Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Hitman Pro Found MBR Problem, Now I can't boot [Closed]


  • This topic is locked This topic is locked

#106
myrti

myrti

    Expert

  • Expert
  • 2,580 posts
Hi,

can you please zip C:\windows\windowsupdates.log and attach it to your next reply. But I'm afraid I know what's wrong. :unsure:

You said you do not have the windows CD, right?

regards myrti
  • 0

Advertisements


#107
Brandon Maki

Brandon Maki

    Member

  • Topic Starter
  • Member
  • PipPip
  • 63 posts
I have a Windows CD somewhere that I can dig out. I never created a system recover disc for the infected computer, but I have a 64-bit windows 7 cd from another computer that I can dig up. There is a file with no extension that is lcated in C:\Users that tries to open on startup, anything of concern?

Attached Files


  • 0

#108
myrti

myrti

    Expert

  • Expert
  • 2,580 posts
Depends on how it's called? What's the file name?

regards myrti
  • 0

#109
Brandon Maki

Brandon Maki

    Member

  • Topic Starter
  • Member
  • PipPip
  • 63 posts
Maki which is my last name. It is 80.3kb located in the Users folder, created 4/17, modified 4/20
  • 0

#110
myrti

myrti

    Expert

  • Expert
  • 2,580 posts
Hi,

that sounds not so good. Could you please upload the file to www.virustotal.com and link me the results.

regards myrti
  • 0

#111
Brandon Maki

Brandon Maki

    Member

  • Topic Starter
  • Member
  • PipPip
  • 63 posts
https://www.virustot...sis/1335306604/
  • 0

#112
myrti

myrti

    Expert

  • Expert
  • 2,580 posts
Hi,

ok, the error is a first, it seems nobody but you has had it so far. :rolleyes: I'm guessing this has to do with the issues we're trying to correct, namely that some of the drivers aren't recognised as being signed.


Right now, I'm not sure what options we still have.. You could try following the method 9 from this link: http://support.microsoft.com/kb/822798 (it's not done by the "FixMe" app). You will need to run all those commands in an elevated command prompt. To get to that, go to start, type "cmd" into the search. Right click on the result cmd.exe and select "run as administrator".

regards myrti
  • 0

#113
Brandon Maki

Brandon Maki

    Member

  • Topic Starter
  • Member
  • PipPip
  • 63 posts
Myrti,
On that method from your last post, do the kb*.cat files includ package_*_ for_KB*.cat files or only ones that begin with kb? Also, I tried to run sfc again and was able to populate the sfcdetails.txt file. I have it attached for you.

Attached Files


  • 0

#114
myrti

myrti

    Expert

  • Expert
  • 2,580 posts
Hi,

this looks as if afd.sys has been successfully replaced. Could you try starting afd again with the command sc start afd from an elevated command prompt.

regards myrti
  • 0

#115
Brandon Maki

Brandon Maki

    Member

  • Topic Starter
  • Member
  • PipPip
  • 63 posts
It still cannot verify the digital signature for this file
  • 0

Advertisements


#116
myrti

myrti

    Expert

  • Expert
  • 2,580 posts
Hi,

Sorry missed your question earlier. I would only replace the ones starting with kb.

I will be offline starting friday and have asked for someone to take the log over, so don't be surprised if there's a third person that starts replying soon. :)

regards myrti
  • 0

#117
Dakeyras

Dakeyras

    Anti-Malware Mammoth

  • Expert
  • 9,684 posts
Hi. :)

I will be assisting you from this point onwards...

For now carry out the prior advice posted and inform myself of the outcome and we will go from there, thank you.
  • 0

#118
Brandon Maki

Brandon Maki

    Member

  • Topic Starter
  • Member
  • PipPip
  • 63 posts
There were no tmp*.cat files or kb*.cat files for me to delete. I removed the oem*.* files and performed the commands as instructed. I then tried to install KB9747821 and received the same error 0X80080005 Server execution failed.
  • 0

#119
Dakeyras

Dakeyras

    Anti-Malware Mammoth

  • Expert
  • 9,684 posts
Hi. :)

There were no tmp*.cat files or kb*.cat files for me to delete. I removed the oem*.* files and performed the commands as instructed. I then tried to install KB9747821 and received the same error 0X80080005 Server execution failed.

OK and thanks for the update, not looking good at all I'm afraid...for the time being make no further changes and or attempt anything further with your computer please unless I advise otherwise, thank you.

For now carry out the below so I am able to review a fresh status of your machine as follows...

Re-scan with OTL:

OTL has recently been updated, so please delete your current version of OTL and all logs. Then empty the Recycle Bin.

Please re-download OTL and save it to your Desktop.

Alternate downloads are here and here.

  • Right-click on OTL.exe and select Run as Administrator to start OTL.
  • Ensure Include 64bit Scans is selected.
  • Under Output, ensure that Minimal Output is selected.
  • Under Extra Registry section, select Use SafeList.
  • Click the Scan All Users checkbox.
  • Click on Run Scan at the top left hand corner.
  • When done, two Notepad files will open.
    • OTL.txt <-- Will be opened
    • Extra.txt <-- Will be minimized
  • Please post the contents of these 2 Notepad files in your next reply.
When completed the above, please post back the following in the order asked for:

  • How is your computer performing now, any further symptoms and or problems encountered?
  • Both OTL logs. <-- Post them individually please, IE: one Log per post/reply.

  • 0

#120
Brandon Maki

Brandon Maki

    Member

  • Topic Starter
  • Member
  • PipPip
  • 63 posts
There is still no access to the internet on that computer. Now when I troubleshoot the network, it comes up with an error that a problem is preventing the troubleshooter from starting with the following details.

Package ID: Unknown
Path: C:\Windows\diagnostics\system\networking
Error Code: 0x80070005
Source: Engine
User: Frontdesk\Maki Chiropractic
Context: Restricted.

Quickbooks and my Electronic Health Records software do not open, all other programs seem to operate as they are supposed to without access to the internet.

Here are the scan results as you requested.

OTL logfile created on: 4/30/2012 3:21:26 PM - Run 3
OTL by OldTimer - Version 3.2.42.2 Folder = C:\Users\Maki Chiropractic\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

5.75 Gb Total Physical Memory | 4.70 Gb Available Physical Memory | 81.70% Memory free
11.50 Gb Paging File | 9.72 Gb Available in Paging File | 84.56% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 918.50 Gb Total Space | 846.12 Gb Free Space | 92.12% Space Free | Partition Type: NTFS
Drive D: | 12.91 Gb Total Space | 1.58 Gb Free Space | 12.23% Space Free | Partition Type: NTFS
Drive F: | 55.89 Gb Total Space | 11.26 Gb Free Space | 20.14% Space Free | Partition Type: NTFS

Computer Name: FRONTDESK | User Name: Maki Chiropractic | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Users\Maki Chiropractic\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\SOAPe Platinum Plus\EinsteinEMRServerSetupSupport.exe (AllianceTek Inc.)
PRC - C:\Program Files (x86)\PC Tools\PC Tools Security\pctsGui.exe (PC Tools)
PRC - C:\Program Files (x86)\PC Tools\PC Tools Security\pctsSvc.exe (PC Tools)
PRC - C:\Program Files (x86)\PC Tools\PC Tools Security\pctsAuxs.exe (PC Tools)
PRC - C:\Program Files (x86)\PC Tools\PC Tools Security\BDT\BDTUpdateService.exe (Threat Expert Ltd.)
PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe (Intuit Inc.)
PRC - C:\Program Files (x86)\Intuit\QuickBooks 2011\QBW32.EXE (Intuit Inc.)
PRC - C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe (Intuit)
PRC - C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation)
PRC - C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation)
PRC - C:\Program Files (x86)\Common Files\Intuit\DataProtect\QBIDPService.exe (Intuit Inc.)
PRC - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe (Hewlett-Packard Company)
PRC - C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE (Microsoft Corporation)
PRC - C:\Program Files (x86)\BUFFALO\Backup_Utility\BUTray.exe (BUFFALO INC.)
PRC - C:\Program Files (x86)\BUFFALO\BuffaloTools\BuffaloTools.exe (BUFFALO INC.)
PRC - C:\Program Files (x86)\PDF Complete\pdfsvc.exe (PDF Complete Inc)
PRC - C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe (Roxio)
PRC - C:\Program Files (x86)\BUFFALO\Backup_Utility\BUService.exe (BUFFALO INC.)
PRC - C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION)
PRC - C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe (Hewlett-Packard)


========== Modules (No Company Name) ==========

MOD - C:\Program Files (x86)\Intuit\QuickBooks 2011\QBMAPILibrary.dll ()
MOD - C:\Program Files (x86)\Intuit\QuickBooks 2011\QBCompressor.DLL ()
MOD - C:\Program Files (x86)\Intuit\QuickBooks 2011\mbpopup.dll ()
MOD - C:\Program Files (x86)\Intuit\QuickBooks 2011\boost_regex-vc90-mt-p-1_33.dll ()
MOD - C:\Program Files (x86)\Intuit\QuickBooks 2011\boost_serialization-vc90-mt-p-1_33.dll ()
MOD - C:\Program Files (x86)\Intuit\QuickBooks 2011\BackupLib.dll ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll ()
MOD - C:\Program Files (x86)\Intuit\QuickBooks 2011\zlib1.dll ()


