Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

systemrepair cycle


  • Please log in to reply

#1
Misterd1629

Misterd1629

    New Member

  • Member
  • Pip
  • 8 posts
i think my buddy has got a mallware related issue on his laptop, i've tested the hard drive and memory, they both pass the tests.
every couple of boots he got to run system repair to get in to windows,using safe mode to start system repair,but after this was done the first time i noticed it's been very slow since.
i have ran CCleaner and it cleaned out a bunch of files and fixed some registry errors, but that didn't fix the problem.
he has been using Avast free as a virus scan.
i also noticed after last month when i did some maintance on his computer, removing some software/games, the games showed up again and my friend is telling me he is not playing games on this system since he uses this laptop for work.

i've attached otl file and otl extra file

any help would be great,

Thank you,

Dennis

OTL logfile created on: 7/17/2012 11:10:36 AM - Run 1
OTL by OldTimer - Version 3.2.54.0 Folder = C:\Users\Greg\Downloads
Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.00 Gb Total Physical Memory | 1.79 Gb Available Physical Memory | 59.68% Memory free
11.83 Gb Paging File | 10.35 Gb Available in Paging File | 87.46% Paging File free
Paging file location(s): c:\pagefile.sys 9048 15096 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 222.41 Gb Total Space | 149.54 Gb Free Space | 67.24% Space Free | Partition Type: NTFS
Drive D: | 10.47 Gb Total Space | 3.86 Gb Free Space | 36.90% Space Free | Partition Type: NTFS

Computer Name: GREGKNEE-PC | User Name: Greg | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/07/17 11:08:38 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Users\Greg\Downloads\OTL.exe
PRC - [2012/07/05 18:09:38 | 000,136,616 | ---- | M] (LogMeIn, Inc.) -- C:\Program Files\LogMeIn\x86\ramaint.exe
PRC - [2012/07/05 18:09:32 | 000,374,184 | ---- | M] (LogMeIn, Inc.) -- C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe
PRC - [2012/07/03 09:21:30 | 004,273,976 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2012/07/03 09:21:29 | 000,044,808 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2012/06/08 12:06:24 | 000,390,528 | ---- | M] (LogMeIn, Inc.) -- C:\Program Files\LogMeIn\x86\LogMeIn.exe
PRC - [2012/06/08 12:06:24 | 000,063,048 | ---- | M] (LogMeIn, Inc.) -- C:\Program Files\LogMeIn\x86\LogMeInSystray.exe
PRC - [2012/03/09 18:27:53 | 000,250,528 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\System32\Macromed\Flash\FlashUtil11g_ActiveX.exe
PRC - [2012/02/28 02:57:09 | 000,307,824 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe
PRC - [2012/02/19 16:57:20 | 000,296,056 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\real\realplayer\Update\realsched.exe
PRC - [2012/01/03 06:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011/02/24 22:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2010/11/20 05:17:47 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2010/03/25 22:40:44 | 000,017,904 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Essentials\MsMpEng.exe
PRC - [2010/01/21 16:27:44 | 009,136,960 | ---- | M] (Western Digital) -- C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe
PRC - [2010/01/21 16:27:42 | 002,057,536 | ---- | M] (WDC) -- C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe
PRC - [2010/01/21 16:24:08 | 000,110,592 | ---- | M] (WDC) -- C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe
PRC - [2009/06/25 23:48:44 | 000,348,160 | ---- | M] (AMD) -- C:\Windows\System32\atieclxx.exe
PRC - [2009/06/25 23:48:16 | 000,176,128 | ---- | M] (AMD) -- C:\Windows\System32\atiesrxx.exe
PRC - [2009/06/16 08:58:08 | 000,020,480 | ---- | M] (Memeo) -- C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe
PRC - [2007/07/27 09:49:42 | 000,102,400 | ---- | M] (IDT, Inc.) -- C:\Windows\System32\stacsv.exe
PRC - [2007/07/27 09:48:28 | 000,405,504 | ---- | M] (IDT, Inc.) -- C:\Windows\sttray.exe


========== Modules (No Company Name) ==========

MOD - [2012/06/14 03:42:08 | 001,670,144 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\6c59a14a23f734093e80d6093e25302a\Microsoft.VisualBasic.ni.dll
MOD - [2012/06/14 03:37:58 | 000,212,992 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\69ca4a43ba14b66689715ad62aed70e6\System.ServiceProcess.ni.dll
MOD - [2012/06/14 03:37:45 | 011,833,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\a501b7960f6c6e2e39162b83f3303aaa\System.Web.ni.dll
MOD - [2012/06/14 03:37:04 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\7b7fbe651c6e72f12099a298654c9594\System.Windows.Forms.ni.dll
MOD - [2012/06/14 03:36:53 | 001,591,808 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\6bb439b3f87736d3248ae27d43e2c0d6\System.Drawing.ni.dll
MOD - [2012/05/12 03:46:10 | 001,051,136 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\9b2f17fb61b7197f2a04108f5d1a1cc6\System.Management.ni.dll
MOD - [2012/05/12 03:43:33 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\03dee80574f4ec770b6f77ca030ded6c\System.Runtime.Remoting.ni.dll
MOD - [2012/05/12 03:43:29 | 006,611,456 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\f3814b488d9e083cbbc623e01b389f09\System.Data.ni.dll
MOD - [2012/05/12 03:42:04 | 005,452,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\ba3d70b651454c7d49b407b93663bfed\System.Xml.ni.dll
MOD - [2012/05/12 03:41:58 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\cfa9c506bfb9254c89dace7b83bc9f9d\System.Configuration.ni.dll
MOD - [2012/05/12 03:41:56 | 007,967,232 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\ce9ff6baf9053ed2ed673d948179195c\System.ni.dll
MOD - [2012/05/12 03:41:43 | 011,492,864 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\acfc1391e45fedd2a359778ea57d914c\mscorlib.ni.dll
MOD - [2010/11/04 18:58:05 | 002,927,616 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
MOD - [2009/08/19 15:49:08 | 000,049,152 | ---- | M] () -- C:\Program Files\Western Digital\WD SmartWare\Front Parlor\Memeo.API.dll
MOD - [2009/07/29 15:24:14 | 000,504,293 | ---- | M] () -- C:\Program Files\Western Digital\WD SmartWare\Front Parlor\sqlite3.dll


========== Win32 Services (SafeList) ==========

SRV - [2012/07/05 18:09:38 | 000,136,616 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files\LogMeIn\x86\ramaint.exe -- (LMIMaint)
SRV - [2012/07/05 18:09:32 | 000,374,184 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe -- (LMIGuardianSvc)
SRV - [2012/07/03 09:21:29 | 000,044,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2012/06/08 12:06:24 | 000,390,528 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files\LogMeIn\x86\LogMeIn.exe -- (LogMeIn)
SRV - [2012/01/03 06:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011/11/11 13:36:56 | 000,045,056 | ---- | M] (Intuit) [Auto | Stopped] -- C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe -- (QBCFMonitorService)
SRV - [2011/07/15 03:01:32 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2010/12/04 23:44:39 | 000,016,680 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) [On_Demand | Stopped] -- C:\Program Files\Citrix\GoToAssist\570\g2aservice.exe -- (GoToAssist)
SRV - [2010/03/25 22:40:44 | 000,017,904 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Essentials\MsMpEng.exe -- (MsMpSvc)
SRV - [2010/01/21 16:24:08 | 000,110,592 | ---- | M] (WDC) [Auto | Running] -- C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe -- (WDDMService)
SRV - [2009/07/23 22:10:38 | 000,061,440 | ---- | M] (Intuit Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe -- (QBFCService)
SRV - [2009/07/13 18:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/13 18:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009/07/13 18:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2009/06/25 23:48:16 | 000,176,128 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility)
SRV - [2009/06/16 08:58:08 | 000,020,480 | ---- | M] (Memeo) [Auto | Running] -- C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe -- (WDSmartWareBackgroundService)
SRV - [2007/07/27 09:49:42 | 000,102,400 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\System32\stacsv.exe -- (STacSV)
SRV - [2007/02/12 13:38:04 | 000,355,096 | ---- | M] (Intel Corporation) [Disabled | Stopped] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel®
SRV - [2006/10/23 05:50:35 | 000,046,640 | R--- | M] (AOL LLC) [Disabled | Stopped] -- C:\Program Files\Common Files\aol\acs\AOLacsd.exe -- (AOL ACS)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\rdvgkmd.sys -- (VGPU)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\tsusbhub.sys -- (tsusbhub)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\synth3dvsc.sys -- (Synth3dVsc)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\Greg\AppData\Local\Temp\cpuz135\cpuz135_x32.sys -- (cpuz135)
DRV - [2012/07/05 18:10:02 | 000,083,392 | ---- | M] (LogMeIn, Inc.) [File_System | Disabled | Stopped] -- C:\Windows\System32\LMIRfsClientNP.dll -- (LMIRfsClientNP)
DRV - [2012/07/03 09:21:54 | 000,054,232 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2012/07/03 09:21:53 | 000,721,000 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2012/07/03 09:21:53 | 000,353,688 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2012/07/03 09:21:53 | 000,057,656 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2012/07/03 09:21:53 | 000,044,784 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr2.sys -- (aswRdr)
DRV - [2012/07/03 09:21:53 | 000,021,256 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2012/06/08 12:06:24 | 000,047,640 | ---- | M] (LogMeIn, Inc.) [File_System | Auto | Running] -- C:\Windows\System32\drivers\LMIRfsDriver.sys -- (LMIRfsDriver)
DRV - [2012/06/08 12:06:24 | 000,012,856 | ---- | M] (LogMeIn, Inc.) [Kernel | Auto | Running] -- C:\Program Files\LogMeIn\x86\rainfo.sys -- (LMIInfo)
DRV - [2010/11/20 05:30:15 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus)
DRV - [2010/11/20 05:30:15 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
DRV - [2010/11/20 05:30:15 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc)
DRV - [2010/11/20 03:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010/11/20 03:21:14 | 000,015,872 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV - [2010/11/20 02:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2010/11/20 02:14:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2010/11/20 02:14:41 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap)
DRV - [2010/03/25 22:30:22 | 000,042,368 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\MpNWMon.sys -- (MpNWMon)
DRV - [2009/07/13 15:13:48 | 001,035,776 | ---- | M] (LSI Corp) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2009/07/13 15:02:51 | 004,231,168 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\netw5v32.sys -- (netw5v32) Intel®
DRV - [2009/06/26 00:23:46 | 004,993,536 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2008/05/06 16:06:00 | 000,011,520 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\wdcsam.sys -- (WDC_SAM)
DRV - [2007/07/27 09:50:22 | 000,329,728 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\stwrt.sys -- (STHDA)
DRV - [2007/05/23 17:37:40 | 000,011,776 | ---- | M] (Chicony Electronics Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\UVCFTR_S.SYS -- (UVCFTR)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.gateway.c...ys=PTB&M=M-6824
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [Binary data over 100 bytes]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = [Binary data over 100 bytes]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.gateway.c...ys=PTB&M=M-6824
IE - HKLM\..\URLSearchHook: {03402f96-3dc7-4285-bc50-9e81fefafe43} - C:\Program Files\AIM Toolbar\aimtb.dll (AOL Inc.)
IE - HKLM\..\SearchScopes,DefaultScope = {69999FB0-6C0C-4C56-954E-DA463F10DD3C}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{443789B7-F39C-4b5c-9287-DA72D38F4FE6}: "URL" = http://slirsredirect...mrud=10-03-2012
IE - HKLM\..\SearchScopes\{69999FB0-6C0C-4C56-954E-DA463F10DD3C}: "URL" = http://www.google.co...ie7&rlz=1I7GWYE

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.gateway.c...ys=PTB&M=M-6824
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.aol.com/?...susaimc00000001
IE - HKCU\..\URLSearchHook: {03402f96-3dc7-4285-bc50-9e81fefafe43} - C:\Program Files\AIM Toolbar\aimtb.dll (AOL Inc.)
IE - HKCU\..\SearchScopes,DefaultScope = {69999FB0-6C0C-4C56-954E-DA463F10DD3C}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{443789B7-F39C-4b5c-9287-DA72D38F4FE6}: "URL" = http://slirsredirect...mrud=10-03-2012
IE - HKCU\..\SearchScopes\{45285B71-2334-4A82-B5E8-0F1E317111F4}: "URL" = http://www.google.co...&rlz=1I7GGLL_en
IE - HKCU\..\SearchScopes\{69999FB0-6C0C-4C56-954E-DA463F10DD3C}: "URL" = http://www.google.co...&rlz=1I7GGLL_en
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


========== FireFox ==========

FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.3: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=15.0.2.72: c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=15.0.2.72: c:\program files\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.2.72: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.2.72: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=15.0.2.72: c:\program files\real\realplayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@viewpoint.com/VMP: C:\Program Files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll ()
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\[email protected]/YahooActiveXPluginBridge;version=1.0.0.1: C:\Program Files\Yahoo!\Common\npyaxmpb.dll File not found

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012/07/17 09:40:51 | 000,000,000 | ---D | M]

[2012/03/10 01:06:08 | 000,002,242 | ---- | M] () -- \searchplugins\AOL Search.xml
[2012/03/09 21:47:44 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011/07/13 23:47:34 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2011/07/13 23:47:35 | 000,000,000 | ---D | M] (Skype extension) -- C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2012/02/24 17:43:39 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}
[2011/07/13 23:47:34 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions\[email protected]
[2011/07/13 23:47:34 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions\[email protected]
[2012/02/24 17:43:26 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll

O1 HOSTS File: ([2010/10/08 19:53:38 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (AOL Messaging Toolbar Loader) - {b0cda128-b425-4eef-a174-61a11ac5dbf8} - C:\Program Files\AIM Toolbar\aimtb.dll (AOL Inc.)
O3 - HKLM\..\Toolbar: (no name) - {4E7BD74F-2B8D-469E-8CB0-AB60BB9AAE22} - No CLSID value found.
O3 - HKLM\..\Toolbar: (AOL Messaging Toolbar) - {61539ecd-cc67-4437-a03c-9aaccbd14326} - C:\Program Files\AIM Toolbar\aimtb.dll (AOL Inc.)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [Intuit SyncManager] C:\Program Files\Common Files\Intuit\Sync\IntuitSyncManager.exe (Intuit Inc. All rights reserved.)
O4 - HKLM..\Run: [LogMeIn GUI] C:\Program Files\LogMeIn\x86\LogMeInSystray.exe (LogMeIn, Inc.)
O4 - HKLM..\Run: [SigmatelSysTrayApp] C:\Windows\sttray.exe (IDT, Inc.)
O4 - HKLM..\Run: [TkBellExe] c:\program files\real\realplayer\Update\realsched.exe (RealNetworks, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: AOL Instant Messenger ™ - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM95\aim.exe (America Online, Inc.)
O9 - Extra Button: PartyPoker.net - {F4430FE8-2638-42e5-B849-800749B94EED} - C:\Programs\PartyGaming.Net\PartyPokerNet\RunPF.exe File not found
O9 - Extra 'Tools' menuitem : PartyPoker.net - {F4430FE8-2638-42e5-B849-800749B94EED} - C:\Programs\PartyGaming.Net\PartyPokerNet\RunPF.exe File not found
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_01)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} https://qb.webex.com...ra/ieatgpc1.cab (GpcContainer Class)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C4756283-0FC4-4464-8E68-615B16F16F87}: DhcpNameServer = 192.168.1.254
O18 - Protocol\Handler\intu-help-qb3 {c5e479ea-0a65-4b05-8c6c-2fc8cc682eb4} - C:\Program Files\Intuit\QuickBooks 2010\HelpAsyncPluggableProtocol.dll (Intuit, Inc.)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - Winlogon\Notify\GoToAssist: DllName - (C:\Program Files\Citrix\GoToAssist\570\G2AWinLogon.dll) - C:\Program Files\Citrix\GoToAssist\570\g2awinlogon.dll (Citrix Online, a division of Citrix Systems, Inc.)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O24 - Desktop WallPaper:
O24 - Desktop BackupWallPaper:
O27 - HKLM IFEO\ehshell.exe: Debugger - C:\Program Files\LogMeIn\x86\LogMeInSystray.exe (LogMeIn, Inc.)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 14:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2004/04/30 17:01:00 | 000,000,053 | -HS- | M] () - D:\Autorun.inf -- [ NTFS ]
O33 - MountPoints2\{55dbb5d5-72c0-11e0-893e-00038a000015}\Shell - "" = AutoRun
O33 - MountPoints2\{55dbb5d5-72c0-11e0-893e-00038a000015}\Shell\AutoRun\command - "" = "H:\WD SmartWare.exe" autoplay=true
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2012/07/17 10:20:29 | 000,000,000 | ---D | C] -- C:\Users\Greg\AppData\Local\LogMeIn
[2012/07/17 10:20:24 | 000,083,392 | ---- | C] (LogMeIn, Inc.) -- C:\Windows\System32\LMIRfsClientNP.dll
[2012/07/17 10:20:24 | 000,047,640 | ---- | C] (LogMeIn, Inc.) -- C:\Windows\System32\drivers\LMIRfsDriver.sys
[2012/07/17 10:20:24 | 000,030,624 | ---- | C] (LogMeIn, Inc.) -- C:\Windows\System32\LMIport.dll
[2012/07/17 10:20:22 | 000,087,456 | ---- | C] (LogMeIn, Inc.) -- C:\Windows\System32\LMIinit.dll
[2012/07/17 10:20:17 | 000,000,000 | ---D | C] -- C:\ProgramData\LogMeIn
[2012/07/17 10:20:01 | 000,000,000 | ---D | C] -- C:\Program Files\LogMeIn
[2012/07/17 09:49:20 | 000,000,000 | ---D | C] -- C:\Users\Greg\AppData\Local\{ADBFEA1E-C296-4605-A616-A5D221FA43D0}
[2012/07/17 09:48:19 | 000,000,000 | ---D | C] -- C:\Users\Greg\AppData\Local\{613EE4E0-BF66-4DDF-856A-3C044023801D}
[2012/07/17 06:43:18 | 000,000,000 | ---D | C] -- C:\Users\Greg\AppData\Local\{5B6C8B60-5718-4090-A30C-5497E39566AD}
[2012/07/16 18:42:38 | 000,000,000 | ---D | C] -- C:\Users\Greg\AppData\Local\{1EC86C3B-2171-413C-9845-0B3E6F79912C}
[2012/07/16 18:42:24 | 000,000,000 | ---D | C] -- C:\Users\Greg\AppData\Local\{A537DE0F-0D97-426F-8BF9-882C1D1F57B9}
[2012/07/16 06:41:57 | 000,000,000 | ---D | C] -- C:\Users\Greg\AppData\Local\{0EC9391E-A1BB-4A3B-8CD4-D6B6E5EDC8DF}
[2012/07/16 06:41:43 | 000,000,000 | ---D | C] -- C:\Users\Greg\AppData\Local\{E02ACE0F-7813-4DE5-862C-DFB1B13F396F}
[2012/07/15 18:41:15 | 000,000,000 | ---D | C] -- C:\Users\Greg\AppData\Local\{9BAA39A3-EAE4-439C-B633-70401AA99F89}
[2012/07/15 06:40:31 | 000,000,000 | ---D | C] -- C:\Users\Greg\AppData\Local\{278468C5-A970-4C1B-9C5E-7E25C93B0858}
[2012/07/14 18:39:47 | 000,000,000 | ---D | C] -- C:\Users\Greg\AppData\Local\{C3B53ADE-AFD1-473E-8E2D-BAB16AB8F9F2}
[2012/07/14 06:39:15 | 000,000,000 | ---D | C] -- C:\Users\Greg\AppData\Local\{A1B5348D-33F0-4E55-AC1D-E4AE9272A01E}
[2012/07/13 18:38:35 | 000,000,000 | ---D | C] -- C:\Users\Greg\AppData\Local\{E5516629-931D-4F1A-966F-FE5D5F8EA77F}
[2012/07/13 18:38:18 | 000,000,000 | ---D | C] -- C:\Users\Greg\AppData\Local\{E4CA6495-9E56-43D2-91EC-0B4F1855ADDE}
[2012/07/13 06:37:51 | 000,000,000 | ---D | C] -- C:\Users\Greg\AppData\Local\{FA2721A9-8B30-4824-98A4-5956033252E2}
[2012/07/12 18:37:22 | 000,000,000 | ---D | C] -- C:\Users\Greg\AppData\Local\{2F5A6A66-460D-4C83-8F3C-AA9396EDE0E1}
[2012/07/12 18:37:10 | 000,000,000 | ---D | C] -- C:\Users\Greg\AppData\Local\{E5F2E738-DD20-4531-9DC4-DE5A6FCA480E}
[2012/07/12 06:36:44 | 000,000,000 | ---D | C] -- C:\Users\Greg\AppData\Local\{54B3D3BF-C656-4D4C-AB50-038022440172}
[2012/07/11 18:36:09 | 000,000,000 | ---D | C] -- C:\Users\Greg\AppData\Local\{807E9468-8663-470E-A35D-93DFC990B81F}
[2012/07/11 06:35:41 | 000,000,000 | ---D | C] -- C:\Users\Greg\AppData\Local\{D8B36434-B6C8-4559-A5A5-900064A4C43D}
[2012/07/11 06:35:28 | 000,000,000 | ---D | C] -- C:\Users\Greg\AppData\Local\{EB8E2651-E57B-43F9-97F0-484A5227612E}
[2012/07/10 16:58:11 | 000,000,000 | ---D | C] -- C:\Users\Greg\AppData\Local\{FDC6209C-8528-4E58-9469-509D9404ADA0}
[2012/07/10 04:57:28 | 000,000,000 | ---D | C] -- C:\Users\Greg\AppData\Local\{FFC3D8B1-80F8-4B5D-BB6E-5A22CA4685CB}
[2012/07/10 04:57:16 | 000,000,000 | ---D | C] -- C:\Users\Greg\AppData\Local\{EAA3378F-0AA0-48F9-8A80-45B222F08BBA}
[2012/07/09 16:56:49 | 000,000,000 | ---D | C] -- C:\Users\Greg\AppData\Local\{C1BD1B04-0FAB-45CB-AB84-4F5D1E39AC93}
[2012/07/09 16:56:36 | 000,000,000 | ---D | C] -- C:\Users\Greg\AppData\Local\{798BE971-C2BE-4789-93EA-B4E4C284D14B}
[2012/07/09 04:56:09 | 000,000,000 | ---D | C] -- C:\Users\Greg\AppData\Local\{8234E80B-ECB2-4401-ADE5-3632B121B4AC}
[2012/07/08 16:55:26 | 000,000,000 | ---D | C] -- C:\Users\Greg\AppData\Local\{2DEC625D-E043-443F-920E-DFE814E25DF8}
[2012/07/08 04:54:49 | 000,000,000 | ---D | C] -- C:\Users\Greg\AppData\Local\{FC152F48-924B-408E-BF18-94EE49E71E57}
[2012/07/07 16:54:05 | 000,000,000 | ---D | C] -- C:\Users\Greg\AppData\Local\{737A4E6A-7AC0-417F-B707-AC0A6A1B9FC4}
[2012/07/07 04:53:27 | 000,000,000 | ---D | C] -- C:\Users\Greg\AppData\Local\{323371DE-882E-43C9-9575-8A7C2E21ADB6}
[2012/07/06 16:52:57 | 000,000,000 | ---D | C] -- C:\Users\Greg\AppData\Local\{890B96E9-7BC3-4452-AC8F-3261C04A41B9}
[2012/07/06 04:52:29 | 000,000,000 | ---D | C] -- C:\Users\Greg\AppData\Local\{0C19650D-4A56-4022-9213-FD2FA846D246}
[2012/07/05 16:51:56 | 000,000,000 | ---D | C] -- C:\Users\Greg\AppData\Local\{FB436EBD-29A4-4253-8D0A-BF08E86144B8}
[2012/07/05 04:51:13 | 000,000,000 | ---D | C] -- C:\Users\Greg\AppData\Local\{EE364AB4-EB94-4E39-A2F1-992CCF051763}
[2012/07/04 16:50:48 | 000,000,000 | ---D | C] -- C:\Users\Greg\AppData\Local\{41A8A21E-9330-4793-B1A8-2FC9779CC581}
[2012/07/04 04:50:05 | 000,000,000 | ---D | C] -- C:\Users\Greg\AppData\Local\{30FC120D-9B67-4FD6-A5B7-DE6A410859BF}
[2012/07/03 16:49:39 | 000,000,000 | ---D | C] -- C:\Users\Greg\AppData\Local\{1CD77AB3-CE37-48FB-94C7-F05AF4D40CE2}
[2012/07/03 04:49:11 | 000,000,000 | ---D | C] -- C:\Users\Greg\AppData\Local\{B05A1459-E76D-4663-9AB3-8C7D1E53C051}
[2012/07/03 04:48:57 | 000,000,000 | ---D | C] -- C:\Users\Greg\AppData\Local\{1266A8DA-CFED-47B8-B3AE-C621A6402DEF}
[2012/07/02 16:48:30 | 000,000,000 | ---D | C] -- C:\Users\Greg\AppData\Local\{18C9372E-72A6-41F7-8D32-53E1DCBED3FD}
[2012/07/02 16:48:16 | 000,000,000 | ---D | C] -- C:\Users\Greg\AppData\Local\{41D741FE-2923-4B5C-9484-C3CEC4E0B0D0}
[2012/07/02 04:47:49 | 000,000,000 | ---D | C] -- C:\Users\Greg\AppData\Local\{21B2E055-ED6E-4746-8BFB-52DD1D20BA58}
[2012/07/02 04:47:35 | 000,000,000 | ---D | C] -- C:\Users\Greg\AppData\Local\{08DA0C22-C372-4F79-8999-20C29055640A}
[2012/07/01 16:47:09 | 000,000,000 | ---D | C] -- C:\Users\Greg\AppData\Local\{C993B0B5-95C8-485E-8AD5-363C739B2CDD}
[2012/07/01 16:46:56 | 000,000,000 | ---D | C] -- C:\Users\Greg\AppData\Local\{6C40A5FE-1CB2-408A-AFC8-FD9282A808CD}
[2012/07/01 04:46:42 | 000,000,000 | ---D | C] -- C:\Users\Greg\AppData\Local\{A3A54598-62DC-4C53-95C5-8CFE02996684}
[2012/07/01 04:46:24 | 000,000,000 | ---D | C] -- C:\Users\Greg\AppData\Local\{8BD3828F-397A-4000-BF27-4832F8B23FF6}
[2012/06/30 16:46:11 | 000,000,000 | ---D | C] -- C:\Users\Greg\AppData\Local\{04243A68-5712-420A-A675-F9A787CD400A}
[2012/06/30 16:45:57 | 000,000,000 | ---D | C] -- C:\Users\Greg\AppData\Local\{C84E4251-6578-4224-8161-EE06CD1B4C26}
[2012/06/30 04:45:44 | 000,000,000 | ---D | C] -- C:\Users\Greg\AppData\Local\{66E35813-6EFA-44BD-96CC-A6441440E616}
[2012/06/30 04:45:28 | 000,000,000 | ---D | C] -- C:\Users\Greg\AppData\Local\{F2A66614-DE11-40BE-9286-AB7970F8867B}
[2012/06/29 16:45:14 | 000,000,000 | ---D | C] -- C:\Users\Greg\AppData\Local\{9B40787A-00F0-4DFF-81EB-AA8127BF354F}
[2012/06/29 04:44:46 | 000,000,000 | ---D | C] -- C:\Users\Greg\AppData\Local\{ED9F0538-A95D-4C37-981C-3F1FD565CD02}
[2012/06/29 04:44:33 | 000,000,000 | ---D | C] -- C:\Users\Greg\AppData\Local\{48279363-07CB-4D31-90B0-2321C7562E27}
[2012/06/28 16:44:06 | 000,000,000 | ---D | C] -- C:\Users\Greg\AppData\Local\{9088D559-5A34-4D1A-8355-60707F4C21AC}
[2012/06/28 04:43:23 | 000,000,000 | ---D | C] -- C:\Users\Greg\AppData\Local\{2E99CCFB-04AE-48F2-B54E-512368A52B2A}
[2012/06/27 16:42:58 | 000,000,000 | ---D | C] -- C:\Users\Greg\AppData\Local\{305D1BB7-3644-48A4-BB05-A51F94B6A50F}
[2012/06/27 04:42:31 | 000,000,000 | ---D | C] -- C:\Users\Greg\AppData\Local\{92C0ABE2-68FB-49D4-9693-D4E8AFDEF2F3}
[2012/06/26 16:42:00 | 000,000,000 | ---D | C] -- C:\Users\Greg\AppData\Local\{19C1A003-6A20-44FD-AA94-4051E92E3A8A}
[2012/06/26 04:41:32 | 000,000,000 | ---D | C] -- C:\Users\Greg\AppData\Local\{3721D8C1-92DB-448F-8EED-6F594AD3D5C1}
[2012/06/25 16:40:50 | 000,000,000 | ---D | C] -- C:\Users\Greg\AppData\Local\{A950E4CA-7CCD-4AE0-B34C-963B81D1AF1D}
[2012/06/25 04:40:23 | 000,000,000 | ---D | C] -- C:\Users\Greg\AppData\Local\{F9A55EDE-F3A5-46F0-9DC4-3A78E5E21A47}
[2012/06/25 04:40:09 | 000,000,000 | ---D | C] -- C:\Users\Greg\AppData\Local\{11761367-7A81-4BC5-A59A-75E127855822}
[2012/06/24 16:39:43 | 000,000,000 | ---D | C] -- C:\Users\Greg\AppData\Local\{1DBC43F3-894E-433E-92CE-E29A70AFBD95}
[2012/06/24 04:39:17 | 000,000,000 | ---D | C] -- C:\Users\Greg\AppData\Local\{236B06F9-FE95-481C-AD0E-F041359EFE72}
[2012/06/23 16:38:43 | 000,000,000 | ---D | C] -- C:\Users\Greg\AppData\Local\{89A0E058-DA25-4BAA-8EBA-957088F985F8}
[2012/06/23 16:38:31 | 000,000,000 | ---D | C] -- C:\Users\Greg\AppData\Local\{579ED9F6-D4A0-4182-9B6D-F1F7B8336DD0}
[2012/06/23 16:37:38 | 000,000,000 | ---D | C] -- C:\Windows\en
[2012/06/23 16:31:02 | 000,000,000 | ---D | C] -- C:\Users\Greg\AppData\Local\{F3FC1E4C-A930-47E8-9ADF-45FFA19821F0}
[2012/06/23 16:30:45 | 000,000,000 | ---D | C] -- C:\Users\Greg\AppData\Local\{F7EFF460-B0A3-48FC-898F-4F24B19E8DA3}
[2012/06/23 16:27:49 | 000,000,000 | ---D | C] -- C:\Users\Greg\AppData\Local\{16C62C14-9320-4A96-8595-981E86685568}
[2012/06/23 16:27:37 | 000,000,000 | ---D | C] -- C:\Users\Greg\AppData\Local\{3160D5F5-7705-42F7-831C-2C04BDB9FEEB}
[2012/06/23 16:21:32 | 000,000,000 | ---D | C] -- C:\Users\Greg\AppData\Local\{DB1DBC28-A089-4FFA-88EB-579CFBB1FBE8}
[2012/06/23 16:21:04 | 000,000,000 | ---D | C] -- C:\Users\Greg\AppData\Local\{B7A24441-E2AF-48BB-83CE-FAA8A7FE8761}
[2012/06/20 11:15:03 | 000,000,000 | ---D | C] -- C:\Users\Greg\AppData\Local\{A68B532E-A65E-4AAB-A33F-A94B2348086E}
[2012/06/20 11:14:40 | 000,000,000 | ---D | C] -- C:\Users\Greg\AppData\Local\{EF1378FA-8614-4337-AA64-AB58EC5AB32B}
[2012/06/17 15:14:19 | 000,000,000 | ---D | C] -- C:\Users\Greg\Desktop\seagate ,hitchi po's
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/07/17 11:10:24 | 000,010,032 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/07/17 11:10:24 | 000,010,032 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/07/17 11:09:10 | 000,001,030 | ---- | M] () -- C:\Users\Greg\Desktop\OTL - Shortcut.lnk
[2012/07/17 11:08:20 | 000,627,256 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012/07/17 11:08:20 | 000,107,540 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012/07/17 11:02:18 | 000,000,886 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/07/17 11:01:58 | 000,000,882 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/07/17 11:01:58 | 000,000,384 | ---- | M] () -- C:\Windows\tasks\RegistryPC Startup.job
[2012/07/17 11:00:40 | 000,397,264 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012/07/17 11:00:34 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/07/17 11:00:17 | 2414,682,112 | -HS- | M] () -- C:\hiberfil.sys
[2012/07/17 10:59:07 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt
[2012/07/17 10:42:41 | 000,001,407 | ---- | M] () -- C:\Users\Greg\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2012/07/17 10:33:55 | 000,000,965 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012/07/17 10:20:21 | 000,001,024 | ---- | M] () -- C:\.rnd
[2012/07/17 09:47:04 | 000,001,922 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2012/07/14 04:57:00 | 000,000,386 | ---- | M] () -- C:\Windows\tasks\DriverCure.job
[2012/07/13 18:00:00 | 000,000,450 | ---- | M] () -- C:\Windows\tasks\ParetoLogic Registration3.job
[2012/07/13 18:00:00 | 000,000,448 | ---- | M] () -- C:\Windows\tasks\ParetoLogic Registration.job
[2012/07/13 12:00:00 | 000,000,444 | ---- | M] () -- C:\Windows\tasks\RegistryPC Scan.job
[2012/07/13 09:31:54 | 011,124,165 | ---- | M] () -- C:\Users\Greg\Desktop\Greg's Comission for June.pdf
[2012/07/12 09:17:20 | 000,150,831 | ---- | M] () -- C:\Users\Greg\Desktop\FUTHER INFO FOR PO #2001332 AND 2001331.jpg
[2012/07/12 09:15:42 | 000,049,892 | ---- | M] () -- C:\Users\Greg\Desktop\2001332.pdf
[2012/07/12 09:14:57 | 000,049,797 | ---- | M] () -- C:\Users\Greg\Desktop\2001331.pdf
[2012/07/11 16:43:44 | 000,234,457 | ---- | M] () -- C:\Users\Greg\Desktop\001.jpg
[2012/07/11 06:35:29 | 000,001,103 | ---- | M] () -- C:\Users\Greg\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Microsoft Office Outlook.lnk
[2012/07/08 06:01:00 | 000,000,422 | ---- | M] () -- C:\Windows\tasks\ParetoLogic Update Version2.job
[2012/07/06 08:17:42 | 000,162,899 | ---- | M] () -- C:\Users\Greg\Desktop\bell it po pg2.jpg
[2012/07/05 18:10:02 | 000,083,392 | ---- | M] (LogMeIn, Inc.) -- C:\Windows\System32\LMIRfsClientNP.dll
[2012/07/05 18:09:46 | 000,030,624 | ---- | M] (LogMeIn, Inc.) -- C:\Windows\System32\LMIport.dll
[2012/07/05 18:09:44 | 000,087,456 | ---- | M] (LogMeIn, Inc.) -- C:\Windows\System32\LMIinit.dll
[2012/07/05 13:06:44 | 000,452,330 | ---- | M] () -- C:\Users\Greg\Desktop\bell it proforma.jpg
[2012/07/03 15:30:58 | 000,300,134 | ---- | M] () -- C:\Users\Greg\Desktop\gp po and cc from.jpg
[2012/07/03 09:21:54 | 000,054,232 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswTdi.sys
[2012/07/03 09:21:53 | 000,721,000 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswSnx.sys
[2012/07/03 09:21:53 | 000,353,688 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswSP.sys
[2012/07/03 09:21:53 | 000,057,656 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
[2012/07/03 09:21:53 | 000,044,784 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswRdr2.sys
[2012/07/03 09:21:53 | 000,021,256 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswFsBlk.sys
[2012/07/03 09:21:32 | 000,041,224 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr
[2012/07/03 09:21:28 | 000,227,648 | ---- | M] (AVAST Software) -- C:\Windows\System32\aswBoot.exe
[2012/07/02 18:41:14 | 000,166,889 | ---- | M] () -- C:\Users\Greg\Desktop\SAMTACK PO L0702G REVISED.jpg
[2012/07/02 11:25:00 | 000,031,340 | ---- | M] () -- C:\Users\Greg\Desktop\Purchase Order # G104979-P.pdf
[2012/06/29 15:48:00 | 000,073,555 | ---- | M] () -- C:\Users\Greg\Documents\so 117358.pdf
[2012/06/29 12:19:30 | 000,291,040 | ---- | M] () -- C:\Users\Greg\Desktop\GP PO.jpg
[2012/06/27 18:23:09 | 000,013,203 | ---- | M] () -- C:\Users\Greg\Desktop\invoice to lac llc form ics.htm
[2012/06/19 09:42:06 | 000,247,645 | ---- | M] () -- C:\Users\Greg\Desktop\little bit po revised.jpg
[2012/06/17 12:54:10 | 000,000,221 | ---- | M] () -- C:\Users\Greg\Desktop\lac,llc e-mail.url
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/07/17 11:09:10 | 000,001,030 | ---- | C] () -- C:\Users\Greg\Desktop\OTL - Shortcut.lnk
[2012/07/17 11:00:23 | 000,397,264 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2012/07/17 10:20:20 | 000,001,024 | ---- | C] () -- C:\.rnd
[2012/07/17 10:20:11 | 000,000,958 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn.lnk
[2012/07/17 09:47:04 | 000,001,922 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2012/07/13 09:55:07 | 011,124,165 | ---- | C] () -- C:\Users\Greg\Desktop\Greg's Comission for June.pdf
[2012/07/12 09:17:20 | 000,150,831 | ---- | C] () -- C:\Users\Greg\Desktop\FUTHER INFO FOR PO #2001332 AND 2001331.jpg
[2012/07/12 09:15:42 | 000,049,892 | ---- | C] () -- C:\Users\Greg\Desktop\2001332.pdf
[2012/07/12 09:14:57 | 000,049,797 | ---- | C] () -- C:\Users\Greg\Desktop\2001331.pdf
[2012/07/11 16:43:44 | 000,234,457 | ---- | C] () -- C:\Users\Greg\Desktop\001.jpg
[2012/07/06 08:17:42 | 000,162,899 | ---- | C] () -- C:\Users\Greg\Desktop\bell it po pg2.jpg
[2012/07/05 13:06:44 | 000,452,330 | ---- | C] () -- C:\Users\Greg\Desktop\bell it proforma.jpg
[2012/07/03 15:30:58 | 000,300,134 | ---- | C] () -- C:\Users\Greg\Desktop\gp po and cc from.jpg
[2012/07/02 18:41:14 | 000,166,889 | ---- | C] () -- C:\Users\Greg\Desktop\SAMTACK PO L0702G REVISED.jpg
[2012/07/02 11:25:00 | 000,031,340 | ---- | C] () -- C:\Users\Greg\Desktop\Purchase Order # G104979-P.pdf
[2012/06/29 15:48:00 | 000,073,555 | ---- | C] () -- C:\Users\Greg\Documents\so 117358.pdf
[2012/06/29 12:19:30 | 000,291,040 | ---- | C] () -- C:\Users\Greg\Desktop\GP PO.jpg
[2012/06/27 18:23:09 | 000,013,203 | ---- | C] () -- C:\Users\Greg\Desktop\invoice to lac llc form ics.htm
[2012/06/19 09:42:06 | 000,247,645 | ---- | C] () -- C:\Users\Greg\Desktop\little bit po revised.jpg
[2012/02/18 16:18:15 | 000,000,095 | ---- | C] () -- C:\Windows\QBChanUtil_Trigger.ini
[2012/02/10 11:22:41 | 000,022,016 | ---- | C] () -- C:\Users\Greg\10100133.XLT
[2011/09/20 14:58:32 | 001,110,476 | ---- | C] () -- C:\Users\Greg\7z920.exe
[2011/09/20 14:23:01 | 000,136,169 | ---- | C] () -- C:\Users\Greg\AppData\Local\RAContactHistory.xml
[2011/07/15 04:30:58 | 000,080,896 | ---- | C] () -- C:\Windows\System32\RDVGHelper.exe
[2011/07/15 04:28:22 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
[2011/07/14 01:51:57 | 000,000,418 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2011/07/14 00:28:50 | 000,021,316 | ---- | C] () -- C:\Windows\System32\emptyregdb.dat
[2011/07/13 23:33:55 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2011/06/10 07:34:52 | 000,080,416 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll
[2010/12/06 22:26:28 | 000,036,597 | ---- | C] () -- C:\Users\Greg\AppData\Roaming\Comma Separated Values (Windows).ADR
[2010/12/06 21:40:14 | 000,001,368 | ---- | C] () -- C:\Users\Greg\AppData\Roaming\wklnhst.dat
[2010/12/06 19:32:29 | 000,103,720 | ---- | C] () -- C:\Users\Greg\GoToAssistDownloadHelper.exe

========== LOP Check ==========

[2011/07/14 00:12:42 | 000,000,000 | ---D | M] -- C:\Users\Greg\AppData\Roaming\acccore
[2011/07/20 17:38:59 | 000,000,000 | ---D | M] -- C:\Users\Greg\AppData\Roaming\Image Zone Express
[2011/09/20 14:23:00 | 000,000,000 | ---D | M] -- C:\Users\Greg\AppData\Roaming\PeerNetworking
[2011/07/14 00:13:03 | 000,000,000 | ---D | M] -- C:\Users\Greg\AppData\Roaming\Printer Info Cache
[2011/05/02 15:33:27 | 000,000,000 | ---D | M] -- C:\Users\Greg\AppData\Roaming\SampleView
[2011/07/14 00:13:10 | 000,000,000 | ---D | M] -- C:\Users\Greg\AppData\Roaming\Template
[2011/07/14 00:13:10 | 000,000,000 | ---D | M] -- C:\Users\Greg\AppData\Roaming\Western Digital
[2012/07/14 04:57:00 | 000,000,386 | ---- | M] () -- C:\Windows\Tasks\DriverCure.job
[2012/07/13 18:00:00 | 000,000,448 | ---- | M] () -- C:\Windows\Tasks\ParetoLogic Registration.job
[2012/07/13 18:00:00 | 000,000,450 | ---- | M] () -- C:\Windows\Tasks\ParetoLogic Registration3.job
[2012/07/08 06:01:00 | 000,000,422 | ---- | M] () -- C:\Windows\Tasks\ParetoLogic Update Version2.job
[2012/07/13 12:00:00 | 000,000,444 | ---- | M] () -- C:\Windows\Tasks\RegistryPC Scan.job
[2012/07/17 11:01:58 | 000,000,384 | ---- | M] () -- C:\Windows\Tasks\RegistryPC Startup.job
[2012/03/10 23:43:35 | 000,032,586 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



< End of report >




OTL Extras logfile created on: 7/17/2012 11:10:36 AM - Run 1
OTL by OldTimer - Version 3.2.54.0 Folder = C:\Users\Greg\Downloads
Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.00 Gb Total Physical Memory | 1.79 Gb Available Physical Memory | 59.68% Memory free
11.83 Gb Paging File | 10.35 Gb Available in Paging File | 87.46% Paging File free
Paging file location(s): c:\pagefile.sys 9048 15096 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 222.41 Gb Total Space | 149.54 Gb Free Space | 67.24% Space Free | Partition Type: NTFS
Drive D: | 10.47 Gb Total Space | 3.86 Gb Free Space | 36.90% Space Free | Partition Type: NTFS

Computer Name: GREGKNEE-PC | User Name: Greg | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Value error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{04467127-8C9D-4D2C-B798-B1EE4FED86BC}" = lport=139 | protocol=6 | dir=in | app=system |
"{0980D4F5-5BD4-4A52-B5BD-C9940DDE40A2}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | [email protected],-28539 |
"{180E7CA9-EE4F-4A11-8C74-BF7B3C44F36D}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{4879B7BA-5139-4319-A4EB-E648EC16B468}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{4C8F137E-71A9-4C62-82DF-30EBB54EB54A}" = lport=137 | protocol=17 | dir=in | app=system |
"{55AD8FB8-808F-4B18-8640-CE14DB7B3539}" = rport=139 | protocol=6 | dir=out | app=system |
"{63A4FEDF-6F7A-455E-9823-121478FB8029}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{69243D95-D61F-429A-BCEF-962C365257BE}" = rport=445 | protocol=6 | dir=out | app=system |
"{7575C24F-56B3-4DFA-BE2A-2713A4589023}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{ACA66344-5E32-41EC-9515-8FB16433C30F}" = rport=137 | protocol=17 | dir=out | app=system |
"{B79AE861-1311-4105-B37E-D6724678F903}" = lport=138 | protocol=17 | dir=in | app=system |
"{C2EEDD05-138C-4D73-AE0A-A6CBE34EEB40}" = lport=2869 | protocol=6 | dir=in | app=system |
"{D9165C68-4580-4B4D-A12B-484912F8F3F5}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{DA3130B8-A976-4D8C-AC17-DBAD10E0D04F}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{DAC5E869-FA4F-4E24-A090-D49D78CD983F}" = lport=445 | protocol=6 | dir=in | app=system |
"{FDB1C302-CCCB-4403-823F-B5BCF5DCF869}" = rport=138 | protocol=17 | dir=out | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0ED8316B-E468-4312-A061-7BAFCD57E0AA}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{15DBF985-2DE8-435F-87D6-3058B8E6EE31}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe |
"{395878C8-6100-45A4-8FBD-84E86E0F4D77}" = protocol=1 | dir=out | [email protected],-28544 |
"{429B04E9-9337-4A27-B9A9-7F06D3C0783A}" = protocol=6 | dir=in | app=c:\program files\common files\aol\loader\aolload.exe |
"{513AB396-21E9-42E8-9176-70BEE17C5C17}" = protocol=17 | dir=in | app=c:\program files\common files\aol\loader\aolload.exe |
"{68DEE3BF-E056-438D-AFB9-460E80B81128}" = protocol=58 | dir=in | [email protected],-28545 |
"{6DC38162-C439-4A8E-A542-CF1B6224558E}" = protocol=6 | dir=in | app=c:\program files\common files\aol\topspeed\3.0\aoltpsd3.exe |
"{7751E70D-AFD0-4D8D-BC5C-B5A4C10764A8}" = protocol=17 | dir=in | app=c:\program files\aol 9.0a\waol.exe |
"{78C51A14-823D-4B83-A6E9-ED7A8CA5AF46}" = dir=in | app=c:\program files\windows live\contacts\wlcomm.exe |
"{78F2746C-1AF8-4796-AAB2-DB5FBF2104F4}" = protocol=17 | dir=in | app=c:\program files\common files\aol\system information\sinf.exe |
"{BF9E4FAB-EAD4-4027-938E-52E3CFF6922C}" = protocol=58 | dir=out | [email protected],-28546 |
"{C054BBE1-58AE-42CD-B9B2-962177CFC946}" = protocol=17 | dir=in | app=c:\program files\aim\aim.exe |
"{C1675DA9-8D44-48E7-8C61-7C7AF6F08A1C}" = protocol=6 | dir=in | app=c:\program files\aim\aim.exe |
"{E3B3B617-CE43-46BF-AE82-4C4D76697DD7}" = protocol=6 | dir=in | app=c:\program files\aol 9.0a\waol.exe |
"{EBEE8EDF-0ED1-4EA8-B1C5-62301992D006}" = protocol=6 | dir=in | app=c:\program files\common files\aol\system information\sinf.exe |
"{F30CC93A-1DD1-43CC-B918-0CAEF1102C25}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{F39210AB-4330-4653-AF9C-C8B7DF0C269B}" = protocol=1 | dir=in | [email protected],-28543 |
"{F50901EA-AAB9-4F00-BE8E-3B058F055D5C}" = protocol=17 | dir=in | app=c:\program files\common files\aol\topspeed\3.0\aoltpsd3.exe |
"TCP Query User{03FEFA3B-8065-45EA-8CE9-F564BEB109F1}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"TCP Query User{277A6E6E-4240-4583-8B08-C8EBC0CB17AA}C:\program files\real\realplayer\realplay.exe" = protocol=6 | dir=in | app=c:\program files\real\realplayer\realplay.exe |
"UDP Query User{3FCC6115-436B-41A6-8E7A-17156EE40DC1}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{5D016EB4-6FCB-4EF2-B36F-15920CDFCFA3}C:\program files\real\realplayer\realplay.exe" = protocol=17 | dir=in | app=c:\program files\real\realplayer\realplay.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00203668-8170-44A0-BE44-B632FA4D780F}" = Adobe AIR
"{06A9E630-DBA6-4D92-9DE7-A235AA6496C7}" = QuickBooks
"{0700E22B-A436-40A5-BD20-04BF618CA0F9}" = QuickBooks Premier: Mfg and Whsle Edition 2010
"{07D8511D-C9FE-4A93-933F-EAA5C8F20095}" = IDT Audio
"{0A55CDBB-0566-4AA2-A15B-24C7F27C6FF4}" = BPD_Scan
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{1746EA69-DCB6-4408-B5A5-E75F55439CDF}" = Scan
"{179C56A4-F57F-4561-8BBF-F911D26EB435}" = WebReg
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1A6EAEE5-C909-F447-5C5B-3B1B197C6A8C}" = Catalyst Control Center Graphics Previews Vista
"{1D77040D-BFC7-650E-FBBB-1D0A4B385E94}" = ccc-utility
"{1E0D8F69-A6AB-4934-9B2D-159D9F97BA4A}" = ParetoLogic DriverCure
"{1EB321CB-3D1D-4cf2-ACB5-9F20874B8E69}" = HP Officejet Pro All-In-One Series
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{22461A1C-BD68-4D90-9897-1DB146D55ECB}" = LogMeIn
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{232DB76D-4751-41A9-9EC2-CDC0DAC1FAB6}" = WD SmartWare
"{247C5DDA-FFD7-44E0-8BF7-79BC80A0BF87}" = Windows Live Family Safety
"{2614F54E-A828-49FA-93BA-45A3F756BFAA}" = 32 Bit HP CIO Components Installer
"{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java™ 6 Update 31
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{2A3FC24C-6EC0-4519-A52B-FDA4EA9B2D24}" = Windows Live Messenger
"{2CBB71EE-A4DD-4B4D-A635-608D8D1E6F81}" = Driver Tool
"{2D6E3D97-1FDF-4993-AC75-72F59EC445C5}" = Windows Live Family Safety
"{3248F0A8-6813-11D6-A77B-00B0D0160010}" = Java™ SE Runtime Environment 6 Update 1
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{388E4B09-3E71-4649-8921-F44A3A2954A7}" = Microsoft Visual Studio 2005 Tools for Office Runtime
"{38E71FCB-F49D-8128-3806-0B97A8198B95}" = Catalyst Control Center Localization German
"{39098402-3F7A-4257-A4AE-FC1181D1B40B}" = Camera Assistant Software for Gateway
"{3A21B551-3467-893C-0C1D-340567809988}" = Catalyst Control Center Localization Portuguese
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go 5.0
"{44CDBD1B-89FB-4E02-8319-2A4C550F664A}" = RTC Client API v1.2
"{49F2B650-2D7B-4F59-B33D-346F63776BD3}" = DocProc
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{553C904F-57A2-4113-888E-BA0C3D1C69C0}" = Microsoft VC9 runtime libraries
"{5552F046-F179-D124-6899-2ACF2DD01708}" = CCC Help English
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{59A4DCB3-3D18-5EDB-9F18-410187E7F0EE}" = Catalyst Control Center Core Implementation
"{5EEA34A3-4CE2-5767-8C60-F511C776F2CA}" = CCC Help Portuguese
"{5F00DF7E-418B-4CD9-8EC5-781156BCC49E}" = Microsoft Money Shared Libraries
"{6530D906-1436-6056-AD8E-E1DBCFEB6155}" = CCC Help Japanese
"{670E5793-35A5-498B-8A9F-660D902F75AB}" = SIM2WIN
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6D52C408-B09A-4520-9B18-475B81D393F1}" = Microsoft Works
"{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{71B01FBE-16AF-CE28-941C-D4167EB8B1E5}" = Catalyst Control Center Localization Japanese
"{7306769C-EBC9-53CB-0D27-C349CFEAC0AC}" = Catalyst Control Center Graphics Full New
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{77DCDCE3-2DED-62F3-8154-05E745472D07}" = Acrobat.com
"{7A7DC702-DEDE-42A8-8722-B3BA724D546F}" = Fax
"{7F3BCF8A-8E02-4659-AF25-F9AB66BD6718}" = Gateway Recovery Center Installer
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{868EA922-5675-4E91-BDA6-BBD0F923C5EF}" = HP Officejet Pro All-In-One Series
"{87E2B986-07E8-477a-93DC-AF0B6758B192}" = DocProcQFolder
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8169 PCI, 8168 and 8101E PCIe Ethernet Network Card Driver for Windows Vista
"{8879091A-910E-A831-E833-0B18C4066AE4}" = Catalyst Control Center Localization Chinese Standard
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8F968232-15C6-4872-84C2-9FCDAA1AEAB6}" = MPM
"{90110409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{90280409-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Professional with FrontPage
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{911995E9-58CF-38E5-6CFA-13258E974759}" = CCC Help German
"{91490409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office 2003 Primary Interop Assemblies
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95D08F4E-DFC2-4ce3-ACB7-8C8E206217E9}" = MarketResearch
"{978C25EE-5777-46e4-8988-732C297CBDBD}" = Status
"{993D343F-0EA9-D71E-5AA8-0A8595D344FC}" = Catalyst Control Center Graphics Light
"{9B1FD9CE-0776-4f0b-A6F5-C6AB7B650CDF}" = Destinations
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9DB74AB0-6E7F-CC0D-652E-D2A3283B429B}" = Catalyst Control Center Localization Italian
"{A495D4DC-4036-4914-9CB2-0FCF6A3166EF}" = L7500
"{A57C6094-FC5A-4DEC-B1E0-1B2F48EEE8F4}" = Spare Backup
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A7A1E29F-FD57-3B55-CB16-FAF0DBAD66C8}" = Skins
"{a9264802-8a7a-40fe-a135-5c6d204aed7a}.sdb" = Internet Explorer (Enable DEP)
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9A64EF2-CCD2-8F40-E442-DBCB74AC4EE6}" = Catalyst Control Center Graphics Previews Common
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.3)
"{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9
"{ACF14B6A-590E-C9D5-E2D6-8FA2E8BAB592}" = ccc-core-static
"{AF844339-2F8A-4593-81B3-9F4C54038C4E}" = Windows Live MIME IFilter
"{B0069CFA-5BB9-4C03-B1C6-89CE290E5AFE}" = HP Update
"{B10914FD-8812-47A4-85A1-50FCDE7F1F33}" = Windows Live Sync
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Toolbars
"{BE77A81F-B315-4666-9BF3-AE70C0ADB057}" = BufferChm
"{C15CE7CC-1180-815E-E91B-BD9D902637A3}" = CCC Help Chinese Standard
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"{C6117071-D9E7-4356-A3D4-F78CD88A412B}" = Catalyst Control Center Graphics Full Existing
"{C6150D8A-86ED-41D3-87BB-F3BB51B0B77F}" = Windows Live ID Sign-in Assistant
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{C716522C-3731-4667-8579-40B098294500}" = Toolbox
"{C945AD7E-4D9C-2609-E868-B728B8DB1EFD}" = CCC Help Spanish
"{CDAE43A3-A444-5E4F-2845-0DB926CF9DD0}" = ATI Catalyst Install Manager
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{CF097717-F174-4144-954A-FBC4BF301033}" = Nero 7 Ultra Edition
"{CFF8B8E8-E086-4DE0-935F-FE22CAB54F80}" = Microsoft Search Enhancement Pack
"{D421082D-A1C6-22A5-A2E3-177D19F825A6}" = CCC Help Italian
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D6F879CC-59D6-4D4B-AE9B-D761E48D25ED}" = Skype™ 5.3
"{D73BC600-522F-2FD2-1640-8EFED8D7E373}" = Catalyst Control Center Localization Spanish
"{DC24971E-1946-445D-8A82-CE685433FA7D}" = Realtek USB 2.0 Card Reader
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DEB9AEF7-3ADA-40a9-9C98-546D54FE9CBD}" = ProductContext
"{E06F04B9-45E6-4AC0-8083-85F7515F40F7}" = UnloadSupport
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{E62A1F01-07B7-4541-A835-EE5B0BF064C2}" = Microsoft Antimalware
"{EB21A812-671B-4D08-B974-2A347F0D8F70}" = HP Photosmart Essential
"{EB75DE50-5754-4F6F-875D-126EDF8E4CB3}" = HPSSupply
"{ECAD4F6A-0BF3-4028-9C81-E5D9F9606CBA}" = BPDSoftware
"{EE5EEDAF-F932-462B-A2CB-EEBDF819D5F5}" = Gateway Connect
"{EF0A915C-3C3F-A231-01D8-A32BD4CBE2FF}" = Catalyst Control Center Localization French
"{EF98A02A-1748-4762-9B7D-5ED1600520D5}" = Microsoft Security Essentials
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F3CA9611-CD42-4562-ADAB-A554CF8E17F1}" = Microsoft WSE 2.0 SP3 Runtime
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F4F4F84E-804F-4E9A-84D7-C34283F0088F}" = RealUpgrade 1.0
"{F5B57263-38FA-CE76-383E-1B302B6D5FE1}" = CCC Help French
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FF075778-6E50-47ed-991D-3B07FD4E3250}" = TrayApp
"7-Zip" = 7-Zip 9.20
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Agere Systems Soft Modem" = Agere Systems HDA Modem
"AIM Toolbar" = AOL Messaging Toolbar
"AIM_7" = AIM 7
"AOL Instant Messenger" = AOL Instant Messenger
"AOL Uninstaller" = AOL Uninstaller (Choose which Products to Remove)
"AT&T Yahoo! Browser Configuration" = AT&T Yahoo! Browser Configuration
"ATT-RC" = ATT-RC Self Support Tool
"avast" = avast! Free Antivirus
"CCleaner" = CCleaner
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"Gateway Game Console" = Gateway Game Console
"Google Desktop" = Google Desktop
"GoToAssist" = GoToAssist Corporate
"HP Imaging Device Functions" = HP Imaging Device Functions 8.0
"HPExtendedCapabilities" = HP Customer Participation Program 8.0
"HPOCR" = HP OCR Software 8.0
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft Security Essentials" = Microsoft Security Essentials
"Microsoft Visual Studio 2005 Tools for Office Runtime" = Microsoft Visual Studio 2005 Tools for Office Runtime
"Money2007b" = Microsoft Money Essentials
"MyWebExPC" = QuickBooks Remote Access
"RealPlayer 15.0" = RealPlayer
"Revo Uninstaller" = Revo Uninstaller 1.85
"SIM2WIN" = SIM2WIN
"SoftwareUpdUtility" = Download Updater (AOL LLC)
"Speccy" = Speccy
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"ViewpointMediaPlayer" = Viewpoint Media Player
"vol_toolbar" = Verizon Broadband Toolbar
"WinLiveSuite" = Windows Live Essentials
"WT023233" = Virtual Villagers - A New Home
"WT023950" = Polar Bowler
"WT023956" = Polar Golfer
"WT024398" = Tradewinds
"YInstHelper" = Yahoo! Install Manager

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"AOL Messaging Toolbar" = AOL Messaging Toolbar

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 7/23/2011 10:40:02 PM | Computer Name = gregknee-PC | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "C:\Windows\system32\conhost.exe".
Dependent
Assembly Microsoft.Windows.SystemCompatible,processorArchitecture="x86",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.7600.16823"
could not be found. Please use sxstrace.exe for detailed diagnosis.

Error - 7/23/2011 10:40:02 PM | Computer Name = gregknee-PC | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "C:\Windows\system32\conhost.exe".
Dependent
Assembly Microsoft.Windows.SystemCompatible,processorArchitecture="x86",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.7600.16823"
could not be found. Please use sxstrace.exe for detailed diagnosis.

Error - 7/23/2011 10:40:04 PM | Computer Name = gregknee-PC | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "C:\Windows\system32\conhost.exe".
Dependent
Assembly Microsoft.Windows.SystemCompatible,processorArchitecture="x86",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.7600.16823"
could not be found. Please use sxstrace.exe for detailed diagnosis.

Error - 7/23/2011 10:40:05 PM | Computer Name = gregknee-PC | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "C:\Windows\system32\conhost.exe".
Dependent
Assembly Microsoft.Windows.SystemCompatible,processorArchitecture="x86",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.7600.16823"
could not be found. Please use sxstrace.exe for detailed diagnosis.

Error - 7/24/2011 2:00:52 AM | Computer Name = gregknee-PC | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "C:\Windows\system32\conhost.exe".
Dependent
Assembly Microsoft.Windows.SystemCompatible,processorArchitecture="x86",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.7600.16823"
could not be found. Please use sxstrace.exe for detailed diagnosis.

Error - 7/24/2011 2:00:52 AM | Computer Name = gregknee-PC | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "C:\Windows\system32\conhost.exe".
Dependent
Assembly Microsoft.Windows.SystemCompatible,processorArchitecture="x86",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.7600.16823"
could not be found. Please use sxstrace.exe for detailed diagnosis.

Error - 7/24/2011 2:05:51 AM | Computer Name = gregknee-PC | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "C:\Windows\system32\conhost.exe".
Dependent
Assembly Microsoft.Windows.SystemCompatible,processorArchitecture="x86",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.7600.16823"
could not be found. Please use sxstrace.exe for detailed diagnosis.

Error - 7/24/2011 3:45:55 AM | Computer Name = gregknee-PC | Source = SideBySide | ID = 16842811
Description = Activation context generation failed for "c:\program files\microsoft\search
enhancement pack\search box extension\SrchBxEx.dll".Error in manifest or policy
file "c:\program files\microsoft\search enhancement pack\search box extension\SrchBxEx.dll"
on line 2. Invalid Xml syntax.

Error - 7/24/2011 4:00:00 AM | Computer Name = gregknee-PC | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "C:\Windows\system32\conhost.exe".
Dependent
Assembly Microsoft.Windows.SystemCompatible,processorArchitecture="x86",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.7600.16823"
could not be found. Please use sxstrace.exe for detailed diagnosis.

Error - 7/24/2011 4:00:01 AM | Computer Name = gregknee-PC | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "C:\Windows\system32\conhost.exe".
Dependent
Assembly Microsoft.Windows.SystemCompatible,processorArchitecture="x86",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.7600.16823"
could not be found. Please use sxstrace.exe for detailed diagnosis.

Error - 7/24/2011 5:04:50 AM | Computer Name = gregknee-PC | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "C:\Windows\system32\conhost.exe".
Dependent
Assembly Microsoft.Windows.SystemCompatible,processorArchitecture="x86",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.7600.16823"
could not be found. Please use sxstrace.exe for detailed diagnosis.

Error - 7/24/2011 5:04:50 AM | Computer Name = gregknee-PC | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "C:\Windows\system32\conhost.exe".
Dependent
Assembly Microsoft.Windows.SystemCompatible,processorArchitecture="x86",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.7600.16823"
could not be found. Please use sxstrace.exe for detailed diagnosis.

Error - 7/24/2011 5:30:01 AM | Computer Name = gregknee-PC | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "C:\Windows\system32\conhost.exe".
Dependent
Assembly Microsoft.Windows.SystemCompatible,processorArchitecture="x86",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.7600.16823"
could not be found. Please use sxstrace.exe for detailed diagnosis.

Error - 7/24/2011 1:49:41 PM | Computer Name = gregknee-PC | Source = Microsoft-Windows-RestartManager | ID = 10006
Description = Application or service 'Windows Live Messenger' could not be shut
down.

Error - 7/24/2011 1:50:51 PM | Computer Name = gregknee-PC | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "C:\Windows\system32\conhost.exe".
Dependent
Assembly Microsoft.Windows.SystemCompatible,processorArchitecture="x86",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.7600.16823"
could not be found. Please use sxstrace.exe for detailed diagnosis.

Error - 7/24/2011 1:50:51 PM | Computer Name = gregknee-PC | Source = MsiInstaller | ID = 11722
Description =

Error - 7/24/2011 1:51:03 PM | Computer Name = gregknee-PC | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "C:\Windows\system32\conhost.exe".
Dependent
Assembly Microsoft.Windows.SystemCompatible,processorArchitecture="x86",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.7600.16823"
could not be found. Please use sxstrace.exe for detailed diagnosis.

Error - 7/24/2011 2:02:29 PM | Computer Name = gregknee-PC | Source = Microsoft-Windows-RestartManager | ID = 10006
Description = Application or service 'Bing Bar' could not be shut down.

Error - 7/24/2011 2:02:29 PM | Computer Name = gregknee-PC | Source = Microsoft-Windows-RestartManager | ID = 10006
Description = Application or service 'Internet Explorer' could not be shut down.

[ Media Center Events ]
Error - 1/26/2010 12:44:49 AM | Computer Name = gregknee-PC | Source = Media Center Guide | ID = 0
Description = Event Info: ERROR: SqmApiWrapper.TimerRecord failed; Win32 GetLastError
returned 10000105 Process: DefaultDomain Object Name: Media Center Guide

Error - 1/26/2010 2:41:17 AM | Computer Name = gregknee-PC | Source = Media Center Guide | ID = 0
Description = Event Info: ERROR: SqmApiWrapper.TimerRecord failed; Win32 GetLastError
returned 10000105 Process: DefaultDomain Object Name: Media Center Guide

Error - 1/26/2010 11:15:12 AM | Computer Name = gregknee-PC | Source = Media Center Guide | ID = 0
Description = Event Info: ERROR: SqmApiWrapper.TimerRecord failed; Win32 GetLastError
returned 10000105 Process: DefaultDomain Object Name: Media Center Guide

Error - 1/28/2010 11:15:33 AM | Computer Name = gregknee-PC | Source = Media Center Guide | ID = 0
Description = Event Info: ERROR: SqmApiWrapper.TimerRecord failed; Win32 GetLastError
returned 10000105 Process: DefaultDomain Object Name: Media Center Guide

Error - 1/30/2010 4:33:33 PM | Computer Name = gregknee-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.

Error - 2/1/2010 7:54:53 PM | Computer Name = gregknee-PC | Source = Media Center Guide | ID = 0
Description = Event Info: ERROR: SqmApiWrapper.TimerRecord failed; Win32 GetLastError
returned 10000105 Process: DefaultDomain Object Name: Media Center Guide

Error - 2/8/2010 7:30:26 PM | Computer Name = gregknee-PC | Source = Media Center Guide | ID = 0
Description = Event Info: ERROR: SqmApiWrapper.TimerRecord failed; Win32 GetLastError
returned 10000105 Process: DefaultDomain Object Name: Media Center Guide

Error - 4/9/2010 9:01:39 PM | Computer Name = gregknee-PC | Source = Media Center Guide | ID = 0
Description = Event Info: ERROR: SqmApiWrapper.TimerRecord failed; Win32 GetLastError
returned 10000105 Process: DefaultDomain Object Name: Media Center Guide

Error - 4/13/2010 10:17:12 AM | Computer Name = gregknee-PC | Source = Media Center Guide | ID = 0
Description = Event Info: ERROR: SqmApiWrapper.TimerRecord failed; Win32 GetLastError
returned 10000105 Process: DefaultDomain Object Name: Media Center Guide

Error - 6/28/2010 10:47:50 AM | Computer Name = gregknee-PC | Source = Media Center Guide | ID = 0
Description = Event Info: ERROR: SqmApiWrapper.TimerRecord failed; Win32 GetLastError
returned 10000105 Process: DefaultDomain Object Name: Media Center Guide

[ System Events ]
Error - 7/17/2012 1:04:49 PM | Computer Name = gregknee-PC | Source = EventLog | ID = 6008
Description = The previous system shutdown at 10:02:48 AM on ?7/?17/?2012 was unexpected.

Error - 7/17/2012 1:04:57 PM | Computer Name = gregknee-PC | Source = Microsoft Antimalware | ID = 3002
Description = %%861 Real-Time Protection feature has encountered an error and failed.

Feature:
%%835 Error Code: 0x80004005 Error description: Unspecified error Reason: %%842

Error - 7/17/2012 1:10:50 PM | Computer Name = gregknee-PC | Source = Microsoft Antimalware | ID = 3002
Description = %%861 Real-Time Protection feature has encountered an error and failed.

Feature:
%%834 Error Code: 0x80004005 Error description: Unspecified error Reason: %%838

Error - 7/17/2012 1:10:50 PM | Computer Name = gregknee-PC | Source = Microsoft Antimalware | ID = 3002
Description = %%861 Real-Time Protection feature has encountered an error and failed.

Feature:
%%835 Error Code: 0x80004005 Error description: Unspecified error Reason: %%838

Error - 7/17/2012 1:11:30 PM | Computer Name = gregknee-PC | Source = Microsoft Antimalware | ID = 3002
Description = %%861 Real-Time Protection feature has encountered an error and failed.

Feature:
%%835 Error Code: 0x80004005 Error description: Unspecified error Reason: %%839

Error - 7/17/2012 1:32:28 PM | Computer Name = gregknee-PC | Source = DCOM | ID = 10010
Description =

Error - 7/17/2012 2:00:53 PM | Computer Name = gregknee-PC | Source = Microsoft Antimalware | ID = 3002
Description = %%861 Real-Time Protection feature has encountered an error and failed.

Feature:
%%835 Error Code: 0x80004005 Error description: Unspecified error Reason: %%842

Error - 7/17/2012 2:01:33 PM | Computer Name = gregknee-PC | Source = Service Control Manager | ID = 7009
Description = A timeout was reached (30000 milliseconds) while waiting for the QBCFMonitorService
service to connect.

Error - 7/17/2012 2:02:45 PM | Computer Name = gregknee-PC | Source = Service Control Manager | ID = 7024
Description = The Windows Search service terminated with service-specific error
%%-1073473535.

Error - 7/17/2012 2:02:45 PM | Computer Name = gregknee-PC | Source = Service Control Manager | ID = 7031
Description = The Windows Search service terminated unexpectedly. It has done this
1 time(s). The following corrective action will be taken in 30000 milliseconds:
Restart the service.


< End of report >

Edited by Misterd1629, 17 July 2012 - 12:58 PM.

  • 0

Advertisements







Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP