Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Computer Slow down

Started by LANCE_1313 , Aug 27 2011 03:44 PM

  • Please log in to reply

#46
RKinner
Posted 21 September 2011 - 08:21 PM

RKinner

    Malware Expert

  • Expert
  • 24,624 posts
  • MVP
Run Vino's again and post the logs. Perhaps it left a clue.

Ron
  • 0

Advertisements

#47
LANCE_1313
Posted 21 September 2011 - 11:56 PM

LANCE_1313

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 159 posts
Vino's Event Viewer v01c run on Windows 2008 in English
Report run at 22/09/2011 3:55:38 PM

Note: All dates below are in the format dd/mm/yyyy

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Critical Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'Application' Date/Time: 20/09/2011 8:13:31 AM
Type: Error Category: 100
Event: 1000 Source: Application Error
Faulting application name: vlc.exe, version: 1.1.10.0, time stamp: 0x4dec1ec0 Faulting module name: vlc.exe, version: 1.1.10.0, time stamp: 0x4dec1ec0 Exception code: 0xc0000005 Fault offset: 0x000016ee Faulting process id: 0xdac Faulting application start time: 0x01cc776c8afb9766 Faulting application path: C:\Program Files (x86)\VideoLAN\VLC\vlc.exe Faulting module path: C:\Program Files (x86)\VideoLAN\VLC\vlc.exe Report Id: 6cb735b6-e360-11e0-bad2-e0cb4e5b9aca

Log: 'Application' Date/Time: 20/09/2011 4:02:39 AM
Type: Error Category: 100
Event: 1000 Source: Application Error
Faulting application name: firefox.exe, version: 6.0.2.4262, time stamp: 0x4e6163d9 Faulting module name: oawatch.dll, version: 5.0.0.1097, time stamp: 0x2a425e19 Exception code: 0xc0000005 Fault offset: 0x00001e81 Faulting process id: 0x12a8 Faulting application start time: 0x01cc7598ed1cfb7c Faulting application path: C:\Program Files (x86)\Mozilla Firefox\firefox.exe Faulting module path: C:\Program Files (x86)\Online Armor\oawatch.dll Report Id: 61435487-e33d-11e0-bad2-e0cb4e5b9aca

Log: 'Application' Date/Time: 20/09/2011 2:53:29 AM
Type: Error Category: 100
Event: 1000 Source: Application Error
Faulting application name: vlc.exe, version: 1.1.10.0, time stamp: 0x4dec1ec0 Faulting module name: vlc.exe, version: 1.1.10.0, time stamp: 0x4dec1ec0 Exception code: 0xc0000005 Fault offset: 0x000016ee Faulting process id: 0xa08 Faulting application start time: 0x01cc77402456f16a Faulting application path: C:\Program Files (x86)\VideoLAN\VLC\vlc.exe Faulting module path: C:\Program Files (x86)\VideoLAN\VLC\vlc.exe Report Id: b7c2b90e-e333-11e0-bad2-e0cb4e5b9aca

Log: 'Application' Date/Time: 20/09/2011 1:24:44 AM
Type: Error Category: 101
Event: 1002 Source: Application Hang
The program witcher.EXE version 1.0.0.1101 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel. Process ID: 1c60 Start Time: 01cc7733bd6ecf63 Termination Time: 163 Application Path: C:\Program Files (x86)\The Witcher\SYSTEM\witcher.EXE Report Id:

Log: 'Application' Date/Time: 20/09/2011 1:22:13 AM
Type: Error Category: 101
Event: 1002 Source: Application Hang
The program witcher.EXE version 1.0.0.1101 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel. Process ID: 1774 Start Time: 01cc7732e0b02980 Termination Time: 172 Application Path: C:\Program Files (x86)\The Witcher\SYSTEM\witcher.EXE Report Id:

Log: 'Application' Date/Time: 19/09/2011 1:53:11 AM
Type: Error Category: 100
Event: 1000 Source: Application Error
Faulting application name: witcher.EXE, version: 1.0.0.1101, time stamp: 0x46f6c2f2 Faulting module name: witcher.EXE, version: 1.0.0.1101, time stamp: 0x46f6c2f2 Exception code: 0xc0000005 Fault offset: 0x00350ed5 Faulting process id: 0x12f0 Faulting application start time: 0x01cc7661f360317f Faulting application path: C:\Program Files (x86)\The Witcher\SYSTEM\witcher.EXE Faulting module path: C:\Program Files (x86)\The Witcher\SYSTEM\witcher.EXE Report Id: 2071486b-e262-11e0-bad2-e0cb4e5b9aca

Log: 'Application' Date/Time: 18/09/2011 1:11:53 PM
Type: Error Category: 100
Event: 1000 Source: Application Error
Faulting application name: witcher.EXE, version: 1.0.0.1101, time stamp: 0x46f6c2f2 Faulting module name: MSVCR80.dll, version: 8.0.50727.6195, time stamp: 0x4dcddbf3 Exception code: 0xc0000005 Fault offset: 0x0001500a Faulting process id: 0x1664 Faulting application start time: 0x01cc75f7f391368b Faulting application path: C:\Program Files (x86)\The Witcher\SYSTEM\witcher.EXE Faulting module path: C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\MSVCR80.dll Report Id: c6730b69-e1f7-11e0-bad2-e0cb4e5b9aca

Log: 'Application' Date/Time: 17/09/2011 1:06:25 PM
Type: Error Category: 100
Event: 1000 Source: Application Error
Faulting application name: witcher.EXE, version: 1.0.0.1101, time stamp: 0x46f6c2f2 Faulting module name: witcher.EXE, version: 1.0.0.1101, time stamp: 0x46f6c2f2 Exception code: 0xc0000005 Fault offset: 0x003a8e9c Faulting process id: 0xfd8 Faulting application start time: 0x01cc753887bd6313 Faulting application path: C:\Program Files (x86)\The Witcher\SYSTEM\witcher.EXE Faulting module path: C:\Program Files (x86)\The Witcher\SYSTEM\witcher.EXE Report Id: d8afb1ce-e12d-11e0-889a-e0cb4e5b9aca

Log: 'Application' Date/Time: 16/09/2011 9:01:47 PM
Type: Error Category: 100
Event: 1000 Source: Application Error
Faulting application name: witcher.EXE, version: 1.0.0.1101, time stamp: 0x46f6c2f2 Faulting module name: witcher.EXE, version: 1.0.0.1101, time stamp: 0x46f6c2f2 Exception code: 0xc0000005 Fault offset: 0x00350ed5 Faulting process id: 0x860 Faulting application start time: 0x01cc746e65defebf Faulting application path: C:\Program Files (x86)\The Witcher\SYSTEM\witcher.EXE Faulting module path: C:\Program Files (x86)\The Witcher\SYSTEM\witcher.EXE Report Id: 1674375d-e0a7-11e0-aa22-e0cb4e5b9aca

Log: 'Application' Date/Time: 16/09/2011 6:22:35 AM
Type: Error Category: 100
Event: 1000 Source: Application Error
Faulting application name: explorer.exe, version: 6.1.7601.17567, time stamp: 0x4d6727a7 Faulting module name: AcGenral.DLL, version: 6.1.7601.17514, time stamp: 0x4ce7b6ff Exception code: 0xc0000005 Fault offset: 0x00046d2c Faulting process id: 0x1160 Faulting application start time: 0x01cc7439048a4986 Faulting application path: C:\Windows\SysWOW64\explorer.exe Faulting module path: C:\Windows\AppPatch\AcGenral.DLL Report Id: 43b3b092-e02c-11e0-a167-e0cb4e5b9aca

Log: 'Application' Date/Time: 16/09/2011 6:02:36 AM
Type: Error Category: 101
Event: 1002 Source: Application Hang
The program TWEE_Upgrade(1).exe version 14.0.0.162 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel. Process ID: 1314 Start Time: 01cc7435cc220113 Termination Time: 2 Application Path: C:\Users\LANCE\Downloads\TWEE_Upgrade(1).exe Report Id: 76514bdc-e029-11e0-834b-e0cb4e5b9aca

Log: 'Application' Date/Time: 16/09/2011 6:02:05 AM
Type: Error Category: 100
Event: 1000 Source: Application Error
Faulting application name: vpatch.exe, version: 3.0.2.0, time stamp: 0x474af5e1 Faulting module name: vpatch.exe, version: 3.0.2.0, time stamp: 0x474af5e1 Exception code: 0xc0000005 Fault offset: 0x00127b80 Faulting process id: 0x15c8 Faulting application start time: 0x01cc743627922c43 Faulting application path: C:\Users\LANCE\AppData\Local\Temp\_ir_vp2_temp_0\vpatch.exe Faulting module path: C:\Users\LANCE\AppData\Local\Temp\_ir_vp2_temp_0\vpatch.exe Report Id: 66ed677b-e029-11e0-834b-e0cb4e5b9aca

Log: 'Application' Date/Time: 16/09/2011 5:58:55 AM
Type: Error Category: 100
Event: 1000 Source: Application Error
Faulting application name: explorer.exe, version: 6.1.7601.17567, time stamp: 0x4d6727a7 Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000 Exception code: 0xc0000005 Fault offset: 0x6b111488 Faulting process id: 0xfe4 Faulting application start time: 0x01cc7435b6828fd6 Faulting application path: C:\Windows\SysWOW64\explorer.exe Faulting module path: unknown Report Id: f58f5bc7-e028-11e0-834b-e0cb4e5b9aca

Log: 'Application' Date/Time: 16/09/2011 5:40:43 AM
Type: Error Category: 100
Event: 1000 Source: Application Error
Faulting application name: explorer.exe, version: 6.1.7601.17567, time stamp: 0x4d6727a7 Faulting module name: AcGenral.DLL, version: 6.1.7601.17514, time stamp: 0x4ce7b6ff Exception code: 0xc0000005 Fault offset: 0x001d6c6a Faulting process id: 0xe78 Faulting application start time: 0x01cc74332c43cb2d Faulting application path: C:\Windows\SysWOW64\explorer.exe Faulting module path: C:\Windows\AppPatch\AcGenral.DLL Report Id: 6a7a7f4c-e026-11e0-834b-e0cb4e5b9aca

Log: 'Application' Date/Time: 16/09/2011 5:36:01 AM
Type: Error Category: 100
Event: 1000 Source: Application Error
Faulting application name: explorer.exe, version: 6.1.7601.17567, time stamp: 0x4d6727a7 Faulting module name: AcGenral.DLL, version: 6.1.7601.17514, time stamp: 0x4ce7b6ff Exception code: 0xc0000005 Fault offset: 0x001d6c6a Faulting process id: 0xd4c Faulting application start time: 0x01cc743283ed49ac Faulting application path: C:\Windows\SysWOW64\explorer.exe Faulting module path: C:\Windows\AppPatch\AcGenral.DLL Report Id: c2724600-e025-11e0-834b-e0cb4e5b9aca

Log: 'Application' Date/Time: 16/09/2011 5:30:35 AM
Type: Error Category: 100
Event: 1000 Source: Application Error
Faulting application name: Skype.exe, version: 5.5.0.115, time stamp: 0x4e57808b Faulting module name: Skype.exe, version: 5.5.0.115, time stamp: 0x4e57808b Exception code: 0xc0000005 Fault offset: 0x001a3170 Faulting process id: 0x310 Faulting application start time: 0x01cc7431bfc4b74d Faulting application path: C:\Program Files (x86)\Skype\Phone\Skype.exe Faulting module path: C:\Program Files (x86)\Skype\Phone\Skype.exe Report Id: 005f24a9-e025-11e0-834b-e0cb4e5b9aca

Log: 'Application' Date/Time: 16/09/2011 5:27:45 AM
Type: Error Category: 101
Event: 1002 Source: Application Hang
The program TWEE_Upgrade(1).exe version 14.0.0.162 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel. Process ID: 1410 Start Time: 01cc74307c963f5b Termination Time: 0 Application Path: C:\Users\LANCE\Downloads\TWEE_Upgrade(1).exe Report Id: 99253c91-e024-11e0-afdf-e0cb4e5b9aca

Log: 'Application' Date/Time: 16/09/2011 5:25:53 AM
Type: Error Category: 100
Event: 1000 Source: Application Error
Faulting application name: vpatch.exe, version: 3.0.2.0, time stamp: 0x474af5e1 Faulting module name: vpatch.exe, version: 3.0.2.0, time stamp: 0x474af5e1 Exception code: 0xc0000005 Fault offset: 0x00127b80 Faulting process id: 0x4a4 Faulting application start time: 0x01cc74311a508da2 Faulting application path: C:\Users\LANCE\AppData\Local\Temp\_ir_vp2_temp_0\vpatch.exe Faulting module path: C:\Users\LANCE\AppData\Local\Temp\_ir_vp2_temp_0\vpatch.exe Report Id: 581e6bc7-e024-11e0-afdf-e0cb4e5b9aca

Log: 'Application' Date/Time: 16/09/2011 5:25:18 AM
Type: Error Category: 100
Event: 1000 Source: Application Error
Faulting application name: vpatch.exe, version: 3.0.2.0, time stamp: 0x474af5e1 Faulting module name: vpatch.exe, version: 3.0.2.0, time stamp: 0x474af5e1 Exception code: 0xc0000005 Fault offset: 0x00127b80 Faulting process id: 0x10a8 Faulting application start time: 0x01cc7431054a8657 Faulting application path: C:\Users\LANCE\AppData\Local\Temp\_ir_vp2_temp_0\vpatch.exe Faulting module path: C:\Users\LANCE\AppData\Local\Temp\_ir_vp2_temp_0\vpatch.exe Report Id: 431ac5db-e024-11e0-afdf-e0cb4e5b9aca

Log: 'Application' Date/Time: 16/09/2011 5:23:51 AM
Type: Error Category: 100
Event: 1000 Source: Application Error
Faulting application name: vpatch.exe, version: 3.0.2.0, time stamp: 0x474af5e1 Faulting module name: vpatch.exe, version: 3.0.2.0, time stamp: 0x474af5e1 Exception code: 0xc0000005 Fault offset: 0x00127b80 Faulting process id: 0x218 Faulting application start time: 0x01cc7430d00ee056 Faulting application path: C:\Users\LANCE\AppData\Local\Temp\_ir_vp2_temp_0\vpatch.exe Faulting module path: C:\Users\LANCE\AppData\Local\Temp\_ir_vp2_temp_0\vpatch.exe Report Id: 0f5e5d67-e024-11e0-afdf-e0cb4e5b9aca

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'Application' Date/Time: 22/09/2011 2:02:24 AM
Type: Warning Category: 0
Event: 1 Source: LMS
LMS Service cannot connect to Intel® MEI driver

Log: 'Application' Date/Time: 22/09/2011 1:29:26 AM
Type: Warning Category: 0
Event: 1 Source: LMS
LMS Service cannot connect to Intel® MEI driver

Log: 'Application' Date/Time: 21/09/2011 11:11:53 PM
Type: Warning Category: 0
Event: 1032 Source: MsiInstaller
An error occured while refreshing environment variables updated during the installation of ''. Some users logged on to the machine may not see these changes until they log off and then log back on.

Log: 'Application' Date/Time: 21/09/2011 3:51:18 AM
Type: Warning Category: 0
Event: 1 Source: LMS
LMS Service cannot connect to Intel® MEI driver

Log: 'Application' Date/Time: 20/09/2011 11:58:05 PM
Type: Warning Category: 0
Event: 1 Source: LMS
LMS Service cannot connect to Intel® MEI driver

Log: 'Application' Date/Time: 17/09/2011 10:31:27 PM
Type: Warning Category: 0
Event: 1 Source: LMS
LMS Service cannot connect to Intel® MEI driver

Log: 'Application' Date/Time: 17/09/2011 10:30:01 PM
Type: Warning Category: 0
Event: 1530 Source: Microsoft-Windows-User Profiles Service
Windows detected your registry file is still in use by other applications or services. The file will be unloaded now. The applications or services that hold your registry file may not function properly afterwards. DETAIL - 20 user registry handles leaked from \Registry\User\S-1-5-21-3071241727-2624829447-66053563-1000:
Process 1728 (\Device\HarddiskVolume2\Windows\System32\FBAgent.exe) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000
Process 1728 (\Device\HarddiskVolume2\Windows\System32\FBAgent.exe) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000
Process 4260 (\Device\HarddiskVolume2\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000
Process 4260 (\Device\HarddiskVolume2\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000
Process 4260 (\Device\HarddiskVolume2\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000
Process 4260 (\Device\HarddiskVolume2\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000
Process 1728 (\Device\HarddiskVolume2\Windows\System32\FBAgent.exe) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000
Process 1728 (\Device\HarddiskVolume2\Windows\System32\FBAgent.exe) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts
Process 4260 (\Device\HarddiskVolume2\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000\Software\Microsoft\SystemCertificates\Disallowed
Process 4260 (\Device\HarddiskVolume2\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000\Software\Microsoft\SystemCertificates\Root
Process 4260 (\Device\HarddiskVolume2\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000\Software\Microsoft\SystemCertificates\SmartCardRoot
Process 4260 (\Device\HarddiskVolume2\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000\Software\Microsoft\SystemCertificates\trust
Process 4260 (\Device\HarddiskVolume2\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000\Software\Microsoft\SystemCertificates\TrustedPeople
Process 4260 (\Device\HarddiskVolume2\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000\Software\Microsoft\SystemCertificates\My
Process 4260 (\Device\HarddiskVolume2\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000\Software\Microsoft\SystemCertificates\CA
Process 4260 (\Device\HarddiskVolume2\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000\Software\Policies\Microsoft\SystemCertificates
Process 4260 (\Device\HarddiskVolume2\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000\Software\Policies\Microsoft\SystemCertificates
Process 4260 (\Device\HarddiskVolume2\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000\Software\Policies\Microsoft\SystemCertificates
Process 4260 (\Device\HarddiskVolume2\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000\Software\Policies\Microsoft\SystemCertificates
Process 1728 (\Device\HarddiskVolume2\Windows\System32\FBAgent.exe) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000\Software\Microsoft\Windows\CurrentVersion\Explorer


Log: 'Application' Date/Time: 17/09/2011 10:05:05 PM
Type: Warning Category: 0
Event: 10010 Source: Microsoft-Windows-RestartManager
Application 'C:\Program Files (x86)\FileHippo.com\UpdateChecker.exe' (pid 1384) cannot be restarted - Application SID does not match Conductor SID..

Log: 'Application' Date/Time: 17/09/2011 6:15:44 AM
Type: Warning Category: 0
Event: 1 Source: LMS
LMS Service cannot connect to Intel® MEI driver

Log: 'Application' Date/Time: 17/09/2011 2:28:42 AM
Type: Warning Category: 0
Event: 10010 Source: Microsoft-Windows-RestartManager
Application 'C:\Program Files (x86)\Skype\Phone\Skype.exe' (pid 3920) cannot be restarted - Application SID does not match Conductor SID..

Log: 'Application' Date/Time: 16/09/2011 7:03:26 AM
Type: Warning Category: 0
Event: 1 Source: LMS
LMS Service cannot connect to Intel® MEI driver

Log: 'Application' Date/Time: 16/09/2011 6:05:41 AM
Type: Warning Category: 0
Event: 1 Source: LMS
LMS Service cannot connect to Intel® MEI driver

Log: 'Application' Date/Time: 16/09/2011 6:04:34 AM
Type: Warning Category: 0
Event: 1530 Source: Microsoft-Windows-User Profiles Service
Windows detected your registry file is still in use by other applications or services. The file will be unloaded now. The applications or services that hold your registry file may not function properly afterwards. DETAIL - 20 user registry handles leaked from \Registry\User\S-1-5-21-3071241727-2624829447-66053563-1000:
Process 1712 (\Device\HarddiskVolume2\Windows\System32\FBAgent.exe) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000
Process 1712 (\Device\HarddiskVolume2\Windows\System32\FBAgent.exe) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000
Process 1712 (\Device\HarddiskVolume2\Windows\System32\FBAgent.exe) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000
Process 1420 (\Device\HarddiskVolume2\Program Files (x86)\Online Armor\oasrv.exe) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000
Process 1420 (\Device\HarddiskVolume2\Program Files (x86)\Online Armor\oasrv.exe) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000
Process 1420 (\Device\HarddiskVolume2\Program Files (x86)\Online Armor\oasrv.exe) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000
Process 1420 (\Device\HarddiskVolume2\Program Files (x86)\Online Armor\oasrv.exe) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000
Process 1712 (\Device\HarddiskVolume2\Windows\System32\FBAgent.exe) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts
Process 1420 (\Device\HarddiskVolume2\Program Files (x86)\Online Armor\oasrv.exe) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000\Software\Microsoft\SystemCertificates\Disallowed
Process 1420 (\Device\HarddiskVolume2\Program Files (x86)\Online Armor\oasrv.exe) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000\Software\Microsoft\SystemCertificates\Root
Process 1420 (\Device\HarddiskVolume2\Program Files (x86)\Online Armor\oasrv.exe) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000\Software\Microsoft\SystemCertificates\SmartCardRoot
Process 1420 (\Device\HarddiskVolume2\Program Files (x86)\Online Armor\oasrv.exe) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000\Software\Microsoft\SystemCertificates\trust
Process 1420 (\Device\HarddiskVolume2\Program Files (x86)\Online Armor\oasrv.exe) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000\Software\Microsoft\SystemCertificates\TrustedPeople
Process 1420 (\Device\HarddiskVolume2\Program Files (x86)\Online Armor\oasrv.exe) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000\Software\Microsoft\SystemCertificates\My
Process 1420 (\Device\HarddiskVolume2\Program Files (x86)\Online Armor\oasrv.exe) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000\Software\Microsoft\SystemCertificates\CA
Process 1420 (\Device\HarddiskVolume2\Program Files (x86)\Online Armor\oasrv.exe) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000\Software\Policies\Microsoft\SystemCertificates
Process 1420 (\Device\HarddiskVolume2\Program Files (x86)\Online Armor\oasrv.exe) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000\Software\Policies\Microsoft\SystemCertificates
Process 1420 (\Device\HarddiskVolume2\Program Files (x86)\Online Armor\oasrv.exe) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000\Software\Policies\Microsoft\SystemCertificates
Process 1420 (\Device\HarddiskVolume2\Program Files (x86)\Online Armor\oasrv.exe) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000\Software\Policies\Microsoft\SystemCertificates
Process 1712 (\Device\HarddiskVolume2\Windows\System32\FBAgent.exe) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000\Software\Microsoft\Windows\CurrentVersion\Explorer


Log: 'Application' Date/Time: 16/09/2011 5:29:45 AM
Type: Warning Category: 0
Event: 1 Source: LMS
LMS Service cannot connect to Intel® MEI driver

Log: 'Application' Date/Time: 16/09/2011 5:28:35 AM
Type: Warning Category: 0
Event: 1530 Source: Microsoft-Windows-User Profiles Service
Windows detected your registry file is still in use by other applications or services. The file will be unloaded now. The applications or services that hold your registry file may not function properly afterwards. DETAIL - 11 user registry handles leaked from \Registry\User\S-1-5-21-3071241727-2624829447-66053563-1000:
Process 1728 (\Device\HarddiskVolume2\Windows\System32\FBAgent.exe) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000
Process 1728 (\Device\HarddiskVolume2\Windows\System32\FBAgent.exe) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000
Process 1308 (\Device\HarddiskVolume2\Program Files (x86)\Online Armor\oasrv.exe) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000
Process 1308 (\Device\HarddiskVolume2\Program Files (x86)\Online Armor\oasrv.exe) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000
Process 1308 (\Device\HarddiskVolume2\Program Files (x86)\Online Armor\oasrv.exe) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000\Software\Microsoft\SystemCertificates\Root
Process 1308 (\Device\HarddiskVolume2\Program Files (x86)\Online Armor\oasrv.exe) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000\Software\Microsoft\SystemCertificates\SmartCardRoot
Process 1308 (\Device\HarddiskVolume2\Program Files (x86)\Online Armor\oasrv.exe) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000\Software\Microsoft\SystemCertificates\trust
Process 1308 (\Device\HarddiskVolume2\Program Files (x86)\Online Armor\oasrv.exe) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000\Software\Microsoft\SystemCertificates\My
Process 1308 (\Device\HarddiskVolume2\Program Files (x86)\Online Armor\oasrv.exe) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000\Software\Microsoft\SystemCertificates\CA
Process 1308 (\Device\HarddiskVolume2\Program Files (x86)\Online Armor\oasrv.exe) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000\Software\Policies\Microsoft\SystemCertificates
Process 1308 (\Device\HarddiskVolume2\Program Files (x86)\Online Armor\oasrv.exe) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000\Software\Policies\Microsoft\SystemCertificates


Log: 'Application' Date/Time: 16/09/2011 4:57:09 AM
Type: Warning Category: 0
Event: 1 Source: LMS
LMS Service cannot connect to Intel® MEI driver

Log: 'Application' Date/Time: 16/09/2011 4:56:06 AM
Type: Warning Category: 0
Event: 1530 Source: Microsoft-Windows-User Profiles Service
Windows detected your registry file is still in use by other applications or services. The file will be unloaded now. The applications or services that hold your registry file may not function properly afterwards. DETAIL - 2 user registry handles leaked from \Registry\User\S-1-5-21-3071241727-2624829447-66053563-1000:
Process 1708 (\Device\HarddiskVolume2\Windows\System32\FBAgent.exe) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000
Process 1708 (\Device\HarddiskVolume2\Windows\System32\FBAgent.exe) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000


Log: 'Application' Date/Time: 16/09/2011 4:47:26 AM
Type: Warning Category: 0
Event: 1 Source: LMS
LMS Service cannot connect to Intel® MEI driver

Log: 'Application' Date/Time: 16/09/2011 4:46:21 AM
Type: Warning Category: 0
Event: 1530 Source: Microsoft-Windows-User Profiles Service
Windows detected your registry file is still in use by other applications or services. The file will be unloaded now. The applications or services that hold your registry file may not function properly afterwards. DETAIL - 2 user registry handles leaked from \Registry\User\S-1-5-21-3071241727-2624829447-66053563-1000:
Process 1728 (\Device\HarddiskVolume2\Windows\System32\FBAgent.exe) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000
Process 1728 (\Device\HarddiskVolume2\Windows\System32\FBAgent.exe) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000


Log: 'Application' Date/Time: 16/09/2011 2:03:10 AM
Type: Warning Category: 0
Event: 1 Source: LMS
LMS Service cannot connect to Intel® MEI driver



Vino's Event Viewer v01c run on Windows 2008 in English
Report run at 22/09/2011 3:56:31 PM

Note: All dates below are in the format dd/mm/yyyy

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Critical Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 22/09/2011 2:01:38 AM
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.

Log: 'System' Date/Time: 22/09/2011 1:28:13 AM
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.

Log: 'System' Date/Time: 21/09/2011 3:46:29 AM
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.

Log: 'System' Date/Time: 20/09/2011 11:53:18 PM
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.

Log: 'System' Date/Time: 17/09/2011 6:15:02 AM
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.

Log: 'System' Date/Time: 16/09/2011 7:02:52 AM
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.

Log: 'System' Date/Time: 14/09/2011 9:49:53 AM
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.

Log: 'System' Date/Time: 14/09/2011 8:03:15 AM
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.

Log: 'System' Date/Time: 13/09/2011 6:59:03 AM
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.

Log: 'System' Date/Time: 10/09/2011 2:55:18 AM
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 22/09/2011 2:03:45 AM
Type: Error Category: 0
Event: 36888 Source: Schannel
The following fatal alert was generated: 10. The internal error state is 10.

Log: 'System' Date/Time: 22/09/2011 2:03:45 AM
Type: Error Category: 0
Event: 36888 Source: Schannel
The following fatal alert was generated: 10. The internal error state is 10.

Log: 'System' Date/Time: 22/09/2011 2:01:47 AM
Type: Error Category: 0
Event: 6008 Source: EventLog
The previous system shutdown at 11:42:13 AM on ?22/?09/?2011 was unexpected.

Log: 'System' Date/Time: 22/09/2011 1:30:28 AM
Type: Error Category: 0
Event: 36888 Source: Schannel
The following fatal alert was generated: 10. The internal error state is 10.

Log: 'System' Date/Time: 22/09/2011 1:30:28 AM
Type: Error Category: 0
Event: 36888 Source: Schannel
The following fatal alert was generated: 10. The internal error state is 10.

Log: 'System' Date/Time: 22/09/2011 1:28:58 AM
Type: Error Category: 0
Event: 6008 Source: EventLog
The previous system shutdown at 11:26:43 AM on ?22/?09/?2011 was unexpected.

Log: 'System' Date/Time: 21/09/2011 10:38:46 PM
Type: Error Category: 0
Event: 11 Source: Disk
The driver detected a controller error on \Device\Harddisk1\DR1.

Log: 'System' Date/Time: 21/09/2011 4:01:47 PM
Type: Error Category: 0
Event: 36888 Source: Schannel
The following fatal alert was generated: 10. The internal error state is 10.

Log: 'System' Date/Time: 21/09/2011 4:01:47 PM
Type: Error Category: 0
Event: 36888 Source: Schannel
The following fatal alert was generated: 10. The internal error state is 10.

Log: 'System' Date/Time: 21/09/2011 2:28:26 PM
Type: Error Category: 0
Event: 8003 Source: bowser
The master browser has received a server announcement from the computer ANKUR-PC that believes that it is the master browser for the domain on transport NetBT_Tcpip_{2A5D3F54-F991-49B7-8E0F-C76A1C607010}. The master browser is stopping or an election is being forced.

Log: 'System' Date/Time: 21/09/2011 1:03:23 PM
Type: Error Category: 0
Event: 8003 Source: bowser
The master browser has received a server announcement from the computer WANLI-PC that believes that it is the master browser for the domain on transport NetBT_Tcpip_{2A5D3F54-F991-49B7-8E0F-C76A1C607010}. The master browser is stopping or an election is being forced.

Log: 'System' Date/Time: 21/09/2011 3:52:47 AM
Type: Error Category: 0
Event: 36888 Source: Schannel
The following fatal alert was generated: 10. The internal error state is 10.

Log: 'System' Date/Time: 21/09/2011 3:52:47 AM
Type: Error Category: 0
Event: 36888 Source: Schannel
The following fatal alert was generated: 10. The internal error state is 10.

Log: 'System' Date/Time: 21/09/2011 3:51:16 AM
Type: Error Category: 0
Event: 7022 Source: Service Control Manager
The avast! Antivirus service hung on starting.

Log: 'System' Date/Time: 20/09/2011 11:59:48 PM
Type: Error Category: 0
Event: 36888 Source: Schannel
The following fatal alert was generated: 10. The internal error state is 10.

Log: 'System' Date/Time: 20/09/2011 11:59:48 PM
Type: Error Category: 0
Event: 36888 Source: Schannel
The following fatal alert was generated: 10. The internal error state is 10.

Log: 'System' Date/Time: 20/09/2011 11:58:04 PM
Type: Error Category: 0
Event: 7022 Source: Service Control Manager
The avast! Antivirus service hung on starting.

Log: 'System' Date/Time: 20/09/2011 11:14:18 PM
Type: Error Category: 0
Event: 36888 Source: Schannel
The following fatal alert was generated: 10. The internal error state is 10.

Log: 'System' Date/Time: 20/09/2011 11:14:18 PM
Type: Error Category: 0
Event: 36888 Source: Schannel
The following fatal alert was generated: 10. The internal error state is 10.

Log: 'System' Date/Time: 20/09/2011 11:22:41 AM
Type: Error Category: 0
Event: 8003 Source: bowser
The master browser has received a server announcement from the computer PC2010100320ADX that believes that it is the master browser for the domain on transport NetBT_Tcpip_{2A5D3F54-F991-49B7-8E0F-C76A1C607010}. The master browser is stopping or an election is being forced.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 21/09/2011 8:46:32 AM
Type: Warning Category: 7
Event: 37 Source: Microsoft-Windows-Kernel-Processor-Power
The speed of processor 3 in group 0 is being limited by system firmware. The processor has been in this reduced performance state for 71 seconds since the last report.

Log: 'System' Date/Time: 21/09/2011 8:46:32 AM
Type: Warning Category: 7
Event: 37 Source: Microsoft-Windows-Kernel-Processor-Power
The speed of processor 1 in group 0 is being limited by system firmware. The processor has been in this reduced performance state for 71 seconds since the last report.

Log: 'System' Date/Time: 21/09/2011 8:46:32 AM
Type: Warning Category: 7
Event: 37 Source: Microsoft-Windows-Kernel-Processor-Power
The speed of processor 2 in group 0 is being limited by system firmware. The processor has been in this reduced performance state for 71 seconds since the last report.

Log: 'System' Date/Time: 21/09/2011 8:46:32 AM
Type: Warning Category: 7
Event: 37 Source: Microsoft-Windows-Kernel-Processor-Power
The speed of processor 0 in group 0 is being limited by system firmware. The processor has been in this reduced performance state for 71 seconds since the last report.

Log: 'System' Date/Time: 21/09/2011 4:22:13 AM
Type: Warning Category: 0
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name img284.imagevenue.com timed out after none of the configured DNS servers responded.

Log: 'System' Date/Time: 21/09/2011 4:22:07 AM
Type: Warning Category: 0
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name img221.imagevenue.com timed out after none of the configured DNS servers responded.

Log: 'System' Date/Time: 21/09/2011 4:22:01 AM
Type: Warning Category: 0
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name dns.msftncsi.com timed out after none of the configured DNS servers responded.

Log: 'System' Date/Time: 21/09/2011 3:50:56 AM
Type: Warning Category: 0
Event: 7044 Source: Service Control Manager
The following service is taking more than 4 minutes to start and may have stopped responding: avast! Antivirus Contact your system administrator or service vendor for approximate startup times for this service. If you think this service might be slowing system response or logon time, talk to your system administrator about whether the service should be disabled until the problem is identified. You may have to restart the computer in safe mode before you can disable the service.

Log: 'System' Date/Time: 20/09/2011 11:57:44 PM
Type: Warning Category: 0
Event: 7044 Source: Service Control Manager
The following service is taking more than 4 minutes to start and may have stopped responding: avast! Antivirus Contact your system administrator or service vendor for approximate startup times for this service. If you think this service might be slowing system response or logon time, talk to your system administrator about whether the service should be disabled until the problem is identified. You may have to restart the computer in safe mode before you can disable the service.

Log: 'System' Date/Time: 20/09/2011 8:55:05 AM
Type: Warning Category: 0
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name dns.msftncsi.com timed out after none of the configured DNS servers responded.

Log: 'System' Date/Time: 20/09/2011 8:51:23 AM
Type: Warning Category: 7
Event: 37 Source: Microsoft-Windows-Kernel-Processor-Power
The speed of processor 3 in group 0 is being limited by system firmware. The processor has been in this reduced performance state for 71 seconds since the last report.

Log: 'System' Date/Time: 20/09/2011 8:51:23 AM
Type: Warning Category: 7
Event: 37 Source: Microsoft-Windows-Kernel-Processor-Power
The speed of processor 1 in group 0 is being limited by system firmware. The processor has been in this reduced performance state for 71 seconds since the last report.

Log: 'System' Date/Time: 20/09/2011 8:51:22 AM
Type: Warning Category: 7
Event: 37 Source: Microsoft-Windows-Kernel-Processor-Power
The speed of processor 2 in group 0 is being limited by system firmware. The processor has been in this reduced performance state for 71 seconds since the last report.

Log: 'System' Date/Time: 20/09/2011 8:51:22 AM
Type: Warning Category: 7
Event: 37 Source: Microsoft-Windows-Kernel-Processor-Power
The speed of processor 0 in group 0 is being limited by system firmware. The processor has been in this reduced performance state for 71 seconds since the last report.

Log: 'System' Date/Time: 19/09/2011 10:56:22 AM
Type: Warning Category: 0
Event: 4101 Source: Display
Display driver nvlddmkm stopped responding and has successfully recovered.

Log: 'System' Date/Time: 18/09/2011 11:15:15 PM
Type: Warning Category: 0
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name dns.msftncsi.com timed out after none of the configured DNS servers responded.

Log: 'System' Date/Time: 18/09/2011 11:19:15 AM
Type: Warning Category: 0
Event: 16393 Source: Microsoft-Windows-Bits-Client
BITS has encountered an error communicating with an Internet Gateway Device. Please check that the device is functioning properly. BITS will not attempt to use this device until the next system reboot. Error code: 0x80072EFD.

Log: 'System' Date/Time: 17/09/2011 10:30:14 PM
Type: Warning Category: 0
Event: 4001 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN AutoConfig service has successfully stopped.

Log: 'System' Date/Time: 17/09/2011 10:21:26 AM
Type: Warning Category: 0
Event: 16393 Source: Microsoft-Windows-Bits-Client
BITS has encountered an error communicating with an Internet Gateway Device. Please check that the device is functioning properly. BITS will not attempt to use this device until the next system reboot. Error code: 0x80072EFD.

Log: 'System' Date/Time: 17/09/2011 9:55:46 AM
Type: Warning Category: 0
Event: 16393 Source: Microsoft-Windows-Bits-Client
BITS has encountered an error communicating with an Internet Gateway Device. Please check that the device is functioning properly. BITS will not attempt to use this device until the next system reboot. Error code: 0x80072EFD.
  • 0

#48
RKinner
Posted 22 September 2011 - 10:07 AM

RKinner

    Malware Expert

  • Expert
  • 24,624 posts
  • MVP
I see alarms from VLC and from Online Armor. I get the feeling Online Armor is not a good choice for 64bit systems. Not sure why VLC is acting up. I know mine crashes when I try to get it to jump too far into a movie.

Also this thing: LMS Service cannot connect to Intel® MEI driver
  • 0

#49
LANCE_1313
Posted 22 September 2011 - 03:48 PM

LANCE_1313

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 159 posts
VLC has been plying up when advancing too far into movies like you say. I've now updated it to the new version but it's errors aren't really a problem.

I've uninstalled online armor. I know you've suggested comodo before and I've actually installed it previously at the suggestion of this forum's guidelines. I remember it being a bit of a pain and much more indepth then online armor, which is why i switched. Before I installed it I wondered if I really need it at all? I browse behind a router with firewall and have all the malware/antivirus including mvps hosts and noscript etc.

An online search suggested updating my chipset drivers for the LMS service error which I have now done from the intel website.
  • 0

#50
RKinner
Posted 22 September 2011 - 11:17 PM

RKinner

    Malware Expert

  • Expert
  • 24,624 posts
  • MVP
I think you can live without a 3rd party firewall. Just make sure the windows firewall is running.

Do you have an Extras log you can post? If not:

Run OTL (Vista or Win 7 => right click and Run As Administrator)

select the All option in the Extra Registry group then Run Scan.

You should get two logs. Please copy and paste both of them.

Ron
  • 0

#51
LANCE_1313
Posted 23 September 2011 - 04:46 PM

LANCE_1313

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 159 posts
OTL logfile created on: 9/24/2011 8:32:36 AM - Run 2
OTL by OldTimer - Version 3.2.29.1 Folder = C:\Users\LANCE\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: Canada | Language: ENC | Date Format: dd/MM/yyyy

3.86 Gb Total Physical Memory | 1.11 Gb Available Physical Memory | 28.73% Memory free
7.73 Gb Paging File | 4.00 Gb Available in Paging File | 51.82% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 453.06 Gb Total Space | 244.53 Gb Free Space | 53.97% Space Free | Partition Type: NTFS

Computer Name: LANCE-LT | User Name: LANCE | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/09/24 08:30:43 | 000,582,656 | ---- | M] (OldTimer Tools) -- C:\Users\LANCE\Downloads\OTL.exe
PRC - [2011/09/10 07:07:18 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2011/09/06 03:04:56 | 001,489,304 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe
PRC - [2011/08/03 21:50:00 | 002,255,464 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
PRC - [2011/08/03 03:31:42 | 000,379,496 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2011/07/04 21:43:54 | 003,493,720 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2011/07/04 21:43:51 | 000,042,184 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2011/06/06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2009/11/13 03:10:06 | 001,597,440 | ---- | M] () -- C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
PRC - [2009/10/27 03:10:42 | 000,174,720 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Hotkey\HControl.exe
PRC - [2009/10/10 03:27:44 | 006,937,216 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe
PRC - [2009/10/01 12:34:22 | 002,314,240 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
PRC - [2009/10/01 12:33:08 | 000,262,144 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
PRC - [2009/09/04 03:33:14 | 000,054,400 | ---- | M] () -- C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe
PRC - [2009/08/20 13:31:48 | 000,170,624 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe
PRC - [2009/06/25 05:30:18 | 000,272,952 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMTray.exe
PRC - [2009/06/20 03:29:42 | 000,105,016 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe
PRC - [2009/06/20 03:29:26 | 002,488,888 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Hotkey\ATKOSD.exe
PRC - [2009/06/16 10:30:42 | 000,084,536 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Hotkey\AsLdrSrv.exe
PRC - [2009/05/19 08:58:38 | 000,305,720 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
PRC - [2008/12/30 09:32:54 | 000,237,693 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Creative\SB Audigy\Volume Panel\VolPanlu.exe
PRC - [2008/12/23 10:15:34 | 000,174,648 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Hotkey\WDC.exe
PRC - [2008/08/14 14:00:08 | 000,113,208 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Hotkey\KBFiltr.exe
PRC - [2008/03/31 19:55:48 | 000,225,280 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe
PRC - [2007/12/01 04:20:44 | 000,051,768 | ---- | M] () -- C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
PRC - [2007/08/08 17:08:40 | 000,094,208 | ---- | M] () -- C:\Program Files\ATKGFNEX\GFNEXSrv.exe


========== Modules (No Company Name) ==========

MOD - [2011/09/18 18:32:31 | 000,220,672 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\CustomMarshalers\d17a5e7b3e9c6ea0f5c66093771b35eb\CustomMarshalers.ni.dll
MOD - [2011/09/18 12:21:10 | 012,433,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\0d43c5e77ee7b8466700b16d7e7d4bb7\System.Windows.Forms.ni.dll
MOD - [2011/09/18 12:20:50 | 001,587,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\9e87dd8fe5d0f925d80a6a6eaf74fdb9\System.Drawing.ni.dll
MOD - [2011/09/18 12:20:31 | 005,453,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\16d2854bf69d59d94e64a918365705f1\System.Xml.ni.dll
MOD - [2011/09/18 12:20:28 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\36d0ed3f2a65b9d67933ed46dfcd2ccb\System.Configuration.ni.dll
MOD - [2011/09/18 12:20:26 | 007,963,648 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\3da7c6c1a0f26ae91883fd8b03ec192d\System.ni.dll
MOD - [2011/09/18 12:20:20 | 000,025,600 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Accessibility\b614f2d2f13857c09c98b02944fc1c41\Accessibility.ni.dll
MOD - [2011/09/18 12:20:18 | 011,490,304 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\16b68fcaff063835ae0ee348a1201f2a\mscorlib.ni.dll
MOD - [2011/09/10 07:07:18 | 001,846,232 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2011/09/06 03:04:56 | 000,249,232 | ---- | M] () -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\sqlite.dll
MOD - [2011/08/28 07:14:49 | 006,277,280 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
MOD - [2011/08/03 03:31:28 | 000,255,592 | ---- | M] () -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\Nv3DVStreaming.dll
MOD - [2011/07/03 08:25:40 | 008,007,680 | ---- | M] () -- C:\Windows\assembly\GAC\Microsoft.mshtml\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.mshtml.dll
MOD - [2011/05/26 13:42:00 | 000,067,872 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/05/26 13:41:40 | 001,241,888 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2011/05/26 13:41:40 | 000,324,896 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libtidy.dll
MOD - [2010/11/05 11:57:39 | 000,069,120 | ---- | M] () -- C:\Windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
MOD - [2009/11/13 03:10:06 | 001,597,440 | ---- | M] () -- C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
MOD - [2009/09/04 03:33:14 | 000,054,400 | ---- | M] () -- C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe
MOD - [2009/06/03 11:09:06 | 000,225,280 | ---- | M] () -- C:\Program Files (x86)\ASUS\VirtualCamera\virtualCamera.ax
MOD - [2009/03/27 07:46:42 | 000,148,480 | ---- | M] () -- C:\Windows\SysWOW64\APOMngr.DLL
MOD - [2009/02/07 11:52:24 | 000,073,728 | ---- | M] () -- C:\Windows\SysWOW64\CmdRtr.DLL
MOD - [2007/12/01 04:20:44 | 000,051,768 | ---- | M] () -- C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
MOD - [2007/06/16 03:28:36 | 000,147,456 | ---- | M] () -- C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt.dll
MOD - [2007/06/02 10:08:18 | 000,143,360 | ---- | M] () -- C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt1.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2011/07/04 21:43:51 | 000,042,184 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2011/07/01 13:06:50 | 000,301,720 | ---- | M] () [Auto | Running] -- C:\Program Files\Macrium\Reflect\ReflectService.exe -- (ReflectService)
SRV:64bit: - [2011/03/03 16:57:58 | 000,379,520 | ---- | M] (ASUSTeK Computer Inc.) [Auto | Running] -- C:\Windows\SysNative\FBAgent.exe -- (AFBAgent)
SRV:64bit: - [2009/07/14 11:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/07/02 11:54:02 | 000,864,032 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins)
SRV:64bit: - [2007/08/08 17:08:40 | 000,094,208 | ---- | M] () [Auto | Running] -- C:\Program Files\ATKGFNEX\GFNEXSrv.exe -- (ATKGFNEXSrv)
SRV - [2011/08/03 21:50:00 | 002,255,464 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService)
SRV - [2011/08/03 03:31:42 | 000,379,496 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2011/06/06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2010/04/30 04:03:43 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe -- (Creative ALchemy AL6 Licensing Service)
SRV - [2010/04/30 04:03:39 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe -- (Creative Audio Engine Licensing Service)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/10/01 12:34:22 | 002,314,240 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS) Intel®
SRV - [2009/10/01 12:33:08 | 000,262,144 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS) Intel®
SRV - [2009/06/16 10:30:42 | 000,084,536 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Hotkey\AsLdrSrv.exe -- (ASLDRService)
SRV - [2009/06/11 07:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008/03/31 19:55:48 | 000,225,280 | ---- | M] (ASUSTek Computer Inc.) [On_Demand | Running] -- C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe -- (ADSMService)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2011/09/15 17:44:31 | 000,088,480 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\atksgt.sys -- (atksgt)
DRV:64bit: - [2011/09/15 17:44:31 | 000,046,400 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\lirsgt.sys -- (lirsgt)
DRV:64bit: - [2011/07/04 21:36:56 | 000,600,920 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:64bit: - [2011/07/04 21:36:54 | 000,288,088 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:64bit: - [2011/07/04 21:35:28 | 000,045,400 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi)
DRV:64bit: - [2011/07/04 21:32:35 | 000,031,064 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr.sys -- (aswRdr)
DRV:64bit: - [2011/07/04 21:32:24 | 000,064,856 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2011/07/04 21:32:14 | 000,022,360 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV:64bit: - [2011/05/10 19:41:27 | 000,174,184 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2011/05/10 08:06:08 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2011/03/11 16:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 16:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/11/20 23:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 21:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/20 19:37:42 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2010/04/30 04:01:05 | 000,035,384 | ---- | M] (ASUSTek Computer Inc) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\AsDsm.sys -- (AsDsm)
DRV:64bit: - [2009/10/06 02:34:00 | 001,542,656 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2009/10/02 14:58:57 | 000,537,112 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2009/09/18 05:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64) Intel®
DRV:64bit: - [2009/08/17 14:15:43 | 000,286,768 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2009/07/20 19:29:39 | 000,015,416 | ---- | M] ( ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kbfiltr.sys -- (kbfiltr)
DRV:64bit: - [2009/07/14 11:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/14 11:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/14 11:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/05 12:27:02 | 000,055,808 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\rixdpe64.sys -- (rixdpcie)
DRV:64bit: - [2009/07/03 01:54:52 | 000,060,416 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\rimspe64.sys -- (rimspci)
DRV:64bit: - [2009/07/01 14:46:51 | 000,098,344 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio)
DRV:64bit: - [2009/07/01 14:46:47 | 000,132,648 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt)
DRV:64bit: - [2009/07/01 14:46:39 | 000,021,160 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwrchid.sys -- (btwrchid)
DRV:64bit: - [2009/06/29 13:53:45 | 000,058,368 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C) NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20)
DRV:64bit: - [2009/06/11 06:35:57 | 000,056,832 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SiSG664.sys -- (SiSGbeLH)
DRV:64bit: - [2009/06/11 06:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/11 06:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/11 06:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/11 06:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/06/05 20:16:29 | 001,806,400 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\snp2uvc.sys -- (SNP2UVC) USB2.0 PC Camera (SNP2UVC)
DRV:64bit: - [2009/05/18 13:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2009/05/13 11:07:19 | 000,015,928 | ---- | M] (ASUS) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ATK64AMD.sys -- (MTsensor)
DRV:64bit: - [2009/04/07 17:33:07 | 000,035,104 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwl2cap.sys -- (btwl2cap)
DRV:64bit: - [2008/05/24 10:27:28 | 000,154,168 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr)
DRV:64bit: - [2008/05/06 16:06:00 | 000,014,464 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wdcsam64.sys -- (WDC_SAM)
DRV:64bit: - [2007/07/25 04:11:32 | 000,014,904 | ---- | M] () [Kernel | Auto | Running] -- C:\Program Files\ATKGFNEX\ASMMAP64.sys -- (ASMMAP64)
DRV - [2009/07/14 11:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://login.live.c...bcxt=mai&snsc=1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-ca
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 20 F3 B4 D4 94 38 CC 01 [binary data]
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://www.google.com.au/"

FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\AVAST Software\Avast\WebRep\FF [2011/09/21 13:47:06 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011/09/10 07:07:27 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins

[2011/07/02 18:51:23 | 000,000,000 | ---D | M] (No name found) -- C:\Users\LANCE\AppData\Roaming\Mozilla\Extensions
[2011/09/08 19:16:41 | 000,000,000 | ---D | M] (No name found) -- C:\Users\LANCE\AppData\Roaming\Mozilla\Firefox\Profiles\f4j3xeu5.default\extensions
[2011/09/03 07:54:51 | 000,000,000 | ---D | M] (Flagfox) -- C:\Users\LANCE\AppData\Roaming\Mozilla\Firefox\Profiles\f4j3xeu5.default\extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}
[2011/07/11 12:21:18 | 000,000,000 | ---D | M] (WOT) -- C:\Users\LANCE\AppData\Roaming\Mozilla\Firefox\Profiles\f4j3xeu5.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
[2011/07/13 11:55:06 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2011/08/17 10:10:01 | 000,000,000 | ---D | M] (Click to call with Skype) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
() (No name found) -- C:\USERS\LANCE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F4J3XEU5.DEFAULT\EXTENSIONS\{73A6FE31-595D-460B-A920-FCC0F8843232}.XPI
() (No name found) -- C:\USERS\LANCE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F4J3XEU5.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
() (No name found) -- C:\USERS\LANCE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F4J3XEU5.DEFAULT\EXTENSIONS\{D4DD63FA-01E4-46A7-B6B1-EDAB7D6AD389}.XPI
() (No name found) -- C:\USERS\LANCE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F4J3XEU5.DEFAULT\EXTENSIONS\{DC572301-7619-498C-A57D-39143191B318}.XPI
[2011/09/10 07:07:26 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2011/09/10 07:07:14 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml

O1 HOSTS File: ([2011/06/15 14:16:26 | 000,618,793 | ---- | M]) - C:\Windows\SysNative\drivers\etc\HOSTS
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost #[IPv6]
O1 - Hosts: 127.0.0.1 fr.a2dfp.net
O1 - Hosts: 127.0.0.1 m.fr.a2dfp.net
O1 - Hosts: 127.0.0.1 ad.a8.net
O1 - Hosts: 127.0.0.1 asy.a8ww.net
O1 - Hosts: 127.0.0.1 abcstats.com
O1 - Hosts: 127.0.0.1 a.abv.bg
O1 - Hosts: 127.0.0.1 adserver.abv.bg
O1 - Hosts: 127.0.0.1 adv.abv.bg
O1 - Hosts: 127.0.0.1 bimg.abv.bg
O1 - Hosts: 127.0.0.1 ca.abv.bg
O1 - Hosts: 127.0.0.1 www2.a-counter.kiev.ua
O1 - Hosts: 127.0.0.1 track.acclaimnetwork.com
O1 - Hosts: 127.0.0.1 accuserveadsystem.com
O1 - Hosts: 127.0.0.1 www.accuserveadsystem.com
O1 - Hosts: 127.0.0.1 achmedia.com
O1 - Hosts: 127.0.0.1 aconti.net
O1 - Hosts: 127.0.0.1 secure.aconti.net
O1 - Hosts: 127.0.0.1 www.aconti.net #[Dialer.Aconti]
O1 - Hosts: 127.0.0.1 am1.activemeter.com
O1 - Hosts: 127.0.0.1 www.activemeter.com #[Tracking.Cookie]
O1 - Hosts: 127.0.0.1 ads.activepower.net
O1 - Hosts: 127.0.0.1 stat.active24stats.nl #[Tracking.Cookie]
O1 - Hosts: 127.0.0.1 ad2games.com
O1 - Hosts: 16379 more lines...
O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:64bit: - HKLM..\Run: [RunDLLEntry] C:\Windows\SysNative\AmbRunE.DLL (Creative Technology Ltd.)
O4 - HKLM..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe (ASUS)
O4 - HKLM..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe (ASUS)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe (ASUS)
O4 - HKLM..\Run: [UpdReg] C:\Windows\Updreg.EXE (Creative Technology Ltd.)
O4 - HKLM..\Run: [VolPanel] C:\Program Files (x86)\Creative\SB Audigy\Volume Panel\VolPanlu.exe (Creative Technology Ltd)
O4 - HKCU..\Run: [FileHippo.com] C:\Program Files (x86)\FileHippo.com\UpdateChecker.exe (FileHippo.com)
O4 - HKCU..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9:64bit: - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Click to call with Skype - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Click to call with Skype - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.0.0)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-0017-0000-0000-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.7.0)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{2A5D3F54-F991-49B7-8E0F-C76A1C607010}: DhcpNameServer = 192.168.0.1
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O22:64bit: - SharedTaskScheduler: {1984DD45-52CF-49cd-AB77-18F378FEA264} - FencesShellExt - C:\Program Files (x86)\Stardock\Fences\FencesMenu64.dll (Stardock)
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/09/23 20:45:03 | 000,000,000 | ---D | C] -- C:\Users\LANCE\AppData\Local\{478F7C69-0E4A-47E4-9053-13993C2D47D9}
[2011/09/23 20:44:51 | 000,000,000 | ---D | C] -- C:\Users\LANCE\AppData\Local\{7FB23A40-2DFD-4228-A100-854BCC6719DA}
[2011/09/23 08:44:38 | 000,000,000 | ---D | C] -- C:\Users\LANCE\AppData\Local\{B2B1B4E2-5617-44AB-A36C-26A836FF3508}
[2011/09/23 08:44:27 | 000,000,000 | ---D | C] -- C:\Users\LANCE\AppData\Local\{98539C13-1721-481C-9D06-A2151A8BCA3F}
[2011/09/23 07:51:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
[2011/09/23 07:40:43 | 000,000,000 | ---D | C] -- C:\Users\LANCE\AppData\Local\{FE4E6372-8048-4B62-9EDA-EFCA22E5D495}
[2011/09/23 07:09:09 | 000,000,000 | ---D | C] -- C:\Users\LANCE\AppData\Local\{44ADC1D8-4103-4616-896D-165965AD6F6E}
[2011/09/22 13:57:18 | 000,000,000 | ---D | C] -- C:\Users\LANCE\AppData\Local\{A25809FB-DAE0-4D6D-B007-43C4C45ED829}
[2011/09/22 13:57:06 | 000,000,000 | ---D | C] -- C:\Users\LANCE\AppData\Local\{F4703BA4-D393-498C-BE14-973FE34A6F97}
[2011/09/22 09:09:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NVIDIA Corporation
[2011/09/22 09:08:47 | 000,836,200 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\easyupdatusapiu64.dll
[2011/09/22 09:08:11 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation
[2011/09/22 09:07:21 | 001,426,536 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvhdagenco642040.dll
[2011/09/22 09:07:19 | 022,470,248 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglv64.dll
[2011/09/22 09:07:19 | 017,193,576 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcompiler.dll
[2011/09/22 09:07:19 | 016,595,560 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll
[2011/09/22 09:07:19 | 007,254,632 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll
[2011/09/22 09:07:19 | 005,404,776 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll
[2011/09/22 09:07:19 | 002,532,456 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll
[2011/09/22 09:07:19 | 002,391,656 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll
[2011/09/22 09:07:19 | 002,222,184 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvenc.dll
[2011/09/22 09:07:19 | 002,090,088 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvenc.dll
[2011/09/22 09:07:19 | 001,519,720 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco64.dll
[2011/09/22 09:07:19 | 001,453,160 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvgenco64.dll
[2011/09/22 09:07:19 | 000,067,176 | ---- | C] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll
[2011/09/22 09:07:19 | 000,057,960 | ---- | C] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll
[2011/09/22 09:07:18 | 024,692,840 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcompiler.dll
[2011/09/22 09:06:54 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation
[2011/09/22 09:05:48 | 000,000,000 | ---D | C] -- C:\NVIDIA
[2011/09/22 01:56:26 | 000,000,000 | ---D | C] -- C:\Users\LANCE\AppData\Local\{0F4F3775-0FA1-4F61-B28F-09E5E209B5E9}
[2011/09/22 01:55:59 | 000,000,000 | ---D | C] -- C:\Users\LANCE\AppData\Local\{6210E9EC-09D4-4905-BF26-7DC9B73AF255}
[2011/09/21 13:55:44 | 000,000,000 | ---D | C] -- C:\Users\LANCE\AppData\Local\{6E3E0FE7-E573-4390-8FD5-092779005153}
[2011/09/21 13:55:32 | 000,000,000 | ---D | C] -- C:\Users\LANCE\AppData\Local\{359B2676-D99E-45C9-98DC-CD28E7DE6D47}
[2011/09/21 11:20:31 | 000,000,000 | ---D | C] -- C:\Users\LANCE\AppData\Local\{0460AEAF-ECCF-4C0B-B56E-4F5863CBF09C}
[2011/09/21 11:20:20 | 000,000,000 | ---D | C] -- C:\Users\LANCE\AppData\Local\{9268D4E1-4490-46F5-84B8-86557FFBBE8F}
[2011/09/20 22:05:12 | 000,000,000 | ---D | C] -- C:\Users\LANCE\AppData\Local\{C68FAE86-B679-4435-BAB0-F81D55220B3C}
[2011/09/20 22:04:42 | 000,000,000 | ---D | C] -- C:\Users\LANCE\AppData\Local\{4B921D0D-2403-4491-B1CF-2D1360E6321A}
[2011/09/20 10:04:25 | 000,000,000 | ---D | C] -- C:\Users\LANCE\AppData\Local\{0BBF538E-5816-4556-8600-401915D246C5}
[2011/09/20 10:04:09 | 000,000,000 | ---D | C] -- C:\Users\LANCE\AppData\Local\{EF83944C-8EF2-4A6C-8F8A-47FD9BAD0C8F}
[2011/09/19 22:03:54 | 000,000,000 | ---D | C] -- C:\Users\LANCE\AppData\Local\{F6611D7B-8CED-4E08-BF30-DB64AC22B899}
[2011/09/19 22:03:41 | 000,000,000 | ---D | C] -- C:\Users\LANCE\AppData\Local\{993188A2-99B0-4BCE-B066-77ED7D099CC1}
[2011/09/19 10:03:27 | 000,000,000 | ---D | C] -- C:\Users\LANCE\AppData\Local\{E405F752-32C2-4F96-B656-7E75D418EFED}
[2011/09/19 10:02:52 | 000,000,000 | ---D | C] -- C:\Users\LANCE\AppData\Local\{CF4EDB5A-9DDD-4AF1-B95D-1ABE74078904}
[2011/09/18 22:02:28 | 000,000,000 | ---D | C] -- C:\Users\LANCE\AppData\Local\{0C8E62ED-B079-4683-93EA-30AFB5B7D91D}
[2011/09/18 22:02:12 | 000,000,000 | ---D | C] -- C:\Users\LANCE\AppData\Local\{DE958E33-BB7A-4883-A5AE-53084533E9AD}
[2011/09/18 10:01:58 | 000,000,000 | ---D | C] -- C:\Users\LANCE\AppData\Local\{21D03C46-0EEE-48E9-B58C-81D9A0694FDD}
[2011/09/18 10:01:45 | 000,000,000 | ---D | C] -- C:\Users\LANCE\AppData\Local\{2F6A1929-392D-4DC8-AC43-FC8223FEAD4D}
[2011/09/17 09:46:21 | 000,000,000 | ---D | C] -- C:\Users\LANCE\AppData\Local\{0045137B-9930-4E27-93FF-9BF3A8342351}
[2011/09/17 09:46:08 | 000,000,000 | ---D | C] -- C:\Users\LANCE\AppData\Local\{3C662391-94DC-489F-94FF-3F9101F56367}
[2011/09/16 21:45:54 | 000,000,000 | ---D | C] -- C:\Users\LANCE\AppData\Local\{52FCEA99-9B79-4170-99C0-571186BD09E9}
[2011/09/16 21:45:26 | 000,000,000 | ---D | C] -- C:\Users\LANCE\AppData\Local\{CF35E3A7-EAEE-404E-BFE4-26BC5693D941}
[2011/09/16 08:16:18 | 000,000,000 | ---D | C] -- C:\Users\LANCE\AppData\Local\{25DE7B73-16CE-48F9-8F0B-9A79C9BF7E9A}
[2011/09/16 08:15:23 | 000,000,000 | ---D | C] -- C:\Users\LANCE\AppData\Local\{92DE75FB-79DA-450A-A7B1-E9C2ED96D24B}
[2011/09/15 17:45:22 | 000,000,000 | ---D | C] -- C:\Users\LANCE\Documents\The Witcher
[2011/09/15 17:45:22 | 000,000,000 | ---D | C] -- C:\Users\LANCE\AppData\Local\The Witcher
[2011/09/15 16:44:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\The Witcher
[2011/09/15 16:33:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\BioWare
[2011/09/15 14:17:19 | 000,000,000 | ---D | C] -- C:\Users\LANCE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\project64 1.6
[2011/09/15 14:17:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Project64 1.6
[2011/09/15 10:01:57 | 000,000,000 | ---D | C] -- C:\Users\LANCE\AppData\Local\{73B3009C-8355-415D-827B-7B55EA684A09}
[2011/09/15 10:01:44 | 000,000,000 | ---D | C] -- C:\Users\LANCE\AppData\Local\{D95FCC36-C37C-4E07-9253-3BDE15A825E0}
[2011/09/14 22:01:16 | 000,000,000 | ---D | C] -- C:\Users\LANCE\AppData\Local\{FE2B3964-9064-47CD-8855-B534C62DF150}
[2011/09/14 22:00:42 | 000,000,000 | ---D | C] -- C:\Users\LANCE\AppData\Local\{09BDCBAC-A0D0-478A-9FE4-C02ACA936A21}
[2011/09/14 06:04:05 | 000,000,000 | ---D | C] -- C:\Users\LANCE\AppData\Local\{13241D91-4970-4DFC-9F29-5F287F39E349}
[2011/09/14 06:03:25 | 000,000,000 | ---D | C] -- C:\Users\LANCE\AppData\Local\{ACA2F802-6184-44B7-9FE0-7FDB275F446E}
[2011/09/13 12:28:47 | 000,000,000 | ---D | C] -- C:\Users\LANCE\AppData\Local\{EE46CFFA-041F-4A8A-8494-45027AF0116B}
[2011/09/13 12:28:18 | 000,000,000 | ---D | C] -- C:\Users\LANCE\AppData\Local\{617707F5-68CC-4336-9387-45E73F7CD39A}
[2011/09/13 00:28:03 | 000,000,000 | ---D | C] -- C:\Users\LANCE\AppData\Local\{05B72F15-CD63-464A-8F31-FD177724331A}
[2011/09/13 00:27:38 | 000,000,000 | ---D | C] -- C:\Users\LANCE\AppData\Local\{5C49207D-AC9A-40A9-ACEE-4708EA493B09}
[2011/09/12 07:05:52 | 000,000,000 | ---D | C] -- C:\Users\LANCE\AppData\Local\{EAE21E0D-4614-4D07-B8D5-C53EB2B45194}
[2011/09/12 07:05:40 | 000,000,000 | ---D | C] -- C:\Users\LANCE\AppData\Local\{E20B9239-C051-43C0-B9DB-FA18D9CBCE26}
[2011/09/11 19:05:15 | 000,000,000 | ---D | C] -- C:\Users\LANCE\AppData\Local\{C2F76E49-B511-4525-BE3C-B7D7794F3F6F}
[2011/09/11 19:05:03 | 000,000,000 | ---D | C] -- C:\Users\LANCE\AppData\Local\{EFE05C93-1BD7-4BFC-8F52-7FE14FE3894C}
[2011/09/11 07:04:49 | 000,000,000 | ---D | C] -- C:\Users\LANCE\AppData\Local\{38B22CB1-C661-4AD3-99A5-AA0EE8076C22}
[2011/09/11 07:03:42 | 000,000,000 | ---D | C] -- C:\Users\LANCE\AppData\Local\{EF9D3701-3003-430B-88F0-50692349291A}
[2011/09/10 18:55:42 | 000,000,000 | ---D | C] -- C:\Users\LANCE\AppData\Local\{BC81D756-32D7-4712-921D-8F1C1F91FAA1}
[2011/09/10 18:55:30 | 000,000,000 | ---D | C] -- C:\Users\LANCE\AppData\Local\{D9344B54-948F-4C50-847D-6C2D307634DA}
[2011/09/10 10:05:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Seagate
[2011/09/10 10:05:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Seagate
[2011/09/10 06:55:03 | 000,000,000 | ---D | C] -- C:\Users\LANCE\AppData\Local\{F89D878A-5EEF-4B25-B12D-0DEB77887844}
[2011/09/10 06:54:52 | 000,000,000 | ---D | C] -- C:\Users\LANCE\AppData\Local\{30961E41-A563-4D52-B6C8-79C27F97E461}
[2011/09/09 18:54:39 | 000,000,000 | ---D | C] -- C:\Users\LANCE\AppData\Local\{6A385D3A-9B8A-4560-9203-7752894E258A}
[2011/09/09 18:54:13 | 000,000,000 | ---D | C] -- C:\Users\LANCE\AppData\Local\{24919BFB-A7F0-41F0-AA1F-B1AD2DDA34EF}
[2011/09/09 06:31:11 | 000,000,000 | ---D | C] -- C:\Users\LANCE\AppData\Local\{55EFFFC9-0307-4F9B-9F66-9C9D747288B3}
[2011/09/09 06:30:41 | 000,000,000 | ---D | C] -- C:\Users\LANCE\AppData\Local\{8703F4F7-F904-4286-B680-14918557A415}
[2011/09/08 18:30:15 | 000,000,000 | ---D | C] -- C:\Users\LANCE\AppData\Local\{DB06B40F-F647-4752-9AD2-5E5AF58AC2BD}
[2011/09/08 18:29:46 | 000,000,000 | ---D | C] -- C:\Users\LANCE\AppData\Local\{615C778F-C2EC-4915-B7FC-CAFBACA2E5D0}
[2011/09/08 06:29:32 | 000,000,000 | ---D | C] -- C:\Users\LANCE\AppData\Local\{B09F49AF-D984-43ED-8A63-80A8CE8895C3}
[2011/09/08 06:29:01 | 000,000,000 | ---D | C] -- C:\Users\LANCE\AppData\Local\{BBFCD1DA-8FD4-4511-B0C6-ADD0F548F647}
[2011/09/07 18:28:49 | 000,000,000 | ---D | C] -- C:\Users\LANCE\AppData\Local\{A5329E15-5C10-4CF6-9DC5-A357E7B49B82}
[2011/09/07 18:28:34 | 000,000,000 | ---D | C] -- C:\Users\LANCE\AppData\Local\{C3AF5C2C-15C3-4E37-A499-8CFA282B1D95}
[2011/09/07 06:28:21 | 000,000,000 | ---D | C] -- C:\Users\LANCE\AppData\Local\{E0AAA12C-A8EA-481A-A545-B7D234E3B22F}
[2011/09/07 06:27:50 | 000,000,000 | ---D | C] -- C:\Users\LANCE\AppData\Local\{AE24A184-B321-4AA5-9F2E-B7250A1A82CD}
[2011/09/06 12:39:34 | 000,000,000 | ---D | C] -- C:\Users\LANCE\AppData\Local\{2D63C7BF-5205-4280-8D9A-0B9FD318B102}
[2011/09/05 20:26:25 | 000,000,000 | ---D | C] -- C:\Users\LANCE\AppData\Local\{069771BB-7369-4397-9671-A31874CB6A24}
[2011/09/05 20:26:14 | 000,000,000 | ---D | C] -- C:\Users\LANCE\AppData\Local\{745FB682-13B3-4C2D-B4DE-F51C6E06A94D}
[2011/09/05 20:25:01 | 000,000,000 | ---D | C] -- C:\Users\LANCE\AppData\Local\{04CE36C6-D7F9-4594-AA8F-2F518EAC4E22}
[2011/09/05 08:26:00 | 000,000,000 | ---D | C] -- C:\Users\LANCE\AppData\Local\{8E3E6187-B072-4C4B-9926-3D598EFD1696}
[2011/09/05 08:25:30 | 000,000,000 | ---D | C] -- C:\Users\LANCE\AppData\Local\{2D69628A-8B9A-4BAB-819D-53B8118F2FEA}
[2011/09/04 20:25:16 | 000,000,000 | ---D | C] -- C:\Users\LANCE\AppData\Local\{D1EEBBDA-16FC-4B14-A3B0-69B746AB7E9E}
[2011/09/04 20:25:00 | 000,000,000 | ---D | C] -- C:\Users\LANCE\AppData\Local\{A2A2CD8B-6228-4489-A03B-B222A0705D06}
[2011/09/04 08:24:31 | 000,000,000 | ---D | C] -- C:\Users\LANCE\AppData\Local\{39503ADF-3F0B-4F4F-ADF9-B0DAE0CDD328}
[2011/09/04 08:24:19 | 000,000,000 | ---D | C] -- C:\Users\LANCE\AppData\Local\{232018A4-8254-4BA2-9E25-B879E3EDFC54}
[2011/09/03 20:24:02 | 000,000,000 | ---D | C] -- C:\Users\LANCE\AppData\Local\{82174CDA-622B-4F1E-89E7-7FD6F11223AE}
[2011/09/03 20:23:50 | 000,000,000 | ---D | C] -- C:\Users\LANCE\AppData\Local\{1698BEBB-C835-4BE3-B45E-B46B5EACAA07}
[2011/09/03 11:31:46 | 000,000,000 | ---D | C] -- C:\Users\LANCE\Documents\My EndNote Library.Data
[2011/09/03 08:23:04 | 000,000,000 | ---D | C] -- C:\Users\LANCE\AppData\Local\{9D633406-B6D7-475D-ABBF-9D25E6247E9A}
[2011/09/03 08:22:52 | 000,000,000 | ---D | C] -- C:\Users\LANCE\AppData\Local\{A2CF90CE-00B9-4032-B12F-BA375E0543A4}
[2011/09/03 08:22:40 | 000,000,000 | ---D | C] -- C:\Users\LANCE\AppData\Roaming\Windows Live Writer
[2011/09/03 08:22:40 | 000,000,000 | ---D | C] -- C:\Users\LANCE\AppData\Local\Windows Live Writer
[2011/09/03 08:12:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows Live
[2011/09/03 08:12:30 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Live
[2011/09/03 07:59:18 | 000,000,000 | ---D | C] -- C:\Users\LANCE\AppData\Local\Windows Live
[2011/09/03 07:59:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Windows Live
[2011/09/01 06:20:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Speccy
[2011/09/01 06:20:01 | 000,000,000 | ---D | C] -- C:\Program Files\Speccy
[2011/08/29 20:35:00 | 000,379,520 | ---- | C] (ASUSTeK Computer Inc.) -- C:\Windows\SysNative\FBAgent.exe
[2011/08/29 20:35:00 | 000,000,000 | ---D | C] -- C:\Program Files\ASUS
[2011/08/29 07:01:49 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2011/08/28 21:38:49 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2011/08/28 21:38:49 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2011/08/28 21:38:49 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2011/08/28 21:37:11 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2011/08/28 21:36:33 | 000,000,000 | ---D | C] -- C:\Qoobox
[2011/08/28 07:12:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2011/08/28 07:12:04 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2011/08/28 07:12:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2011/08/28 07:12:04 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/09/24 00:33:22 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/09/23 18:34:27 | 000,045,056 | ---- | M] () -- C:\Windows\SysNative\acovcnt.exe
[2011/09/23 07:51:48 | 000,001,068 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2011/09/23 07:50:18 | 000,010,240 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011/09/23 07:50:18 | 000,010,240 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011/09/23 07:47:24 | 000,726,316 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011/09/23 07:47:24 | 000,628,460 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011/09/23 07:47:24 | 000,110,612 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011/09/23 07:42:39 | 3112,038,400 | -HS- | M] () -- C:\hiberfil.sys
[2011/09/22 11:30:42 | 000,001,478 | ---- | M] () -- C:\Windows\SysNative\ServiceFilter.ini
[2011/09/21 13:51:42 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
[2011/09/17 15:00:09 | 000,000,386 | -H-- | M] () -- C:\Windows\tasks\My Backup xml.job
[2011/09/17 07:58:32 | 000,315,926 | ---- | M] () -- C:\Users\LANCE\Desktop\Stream B Invigilator Rules & Regulations_November 2011.pdf
[2011/09/16 17:02:58 | 479,300,485 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2011/09/15 17:44:31 | 000,088,480 | ---- | M] () -- C:\Windows\SysNative\drivers\atksgt.sys
[2011/09/15 17:44:31 | 000,046,400 | ---- | M] () -- C:\Windows\SysNative\drivers\lirsgt.sys
[2011/09/03 11:31:46 | 000,000,000 | ---- | M] () -- C:\Users\LANCE\Documents\My EndNote Library.enl
[2011/09/03 07:53:05 | 000,000,080 | ---- | M] () -- C:\Windows\SysNative\Defrag.ini
[2011/08/31 19:17:03 | 000,001,532 | ---- | M] () -- C:\Windows\SysNative\AutoRunFilter.ini
[2011/08/28 07:52:01 | 000,404,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2011/08/28 07:18:16 | 000,000,969 | ---- | M] () -- C:\Users\LANCE\Application Data\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/09/23 07:51:48 | 000,001,068 | ---- | C] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2011/09/22 09:07:19 | 000,007,383 | ---- | C] () -- C:\Windows\SysNative\nvinfo.pb
[2011/09/17 07:58:32 | 000,315,926 | ---- | C] () -- C:\Users\LANCE\Desktop\Stream B Invigilator Rules & Regulations_November 2011.pdf
[2011/09/16 17:02:58 | 479,300,485 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2011/09/15 16:59:22 | 000,088,480 | ---- | C] () -- C:\Windows\SysNative\drivers\atksgt.sys
[2011/09/15 16:59:21 | 000,046,400 | ---- | C] () -- C:\Windows\SysNative\drivers\lirsgt.sys
[2011/09/03 11:31:46 | 000,000,000 | ---- | C] () -- C:\Users\LANCE\Documents\My EndNote Library.enl
[2011/09/03 08:13:04 | 000,001,460 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Mail.lnk
[2011/08/29 20:35:00 | 000,001,532 | ---- | C] () -- C:\Windows\SysNative\AutoRunFilter.ini
[2011/08/29 20:35:00 | 000,001,478 | ---- | C] () -- C:\Windows\SysNative\ServiceFilter.ini
[2011/08/29 20:35:00 | 000,000,105 | ---- | C] () -- C:\Windows\SysNative\FastBoot.ini
[2011/08/29 20:35:00 | 000,000,080 | ---- | C] () -- C:\Windows\SysNative\Defrag.ini
[2011/08/29 20:35:00 | 000,000,052 | ---- | C] () -- C:\Windows\SysNative\RemoveFont.ini
[2011/08/29 20:35:00 | 000,000,015 | ---- | C] () -- C:\Windows\SysNative\BootTime.ini
[2011/08/28 21:38:49 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2011/08/28 21:38:49 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2011/08/28 21:38:49 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2011/08/28 21:38:49 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2011/08/28 21:38:49 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2011/08/03 03:31:54 | 000,311,912 | ---- | C] () -- C:\Windows\SysWow64\nvStreaming.exe
[2011/07/12 08:33:38 | 000,005,120 | ---- | C] () -- C:\Users\LANCE\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/04/30 04:03:46 | 000,000,735 | ---- | C] () -- C:\Windows\FF05_Render_Spk_Hp.ini
[2010/04/30 04:03:46 | 000,000,508 | ---- | C] () -- C:\Windows\FF05_not_Spk_Hp.ini
[2010/04/30 04:01:46 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\LogonStart.dll
[2010/04/30 03:58:33 | 000,148,480 | ---- | C] () -- C:\Windows\SysWow64\APOMngr.DLL
[2010/04/30 03:58:33 | 000,073,728 | ---- | C] () -- C:\Windows\SysWow64\CmdRtr.DLL
[2009/07/29 15:20:40 | 000,000,010 | ---- | C] () -- C:\Windows\SysWow64\ABLKSR.ini
[2009/07/14 15:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009/07/14 12:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009/07/14 12:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009/07/14 10:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009/07/14 09:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009/07/14 07:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/06/11 07:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2008/12/02 11:32:32 | 000,362,029 | ---- | C] () -- C:\Windows\SysWow64\sqlite3.dll

========== Alternate Data Streams ==========

@Alternate Data Stream - 95 bytes -> C:\ProgramData\TEMP:5C321E34

< End of report >


OTL Extras logfile created on: 9/24/2011 8:32:36 AM - Run 2
OTL by OldTimer - Version 3.2.29.1 Folder = C:\Users\LANCE\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: Canada | Language: ENC | Date Format: dd/MM/yyyy

3.86 Gb Total Physical Memory | 1.11 Gb Available Physical Memory | 28.73% Memory free
7.73 Gb Paging File | 4.00 Gb Available in Paging File | 51.82% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 453.06 Gb Total Space | 244.53 Gb Free Space | 53.97% Space Free | Partition Type: NTFS

Computer Name: LANCE-LT | User Name: LANCE | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (All) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.chm[@ = chm.file] -- C:\Windows\hh.exe (Microsoft Corporation)
.cpl[@ = cplfile] -- C:\Windows\SysNative\control.exe (Microsoft Corporation)
.hlp[@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.hta[@ = htafile] -- C:\Windows\SysWOW64\mshta.exe (Microsoft Corporation)
.html[@ = htmlfile] -- C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation)
.inf[@ = inffile] -- C:\Windows\SysNative\NOTEPAD.EXE (Microsoft Corporation)
.ini[@ = inifile] -- C:\Windows\SysNative\NOTEPAD.EXE (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
.js[@ = JSFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
.jse[@ = JSEFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
.reg[@ = regfile] -- C:\Windows\regedit.exe (Microsoft Corporation)
.txt[@ = txtfile] -- C:\Windows\SysNative\NOTEPAD.EXE (Microsoft Corporation)
.vbe[@ = VBEFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
.vbs[@ = VBSFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
.wsf[@ = WSFFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
.wsh[@ = WSHFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.bat [@ = batfile] -- "%1" %*
.chm [@ = chm.file] -- C:\Windows\hh.exe (Microsoft Corporation)
.cmd [@ = cmdfile] -- "%1" %*
.com [@ = ComFile] -- "%1" %*
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.exe [@ = exefile] -- "%1" %*
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.hta [@ = htafile] -- C:\Windows\SysWOW64\mshta.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation)
.inf [@ = inffile] -- C:\Windows\SysWow64\NOTEPAD.EXE (Microsoft Corporation)
.ini [@ = inifile] -- C:\Windows\SysWow64\NOTEPAD.EXE (Microsoft Corporation)
.url [@ = InternetShortcut] -- C:\Windows\SysWow64\rundll32.exe (Microsoft Corporation)
.js [@ = JSFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation)
.jse [@ = JSEFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation)
.pif [@ = piffile] -- "%1" %*
.reg [@ = regfile] -- C:\Windows\SysWow64\regedit.exe (Microsoft Corporation)
.scr [@ = scrfile] -- "%1" /S
.txt [@ = txtfile] -- C:\Windows\SysWow64\NOTEPAD.EXE (Microsoft Corporation)
.vbe [@ = VBEFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation)
.vbs [@ = VBSFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation)
.wsf [@ = WSFFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation)
.wsh [@ = WSHFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
batfile [open] -- "%1" %*
batfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
chm.file [open] -- "%SystemRoot%\hh.exe" %1 (Microsoft Corporation)
cmdfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
cmdfile [open] -- "%1" %*
cmdfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htafile [open] -- C:\Windows\SysWOW64\mshta.exe "%1" %* (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
http [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
https [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection DefaultInstall 132 %1 (Microsoft Corporation)
inffile [open] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
inffile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
inifile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
inifile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
jsfile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
jsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsfile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
jsefile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
jsefile [open] -- C:\Windows\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsefile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [edit] -- %SystemRoot%\system32\notepad.exe "%1" (Microsoft Corporation)
regfile [open] -- regedit.exe "%1" (Microsoft Corporation)
regfile [merge] -- Reg Error: Key error.
regfile [print] -- %SystemRoot%\system32\notepad.exe /p "%1" (Microsoft Corporation)
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
txtfile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
txtfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
txtfile [printto] -- %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4" (Microsoft Corporation)
vbefile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
vbefile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
vbefile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
vbsfile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
vbsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
vbsfile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
wsffile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
wsffile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
wsffile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
wshfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
batfile [open] -- "%1" %*
batfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
chm.file [open] -- "%SystemRoot%\hh.exe" %1 (Microsoft Corporation)
cmdfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
cmdfile [open] -- "%1" %*
cmdfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htafile [open] -- C:\Windows\SysWOW64\mshta.exe "%1" %* (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
http [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
https [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection DefaultInstall 132 %1 (Microsoft Corporation)
inffile [open] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
inffile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
inifile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
inifile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
jsfile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
jsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsfile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
jsefile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
jsefile [open] -- C:\Windows\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsefile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [edit] -- %SystemRoot%\system32\notepad.exe "%1" (Microsoft Corporation)
regfile [open] -- regedit.exe "%1" (Microsoft Corporation)
regfile [merge] -- Reg Error: Key error.
regfile [print] -- %SystemRoot%\system32\notepad.exe /p "%1" (Microsoft Corporation)
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
txtfile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
txtfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
txtfile [printto] -- %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4" (Microsoft Corporation)
vbefile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
vbefile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
vbefile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
vbsfile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
vbsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
vbsfile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
wsffile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
wsffile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
wsffile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
wshfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0D9D38E1-B123-4CC6-A575-0C5CE8667CD4}" = Macrium Reflect - Free Edition
"{10CD364B-FFCC-48BE-B469-B9622A033075}" = Fences
"{13F4A7F3-EABC-4261-AF6B-1317777F0755}" = Fast Boot
"{180C8888-50F1-426B-A9DC-AB83A1989C65}" = Windows Live Language Selector
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{26A24AE4-039D-4CA4-87B4-2F86416026FF}" = Java™ 6 Update 26 (64-bit)
"{26A24AE4-039D-4CA4-87B4-2F86417000FF}" = Java™ 7 (64-bit)
"{439760BC-7737-4386-9B1D-A90A3E8A22EA}" = Apple Mobile Device Support
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007
"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
"{91EFE3A1-585E-4F66-B5F6-F118F56C4C47}" = ASUS Power4Gear Hybrid
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{997C9EC4-B53D-479D-81B7-0AEC8D174BA1}" = iTunes
"{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}" = WIDCOMM Bluetooth Software
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Driver 280.26
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 280.26
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Graphics Driver 280.26
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller Driver 280.19
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX System Software 9.10.0514
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.4.28
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD Audio Driver 1.2.23.3
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{C7311329-C491-427B-8880-133E84869B3A}" = Vista Shortcut Manager x64
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"CCleaner" = CCleaner
"Defraggler" = Defraggler
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"NVIDIA Drivers" = NVIDIA Drivers
"Speccy" = Speccy
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"USB 2.0 1.3M UVC WebCam" = USB 2.0 1.3M UVC WebCam
"USB 2.0 2.0M UVC WebCam" = USB 2.0 2.0M UVC WebCam
"WinRAR archiver" = WinRAR 4.01 (64-bit)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{022CBB38-CEF0-42BA-906A-A49BEFAE0BEE}" = RICOH R5U230 Media Driver ver.2.05.02.02
"{06585B02-F20D-4AB2-9A64-86EF2AE0F8F0}" = ASUS AI Recovery
"{0969AF05-4FF6-4C00-9406-43599238DE0D}" = ASUS Splendid Video Enhancement Technology
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}" = ASUS LifeFrame3
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{20FDF948-C8ED-4543-A539-F7F4AEF5AFA2}" = Wireless Console 3
"{28006915-2739-4EBE-B5E8-49B25D32EB33}" = Atheros Client Installation Program
"{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver
"{38F8D823-008D-4E5A-BBCE-867A86C2BF2B}" = Sound Blaster Audigy HD
"{3931705A-D653-44A8-9BB5-759B7965BE99}_is1" = YABOT Build Order Editor version 1.0
"{3B05F2FB-745B-4012-ADF2-439F36B2E70B}" = ATKOSD2
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{5B65EF64-1DFA-414A-8C94-7BB726158E21}" = ControlDeck
"{60D6618B-153F-4353-8185-908E676E5888}" = ASUS FancyStart
"{64452561-169F-4A36-A2FF-B5E118EC65F5}" = ASUS SmartLogon
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel® Management Engine Components
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7237264C-7886-41CF-9230-E0E0DCF664AC}_is1" = Devil's Tuning Fork 1.21
"{77DCDCE3-2DED-62F3-8154-05E745472D07}" = Acrobat.com
"{7C05592D-424B-46CB-B505-E0013E8E75C9}" = ATK Hotkey
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{86B3F2D6-AC2B-0014-8AE1-F2F77F781B0C}" = EndNote X4
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8F21291E-0444-4B1D-B9F9-4370A73E346D}" = WinFlash
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISE_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{E64BA721-2310-4B55-BE5A-2925F9706192}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-0409-1000-0000000FF1CE}_ENTERPRISE_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_ENTERPRISE_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0116-0409-1000-0000000FF1CE}_ENTERPRISE_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{9559F7CA-5E34-4237-A2D9-D856464AD727}" = Project64 1.6
"{98613C99-1399-416C-A07C-1EE1C585D872}" = SeaTools for Windows
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AA59DDE4-B672-4621-A016-4C248204957A}" = Skype™ 5.5
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.1)
"{B3575D00-27EF-49C2-B9E0-14B3D954E992}" = Apple Application Support
"{B5A5627C-0173-4DB2-ADA8-740479370F67}" = Express Gate
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Click to Call with Skype
"{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}" = NVIDIA PhysX
"{BEEFC4F8-2909-48B3-AFAA-55D3533FDEDD}" = Creative MediaSource 5
"{C6579A65-9CAE-4B31-8B6B-3306E0630A66}" = Apple Software Update
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{C9E14402-3631-4182-B377-6B0DFB1C0339}" = QuickTime
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = CyberLink PowerDirector
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D1E5870E-E3E5-4475-98A6-ADD614524ADF}" = ATK Media
"{D36DD326-7280-11D8-97C8-000129760CBE}" = CyberLink PhotoNow
"{D3D54F3E-C5C3-443D-978F-87A72E5616E8}" = ATK Generic Function Service
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E657B243-9AD4-4ECC-BE81-4CCF8D667FD0}" = ASUS Live Update
"{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}" = ASUS Virtual Camera
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F138762F-5A1F-4CF0-A5E1-1588EF6088A4}" = The Witcher
"{FA2092C5-7979-412D-A962-6485274AE1EE}" = ASUS Data Security Manager
"{FDB3B167-F4FA-461D-976F-286304A57B2A}" = Adobe AIR
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"ASUS_ScreenSaver_GSeries" = ASUS_ScreenSaver_GSeries
"avast" = avast! Free Antivirus
"CDisplay_is1" = CDisplay 1.8
"ENTERPRISE" = Microsoft Office Enterprise 2007
"Fences" = Fences
"FileHippo.com" = FileHippo.com Update Checker
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = CyberLink PowerDirector
"InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}" = CyberLink PhotoNow
"LogonStudio" = LogonStudio
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware version 1.51.1.1800
"MKVtoolnix" = MKVtoolnix 4.8.0
"Mozilla Firefox 6.0.2 (x86 en-US)" = Mozilla Firefox 6.0.2 (x86 en-US)
"NVIDIA StereoUSB Driver" = NVIDIA 3D Vision Controller Driver
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"ResearchSoft Direct Export Helper" = ResearchSoft Direct Export Helper
"SpywareBlaster_is1" = SpywareBlaster 4.4
"StarCraft II" = StarCraft II
"uTorrent" = µTorrent
"VLC media player" = VLC media player 1.1.11
"WinLiveSuite" = Windows Live Essentials

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 9/16/2011 5:01:47 PM | Computer Name = LANCE-LT | Source = Application Error | ID = 1000
Description = Faulting application name: witcher.EXE, version: 1.0.0.1101, time
stamp: 0x46f6c2f2 Faulting module name: witcher.EXE, version: 1.0.0.1101, time stamp:
0x46f6c2f2 Exception code: 0xc0000005 Fault offset: 0x00350ed5 Faulting process id:
0x860 Faulting application start time: 0x01cc746e65defebf Faulting application path:
C:\Program Files (x86)\The Witcher\SYSTEM\witcher.EXE Faulting module path: C:\Program
Files (x86)\The Witcher\SYSTEM\witcher.EXE Report Id: 1674375d-e0a7-11e0-aa22-e0cb4e5b9aca

Error - 9/17/2011 9:06:25 AM | Computer Name = LANCE-LT | Source = Application Error | ID = 1000
Description = Faulting application name: witcher.EXE, version: 1.0.0.1101, time
stamp: 0x46f6c2f2 Faulting module name: witcher.EXE, version: 1.0.0.1101, time stamp:
0x46f6c2f2 Exception code: 0xc0000005 Fault offset: 0x003a8e9c Faulting process id:
0xfd8 Faulting application start time: 0x01cc753887bd6313 Faulting application path:
C:\Program Files (x86)\The Witcher\SYSTEM\witcher.EXE Faulting module path: C:\Program
Files (x86)\The Witcher\SYSTEM\witcher.EXE Report Id: d8afb1ce-e12d-11e0-889a-e0cb4e5b9aca

Error - 9/18/2011 9:11:53 AM | Computer Name = LANCE-LT | Source = Application Error | ID = 1000
Description = Faulting application name: witcher.EXE, version: 1.0.0.1101, time
stamp: 0x46f6c2f2 Faulting module name: MSVCR80.dll, version: 8.0.50727.6195, time
stamp: 0x4dcddbf3 Exception code: 0xc0000005 Fault offset: 0x0001500a Faulting process
id: 0x1664 Faulting application start time: 0x01cc75f7f391368b Faulting application
path: C:\Program Files (x86)\The Witcher\SYSTEM\witcher.EXE Faulting module path:
C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\MSVCR80.dll
Report
Id: c6730b69-e1f7-11e0-bad2-e0cb4e5b9aca

Error - 9/18/2011 9:53:11 PM | Computer Name = LANCE-LT | Source = Application Error | ID = 1000
Description = Faulting application name: witcher.EXE, version: 1.0.0.1101, time
stamp: 0x46f6c2f2 Faulting module name: witcher.EXE, version: 1.0.0.1101, time stamp:
0x46f6c2f2 Exception code: 0xc0000005 Fault offset: 0x00350ed5 Faulting process id:
0x12f0 Faulting application start time: 0x01cc7661f360317f Faulting application path:
C:\Program Files (x86)\The Witcher\SYSTEM\witcher.EXE Faulting module path: C:\Program
Files (x86)\The Witcher\SYSTEM\witcher.EXE Report Id: 2071486b-e262-11e0-bad2-e0cb4e5b9aca

Error - 9/19/2011 9:22:13 PM | Computer Name = LANCE-LT | Source = Application Hang | ID = 1002
Description = The program witcher.EXE version 1.0.0.1101 stopped interacting with
Windows and was closed. To see if more information about the problem is available,
check the problem history in the Action Center control panel. Process ID: 1774 Start
Time: 01cc7732e0b02980 Termination Time: 172 Application Path: C:\Program Files (x86)\The
Witcher\SYSTEM\witcher.EXE Report Id:

Error - 9/19/2011 9:24:44 PM | Computer Name = LANCE-LT | Source = Application Hang | ID = 1002
Description = The program witcher.EXE version 1.0.0.1101 stopped interacting with
Windows and was closed. To see if more information about the problem is available,
check the problem history in the Action Center control panel. Process ID: 1c60 Start
Time: 01cc7733bd6ecf63 Termination Time: 163 Application Path: C:\Program Files (x86)\The
Witcher\SYSTEM\witcher.EXE Report Id:

Error - 9/19/2011 10:53:29 PM | Computer Name = LANCE-LT | Source = Application Error | ID = 1000
Description = Faulting application name: vlc.exe, version: 1.1.10.0, time stamp:
0x4dec1ec0 Faulting module name: vlc.exe, version: 1.1.10.0, time stamp: 0x4dec1ec0
Exception
code: 0xc0000005 Fault offset: 0x000016ee Faulting process id: 0xa08 Faulting application
start time: 0x01cc77402456f16a Faulting application path: C:\Program Files (x86)\VideoLAN\VLC\vlc.exe
Faulting
module path: C:\Program Files (x86)\VideoLAN\VLC\vlc.exe Report Id: b7c2b90e-e333-11e0-bad2-e0cb4e5b9aca

Error - 9/20/2011 12:02:39 AM | Computer Name = LANCE-LT | Source = Application Error | ID = 1000
Description = Faulting application name: firefox.exe, version: 6.0.2.4262, time
stamp: 0x4e6163d9 Faulting module name: oawatch.dll, version: 5.0.0.1097, time stamp:
0x2a425e19 Exception code: 0xc0000005 Fault offset: 0x00001e81 Faulting process id:
0x12a8 Faulting application start time: 0x01cc7598ed1cfb7c Faulting application path:
C:\Program Files (x86)\Mozilla Firefox\firefox.exe Faulting module path: C:\Program
Files (x86)\Online Armor\oawatch.dll Report Id: 61435487-e33d-11e0-bad2-e0cb4e5b9aca

Error - 9/20/2011 4:13:31 AM | Computer Name = LANCE-LT | Source = Application Error | ID = 1000
Description = Faulting application name: vlc.exe, version: 1.1.10.0, time stamp:
0x4dec1ec0 Faulting module name: vlc.exe, version: 1.1.10.0, time stamp: 0x4dec1ec0
Exception
code: 0xc0000005 Fault offset: 0x000016ee Faulting process id: 0xdac Faulting application
start time: 0x01cc776c8afb9766 Faulting application path: C:\Program Files (x86)\VideoLAN\VLC\vlc.exe
Faulting
module path: C:\Program Files (x86)\VideoLAN\VLC\vlc.exe Report Id: 6cb735b6-e360-11e0-bad2-e0cb4e5b9aca

Error - 9/22/2011 7:10:14 AM | Computer Name = LANCE-LT | Source = Application Error | ID = 1000
Description = Faulting application name: vlc.exe, version: 1.1.10.0, time stamp:
0x4dec1ec0 Faulting module name: vlc.exe, version: 1.1.10.0, time stamp: 0x4dec1ec0
Exception
code: 0xc0000005 Fault offset: 0x000016ee Faulting process id: 0x1338 Faulting application
start time: 0x01cc78fb99e3bbf2 Faulting application path: C:\Program Files (x86)\VideoLAN\VLC\vlc.exe
Faulting
module path: C:\Program Files (x86)\VideoLAN\VLC\vlc.exe Report Id: 71dc5744-e50b-11e0-a8f6-e0cb4e5b9aca

[ System Events ]
Error - 9/21/2011 9:30:28 PM | Computer Name = LANCE-LT | Source = Schannel | ID = 36888
Description = The following fatal alert was generated: 10. The internal error state
is 10.

Error - 9/21/2011 9:30:28 PM | Computer Name = LANCE-LT | Source = Schannel | ID = 36888
Description = The following fatal alert was generated: 10. The internal error state
is 10.

Error - 9/21/2011 10:01:47 PM | Computer Name = LANCE-LT | Source = EventLog | ID = 6008
Description = The previous system shutdown at 11:42:13 AM on ?22/?09/?2011 was unexpected.

Error - 9/21/2011 10:03:45 PM | Computer Name = LANCE-LT | Source = Schannel | ID = 36888
Description = The following fatal alert was generated: 10. The internal error state
is 10.

Error - 9/21/2011 10:03:45 PM | Computer Name = LANCE-LT | Source = Schannel | ID = 36888
Description = The following fatal alert was generated: 10. The internal error state
is 10.

Error - 9/22/2011 5:09:02 PM | Computer Name = LANCE-LT | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk1\DR2.

Error - 9/22/2011 5:44:13 PM | Computer Name = LANCE-LT | Source = Schannel | ID = 36888
Description = The following fatal alert was generated: 10. The internal error state
is 10.

Error - 9/22/2011 5:44:13 PM | Computer Name = LANCE-LT | Source = Schannel | ID = 36888
Description = The following fatal alert was generated: 10. The internal error state
is 10.

Error - 9/23/2011 5:44:07 PM | Computer Name = LANCE-LT | Source = Schannel | ID = 36888
Description = The following fatal alert was generated: 10. The internal error state
is 10.

Error - 9/23/2011 5:44:07 PM | Computer Name = LANCE-LT | Source = Schannel | ID = 36888
Description = The following fatal alert was generated: 10. The internal error state
is 10.


< End of report >
  • 0

#52
RKinner
Posted 23 September 2011 - 05:56 PM

RKinner

    Malware Expert

  • Expert
  • 24,624 posts
  • MVP
Uninstall Intel® Management Engine Components

This is used by the IT department to control your PC remotely when you work in a big corporation. If you don't have an IT department then you don't need it and it has been causing problems on other people's PCs.

Also you can uninstall Java™ 6 Update 26 (64-bit) since you have Java 7 already.

Ron
  • 0

#53
LANCE_1313
Posted 23 September 2011 - 06:46 PM

LANCE_1313

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 159 posts
Done
  • 0

#54
RKinner
Posted 23 September 2011 - 07:08 PM

RKinner

    Malware Expert

  • Expert
  • 24,624 posts
  • MVP
Let's clear the Events to make it easier to see what happens if it crashes again.

Right click on (My) Computer and select Manage (Continue) Then the Event Viewer. Next select Windows Logs. Right click on System and Clear Log, Clear. Repeat for Application.

Ron
  • 0

#55
LANCE_1313
Posted 29 September 2011 - 03:52 PM

LANCE_1313

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 159 posts
Sorry I was away for a few days. I'm back now and I've cleared the logs.
  • 0

Advertisements

Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP