Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Blue Screen (BAD_POOL_CALLER)


  • Please log in to reply

#1
DanBeats21

DanBeats21

    New Member

  • Member
  • Pip
  • 3 posts
Hi, hoping somebody much smarter than me can help me here! A couple of days ago my laptop (Dell Inspiron 1720) randomly began crashing with the infamous Blue Screen. The message at the top of the screen was BAD_POOL_CALLER. When I rebooted the laptop I got the following information given to me:

Problem signature:
Problem Event Name: BlueScreen
OS Version: 6.0.6002.2.2.0.768.3
Locale ID: 2057

Additional information about the problem:
BCCode: c2
BCP1: 00000099
BCP2: A7E62004
BCP3: 00000000
BCP4: 00000000
OS Version: 6_0_6002
Service Pack: 2_0
Product: 768_1

Anyway I hope this is all the info that you need to help me out. As I computer dunce any help you give me will be greatly appreciated!


OTL logfile created on: 10/05/2012 16:54:33 - Run 1
OTL by OldTimer - Version 3.2.42.3 Folder = C:\Users\Dan Beaton\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

2.00 Gb Total Physical Memory | 0.38 Gb Available Physical Memory | 19.06% Memory free
4.23 Gb Paging File | 2.37 Gb Available in Paging File | 55.91% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 99.07 Gb Total Space | 32.40 Gb Free Space | 32.70% Space Free | Partition Type: NTFS
Drive D: | 10.00 Gb Total Space | 5.76 Gb Free Space | 57.60% Space Free | Partition Type: NTFS

Computer Name: BEATON | User Name: Dan Beaton | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/05/10 16:53:52 | 000,595,456 | ---- | M] (OldTimer Tools) -- C:\Users\Dan Beaton\Downloads\OTL.exe
PRC - [2012/03/22 15:21:58 | 002,388,336 | ---- | M] (Apple Inc.) -- C:\Program Files\Safari\Safari.exe
PRC - [2012/03/22 11:40:42 | 000,014,184 | ---- | M] (Apple Inc.) -- C:\Program Files\Safari\Apple Application Support\WebKit2WebProcess.exe
PRC - [2012/03/20 13:49:22 | 001,118,648 | ---- | M] (PC Tools) -- C:\Program Files\PC Tools\PC Tools Security\pctsSvc.exe
PRC - [2012/03/20 13:49:20 | 002,670,008 | ---- | M] (PC Tools) -- C:\Program Files\PC Tools\PC Tools Security\pctsGui.exe
PRC - [2012/03/20 12:20:52 | 000,571,320 | ---- | M] (Threat Expert Ltd.) -- C:\Program Files\PC Tools\PC Tools Security\BDT\BDTUpdateService.exe
PRC - [2012/03/20 11:11:50 | 000,402,336 | ---- | M] (PC Tools) -- C:\Program Files\PC Tools\PC Tools Security\pctsAuxs.exe
PRC - [2012/02/23 13:30:40 | 000,059,240 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Internet Services\ubd.exe
PRC - [2009/04/11 07:28:11 | 000,217,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WerFault.exe
PRC - [2009/04/11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008/11/09 21:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
PRC - [2008/05/13 16:33:10 | 001,058,088 | ---- | M] (Stardock Corporation) -- C:\Program Files\Dell\DellDock\DellDock.exe
PRC - [2008/04/28 16:56:28 | 000,161,048 | ---- | M] (Stardock Corporation) -- C:\Program Files\Dell\DellDock\DockLogin.exe
PRC - [2008/02/22 17:01:38 | 001,193,240 | ---- | M] (Dell Inc.) -- C:\Program Files\Dell\QuickSet\quickset.exe
PRC - [2007/12/21 10:58:06 | 000,184,320 | ---- | M] (CyberLink Corp.) -- C:\Program Files\Dell\MediaDirect\PCMService.exe
PRC - [2007/12/03 06:58:54 | 000,036,864 | ---- | M] (Creative Technology Ltd.) -- C:\Windows\OEM02Mon.exe
PRC - [2007/09/24 10:27:38 | 000,040,960 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\hidfind.exe
PRC - [2007/09/24 10:27:30 | 000,159,744 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\Apoint.exe
PRC - [2007/09/24 10:27:28 | 000,050,736 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\ApMsgFwd.exe
PRC - [2007/09/24 10:27:28 | 000,049,152 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\ApntEx.exe