========== Win32 Services (SafeList) ==========

SRV:64bit: - (!SASCORE) -- C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE File not found
SRV:64bit: - (AMD FUEL Service) -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe (Advanced Micro Devices, Inc.)
SRV:64bit: - (ZuneWlanCfgSvc) -- c:\Program Files\Zune\ZuneWlanCfgSvc.exe (Microsoft Corporation)
SRV:64bit: - (WMZuneComm) -- c:\Program Files\Zune\WMZuneComm.exe (Microsoft Corporation)
SRV:64bit: - (ZuneNetworkSvc) -- c:\Program Files\Zune\ZuneNss.exe (Microsoft Corporation)
SRV:64bit: - (NisSrv) -- c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe (Microsoft Corporation)
SRV:64bit: - (MsMpSvc) -- c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe (Microsoft Corporation)
SRV:64bit: - (HPClientSvc) -- C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe (Hewlett-Packard Company)
SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)
SRV - (EinsteinEMRService) -- C:\SOAPe Platinum Plus\EinsteinEMRServerSetupSupport.exe (AllianceTek Inc.)
SRV - (sdCoreService) -- C:\Program Files (x86)\PC Tools\PC Tools Security\pctsSvc.exe (PC Tools)
SRV - (sdAuxService) -- C:\Program Files (x86)\PC Tools\PC Tools Security\pctsAuxs.exe (PC Tools)
SRV - (Browser Defender Update Service) -- C:\Program Files (x86)\PC Tools\PC Tools Security\BDT\BDTUpdateService.exe (Threat Expert Ltd.)
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (QBCFMonitorService) -- C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe (Intuit)
SRV - (sftvsa) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation)
SRV - (sftlist) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation)
SRV - (HP Support Assistant Service) -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe (Hewlett-Packard Company)
SRV - (QBVSS) -- C:\Program Files (x86)\Common Files\Intuit\DataProtect\QBIDPService.exe (Intuit Inc.)
SRV - (HPDrvMntSvc.exe) -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe (Hewlett-Packard Company)
SRV - (BBSvc) -- C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE (Microsoft Corporation.)
SRV - (SeaPort) -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE (Microsoft Corporation)
SRV - (pdfcDispatcher) -- C:\Program Files (x86)\PDF Complete\pdfsvc.exe (PDF Complete Inc)
SRV - (RoxioNow Service) -- C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe (Roxio)
SRV - (BFBackupUtilityService) -- C:\Program Files (x86)\BUFFALO\Backup_Utility\BUService.exe (BUFFALO INC.)
SRV - (GameConsoleService) -- C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe (WildTangent, Inc.)
SRV - (NOBU) -- C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe (Symantec Corporation)
SRV - (QuickBooksDB21) -- C:\Program Files (x86)\Intuit\QuickBooks 2011\QBDBMgrN.exe (Intuit, Inc.)
SRV - (BFBackupUtilityVSSService) -- C:\Program Files (x86)\BUFFALO\Backup_Utility\BUVSSService64.exe (BUFFALO INC.)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (QBFCService) -- C:\Program Files (x86)\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe (Intuit Inc.)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)


========== Driver Services (SafeList) ==========

DRV:64bit: - (netr28x) -- C:\Windows\SysNative\drivers\netr28x.sys (Ralink Technology, Corp.)
DRV:64bit: - (PCTSD) -- C:\Windows\SysNative\drivers\PCTSD64.sys (PC Tools)
DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek )
DRV:64bit: - (pctEFA) -- C:\Windows\SysNative\drivers\pctEFA64.sys (PC Tools)
DRV:64bit: - (pctDS) -- C:\Windows\SysNative\drivers\pctDS64.sys (PC Tools)
DRV:64bit: - (PCTCore) -- C:\Windows\SysNative\drivers\PCTCore64.sys (PC Tools)
DRV:64bit: - (Sftvol) -- C:\Windows\SysNative\drivers\Sftvollh.sys (Microsoft Corporation)
DRV:64bit: - (Sftplay) -- C:\Windows\SysNative\drivers\Sftplaylh.sys (Microsoft Corporation)
DRV:64bit: - (Sftredir) -- C:\Windows\SysNative\drivers\Sftredirlh.sys (Microsoft Corporation)
DRV:64bit: - (Sftfs) -- C:\Windows\SysNative\drivers\Sftfslh.sys (Microsoft Corporation)
DRV:64bit: - (PCTBD) -- C:\Windows\SysNative\drivers\PCTBD64.sys (PC Tools)
DRV:64bit: - (AODDriver4.01) -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys (Advanced Micro Devices)
DRV:64bit: - (NisDrv) -- C:\Windows\SysNative\drivers\NisDrvWFP.sys (Microsoft Corporation)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (bftpusbx64) -- C:\Windows\SysNative\drivers\bftpusbx64.sys (BUFFALO INC.)
DRV:64bit: - (bftpdskc64) -- C:\Windows\SysNative\drivers\bftpdskc64.sys (BUFFALO INC.)
DRV:64bit: - (amd_sata) -- C:\Windows\SysNative\drivers\amd_sata.sys (Advanced Micro Devices)
DRV:64bit: - (amd_xata) -- C:\Windows\SysNative\drivers\amd_xata.sys (Advanced Micro Devices)
DRV:64bit: - (amdkmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV:64bit: - (amdkmdap) -- C:\Windows\SysNative\drivers\atikmpag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (AtiPcie) AMD PCI Express (3GIO) -- C:\Windows\SysNative\drivers\AtiPcie64.sys (Advanced Micro Devices Inc.)
DRV:64bit: - (amdiox64) -- C:\Windows\SysNative\drivers\amdiox64.sys (Advanced Micro Devices)
DRV:64bit: - (usbfilter) -- C:\Windows\SysNative\drivers\usbfilter.sys (Advanced Micro Devices)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (WSDPrintDevice) -- C:\Windows\SysNative\drivers\WSDPrint.sys (Microsoft Corporation)
DRV:64bit: - (WSDScan) -- C:\Windows\SysNative\drivers\WSDScan.sys (Microsoft Corporation)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPDSK/1
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPDSK/1
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {ec29edf6-ad3c-4e1c-a087-d6cb81400c43}
IE:64bit: - HKLM\..\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}: "URL" = http://search.ask.co...&l=dis&o=HPDTDF
IE:64bit: - HKLM\..\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}: "URL" = http://search.yahoo....psg&type=HPDTDF
IE:64bit: - HKLM\..\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3}: "URL" = http://en.wikipedia....h={searchTerms}
IE:64bit: - HKLM\..\SearchScopes\{d944bb61-2e34-4dbf-a683-47e505c587dc}: "URL" = http://rover.ebay.co...s}&mfe=Desktops
IE:64bit: - HKLM\..\SearchScopes\{ec29edf6-ad3c-4e1c-a087-d6cb81400c43}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPDSK/1
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPDSK/1
IE - HKLM\..\SearchScopes,DefaultScope = {ec29edf6-ad3c-4e1c-a087-d6cb81400c43}
IE - HKLM\..\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}: "URL" = http://search.ask.co...&l=dis&o=HPDTDF
IE - HKLM\..\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}: "URL" = http://search.yahoo....psg&type=HPDTDF
IE - HKLM\..\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3}: "URL" = http://en.wikipedia....h={searchTerms}
IE - HKLM\..\SearchScopes\{d944bb61-2e34-4dbf-a683-47e505c587dc}: "URL" = http://rover.ebay.co...s}&mfe=Desktops
IE - HKLM\..\SearchScopes\{ec29edf6-ad3c-4e1c-a087-d6cb81400c43}: "URL" = http://www.bing.com/...rc=IE-SearchBox


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-612660174-3317846808-1130094984-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.msn.com/?ocid=OIE9HP
IE - HKU\S-1-5-21-612660174-3317846808-1130094984-1001\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-612660174-3317846808-1130094984-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.officeally.com/
IE - HKU\S-1-5-21-612660174-3317846808-1130094984-1001\..\URLSearchHook: {472734EA-242A-422b-ADF8-83D1E48CC825} - C:\Program Files (x86)\PC Tools\PC Tools Security\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
IE - HKU\S-1-5-21-612660174-3317846808-1130094984-1001\..\SearchScopes,DefaultScope = {ec29edf6-ad3c-4e1c-a087-d6cb81400c43}
IE - HKU\S-1-5-21-612660174-3317846808-1130094984-1001\..\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}: "URL" = http://search.ask.co...&l=dis&o=HPDTDF
IE - HKU\S-1-5-21-612660174-3317846808-1130094984-1001\..\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}: "URL" = http://search.yahoo....psg&type=HPDTDF
IE - HKU\S-1-5-21-612660174-3317846808-1130094984-1001\..\SearchScopes\{D3366BD0-F548-4D77-A7C3-10F512C89639}: "URL" = http://www.google.co...age={startPage}
IE - HKU\S-1-5-21-612660174-3317846808-1130094984-1001\..\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3}: "URL" = http://en.wikipedia....h={searchTerms}
IE - HKU\S-1-5-21-612660174-3317846808-1130094984-1001\..\SearchScopes\{d944bb61-2e34-4dbf-a683-47e505c587dc}: "URL" = http://rover.ebay.co...s}&mfe=Desktops
IE - HKU\S-1-5-21-612660174-3317846808-1130094984-1001\..\SearchScopes\{ec29edf6-ad3c-4e1c-a087-d6cb81400c43}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKU\S-1-5-21-612660174-3317846808-1130094984-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-612660174-3317846808-1130094984-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "https://pm.officeall...in.aspx?utc=-6"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..network.proxy.type: 0
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_1_102.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@hulu.com/Hulu Desktop: C:\Users\Maki Chiropractic\AppData\Local\HuluDesktop\instances\0.9.14.1\nphdplg.dll (Hulu LLC)
FF - HKCU\Software\MozillaPlugins\@octoshape.com/Octoshape Streaming Services,version=1.0: C:\Users\Maki Chiropractic\AppData\Roaming\Octoshape\Octoshape Streaming Services\sua-1101262-0-npoctoshape.dll (Octoshape ApS)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Maki Chiropractic\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Maki Chiropractic\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{3252b9ae-c69a-4eaf-9502-dc9c1f6c009e}: C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DMExtension\ [2012/04/17 00:22:26 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{cb84136f-9c44-433a-9048-c5cd9df1dc16}: C:\Program Files (x86)\PC Tools\PC Tools Security\BDT\Firefox\ [2012/04/17 00:33:32 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/03/20 10:38:37 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/04/17 00:33:31 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 11.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2012/03/02 10:30:56 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 11.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins

[2011/02/15 18:22:08 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Maki Chiropractic\AppData\Roaming\Mozilla\Extensions
[2011/02/15 18:22:08 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Maki Chiropractic\AppData\Roaming\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2012/04/17 00:28:15 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Maki Chiropractic\AppData\Roaming\Mozilla\Firefox\Profiles\3toxt0y8.default\extensions
[2012/04/17 00:34:22 | 000,000,000 | ---D | M] (Evernote Web Clipper) -- C:\Users\Maki Chiropractic\AppData\Roaming\Mozilla\Firefox\Profiles\3toxt0y8.default\extensions\{E0B8C461-F8FB-49b4-8373-FE32E9252800}
[2012/04/17 00:22:26 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2012/04/17 00:22:26 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}
() (No name found) -- C:\USERS\MAKI CHIROPRACTIC\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3TOXT0Y8.DEFAULT\EXTENSIONS\[email protected]
[2012/03/20 10:38:37 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2011/03/18 13:32:12 | 000,091,552 | ---- | M] (Coupons, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npCouponPrinter.dll
[2012/03/30 07:57:52 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2011/03/18 13:32:14 | 000,091,552 | ---- | M] (Coupons, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npMozCouponPrinter.dll
[2010/01/01 03:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2011/11/08 16:49:02 | 000,002,040 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml

O1 HOSTS File: ([2012/04/25 16:42:41 | 000,000,855 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (PC Tools Browser Defender BHO) - {2A0F3D1B-0909-4FF4-B272-609CCE6054E7} - C:\Program Files (x86)\PC Tools\PC Tools Security\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (PC Tools Browser Defender) - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files (x86)\PC Tools\PC Tools Security\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKU\S-1-5-21-612660174-3317846808-1130094984-1001\..\Toolbar\WebBrowser: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
O4:64bit: - HKLM..\Run: [hpsysdrv] c:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe (Hewlett-Packard)
O4:64bit: - HKLM..\Run: [SmartMenu] C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe ()
O4:64bit: - HKLM..\Run: [Zune Launcher] c:\Program Files\Zune\ZuneLauncher.exe (Microsoft Corporation)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [Backup Utility TaskTray Tool] C:\Program Files (x86)\BUFFALO\Backup_Utility\BUTray.exe (BUFFALO INC.)
O4 - HKLM..\Run: [BrStsWnd] C:\Program Files (x86)\Brownie\BrstsW64.exe (brother)
O4 - HKLM..\Run: [BuffaloTools] C:\Program Files (x86)\BUFFALO\BuffaloTools\BuffaloTools.exe (BUFFALO INC.)
O4 - HKLM..\Run: [EEventManager] C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [FUFAXSTM] C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [Intuit SyncManager] C:\Program Files (x86)\Common Files\Intuit\Sync\IntuitSyncManager.exe (Intuit Inc. All rights reserved.)
O4 - HKLM..\Run: [ISTray] C:\Program Files (x86)\PC Tools\PC Tools Security\pctsGui.exe (PC Tools)
O4 - HKLM..\Run: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe (Symantec Corporation)
O4 - HKLM..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun File not found
O4 - HKLM..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Java\jre6\bin\jusched.exe" File not found
O4 - HKU\S-1-5-21-612660174-3317846808-1130094984-1001..\Run: [googletalk] C:\Users\Maki Chiropractic\AppData\Roaming\Google\Google Talk\googletalk.exe (Google)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Recovery present
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Recovery present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Recovery present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Recovery present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\S-1-5-21-612660174-3317846808-1130094984-1001\Software\Policies\Microsoft\Internet Explorer\Recovery present
O7 - HKU\S-1-5-21-612660174-3317846808-1130094984-1001\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp64.dll (PC Tools Research Pty Ltd.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp64.dll (PC Tools Research Pty Ltd.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp64.dll (PC Tools Research Pty Ltd.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp64.dll (PC Tools Research Pty Ltd.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000005 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp64.dll (PC Tools Research Pty Ltd.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000006 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp64.dll (PC Tools Research Pty Ltd.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000017 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp64.dll (PC Tools Research Pty Ltd.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{56FB7E57-234C-43A9-9FE6-0CA97B75342F}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5B240F4C-51B0-45AC-B402-DC27E761D9ED}: DhcpNameServer = 192.168.0.1
O18:64bit: - Protocol\Handler\intu-help-qb4 - No CLSID value found
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\qbwc - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\intu-help-qb4 {ACE22922-D07C-4860-B51B-8CF472FEC2CB} - C:\Program Files (x86)\Intuit\QuickBooks 2011\HelpAsyncPluggableProtocol.dll (Intuit, Inc.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{b15a9a59-37b3-11e1-b860-6431502e0f24}\Shell - "" = AutoRun
O33 - MountPoints2\{b15a9a59-37b3-11e1-b860-6431502e0f24}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2012/04/30 15:20:52 | 000,595,456 | ---- | C] (OldTimer Tools) -- C:\Users\Maki Chiropractic\Desktop\OTL.exe
[2012/04/25 18:00:45 | 000,000,000 | ---D | C] -- C:\Users\Maki Chiropractic\AppData\Local\{89D71F26-2B36-49B8-8DE5-F0C210F82FB5}
[2012/04/25 17:51:08 | 000,000,000 | ---D | C] -- C:\Users\Maki Chiropractic\AppData\Local\{A61EDCDB-AEAD-4CB9-B3BD-5D0951F8E07E}
[2012/04/25 17:41:32 | 000,074,344 | ---- | C] (Realtek Semiconductor Corporation) -- C:\Windows\SysNative\RtNicProp64.dll
[2012/04/25 17:41:31 | 000,676,968 | ---- | C] (Realtek ) -- C:\Windows\SysNative\drivers\Rt64win7.sys
[2012/04/25 17:40:47 | 000,000,000 | ---D | C] -- C:\Users\Maki Chiropractic\Desktop\Install_Win7_7053_03162012
[2012/04/25 17:32:49 | 032,712,644 | ---- | C] (Macrovision Corporation) -- C:\Users\Maki Chiropractic\Desktop\IS_AP_STA_RT2860_D-3.2.7.0_VA-3.2.7.0_W7-3.2.7.0_RU-4.1.4.0_AU-4.1.2.0_112311_1.5.16.0WP_Free.exe
[2012/04/25 16:52:56 | 000,000,000 | ---D | C] -- C:\Users\Maki Chiropractic\AppData\Local\{37D9F159-1A42-4724-9D78-F27644BF2A89}
[2012/04/25 16:52:13 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2012/04/25 15:46:58 | 000,000,000 | ---D | C] -- C:\Users\Maki Chiropractic\AppData\Local\{7912DAD2-39E4-4827-BC2F-825D4DF2C643}
[2012/04/24 23:30:05 | 000,000,000 | ---D | C] -- C:\Users\Maki Chiropractic\AppData\Local\{DC2C8BE3-975E-4F53-903E-A40F3BA83FD7}
[2012/04/24 22:50:09 | 000,000,000 | ---D | C] -- C:\Users\Maki Chiropractic\AppData\Local\{4618A4B4-7811-4716-8CF0-A205A52F36B6}
[2012/04/24 22:48:01 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\oldcatroot2
[2012/04/24 22:26:34 | 000,000,000 | ---D | C] -- C:\Users\Maki Chiropractic\AppData\Local\{9D08E79E-10D0-4167-9163-2416530D727C}
[2012/04/23 15:37:27 | 001,528,184 | ---- | C] (Microsoft Corporation) -- C:\Users\Maki Chiropractic\Desktop\GenuineCheck.exe
[2012/04/23 15:18:03 | 000,000,000 | ---D | C] -- C:\b02dbf52fab7e697b1
[2012/04/23 15:16:34 | 947,070,088 | ---- | C] (Microsoft Corporation) -- C:\Users\Maki Chiropractic\Desktop\windows6.1-KB976932-X64.exe
[2012/04/23 15:16:34 | 000,000,000 | ---D | C] -- C:\Users\Maki Chiropractic\AppData\Local\{D35E891C-A0EE-41E2-8059-706B5D817C9F}
[2012/04/20 18:37:26 | 000,000,000 | ---D | C] -- C:\Users\Maki Chiropractic\AppData\Local\{8BE83EC2-B6F2-4A20-8665-4C593472A69D}
[2012/04/20 18:16:36 | 000,290,304 | ---- | C] (Microsoft Corporation) -- C:\subinacl.exe
[2012/04/20 18:15:43 | 000,000,000 | ---D | C] -- C:\Reg_Backup
[2012/04/20 18:15:41 | 000,181,064 | ---- | C] (Sysinternals) -- C:\Windows\PSEXESVC.EXE
[2012/04/20 18:15:19 | 000,000,000 | ---D | C] -- C:\Tweaking.com_Windows_Repair_Logs
[2012/04/20 18:14:57 | 000,000,000 | ---D | C] -- C:\Users\Maki Chiropractic\Desktop\tweak
[2012/04/20 18:04:35 | 000,000,000 | ---D | C] -- C:\Users\Maki Chiropractic\AppData\Local\{4E54F8D6-5FD0-45C9-A53D-123E5F9A2336}
[2012/04/20 13:42:48 | 000,000,000 | ---D | C] -- C:\Users\Maki Chiropractic\AppData\Local\{BEFC6160-CD69-449C-A765-2B70CACA90FA}
[2012/04/20 13:41:49 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\CatRoot2_2012424224613
[2012/04/19 18:05:51 | 000,000,000 | ---D | C] -- C:\_OTL
[2012/04/18 13:00:17 | 000,000,000 | ---D | C] -- C:\Users\Maki Chiropractic\AppData\Local\{0AFEE6F6-C878-4A09-B9C2-0A28A6118D1A}
[2012/04/17 20:27:16 | 000,000,000 | ---D | C] -- C:\Users\Maki Chiropractic\AppData\Local\{815C8C83-73EB-48E5-8C45-DDF9EFC0F79C}
[2012/04/16 21:29:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Backup
[2012/04/09 18:06:50 | 000,000,000 | ---D | C] -- C:\FRST
[2012/04/02 10:22:44 | 000,000,000 | ---D | C] -- C:\ProgramData\HitmanPro
[2012/04/02 09:52:57 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2012/04/02 09:04:48 | 000,000,000 | ---D | C] -- C:\Users\Maki Chiropractic\AppData\Local\{06A3BA95-3114-4B21-B506-381054814463}
[2012/04/02 04:53:04 | 000,000,000 | ---D | C] -- C:\e0f64173c113f4fb89
[2012/04/01 10:47:28 | 000,000,000 | ---D | C] -- C:\Users\Maki Chiropractic\AppData\Local\{B0EA8FDA-699E-48B4-AEEA-6D6D43867EC2}
[1 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/04/30 15:17:25 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/04/30 09:20:12 | 000,595,456 | ---- | M] (OldTimer Tools) -- C:\Users\Maki Chiropractic\Desktop\OTL.exe
[2012/04/25 18:04:48 | 000,015,792 | ---- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/04/25 18:04:48 | 000,015,792 | ---- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/04/25 18:03:56 | 000,796,456 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/04/25 18:03:56 | 000,673,450 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/04/25 18:03:56 | 000,125,222 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/04/25 18:00:07 | 000,000,261 | ---- | M] () -- C:\Windows\Brownie.ini
[2012/04/25 17:58:36 | 334,979,071 | -HS- | M] () -- C:\hiberfil.sys
[2012/04/25 17:42:02 | 002,148,382 | ---- | M] () -- C:\Windows\SysNative\drivers\Cat.DB
[2012/04/25 16:50:56 | 000,293,832 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012/04/25 16:48:46 | 000,181,064 | ---- | M] (Sysinternals) -- C:\Windows\PSEXESVC.EXE
[2012/04/25 16:42:41 | 000,000,855 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2012/04/25 11:36:11 | 005,909,784 | ---- | M] () -- C:\Users\Maki Chiropractic\Desktop\Install_Win7_7053_03162012.zip
[2012/04/25 11:28:24 | 032,712,644 | ---- | M] (Macrovision Corporation) -- C:\Users\Maki Chiropractic\Desktop\IS_AP_STA_RT2860_D-3.2.7.0_VA-3.2.7.0_W7-3.2.7.0_RU-4.1.4.0_AU-4.1.2.0_112311_1.5.16.0WP_Free.exe
[2012/04/24 23:27:17 | 000,003,288 | ---- | M] () -- C:\bootsqm.dat
[2012/04/24 16:06:40 | 346,173,629 | ---- | M] () -- C:\Users\Maki Chiropractic\Desktop\Windows6.1-KB947821-v20-x64.msu
[2012/04/23 09:38:42 | 005,023,144 | ---- | M] () -- C:\Users\Maki Chiropractic\Desktop\Windows6.1-KB2454826-v2-x86.msu
[2012/04/23 09:36:33 | 001,528,184 | ---- | M] (Microsoft Corporation) -- C:\Users\Maki Chiropractic\Desktop\GenuineCheck.exe
[2012/04/23 09:10:16 | 947,070,088 | ---- | M] (Microsoft Corporation) -- C:\Users\Maki Chiropractic\Desktop\windows6.1-KB976932-X64.exe
[2012/04/20 18:31:46 | 000,796,392 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012/04/20 18:15:11 | 000,303,616 | ---- | M] ( ) -- C:\SetACL.exe
[2012/04/20 18:15:11 | 000,290,304 | ---- | M] (Microsoft Corporation) -- C:\subinacl.exe
[2012/04/20 07:37:28 | 000,673,280 | ---- | M] () -- C:\Users\Maki Chiropractic\Desktop\MicrosoftFixit50528.msi
[2012/04/19 21:36:35 | 000,001,171 | ---- | M] () -- C:\Users\Maki Chiropractic\Desktop\Microsoft Games - Shortcut.lnk
[2012/04/19 14:50:37 | 000,337,325 | ---- | M] () -- C:\Users\Maki Chiropractic\Desktop\FSS.exe
[1 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/04/25 17:40:38 | 005,909,784 | ---- | C] () -- C:\Users\Maki Chiropractic\Desktop\Install_Win7_7053_03162012.zip
[2012/04/24 23:27:17 | 000,003,288 | ---- | C] () -- C:\bootsqm.dat
[2012/04/24 22:07:29 | 346,173,629 | ---- | C] () -- C:\Users\Maki Chiropractic\Desktop\Windows6.1-KB947821-v20-x64.msu
[2012/04/23 15:40:43 | 005,023,144 | ---- | C] () -- C:\Users\Maki Chiropractic\Desktop\Windows6.1-KB2454826-v2-x86.msu
[2012/04/20 18:30:40 | 000,303,616 | ---- | C] ( ) -- C:\SetACL.exe
[2012/04/20 13:38:09 | 000,673,280 | ---- | C] () -- C:\Users\Maki Chiropractic\Desktop\MicrosoftFixit50528.msi
[2012/04/19 21:36:35 | 000,001,171 | ---- | C] () -- C:\Users\Maki Chiropractic\Desktop\Microsoft Games - Shortcut.lnk
[2012/04/19 20:51:12 | 000,337,325 | ---- | C] () -- C:\Users\Maki Chiropractic\Desktop\FSS.exe
[2012/03/30 13:36:51 | 000,767,952 | ---- | C] () -- C:\Windows\BDTSupport.dll
[2011/10/13 16:53:18 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\OpenVideo.dll
[2011/10/13 16:53:02 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\OVDecoder.dll
[2011/07/13 10:25:57 | 000,001,854 | ---- | C] () -- C:\Users\Maki Chiropractic\AppData\Roaming\GhostObjGAFix.xml
[2011/05/18 09:38:14 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2011/05/06 11:53:38 | 000,021,417 | ---- | C] () -- C:\Windows\UN091222.INI
[2011/05/06 11:53:35 | 000,013,535 | ---- | C] () -- C:\Windows\UN091114.INI
[2011/05/06 11:53:32 | 000,033,755 | ---- | C] () -- C:\Windows\UN091111.INI
[2011/05/06 11:53:30 | 000,013,076 | ---- | C] () -- C:\Windows\UN091201.INI
[2011/05/05 01:28:10 | 000,059,904 | ---- | C] () -- C:\Windows\SysWow64\OVDecode.dll
[2011/05/01 18:32:11 | 000,000,153 | ---- | C] () -- C:\Windows\BRVIDEO.INI
[2011/05/01 18:32:11 | 000,000,000 | ---- | C] () -- C:\Windows\brmx2001.ini
[2011/05/01 18:32:01 | 000,000,426 | ---- | C] () -- C:\Windows\BRWMARK.INI
[2011/05/01 18:31:57 | 000,031,267 | ---- | C] () -- C:\Windows\HL-5370DW.INI
[2011/05/01 18:31:55 | 000,045,056 | ---- | C] () -- C:\Windows\SysWow64\BRTCPCON.DLL
[2011/05/01 18:31:55 | 000,000,114 | ---- | C] () -- C:\Windows\SysWow64\BRLMW03A.INI
[2011/05/01 18:31:04 | 000,000,261 | ---- | C] () -- C:\Windows\Brownie.ini
[2011/05/01 17:41:44 | 000,073,220 | ---- | C] () -- C:\Windows\SysWow64\EPPICPrinterDB.dat
[2011/05/01 17:41:44 | 000,001,137 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_ES.dat
[2011/05/01 17:41:44 | 000,001,130 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_CF.dat
[2011/05/01 17:41:44 | 000,001,104 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_EN.dat
[2011/05/01 17:41:44 | 000,000,097 | ---- | C] () -- C:\Windows\SysWow64\PICSDK.ini
[2011/05/01 17:41:43 | 000,031,053 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern131.dat
[2011/05/01 17:41:43 | 000,029,114 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern1.dat
[2011/05/01 17:41:43 | 000,027,417 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern121.dat
[2011/05/01 17:41:43 | 000,021,021 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern3.dat
[2011/05/01 17:41:43 | 000,015,670 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern5.dat
[2011/05/01 17:41:43 | 000,013,280 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern2.dat
[2011/05/01 17:41:43 | 000,010,673 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern4.dat
[2011/05/01 17:41:43 | 000,004,943 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern6.dat
[2011/05/01 17:41:43 | 000,001,140 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_PT.dat
[2011/05/01 17:41:43 | 000,001,140 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_BP.dat
[2011/05/01 17:41:43 | 000,001,130 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_FR.dat
[2011/05/01 17:39:20 | 000,000,079 | ---- | C] () -- C:\Windows\EWF630.ini
[2011/02/20 13:53:36 | 000,000,090 | ---- | C] () -- C:\Windows\QBChanUtil_Trigger.ini
[2011/02/15 22:41:05 | 000,007,602 | ---- | C] () -- C:\Users\Maki Chiropractic\AppData\Local\Resmon.ResmonCfg
[2011/02/15 17:45:42 | 000,796,392 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011/02/01 02:20:10 | 000,002,110 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2011/02/01 01:37:41 | 000,014,119 | ---- | C] () -- C:\Windows\SysWow64\RaCoInst.dat

========== Alternate Data Streams ==========

@Alternate Data Stream - 154 bytes -> C:\ProgramData\Temp:DFC5A2B2
@Alternate Data Stream - 127 bytes -> C:\ProgramData\Temp:430C6D84

< End of report >




OTL Extras logfile created on: 4/30/2012 3:21:26 PM - Run 3
OTL by OldTimer - Version 3.2.42.2 Folder = C:\Users\Maki Chiropractic\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

5.75 Gb Total Physical Memory | 4.70 Gb Available Physical Memory | 81.70% Memory free
11.50 Gb Paging File | 9.72 Gb Available in Paging File | 84.56% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 918.50 Gb Total Space | 846.12 Gb Free Space | 92.12% Space Free | Partition Type: NTFS
Drive D: | 12.91 Gb Total Space | 1.58 Gb Free Space | 12.23% Space Free | Partition Type: NTFS
Drive F: | 55.89 Gb Total Space | 11.26 Gb Free Space | 20.14% Space Free | Partition Type: NTFS

Computer Name: FRONTDESK | User Name: Maki Chiropractic | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl[@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-612660174-3317846808-1130094984-1001\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\SysWow64\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\SysWow64\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0A576DAC-18EC-4DED-96C7-36FBFEF8E016}" = lport=1433 | protocol=6 | dir=in | name=eemrsql |
"{0B8C86A9-53D1-4B61-8524-48AA26D879D4}" = lport=445 | protocol=6 | dir=in | app=system |
"{11FB6D17-A091-4E56-9A7D-F5683ABDF7D7}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{14E1C19D-62D0-46E0-BD3A-28A1229E6E26}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{21241AF6-D35B-4E78-B56A-0EF724DB1F62}" = lport=139 | protocol=6 | dir=in | app=system |
"{21EBAF95-99DC-4156-B16B-28439AB59ACA}" = lport=2869 | protocol=6 | dir=in | app=system |
"{2896857C-95D7-4561-8183-662BE287BC4D}" = rport=139 | protocol=6 | dir=out | app=system |
"{34189657-2BE1-49BA-9669-FC92AAB7DD74}" = lport=138 | protocol=17 | dir=in | app=system |
"{34360760-7FC0-49D4-A631-1B32E97765ED}" = lport=137 | protocol=17 | dir=in | app=system |
"{4CE79DD5-3D2E-4C1A-AA58-78C0AA0A1C4D}" = lport=10243 | protocol=6 | dir=in | app=system |
"{53460B74-8455-4ABB-B79A-75F0505A9C53}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{577B9BDF-48C1-416A-9184-6835FB0EB562}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{5A55CDE8-B3E0-45E1-B5CE-2107312ABD08}" = rport=445 | protocol=6 | dir=out | app=system |
"{5B65FEA9-4CCC-47E2-8CC1-53606F561D6D}" = rport=138 | protocol=17 | dir=out | app=system |
"{5D463F6F-1C88-4398-AA2B-5C6F244ACA69}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{7C6482D3-F858-462C-8DAD-10F4615601C5}" = rport=10243 | protocol=6 | dir=out | app=system |
"{94C28E24-5A5E-42D8-889D-7CA8D4A5ACB3}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{AB1E1D6B-9468-44DC-B677-CE860BE8EDF3}" = lport=1433 | protocol=6 | dir=in | name=sql |
"{AD648A08-6EE9-4002-A1D5-F15D3E08750F}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | [email protected],-28539 |
"{B0F143EF-CF3D-46A3-BA79-60BE15768F81}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{B9C66E9B-D4CF-48DF-9E71-D82FA7152DEE}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{C11DEB10-C02A-4EF5-9238-753F0205F0C8}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{DB4DB950-8DC4-420C-91BE-B64F8C51F791}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{DD82E4A7-35A8-4641-93DE-6D05ADD4FC9A}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{E5A6AB43-AC11-4906-B461-2F72E08181B9}" = rport=137 | protocol=17 | dir=out | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0518060A-8F47-440C-8138-5B6D4E291F6E}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{0BCB8802-210D-4641-805D-2AF54718CE85}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{0DACB2A0-E3B5-41E0-B098-98DCDF3C99C6}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{1847F279-34B2-4062-9D0F-4C79F73232C0}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{1BA90309-CF49-429C-A9C5-5A29A1E62607}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\tsmagent.exe |
"{20CE7430-F12A-405C-80D9-AF23697CC201}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{2323F55F-961E-48B8-AF5F-448206BEB8BF}" = protocol=17 | dir=in | app=c:\program files (x86)\epsonnet\epsonnet setup\tool10\eneasyapp.exe |
"{25996455-C6A3-41A5-AEE7-C6ABE6F3BD2D}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\hptouchsmartphoto.exe |
"{2D9489B9-14E3-49AD-BE61-E1DBCDA20346}" = protocol=6 | dir=out | app=system |
"{2EF34CB2-3C4C-413A-962F-17D97C89942B}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{33735A58-F590-426A-9390-7513772E9C70}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgnsa.exe |
"{4063F9AF-CBA0-4C70-B144-889FFC494D59}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\hptouchsmartmusic.exe |
"{4F4ED215-3232-4075-AB0E-BEF5D3B1DE60}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{50677670-3E14-4CE1-93DB-0B1A3583EB4F}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgmfapx.exe |
"{5312226E-DE7C-4DD0-BD06-AF5CB7116D5B}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{561B4D05-19A8-41C1-A9E1-F91B02A1E0EC}" = protocol=58 | dir=in | [email protected],-28545 |
"{5CC08A69-5B79-474D-BB19-B4A815DDB8F5}" = dir=in | app=c:\program files (x86)\hewlett-packard\mediasmart\video\hpmediasmartvideo.exe |
"{624A7486-3666-4B19-A226-73D260FADA0F}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgemca.exe |
"{67805E0A-6AE4-48CC-9F0D-30F958E9F899}" = protocol=17 | dir=in | app=c:\program files (x86)\roxio\roxionow player\rnowshell.exe |
"{6988520C-007A-468C-9092-410FFFFFB411}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{6AC4E1C4-3CB9-4137-9757-F539BB566D6B}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{6FE5450B-5CC3-41A1-A7A8-71FBD1E961E8}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{79ABCC1B-4402-4CB5-A459-AE077288126D}" = protocol=6 | dir=in | app=c:\program files (x86)\hewlett-packard\mediasmart\roxionow\rnow.exe |
"{8703E3B3-7FC0-43D1-8747-66EBFDBDEF52}" = protocol=17 | dir=in | app=c:\program files (x86)\hewlett-packard\mediasmart\roxionow\rnow.exe |
"{916F8B5E-7C0C-4EDB-9D6F-4AE188A26631}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgdiagex.exe |
"{91B3D75C-0450-4FFC-A3C2-35FFE6D4D77B}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{931BCFB5-A79A-44B6-AF9C-3A6F2D14D477}" = protocol=6 | dir=in | app=c:\program files (x86)\epson software\event manager\eeventmanager.exe |
"{945870C2-6B48-4CB9-97BF-78662B278F3D}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgnsa.exe |
"{96B950A1-A50D-4A20-895D-5A0B4A40E1C4}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgemca.exe |
"{9957AF0A-6421-4375-ADBC-FAABA9F3A54F}" = protocol=6 | dir=in | app=c:\program files (x86)\roxio\roxionow player\rnowshell.exe |
"{A883D628-8FB3-49EB-B4B9-0692212B71A8}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\kernel\clml\clmlsvc.exe |
"{AED75FDE-953D-4C4B-9316-9D690C47BA8C}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{B28EA3C4-CF54-41D9-A19E-25DBC40064B7}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\hptouchsmartvideo.exe |
"{BB746E24-0E57-46C6-AB40-C909A3EC2974}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{BCA63A5A-EDC6-4312-BDFC-D2FDFD1C155F}" = dir=in | app=c:\program files (x86)\hewlett-packard\touchsmart\music\hptouchsmartmusic.exe |
"{D5D2DCCE-3BB9-4EA1-BC15-041D364C65F9}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{DA24C6F1-8E00-4D9F-927B-4D83EA29CAC8}" = protocol=1 | dir=out | [email protected],-28544 |
"{DDE05954-A0EB-44D0-BF97-5E2A4FC879B9}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgmfapx.exe |
"{E43BB240-1B4D-4110-A35D-18B178CD518C}" = dir=in | app=c:\program files (x86)\cyberlink\powerdirector\pdr8.exe |
"{E810830C-80FF-4CC3-A98C-8A605F83859C}" = protocol=17 | dir=in | app=c:\program files (x86)\epson software\event manager\eeventmanager.exe |
"{E86B5044-7A01-410E-9325-E19884427FDB}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgdiagex.exe |
"{E8A98CF4-B747-4ABC-8F97-85E9C1C6E51A}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{E8F4979B-2FE1-43AA-BAF0-00B2AEDCB10E}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{E9676883-E023-4CE1-A0B1-1D61D233C1A5}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{E9862EED-B170-4638-BB6F-C68A53C0F430}" = protocol=1 | dir=in | [email protected],-28543 |
"{EA82BC5F-114B-4DE9-9311-587E863AA178}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{EEA7C063-D38C-4105-9255-74BFC0DE1295}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{F1CFF05E-155E-4D2F-B61F-D441B67EE863}" = protocol=6 | dir=in | app=c:\program files (x86)\epsonnet\epsonnet setup\tool10\eneasyapp.exe |
"{F46F2E60-4956-44FE-98A1-99AC9279D731}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{F51F0103-9B2F-427A-A731-E2146DBF0E17}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{F92BDBBA-EEC2-4CFF-8E46-FAE039F4A6BB}" = protocol=58 | dir=out | [email protected],-28546 |
"{FB1A3EDD-BC8F-41CB-82ED-B231482B6D14}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\hpdvdsmart.exe |
"TCP Query User{0A895E63-CACD-4CF0-8B5E-32D05CA723E4}C:\program files (x86)\epson software\event manager\eeventmanager.exe" = protocol=6 | dir=in | app=c:\program files (x86)\epson software\event manager\eeventmanager.exe |
"TCP Query User{1340C3FC-F938-4171-AADB-4EF5ADD0CCBB}C:\program files (x86)\spotify\spotify.exe" = protocol=6 | dir=in | app=c:\program files (x86)\spotify\spotify.exe |
"TCP Query User{43447356-A812-4ADD-B6AC-B3947AF78FE8}C:\users\maki chiropractic\appdata\roaming\octoshape\octoshape streaming services\octoshapeclient.exe" = protocol=6 | dir=in | app=c:\users\maki chiropractic\appdata\roaming\octoshape\octoshape streaming services\octoshapeclient.exe |
"TCP Query User{E6334DC1-3F29-43E9-A66A-CA7F52D2FB25}C:\windows\system32\spool\drivers\x64\3\e_gupa30.exe" = protocol=6 | dir=in | app=c:\windows\system32\spool\drivers\x64\3\e_gupa30.exe |
"UDP Query User{19943B98-D08C-4DBC-A1F9-108BACCE1381}C:\windows\system32\spool\drivers\x64\3\e_gupa30.exe" = protocol=17 | dir=in | app=c:\windows\system32\spool\drivers\x64\3\e_gupa30.exe |
"UDP Query User{59BB7CE4-636D-411A-9748-04430E9C6E0F}C:\program files (x86)\epson software\event manager\eeventmanager.exe" = protocol=17 | dir=in | app=c:\program files (x86)\epson software\event manager\eeventmanager.exe |
"UDP Query User{70BD1F33-D229-413E-990F-234F92E28836}C:\users\maki chiropractic\appdata\roaming\octoshape\octoshape streaming services\octoshapeclient.exe" = protocol=17 | dir=in | app=c:\users\maki chiropractic\appdata\roaming\octoshape\octoshape streaming services\octoshapeclient.exe |
"UDP Query User{C2E64C14-DBB7-4C62-84A7-6FDEAF4ACD56}C:\program files (x86)\spotify\spotify.exe" = protocol=17 | dir=in | app=c:\program files (x86)\spotify\spotify.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{05BFB060-4F22-4710-B0A2-2801A1B606C5}" = Microsoft Antimalware
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{07EEE598-5F21-4B57-B40B-46592625B3D9}" = Zune Language Pack (PTB)
"{180C8888-50F1-426B-A9DC-AB83A1989C65}" = Windows Live Language Selector
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{1D33EC42-4787-56CD-8137-95D8418FFEE8}" = AMD Problem Report Wizard
"{217428D1-0614-4CF0-2A11-D7D56BB8CCDE}" = AMD Fuel
"{2856A1C2-70C5-4EC3-AFF7-E5B51E5530A2}" = HP Client Services
"{2A9DFFD8-4E09-4B91-B957-454805B0D7C4}" = Zune Language Pack (CHS)
"{3589A659-F732-4E65-A89A-5438C332E59D}" = Zune Language Pack (ELL)
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{51C839E1-2BE4-4E77-A1BA-CCEA5DAFA741}" = Zune Language Pack (KOR)
"{57C51D56-B287-4C11-9192-EC3C46EF76A4}" = Zune Language Pack (RUS)
"{5C93E291-A1CC-4E51-85C6-E194209FCDB4}" = Zune Language Pack (PTG)
"{5DEFD397-4012-46C3-B6DA-E8013E660772}" = Zune Language Pack (NOR)
"{5DF57DB1-D971-3DA3-B4BB-F6FC7D73A997}" = AMD Drag and Drop Transcoding
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6740BCB0-5863-47F4-80F4-44F394DE4FE2}" = Zune Language Pack (NLD)
"{6B33492E-FBBC-4EC3-8738-09E16E395A10}" = Zune Language Pack (ESP)
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{6EB931CD-A7DA-4A44-B74A-89C8EB50086F}" = Zune Language Pack (SVE)
"{6F483F38-6162-7606-1D0B-054852C8E011}" = AMD Catalyst Install Manager
"{76BA306B-2AA0-47C0-AB6B-F313AB56C136}" = Zune Language Pack (MSL)
"{7BB73073-D580-213A-E05E-7B5714364F66}" = ccc-utility64
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
"{8960A0A1-BB5A-479E-92CF-65AB9D684B43}" = Zune Language Pack (PLK)
"{8B112338-2B08-4851-AF84-E7CAD74CEB32}" = Zune Language Pack (DAN)
"{90140000-006D-0409-1000-0000000FF1CE}" = Microsoft Office Click-to-Run 2010
"{92ECE3F9-591E-4C12-8A62-B9FCE38BF646}" = Zune Language Pack (IND)
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9ACF3FDB-C8E6-444C-8C64-13A221F7BFFD}" = Microsoft SQL Server Native Client
"{9B75648B-6C30-4A0D-9DE6-0D09D20AF5A5}" = Zune
"{9C98CA38-4C1A-4AC8-B55C-169497C8826B}" = Apple Mobile Device Support
"{9CD0F7D3-B67F-4BF8-8784-D73AD229FF1E}" = iTunes
"{A40F60B1-F1E1-452E-96A5-FF97F9A2D102}" = HP MediaSmart SmartMenu
"{A5A53EA8-A11E-49F0-BDF5-AE536426A31A}" = Zune Language Pack (CHT)
"{A8F2E50B-86E2-4D96-9BD2-9758BCC6F9B3}" = Zune Language Pack (CSY)
"{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}" = Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B4870774-5F3A-46D9-9DFE-06FB5599E26B}" = Zune Language Pack (FIN)
"{B636C9B9-A3F2-4DCE-ADCC-72E095018385}" = Microsoft SQL Server VSS Writer
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}" = PlayReady PC Runtime amd64
"{BE236D9A-52EC-4A17-82DA-84B5EAD31E3E}" = Zune Language Pack (DEU)
"{C5D37FFA-7483-410B-982B-91E93FD3B7DA}" = Zune Language Pack (ITA)
"{C68D33B1-0204-4EBE-BC45-A6E432B1D13A}" = Zune Language Pack (FRA)
"{C6BE19C6-B102-4038-B2A6-1C313872DBB4}" = Zune Language Pack (HUN)
"{CC4D56B7-6F18-470B-8734-ABCD75BCF4F1}" = HP Auto
"{D79A02E9-6713-4335-9668-AAC7474C0C0E}" = HP Vision Hardware Diagnostics
"{D8A781C9-3892-4E2E-9320-480CF896CFBB}" = Zune Language Pack (JPN)
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
"{F2CB8C3C-9C9E-4FAB-9067-655601C5F748}" = Windows Mobile Device Updater Component
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{F757A09E-71FB-B75D-20B1-B3E27CD8DEA1}" = WMV9/VC-1 Video Playback
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin 64-bit
"CCleaner" = CCleaner
"EPSON WorkForce 630 Series" = EPSON WorkForce 630 Series Printer Uninstall
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft Security Client" = Microsoft Security Essentials
"Zune" = Zune

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{03B8AA32-F23C-4178-B8E6-09ECD07EAA47}" = Epson Event Manager
"{07FA4960-B038-49EB-891B-9F95930AA544}" = HP Customer Experience Enhancements
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0CBE6C93-CB2E-4378-91EE-12BE6D4E2E4A}" = Epson FAX Utility
"{0EDEB615-1A60-425E-8306-0E10519C7B55}" = RoxioNow Player
"{0FBFA28A-C373-53BD-C553-58D6F6553D92}" = CCC Help Hungarian
"{11E0AC7D-6822-4F67-865F-EE1C13D28C38}" = QuickBooks Pro 2011
"{11E875AA-DF42-811E-96D9-5054A5A474B5}" = CCC Help English
"{120262A6-7A4B-4889-AE85-F5E5688D3683}" = HP MovieStore
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1CAC7A41-583B-4483-9FA5-3E5465AFF8C2}" = Microsoft Default Manager
"{1D70AABC-CB59-4700-A708-EA56D1CA07B0}" = QuickBooks
"{1E4062A9-EC7A-A6E9-348E-58B30D6EEADA}" = CCC Help Spanish
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite Deluxe
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java™ 6 Update 31
"{2A3FC24C-6EC0-4519-A52B-FDA4EA9B2D24}" = Windows Live Messenger
"{2AFFFDD7-ED85-4A90-8C52-5DA9EBDC9B8F}" = Microsoft SQL Server 2005 Express Edition (EEMRSQL)
"{2EA3D6B2-157E-4112-A3AB-BF17E16661C3}" = HP MediaSmart/TouchSmart Netflix
"{3023EBDA-BF1B-4831-B347-E5018555F26E}" = Movie Theme Pack for HP MediaSmart Video
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{3E31400D-274E-4647-916C-2CACC3741799}" = EpsonNet Print
"{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}" = Norton Online Backup
"{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}" = Recovery Manager
"{46C045BF-2B3F-4BC4-8E4C-00E0CF8BD9DB}" = Adobe AIR
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4F01D33E-6FDF-2A63-8AD9-CBDC4735E80D}" = CCC Help Danish
"{50BFCE80-042B-E53F-05EF-ACA0CC16A0DF}" = Catalyst Control Center Graphics Previews Common
"{53469506-A37E-4314-A9D9-38724EC23A75}" = HP Setup
"{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}" = Microsoft SQL Server Setup Support Files (English)
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{5932BF1B-BD27-D808-7D5C-B9C0CD9063B3}" = AMD VISION Engine Control Center
"{597D764C-00A1-B174-33C2-93C9A4E73E21}" = CCC Help Russian
"{59BF122E-4B7D-C1E7-EED3-8DF7E4DAD238}" = Catalyst Control Center Localization All
"{5A67D2EA-FB70-4033-A6F3-606AD85B2015}_is1" = Driver Sweeper version 3.0.0
"{61EDBE71-5D3E-4AB7-AD95-E53FEAF68C17}" = Bing Rewards Client Installer
"{6446F083-76CD-553B-8261-0E1297A7214C}" = CCC Help Finnish
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{68A35043-C55A-4237-88C9-37EE1C63ED71}" = Microsoft Visual J# 2.0 Redistributable Package
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6C4AD4F5-8560-4F1E-BC0C-7A883B695F6E}" = CCC Help Swedish
"{6E594B4E-D394-BDEE-E9FF-4E6EBC30FB3A}" = CCC Help Greek
"{6F340107-F9AA-47C6-B54C-C3A19F11553F}" = Hewlett-Packard ACLM.NET v1.1.2.0
"{6F44AF95-3CDE-4513-AD3F-6D45F17BF324}" = HP Support Assistant
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{722D6A37-C815-1945-1EE8-091348F3D388}" = CCC Help Chinese Standard
"{768A7F56-650B-F84F-DF95-EB1926AB5A8F}" = CCC Help Portuguese
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{77F8A71E-3515-4832-B8B2-2F1EDBD2E0F1}" = Bing Bar
"{7BE15435-2D3E-4B58-867F-9C75BED0208C}" = QuickTime
"{7C05EEDD-E565-4E2B-ADE4-0C784C17311C}" = Crystal Reports for .NET Framework 2.0 (x86)
"{7F2A11F4-EAE8-4325-83EC-E3E99F85169E}" = HP Support Information
"{82159924-85AB-EF31-6A3B-862897A4CD20}" = Catalyst Control Center InstallProxy
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A368DA6-3814-A344-BB1E-C8EB69B865B6}" = CCC Help Chinese Traditional
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}" = Ralink RT2860 Wireless LAN Card
"{9008D736-35CA-40DB-A2BE-5F32D954E5AA}" = HP MovieStore
"{90140011-0066-0409-0000-0000000FF1CE}" = Microsoft Office Starter 2010 - English
"{90BA5BAB-4108-5CC7-8421-00EEAD6D51DF}" = CCC Help Czech
"{91E8293B-C357-D092-8CCB-E19DA083D86C}" = CCC Help Turkish
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{95140000-00AF-0409-0000-0000000FF1CE}" = Microsoft PowerPoint Viewer
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9AFB8FAD-3643-4B14-B52B-2128BC3C8722}" = SOAPe Platinum Plus
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9D7E098D-5693-D2F9-BBE5-4F5A56032FB4}" = CCC Help Thai
"{A1024DDA-A5C4-4669-8ED2-5ADBD6EC3E9E}" = SOAPe Platinum Plus
"{A1BBB15D-7A76-A03F-1593-8237E0BC0F63}" = CCC Help French
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A83279FD-CA4B-4206-9535-90974DE76654}" = Apple Application Support
"{A89768CF-CD21-44FD-A723-16D5A8557415}" = NEF Codec
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.2)
"{ACA45C32-8432-2058-BE80-006E7908D804}" = CCC Help Italian
"{B199030E-1082-F3BF-2BB9-0080D72876BD}" = CCC Help Dutch
"{B7B3C4FA-98FE-FEC7-073E-00677B8F0978}" = CCC Help Norwegian
"{B8AC1A89-FFD1-4F97-8051-E505A160F562}" = HP Odometer
"{C2476079-3DCC-4AA8-8941-00CE80918794}" = Brother HL-5370DW
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"{C6579A65-9CAE-4B31-8B6B-3306E0630A66}" = Apple Software Update
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{C9D8A041-2963-4B31-8FFC-1500F3DB9293}" = EpsonNet Setup 3.3
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}" = PlayReady PC Runtime x86
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{CFE58B1C-5923-4658-8073-D46850B674DA}" = MagTek USBMSR Demo
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D12E3E7F-1B13-4933-A915-16C7DD37A095}" = HP MediaSmart Video
"{D36DD326-7280-11D8-97C8-000129760CBE}" = PhotoNow!
"{D42498FB-9561-9575-C2AC-766F737F4ACF}" = CCC Help Japanese
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DE159A8E-3D90-4E91-8906-D078CCAE4DED}" = Catalyst Control Center - Branding
"{DE77FE3F-A33D-499A-87AD-5FC406617B40}" = HP Update
"{DE89F007-B75E-368D-47D2-ADE9AF616261}" = HydraVision
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{E7520EEC-A7D3-4487-87B0-22B77BBEA7F1}" = E7520EEC-A7D3-4487-87B0-22B77BBEA7F1
"{EE7DF38A-750E-FF7E-44FB-6335009442CB}" = CCC Help Polish
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F62C60A3-2E8A-8108-2F87-5CDD5A4E3162}" = CCC Help Korean
"{FB4BB287-37F9-4E27-9C4D-2D3882E08EFF}" = DVD Menu Pack for HP MediaSmart Video
"{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}" = Visual Studio 2008 x64 Redistributables
"{FD7F0DB8-0E96-4D64-AD4D-9B5A936AF2A8}" = LightScribe System Software
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"{FFCF34B9-A0B1-2E2B-7D7E-8FAB4A781CC9}" = CCC Help German
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Browser Defender_is1" = Browser Defender 4.0
"Coupon Printer for Windows5.0.0.1" = Coupon Printer for Windows
"EPSON PC-FAX Driver 2" = Epson PC-FAX Driver
"EPSON Scanner" = EPSON Scan
"InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite Deluxe
"InstallShield_{3023EBDA-BF1B-4831-B347-E5018555F26E}" = Movie Theme Pack for HP MediaSmart Video
"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"InstallShield_{CFE58B1C-5923-4658-8073-D46850B674DA}" = MagTek USBMSR Demo
"InstallShield_{D12E3E7F-1B13-4933-A915-16C7DD37A095}" = HP MediaSmart Video
"InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}" = PhotoNow!
"InstallShield_{FB4BB287-37F9-4E27-9C4D-2D3882E08EFF}" = DVD Menu Pack for HP MediaSmart Video
"Magic DVD Ripper_is1" = Magic DVD Ripper V5.5.2
"Microsoft SQL Server 2005" = Microsoft SQL Server 2005
"Microsoft Visual J# 2.0 Redistributable Package" = Microsoft Visual J# 2.0 Redistributable Package
"Mozilla Firefox 11.0 (x86 en-US)" = Mozilla Firefox 11.0 (x86 en-US)
"Mozilla Thunderbird 11.0.1 (x86 en-US)" = Mozilla Thunderbird 11.0.1 (x86 en-US)
"Mplayer" = Mplayer 0.6.9
"My HP Game Console" = HP Game Console
"Office14.Click2Run" = Microsoft Office Click-to-Run 2010
"PDF Complete" = PDF Complete Special Edition
"Spotify" = Spotify
"Spyware Doctor" = PC Tools Spyware Doctor 9.0
"UN091111" = BUFFALO TurboPC for FLASH/HDD
"UN091114" = BUFFALO TurboCopy
"UN091201" = BUFFALO BuffaloTools Launcher
"UN091222" = BUFFALO Backup Utility
"WildTangent hp Master Uninstall" = HP Games
"WinLiveSuite" = Windows Live Essentials
"WT087328" = Blackhawk Striker 2
"WT087330" = Bounce Symphony
"WT087335" = Build-a-lot 2
"WT087343" = Dora's World Adventure
"WT087360" = Escape Rosecliff Island
"WT087361" = FATE
"WT087362" = Final Drive Nitro
"WT087372" = Heroes of Hellas 2 - Olympia
"WT087379" = Jewel Quest Solitaire 2
"WT087394" = Penguins!
"WT087395" = Poker Superstars III
"WT087396" = Polar Bowler
"WT087397" = Polar Golfer
"WT087414" = Virtual Families
"WT087415" = Wheel of Fortune 2
"WT087428" = Bejeweled 2 Deluxe
"WT087453" = Chuzzle Deluxe
"WT087501" = Plants vs. Zombies
"WT087533" = Zuma Deluxe
"WT087536" = Diner Dash 2 Restaurant Rescue
"WT089299" = Mystery P.I. - The London Caper
"WT089307" = Virtual Villagers 4 - The Tree of Life
"WT089308" = Blasterball 3
"WT089328" = Farm Frenzy
"WT089359" = Cake Mania
"WT089362" = Agatha Christie - Peril at End House

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-612660174-3317846808-1130094984-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{226b64e8-dc75-4eea-a6c8-abcb496320f2}-Google Talk" = Google Talk (remove only)
"Google Chrome" = Google Chrome
"HuluDesktop" = Hulu Desktop
"Octoshape Streaming Services" = Octoshape Streaming Services
"sc12-CH_SF" = Ski Challenge 12 (SRF)

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 4/30/2012 4:23:12 PM | Computer Name = FrontDesk | Source = Enterprise Library Logging | ID = 6352
Description = Timestamp: 4/30/2012 8:23:12 PM Message: There is no explicit mapping
for the categories 'Application'. The log entry was: Timestamp: 4/30/2012 8:23:12
PM Message: Error Type: ERR_RETRIEVING_DATA Entity Information: Get Session Info:
Object reference not set to an instance of an object. Category: Application Priority:
-1 EventId: 0 Severity: Information Title: Machine: FRONTDESK App Domain: EinsteinEMRServerSetupSupport.exe
ProcessId:
2104 Process Name: C:\SOAPe Platinum Plus\EinsteinEMRServerSetupSupport.exe Thread
Name: Win32 ThreadId:4500 Extended Properties: Category: Priority: -1 EventId: 6352
Severity:
Error Title: Machine: FRONTDESK Application Domain: EinsteinEMRServerSetupSupport.exe
Process Id: 2104 Process Name: C:\SOAPe Platinum Plus\EinsteinEMRServerSetupSupport.exe
Win32
Thread Id: 4500 Thread Name: Extended Properties:

Error - 4/30/2012 4:23:13 PM | Computer Name = FrontDesk | Source = Enterprise Library Logging | ID = 6352
Description = Timestamp: 4/30/2012 8:23:13 PM Message: There is no explicit mapping
for the categories 'Application'. The log entry was: Timestamp: 4/30/2012 8:23:13
PM Message: Error Type: ERR_RETRIEVING_DATA Entity Information: Get Session Info:
Object reference not set to an instance of an object. Category: Application Priority:
-1 EventId: 0 Severity: Information Title: Machine: FRONTDESK App Domain: EinsteinEMRServerSetupSupport.exe
ProcessId:
2104 Process Name: C:\SOAPe Platinum Plus\EinsteinEMRServerSetupSupport.exe Thread
Name: Win32 ThreadId:4692 Extended Properties: Category: Priority: -1 EventId: 6352
Severity:
Error Title: Machine: FRONTDESK Application Domain: EinsteinEMRServerSetupSupport.exe
Process Id: 2104 Process Name: C:\SOAPe Platinum Plus\EinsteinEMRServerSetupSupport.exe
Win32
Thread Id: 4692 Thread Name: Extended Properties:

Error - 4/30/2012 4:23:14 PM | Computer Name = FrontDesk | Source = Enterprise Library Logging | ID = 6352
Description = Timestamp: 4/30/2012 8:23:14 PM Message: There is no explicit mapping
for the categories 'Application'. The log entry was: Timestamp: 4/30/2012 8:23:14
PM Message: Error Type: ERR_RETRIEVING_DATA Entity Information: Get Session Info:
Object reference not set to an instance of an object. Category: Application Priority:
-1 EventId: 0 Severity: Information Title: Machine: FRONTDESK App Domain: EinsteinEMRServerSetupSupport.exe
ProcessId:
2104 Process Name: C:\SOAPe Platinum Plus\EinsteinEMRServerSetupSupport.exe Thread
Name: Win32 ThreadId:4500 Extended Properties: Category: Priority: -1 EventId: 6352
Severity:
Error Title: Machine: FRONTDESK Application Domain: EinsteinEMRServerSetupSupport.exe
Process Id: 2104 Process Name: C:\SOAPe Platinum Plus\EinsteinEMRServerSetupSupport.exe
Win32
Thread Id: 4500 Thread Name: Extended Properties:

Error - 4/30/2012 4:23:15 PM | Computer Name = FrontDesk | Source = Enterprise Library Logging | ID = 6352
Description = Timestamp: 4/30/2012 8:23:15 PM Message: There is no explicit mapping
for the categories 'Application'. The log entry was: Timestamp: 4/30/2012 8:23:15
PM Message: Error Type: ERR_RETRIEVING_DATA Entity Information: Get Session Info:
Object reference not set to an instance of an object. Category: Application Priority:
-1 EventId: 0 Severity: Information Title: Machine: FRONTDESK App Domain: EinsteinEMRServerSetupSupport.exe
ProcessId:
2104 Process Name: C:\SOAPe Platinum Plus\EinsteinEMRServerSetupSupport.exe Thread
Name: Win32 ThreadId:1136 Extended Properties: Category: Priority: -1 EventId: 6352
Severity:
Error Title: Machine: FRONTDESK Application Domain: EinsteinEMRServerSetupSupport.exe
Process Id: 2104 Process Name: C:\SOAPe Platinum Plus\EinsteinEMRServerSetupSupport.exe
Win32
Thread Id: 1136 Thread Name: Extended Properties:

Error - 4/30/2012 4:23:16 PM | Computer Name = FrontDesk | Source = Enterprise Library Logging | ID = 6352
Description = Timestamp: 4/30/2012 8:23:16 PM Message: There is no explicit mapping
for the categories 'Application'. The log entry was: Timestamp: 4/30/2012 8:23:16
PM Message: Error Type: ERR_RETRIEVING_DATA Entity Information: Get Session Info:
Object reference not set to an instance of an object. Category: Application Priority:
-1 EventId: 0 Severity: Information Title: Machine: FRONTDESK App Domain: EinsteinEMRServerSetupSupport.exe
ProcessId:
2104 Process Name: C:\SOAPe Platinum Plus\EinsteinEMRServerSetupSupport.exe Thread
Name: Win32 ThreadId:1136 Extended Properties: Category: Priority: -1 EventId: 6352
Severity:
Error Title: Machine: FRONTDESK Application Domain: EinsteinEMRServerSetupSupport.exe
Process Id: 2104 Process Name: C:\SOAPe Platinum Plus\EinsteinEMRServerSetupSupport.exe
Win32
Thread Id: 1136 Thread Name: Extended Properties:

Error - 4/30/2012 4:23:17 PM | Computer Name = FrontDesk | Source = Enterprise Library Logging | ID = 6352
Description = Timestamp: 4/30/2012 8:23:17 PM Message: There is no explicit mapping
for the categories 'Application'. The log entry was: Timestamp: 4/30/2012 8:23:17
PM Message: Error Type: ERR_RETRIEVING_DATA Entity Information: Get Session Info:
Object reference not set to an instance of an object. Category: Application Priority:
-1 EventId: 0 Severity: Information Title: Machine: FRONTDESK App Domain: EinsteinEMRServerSetupSupport.exe
ProcessId:
2104 Process Name: C:\SOAPe Platinum Plus\EinsteinEMRServerSetupSupport.exe Thread
Name: Win32 ThreadId:1136 Extended Properties: Category: Priority: -1 EventId: 6352
Severity:
Error Title: Machine: FRONTDESK Application Domain: EinsteinEMRServerSetupSupport.exe
Process Id: 2104 Process Name: C:\SOAPe Platinum Plus\EinsteinEMRServerSetupSupport.exe
Win32
Thread Id: 1136 Thread Name: Extended Properties:

Error - 4/30/2012 4:23:18 PM | Computer Name = FrontDesk | Source = Enterprise Library Logging | ID = 6352
Description = Timestamp: 4/30/2012 8:23:18 PM Message: There is no explicit mapping
for the categories 'Application'. The log entry was: Timestamp: 4/30/2012 8:23:18
PM Message: Error Type: ERR_RETRIEVING_DATA Entity Information: Get Session Info:
Object reference not set to an instance of an object. Category: Application Priority:
-1 EventId: 0 Severity: Information Title: Machine: FRONTDESK App Domain: EinsteinEMRServerSetupSupport.exe
ProcessId:
2104 Process Name: C:\SOAPe Platinum Plus\EinsteinEMRServerSetupSupport.exe Thread
Name: Win32 ThreadId:4692 Extended Properties: Category: Priority: -1 EventId: 6352
Severity:
Error Title: Machine: FRONTDESK Application Domain: EinsteinEMRServerSetupSupport.exe
Process Id: 2104 Process Name: C:\SOAPe Platinum Plus\EinsteinEMRServerSetupSupport.exe
Win32
Thread Id: 4692 Thread Name: Extended Properties:

Error - 4/30/2012 4:23:20 PM | Computer Name = FrontDesk | Source = Enterprise Library Logging | ID = 6352
Description = Timestamp: 4/30/2012 8:23:20 PM Message: There is no explicit mapping
for the categories 'Application'. The log entry was: Timestamp: 4/30/2012 8:23:20
PM Message: Error Type: ERR_RETRIEVING_DATA Entity Information: Get Session Info:
Object reference not set to an instance of an object. Category: Application Priority:
-1 EventId: 0 Severity: Information Title: Machine: FRONTDESK App Domain: EinsteinEMRServerSetupSupport.exe
ProcessId:
2104 Process Name: C:\SOAPe Platinum Plus\EinsteinEMRServerSetupSupport.exe Thread
Name: Win32 ThreadId:4500 Extended Properties: Category: Priority: -1 EventId: 6352
Severity:
Error Title: Machine: FRONTDESK Application Domain: EinsteinEMRServerSetupSupport.exe
Process Id: 2104 Process Name: C:\SOAPe Platinum Plus\EinsteinEMRServerSetupSupport.exe
Win32
Thread Id: 4500 Thread Name: Extended Properties:

Error - 4/30/2012 4:23:21 PM | Computer Name = FrontDesk | Source = Enterprise Library Logging | ID = 6352
Description = Timestamp: 4/30/2012 8:23:21 PM Message: There is no explicit mapping
for the categories 'Application'. The log entry was: Timestamp: 4/30/2012 8:23:21
PM Message: Error Type: ERR_RETRIEVING_DATA Entity Information: Get Session Info:
Object reference not set to an instance of an object. Category: Application Priority:
-1 EventId: 0 Severity: Information Title: Machine: FRONTDESK App Domain: EinsteinEMRServerSetupSupport.exe
ProcessId:
2104 Process Name: C:\SOAPe Platinum Plus\EinsteinEMRServerSetupSupport.exe Thread
Name: Win32 ThreadId:4500 Extended Properties: Category: Priority: -1 EventId: 6352
Severity:
Error Title: Machine: FRONTDESK Application Domain: EinsteinEMRServerSetupSupport.exe
Process Id: 2104 Process Name: C:\SOAPe Platinum Plus\EinsteinEMRServerSetupSupport.exe
Win32
Thread Id: 4500 Thread Name: Extended Properties:

Error - 4/30/2012 4:23:22 PM | Computer Name = FrontDesk | Source = Enterprise Library Logging | ID = 6352
Description = Timestamp: 4/30/2012 8:23:22 PM Message: There is no explicit mapping
for the categories 'Application'. The log entry was: Timestamp: 4/30/2012 8:23:22
PM Message: Error Type: ERR_RETRIEVING_DATA Entity Information: Get Session Info:
Object reference not set to an instance of an object. Category: Application Priority:
-1 EventId: 0 Severity: Information Title: Machine: FRONTDESK App Domain: EinsteinEMRServerSetupSupport.exe
ProcessId:
2104 Process Name: C:\SOAPe Platinum Plus\EinsteinEMRServerSetupSupport.exe Thread
Name: Win32 ThreadId:4692 Extended Properties: Category: Priority: -1 EventId: 6352
Severity:
Error Title: Machine: FRONTDESK Application Domain: EinsteinEMRServerSetupSupport.exe
Process Id: 2104 Process Name: C:\SOAPe Platinum Plus\EinsteinEMRServerSetupSupport.exe
Win32
Thread Id: 4692 Thread Name: Extended Properties:

[ Hewlett-Packard Events ]
Error - 3/5/2011 3:13:39 PM | Computer Name = FrontDesk | Source = Hewlett-Packard | ID = 0
Description = AAProcessExited() C:\ProgramData\Hewlett-Packard\HP Support Framework\Telemetry\031105011333.xml
File not created by asset agent

Error - 7/13/2011 11:25:57 AM | Computer Name = FrontDesk | Source = Hewlett-Packard | ID = 0
Description = AAProcessExited() C:\ProgramData\Hewlett-Packard\HP Support Framework\Telemetry\071113102554.xml
File not created by asset agent

Error - 7/20/2011 11:18:57 AM | Computer Name = FrontDesk | Source = Hewlett-Packard | ID = 0
Description = AAProcessExited() C:\ProgramData\Hewlett-Packard\HP Support Framework\Telemetry\071120101855.xml
File not created by asset agent

Error - 8/17/2011 11:52:45 AM | Computer Name = FrontDesk | Source = Hewlett-Packard | ID = 0
Description = AAProcessExited() C:\ProgramData\Hewlett-Packard\HP Support Framework\Telemetry\081117105242.xml
File not created by asset agent

Error - 8/24/2011 11:29:21 AM | Computer Name = FrontDesk | Source = Hewlett-Packard | ID = 0
Description = AAProcessExited() C:\ProgramData\Hewlett-Packard\HP Support Framework\Telemetry\081124102919.xml
File not created by asset agent

Error - 9/7/2011 11:35:28 AM | Computer Name = FrontDesk | Source = Hewlett-Packard | ID = 0
Description = AAProcessExited() C:\ProgramData\Hewlett-Packard\HP Support Framework\Telemetry\091107103525.xml
File not created by asset agent

Error - 2/13/2012 11:00:14 AM | Computer Name = FrontDesk | Source = HPSFMsgr.exe | ID = 4000
Description = HP Error ID: -2147221164 at System.RuntimeTypeHandle.CreateInstance(RuntimeType
type, Boolean publicOnly, Boolean noCheck, Boolean& canBeCached, RuntimeMethodHandle&
ctor, Boolean& bNeedSecurityCheck) at System.RuntimeType.CreateInstanceSlow(Boolean
publicOnly, Boolean fillCache) at System.RuntimeType.CreateInstanceImpl(Boolean
publicOnly, Boolean skipVisibilityChecks, Boolean fillCache) at System.Activator.CreateInstance(Type
type, Boolean nonPublic) at HPSA_Messenger.MessengerCom.TrayDeskBand.isTaskbarDisplayed()
StackTrace:
at System.RuntimeTypeHandle.CreateInstance(RuntimeType type, Boolean publicOnly,
Boolean noCheck, Boolean& canBeCached, RuntimeMethodHandle& ctor, Boolean& bNeedSecurityCheck)

at System.RuntimeType.CreateInstanceSlow(Boolean publicOnly, Boolean fillCache)

at System.RuntimeType.CreateInstanceImpl(Boolean publicOnly, Boolean skipVisibilityChecks,
Boolean fillCache) at System.Activator.CreateInstance(Type type, Boolean nonPublic)

at HPSA_Messenger.MessengerCom.TrayDeskBand.isTaskbarDisplayed() Source: mscorlib

Name:
HPSFMsgr.exe Version: 01.00.00.00 Path: C:\Program Files (x86)\Hewlett-Packard\HP
Support Framework\Resources\HPSFMessenger\HPSFMsgr.exe Format: en-US RAM: 5887 Ram
Utilization: 20 TargetSite: System.Object CreateInstance(System.RuntimeType, Boolean,
Boolean, Boolean ByRef, System.RuntimeMethodHandle ByRef, Boolean ByRef)

[ System Events ]
Error - 4/30/2012 4:17:34 PM | Computer Name = FrontDesk | Source = Service Control Manager | ID = 7023
Description = The IPsec Policy Agent service terminated with the following error:
%%10050

Error - 4/30/2012 4:17:37 PM | Computer Name = FrontDesk | Source = Service Control Manager | ID = 7023
Description = The IPsec Policy Agent service terminated with the following error:
%%10050

Error - 4/30/2012 4:17:38 PM | Computer Name = FrontDesk | Source = Service Control Manager | ID = 7023
Description = The IPsec Policy Agent service terminated with the following error:
%%10050

Error - 4/30/2012 4:17:54 PM | Computer Name = FrontDesk | Source = DCOM | ID = 10010
Description =

Error - 4/30/2012 4:17:54 PM | Computer Name = FrontDesk | Source = Microsoft-Windows-Bits-Client | ID = 16392
Description = The BITS service failed to start. Error 2147952450.

Error - 4/30/2012 4:17:54 PM | Computer Name = FrontDesk | Source = Service Control Manager | ID = 7024
Description = The Background Intelligent Transfer Service service terminated with
service-specific error %%-2147014846.

Error - 4/30/2012 4:18:24 PM | Computer Name = FrontDesk | Source = Microsoft-Windows-Bits-Client | ID = 16392
Description = The BITS service failed to start. Error 2147952450.

Error - 4/30/2012 4:18:24 PM | Computer Name = FrontDesk | Source = Service Control Manager | ID = 7024
Description = The Background Intelligent Transfer Service service terminated with
service-specific error %%-2147014846.

Error - 4/30/2012 4:18:54 PM | Computer Name = FrontDesk | Source = Microsoft-Windows-Bits-Client | ID = 16392
Description = The BITS service failed to start. Error 2147952450.

Error - 4/30/2012 4:18:54 PM | Computer Name = FrontDesk | Source = Service Control Manager | ID = 7024
Description = The Background Intelligent Transfer Service service terminated with
service-specific error %%-2147014846.


< End of report >
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP