CE5-8977-4517-9BA6-96241D009C9B}" = dir=out | name=kindle | "{5CCC84A6-5B45-4E6F-A9C5-76BA93552762}" = dir=out | name=@{microsoft.bingnews_3.0.2.261_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/brandedapptitle} | "{5F4632C0-D5B1-40C3-B0D9-E3A759C81B9E}" = dir=out | name=sonicwall.mobileconnect | "{6666B86A-484D-49DF-ABCA-6FA5BC5D60AB}" = dir=in | name=juniper networks junos pulse | "{6A5C4C61-1545-4455-8791-EDCE908AFDDE}" = dir=out | name=@{microsoft.bingnews_2.0.0.308_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/news} | "{752F3D48-FE4F-4E7B-9BE8-1A28FFC5C152}" = dir=out | name=@{magix.musicmakerjam_2.1.1025.0_x64__a2t3txkz9j1jw?ms-resource://magix.musicmakerjam/resources/app_name} | "{7AB21AE4-0956-47DA-86B3-53466C638B30}" = dir=in | name=@{microsoft.windowsreadinglist_6.3.9654.20349_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsreadinglist/resources/apppackagename} | "{7DDB678C-AD17-4EE6-8C24-64C1BF85C773}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe | "{7E1D3B01-EFEB-4117-B78C-CAEBBF124662}" = dir=out | name=@{microsoft.reader_6.2.9200.20780_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} | "{808F1451-4108-46FD-ADBB-F17324B5F0BD}" = dir=out | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} | "{8343C5A6-09B4-456A-8AC2-E86CC7AD0B19}" = protocol=6 | dir=in | app=c:\program files (x86)\movies toolbar\datamngr\srtool~1\ie\dtuser.exe | "{85A4E2C8-C804-4833-9C8B-582A84E99CB2}" = dir=out | name=@{microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} | "{8811041D-38B9-4AD9-8A27-AA90E434F2CE}" = dir=in | name=@{microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} | "{91A5603A-12DC-4BDD-83CB-3F2003FDB8A9}" = dir=out | name=juniper networks junos pulse | "{9E3D57FC-7C37-4424-9352-4831E97D029D}" = dir=out | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} | "{A43D371B-BD5E-47F0-8616-996FDFB1D772}" = protocol=17 | dir=in | app=c:\users\shaboing boing\appdata\roaming\dropbox\bin\dropbox.exe | "{A5AFCE7F-0339-407C-B210-13750AC6F885}" = dir=in | name=check point vpn | "{B9CFAA4C-C556-407E-9A24-8203E5D95D9E}" = dir=out | name=- games app - | "{BD8690B6-10A2-41AA-9703-AC920D2A02CB}" = dir=out | name=@{microsoft.bingtravel_3.0.2.258_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/brandedapptitle} | "{BE295637-A8EB-4C5F-9CC0-1871F0AE0051}" = dir=out | name=@{microsoft.bingsports_3.0.2.258_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/brandedapptitle} | "{BEB33731-36D4-47F3-B31B-B1A4D6BEC65B}" = dir=in | name=sonicwall mobile connect | "{C0647A51-0461-471C-B621-93118A9C0B9C}" = dir=out | name=@{microsoft.bingfinance_3.0.2.258_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/brandedapptitle} | "{C488F87D-525B-41C1-A6F6-BCA1E31FDA2B}" = dir=out | name=@{microsoft.bingweather_3.0.2.258_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/apptitle} | "{C5080664-47E3-4D90-A854-7A11C31A9063}" = dir=out | name=@{microsoft.bingmaps_1.6.1821.2624_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} | "{CC5852D6-DF02-4B97-985E-28C60BF6E4B4}" = dir=out | name=@{microsoft.bingtravel_2.0.0.308_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/apptitle} | "{D00293C6-EC85-4291-A51F-688176DD6F08}" = protocol=17 | dir=in | app=c:\program files (x86)\tango\tango.exe | "{D14D5BBE-EFAA-43FB-ABA3-66CAB04F9130}" = dir=out | name=@{microsoft.bingsports_2.0.0.310_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/bingsports} | "{D2D998D4-98E7-45EE-80F6-A84ED746A497}" = dir=out | name=@{microsoft.zunevideo_1.5.767.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/ids_manifest_video_app_name} | "{D39E27D8-4F3A-42E6-915D-21FC85B276C7}" = dir=out | name=f5 vpn | "{D6980480-941A-4DF6-AB81-3734ECD3D779}" = dir=out | name=junipernetworks.junospulsevpn | "{DB59588E-ED90-4C47-A7B5-7929DD0C0BD2}" = dir=out | name=checkpoint.vpn | "{DF1E7942-4478-43AF-BF0E-12D665B8F790}" = dir=in | name=pinball fx2 | "{E610F554-C644-4903-A1B1-56650BBFFB8A}" = dir=out | name=windows_ie_ac_001 | "{E6D5A438-3BBD-44DB-BD0C-545AE350CCD5}" = protocol=6 | dir=in | app=c:\program files\common files\mcafee\platform\mcsvchost\mcsvhost.exe | "{E7985E1D-C36F-4787-80A8-6350D07E9266}" = dir=in | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} | "{EC0905EE-F270-4C3F-836F-B46229F1208B}" = protocol=17 | dir=in | app=c:\program files\common files\mcafee\platform\mcsvchost\mcsvhost.exe | "{EC799E33-72BA-42D7-9127-DEFE68F9799D}" = dir=in | name=junipernetworks.junospulsevpn | "{ECAE3BAF-F697-4ACA-9979-706393A0EEBE}" = dir=in | name=@{microsoft.windowscommunicationsapps_17.5.9600.20498_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} | "{ECB00ACD-6BE2-43C6-8192-3548C7DA5984}" = dir=in | app=c:\users\shaboing boing\appdata\local\facebook\video\skype\facebookvideocalling.exe | "{ED154E9A-C712-4A1D-BF1F-705DCAD79210}" = dir=out | name=netflix | "{F00BCCCC-8950-468B-86B8-4A1D0124DC74}" = dir=in | name=@{magix.musicmakerjam_2.1.1025.0_x64__a2t3txkz9j1jw?ms-resource://magix.musicmakerjam/resources/app_name} | "{F25A9A28-E3CA-4A6F-8DA7-DA126FF69A4D}" = dir=in | name=f5 vpn | "{F5419318-3E23-432B-8BC1-766BAE88E9F9}" = dir=out | name=@{microsoft.bingfoodanddrink_3.0.2.258_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfoodanddrink/resources/apptitlewithbranding} | "{F64300AD-D559-4000-BD45-0997BCC8E70A}" = dir=out | name=f5.vpn.client | "{F6B6819F-CDC3-4B0A-901C-60BA6CB48883}" = dir=out | name=windows_ie_ac_001 | "{F7348718-179D-4D70-9607-C7C13B28E601}" = dir=out | name=@{microsoft.xboxlivegames_2.0.139.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxlivegames/resources/34150} | "{F77E5446-4378-4E99-8B7A-7061AAAEA193}" = dir=in | name=f5.vpn.client | "{F7A733F5-080B-48F4-891F-7ADE2AC1854D}" = dir=out | name=fresh paint | "{FB924A8D-F619-4D94-8C52-408EBB2D7E18}" = dir=out | name=@{microsoft.bingfinance_2.0.0.308_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/apptitle} | "TCP Query User{1B073883-CBCA-475A-BABF-8760DE9567C2}C:\users\shaboing boing\appdata\local\logmein rescue applet\lmir0003.tmp\lmi_rescue.exe" = protocol=6 | dir=in | app=c:\users\shaboing boing\appdata\local\logmein rescue applet\lmir0003.tmp\lmi_rescue.exe | "TCP Query User{4D829C3A-FB85-41B8-84B8-F1D5DC7ECD3F}C:\users\shaboing boing\appdata\local\logmein rescue applet\lmir0002.tmp\lmi_instantchat.exe" = protocol=6 | dir=in | app=c:\users\shaboing boing\appdata\local\logmein rescue applet\lmir0002.tmp\lmi_instantchat.exe | "TCP Query User{56D16E1A-8BDE-431B-B5FC-FA32EE4BF173}C:\users\shaboing boing\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=6 | dir=in | app=c:\users\shaboing boing\appdata\roaming\dropbox\bin\dropbox.exe | "TCP Query User{B4972206-58CA-493D-B977-CF2ADD6C76E1}C:\program files\webroot\wrsa.exe" = protocol=6 | dir=in | app=c:\program files\webroot\wrsa.exe | "TCP Query User{CB2E5C15-6739-4D93-973F-95ED8B2E826A}C:\users\shaboing boing\appdata\local\logmein rescue applet\lmir0001.tmp\lmi_rescue.exe" = protocol=6 | dir=in | app=c:\users\shaboing boing\appdata\local\logmein rescue applet\lmir0001.tmp\lmi_rescue.exe | "TCP Query User{E8992478-459B-4BFD-AF58-CC947826C1BD}C:\program files (x86)\tango\tango.exe" = protocol=6 | dir=in | app=c:\program files (x86)\tango\tango.exe | "UDP Query User{0CFAEC62-3561-435B-BD5D-5F58179F98D0}C:\users\shaboing boing\appdata\local\logmein rescue applet\lmir0003.tmp\lmi_rescue.exe" = protocol=17 | dir=in | app=c:\users\shaboing boing\appdata\local\logmein rescue applet\lmir0003.tmp\lmi_rescue.exe | "UDP Query User{185A6553-AD57-4604-874B-48E68FD9A118}C:\users\shaboing boing\appdata\local\logmein rescue applet\lmir0001.tmp\lmi_rescue.exe" = protocol=17 | dir=in | app=c:\users\shaboing boing\appdata\local\logmein rescue applet\lmir0001.tmp\lmi_rescue.exe | "UDP Query User{1EBFF834-7F6F-4643-82C5-1132CED0C289}C:\users\shaboing boing\appdata\local\logmein rescue applet\lmir0002.tmp\lmi_instantchat.exe" = protocol=17 | dir=in | app=c:\users\shaboing boing\appdata\local\logmein rescue applet\lmir0002.tmp\lmi_instantchat.exe | "UDP Query User{346C98BB-11AF-4497-920B-D6EE519AB7AE}C:\program files\webroot\wrsa.exe" = protocol=17 | dir=in | app=c:\program files\webroot\wrsa.exe | "UDP Query User{68AD7A2F-27C2-4CCA-9D2B-B1FE211A3E5F}C:\program files (x86)\tango\tango.exe" = protocol=17 | dir=in | app=c:\program files (x86)\tango\tango.exe | "UDP Query User{F2C8C45E-5262-4D15-9CE2-BA1265C1D5AF}C:\users\shaboing boing\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=17 | dir=in | app=c:\users\shaboing boing\appdata\roaming\dropbox\bin\dropbox.exe | [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{0FBEEDF8-30FA-4FA3-B31F-C9C7E7E8DFA2}" = ASUS Screen Saver "{176E2755-0A17-42C6-88E2-192AB2131278}" = Intel(R) Trusted Execution Engine "{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 "{60E37FDF-D8C7-4DF3-8DEE-A4E2AAECF0BE}" = Intel(R) Trusted Execution Engine Driver "{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1" = Revo Uninstaller Pro 3.0.7 "{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 "{87D47061-DA54-4409-8145-69E0542EF6D4}" = Intel(R) Trusted Execution Engine "{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting "{E9FA781F-3E80-4399-825A-AD3E11C28C77}" = MSVCRT110_amd64 "D9E691DCEE7D3B9B7C62A7F5C2EAABBB9335DC9A" = Windows Driver Package - ASUS (ATP) Mouse (09/17/2013 1.0.0.186) "Level Quality Watcher" = SavingsBull [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{0454BB9A-2A7A-4214-BDFF-937F7A711A44}" = Windows Live Communications Platform "{061FF8F3-5226-4278-8AAB-282C1B024F58}" = Photo Common "{0969AF05-4FF6-4C00-9406-43599238DE0D}" = ASUS Splendid Video Enhancement Technology "{13F3CEA5-9E2C-4C4E-9F0F-D0DB389CF4A9}" = Movie Maker "{18272881-CFC0-434D-A975-E5BE44206AA0}" = Windows Live UX Platform Language Pack "{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer "{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 "{1FEE19BC-6F0C-42E4-82FF-FB597F6141DF}" = Windows Live Essentials "{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer "{28006915-2739-4EBE-B5E8-49B25D32EB33}" = Qualcomm Atheros Client Installation Program "{297DCADA-86A1-4A42-8A13-66B7D7A09FD2}" = WeatherBug "{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App" = Update Installer for WildTangent Games App "{30F99474-EBE3-4134-A02B-F6CD38CFE243}" = Photo Gallery "{3C63F944-803E-49A7-B3A2-B8AB3313E883}" = Windows Live UX Platform Language Pack "{446CC8CE-0E90-44F7-ADD0-774B243EF090}" = Galerie de photos "{4CCBD1F4-CEEC-452A-9CB8-46564B501315}" = Windows Live UX Platform "{4D3286A6-F6AB-498A-82A4-E4F040529F3D}" = ASUS Smart Gesture "{5BABDA39-61CF-41EE-992D-4054B6649A9B}" = Movie Maker "{6A8DB215-7BCD-4377-B015-2E4541A3E7C6}" = Windows Live PIMT Platform "{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-asus" = WildTangent Games App "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable "{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver "{8A642ACD-CE3A-4A23-A8B1-A0F7EB12B214}" = Windows Live SOXE Definitions "{8D813AFF-D91D-4EE0-821F-B901FC2E89FA}" = Windows Live "{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT "{8DF41A9F-FE13-43E8-A003-5F9B55A011EE}" = Facebook Video Calling 2.0.0.447 "{8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}" = MSVCRT110 "{8F21291E-0444-4B1D-B9F9-4370A73E346D}" = WinFlash "{8F7FECEC-088F-431D-A5FB-2B59E1E69943}" = Galería de fotos "{90150000-0138-0409-0000-0000000FF1CE}" = Microsoft Office "{90993BD9-C7D9-4C2F-B56C-2F7AFEBD4CD0}" = Windows Live UX Platform Language Pack "{A17946CA-18E5-4CF0-8D55-A56D804718F8}" = Movie Maker "{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}" = ASUS USB Charger Plus "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}" = ATK Package "{AC76BA86-7AD7-FFFF-7B44-AA0000000001}" = Adobe Reader X MUI "{C034A6F9-6569-491B-B3BF-F5D15221A708}" = Windows Live Essentials "{C1E3DFE7-4EAD-3E9E-A826-E06055BA5921}" = Google Talk Plugin "{C32CA36A-DA63-4D55-9B17-87C61033137D}" = NpackdCL "{C424CD5E-EA05-4D3E-B5DA-F9F149E1D3AC}" = Windows Live Installer "{C9661090-C134-46E8-90B2-76D72355C2A6}" = Realtek PCIE Card Reader "{C9B6EFD0-4F01-4BBA-8374-39AD99A3ED72}" = Windows Live Photo Common "{D888F114-7537-4D48-AF03-5DA9C82D7540}" = Photo Common "{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}" = ASUSDVD "{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10 "{ED6C77F9-4D7E-447C-9EC0-9A212D075535}" = Movie Maker "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU] "{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{F54030F3-14B6-432D-9361-78DCB1473920}" = Photo Common "{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}" = ASUS Live Update "{FC6C7107-7D72-41A1-A031-3CE751159BAB}" = Photo Gallery "{FE7C0B3D-50B9-4951-BE78-A321CBF86552}" = Windows Live SOXE "Adobe Flash Player Plugin" = Adobe Flash Player 13 Plugin "ASIO4ALL" = ASIO4ALL "Asus Vibe2.0" = AsusVibe2.0 "ASUS WebStorage" = ASUS WebStorage Sync Agent "C5A8BC6E-723A-4C0F-96E1-C426D1A4BCA9" = Intel(R) Sideband Fabric Device Driver "ExpressBurn" = Express Burn "ExpressRip" = Express Rip "FL Studio 10" = FL Studio 10 "Golden" = Golden Records Vinyl to CD Converter "Google Chrome" = Google Chrome "Highlightly" = Highlightly "ilividmoviestoolbar20CR" = Movies Toolbar for Chrome (Dist. by Bandoo Media, Inc.) "ilividmoviestoolbar20IE" = Movies Toolbar for Internet Explorer (Dist. by Bandoo Media, Inc.) "InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}" = ASUSDVD "Like" = Like 1.2 "MixPad" = MixPad "MyBitCast" = MyBitCast 2.0 "SoundTap" = SoundTap Streaming Audio Recorder "Switch" = Switch Sound File Converter "VideoPad" = VideoPad Video Editor "Voxal" = Voxal Voice Changer "WavePad" = WavePad Sound Editor "WildTangent wildgames Master Uninstall" = WildTangent Games "WinLiveSuite" = Windows Live Essentials "WTA-2f37a8f4-f44d-4d6a-afb3-80bbe9dc78b1" = Cut the Rope "WTA-300528be-6cb0-4daf-9f1a-1ed861c3d155" = Bejeweled 3 "WTA-9516301f-005d-47c0-871c-7d6da0032d49" = Penguins! "WTA-a9ab6aab-28ce-4502-b8b2-adc6cb75f60a" = Peggle "WTA-b9847515-e6c4-4db4-b28f-d343a1997d25" = Tales of Lagoona "WTA-baee0226-8abd-44de-acf0-4469c54acd02" = Azteca "Yahoo! Companion" = Yahoo! Toolbar [color=#E56717]========== HKEY_CURRENT_USER Uninstall List ==========[/color] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "Download App" = Download App "Dropbox" = Dropbox "OneDriveSetup.exe" = Microsoft OneDrive [color=#E56717]========== Last 20 Event Log Errors ==========[/color] [ Application Events ] Error - 6/16/2014 3:15:24 AM | Computer Name = BOING | Source = VSS | ID = 8194 Description = Error - 6/16/2014 3:20:07 AM | Computer Name = BOING | Source = VSS | ID = 12310 Description = [ System Events ] Error - 6/16/2014 3:15:27 AM | Computer Name = BOING | Source = Service Control Manager | ID = 7031 Description = The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service. Error - 6/16/2014 3:15:27 AM | Computer Name = BOING | Source = Service Control Manager | ID = 7031 Description = The Windows Modules Installer service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service. Error - 6/16/2014 3:15:27 AM | Computer Name = BOING | Source = Service Control Manager | ID = 7034 Description = The Volume Shadow Copy service terminated unexpectedly. It has done this 1 time(s). Error - 6/16/2014 3:15:36 AM | Computer Name = BOING | Source = Service Control Manager | ID = 7031 Description = The Print Spooler service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service. Error - 6/16/2014 3:15:57 AM | Computer Name = BOING | Source = Service Control Manager | ID = 7000 Description = The Windows Search service failed to start due to the following error: %%3 Error - 6/16/2014 3:13:37 AM | Computer Name = BOING | Source = Service Control Manager | ID = 7000 Description = The Search Module Update service failed to start due to the following error: %%2 Error - 6/16/2014 3:13:37 AM | Computer Name = BOING | Source = Service Control Manager | ID = 7000 Description = The SPDRIVER_1.36.1.172 service failed to start due to the following error: %%3 Error - 6/16/2014 3:13:39 AM | Computer Name = BOING | Source = EventLog | ID = 6008 Description = The previous system shutdown at 3:13:33 AM on ?6/?16/?2014 was unexpected. Error - 6/16/2014 3:13:43 AM | Computer Name = BOING | Source = Service Control Manager | ID = 7000 Description = The Search Module Update service failed to start due to the following error: %%2 Error - 6/16/2014 3:13:43 AM | Computer Name = BOING | Source = Service Control Manager | ID = 7000 Description = The SPDRIVER_1.36.1.172 service failed to start due to the following error: %%3 < End of report >