========== Modules (No Company Name) ==========

MOD - [2012/05/10 00:14:37 | 011,820,032 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\ef684a2ee2f7276eec3973a0654d2bd4\System.Web.ni.dll
MOD - [2012/05/10 00:14:26 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\846b9cf2756fdd15f704c9bab9c70b6f\System.Runtime.Remoting.ni.dll
MOD - [2012/05/10 00:14:12 | 000,223,744 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\VistaBridgeLibrary\1b35397dc3e9e5cf5d0e9bff055a4a57\VistaBridgeLibrary.ni.dll
MOD - [2012/05/10 00:14:11 | 001,523,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\DellDock\da81f12e745efafa612cf9801c37ec04\DellDock.ni.exe
MOD - [2012/05/10 00:14:09 | 000,061,952 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\MyDock.Util\140ae7c7ff1b982c53591405b830b4fc\MyDock.Util.ni.dll
MOD - [2012/05/10 00:14:05 | 000,998,400 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\f3d4d5fe5ab848fbfcf91a49960dc8ae\System.Management.ni.dll
MOD - [2012/05/10 00:13:52 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\bd76aaaa03ddc15d1840207b5a480644\System.Configuration.ni.dll
MOD - [2012/05/09 19:10:24 | 005,450,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\d2630342a066a7cb9056d9eb6157687a\System.Xml.ni.dll
MOD - [2012/05/09 19:10:02 | 012,430,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\e4d54640bacd18e047a4573cb4611bd3\System.Windows.Forms.ni.dll
MOD - [2012/05/09 19:09:51 | 001,591,808 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\5d8696f15e49aedf883dd945806a7049\System.Drawing.ni.dll
MOD - [2012/05/09 19:08:23 | 007,953,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\28d633338fc8d29f8af31935ef7d001b\System.ni.dll
MOD - [2012/05/09 19:08:08 | 011,492,352 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\af9c9e9d7e0523cd444f8b551baa9cbf\mscorlib.ni.dll
MOD - [2012/05/05 14:54:30 | 008,797,856 | ---- | M] () -- C:\Windows\System32\Macromed\Flash\NPSWF32_11_2_202_235.dll
MOD - [2012/03/07 20:15:56 | 000,087,912 | ---- | M] () -- C:\Program Files\Safari\Apple Application Support\zlib1.dll
MOD - [2012/03/07 20:15:36 | 001,242,472 | ---- | M] () -- C:\Program Files\Safari\Apple Application Support\libxml2.dll
MOD - [2011/06/24 22:56:36 | 000,087,328 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/06/24 22:56:14 | 001,241,888 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2010/07/21 22:13:03 | 000,034,816 | ---- | M] () -- C:\Program Files\Google\Google Desktop Search\gzlib.dll
MOD - [2010/06/21 17:39:02 | 000,184,320 | ---- | M] () -- C:\Downloads\ImageConverter Plus\gpgate.dll
MOD - [2010/06/21 17:35:50 | 001,328,640 | ---- | M] () -- C:\Downloads\ImageConverter Plus\fcnv.dll
MOD - [2010/06/21 17:33:48 | 006,764,032 | ---- | M] () -- C:\Downloads\ImageConverter Plus\fpdf.dll
MOD - [2010/06/21 17:33:20 | 001,149,952 | ---- | M] () -- C:\Downloads\ImageConverter Plus\fcrtl.dll
MOD - [2010/06/21 17:29:14 | 000,021,504 | ---- | M] () -- C:\Downloads\ImageConverter Plus\MemHandler.dll
MOD - [2008/05/16 13:16:24 | 000,054,784 | ---- | M] () -- C:\Windows\System32\bcmwlrmt.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- C:\Program Files\Dell Support Center\bin\sprtsvc.exe /service /p dellsupportcenter -- (sprtsvc_dellsupportcenter) SupportSoft Sprocket Service (dellsupportcenter)
SRV - File not found [Auto | Stopped] -- C:\Users\DANBEA~1\AppData\Local\Temp\005058~1.EXE C:\PROGRA~1\COMMON~1\McAfee\INSTAL~1\cleanup.ini -- (0050581312726714mcinstcleanup) McAfee Application Installer Cleanup (0050581312726714)
SRV - [2012/05/05 14:54:31 | 000,257,696 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/05/01 22:09:57 | 000,489,256 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2012/03/20 13:49:22 | 001,118,648 | ---- | M] (PC Tools) [Auto | Running] -- C:\Program Files\PC Tools\PC Tools Security\pctsSvc.exe -- (sdCoreService)
SRV - [2012/03/20 12:20:52 | 000,571,320 | ---- | M] (Threat Expert Ltd.) [Auto | Running] -- C:\Program Files\PC Tools\PC Tools Security\BDT\BDTUpdateService.exe -- (Browser Defender Update Service)
SRV - [2012/03/20 11:11:50 | 000,402,336 | ---- | M] (PC Tools) [Auto | Running] -- C:\Program Files\PC Tools\PC Tools Security\pctsAuxs.exe -- (sdAuxService)
SRV - [2008/11/09 21:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
SRV - [2008/07/16 18:04:21 | 000,016,680 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) [On_Demand | Stopped] -- C:\Program Files\Citrix\GoToAssist\514\g2aservice.exe -- (GoToAssist)
SRV - [2008/04/28 16:56:28 | 000,161,048 | ---- | M] (Stardock Corporation) [Auto | Running] -- C:\Program Files\Dell\DellDock\DockLogin.exe -- (DockLoginService)
SRV - [2008/01/21 03:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\lgusbmodem.sys -- (USBModem)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\lgusbdiag.sys -- (UsbDiag)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\lgusbbus.sys -- (usbbus)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\stwrt.sys -- (STHDA)
DRV - File not found [Kernel | On_Demand | Stopped] -- c:\program files\dell support center\pcdsrvc.pkms -- (PCDSRVC{E9D79540-57D5953E-06020101}_0)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\BCM42RLY.sys -- (BCM42RLY)
DRV - [2012/03/20 13:50:12 | 000,203,088 | ---- | M] (PC Tools) [Kernel | System | Running] -- C:\Windows\System32\drivers\PCTSD.sys -- (PCTSD)
DRV - [2012/03/20 12:21:14 | 000,070,736 | ---- | M] (PC Tools) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\PCTBD.sys -- (PCTBD)
DRV - [2012/03/16 12:15:40 | 000,383,368 | ---- | M] (PC Tools) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\PCTCore.sys -- (PCTCore)
DRV - [2012/02/28 11:43:06 | 000,909,728 | ---- | M] (PC Tools) [File_System | Boot | Running] -- C:\Windows\System32\drivers\pctEFA.sys -- (pctEFA)
DRV - [2012/02/28 11:43:00 | 000,342,168 | ---- | M] (PC Tools) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\pctDS.sys -- (pctDS)
DRV - [2009/11/21 03:34:54 | 011,515,752 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2008/10/09 15:42:42 | 000,017,408 | ---- | M] (Windows ® Codename Longhorn DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\KMWDFILTER.sys -- (KMWDFILTER)
DRV - [2008/01/21 03:23:25 | 000,220,672 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\e1e6032.sys -- (e1express) Intel®
DRV - [2007/12/03 06:59:06 | 000,007,424 | ---- | M] (EyePower Games Pte. Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\OEM02Vfx.sys -- (OEM02Vfx)
DRV - [2007/12/03 06:58:50 | 000,235,648 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\OEM02Dev.sys -- (OEM02Dev)
DRV - [2007/09/24 10:27:26 | 000,155,136 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Apfiltr.sys -- (ApfiltrService)
DRV - [2006/11/27 08:48:46 | 000,037,376 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rixdptsk.sys -- (rismxdp)
DRV - [2006/11/27 08:48:44 | 000,043,520 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2006/11/27 08:48:44 | 000,032,256 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2006/11/21 13:25:44 | 000,045,568 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\bcm4sbxp.sys -- (bcm4sbxp)
DRV - [2006/11/02 08:36:43 | 002,028,032 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (R300)
DRV - [2006/08/05 01:39:10 | 000,008,192 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.co...=uk&ibd=0080717
IE - HKLM\..\SearchScopes,DefaultScope = {56256A51-B582-467e-B8D4-7786EDA79AE0}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0}: "URL" = http://www.mywebsear...r={searchTerms}
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...ie7&rlz=1I7DKUK

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.co...=uk&ibd=0080717
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.ask.com/?o=15709&l=dis
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://uk.yahoo.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://uk.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-gb
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 61 3B 88 76 1D A5 CA 01 [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {472734EA-242A-422b-ADF8-83D1E48CC825} - C:\Program Files\PC Tools\PC Tools Security\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll (Yahoo! Inc.)
IE - HKCU\..\SearchScopes,DefaultScope = {14003A67-FE8F-49E2-8776-369519343816}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...=AVB3DF&pc=AVBR
IE - HKCU\..\SearchScopes\{14003A67-FE8F-49E2-8776-369519343816}: "URL" = http://us.yhs.search...p={searchTerms}
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKCU\..\SearchScopes\{70D46D94-BF1E-45ED-B567-48701376298E}: "URL" = http://127.0.0.1:466...q={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_2_202_235.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.3: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc;version=8.6.5: C:\Program Files\Tripleplay\TPPlugins\npvlc.dll (VideoLAN Team)
FF - HKCU\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: C:\Users\Dan Beaton\AppData\Roaming\Move Networks\plugins\npqmp071505000010.dll (Move Networks)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Dan Beaton\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2224E955-00E9-4613-A844-CE69FCCAAE91}: C:\Program Files\Internet Saving Optimizer\3.6.0.4470\FF [2009/08/04 22:49:19 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{0BA0192D-94A5-45e3-B2B8-3EC5A1A0B5EC}: C:\Program Files\Media Access Startup\1.5.0.850\FF
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{cb84136f-9c44-433a-9048-c5cd9df1dc16}: C:\Program Files\PC Tools\PC Tools Security\BDT\Firefox\ [2012/05/02 13:45:30 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Users\Dan Beaton\AppData\Roaming\Move Networks [2009/10/19 19:29:34 | 000,000,000 | ---D | M]

[2009/02/22 18:16:15 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dan Beaton\AppData\Roaming\Mozilla\Extensions
[2009/02/22 18:16:15 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dan Beaton\AppData\Roaming\Mozilla\Extensions\[email protected]swing.org

O1 HOSTS File: ([2006/09/18 22:41:30 | 000,000,736 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: ::1 localhost
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll (Yahoo! Inc.)
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (PC Tools Browser Guard BHO) - {2A0F3D1B-0909-4FF4-B272-609CCE6054E7} - C:\Program Files\PC Tools\PC Tools Security\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll File not found
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll (Dell Inc.)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (PC Tools Browser Guard) - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files\PC Tools\PC Tools Security\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
O3 - HKLM\..\Toolbar: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {5617ECA9-488D-4BA2-8562-9710B9AB78D2} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {A057A204-BACC-4D26-9990-79A187E2698E} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O4 - HKLM..\Run: [4oD] "C:\Program Files\Kontiki\KHost.exe" -all File not found
O4 - HKLM..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe (Alps Electric Co., Ltd.)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [DELL Webcam Manager] C:\Program Files\Dell\Dell Webcam Manager\DellWMgr.exe (Creative Technology Ltd.)
O4 - HKLM..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter File not found
O4 - HKLM..\Run: [ECenter] C:\DELL\E-Center\EULALauncher.exe ( )
O4 - HKLM..\Run: [ISTray] C:\Program Files\PC Tools\PC Tools Security\pctsGui.exe (PC Tools)
O4 - HKLM..\Run: [NVHotkey] C:\Windows\System32\nvHotkey.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [OEM02Mon.exe] C:\Windows\OEM02Mon.exe (Creative Technology Ltd.)
O4 - HKLM..\Run: [PCMService] C:\Program Files\Dell\MediaDirect\PCMService.exe (CyberLink Corp.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [ApplePhotoStreams] C:\Program Files\Common Files\Apple\Internet Services\ApplePhotoStreams.exe (Apple Inc.)
O4 - HKCU..\Run: [EPSON SX100 Series] C:\Windows\System32\spool\DRIVERS\W32X86\3\E_FATIEDE.EXE (SEIKO EPSON CORPORATION)
O4 - HKCU..\Run: [fsm] File not found
O4 - HKCU..\Run: [MobileDocuments] C:\Program Files\Common Files\Apple\Internet Services\ubd.exe (Apple Inc.)
O4 - HKCU..\Run: [Uniblue RegistryBooster 2009] c:\program files\uniblue\registrybooster\StartRegistryBooster.exe File not found
O4 - HKCU..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKCU..\RunOnce: [Shockwave Updater] C:\Windows\system32\Adobe\Shockwave 11\SwHelper_1150595.exe -Update -1150595 -"Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0; Trident/4.0; GTB6; Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1) ; SLCC1; .NET CLR 2.0.50727; Media Center PC 5.0; InfoPath.2; .NET CLR 3.5.30729; .NET CLR 3.0.30729; OfficeLiveConnector.1.4; OfficeLivePatch.1.3)" -"http://www.miniclip....fowl-words/en/" File not found
O4 - Startup: C:\Users\Dan Beaton\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk = C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
O8 - Extra context menu item: &Download All with FlashGet - C:\Program Files\FlashGet\jc_all.htm File not found
O8 - Extra context menu item: &Download with FlashGet - C:\Program Files\FlashGet\jc_link.htm File not found
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.liv...m/quickadd.aspx File not found
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll (Sun Microsystems, Inc.)
O9 - Extra Button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe File not found
O9 - Extra 'Tools' menuitem : FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000044 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: localhost ([]http in Local intranet)
O15 - HKCU\..Trusted Ranges: GD ([http] in Local intranet)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{92073AD4-8294-4C26-9870-C26B33DA9C6E}: DhcpNameServer = 192.168.0.1
O18 - Protocol\Filter\application/x-internet-signup {A173B69A-1F9B-4823-9FDA-412F641E65D6} - C:\Program Files\Tiscali\Tiscali Internet\dlls\tiscalifilter.dll ()
O20 - AppInit_DLLs: (AVGRSSTX.DLL) - File not found
O20 - AppInit_DLLs: (C:\PROGRA~1\GOOGLE\GOOGLE~2\GOEC62~1.DLL) - C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\GoToAssist: DllName - (C:\Program Files\Citrix\GoToAssist\514\G2AWinLogon.dll) - C:\Program Files\Citrix\GoToAssist\514\g2awinlogon.dll (Citrix Online, a division of Citrix Systems, Inc.)
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img24.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img24.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{fd39dc5f-fb6f-11dd-808a-001d09db6899}\Shell - "" = AutoRun
O33 - MountPoints2\{fd39dc5f-fb6f-11dd-808a-001d09db6899}\Shell\AutoRun\command - "" = F:\USBAutoRun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2012/05/08 20:54:07 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2012/05/02 13:45:27 | 000,070,736 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\PCTBD.sys
[2012/05/02 13:45:26 | 002,271,160 | ---- | C] (Threat Expert Ltd.) -- C:\Windows\PCTBDCore.dll
[2012/05/02 13:45:26 | 001,681,336 | ---- | C] (Threat Expert Ltd.) -- C:\Windows\PCTBDRes.dll
[2012/05/02 13:45:26 | 000,149,432 | ---- | C] (PC Tools) -- C:\Windows\SGDetectionTool.dll
[2012/05/02 13:44:37 | 000,253,352 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\pctgntdi.sys
[2012/05/02 13:44:37 | 000,107,864 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\pctwfpfilter.sys
[2012/05/02 13:44:31 | 000,017,848 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\pctBTFix.sys
[2012/05/02 13:44:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Tools Security
[2012/05/02 13:44:28 | 000,070,536 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\pctplsg.sys
[2012/05/02 13:43:12 | 000,909,728 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\pctEFA.sys
[2012/05/02 13:43:12 | 000,342,168 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\pctDS.sys
[2012/05/02 13:43:11 | 000,383,368 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\PCTCore.sys
[2012/05/02 13:43:11 | 000,162,584 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\PCTAppEvent.sys
[2012/05/02 13:43:09 | 000,000,000 | ---D | C] -- C:\Program Files\PC Tools

========== Files - Modified Within 30 Days ==========

[2012/05/10 16:56:10 | 000,000,886 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/05/10 16:54:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/05/10 16:27:19 | 000,609,196 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012/05/10 16:27:19 | 000,108,672 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012/05/10 16:23:42 | 000,071,530 | ---- | M] () -- C:\ProgramData\nvModes.dat
[2012/05/10 16:23:41 | 000,071,530 | ---- | M] () -- C:\ProgramData\nvModes.001
[2012/05/10 16:23:08 | 000,000,882 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/05/10 16:22:53 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012/05/10 16:22:53 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012/05/10 16:22:42 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/05/10 16:22:34 | 275,213,439 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2012/05/10 00:47:28 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2012/05/09 19:07:02 | 000,378,960 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012/05/08 21:05:34 | 002,330,285 | ---- | M] () -- C:\Windows\System32\drivers\Cat.DB
[2012/05/03 22:02:45 | 000,002,585 | ---- | M] () -- C:\Users\Dan Beaton\Desktop\Microsoft Office Excel 2007.lnk
[2012/05/03 22:02:40 | 000,002,595 | ---- | M] () -- C:\Users\Dan Beaton\Desktop\Microsoft Office PowerPoint 2007.lnk
[2012/05/03 22:02:30 | 000,002,627 | ---- | M] () -- C:\Users\Dan Beaton\Desktop\Microsoft Office Word 2007.lnk
[2012/05/02 20:33:06 | 000,023,040 | ---- | M] () -- C:\Users\Dan Beaton\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/05/02 13:44:32 | 000,001,951 | ---- | M] () -- C:\Users\Public\Desktop\PC Tools AntiVirus Free.lnk
[2012/04/21 14:14:45 | 000,000,680 | ---- | M] () -- C:\Users\Dan Beaton\AppData\Local\d3d9caps.dat

========== Files Created - No Company Name ==========

[2012/05/10 16:18:46 | 275,213,439 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2012/05/02 13:45:27 | 000,767,928 | ---- | C] () -- C:\Windows\BDTSupport.dll
[2012/05/02 13:45:26 | 000,003,488 | ---- | C] () -- C:\Windows\UDB.zip
[2012/05/02 13:45:26 | 000,000,882 | ---- | C] () -- C:\Windows\RegSDImport.xml
[2012/05/02 13:45:26 | 000,000,879 | ---- | C] () -- C:\Windows\RegISSImport.xml
[2012/05/02 13:45:26 | 000,000,131 | ---- | C] () -- C:\Windows\IDB.zip
[2012/05/02 13:44:32 | 000,001,951 | ---- | C] () -- C:\Users\Public\Desktop\PC Tools AntiVirus Free.lnk
[2011/08/03 15:21:47 | 000,000,670 | ---- | C] () -- C:\Windows\eReg.dat

========== LOP Check ==========

[2010/01/24 21:13:39 | 000,000,000 | ---D | M] -- C:\Users\Dan Beaton\AppData\Roaming\Amazon
[2011/09/07 14:42:08 | 000,000,000 | ---D | M] -- C:\Users\Dan Beaton\AppData\Roaming\Avant Downloader
[2010/02/07 17:44:00 | 000,000,000 | ---D | M] -- C:\Users\Dan Beaton\AppData\Roaming\Blender Foundation
[2010/04/14 23:06:08 | 000,000,000 | ---D | M] -- C:\Users\Dan Beaton\AppData\Roaming\EA
[2009/05/10 15:13:42 | 000,000,000 | ---D | M] -- C:\Users\Dan Beaton\AppData\Roaming\EPSON
[2011/07/13 17:02:06 | 000,000,000 | ---D | M] -- C:\Users\Dan Beaton\AppData\Roaming\FlashGet
[2009/09/27 00:34:40 | 000,000,000 | ---D | M] -- C:\Users\Dan Beaton\AppData\Roaming\GetRightToGo
[2008/12/26 16:47:53 | 000,000,000 | ---D | M] -- C:\Users\Dan Beaton\AppData\Roaming\LG Electronics
[2009/12/02 23:01:55 | 000,000,000 | ---D | M] -- C:\Users\Dan Beaton\AppData\Roaming\LimeWire
[2008/12/29 02:09:39 | 000,000,000 | ---D | M] -- C:\Users\Dan Beaton\AppData\Roaming\NCH Swift Sound
[2010/07/04 17:52:23 | 000,000,000 | ---D | M] -- C:\Users\Dan Beaton\AppData\Roaming\Nexway
[2010/12/10 01:15:47 | 000,000,000 | ---D | M] -- C:\Users\Dan Beaton\AppData\Roaming\PCDr
[2009/08/05 02:48:12 | 000,000,000 | ---D | M] -- C:\Users\Dan Beaton\AppData\Roaming\Pro Cycling Manager 2008 - Demo
[2010/05/22 23:40:34 | 000,000,000 | ---D | M] -- C:\Users\Dan Beaton\AppData\Roaming\Pro Cycling Manager 2009
[2012/01/29 20:04:39 | 000,000,000 | ---D | M] -- C:\Users\Dan Beaton\AppData\Roaming\Pro Cycling Manager 2011
[2010/02/06 17:01:36 | 000,000,000 | ---D | M] -- C:\Users\Dan Beaton\AppData\Roaming\Software Informer
[2011/10/21 17:25:18 | 000,000,000 | ---D | M] -- C:\Users\Dan Beaton\AppData\Roaming\Sports Interactive
[2011/11/26 22:01:10 | 000,000,000 | ---D | M] -- C:\Users\Dan Beaton\AppData\Roaming\Spotify
[2008/08/17 15:05:57 | 000,000,000 | ---D | M] -- C:\Users\Dan Beaton\AppData\Roaming\Template
[2011/11/20 01:05:47 | 000,000,000 | ---D | M] -- C:\Users\Dan Beaton\AppData\Roaming\TestApp
[2008/11/30 20:50:46 | 000,000,000 | ---D | M] -- C:\Users\Dan Beaton\AppData\Roaming\tmp
[2009/07/08 19:02:16 | 000,000,000 | ---D | M] -- C:\Users\Dan Beaton\AppData\Roaming\Uniblue
[2010/01/05 22:50:30 | 000,000,000 | ---D | M] -- C:\Users\Dan Beaton\AppData\Roaming\uTorrent
[2009/10/04 20:39:40 | 000,000,000 | ---D | M] -- C:\Users\Dan Beaton\AppData\Roaming\Windows Live Writer
[2012/05/10 00:47:32 | 000,032,600 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 160 bytes -> C:\ProgramData\TEMP:DFC5A2B2
@Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:430C6D84
@Alternate Data Stream - 121 bytes -> C:\ProgramData\TEMP:A8ADE5D8
@Alternate Data Stream - 115 bytes -> C:\ProgramData\TEMP:1CA73D29
@Alternate Data Stream - 107 bytes -> C:\ProgramData\TEMP:C31F31E6

< End of report >
  • 0

Advertisements


#2
DanBeats21

DanBeats21

    New Member

  • Topic Starter
  • Member
  • Pip
  • 3 posts
This is the Extras.Txt as well:


OTL Extras logfile created on: 10/05/2012 16:54:33 - Run 1
OTL by OldTimer - Version 3.2.42.3 Folder = C:\Users\Dan Beaton\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

2.00 Gb Total Physical Memory | 0.38 Gb Available Physical Memory | 19.06% Memory free
4.23 Gb Paging File | 2.37 Gb Available in Paging File | 55.91% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 99.07 Gb Total Space | 32.40 Gb Free Space | 32.70% Space Free | Partition Type: NTFS
Drive D: | 10.00 Gb Total Space | 5.76 Gb Free Space | 57.60% Space Free | Partition Type: NTFS

Computer Name: BEATON | User Name: Dan Beaton | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = SafariHTML] -- C:\Program Files\Safari\Safari.exe (Apple Inc.)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\S-1-5-21-214577990-2440039259-688294083-1000]
"EnableNotificationsRef" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{009F68BC-FDBE-41D6-8AE1-70321CB26344}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{051E0DA0-CA3E-47E2-9AD4-504F714B6474}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{09459845-65F1-4E55-A57C-AD0CD3133319}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{0C2B745F-5D17-4574-81D7-C76DF888A05D}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{0CB3FEB4-4CB1-4D68-B400-33C72C8683E4}" = rport=139 | protocol=6 | dir=out | app=system |
"{1AC55287-DC6C-46A5-94CC-6D8A48097A77}" = lport=7777 | protocol=17 | dir=in | app=%systemroot%\ehome\ehshell.exe |
"{1CC6E6CD-3770-45DC-91B0-AA4552B06B14}" = lport=2869 | protocol=6 | dir=in | app=system |
"{210CA722-17F1-4B1F-A141-FFAC57D2A899}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{2417BCC5-59B1-4E6A-B3AC-CBE10EA9E2C2}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=c:\windows\system32\svchost.exe |
"{2EB71153-5CC6-43B5-974F-B342D7B2630F}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{4422E1AF-6F61-48B9-B928-C21E2BCEA541}" = rport=10244 | protocol=6 | dir=out | app=system |
"{529B9D75-8430-43C2-8ABC-B4836F8DDE21}" = lport=445 | protocol=6 | dir=in | app=system |
"{64D955D5-A085-4D70-AE1D-BF0DD9BE8A95}" = lport=3390 | protocol=6 | dir=in | app=system |
"{672BE83E-50B1-4821-9B9F-C5BC773844A4}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |
"{67817259-EA44-4E89-AF08-62B4D253C826}" = rport=138 | protocol=17 | dir=out | app=system |
"{6E646898-8418-4D2B-AEFA-93D74AFD708A}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{75930CD4-4F58-432E-A387-951ACB703CC6}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=c:\windows\system32\svchost.exe |
"{778ADC40-6459-434E-B783-92789E7BB92A}" = lport=7777 | protocol=17 | dir=in | app=%systemroot%\ehome\ehshell.exe |
"{80F1B019-DBF1-49DF-BE3D-E4FE41A934C2}" = lport=138 | protocol=17 | dir=in | app=system |
"{8796EDC2-4BC1-4A30-8466-AA7D0AE64B04}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{8FCF3D3A-7BB5-4217-B6DD-ABBEA06DC3F9}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |
"{918BC9C6-7C62-49AB-94D4-302D56F922E6}" = lport=10244 | protocol=6 | dir=in | app=system |
"{91A8582C-E6D0-40E2-8FDC-7B96459B2616}" = rport=137 | protocol=17 | dir=out | app=system |
"{943D6A3A-97E0-4AC4-AEC1-DB0E254776C4}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{9C401620-9CDF-4705-AEBF-70E5D23874F6}" = lport=554 | protocol=6 | dir=in | app=%systemroot%\ehome\ehshell.exe |
"{9D14087C-4A74-49D9-90C5-DBB0686D6110}" = lport=139 | protocol=6 | dir=in | app=system |
"{A3A54DB0-1EB7-4E37-8716-745A63DAE477}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=c:\windows\system32\svchost.exe |
"{A5A52F7C-DC97-47C0-861B-1C17220A47FB}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{AA448508-3A0B-4E5C-A26F-B37A4FD5B624}" = lport=554 | protocol=6 | dir=in | app=%systemroot%\ehome\ehshell.exe |
"{B00BE31E-D517-4E66-AE40-89FA3BEAEFA9}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{B1F043AA-FD00-47DC-B53A-9DD52F5EE1E1}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |
"{B2407E2F-D34F-4A9A-867C-A350CA331D5F}" = rport=10244 | protocol=6 | dir=out | app=system |
"{BC44E7A8-0633-4C12-8F64-1C049B563CF4}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{C239F0A2-0D68-491E-9A6E-5A217E88C9D3}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=c:\windows\system32\svchost.exe |
"{CB6C7FD8-40A2-48BF-803F-B9693F2A094F}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=c:\windows\system32\svchost.exe |
"{D18785EE-B41A-408C-BB7F-B69F54302D93}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=c:\windows\system32\svchost.exe |
"{D4BAF72C-0356-4B0D-86EE-2BA490E1311F}" = lport=137 | protocol=17 | dir=in | app=system |
"{D5292623-F19F-46F6-9EE4-E51916608FC5}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{D55A26EE-A041-4055-9900-6EDBDBA148F8}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{D5746499-E327-4DDF-90C4-ACC27E2D0EBF}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{E409C58D-2A83-48DF-8532-9E47DD61B361}" = rport=445 | protocol=6 | dir=out | app=system |
"{E71F417C-2B78-451F-9A8A-7FDD692CD3FF}" = lport=10244 | protocol=6 | dir=in | app=system |
"{EBC620E9-00B7-4DA7-9C25-97EA326F9B99}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | [email protected],-28539 |
"{F28F3AF9-33EC-4279-A841-89CB80FD8AD2}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{FEBD5606-EFF4-4D1A-B59E-90460C5FF419}" = lport=3390 | protocol=6 | dir=in | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0173DA04-BBA9-4B42-9651-CFC182F6AE6F}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{0202F57D-F29D-44C8-AF6C-3B33487A006B}" = protocol=17 | dir=in | app=c:\program files\cyanide\pro cycling manager - season 2011\autorun\exe\autorun.exe |
"{030275BC-1A21-4F90-81F6-DF9247984BF3}" = protocol=17 | dir=in | app=c:\program files\steam\steam.exe |
"{04484E41-CE80-47E1-9A0F-D3D9632F80FC}" = protocol=6 | dir=in | app=c:\program files\cyanide\pro cycling manager - season 2011\autorun\exe\autorun.exe |
"{08CF199E-D122-4D1A-9FFD-499EFE5C6BB0}" = dir=in | app=c:\program files\dell\mediadirect\kernel\dmp\clbrowserengine.exe |
"{0D6D9D9B-9499-46C2-BEB7-87B6DDF6175B}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{0FD5732C-02CE-4CC5-B346-F9649DE1977F}" = protocol=1 | dir=in | [email protected],-28543 |
"{111A4F72-CDDD-44D0-8CEB-A1E0EB070162}" = protocol=17 | dir=in | app=c:\program files\cyanide\gamecenter\gamecenter.exe |
"{1A385C1A-ED68-4021-A314-4279E3EFAEDD}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe |
"{1A76F67A-2EB0-48EA-81F4-3087541C4DCD}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\football manager 2011\fm.exe |
"{1BF66D69-7996-4A5C-8A86-1BF7AABBB149}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{1D4CFBEC-D4F6-415A-8855-ABF7ED7B76C4}" = protocol=1 | dir=out | [email protected],-28544 |
"{1F4EB1D9-063E-4A35-9C46-E76D403C7EDA}" = protocol=6 | dir=out | app=%systemroot%\ehome\mcx2prov.exe |
"{212361FF-0019-46C5-9A7F-125DC6F8D335}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\football manager 2009\fm.exe |
"{226AAD68-66A5-44D4-BA03-156DC1B073CE}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{25006C87-9ED2-4870-A94E-FBBD0BD6D589}" = dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |
"{2CDAFF07-8044-4CFD-B305-BADED443E307}" = protocol=17 | dir=in | app=c:\program files\kontiki\kservice.exe |
"{2FDED2AC-8169-48E7-B033-22C400FFFE60}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\football manager 2011\fm.exe |
"{3702B241-FABD-4214-85D0-47C136DD6A89}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\football manager 2009\fm.exe |
"{376B6276-C823-4471-A25C-715468822085}" = protocol=6 | dir=in | app=c:\program files\cyanide\pro cycling manager - season 2011\pcm.exe |
"{3CB3591C-E99C-4B5F-BF8C-2B84A85BCC68}" = protocol=6 | dir=out | svc=mcx2svc | app=%systemroot%\system32\svchost.exe |
"{3F67DC7D-01F4-4782-938D-C3ED5A75A364}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe |
"{40DCA2F7-1019-4836-B81E-02315D531348}" = protocol=58 | dir=in | [email protected],-28545 |
"{4155E40A-9EA5-4826-8D62-2FF9F979A088}" = protocol=17 | dir=out | app=%systemroot%\ehome\ehshell.exe |
"{470E7164-AE43-4DA1-8317-710836C59112}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{4DAC5834-0803-4C75-A68B-8909D05285F6}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{536FEE9F-5C10-40E9-A3F4-F8B1B1821F11}" = protocol=6 | dir=in | app=c:\program files\kontiki\kservice.exe |
"{53B58C01-E9C9-417F-8846-0A19DE445A00}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\football manager 2012 editor\editor.exe |
"{5CD59C94-AFD4-43F9-8B76-093FC9D740C4}" = dir=in | app=c:\program files\itunes\itunes.exe |
"{5D319316-3615-4E80-9316-42A91C09EBA9}" = protocol=6 | dir=out | svc=upnphost | app=c:\windows\system32\svchost.exe |
"{61498BE6-5A90-4A8F-8AAA-DC3E10BFF771}" = protocol=58 | dir=out | [email protected],-28546 |
"{6476527D-0D4E-4634-8EB4-85C7D2F6E756}" = protocol=6 | dir=out | app=%systemroot%\ehome\mcx2prov.exe |
"{69271D10-8B65-4591-BE14-EB065FCB7A8B}" = dir=in | app=c:\program files\dell\mediadirect\kernel\dms\clmsservice.exe |
"{6B1894EA-A3B7-40AD-8A0C-ACC90E12ED15}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\football manager 2012\fm.exe |
"{6D1B16D2-6132-4658-B0D7-A914DAB254C0}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{6DA693E6-2FAF-4C1F-9F45-1694C60CD793}" = protocol=17 | dir=in | app=c:\program files\cyanide\pro cycling manager - season 2011\pcm.exe |
"{73598B1F-ADE4-47F3-9F23-B23CBA5A6C8F}" = protocol=6 | dir=in | app=c:\program files\ea sports\total club manager 2005\tcm2005.exe |
"{823F9645-B355-43DC-AB5F-CCD90BF0A273}" = protocol=6 | dir=out | app=%systemroot%\ehome\ehshell.exe |
"{95205D1E-1C7A-4D8A-8F82-8C018230D6F5}" = protocol=6 | dir=out | app=%systemroot%\ehome\ehshell.exe |
"{9A4880F8-C60F-4974-8310-8F1859250049}" = dir=in | app=c:\program files\windows live\contacts\wlcomm.exe |
"{9AF424BF-DD64-430A-9BB3-29314F5B843F}" = protocol=17 | dir=out | app=%systemroot%\ehome\ehshell.exe |
"{9E712987-5A73-403D-AE11-2784476E45E6}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\football manager 2012\fm.exe |
"{9EE53A2C-1958-43A1-973D-4ACE541E8CB2}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{AAA96EC7-C217-4134-9CF4-F55B014B1A60}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\football manager 2012 editor\editor.exe |
"{B9C27F82-17F5-49F2-899E-8E5BD2D16E29}" = dir=in | app=c:\program files\windows live\mesh\moe.exe |
"{C067D4E3-9536-444F-B40A-66EFDB09ACD3}" = protocol=6 | dir=in | app=c:\program files\steam\steam.exe |
"{C76F4580-07C0-425B-AADE-4491265E9BAA}" = protocol=6 | dir=in | app=c:\program files\cyanide\gamecenter\gamecenter.exe |
"{C7B971A8-AA02-4540-B559-147B674BB7AF}" = protocol=17 | dir=in | app=c:\program files\ea sports\total club manager 2005\tcm2005.exe |
"{C82417A5-A4CA-4E58-935F-6E56B1F61453}" = protocol=6 | dir=out | svc=mcx2svc | app=%systemroot%\system32\svchost.exe |
"{D827AA83-CC62-4907-8D75-C169D5E22790}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{E40E8CE5-B344-46EC-BFA4-C7C35AE1B896}" = dir=in | app=c:\program files\dell\mediadirect\mediadirect.exe |
"{F582E14F-C342-490E-9CF8-D9569208306B}" = protocol=6 | dir=in | app=c:\program files\kontiki\kservice.exe |
"{F99C556A-87C9-41B5-AE40-3450C189EEC1}" = dir=in | app=c:\program files\dell\mediadirect\pcmservice.exe |
"{FBE7C7A7-3BE6-4ABA-9A28-D0A7928DCC27}" = protocol=17 | dir=in | app=c:\program files\kontiki\kservice.exe |
"TCP Query User{276C34B4-B698-4689-A9D3-81576FEBEAB8}C:\program files\flashget\flashget.exe" = protocol=6 | dir=in | app=c:\program files\flashget\flashget.exe |
"TCP Query User{3EF72669-F7EE-4F00-BE35-340A691626D8}C:\program files\spotify\spotify.exe" = protocol=6 | dir=in | app=c:\program files\spotify\spotify.exe |
"TCP Query User{44923E2D-C7C5-4C18-B2DC-5D147B6543EC}C:\program files\avant browser\avant.exe" = protocol=6 | dir=in | app=c:\program files\avant browser\avant.exe |
"TCP Query User{53EAAE1A-4300-4185-B543-506A26F19836}C:\program files\cyanide\pro cycling manager - season 2009\pcm.exe" = protocol=6 | dir=in | app=c:\program files\cyanide\pro cycling manager - season 2009\pcm.exe |
"TCP Query User{9ABF5BB5-3580-46C3-A120-7994635ACC5C}C:\program files\limewire\limewire.exe" = protocol=6 | dir=in | app=c:\program files\limewire\limewire.exe |
"TCP Query User{ACAE8CF2-4204-4A83-9BAD-E0E6EB7DD9D2}C:\program files\safari\safari.exe" = protocol=6 | dir=in | app=c:\program files\safari\safari.exe |
"TCP Query User{B0E17139-C875-487C-A9D7-479A45F3E6C2}C:\program files\spotify\spotify.exe" = protocol=6 | dir=in | app=c:\program files\spotify\spotify.exe |
"TCP Query User{D833D5B8-F5D4-4DC0-9495-39C58BAF8C45}C:\users\dan beaton\appdata\roaming\spotify\spotify.exe" = protocol=6 | dir=in | app=c:\users\dan beaton\appdata\roaming\spotify\spotify.exe |
"UDP Query User{139F68BE-797F-499A-A102-C7F01A5D1E66}C:\program files\avant browser\avant.exe" = protocol=17 | dir=in | app=c:\program files\avant browser\avant.exe |
"UDP Query User{17B51110-83AC-4CEF-AAED-0146A6580CAB}C:\program files\safari\safari.exe" = protocol=17 | dir=in | app=c:\program files\safari\safari.exe |
"UDP Query User{28328FCE-49E5-43EF-896E-32656460E91B}C:\program files\flashget\flashget.exe" = protocol=17 | dir=in | app=c:\program files\flashget\flashget.exe |
"UDP Query User{6C0627A1-9C2F-445E-9DE1-33AE2FA697D2}C:\users\dan beaton\appdata\roaming\spotify\spotify.exe" = protocol=17 | dir=in | app=c:\users\dan beaton\appdata\roaming\spotify\spotify.exe |
"UDP Query User{7B897EB6-E6A2-4EE7-9F8B-59F5735F7CFE}C:\program files\cyanide\pro cycling manager - season 2009\pcm.exe" = protocol=17 | dir=in | app=c:\program files\cyanide\pro cycling manager - season 2009\pcm.exe |
"UDP Query User{B9444CAC-8195-4BC9-8FFE-639E6C91DC1C}C:\program files\spotify\spotify.exe" = protocol=17 | dir=in | app=c:\program files\spotify\spotify.exe |
"UDP Query User{EEA489EA-B710-4B6D-AB3F-74E89DE09D9A}C:\program files\spotify\spotify.exe" = protocol=17 | dir=in | app=c:\program files\spotify\spotify.exe |
"UDP Query User{FC811A56-879C-4231-BCF1-799E38517FF7}C:\program files\limewire\limewire.exe" = protocol=17 | dir=in | app=c:\program files\limewire\limewire.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{02E89EFC-7B07-4D5A-AA03-9EC0902914EE}" = VC 9.0 Runtime
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{08E81ABD-79F7-49C2-881F-FD6CB0975693}" = Roxio Creator Data
"{09760D42-E223-42AD-8C3E-55B47D0DDAC3}" = Roxio Creator DE
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}" = Microsoft Works
"{16B6279B-9FF5-41fb-8BF9-404324F5DD1F}}_is1" = Media Access Startup
"{17504ED4-DB08-40A8-81C2-27D8C01581DA}" = Windows Live Remote Service Resources
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{19A4A990-5343-4FF7-B3B5-6F046C091EDF}" = Windows Live Remote Client
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1D5E29AD-39A9-4D0A-A8B6-46A6FCD8C995}" = Live! Cam Avatar v1.0
"{1F54DAFA-9261-4A62-B59D-6C9F26B48FE4}" = Roxio Creator Tools
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{1FB52AB3-5987-45a2-85E0-F3EC30DDDC29}}_is1" = Internet Saving Optimizer
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{227E8782-B2F4-4E97-B0EE-49DE9CC1C0C0}" = Windows Live Remote Service
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{23B8A91D-680B-462B-87AD-3D70F7341731}" = iTunes
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{2A3FC24C-6EC0-4519-A52B-FDA4EA9B2D24}" = Windows Live Messenger
"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Roxio Update Manager
"{3248F0A8-6813-11D6-A77B-00B0D0160050}" = Java™ 6 Update 5
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{341201D4-4F61-4ADB-987E-9CCE4D83A58D}" = Windows Live Toolbar Extension (Windows Live Toolbar)
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3F92ABBB-6BBF-11D5-B229-002078017FBF}" = NetWaiting
"{464B3406-A4D0-4914-910F-7CA4380DCC13}" = Windows Live Remote Client Resources
"{4B6AD248-D3BF-426A-8D64-847288154F13}" = QuickSet
"{4CE88F4D-B74E-4F92-9DA4-ECEB60ED362A}" = TBS WMP Plug-in
"{4E5386F5-C0F6-4532-A54A-374865AEAB71}" = Cisco PEAP Module
"{50816F92-1652-4A7C-B9BC-48F682742C4B}" = Messenger Companion
"{529125EF-E3AC-4B74-97E6-F688A7C0F1BF}" = Paint.NET v3.5.10
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{58B2B6D3-E5FF-4D16-87AC-52CC5717C7C6}" = Tiscali Internet
"{5DD4FCBD-A3C1-4155-9E17-4161C70AAABA}" = Segoe UI
"{62230596-37E5-4618-A329-0D21F529A86F}" = Browser Address Error Redirector
"{65D0C510-D7B6-4438-9FC8-E6B91115AB0D}" = Live! Cam Avatar Creator
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler 3
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6B7B6D4D-8F9B-4CB3-8CA4-BCA9CC4C1A22}" = EDocs
"{6D172D0A-B9F1-4046-AFAB-8599288545BF}" = Safari
"{6ECB39BD-73C2-44DD-B1A0-898207C58D8B}" = HP Photo and Imaging 2.0 - All-in-One Drivers
"{6FFB40A5-7F7D-4A32-8905-3CDF962EE1E4}" = Internet From BT
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{73A4F29F-31AC-4EBD-AA1B-0CC5F18C8F83}" = Roxio Creator Audio
"{759142E8-25B0-42AE-B408-4215065D3F4B}" = Windows Live Family Safety
"{76F9CF97-FC4B-4E20-B363-D127C888448F}" = Cisco LEAP Module
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7745B7A9-F323-4BB9-9811-01BF57A028DA}" = Map Button (Windows Live Toolbar)
"{786C4AD1-DCBA-49A6-B0EF-B317A344BD66}" = Windows Live Favorites for Windows Live Toolbar
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{7BE15435-2D3E-4B58-867F-9C75BED0208C}" = QuickTime
"{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}" = Dell Getting Started Guide
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}" = Windows Live Sync
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A5F34E2-37CF-4AD4-808C-2D413786E31A}" = Microsoft Visual C Runtime
"{8aa689e5-e787-4028-bb56-6dc00b340326}.sdb" = UACWorkAround
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISER_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISER_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISER_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISER_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISER_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISER_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISER_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISER_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISER_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISER_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISER_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISER_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}_ENTERPRISER_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}_ENTERPRISER_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_ENTERPRISER_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_ENTERPRISER_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{91120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{926BD0E8-24A3-41D2-AF9B-340F1A37ED12}" = MobileMe Control Panel
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95140000-007A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{9867A917-5D17-40DE-83BA-BEA5293194B1}" = HP Photo and Imaging 2.0 - All-in-One
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BDEF074-020E-458D-ADC5-8FF68E0C9B56}" = OutlookAddinSetup
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C6978E8-B6D0-4AB7-A7A0-D81A74FBF745}" = MediaDirect
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = Dell Touchpad
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{a0fe116e-9a8a-466f-aee0-625cb7c207e3}" = Microsoft Visual C++ 2005 Redistributable - KB2467175
"{A5C4AD72-25FE-4899-B6DF-6D8DF63C93CF}" = Highlight Viewer (Windows Live Toolbar)
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AC76BA86-7AD7-1033-7B44-A83000000003}" = Adobe Reader 8.3.1
"{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}" = ABBYY FineReader 6.0 Sprint
"{AF844339-2F8A-4593-81B3-9F4C54038C4E}" = Windows Live MIME IFilter
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B6A26DE5-F2B5-4D58-9570-4FC760E00FCD}" = Roxio Creator Copy
"{B935C985-A17F-484B-8470-09E4FC27DC26}" = Dell-eBay
"{BCF16F16-AC0E-4ABE-A9EF-412CF484BA51}" = Windows Live Family Safety
"{BF53252E-4AB2-4C7F-A0FD-6100755745E3}" = Cisco EAP-FAST Module
"{C3ABE126-2BB2-4246-BFE1-6797679B3579}" = LG USB Modem driver
"{C5096216-7703-409E-B85A-8A6EE7395128}}_is1" = System Search Dispatcher
"{C5C1C0F0-D62F-4DBF-81D4-D7EF397C228B}" = NVIDIA PhysX
"{C6150D8A-86ED-41D3-87BB-F3BB51B0B77F}" = Windows Live ID Sign-in Assistant
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{C99C0593-3B48-41D9-B42F-6E035B320449}" = Broadcom Management Programs
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{CFF8B8E8-E086-4DE0-935F-FE22CAB54F80}" = Microsoft Search Enhancement Pack
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{DA7DF8E2-4B8F-4286-97FE-DE3FFFE9B728}" = iCloud
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{DEDB47A3-C988-4A43-A645-E2CEA571E680}" = Epson Easy Photo Print 2
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{E646DCF0-5A68-11D5-B229-002078017FBF}" = Digital Line Detect
"{EB879750-CCBD-4013-BFD5-0294D4DA5BD0}" = Apple Application Support
"{ED439A64-F018-4DD4-8BA5-328D85AB09AB}" = Roxio Creator DE
"{EFC04D3F-A152-47E7-8517-EE0F6201AFEF}" = Apple Mobile Device Support
"{F084395C-40FB-4DB3-981C-B51E74E1E83D}" = Smart Menus (Windows Live Toolbar)
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F63A3748-B93D-4360-9AD4-B064481A5C7B}" = Modem Diagnostic Tool
"{F6CB42B9-F033-4152-8813-FF11DA8E6A78}" = Dell Dock
"{FA54AFB1-5745-4389-B8C1-9F7509672ED1}" = iPhone Configuration Utility
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"4oD" = 4oD
"7-Zip" = 7-Zip 4.62
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Advanced Audio FX Engine" = Advanced Audio FX Engine
"Advanced Video FX Engine" = Advanced Video FX Engine
"Amazon MP3 Downloader" = Amazon MP3 Downloader 1.0.8
"AvantBrowser" = Avant Browser (remove only)
"Broadcom 802.11b Network Adapter" = Dell Wireless WLAN Card
"Browser Defender_is1" = Browser Guard 4.0
"CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2C06&SUBSYS_14F1000F" = Conexant HDA D330 MDC V.92 Modem
"Creative OEM002" = Laptop Integrated Webcam Driver (1.04.01.1011)
"Dell Webcam Center" = Dell Webcam Center
"Dell Webcam Manager" = Dell Webcam Manager
"ENTERPRISER" = Microsoft Office Enterprise 2007
"EPSON Scanner" = EPSON Scan
"EPSON Stylus SX100_TX100 User’s Guide" = EPSON Stylus SX100_TX100 Manual
"EPSON SX100 Series" = EPSON SX100 Series Printer Uninstall
"Google Desktop" = Google Desktop
"GoToAssist" = GoToAssist 8.0.0.514
"ImageConverter Plus_is1" = ImageConverter Plus 8.0
"InstallShield_{4CE88F4D-B74E-4F92-9DA4-ECEB60ED362A}" = TBS WMP Plug-in
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"NVIDIA Drivers" = NVIDIA Drivers
"Prism" = Prism Video Converter
"Software Informer_is1" = Software Informer 1.0 BETA
"Spotify" = Spotify
"Spyware Doctor" = PC Tools AntiVirus Free 9.0
"Steam App 71270" = Football Manager 2012
"Steam App 71400" = Football Manager 2012 Editor
"Switch" = Switch Sound File Converter
"SystemRequirementsLab" = System Requirements Lab
"TP Plugins" = Tripleplay TP Plugins 8.6.5
"WinLiveSuite" = Windows Live Essentials
"Yahoo! Companion" = Yahoo! Toolbar
"Yahoo! Software Update" = Yahoo! Software Update
"YInstHelper" = Yahoo! Install Manager

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"2968090788.go.sky.com" = Sky Go Desktop
"Move Media Player" = Move Media Player
"UnityWebPlayer" = Unity Web Player

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 07/05/2012 18:48:07 | Computer Name = Beaton | Source = Windows Search Service | ID = 3013
Description =

Error - 07/05/2012 18:48:36 | Computer Name = Beaton | Source = Windows Search Service | ID = 3013
Description =

Error - 07/05/2012 18:48:36 | Computer Name = Beaton | Source = Windows Search Service | ID = 3013
Description =

Error - 07/05/2012 18:48:56 | Computer Name = Beaton | Source = Windows Search Service | ID = 3013
Description =

Error - 07/05/2012 18:48:56 | Computer Name = Beaton | Source = Windows Search Service | ID = 3013
Description =

Error - 07/05/2012 19:29:19 | Computer Name = Beaton | Source = EventSystem | ID = 4621
Description =

Error - 08/05/2012 16:10:03 | Computer Name = Beaton | Source = Windows Search Service | ID = 3006
Description =

Error - 08/05/2012 16:10:04 | Computer Name = Beaton | Source = Windows Search Service | ID = 3007
Description =

Error - 10/05/2012 11:24:40 | Computer Name = Beaton | Source = Windows Search Service | ID = 3013
Description =

Error - 10/05/2012 11:24:40 | Computer Name = Beaton | Source = Windows Search Service | ID = 3013
Description =

[ Broadcom Wireless LAN Events ]
Error - 08/09/2009 18:57:51 | Computer Name = Beaton | Source = WLAN-Tray | ID = 0
Description = 23:57:51, Tue, Sep 08, 09 Error - Unable to decrypt string

Error - 11/09/2009 13:27:35 | Computer Name = Beaton | Source = WLAN-Tray | ID = 0
Description = 18:27:34, Fri, Sep 11, 09 Error - Unable to decrypt string

Error - 17/09/2009 16:54:35 | Computer Name = Beaton | Source = WLAN-Tray | ID = 0
Description = 21:54:34, Thu, Sep 17, 09 Error - Unable to decrypt string

Error - 26/11/2009 16:14:52 | Computer Name = Beaton | Source = WLAN-Tray | ID = 0
Description = 20:14:52, Thu, Nov 26, 09 Error - Unable to decrypt string

Error - 04/12/2009 14:28:18 | Computer Name = Beaton | Source = WLAN-Tray | ID = 0
Description = 18:28:17, Fri, Dec 04, 09 Error - Unable to decrypt string

Error - 29/01/2010 17:00:58 | Computer Name = Beaton | Source = WLAN-Tray | ID = 0
Description = 21:00:56, Fri, Jan 29, 10 Error - Unable to decrypt string

Error - 13/05/2010 10:48:48 | Computer Name = Beaton | Source = WLAN-Tray | ID = 0
Description = 15:48:48, Thu, May 13, 10 Error - Unable to decrypt string

Error - 14/11/2010 13:29:01 | Computer Name = Beaton | Source = WLAN-Tray | ID = 0
Description = 17:29:01, Sun, Nov 14, 10 Error - Unable to gain access to user store


Error - 08/06/2011 11:52:53 | Computer Name = Beaton | Source = WLAN-Tray | ID = 0
Description = 16:52:52, Wed, Jun 08, 11 Error - Unable to gain access to user store


[ OSession Events ]
Error - 03/06/2011 11:34:50 | Computer Name = Beaton | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 13
seconds with 0 seconds of active time. This session ended with a crash.

Error - 03/06/2011 11:35:33 | Computer Name = Beaton | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application
Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session
lasted 15 seconds with 0 seconds of active time. This session ended with a crash.

Error - 03/06/2011 11:36:03 | Computer Name = Beaton | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6550.5004, Microsoft Office Version: 12.0.6425.1000. This session lasted 7
seconds with 0 seconds of active time. This session ended with a crash.

Error - 03/06/2011 18:33:52 | Computer Name = Beaton | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 10
seconds with 0 seconds of active time. This session ended with a crash.

Error - 03/06/2011 18:34:54 | Computer Name = Beaton | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6550.5004, Microsoft Office Version: 12.0.6425.1000. This session lasted 9
seconds with 0 seconds of active time. This session ended with a crash.

Error - 03/06/2011 18:35:20 | Computer Name = Beaton | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6550.5004, Microsoft Office Version: 12.0.6425.1000. This session lasted 7
seconds with 0 seconds of active time. This session ended with a crash.

Error - 03/06/2011 18:35:50 | Computer Name = Beaton | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6550.5004, Microsoft Office Version: 12.0.6425.1000. This session lasted 14
seconds with 0 seconds of active time. This session ended with a crash.

Error - 03/06/2011 18:36:30 | Computer Name = Beaton | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 10
seconds with 0 seconds of active time. This session ended with a crash.

Error - 04/07/2011 13:54:00 | Computer Name = Beaton | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 14
seconds with 0 seconds of active time. This session ended with a crash.

Error - 04/07/2011 13:54:39 | Computer Name = Beaton | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 15
seconds with 0 seconds of active time. This session ended with a crash.

[ System Events ]
Error - 10/05/2012 11:20:46 | Computer Name = Beaton | Source = Service Control Manager | ID = 7000
Description =

Error - 10/05/2012 11:20:48 | Computer Name = Beaton | Source = Service Control Manager | ID = 7000
Description =

Error - 10/05/2012 11:22:43 | Computer Name = Beaton | Source = EventLog | ID = 6008
Description = The previous system shutdown at 16:20:46 on 10/05/2012 was unexpected.

Error - 10/05/2012 11:23:29 | Computer Name = Beaton | Source = Service Control Manager | ID = 7000
Description =

Error - 10/05/2012 11:23:29 | Computer Name = Beaton | Source = Service Control Manager | ID = 7000
Description =

Error - 10/05/2012 11:23:30 | Computer Name = Beaton | Source = Service Control Manager | ID = 7000
Description =

Error - 10/05/2012 11:23:32 | Computer Name = Beaton | Source = Service Control Manager | ID = 7000
Description =

Error - 10/05/2012 11:23:33 | Computer Name = Beaton | Source = Service Control Manager | ID = 7000
Description =

Error - 10/05/2012 11:24:28 | Computer Name = Beaton | Source = Service Control Manager | ID = 7000
Description =

Error - 10/05/2012 11:24:29 | Computer Name = Beaton | Source = Service Control Manager | ID = 7000
Description =


< End of report >
  • 0

#3
DanBeats21

DanBeats21

    New Member

  • Topic Starter
  • Member
  • Pip
  • 3 posts
Right, did a few more virus checks which unearthed a few more demons. I dealt with them thinking that that might be the end of the problem. But, just as I started to celebrate - BLUE SCREEN! What was odd though was that this blue screen didn't have the BAD_POOL_CALLER text at the top of the screen; in fact, it didn't have any code at all at the top of the screen. Anyway if any incredibly smart person can look at all of the info that I have given and magic up some sort of solution I would be unbelievably grateful!
  • 0

#4
Gammo

Gammo

    Trusted Helper

  • Malware Removal
  • 2,299 posts
Hello and welcome to Geekstogo!

We apologize for the delay in responding to your request for help.
If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine.

Please include a clear description of the problems you're having, along with any steps you may have performed so far.

Please refrain from running tools or applying updates other than those we suggest while we are cleaning up your computer. The reason for this is so we know what is going on with the machine at any time. Some programs can interfere with others and hamper the recovery process.

If you haven't done so yet, please go to Malware and Spyware Cleaning Guide and follow the steps instructed there. If you have already done this, we still need a new log to see what has changed since you originally posted your problem.

We need to create an OTL Report
Download OTL to your Desktop
  • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
  • Check the box that says Scan All Users.
  • Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
  • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time and post them in your topic.

In the upper right hand corner of the topic you will see a button called Options. If you click on this in the drop-down menu you can choose Track this topic. I suggest you do this and select Immediate E-Mail notification and click on Proceed. This way you will be advised when we respond to your topic and facilitate the cleaning of your machine.

After 5 days if a topic is not replied to we assume it has been abandoned and it is closed.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP